cc/td/doc/product/software/ios113ed/ios113p
hometocprevnextglossaryfeedbacksearchhelp
PDF

Table of Contents

Release Notes for the
Cisco 1600 Series Routers
for Cisco IOS Release 11.3 T

Release Notes for the
Cisco 1600 Series Routers
for Cisco IOS Release 11.3 T

July 26, 1999

These release notes for Cisco 1600 series support Cisco IOS Release 11.3 T, up to and including Release 11.3(11)T. These release notes are updated as needed to describe new features, memory requirements, hardware support, software platform deferrals, and changes to the microcode or modem code and related documents.

For a list of the software caveats that apply to Release 11.3(11)T, see the Caveats for Cisco IOS Release 11.3 T document that accompanies these release notes. The caveats document is updated for every maintenance release and is located on Cisco Connection Online (CCO) and the Documentation CD-ROM.

Use these release notes with the Cross-Platform Release Notes for Cisco IOS Release 11.3 T document on CCO and the Documentation CD-ROM.

Contents

These release notes discuss the following topics:

System Requirements

This section describes the system requirements for Release 11.3 T:

Memory Requirements

For Cisco routers to take advantage of the Release 11.3 features, you must upgrade the code or main system memory. Some platforms have specific chip or architecture requirements that affect what can be upgraded and in what increments.


Table 1: Memory Requirements for the Cisco 1600 Series
Platforms Feature Set Image Name Software Image Flash
Memory Required
DRAM
Memory Required
Runs from

