Table of Contents

Contents
System Requirements

Memory Requirements
Hardware Supported
Determining the Version of Your Software Release
Upgrading to a New Software Release
Feature Set Tables

New and Changed Information

No New Software Features in Release 11.3(5)T through 11.3(11)T
New Software Features in Release 11.3(4)T

IP Type of Service and Precedence for GRE Tunnels

New Software Features in Release 11.3(3)T

Additional Vendor-Proprietary RADIUS Attributes
Always On/Dynamic ISDN (AO/DI)
Microsoft Point-to-Point Compression
Named Method Lists for AAA
NFAS with D Channel Back Up
VPDN MIB and Syslog Facility

New Software Features in Release 11.3(2)T

PIM Version 2
Dialer Watch
MS Callback

New Software Features in Release 11.3(1)T

IP ROUTING:
Easy IP (Phase 1)
Hot Standby Router Protocol over ISL in Virtual LAN Configurations
IP Enhanced IGRP Route Authentication
Selective Packet Discard (SPD)
LAN SUPPORT:
AppleTalk Access List Enhancements
IPX Named Access Lists
IPX SAP-after-RIP
NLSP Enhancements
NLSP Multicast Support
MANAGEMENT:
Cisco Call History MIB Command-Line Interface
Cisco IOS Internationalization
Entity MIB, Phase 1
SNMPv2C
Virtual Profiles
MULTIMEDIA:
IP Multicast Load Splitting Across Equal-Cost Paths
IP Multicast over Token Ring LANs
Stub IP Multicast Routing
QUALITY OF SERVICE:
RTP Header Compression
SECURITY:
Double Authentication
Encrypted Kerberized Telnet
HTTP Security
Per-User Configuration
TCP Intercept
Vendor-Proprietary RADIUS Attributes
SWITCHING:
Fast-Switched Policy Routing
TERMINAL SERVICES:
Virtual Interface Template Service
Virtual Templates for Protocol Translation
WAN OPTIMIZATION:
PAD Enhancements
PAD Subaddressing
WAN SERVICES:
Bandwidth Allocation Control Protocol
Enhanced Local Management Interface
Frame Relay Enhancements
Frame Relay MIB Extensions
Frame Relay Router ForeSight
ISDN Advice of Charge
ISDN Caller ID Callback
ISDN NFAS
LANE Per-subinterface Debug Messages
Layer 2 Forwarding--Fast Switching
Leased-Line ISDN at 128 kbps
Multilink PPP Interleaving and Fair-Queuing Support
Telnet Extensions for Dialout
VPDN Tunnel Lookup Based on Dialed Number Information
X.25 Enhancements
X.25 Over ISDN
X.25 Switching Between PVCs and SVCs
X.28 Emulation

Installation Notes
Important Notes

Image Deferral, Cisco IOS Release 11.3(8)T
Release 11.3(4)T1
Removed Bridging Command
Missing Source-Route Bridging Commands
New TACACS+ Attribute-Value (AV) Pair

Caveats
Related Documentation

Release-Specific Documents
Platform-Specific Documents
Feature Modules
Cisco IOS Software Documentation Set

Documentation Modules
Release 11.3 Documentation Set

Service and Support

Software Configuration Tips on the Cisco Technical Assistance Center Home Page

Cisco Connection Online
Documentation CD-ROM

Release Notes for the
Cisco 1000 Series Routers
for Cisco IOS Release 11.3 T

July 26, 1999

These release notes for Cisco 1000 series support Cisco IOS Release 11.3 T, up to and including Release11.3(11)T. These release notes are updated as needed to describe new features, memory requirements, hardware support, software platform deferrals, and changes to the microcode or modem code and related documents.

For a list of the software caveats that apply to Release 11.3(11)T, see the Caveats for Cisco IOS Release 11.3 T document that accompanies these release notes. The caveats document is updated for every maintenance release and is located on Cisco Connection Online (CCO) and the Documentation CD-ROM.

Use these release notes with the Cross-Platform Release Notes for Cisco IOS Release 11.3 T document on CCO and the Documentation CD-ROM.

Contents

These release notes discuss the following topics:

• System Requirements

• New and Changed Information

• Installation Notes

• Important Notes

• Caveats

• Related Documentation

• Service and Support

• Cisco Connection Online

• Documentation CD-ROM

System Requirements

This section describes the system requirements for Release 11.3 T:

• Memory Requirements

• Hardware Supported

• Determining the Version of Your Software Release

• Upgrading to a New Software Release

• Feature Set Tables

Memory Requirements

For Cisco routers to take advantage of the Release 11.3 features, you must upgrade the code or main system memory. Some platforms have specific chip or architecture requirements that affect what can be upgraded and in what increments.

Table 1: Memory Requirements for the Cisco 1000 Series

Platforms	Feature Set1	Image Name	Software Image	Flash Memory Required2	DRAM Memory Required	Runs from
Cisco 1003 and Cisco 1004	IP Feature Set	IP	c1000-y-mz	2 MB Flash	8 MB DRAM	RAM
		IP/IPX	c1000-ny-mz	2 MB Flash	8 MB DRAM	RAM
		IP/IPX/AT	c1000-bny-mz	4 MB Flash	8 MB DRAM	RAM
		IP/IPX/AT Plus	c1000-bnsy-mz	4 MB Flash	8 MB DRAM	RAM
		IP/IPX/AT Plus 403	c1000-bnsy40-mz	4 MB Flash	8 MB DRAM	RAM
		IP/IPX/AT Plus 563	c1000-bnsy56-mz4	4 MB Flash	8 MB DRAM	RAM
Cisco 1005	IP Feature Set	IP	c1005-y-mz	25 MB Flash	8 MB DRAM	RAM
		IP/IPX	c1005-ny-mz	25 MB Flash	8 MB DRAM	RAM
		IP/IPX/AT	c1005-bny-mz	2 MB Flash	8 MB DRAM	RAM
		IP/IPX/AT Plus	c1005-bnsy-mz	4 MB Flash	8 MB DRAM	RAM
		IP/IPX/AT Plus 403	c1005-bnsy40-mz	4 MB Flash	8 MB DRAM	RAM
		IP/IPX/AT Plus 563	c1005-bnsy56-mz4	4 MB Flash	8 MB DRAM	RAM
		IP/Async	c1005-qy-mz	2 MB Flash	8 MB DRAM	RAM
		IP/IPX/Async	c1005-nqy-mz	2 MB Flash	8 MB DRAM	RAM
		IP/OSPF/PIM	c1005-y2-mz	2 MB Flash	8 MB DRAM	RAM

1If you need to upgrade the main memory for your Cisco 1000 series router, be sure to order the upgrade specific to your router. 2Flash memory is optional. 3This image is not available in Releases 11.3(1)T and 11.3(2)T. It is only available in Release 11.3(3)T and later. 4This image is not factory-configurable, and can be ordered separately as a spare. 16 MB DRAM memory required for this configuration is also not factory-configurable, and can be ordered separately as a spare. 54 MB in Release 11.3(10)T and earlier releases.

Hardware Supported

Cisco IOS Release 11.3 T supports the Cisco 1000 series:

• Cisco 1003 and Cisco 1004 ISDN routers

• Cisco 1005 serial router

For detailed descriptions of the new hardware features, see the "New and Changed Information" section

Table 1: Supported Interfaces for the Cisco 1000 Series

Interface, Network Module, or Data Rate	Product Description	Platforms Supported
LAN Interfaces	Ethernet (10BaseT)	Cisco 1000 series
WAN Data Rates	56/64/128 kbps	Cisco 1000 series
	1.544/2.048 Mbps	Cisco 1005 only
WAN Interfaces and Network Modules1	EIA/TIA-232	Cisco 1005 only
	EIA/TIA-449	Cisco 1005 only
	EIA-530	Cisco 1005 only
	X.21	Cisco 1005 only
	V.35	Cisco 1005 only
	ISDN BRI	Cisco 1003 and Cisco 1004 only

1The ATM-25 network modules require Cisco IOS Plus feature sets.

Determining the Version of Your Software Release

To determine the version of Cisco IOS software running on your Cisco 1000 series router, log in to the router, and enter the show version user EXEC command:

router> show version
Cisco Internetwork Operating System Software 
IOS (tm) 1000 Software (C1000-BNSY-M), Version 11.3(11)T, RELEASE SOFTWARE

Upgrading to a New Software Release

For information about upgrading to a new software release, see the product bulletin Cisco IOS Software Release 11.3 Upgrade Paths and Packaging Simplification on CCO at:

Service & Support: Product Bulletins: Software

Under Cisco IOS 11.3, click Cisco IOS Software Release 11.3 Upgrade Paths (#703: 12/97)

This product bulletin does not contain information specific to Cisco IOS Release 11.3 T but provides generic upgrade information that may apply to Cisco IOS Release 11.3 T.

Feature Set Tables

The Cisco IOS software is packaged in feature sets consisting of software images--depending on the platform. Each feature set contains a specific set of Cisco IOS features.

Release 11.3 T supports the same feature sets as Release 11.3, but Release 11.3 T can include new features supported by the Cisco 1000 series.

Table 2: Feature Sets Supported by the Cisco 1000 Series

Feature Set1	Image Name	Feature Set Matrix Terms	Software Images	Platforms
IP Feature Set	IP	Basic2	c1000-y-mz c1005-y-mz	Cisco 1003 and 1004 Cisco 1005
	IP/IPX/AT Plus	Plus3	c1000-bnsy-mz c1005-bnsy-mz	Cisco 1003 and 1004 Cisco 1005
	IP/IPX/AT Plus 404	Plus 405	c1000-bnsy40-mz c1005-bnsy40-mz	Cisco 1003 and 1004 Cisco 1005
	IP/IPX/AT Plus 564	Plus 566	c1000-bnsy56-mz c1005-bnsy56-mz7	Cisco 1003 and 1004 Cisco 1005
	IP/IPX	Basic	c1000-ny-mz c1005-ny-mz	Cisco 1003 and 1004 Cisco 1005
	IP/IPX/AT	Basic	c1000-bny-mz c1005-bny-mz	Cisco 1003 and 1004 Cisco 1005
	IP/IPX/Asynch	Basic	c1005-nqy-mz	Cisco 1005 only
	IP/Asynch	Basic	c1005-qy-mz	Cisco 1005 only
	IP/OSPF/PIM	Basic	c1005-y2-mz	Cisco 1005 only

1If you need to upgrade the main memory for your Cisco 1000 series router, be sure to order the upgrade specific to your router. 2This feature set is offered in the basic feature set. 3This feature set is offered in the Plus feature set. 4This image is not available in Releases 11.3(1)T and 11.3(2)T. It is available in Release 11.3(3)T and later 11.3 T releases. 5This feature set is offered in the encryption feature sets, which consist of 40-bit (Plus 40) data encryption feature sets. 6This feature set is offered in the encryption feature sets, which consist of 56-bit (Plus 56) data encryption feature sets. 7This image is not factory-configurable, and can be ordered separately as a spare. 16 MB DRAM memory required for this configuration is also not factory-configurable, and can be ordered separately as a spare.

Caution Cisco IOS images with strong encryption (including, but not limited to, 56-bit data encryption feature sets) are subject to United States government export controls and limited distribution. Images to be installed outside the United States require an export license. Customer orders may be denied or subject to delay because of United States government regulations. Contact your sales representative or distributor for more information, or send an e-mail to export@cisco.com.

Table 3 lists the features and feature sets supported by the Cisco 1003 and Cisco 1004 in Cisco IOS Release 11.3 T, and Table 4 lists the features and feature sets supported by the Cisco 1005 in Cisco IOS Release 11.3 T. Both use the following conventions:

• Yes--The feature is supported in the software image.

• No--The feature is not supported in the software image.

Table 3: Feature List by Feature Set for the Cisco 1003 and Cisco 1004 ISDN Routers

	Feature Set
Feature	IP	IP/IPX	IP/IPX/AT	IP/IPX/ATPlus	IP/IPX/ATPlus 40	IP/IPX/ATPlus 56
Internet
DRP Server Agent	No	No	No	No	No	No
IP Routing
Easy IP (Phase 1)	Yes	Yes	Yes	Yes	Yes	Yes
Hot Standby Router Protocol (HSRP) over ISL in Virtual LAN Configurations	No	No	No	No	No	No
IP Enhanced IGRP Route Authentication	Yes	Yes	Yes	Yes	Yes	Yes
IP Type of Service and Precedence for GRE Tunnels	Yes	Yes	Yes	Yes	Yes	Yes
TCP Enhancements, includes: TCP Selective Acknowledgment TCP Timestamp	Yes	Yes	Yes	Yes	Yes	Yes
LAN Support
AppleTalk Access List Enhancements	No	No	No	Yes	Yes	Yes
DECnet Accounting	No	No	No	No	No	No
IPX Named Access Lists	No	Yes	Yes	Yes	Yes	Yes
IPX SAP-after-RIP	No	Yes	Yes	Yes	Yes	Yes
NLSP Enhancements	No	No	No	Yes	Yes	Yes
NLSP Multicast Support	No	No	No	Yes	Yes	Yes
Management
Cisco Call History MIB Command Line Interface	Yes	Yes	Yes	Yes	Yes	Yes
Cisco IOS Internationalization	Yes	Yes	Yes	Yes	Yes	Yes
Entity MIB, Phase 1	Yes	Yes	Yes	Yes	Yes	Yes
SNMPv2C	Yes	Yes	Yes	Yes	Yes	Yes
Virtual Profiles	Yes	Yes	Yes	Yes	Yes	Yes
VPDN MIB and Syslog Facility	No	No	No	Yes	Yes	Yes
Multimedia
IP Multicast Load Splitting across Equal-Cost Paths	No	No	No	Yes	Yes	Yes
IP Multicast over ATM Point-to-Multipoint Virtual Connections	No	No	No	No	No	No
IP Multicast over Token Ring LANs	No	No	No	No	No	No
PIM Version 2	No	No	No	Yes	Yes	Yes
Stub IP Multicast Routing	No	No	No	Yes	Yes	Yes
Quality of Service
RTP Header Compression	Yes	Yes	Yes	Yes	Yes	Yes
Security
Additional Vendor-Proprietary RADIUS Attributes	No	No	No	Yes	Yes	Yes
Double Authentication	Yes	Yes	Yes	Yes	Yes	Yes
Encrypted Kerberized Telnet	No	No	No	No	No	No
HTTP Security	Yes	Yes	Yes	Yes	Yes	Yes
Named Method Lists for AAA Authentication & Accounting	Yes	Yes	Yes	Yes	Yes	Yes
Per-User Configuration	Yes	Yes	Yes	Yes	Yes	Yes
Reflexive Access Lists	No	No	No	No	No	No
TCP Intercept	No	No	No	No	No	No
Vendor-Proprietary RADIUS Attributes	No	No	No	No	No	No
Switching
AppleTalk Routing over ISL and IEEE 802.10 in Virtual LANs	No	No	No	No	No	No
CLNS and DECnet Fast Switching over PPP	No	No	No	No	No	No
DECnet/VINES/XNS over ISL, includes: Banyan VINES Routing over ISL Virtual LANs DECnet Routing over ISL Virtual LANs XNS Routing over ISL Virtual LANs	No	No	No	No	No	No
Fast-Switched Policy Routing	Yes	Yes	Yes	Yes	Yes	Yes
IPX Routing over ISL Virtual LANs	No	No	No	No	No	No
VIP Distributed Switching Support for IP Encapsulated in ISL	No	No	No	No	No	No
Terminal Services
Virtual Templates for Protocol Translation	No	No	No	No	No	No
WAN Optimization
ATM MIB Enhancements	No	No	No	No	No	No
PAD Enhancements	No	No	No	No	No	No
PAD Subaddressing	Yes	Yes	Yes	Yes	Yes	Yes
WAN Services
Always On/Dynamic ISDN (AO/DI)	Yes	Yes	Yes	Yes	Yes	Yes
Bandwidth Allocation Control Protocol	Yes	Yes	Yes	Yes	Yes	Yes
Dialer Watch	Yes	Yes	Yes	Yes	Yes	Yes
Enhanced Local Management Interface (ELMI)	No	No	No	No	No	No
Frame Relay	Yes	Yes	Yes	Yes	Yes	Yes
Frame Relay Enhancements	Yes	Yes	Yes	Yes	Yes	Yes
Frame Relay MIB Extensions	Yes	Yes	Yes	Yes	Yes	Yes
Frame Relay Router ForeSight	Yes	Yes	Yes	Yes	Yes	Yes
ISDN Advice of Charge	Yes	Yes	Yes	Yes	Yes	Yes
ISDN Caller ID Callback	Yes	Yes	Yes	Yes	Yes	Yes
ISDN NFAS	No	No	No	No	No	No
Layer 2 Forwarding--Fast Switching	No	No	No	Yes	Yes	Yes
Leased Line ISDN at 128 kbps	Yes	Yes	Yes	Yes	Yes	Yes
Microsoft Point-to-Point Compression	Yes	Yes	Yes	Yes	Yes	Yes
MS Callback	Yes	Yes	Yes	Yes	Yes	Yes
PPP over ATM	No	No	No	No	No	No
Stackable Home Gateway	No	No	No	Yes	Yes	Yes
Telnet Extensions for Dialout	No	No	No	No	No	No
X.25 Enhancements	Yes	Yes	Yes	Yes	Yes	Yes
X.25 on ISDN	Yes	Yes	Yes	Yes	Yes	Yes
X.25 Switching between PVCs and SVCs	Yes	Yes	Yes	Yes	Yes	Yes
X.28 Emulation	No	No	No	No	No	No

New and Changed Information

The following sections list the new features supported by the Cisco 1000 series routers for Cisco IOS Release 11.3 T.

No New Software Features in Release 11.3(5)T through 11.3(11)T

There are no new software features supported by the Cisco 1000 series in Cisco IOS Release 11.3(5)T through 11.3(11)T.

New Software Features in Release 11.3(4)T

The following new software feature is supported by the Cisco 1000 series in Release 11.3(4)T and later 11.3 T releases.

IP Type of Service and Precedence for GRE Tunnels

For more information about configuring the following new features, from CCO select Service & Support, go to Documentation Home Page, click Cisco IOS Software Configuration, click Cisco IOS Release 11.3, select Cisco IOS 11.3 T New Features, and then click 11.3(4)T New Features. This information is also available on the Documentation CD-ROM.

Prior to the IP Type of Service and Precedence for GRE Tunnels feature, at generic route encapsulation-based tunnel endpoints, the Type of Service (TOS) bits (including precedence bits) were not copied to the tunnel or GRE IP header that encapsulates the inner packet. Instead, those bits were set to zero. This was not a problem unless the intermediate routers between two tunnel endpoints honored TOS or precedence bits, in which case those settings were ignored.

With the advent of virtual private network (VPN) and QoS applications, it is desirable to copy the TOS bits when the router encapsulates the packets using GRE. Thus, intermediate routers between tunnel endpoints can take advantage of the QoS features such as weighted fair queuing (WFQ) and weighted random early detection (WRED).