Cisco 1601- Cisco 1604

IP Standard Feature Set

IP

c1600-y-l

6 MB Flash

2 MB DRAM

Flash

IP Plus

c1600-sy-l

6 MB Flash

4 MB DRAM

Flash

IP Plus 401

c1600-sy40-l

6 MB Flash

4 MB DRAM

Flash

IP Plus 562

c1600-sy56-l

6 MB Flash

4 MB DRAM

Flash

IP Plus IPSEC 562

c1600-sy56i-l

8 MB Flash

4 MB DRAM

Flash

IP/IPX Standard Feature Set

IP/IPX

c1600-ny-l

6 MB Flash

4 MB DRAM

Flash

IP/IPX Plus

c1600-nsy-l

6 MB Flash

4 MB DRAM

Flash

IP/IPX/AT/IBM

c1600-bnr2y-l

8 MB Flash

4 MB DRAM

Flash

IP/IPX/AT/IBM Plus

c1600-bnr2sy-l

8 MB Flash

6 MB DRAM

Flash

IP/IPX/AT/IBM
Plus 402

c1600-bnr2sy40-l

8 MB Flash

6 MB DRAM

Flash

IP/IPX/AT/IBM
Plus 562

c1600-bnr2sy56-l

8 MB Flash

6 MB DRAM

Flash

IP/IPX/AT/IBM
Plus IPSEC 562

c1600-bnr2sy56i-l

8 MB Flash

6 MB DRAM

Flash

IP/FW

c1600-oy-1

6 MB Flash

4 MB DRAM

Flash

IP/IPX/FW Plus

c1600-nosy-l

6 MB Flash

4 MB DRAM

Flash

IP/IPX/AT/IBM/FW Plus 562

c1600-bnor2sy56-l

82 MB Flash

6 MB DRAM

Flash

IP/IPX/AT/IBM/FW Plus IPSEC 562

c1600-bnor2sy56i-l

82 MB Flash

6 MB DRAM

Flash

Cisco 1605-R

IP Standard Feature Set

IP

c1600-y-mz

2 MB Flash

8 MB DRAM

RAM

IP Plus

c1600-sy-mz

4 MB Flash

10 MB DRAM

RAM

IP Plus 401

c1600-sy40-mz

4 MB Flash

10 MB DRAM

RAM

IP Plus 561

c1600-sy56-mz

4 MB Flash

10 MB DRAM

RAM

IP Plus IPSEC 561

c1600-sy56i-mz

4 MB Flash

10 MB DRAM

RAM

IP/IPX Standard Feature Set

IP/IPX

c1600-ny-mz

4 MB Flash

8 MB DRAM

RAM

IP/IPX Plus

c1600-nsy-mz

4 MB Flash

10 MB DRAM

RAM

IP/IPX/AT/IBM

c1600-bnr2y-mz

4 MB Flash

12 MB DRAM

RAM

IP/IPX/AT/IBM Plus

c1600-bnr2sy-mz

4 MB Flash

16 MB DRAM

RAM

IP/IPX/AT/IBM Plus 401

c1600-bnr2sy40-mz

4 MB Flash

16 MB DRAM

RAM

IP/IPX/AT/IBM Plus 561

c1600-bnr2sy56-mz

4 MB Flash

16 MB DRAM

RAM

IP/IPX/AT/IBM
Plus IPSEC 561

c1600-bnr2sy56i-mz

4 MB Flash

16 MB DRAM

RAM

IP/FW

c1600-oy-mz

4 MB Flash

8 MB DRAM

RAM

IP/IPX/FW Plus

c1600-nosy-mz

4 MB Flash

10 MB DRAM

RAM

IP/IPX/AT/IBM/FW Plus 561

c1600-bnor2sy56-mz

4 MB Flash

16 MB DRAM

RAM

IP/IPX/AT/IBM/FW Plus IPSEC 561

c1600-bnor2sy56i-mz

4 MB Flash

16 MB DRAM

RAM

1This image is not available in Releases 11.3(1)T and 11.3(2)T. It is available in Release 11.3(3)T and later 11.3 T releases.
212 MB in Releases 11.3(1)T through 11.3(9)T.

Hardware Supported

Cisco IOS Release 11.3 T supports the Cisco 1600 series:

For detailed descriptions of the new hardware features, see the "New and Changed Information" section

Table 1 lists the interfaces supported on the Cisco 1600 series. For more complete information, see the "Overview of the Router" chapter in the Cisco 1600 Series Hardware Installation Guide.


Table 1: Supported Interfaces for the Cisco 1600 Series 
Interface, Network Module, or Data Rate Platforms Supported

1 Ethernet port

Cisco 1601-1604

1 built-in WAN port

Cisco 1601-1604

1 WAN interface-card expansion slot

Cisco 1601-1604

1 built-in serial WAN port

Cisco 1601

1 onboard 56-kbps 4-wire DSU/CSU

Cisco 1602

1 ISDN BRI S/T port

Cisco 1603

ISDN BRI U interface with a built-in NT 1 device

Cisco 1601, Cisco 1602, Cisco 1605-R

2 Ethernet LAN interfaces

Cisco 1605-R

1 WAN interface card slot

Cisco 1605-R

1-port ISDN BRI with S/T interface

Cisco 1601, Cisco 1602, Cisco 1605-R

1-port synchronous/ asynchronous serial

Cisco 1600 series

1-port ISDN BRI with integrated NT1 and with a U interface

Cisco 1600 series

1-port ISDN Leased Line BRI S/T WAN interface

Cisco 1603, Cisco 1604

1-port 56/64kbps DSU/CSU WAN interface

Cisco 1600 series

1-port T1/Fractional T1 DSU/CSU WAN interface

Cisco 1600 series

Determining the Version of Your Software Release

To determine the version of Cisco IOS software running on your Cisco 1600 series router, log in to the router, and enter the show version user EXEC command:

router> show version
Cisco Internetwork Operating System Software 
IOS (tm) 1600 Software (C1600-NY-MZ), Version 11.3(11)T, RELEASE SOFTWARE

Upgrading to a New Software Release

For information about upgrading to a new software release, see the product bulletin Cisco IOS Software Release 11.3 Upgrade Paths and Packaging Simplification on CCO at:

Service & Support: Product Bulletins: Software

Under Cisco IOS 11.3, click Cisco IOS Software Release 11.3 Upgrade Paths (#703: 12/97)

This product bulletin does not contain information specific to Cisco IOS Release 11.3 T but provides generic upgrade information that may apply to Cisco IOS Release 11.3 T.

Feature Set Tables

The Cisco IOS software is packaged in feature sets consisting of software images--depending on the platform. Each feature set contains a specific set of Cisco IOS features.

Release 11.3 T supports the same feature sets as Release 11.3, but Release 11.3 T can include new features supported by the Cisco 1600 series.


Table 2: Feature Sets Supported by the Cisco 1600 Series
Feature Set Image Name Feature Set Matrix Term Software Images Platforms