New Software Features in Release 11.3(3)T

The following new software features are supported by the Cisco 1000 series in Release 11.3(3)T and later 11.3 T releases.

Additional Vendor-Proprietary RADIUS Attributes

Remote Authentication Dial-In User Server (RADIUS) is an access server authentication, authorization, and accounting protocol originally developed by Livingston, Inc. Although an Internet Engineering Task Force (IETF) draft standard for RADIUS specifies a method for communicating vendor-proprietary information between the network access server and the RADIUS server, some vendors have extended the RADIUS attribute set in a unique way.

In this release, Cisco IOS software introduces support for additional vendor-proprietary RADIUS attributes. For a complete list of supported IETF and vendor-proprietary RADIUS attributes, refer to the "RADIUS Attributes" appendix in the Cisco IOS Release 11.3 Security Configuration Guide.

Always On/Dynamic ISDN (AO/DI)

Always On/Dynamic ISDN (AO/DI) is an on-demand service that optimizes the use of an existing Integrated Services Digital Network (ISDN) signaling channel (D channel) to transport X.25 traffic. The X.25 D-channel call is placed from the subscriber to the packet data service provider. Multilink and TCP/IP protocols are encapsulated within the X.25 logical circuit carried by the D channel. The bearer channels (B channels) use the Multilink protocol without the standard Q.922 and X.25 encapsulations and invoke additional bandwidth as needed. AO/DI takes full advantage of existing packet handlers at the central office by using an existing D channel to transport the X.25 traffic.

The link associated with the X.25 D-channel packet connection is used as the primary link of the Multilink protocol. The D channel is a connectionless, packet-oriented link between the Customer Premise Equipment (CPE) and the central office. Because the D channel is always available, it is possible to offer "always available" services. On-demand functionality is achieved by using the B channels to temporarily boost data throughput and disconnecting them after use.

Microsoft Point-to-Point Compression

Microsoft Point-to-Point Compression (MPPC) compresses Point-to-Point Protocol (PPP) packets between Cisco and Microsoft client devices. The MPPC algorithm is designed to optimize processor and bandwidth utilization in order to support multiple simultaneous connections. The MPPC algorithm uses a Lempel-Ziv (LZ) based algorithm with a continuous history buffer called a dictionary.

Named Method Lists for AAA

In earlier Cisco IOS releases, only named authentication method lists were supported under Cisco authentication, authorization, and accounting (AAA) network security services. Release 11.3(3)T extends AAA to support both authorization and accounting named method lists. Named method lists for authorization and accounting function the same way as those for authentication; you can define different methods for authorization and accounting and apply those methods on a per-interface or per-line basis.

NFAS with D Channel Back Up

The DMS100 and NI2 switch types have been added to the existing Non-Facility Associated Signaling (NFAS) with D channel backup feature. ISDN NFAS allows a single D channel to control multiple PRI interfaces. A backup D channel can be configured for use when the primary NFAS D channel fails. When the channelized T1 controllers are configured for ISDN PRI, only the NFAS primary D channel must be configured; its configuration is distributed to all the members of the associated NFAS group.

Use of a single D channel to control multiple PRI interfaces can free one B channel on each interface to carry other traffic. Any hard failure causes a switchover to the backup D channel, and currently connected calls remain connected.

VPDN MIB and Syslog Facility

The Virtual Private Dialup Network (VPDN) Management Information Base (MIB) and Syslog Facility feature is intended to support all the tables and objects defined in "Cisco VPDN Management MIB" for the user sessions of the VPDN features. There are a number of commands that provide information and statistics through the command-line interface (CLI); the Cisco VPDN MIB has been created to satisfy the need to provide information and statistics through SNMP.

New Software Features in Release 11.3(2)T

The following new software features are supported by the Cisco 1000 series in Release 11.3(2)T and later 11.3 T releases.

PIM Version 2

Protocol-Independent Multicast (PIM) Version 2 includes the following improvements over PIM Version 1:

• A single, active rendezvous point (RP) exists per multicast group, with multiple backup RPs. This compares to multiple active RPs for the same group in PIM Version 1.

• A bootstrap router (BSR) provides a fault-tolerant, automated RP discovery and distribution mechanism. Thus, routers dynamically learn the group-to-RP mappings.

• Sparse mode and dense mode are properties of a group, as opposed to an interface. The mode strongly recommended is sparse-dense mode, as opposed to sparse mode or dense mode only.

• PIM Join and Prune messages have more flexible encodings for multiple address families.

• A more flexible Hello packet format replaces the Query packet to encode current and future capability options.

• Register messages to an RP indicate whether they were sent by a border router or a designated router.

• PIM packets are no longer inside IGMP packets; they are standalone packets.

Dialer Watch

Dialer Watch is a backup feature that integrates dial backup with routing capabilities. Prior dial backup implementations used the following conditions to trigger backup:

• Interesting packets were defined at central and remote routers using dial-on-demand routing (DDR).

• Connection loss occurred on a primary interface using a backup interface with floating static routes.

• Traffic thresholds were exceeded using a dialer load threshold.

Prior backup implementations might not have supplied optimum performance on some networks, such as those using Frame Relay multipoint subinterfaces or Frame Relay connections that do not support end-to-end LMI.

Dialer Watch provides reliable connectivity without relying solely on defining interesting traffic to trigger outgoing calls at the central router. Dialer Watch uses the convergence times and characteristics of dynamic routing protocols. Integrating backup and routing features enables Dialer Watch to monitor every deleted route. By configuring a set of watched routes that define the primary interface, you can monitor and track the status of the primary interface as watched routes are added and deleted. Watched routes are monitored in the following sequence:

1. Whenever a watched route is deleted, Dialer Watch checks to see if there is at least one valid route for any of the watched IP addresses defined.

2. If there is no valid route, the primary line is considered down and unusable.

3. If there is a valid route for at least one of the defined watched IP addresses, and if the route is pointing to an interface other than the backup interface configured for Dialer Watch, the primary link is considered up.

4. If the primary link goes down, Dialer Watch is immediately notified by the routing protocol, and the secondary link is brought up.

5. When the secondary link is up, the primary link is rechecked at the expiration of each idle timeout.

6. If the primary link remains down, the idle timer is indefinitely reset.

7. If the primary link is up, the secondary backup link is disconnected. Additionally, you can set a disable timer to create a delay for the secondary link to disconnect after the primary link is reestablished.

MS Callback

The MS Callback feature provides client-server callback services for Microsoft Windows 95 and Microsoft Windows NT clients. MS Callback supports the Microsoft Callback Control Protocol (MSCB). MSCB is a Microsoft proprietary protocol used by Windows 95 and Windows NT clients. MS Callback supports negotiated PPP Link Control Protocol (LCP) extensions initiated and agreed upon by the Microsoft client. MS Callback is added to existing PPP Callback functionality. Therefore, if you configure your Cisco access server to perform PPP Callback using Cisco IOS Release 11.3(2)T or later, MS Callback is automatically available.

New Software Features in Release 11.3(1)T

The following new software features are supported by the Cisco 1000 series in Release 11.3(1)T and later 11.3 T releases.

IP ROUTING:

Easy IP (Phase 1)

The Easy IP (Phase 1) feature combines Network Address Translation (NAT) and PPP/Internet Protocol Control Protocol (IPCP). This feature enables a Cisco router to automatically negotiate its own registered WAN interface Internet Protocol (IP) address from a central server and to enable all remote hosts to access the global Internet using this single registered IP address. Because Easy IP uses existing port-level multiplexed NAT functionality within the Cisco IOS software, IP addresses on the remote LAN are invisible to the Internet.

Hot Standby Router Protocol over ISL in Virtual LAN Configurations

The Hot Standby Router Protocol (HSRP) provides a very high level of redundancy between hosts and gateway routers. HSRP also provides high network availability by enabling backup routes between hosts on Ethernet, Fast Ethernet, FDDI, and Token Ring networks. Cisco IOS devices that are running the HSRP send and receive multicast hello packets to detect router failure and to designate active and standby routers.

HSRP was first introduced with ATM LAN Emulation in Cisco IOS Release 11.0 and in Release 11.1 for virtual LAN (VLAN) configurations in IP networks using IEEE 802.10 encapsulations on FDDI media. Starting with Release 11.3, HSRP is also supported over Inter-Switch Links (ISLs) in VLAN configurations on Fast Ethernet. Now, HSRP functionality can be deployed with Cisco IOS VLANS using IEEE 802.10 on FDDI, ATM LAN Emulation, and ISL encapsulation on Fast Ethernet.

IP Enhanced IGRP Route Authentication

This feature provides MD5 authentication of routing updates from the IP EIGRP routing protocol. The MD5 keyed digest in each IP Enhanced IGRP packet prevents the introduction of unauthorized or false routing messages from unapproved sources.

Selective Packet Discard (SPD)

When in severe overload conditions, routers that cannot keep up with the incoming packet stream must drop packets. If no intelligence is applied to choosing which ones to discard, the stability of routing protocols is impacted. This feature applies some simple choices to selectively discard packets likely to be unimportant for routing and interface stability. SPD is enabled by default; there are no commands or configuration tasks required.

LAN SUPPORT:

AppleTalk Access List Enhancements

This feature adds functionality and improved performance when using AppleTalk access lists and filters.

The specific AppleTalk access list enhancements include the following:

• Access list fast switching

• Access lists for inbound interfaces

In previous releases of the Cisco IOS software, AppleTalk access lists, with the exception of NBP access lists, could be applied to outbound interfaces only. With this release, access lists can be applied to inbound and outbound interfaces.