IP Standard Feature Set

IP

Basic1

c1600-y-l

Cisco 1600 series

IP Plus

Plus2

c1600-sy-l

Cisco 1600 series

IP Plus 403

Plus 404

c1600-sy40-l

Cisco 1600 series

IP Plus 563

Plus 565

c1600-sy56-l

Cisco 1600 series

IP Plus IPSEC 563

Plus, IPSec 566

c1600-sy56i-l

Cisco 1600 series

IP/IPX Standard Feature Set

IP/IPX

Basic

c1600-ny-l

Cisco 1600 series

IP/IPX Plus

Plus

c1600-nsy-l

Cisco 1600 series

IP/IPX/AT/IBM

Basic

c1600-bnr2y-l

Cisco 1600 series

IP/IPX/AT/IBM Plus

Plus

c1600-bnr2sy-l

Cisco 1600 series

IP/IPX/AT/IBM Plus 403

Plus 40

c1600-bnr2sy40-l

Cisco 1600 series

IP/IPX/AT/IBM Plus 563

Plus 56

c1600-bnr2sy56-l

Cisco 1600 series

IP/IPX/AT/IBM Plus IPSEC 563

Plus, IPSec 56

c1600-bnr2sy56i-l

Cisco 1600 series

IP/FW

Basic

c1600-oy-1

Cisco 1600 series

IP/IPX/FW Plus

Plus

c1600-nosy-l

Cisco 1600 series

IP/IPX/AT/IBM/FW Plus 563

Plus 56

c1600-bnor2sy56-l

Cisco 1600 series

IP/IPX/AT/IBM/FW Plus IPSEC 563

Plus, IPSec 56

c1600-bnor2sy56i-l

Cisco 1600 series

1This feature set is offered in the basic feature set.
2This feature set is offered in the Plus feature set.
3This image is not available in Releases 11.3(1)T and 11.3(2)T. It is available in Release 11.3(3)T and later 11.3 T releases.
4
This feature set is offered in the encryption feature sets, which consist of 40-bit (Plus 40) data encryption feature sets.
5This feature set is offered in the encryption feature sets, which consist of 56-bit (Plus 56) data encryption feature sets.
6This feature set is offered in the encryption feature sets, which consist of IPSec 56-bit (Plus IPSec 56) data encryption feature sets.

Caution Cisco IOS images with strong encryption (including, but not limited to, 56-bit data encryption feature sets) are subject to United States government export controls and limited distribution. Images to be installed outside the United States require an export license. Customer orders may be denied or subject to delay because of United States government regulations. Contact your sales representative or distributor for more information, or send an e-mail to export@cisco.com.

Table 3 and Table 4 list the features and feature sets supported by the Cisco 1601-1604 in Cisco IOS Release 11.3 T, and Table 5 and Table 6 list the features and feature sets supported by the Cisco 1605-R in Cisco IOS Release 11.3 T. All the tables use the following conventions:


Note This feature set table only contains a selected list of features. This table is not cumulative-- nor does it list all the features in each image.


Table 3: Feature List by Feature Set for the Cisco 1601-1604 Routers, Part 1
Feature Set
 Feature IP IP
Plus
IP
Plus
401
IP
Plus
561
IP Plus IPSEC 562 IP/IPX IP/IPX
Plus
IP/IPX/
AT/IBM
IP/IPX/
AT/IBM
Plus
 IBM Support

APPN High Performance Routing

No

No

No

No

No

No

No

No

No

APPN MIB Enhancements

No

No

No

No

No

No

No

No

No

APPN over Ethernet LAN Emulation

No

No

No

No

No

No

No

No

No

APPN Scalability Enhancements

No

No

No

No

No

No

No

No

No

Bisync Enhancements, includes:

    • Bisync 3780 Support

    • BSC Extended Addressing

    • Block Serial Tunneling (BSTUN) over Frame Relay

No

No

No

No

Yes

No

No

Yes

Yes

Cisco MultiPath Channel (CMPC)

No

No

No

No

No

No

No

No

No

DLSw+ Enhancements, includes:

    • Backup Peer Extensions for Encapsulation Types

    • DLSw+ Border Peer Caching

    • DLSw+ MIB Enhancements

    • DLSw+ SNA Type of Service

    • LLC2-to-SDLC Conversion Between PU4 Devices

    • NetBIOS Dial-on-Demand Routing

    • UDP Unicast Enhancement

No

No

No

No

No

No

No

Yes

Yes

FRAS Enhancements, includes:

    • FRAS Boundary Network Node Enhancement

    • FRAS Dial Backup over DLSw+

    • FRAS DLCI Backup

    • FRAS Host

    • FRAS MIB

    • SRB over Frame Relay

No

No

No

No

No

No

No

Yes

Yes

RIF Passthru in DLSw+

No

No

No

No

No

No

No

Yes

Yes

SRB over FDDI on Cisco 4000, 4500, and 4700 Series Routers

No

No

No

No

No

No

No

No

No

TN3270 LU Nailing

No

No

No

No

No

No

No

No

No

TN3270 Server Enhancements

No

No

No

No

No

No

No

No

No

Token Ring LANE

No

No

No

No

No

No

No

No

No

Tunneling of Asynchronous Security Protocols

No

No

No

No

Yes

No

No

Yes

Yes

Internet

DRP Server Agent

No

No

No

No

No

No

No

No

No

 IP Routing

Easy IP (Phase 1)

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Hot Standby Router Protocol (HSRP) over ISL in Virtual LAN Configurations

No

No

No

No

No

No

No

No

No

IP Enhanced IGRP Route Authentication

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

IP Type of Service and Precedence for GRE Tunnels

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Network Address Translation (NAT)

No

Yes

Yes

Yes

Yes

No

Yes

No

Yes

TCP Enhancements, includes:

    • TCP Selective Acknowledgment

    • TCP Timestamp

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

 LAN Support

AppleTalk Access List Enhancements

No

No

No

No

Yes

No

No

No

Yes

DECnet Accounting

No

No

No

No

No

No

No

No

No

IPX Named Access Lists

No

No

No

No

Yes

Yes

Yes

Yes

Yes

IPX SAP-after-RIP

No

No

No

No

Yes

Yes

Yes

Yes

Yes

NLSP Enhancements

No

No

No

No

Yes

No

Yes

No

Yes

NLSP Multicast Support

No

No

No

No

Yes

No

Yes

No

Yes

 Management

Cisco Call History MIB Command Line Interface

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Cisco IOS Internationalization

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Entity MIB, Phase 1

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

SNMPv2C

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Virtual Profiles

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

VPDN MIB and Syslog Facility

No

Yes

Yes

Yes

Yes

No

Yes

No

Yes

 Multimedia

IP Multicast Load Splitting across Equal-Cost Paths

No

Yes

Yes

Yes

Yes

No

Yes

No

Yes

IP Multicast over ATM Point-to-Multipoint Virtual Connections

No

No

No

No

No

No

No

No

No

IP Multicast over Token Ring LANs

No

No

No

No

No

No

No

No

No

PIM Version 2

No

Yes

Yes

Yes

Yes

No

Yes

No

Yes

Stub IP Multicast Routing

No

Yes

Yes

Yes

Yes

No

Yes

No

Yes

Quality of Service

RTP Header Compression

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Security

Additional Vendor-Proprietary RADIUS Attributes

No

Yes

Yes

Yes

Yes

No

Yes

No

Yes

Certificate Authority Interoperability

No

No

No

No

Yes

No

No

No

No

Cisco IOS Firewall: Context-Based Access Control

No

No

No

No

No

No

No

No

No

Double Authentication

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Encrypted Kerberized Telnet

No

No

No

No

No

No

No

No

No

HTTP Security

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Internet Key Exchange Security Protocol

No

No

Yes

Yes

Yes

No

No

No

No

IPSec Network Security

No

No

Yes

Yes

Yes

No

No

No

No

Named Method Lists for AAA Authentication & Accounting

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Per-User Configuration

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Reflexive Access Lists

No

No

No

No

No

No

No

No

No

TCP Intercept

No

No

No

No

No

No

No

No

No

Vendor-Proprietary RADIUS Attributes

No

No

No

No

No

No

No

No

No

 Switching

AppleTalk Routing over ISL and IEEE 802.10 in Virtual LANs

No

No

No

No

No

No

No

No

No

CLNS and DECnet Fast Switching over PPP

No

No

No

No

No

No

No

No

No

DECnet/VINES/XNS over ISL, includes:

    • Banyan VINES Routing over ISL Virtual LANs

    • DECnet Routing over ISL Virtual LANs

    • XNS Routing over ISL Virtual LANs

No

No

No

No

No

No

No

No

No

Fast-Switched Policy Routing

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

IPX Routing over ISL Virtual LANs

No

No

No

No

No

No

No

No

No

VIP Distributed Switching Support for IP Encapsulated in ISL

No

No

No

No

No

No

No

No

No

 Terminal Services

Virtual Templates for Protocol Translation

No

No

No

No

No

No

No

No

No

 WAN Optimization

ATM MIB Enhancements

No

No

No

No

No

No

No

No

No

PAD Enhancements

No

No

No

No

No

No

No

No

No

PAD Subaddressing

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

 WAN Services

Always On/Dynamic ISDN (AO/DI)

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Bandwidth Allocation Control Protocol

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Dialer Watch

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Enhanced Local Management Interface (ELMI)

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Frame Relay Enhancements

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Frame Relay MIB Extensions

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Frame Relay Router ForeSight

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

ISDN Advice of Charge

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

ISDN Caller ID Callback

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

ISDN NFAS

No

No

No

No

No

No

No

No

No

Layer 2 Forwarding--Fast Switching

No

Yes

Yes

Yes

Yes

No

Yes

No

Yes

Leased Line ISDN at 128 kbps

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Microsoft Point-to-Point Compression

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

MS Callback

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

PPP over ATM

No

No

No

No

No

No

No

No

No

Stackable Home Gateway

No

Yes

Yes

Yes

Yes

No

Yes

No

Yes

Telnet Extensions for Dialout

No

No

No

No

No

No

No

No

No

X.25 Enhancements

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

X.25 on ISDN

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

X.25 Switching between PVCs and SVCs

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

X.28 Emulation

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

1This image is not available in Releases 11.3(1)T and 11.3(2)T. It is available in Release 11.3(3)T and later 11.3 T releases.
2
This image is available in Release 11.3(3)T and later releases.