• NBP access lists for outbound interfaces

In previous releases of Cisco IOS software, NBP access lists could be applied to inbound interfaces only. With this release, NBP access lists can be applied to inbound and outbound interfaces.

• NBP filter based on NBP packet type:

  • Broadcast Request

  • Forward Request

  • Lookup

  • Lookup Reply

IPX Named Access Lists

You can now identify IPX access lists with an alphanumeric string (a name) rather than a number. You can use this feature to configure an unlimited number of the following types of access lists:

• Standard

• Extended

• SAP

• NLSP route aggregating (also known as summary)

If you identify your access list with a name rather than a number, the mode and command syntax are slightly different. Currently, only packet and route filters can use a named list.

This feature provides enhanced security because you can use a separate and easily identifiable access list for each user or interface. It also removes the limit of 100 lists per filter type.

Consider the following before configuring IPX named access lists:

• Access lists specified by name are not compatible with releases that do not support this feature, such as Cisco IOS Release 11.2 or Release 11.2 P.

• Access list names must be unique across all protocols.

• Numbered access lists are also available as described in the Cisco IOS Release 11.3 Network Protocols Configuration Guide, Part 2.

IPX SAP-after-RIP

This feature links Service Advertising Protocol (SAP) updates to Routing Information Protocol (RIP) updates so that SAP broadcast and unicast updates automatically occur immediately after the corresponding RIP update. The feature ensures that no service information is rejected by a remote router because it lacks a valid route to the service. As a result of this feature, periodic SAP updates are sent as often as RIP updates.

NLSP Enhancements

This feature allows the router to interpret the maximum lifetime field in a Level 1 link-state packet (LSP) in hours or seconds. Previously, the field was interpreted in seconds only. The router keeps LSP packets for a much longer time, which reduces overhead on slower-speed serial links and keeps ISDN links from becoming active unnecessarily.

NLSP Multicast Support

The NLSP Multicast Support feature adds support for the use of NLSP multicast addressing for Ethernet, Token Ring, and FDDI router interfaces. This capability is only possible when the underlying Cisco hardware device or driver supports multicast addressing.

With this feature, the router defaults to using multicasts instead of broadcasts on Ethernet, Token Ring, and FDDI interfaces to address all NLSP routers on the network. If an adjacent device does not support NLSP multicasting, the router uses broadcasts on the affected interface. When routers running prior versions of Cisco IOS software are on the same network with routers running Cisco IOS Release 11.3, broadcasts are used on any segment shared by the two routers.

MANAGEMENT:

Cisco Call History MIB Command-Line Interface

A Cisco IOS command-line interface (CLI) is available for setting two Cisco Call History MIB parameters. These parameters are the number of entries to be retained by the MIB and the length of time to retain them, which correspond to the following MIB objects:

• ciscoCallHistoryTableMaxLength

• ciscoCallHistoryRetainTimer

When you save the router configuration before reloading the router, the parameter values are also saved. Before this release, SNMP was the only available means for setting the values of these parameters. However, when the parameters are set by SNMP, the old values are lost, and the parameters are reset to their default values whenever a router is reloaded. The Cisco Call History MIB CLI is enabled by default.

Cisco IOS Internationalization

The Cisco IOS Internationalization feature makes available HTML Server Side Includes (SSIs) to customize international or domestic HTML pages used for the Cisco web browser interface (such as ClickStart pages) and to store them in Flash memory on multiple Cisco IOS platforms. In addition, you can display 8-bit or multibyte international character sets (such as Japanese) and print the escape (ESC) character as a single character instead of as the caret and bracket symbols (^[) on the Cisco Web browser and at the router command line.

Entity MIB, Phase 1

The Entity MIB (RFC 2037) describes the logical resources, physical resources, and logical-to-physical mappings of devices managed by a single SNMP agent. This feature implements the first phase of the Entity MIB, the Logical Entity Table. The Logical Entity Table describes the logical entities managed by a single agent. The Entity MIB also records the time of the last modification to any object in the Entity MIB and sends out a trap when any object is modified. The Entity MIB provides no managed objects with write access.

SNMPv2C

The SNMPv2C feature replaces support for SNMPv2Classic with support for SNMPv2 and SNMPv2C. SNMPv2C replaces the Party-based Administrative and Security Framework of SNMPv2Classic with the Community-based Administrative Framework while retaining 64-bit counters and get-bulk functionality. This feature implements RFCs 1901 through 1907, deprecating the implementation of RFCs 1441 through 1451.

The following commands are obsolete in Release 11.3:

• snmp-server access-policy

• snmp-server context

• snmp-server party

In addition, the snmp-server trap-authentication command has been replaced. Use the snmp-server enable traps snmp authentication command in its place. Existing configurations that use the snmp-server trap-authentication command are not affected; however, this command is not saved to the startup configuration.

Virtual Profiles

Virtual Profiles is a unique PPP application that defines and applies per-user configuration information for users who dial in to a router. Virtual Profiles allows user-specific configuration information to be applied irrespective of the media used for the dial-in call. The configuration information for virtual profiles can come from a virtual interface template, per-user configuration information stored on an AAA server, or both, depending on how the router and AAA server are configured.

Virtual profiles overcome current limitations on network scalability:

• AAA--The current ability for Cisco routers to change any configuration on a per-user basis is limited to the AV pairs that are allowed by the respective AAA implementation.

• Network protocols--Some protocols, such as IPX, expect each dial-in user to come in from a different network; scalability improves when network numbers are applied dynamically for each user.

• Media--Each medium is limited to receiving calls from users statically defined; scalability improves when a user can dial in through any interface, which then has a user configuration dynamically bound to it.

• DDR--The dial-on-demand routing model is designed to learn routes when links come up but not to delete them when the link is torn down; scalability improves when routes are added dynamically when the need arises and deleted dynamically when the need is gone.

• Dialer profiles--Dialer profiles solve some of the limitations above, but cannot handle thousands of dial-in remote nodes; scalability improves when virtual interfaces are not limited to the number of hardware interfaces in a router.

Virtual profiles overcome the limitations listed above by providing a unique interface for each user dialing in to a Cisco router or access server.

MULTIMEDIA:

IP Multicast Load Splitting Across Equal-Cost Paths

You can configure load splitting of IP multicast traffic across equal-cost paths. Previously, when there were equal-cost paths between routers, IP multicast packets traversed only one path. If a tunnel was configured, the same next hop was always used, and no load splitting occurred.

IP multicast load splitting is accomplished indirectly by consolidating the available bandwidth of all the physical links into a single tunnel interface. The underlying physical connections then use existing unicast load-splitting mechanisms for the tunnel (multicast) traffic. By configuring load splitting among equal-cost paths, you can use your links between routers more efficiently when sending IP multicast traffic.

IP Multicast over Token Ring LANs

Prior to this feature, IP multicast datagrams used the MAC-level broadcast address 0xFFFF.FFFF.FFFF, which placed an unnecessary burden on all devices that did not participate in IP multicast. The IP multicast over Token Ring LANs feature defines a way to map IP multicast addresses to a single Token Ring MAC address. This feature defines the Token Ring functional address (0xc000.0004.0000) that should be used over Token Ring. The Cisco Systems implementation complies with RFC 1469, IP Multicast over Token-Ring Local Area Networks (June 1993).

IP multicast transmissions over Token Ring interfaces are more efficient than they used to be. This feature reduces the load on other machines that do not participate in IP multicast because they do not receive these packets.

The following restrictions apply to this feature:

• This feature can be configured only on a Token Ring interface.

• Neighboring devices on the Token Ring on which this feature is used should also use the same functional address for IP multicast traffic.

• Because there are a limited number of Token Ring functional addresses, other protocols can be assigned to the Token Ring functional address 0xc000.0004.0000. Therefore, not every frame sent to the functional address is necessarily an IP multicast frame.

Stub IP Multicast Routing

When using PIM in a large network, there are often stub regions over which the administrator has limited control. To reduce the configuration and administration burden, you can configure a subset of PIM functionality that provides the stub region with connectivity but does not allow it to participate in or potentially complicate any routing decisions.

Stub IP multicast routing allows simple multicast connectivity and configuration at stub networks. It eliminates periodic flood-and-prune behavior across slow-speed links (ISDN and below) using dense mode. It does this by using forwarded IGMP reports as a type of Join message and selective PIM message filtering.

QUALITY OF SERVICE:

RTP Header Compression

Real-time Transport Protocol (RTP) carries packetized audio and video traffic over an IP network. RTP is described in RFC 1889. RTP is not intended for data traffic, which uses Transmission Control Protocol (TCP) or User Datagram Protocol (UDP). RTP provides end-to-end network transport functions intended for applications transmitting real-time requirements, such as audio, video, or simulation data over multicast or unicast network services.

The minimal 12 bytes of the RTP header, combined with 20 bytes of IP header and 8 bytes of UDP header create a 40-byte IP/UDP/RTP header. The RTP packet has a payload of approximately 20 to 150 bytes for audio applications that use compressed payloads. It is very inefficient to transmit the IP/UDP/RTP header without compressing it.

The RTP header compression feature compresses the IP/UDP/RTP header in an RTP data packet from 40 bytes to approximately 2 to 5 bytes. It is a hop-by-hop compression scheme similar to RFC 1144 for TCP header compression. Using RTP header compression can benefit both telephony voice and multicast backbone (MBONE) applications running over slow links.

RTP header compression is supported on serial lines using Frame Relay, HDLC, or PPP encapsulation. It is also supported over ISDN interfaces.