Table 4: Feature List by Feature Set for the Cisco 1601-1604 Routers, Part 2
Feature Set
 Feature IP/IPX/
AT/IBM
Plus 401
IP/IPX/
AT/IBM
Plus 561
IP/IPX/AT/IBM
Plus
IPSEC
562
IP/FW IP/
IPX/
FW Plus2
IP/
IPX/
AT/IBM/
FW
Plus 562
IP/IPX/
AT/IBM/
FW Plus
IPSEC 562
 IBM Support

APPN High Performance Routing

No

No

No

No

No

No

No

APPN MIB Enhancements

No

No

No

No

No

No

No

APPN over Ethernet LAN Emulation

No

No

No

No

No

No

No

APPN Scalability Enhancements

No

No

No

No

No

No

No

Bisync Enhancements, includes:

    • Bisync 3780 Support

    • BSC Extended Addressing

    • Block Serial Tunneling (BSTUN) over Frame Relay

Yes

Yes

Yes

No

No

Yes

Yes

Cisco MultiPath Channel (CMPC)

No

No

No

No

No

No

No

DLSw+ Enhancements, includes:

    • Backup Peer Extensions for Encapsulation Types

    • DLSw+ Border Peer Caching

    • DLSw+ MIB Enhancements

    • DLSw+ SNA Type of Service

    • LLC2-to-SDLC Conversion Between PU4 Devices

    • NetBIOS Dial-on-Demand Routing

    • UDP Unicast Enhancement

Yes

Yes

Yes

No

No

Yes

Yes

FRAS Enhancements, includes:

    • FRAS Boundary Network Node Enhancement

    • FRAS Dial Backup over DLSw+

    • FRAS DLCI Backup

    • FRAS Host

    • FRAS MIB

    • SRB over Frame Relay

Yes

Yes

Yes

No

No

Yes

Yes

RIF Passthru in DLSw+

Yes

Yes

Yes

No

No

Yes

Yes

SRB over FDDI on Cisco 4000, 4500, and 4700 Series Routers

No

No

No

No

No

No

No

TN3270 LU Nailing

No

No

No

No

No

No

No

TN3270 Server Enhancements

No

No

No

No

No

No

No

Token Ring LANE

No

No

No

No

No

No

No

Tunneling of Asynchronous Security Protocols

Yes

Yes

Yes

No

No

Yes

Yes

Internet

DRP Server Agent

No

No

No

No

No

No

No

 IP Routing

Easy IP (Phase 1)

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Hot Standby Router Protocol (HSRP) over ISL in Virtual LAN Configurations

No

No

No

No

No

No

No

IP Enhanced IGRP Route Authentication

Yes

Yes

Yes

Yes

Yes

Yes

Yes

IP Type of Service and Precedence for GRE Tunnels

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Network Address Translation (NAT)

Yes

Yes

Yes

Yes

Yes

Yes

Yes

TCP Enhancements, includes:

    • TCP Selective Acknowledgment

    • TCP Timestamp

Yes

Yes

Yes

Yes

Yes

Yes

Yes

 LAN Support

AppleTalk Access List Enhancements

Yes

Yes

Yes

No

No

Yes

Yes

DECnet Accounting

No

No

No

No

No

No

No

IPX Named Access Lists

Yes

Yes

Yes

No

Yes

Yes

Yes

IPX SAP-after-RIP

Yes

Yes

Yes

No

Yes

Yes

Yes

NLSP Enhancements

Yes

Yes

Yes

No

Yes

Yes

Yes

NLSP Multicast Support

Yes

Yes

Yes

No

Yes

Yes

Yes

 Management

Cisco Call History MIB Command Line Interface

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Cisco IOS Internationalization

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Entity MIB, Phase 1

Yes

Yes

Yes

Yes

Yes

Yes

Yes

SNMPv2C

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Virtual Profiles

Yes

Yes

Yes

Yes

Yes

Yes

Yes

VPDN MIB and Syslog Facility

Yes

Yes

Yes

No

Yes

Yes

Yes

 Multimedia

IP Multicast Load Splitting across Equal-Cost Paths

Yes

Yes

Yes

No

Yes

Yes

Yes

IP Multicast over ATM Point-to-Multipoint Virtual Connections

No

No

No

No

No

No

No

IP Multicast over Token Ring LANs

No

No

No

No

No

No

No

PIM Version 2

Yes

Yes

Yes

No

Yes

Yes

Yes

Stub IP Multicast Routing

Yes

Yes

Yes

No

Yes

Yes

Yes

Quality of Service

RTP Header Compression

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Security

Additional Vendor-Proprietary RADIUS Attributes

Yes

Yes

Yes

No

Yes

Yes

Yes

Certificate Authority Interoperability

No

No

Yes

No

No

No

Yes

Cisco IOS Firewall: Context-Based Access Control

No

No

No

Yes

Yes

Yes

Yes

Double Authentication

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Encrypted Kerberized Telnet

No

No

No

No

No

No

No

HTTP Security

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Internet Key Exchange Security Protocol

Yes

Yes

Yes

No

No

Yes

Yes

IPSec Network Security

Yes

Yes

Yes

No

No

Yes

Yes

Named Method Lists for AAA Authentication & Accounting

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Per-User Configuration

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Reflexive Access Lists

No

No

No

No

No

No

No

TCP Intercept

No

No

No

No

No

No

No

Vendor-Proprietary RADIUS Attributes

No

No

No

No

No

No

No

 Switching

AppleTalk Routing over ISL and IEEE 802.10 in Virtual LANs

No

No

No

No

No

No

No

CLNS and DECnet Fast Switching over PPP

No

No

No

No

No

No

No

DECnet/VINES/XNS over ISL, includes:

    • Banyan VINES Routing over ISL Virtual LANs

    • DECnet Routing over ISL Virtual LANs

    • XNS Routing over ISL Virtual LANs

No

No

No

No

No

No

No

Fast-Switched Policy Routing

Yes

Yes

Yes

Yes

Yes

Yes

Yes

IPX Routing over ISL Virtual LANs

No

No

No

No

No

No

No

VIP Distributed Switching Support for IP Encapsulated in ISL

No

No

No

No

No

No

No

 Terminal Services

Virtual Templates for Protocol Translation

No

No

No

No

No

No

No

 WAN Optimization

ATM MIB Enhancements

No

No

No

No

No

No

No

PAD Enhancements

No

No

No

No

No

No

No

PAD Subaddressing

Yes

Yes

Yes

Yes

Yes

Yes

Yes

 WAN Services

Always On/Dynamic ISDN (AO/DI)

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Bandwidth Allocation Control Protocol

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Dialer Watch

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Enhanced Local Management Interface (ELMI)

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Frame Relay Enhancements

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Frame Relay MIB Extensions

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Frame Relay Router ForeSight

Yes

Yes

Yes

Yes

Yes

Yes

Yes

ISDN Advice of Charge

Yes

Yes

Yes

Yes

Yes

Yes

Yes

ISDN Caller ID Callback

Yes

Yes

Yes

Yes

Yes

Yes

Yes

ISDN NFAS

No

No

No

No

No

No

No

Layer 2 Forwarding--Fast Switching

Yes

Yes

Yes

No

Yes

Yes

Yes

Leased Line ISDN at 128 kbps

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Microsoft Point-to-Point Compression

Yes

Yes

Yes

Yes

Yes

Yes

Yes

MS Callback

Yes

Yes

Yes

Yes

Yes

Yes

Yes

PPP over ATM

No

No

No

No

No

No

No

Stackable Home Gateway

Yes

Yes

Yes

No

Yes

Yes

Yes

Telnet Extensions for Dialout

No

No

No

No

No

No

No

X.25 Enhancements

Yes

Yes

Yes

Yes

Yes

Yes

Yes

X.25 on ISDN

Yes

Yes

Yes

Yes

Yes

Yes

Yes

X.25 Switching between PVCs and SVCs

Yes

Yes

Yes

Yes

Yes

Yes

Yes

X.28 Emulation

Yes

Yes

Yes

Yes

Yes

Yes

Yes

1This image is not available in Releases 11.3(1)T and 11.3(2)T. It is available in Release 11.3(3)T and later 11.3 T releases.
2
This image is available in Release 11.3(3)T and later releases.