Enabling compression on both ends of a low-bandwidth serial link can greatly reduce the network overhead if there is a lot of RTP traffic on that slow link. This compression is beneficial especially when the RTP payload size is small (as with compressed audio payloads of 20 to 50 bytes). Although the MBONE-style RTP traffic has higher payload sizes, compact encodings like Compressed Encoding for Linear Prediction (CELP) can also help considerably.

SECURITY:

Double Authentication

Double Authentication provides additional authentication for Point-to-Point Protocol (PPP) sessions. Previously, PPP session authentication was limited to CHAP (or PAP). With Double Authentication, remote users must pass a second stage of user authentication--after CHAP or PAP authentication--before they can gain network access.

If you configure your local host (NAS or router) for Double Authentication, remote users must complete a second stage of authentication to gain their assigned user network privileges. This second double authentication requires a password that is known to the user but not stored on the remote host of the user. Therefore, the second authentication is specific to a user, not to a host. This feature provides an additional level of security that is effective even if the remote host is stolen.

Encrypted Kerberized Telnet

Encrypted Kerberized Telnet enables a router to initiate or receive an encrypted Telnet session. Previously, all Telnet session traffic could only be transmitted as clear-text (readable) data.

You can use Encrypted Kerberized Telnet when establishing a Telnet session to or from a router. When you use this feature, first you are authenticated by your Kerberos credentials, and then an encrypted Telnet session is established.

The Cisco implementation of Encrypted Kerberized Telnet uses the following encryption standard: 56-bit Data Encryption Standard (DES) encryption with 64-bit Cipher Feedback (CFB). This feature is available only if you have the 56-bit encryption image. The 56-bit DES encryption image is subject to U.S. government export-control regulations.

HTTP Security

All Cisco routers and access servers running Cisco IOS Release 11.0(6) or later have an HTTP server, which is an embedded subcomponent of the Cisco IOS software. Users with a privilege level of 15 can use a web browser to issue Cisco IOS commands from a predefined home page. In Cisco IOS Release 11.3, the HTTP security feature enables users with a privilege level other than 15 to access the HTTP server.

In addition, a new command has been added to specify how HTTP server users are authenticated. The HTTP server in the Cisco IOS Release 11.2 software uses the enable password method to authenticate a user at privilege level 15. In Release 11.3, system administrators can specify enable; local; Terminal Access Controller Access Control System (TACACS); or authentication, authorization, and accounting (AAA) user authentication.

Using the HTTP Security feature, network administrators can provide HTTP-server access to users with a privilege level of less than 15. The Cisco Web browser interface then mirrors the functionality of the command-line interface (CLI).

Per-User Configuration

The Per-User Configuration can tie together the following dial-in features:

• Virtual interface templates, which are generic interface configuration and router-specific configuration information stored in the form of a virtual interface template that can be applied (cloned) to a virtual access interface each time any user dials in.

• AAA per-user security and interface configuration information stored on a separate AAA server that sends it to the access server or router in response to authorization requests during the PPP authentication phase. The per-user configuration information can add to or override the generic configuration on a virtual interface.

• Virtual profiles, which can use either or both of these two features for virtual interface configuration. When a user dials in, virtual profiles can apply the generic interface configuration and then apply the per-user configuration to create a unique virtual access interface for that user.

A virtual access interface created dynamically for any user dial-in session is deleted when the session ends. The resources used during the session are returned for other dial-in uses.

With per-user configuration:

• Maintenance ease for service providers with a large number of access servers and a very large number of dial-in users. Service providers do not need to update all their routers and access servers when user-specific information changes; instead, they can update one AAA server.

• Scalability. By separating generic virtual interface configuration on the router from the configuration for each individual, Internet service providers and other enterprises with large numbers of dial-in users can provide a uniquely configured interface for each user. In addition, by separating the generic virtual interface configuration from the physical interfaces on the router, the number and types of physical interfaces on the router or access server are not intrinsic barriers to growth.

TCP Intercept

The TCP Intercept feature implements software to protect TCP servers from TCP SYN-flooding attacks, which are a type of denial-of-service attack. A SYN-flooding attack occurs when a hacker floods a server with requests for connection. Because these messages have unreachable return addresses, the connections cannot be established. The resulting volume of unresolved open connections eventually overwhelms the server and can cause it to deny service to valid requests, thereby preventing legitimate users from connecting to a Web site, accessing e-mail, using FTP service, and so on.

The TCP Intercept feature helps prevent SYN-flooding attacks by intercepting and validating TCP connection requests. In intercept mode, the TCP intercept software intercepts TCP synchronization (SYN) packets from clients to servers that match an extended access list. The software establishes a connection with the client on behalf of the destination server and if successful, establishes the connection with the server on behalf of the client and knits the two half-connections together transparently. Thus, connection attempts from unreachable hosts never reach the server. The software continues to intercept and forward packets throughout the duration of the connection.

Vendor-Proprietary RADIUS Attributes

Remote Authentication Dial-In User Server (RADIUS) is an access server authentication and accounting protocol originally developed by Livingston, Inc. Although an Internet Engineering Task Force (IETF) draft standard for RADIUS specifies a method for communicating vendor-proprietary information between the network access server and the RADIUS server, some vendors have extended the RADIUS attribute set in a unique way. Cisco IOS software currently supports the IETF draft standard RADIUS. In this release, Cisco IOS software introduces support for the most common vendor-proprietary RADIUS attributes.

Some vendor-proprietary implementations of RADIUS let the administrator define static routes and IP pool definitions on the RADIUS server, instead of on each network access server. As each network access server starts up, it queries the RADIUS server for static route and IP pool information. In this release, a new command enables the Cisco router to obtain static routes and IP pool definition information from the RADIUS server at start-up time. This frees the user from having to configure such information on each network access server.

SWITCHING:

Fast-Switched Policy Routing

IP policy routing can now be fast-switched. Previously, policy routing could only be process-switched, which meant that on most platforms, the switching rate was approximately 1,000 to 10,000 packets per second. This was not fast enough for many applications. Users who need policy routing to occur at faster speeds can implement policy routing without slowing down the router.

TERMINAL SERVICES:

Virtual Interface Template Service

Beginning with Cisco IOS Release 11.2, virtual interfaces can be configured independently of any physical interface and applied dynamically, as needed, to create virtual access interfaces. When a user dials in, a predefined configuration template is used to configure a virtual access interface; when the user is done, the virtual access interface is torn down, and the resources are freed for other dial-in uses.

This feature provides a generic service that can be used to apply predefined configurations (virtual interface templates) in creating and freeing virtual access interfaces, as needed. Virtual interface templates and virtual access interfaces are basically serial interfaces with no hardware associations; they are created and freed as needed.

The virtual interface template service provides the following benefits to customers with large numbers of dial-in users:

• For easier maintenance, allows customized configurations to be predefined and then applied dynamically when the specific need arises.

• For scalability, allows interface configuration to be separated from physical interfaces. Virtual interfaces can share characteristics, no matter what specific type of interface the user called on.

• For consistency and configuration ease, allows the same predefined template to be used for all users dialing in for a specific application.

• For efficient router operation, frees the virtual access interface memory for another dial-in use when a user call ends.

Virtual Templates for Protocol Translation

Using Cisco IOS Release 11.3, you can simplify the process of configuring protocol translation to tunnel PPP or SLIP across X.25, TCP, and LAT networks. Release 11.3 provides virtual template interfaces that you can configure independently and apply to any protocol translation configuration. You can configure virtual interface templates for one-step and two-step protocol translation.

Before virtual templates were implemented, you enabled asynchronous protocol functions on vty lines by creating virtual asynchronous interfaces rather than virtual access interfaces. (For one-step translation, you did so by specifying ppp or slip as outgoing options in the translate command. For two-step translation, you did so by specifying the vty-async command.) The differences between virtual asynchronous interfaces and virtual access interfaces are as follows:

• Virtual asynchronous interfaces are allocated permanently, whereas virtual access interfaces are created dynamically when a user calls in and are closed down when the connection drops.

• Virtual asynchronous interfaces were unconfigurable. That is, you could create a virtual asynchronous interface, though you could not configure it using interface configuration commands. However, virtual access interfaces are fully configurable via the virtual interface template. All attributes of the virtual interface template are cloned onto the virtual access interface when a call comes in.

WAN OPTIMIZATION:

PAD Enhancements

The Cisco implementation of packet assembler/disassembler (PAD) has been enhanced:

• PAD calls can be made to destinations that are not reachable over physical X.25 interfaces, but that are reachable over TCP tunnels. This enables a Cisco router with only an Ethernet interface to communicate with PAD protocols to an X.25 network using TCP-based X.25 switching. To enable this function, use the service pad to-xot and service pad from-xot global configuration commands.

• The /use-map option is added to the pad command and to the translate x25 command. This option allows all the X.25 map facilities to be applied to the outgoing PAD call or protocol translation call.

• The idle minutes argument is added to the translate x25 command. This new incoming connection request option specifies the number of minutes the virtual circuit (VC) is idle. The option enables the protocol translator to clear a switched virtual circuit (SVC) after a set period of inactivity.

PAD Subaddressing

You can use this feature to append a specified value to an X.121 calling address when that address is not sufficient to identify the source of a call. You can use PAD subaddressing to create unique X.121 calling addresses by including either a physical port number or a value specified for a line as a subaddress to the X.121 calling address.

PAD subaddressing enables an X.25 host application to uniquely identify the source of an X.121 call. For example, in some bank security-alarm applications, the central alarm host identifies the physical location of the alarm units from subaddressing information contained in the Call Request packet.