Table 5: Feature List by Feature Set for the Cisco 1605-R Routers, Part 1
Feature Set
 Feature IP IP
Plus
IP
Plus
401
IP
Plus
561
IP Plus IPSEC 562 IP/IPX IP/IPX
Plus
IP/IPX/
AT/IBM
IP/IPX/
AT/IBM
Plus
 IBM Support

APPN High Performance Routing

No

No

No

No

No

No

No

No

No

APPN MIB Enhancements

No

No

No

No

No

No

No

No

No

APPN over Ethernet LAN Emulation

No

No

No

No

No

No

No

No

No

APPN Scalability Enhancements

No

No

No

No

No

No

No

No

No

Bisync Enhancements, includes:

    • Bisync 3780 Support

    • BSC Extended Addressing

    • Block Serial Tunneling (BSTUN) over Frame Relay

No

No

No

No

Yes

No

No

Yes

Yes

Cisco MultiPath Channel (CMPC)

No

No

No

No

No

No

No

No

No

DLSw+ Enhancements, includes:

    • Backup Peer Extensions for Encapsulation Types

    • DLSw+ Border Peer Caching

    • DLSw+ MIB Enhancements

    • DLSw+ SNA Type of Service

    • LLC2-to-SDLC Conversion Between PU4 Devices

    • NetBIOS Dial-on-Demand Routing

    • UDP Unicast Enhancement

No

No

No

No

Yes

No

No

Yes

Yes

FRAS Enhancements, includes:

    • FRAS Boundary Network Node Enhancement

    • FRAS Dial Backup over DLSw+

    • FRAS DLCI Backup

    • FRAS Host

    • FRAS MIB

    • SRB over Frame Relay

No

No

No

No

Yes

No

No

Yes

Yes

RIF Passthru in DLSw+

No

No

No

No

No

No

No

Yes

Yes

SRB over FDDI on Cisco 4000, 4500, and 4700 Series Routers

No

No

No

No

No

No

No

No

No

TN3270 LU Nailing

No

No

No

No

No

No

No

No

No

TN3270 Server Enhancements

No

No

No

No

No

No

No

No

No

Token Ring LANE

No

No

No

No

No

No

No

No

No

Tunneling of Asynchronous Security Protocols

No

No

No

No

Yes

No

No

Yes

Yes

Internet

DRP Server Agent

No

No

No

No

No

No

No

No

No

 IP Routing

Easy IP (Phase 1)

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Hot Standby Router Protocol (HSRP) over ISL in Virtual LAN Configurations

No

No

No

No

No

No

No

No

No

IP Enhanced IGRP Route Authentication

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

IP Type of Service and Precedence for GRE Tunnels

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Network Address Translation (NAT)

No

Yes

Yes

Yes

Yes

No

Yes

No

Yes

TCP Enhancements, includes:

    • TCP Selective Acknowledgment

    • TCP Timestamp

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

 LAN Support

AppleTalk Access List Enhancements

No

No

No

No

Yes

No

No

No

Yes

DECnet Accounting

No

No

No

No

No

No

No

No

No

IPX Named Access Lists

No

No

No

No

Yes

Yes

Yes

Yes

Yes

IPX SAP-after-RIP

No

No

No

No

Yes

Yes

Yes

Yes

Yes

NLSP Enhancements

No

No

No

No

Yes

No

Yes

No

Yes

NLSP Multicast Support

No

No

No

No

Yes

No

Yes

No

Yes

 Management

Cisco Call History MIB Command Line Interface

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Cisco IOS Internationalization

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Entity MIB, Phase 1

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

SNMPv2C

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Virtual Profiles

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

VPDN MIB and Syslog Facility

No

Yes

Yes

Yes

Yes

No

Yes

No

Yes

 Multimedia

IP Multicast Load Splitting across Equal-Cost Paths

No

Yes

Yes

Yes

Yes

No

Yes

No

Yes

IP Multicast over ATM Point-to-Multipoint Virtual Connections

No

No

No

No

No

No

No

No

No

IP Multicast over Token Ring LANs

No

No

No

No

No

No

No

No

No

PIM Version 2

No

Yes

Yes

Yes

Yes

No

Yes

No

Yes

Stub IP Multicast Routing

No

Yes

Yes

Yes

Yes

No

Yes

No

Yes

Quality of Service

RTP Header Compression

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Security

Additional Vendor-Proprietary RADIUS Attributes

No

Yes

Yes

Yes

Yes

No

Yes

No

Yes

Cisco IOS Firewall: Context-Based Access Control

No

No

No

No

No

No

No

No

No

Certificate Authority Interoperability

No

No

No

No

Yes

No

No

No

No

Double Authentication

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Encrypted Kerberized Telnet

No

No

No

No

No

No

No

No

No

HTTP Security

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Internet Key Exchange Security Protocol