WAN SERVICES:

Bandwidth Allocation Control Protocol

The Bandwidth Allocation Control Protocol (BACP) described in RFC 2125 provides Multilink PPP peers with the ability to govern link utilization. After peers have successfully negotiated BACP, they can use the Bandwidth Allocation Protocol (BAP), a subset of BACP, to negotiate bandwidth allocation. BAP provides a set of rules governing dynamic bandwidth allocation through call control, a defined method for adding and removing links from a multilink bundle for Multilink PPP.

The addition of any link to an existing multilink bundle is controlled by a BAP call or callback request message, and the removal of a link can be controlled by a link drop message. BACP is designed to operate in both the virtual interface environment and the dialer interface environment. It can operate over any physical interface that is Multilink-PPP capable and has a dial capability; at initial release, BACP supports ISDN and asynchronous serial interfaces.

BACP provides the following benefits:

• Allows multilink implementations to interoperate by providing call control through the use of link types, speeds, and telephone numbers.

• Controls thrashing caused by links being brought up and removed in a short period of time.

• Ensures that both ends of the link are informed when links are added or removed from a multilink bundle.

Enhanced Local Management Interface

The Enhanced Local Management Interface feature provides an enhancement to the Frame Relay LMI protocol. Enhanced Local Management Interface enables automated exchange of Frame Relay Quality of Service (QoS) parameter information between the Cisco router and the Cisco wide-area switch. Routers can base congestion management and prioritization decisions on known QoS values, such as the Committed Information Rate (CIR), Committed Burst Size (Bc), and Excess Burst Size (Be). The router senses QoS values from the switch and can be configured to use those values in traffic shaping. This enhancement works between Cisco routers and Cisco wide-area switches (Cisco BPX and Cisco IGX platforms).

Frame Relay Enhancements

The Frame Relay enhancements introduced with this feature include:

• Standard-based FRF.9 Frame Relay compression for Cisco routers

• Hardware compression support for FRF.9 with the Compression Service Adapter (CSA)

Frame Relay compression can occur on the CSA board or on the main CPU of the router. FRF.9 is standard-based and therefore provides multivendor compatibility. FRF.9 compression uses higher compression ratios, allowing more data to be compressed for faster transmission.

Frame Relay MIB Extensions

The Cisco Frame Relay MIB adds proprietary extensions to the standard Frame Relay MIB (RFC 1315). It provides additional link-level and virtual circuit-level information and statistics that are mostly specific to Cisco Frame Relay implementation. This MIB provides SNMP network management access to most of the information covered by the show frame-relay commands, such as show frame-relay lmi, show frame-relay pvc, show frame-relay map, and show frame-relay svc.

Frame Relay Router ForeSight

ForeSight is the network traffic control software used in Cisco wide-area switches. The Cisco wide-area Frame Relay switch can extend ForeSight messages over a User-to-Network Interface (UNI), passing the backward congestion notification for virtual connections. The Router ForeSight feature allows Cisco Frame Relay routers to process and react to ForeSight messages and adjust virtual circuit level traffic shaping in a timely manner.

The Router Foresight feature must be explicitly configured on both the Cisco router and the Cisco wide-area switch. When ForeSight is enabled, a ForeSight message is sent out at the configured time interval, which can range from 40 to 5000 milliseconds. The time interval between the ForeSight messages is set during configuration of the switch. Refer to the appropriate Cisco wide-area switch documentation for details for configuring this feature.

When a Cisco router receives a ForeSight message indicating that certain Data Link Connection Identifiers (DLCIs) are experiencing congestion, the Cisco router activates its traffic shaping function to slow down the output rate. The router reacts as it would if it detected the congestion by receiving a packet with the backward explicit congestion notification (BECN) bit set.

BECN requires a user packet to be sent in the direction of the congested DLCI to convey the signal, a process that is not predictable and therefore not reliable as a notification mechanism. Timed ForeSight messages guarantee that the router receives notification before congestion becomes a problem. Traffic can be slowed down in the direction of the congested DLCI.

The Frame Relay router ForeSight feature provides an improved mechanism for managing network traffic. It provides these benefits:

• The ability for Cisco routers to react to ForeSight backward congestion notification messages.

• Guaranteed notification of traffic congestion.

ISDN Advice of Charge

The ISDN Advice of Charge (AOC) feature is for ISDN PRI NET5 and ISDN BRI NET3 switch types only. Users can obtain charging information for all calls during the call (AOC-D), at the end of the call (AOC-E), or both to track call costs and to control and possibly reduce tariff charges through the use of the short-hold mode option.

The ISDN AOC feature also supports, for the AOC-D service, an optional, configurable short-hold mode that provides a dynamic idle timeout by measuring the call-charging period, based on the frequency of the AOC-D or the AOC-E message from the network. The short-hold mode idle time does the following:

• Disconnects a call just before the beginning of a new charging period if the call has been idle for at least the configured minimum idle time.

• Maintains the call to the end of the current charging period (past the configured idle timeout) if the time left in the charging period is longer.

Users must have subscribed through their local ISDN network for the ISDN services (AOC-D or AOC-E). No router configuration changes are required to retrieve this call charging information. Call accounting information for AOC-D and AOC-E messages is stored in SNMP MIB objects.

ISDN Caller ID Callback

The ISDN caller ID callback feature allows the initial incoming call from the client to the server to be rejected based on the caller ID message contained in the ISDN setup message and allows a callback to be initiated to the calling destination. This feature is independent of the encapsulation in effect and can be used with various encapsulations, such as PPP, HDLC, Frame Relay, and X.25.

In Cisco IOS Release 11.2, ISDN callback functionality required PPP or Combinet Packet Protocol (CPP) client authentication and client-server callback negotiation to proceed. If authentication and callback negotiations were successful, the callback server had to disconnect the call and then place a return call. Both the initial call and the return call were subject to tolls, and when service providers charge by the minute, even brief calls could be expensive.

ISDN NFAS

ISDN Non-Facility Associated Signaling (NFAS) allows a single D channel to control multiple PRI interfaces. A backup D channel can also be configured for use when the primary NFAS D channel fails. Use of a single D channel to control multiple PRI interfaces can free the B channel on each interface to carry other traffic. After the controllers are configured, only the NFAS primary D channel must be configured; its configuration is distributed to all the members of the associated NFAS group.

LANE Per-subinterface Debug Messages

You can limit debug messages to those related to a particular subinterface. Some debug commands generate a large amount of output; by restricting output to information on a particular subinterface, you can reduce the number of debug messages generated.

Layer 2 Forwarding--Fast Switching

Cisco routers fast-switch Layer 2 Forwarding (L2F) traffic. In stack group environments in which some L2F traffic is offloaded to a powerful router, fast switching provides improved scalability.

Leased-Line ISDN at 128 kbps

In Cisco IOS Release 11.2, leased-line service at 64 kbps via ISDN BRI is provided in Japan and Germany. In Cisco IOS Release 11.3, leased-line service at 128 kbps via ISDN BRI is provided in Japan. This service combines two B channels into a single pipe.

Multilink PPP Interleaving and Fair-Queuing Support

Interleaving on Multilink PPP allows large packets to be multilink encapsulated and fragmented into a small enough size to satisfy the delay requirements of real-time traffic; small real-time packets are not multilink encapsulated and are transmitted between fragments of the large packets. The interleaving feature also provides a special transmit queue for the smaller, delay-sensitive packets, enabling them to be transmitted earlier than other flows.

Weighted fair-queuing on Multilink PPP works at the packet level, not at the level of multilink fragments. Thus, if a small real-time packet gets queued behind a larger best-effort packet and no special queue has been reserved for real-time packets, the small packet is scheduled for transmission only after all the fragments of the larger packet are scheduled for transmission.

Weighted fair-queuing is supported on all interfaces that support Multilink PPP, including Multilink PPP virtual access interfaces and virtual interface templates. Weighted fair-queuing is enabled by default.

Fair-queuing on Multilink PPP overcomes a prior restriction. Previously, fair-queuing was not allowed on virtual access interfaces and virtual interface templates. Interleaving provides the delay bounds for delay-sensitive voice packets on a slow link that is used for other best-effort traffic.

Telnet Extensions for Dialout

The Telnet Extensions for Dialout feature is the network access server component of the Cisco DialOut Utility, used by local users to send faxes or connect to services outside the LAN by using modems attached (or internal) to a network access server. This feature extends the functionality of Telnet because users can control the activity of these modems from their desktop computers, using standard communications software. Because the Telnet Extensions for Dialout feature works with the client/desktop Cisco DialOut Utility, it is not a standalone feature. It enables the network access server to interface with the client/desktop component of the Cisco DialOut Utility. The client/desktop component of Cisco DialOut Utility must be installed on the client workstation before this feature can be used.

Telnet extensions allow the communications software running on the desktop computer of a client to control modem settings such as baud rate, parity, bit size, and stop bits. In addition, these extensions allow the network access server to return Carrier Detect signals to the communications software so that the software can determine when to start dialing a particular number.

The Telnet Extensions for Dialout feature uses reverse Telnet to access modems attached to the network access server. To enable this feature, you only need to configure the access server or router for reverse Telnet and configure the appropriate lines to both send and receive calls.

VPDN Tunnel Lookup Based on Dialed Number Information

The network service provider can select a specific VPDN tunnel for outgoing calls from a dial-in user by using the dialed number information service (DNIS) information provided on ISDN lines. The ability to select a tunnel based on DNIS provides additional flexibility to network service providers who offer VPDN services and to the corporations that use the services. Instead of having to use only the domain name for tunnel selection, tunnel selection can be based on the dialed number.

With this feature, a corporation that might have only one domain name can provide multiple, specific phone numbers for dialing into the network access server at the service provider point of presence. The service provider can select the tunnel to the appropriate services or portion of the corporate network based on the dialed number.

X.25 Enhancements

The Cisco X.25 implementation has been restructured to meet additional design goals that include greater modularity and consistent availability of X.25 services to the code that uses them. The following have been updated:

• Three classes of X.25 services:

  • X.25

  • X.25 over TCP (XOT)

  • X.25 over Local-Area Networks (Connection Mode Network Service or CMNS)

• Four classes of X.25 service users:

  • Encapsulating routed traffic over X.25 (datagram encapsulation)

  • X.25 switching

  • Packet assembler/disassembler (PAD) support for asynchronous devices, including protocol translation between X.25 related protocols (X.28, X.29) and other protocol families (LAT, Telnet, PPP)

  • Qualified Logical Link Control (QLLC)

• Three underlying layers that can support an X.25 service:

  • Link Access Procedure, Balanced (LAPB)

  • Link Access Procedure, D channel (LAPD)

  • Logical Link Control, Type 2 (LLC2)

X.25 Over ISDN

Basic Rate Interface (BRI) is an Integrated Systems Digital Network (ISDN) interface, and it consists of two B channels (B1 and B2) and one D channel. The B channels are used to transfer data, voice, and video. The D channel controls the B channels.

ISDN uses the D channel to carry signal information. ISDN can also use the D channel in a BRI to carry X.25 packets. The D channel has a capacity of 16 kbps, and the X.25 over D channel can use up to 9.6 kbps.

You can set the parameters of the X.25-over-D-channel interface without disrupting the original ISDN interface configuration. In a normal ISDN BRI interface, the D and B channels are bundled together and represented as a single interface. The original BRI interface continues to represent the D, B1, and B2 channels.

Because some end-user equipment uses static terminal endpoint identifiers (TEIs) to access this feature, static TEIs are supported. The dialer recognizes the X.25-over-D-channel calls and initiates them on a new interface.

X.25 traffic over the D channel can be used as a primary interface where low-volume, sporadic interactive traffic is the normal mode of operation. Supported traffic includes IPX, AppleTalk, transparent bridging, XNS, DECnet, and IP.

X.25 Switching Between PVCs and SVCs

This feature allows X.25 switching between permanent virtual connections (PVCs) and switched virtual connections (SVCs). Previously, X.25 switching was permitted only between circuits of the same type. Traffic that entered the router over a SVC could be forwarded only to another SVC. Likewise, traffic that entered the router over a PVC could be forwarded only to another PVC. This feature allows switching between the two circuit types.

X.28 Emulation

The Cisco IOS software provides an X.28 user emulation mode through which you can interact and control the PAD. During an exchange of control information, messages or commands sent from the terminal to the PAD are called PAD command signals. Messages sent from the PAD to the terminal are called PAD service signals. These signals and any transmitted data take the form of encoded character streams as defined by International Alphabet Number 5.

For asynchronous devices such as a terminals or modems to access an X.25 network host, the packets of a device must be assembled or disassembled by a PAD device. Using standard X.28 commands from the PAD, calls can be made into an X.25 network, X.3 PAD parameters can be set, or calls can be reset. There are 22 available X.3 PAD parameters to configure. These parameters can also be set by a remote X.25 host using X.29. The X.28 standard interface is common in many European countries and adheres to the X.25 International Telecommunication Union Telecommunication (ITU-T) standards.

The new X.28 interface is designed for asynchronous devices that require X.25 transport to access a remote or native asynchronous or synchronous host application. Applications such as dial-up users accessing a remote X.25 host can use the X.28 interface. For example, banks implement Cisco routers to support back-office applications, ATMs, point-of-sales authorization devices, and alarm systems. These alarm devices are connected asynchronously to the same Cisco router and report alarm conditions to a remote alarm host for the dispatch of police. The Cisco X.28 PAD implementation calls can be transported over a public packet network, a private X.25 network, the Internet, a private IP-based network, or a Frame Relay network. With this new service, Cisco offers the flexibility to either use the X.28 interface directly or over a Cisco IOS application service such as protocol translation. The protocol translation vty asynchronous application provides bidirectional access to an X.25 application with the PAD service or protocols, such as Digital Equipment Corporation (DEC), local-area transport (LAT), and TCP.

Installation Notes

If you are upgrading to Cisco IOS Release 11.3 from an earlier Cisco IOS software release, you should save your current configuration file before configuring your access server with the Cisco IOS Release 11.3 T software. An unrecoverable error could occur during download or configuration.

Before downloading a software upgrade, read Product Bulletin #703, Cisco IOS Software Release Upgrade Paths and Packaging Simplification. The information in this bulletin supersedes all previous instructions. This bulletin is in the following location on CCO. Click Service & Support. Near the bottom of the web page go to Product Bulletins, scroll down to the Software section, and then click Cisco IOS Software Release 11.3 Upgrade Paths No. 703 under the heading Cisco IOS 11.3.

Important Notes

The following sections contain important notes about Cisco IOS Release 11.3 and can apply to the Cisco 1000 series.

Image Deferral, Cisco IOS Release 11.3(8)T

Cisco IOS Release 11.3(8)T was deferred to Release 11.3(8)T1 on all software images to incorporate corrections to the following caveats:

• CSCdk86294--The D channel is always in the shutdown state when non-facility associated signalling is configured.

• CSCdk80809--Enhanced Interior Gateway Routing Protocol (EIGRP) has difficulty converging on certain routes.

For more information on these caveats, refer to Bug Navigator II. Bug Navigator II is available at http://www.cisco.com/support/bugtools. On CCO, click this path:

Service & Support/ Online Technical Support/ Software Bug Toolkit/ Bug Navigator II

Release 11.3(4)T1

Release 11.3(4)T1 is an early deployment release of software support for the Cisco 1000 series routers. Release 11.3(4)T1 is the same as Release 11.3(4)T except the following defect has been resolved in Release 11.3(4)T1:

The configuration command frame-relay interface-dlci is not working. This affects frame relay users who need to configure point-to-point subinterfaces. [CSCdk18271]

Removed Bridging Command

As of Release 11.3(2)T, the command bridge group multicast-source is no longer available. This command was removed to comply with the source-route-transparent (SRT) bridging implementation.

Missing Source-Route Bridging Commands

Due to a production problem, many source-route bridging commands were omitted from the printed version of the Cisco IOS Software Command Summary (78-4746-01). For complete documentation of all source-route bridging commands, refer to the Bridging and IBM Networking Command Reference (78-4743-01). You can also obtain the most current documentation on the Documentation CD-ROM or Cisco Connection Online (CCO).

New TACACS+ Attribute-Value (AV) Pair

A new authorization feature was added in Release 11.3(1) that allows for separate configuration and authorization of Multilink PPP. This can cause MLP authorization to fail in TACACS+ servers that do not include the relevant authorization permissions in the configuration. For TACACS+, the following attribute-value (AV) pair should be added for all users who are allowed to negotiate Multilink PPP:

service = ppp protocol = multilink {

Caveats

Caveats describe unexpected behavior in Cisco IOS software releases. Severity 1 caveats are the most serious caveats; severity 2 caveats are less serious.

For information on caveats in Cisco IOS Release 11.3 T, see Caveats for Cisco IOS Release  11.3  T on CCO and the Documentation CD-ROM.

All caveats in Release 11.3 are also in Release 11.3 T.

For information on caveats in Cisco IOS Release 11.3, see the "Important Notes and Caveats for Release 11.3"  section in Cross-Platform Release Notes for Cisco IOS Release 11.3   on CCO and the Documentation CD-ROM. These release notes list severity 1 and 2 caveats affecting all maintenance releases.

Related Documentation

The following sections describe the documentation available for the Cisco 1000 series. These documents consist of hardware and software installation guides, Cisco IOS configuration and command references, system error messages, feature modules, and other documents.

Documentation is available as printed manuals or electronic documents, except for feature modules, which are available online on CCO and the Documentation CD-ROM.

Use these release notes with these documents:

• Release-Specific Documents

• Platform-Specific Documents

• Feature Modules

• Cisco IOS Software Documentation Set

Release-Specific Documents

The following documents are specific to Release 11. 3 and are located on CCO and the Documentation CD-ROM:

• Cross-Platform Release Notes for Cisco IOS Release 11.3  

On CCO at:

Service & Support: Documentation Home Page: Cisco IOS Software Configuration: Cisco IOS Release 11.3: Release Notes for Cisco IOS Release 11.3

On the Documentation CD-ROM at:

Cisco Product Documentation: Cisco IOS Software Configuration: Cisco IOS Release 11.3: Release Notes for Cisco IOS Release 11.3

• Product bulletins, field notices, and other release-specific documents on CCO at:

Service & Support: Technical Documents

• Caveats for Cisco IOS Release 11.3 T

As a supplement to the caveats listed in the "Caveats" section, see Caveats for Cisco IOS Release 11.3 T, which contains caveats applicable to all platforms for all maintenance releases of Release 11.3 T.

On CCO at:

Service & Support: Documentation Home Page: Cisco IOS Software Configuration: Cisco IOS Release 11.3: Product Specific Release Notes for Cisco IOS Release 11.3: Caveats for Cisco IOS Release 11.3 T

On the Documentation CD-ROM at:

Cisco Product Documentation: Cisco IOS Software Configuration: Cisco IOS Release 11.3: Product Specific Release Notes for Cisco IOS Release 11.3: Caveats for Cisco IOS Release 11.3 T

---

Note If you have an account with CCO, you can use Bug Navigator II to find caveats of any severity for any release. You can reach Bug Navigator II on CCO at Service & Support: Online Technical Support: Software Bug Toolkit, or at http://www.cisco.com/support/bugtools.

---

Platform-Specific Documents

These documents are available for the Cisco 1000 series on CCO and the Documentation CD-ROM:

• Cisco 1000 Series Hardware Installation

• Cisco 1000 Series Configuration Notes

• Cisco 1003 and Cisco 1004 Public Network Certification

• Cisco 1003 and Cisco 1004 Series Router User Guide

• Cisco 1005 Public Network Certification

• Cisco 1005 User Guide

• Cisco 1020 Command Reference

• Cisco 1020 User Guide

• Cisco 1005 Public Network Certification

• Cisco 1003 and Cisco 1004 Public Network Certification

• Release Notes for Cisco 1000 Series Routers

On CCO at:

Service & Support: Documentation Home Page: Access Servers and Access Routers: Fixed Configuration Access Routers: Cisco 1000 Series Routers

On the Documentation CD-ROM at:

Cisco Product Documentation: Access Servers and Access Routers: Fixed Configuration Access Routers: Cisco 1000 Series Routers

Feature Modules

Feature modules describe new features supported by Release 11.3 T and are updates to the Cisco IOS documentation set. A feature module consists of a brief overview of the feature, benefits, configuration tasks, and a command reference. As updates, the feature modules are available online only. Feature module information is incorporated in the next printing of the Cisco IOS documentation set.

On CCO at:

Service & Support: Documentation Home Page: Cisco IOS Software Configuration: Cisco IOS Release 11.3: Cisco IOS 11.3 [AA, NA, T, XA] New Features

On the Documentation CD-ROM at:

Cisco Product Documentation: Cisco IOS Software Configuration: Cisco IOS Release 11.3: Cisco IOS 11.3 [AA, NA, T, XA] New Features

Cisco IOS Software Documentation Set

The Cisco IOS software documentation set consists of the Cisco IOS configuration guides, Cisco IOS command references, and several other supporting documents, which are shipped with your order in electronic form on the Documentation CD-ROM--unless you specifically ordered the printed versions.

Documentation Modules

Each module in the Cisco IOS documentation set consists of two books: a configuration guide and a corresponding command reference. Chapters in a configuration guide describe protocols, configuration tasks, Cisco IOS software functionality, and contain comprehensive configuration examples. Chapters in a command reference provide complete command syntax information. Use each configuration guide with its corresponding command reference.

On CCO and the Documentation CD-ROM, two master hot-linked documents provide information for the Cisco IOS software documentation set.

You can reach these documents on CCO at:

Service & Support: Documentation Home Page: Cisco IOS Software Configuration: Cisco IOS Release 11.3: Cisco IOS Release 11.3 Configuration Guides, Command References: Configuration Guide Master Index or Command Reference Master Index

Release 11.3 Documentation Set

Table 5 describes the contents of the Cisco IOS Release 11.3 software documentation set, which is available in electronic form and also in printed form upon request.

You can reach the Cisco IOS documentation set from CCO at:

Service & Support: Documentation Home Page: Cisco IOS Software Configuration: Cisco IOS Release 11.3

You can reach the Cisco IOS documentation set on the Documentation CD-ROM at:

Cisco Product Documentation: Cisco IOS Software Configuration: Cisco IOS Release 11.3

.
Table 5: Cisco IOS Software Release 11.3 Documentation Set

Books	Chapter Topics
Configuration Fundamentals Configuration Guide Configuration Fundamentals Command Reference	Configuration Fundamentals Overview Cisco IOS User Interfaces File Management Interface Configuration System Management
Network Protocols Configuration Guide, Part 1 Network Protocols Command Reference, Part 1	IP Addressing IP Services IP Routing Protocols
Network Protocols Configuration Guide, Part 2 Network Protocols Command Reference, Part 2	AppleTalk Novell IPX
Network Protocols Configuration Guide, Part 3 Network Protocols Command Reference, Part 3	Apollo Domain Banyan VINES DECnet ISO CLNS XNS
Wide-Area Networking Configuration Guide Wide-Area Networking Command Reference	Wide-Area Networking Overview ATM Frame Relay SMDS X.25 and LAPB
Security Configuration Guide Security Command Reference	AAA Security Services Security Server Protocols Traffic Filtering Network Data Encryption Passwords and Privileges Neighbor Router Authentication IP Security Options
Dial Solutions Configuration Guide Dial Solutions Command Reference	Business Applications and Scenarios Dial-In Port Setup Dial-In Terminal Services and Remote Note Configuration Dial Authentication Dial-on-Demand Routing (DDR) Dial Backup Dial-Out Modem Pooling Large-Scale Dial Solutions Dial-Related Addressing Services (NAT/Easy IP) Cost-Control Solutions Network Traffic over ISDN Channels X.25 over ISDN Virtual Private Dialup Networks
Cisco IOS Switching Services Configuration Guide Cisco IOS Switching Services Command Reference	Switching Paths for IP Networks NetFlow Switching Virtual LAN (VLAN) Routing LAN Emulation
Bridging and IBM Networking Configuration Guide Bridging and IBM Networking Command Reference	Transparent Bridging Source-Route Bridging Remote Source-Route Bridging DLSw+ STUN and BSTUN LLC2 and SDLC IBM Network Media Translation DSPU and SNA Service Point Support SNA Frame Relay Access Support APPN NCIA Client/Server Topologies IBM Channel Attach
Configuration Guide Master Index Command Reference Master Index

Service and Support

For service and support for a product purchased from a reseller, contact the reseller, who offers a wide variety of Cisco service and support programs described in "Service and Support" of Cisco Information Packet shipped with your product.

For service and support for a product purchased directly from Cisco, use CCO.

Software Configuration Tips on the Cisco Technical Assistance Center Home Page

If you have a CCO login account, you can access the following URL, which contains links and tips on configuring your Cisco products:

http://www.cisco.com/kobayashi/serv_tips.shtml

This URL is subject to change without notice. If it changes, point your Web browser to CCO  and click on this path: Products & Technologies: Products: Technical Tips.

The following sections are provided from the Technical Tips page:

• Configuration Cookbooks--Contains common configurations or recipes for configuring various access routes and dial technologies.

• Field Notices--Notifies you of any critical issues regarding Cisco products and includes problem descriptions, safety or security issues, and hardware defects.

• Frequently Asked Questions--Describes the most frequently asked technical questions about Cisco hardware and software.

• Hardware--Provides technical tips related to specific hardware platforms.

• Hot Tips--Describes popular tips and hints gathered from the Cisco Technical Assistance Center (TAC). Most of these documents are available from the TAC Fax-on-demand service. To reach Fax-on-demand and receive documents at your fax machine from the United States, call 888-50-CISCO (888-502-4726). From other areas, call 650-596-4408.

• Internetworking Features--Lists tips on using and deploying Cisco IOS software features and services.

• Sample Configurations--Provides actual configuration examples that are complete with topology and annotations.

• Software Products--Contains Cisco IOS Software Bulletins, Cisco TCP/IP Suite 100, General Cisco IOS, Internet/Intranet Applications and Software, Network Management, Network Protection Software Tips, and WAN Switching Products and Software.

• Special Collections--Lists other helpful documents, including Case Studies, References & Request for Comments (RFCs), and Security Advisories.

Cisco Connection Online

Cisco Connection Online (CCO) is Cisco Systems' primary, real-time support channel. Maintenance customers and partners can self-register on CCO to obtain additional information and services.

Available 24 hours a day, 7 days a week, CCO provides a wealth of standard and value-added services to Cisco's customers and business partners. CCO services include product information, product documentation, software updates, release notes, technical tips, the Bug Navigator, configuration notes, brochures, descriptions of service offerings, and download access to public and authorized files.

CCO serves a wide variety of users through two interfaces that are updated and enhanced simultaneously: a character-based version and a multimedia version that resides on the World Wide Web (WWW). The character-based CCO supports Zmodem, Kermit, Xmodem, FTP, and Internet e-mail, and it is excellent for quick access to information over lower bandwidths. The WWW version of CCO provides richly formatted documents with photographs, figures, graphics, and video, as well as hyperlinks to related information.

You can access CCO in the following ways:

• WWW:  http://www.cisco.com

• WWW:  http://www-europe.cisco.com

• WWW:  http://www-china.cisco.com

• Telnet:  cco.cisco.com

• Modem:  From North America, 408 526-8070; from Europe, 33 1 64 46 40 82. Use the following terminal settings: VT100 emulation; databits: 8; parity: none; stop bits: 1; and connection rates up to 28.8 kbps.

For a copy of CCO's Frequently Asked Questions (FAQ), contact cco-help@cisco.com. For additional information, contact cco-team@cisco.com.

Documentation CD-ROM

Cisco documentation and additional literature are available in a CD-ROM package, which ships with your product. The Documentation CD-ROM, a member of the Cisco Connection Family, is updated monthly. Therefore, it might be more current than printed documentation. To order additional copies of the Documentation CD-ROM, contact your local sales representative or call customer service. The CD-ROM package is available as a single package or as an annual subscription. You can also access Cisco documentation on the World Wide Web at http://www.cisco.com, http://www-china.cisco.com, or http://www-europe.cisco.com.

If you are reading Cisco product documentation on the World Wide Web, you can submit comments electronically. Click Feedback in the toolbar and select Documentation. After you complete the form, click Submit to send it to Cisco. We appreciate your comments.

Posted: Mon Aug 7 20:47:11 PDT 2000
Copyright 1989-2000©Cisco Systems Inc.