No

No

Yes

Yes

Yes

No

No

No

No

IPSec Network Security

No

No

Yes

Yes

Yes

No

No

No

No

Named Method Lists for AAA Authentication & Accounting

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Per-User Configuration

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Reflexive Access Lists

No

No

No

No

No

No

No

No

No

TCP Intercept

No

No

No

No

No

No

No

No

No

Vendor-Proprietary RADIUS Attributes

No

No

No

No

No

No

No

No

No

 Switching

AppleTalk Routing over ISL and IEEE 802.10 in Virtual LANs

No

No

No

No

No

No

No

No

No

CLNS and DECnet Fast Switching over PPP

No

No

No

No

No

No

No

No

No

DECnet/VINES/XNS over ISL, includes:

    • Banyan VINES Routing over ISL Virtual LANs

    • DECnet Routing over ISL Virtual LANs

    • XNS Routing over ISL Virtual LANs

No

No

No

No

No

No

No

No

No

Fast-Switched Policy Routing

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

IPX Routing over ISL Virtual LANs

No

No

No

No

No

No

No

No

No

VIP Distributed Switching Support for IP Encapsulated in ISL

No

No

No

No

No

No

No

No

No

 Terminal Services

Virtual Templates for Protocol Translation

No

No

No

No

No

No

No

No

No

 WAN Optimization

ATM MIB Enhancements

No

No

No

No

No

No

No

No

No

PAD Enhancements

No

No

No

No

No

No

No

No

No

PAD Subaddressing

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

 WAN Services

Always On/Dynamic ISDN (AO/DI)

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Bandwidth Allocation Control Protocol

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Dialer Watch

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Enhanced Local Management Interface (ELMI)

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Frame Relay Enhancements

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Frame Relay MIB Extensions

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Frame Relay Router ForeSight

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

ISDN Advice of Charge

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

ISDN Caller ID Callback

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

ISDN NFAS

No

No

No

No

No

No

No

No

No

Layer 2 Forwarding--Fast Switching

No

Yes

Yes

Yes

Yes

No

Yes

No

Yes

Leased Line ISDN at 128 kbps

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Microsoft Point-to-Point Compression

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

MS Callback

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

PPP over ATM

No

No

No

No

No

No

No

No

No

Stackable Home Gateway

No

Yes

Yes

Yes

Yes

No

Yes

No

Yes

Telnet Extensions for Dialout

No

No

No

No

No

No

No

No

No

X.25 Enhancements

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

X.25 on ISDN

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

X.25 Switching between PVCs and SVCs

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

X.28 Emulation

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

1This image is not available in Releases 11.3(1)T and 11.3(2)T. It is available in Release 11.3(3)T and later 11.3 T releases.
2This image is available in Release 11.3(3)T and later releases.


Table 6: Feature List by Feature Set for the Cisco 1605-R Routers, Part 2
Feature Set
 Feature IP/IPX/
AT/IBM
Plus 401
IP/IPX/
AT/IBM
Plus 561
IP/IPX/AT/IBM
Plus
IPSEC
562
IP/FW2 IP/
IPX/
FW Plus2
IP/
IPX/
AT/IBM/
FW
Plus 562
IP/IPX/
AT/IBM/
FW Plus
IPSEC 562
 IBM Support

APPN High Performance Routing

No

No

No

No

No

No

No

APPN MIB Enhancements

No

No

No

No

No

No

No

APPN over Ethernet LAN Emulation

No

No

No

No

No

No

No

APPN Scalability Enhancements

No

No

No

No

No

No

No

Bisync Enhancements, includes:

    • Bisync 3780 Support

    • BSC Extended Addressing

    • Block Serial Tunneling (BSTUN) over Frame Relay

Yes

Yes

Yes

No

No

Yes

Yes

Cisco MultiPath Channel (CMPC)

No

No

No

No

No

No

No

DLSw+ Enhancements, includes:

    • Backup Peer Extensions for Encapsulation Types

    • DLSw+ Border Peer Caching

    • DLSw+ MIB Enhancements

    • DLSw+ SNA Type of Service

    • LLC2-to-SDLC Conversion Between PU4 Devices

    • NetBIOS Dial-on-Demand Routing

    • UDP Unicast Enhancement

Yes

Yes

Yes

No

No

Yes

Yes

FRAS Enhancements, includes:

    • FRAS Boundary Network Node Enhancement

    • FRAS Dial Backup over DLSw+

    • FRAS DLCI Backup

    • FRAS Host

    • FRAS MIB

    • SRB over Frame Relay

Yes

Yes

Yes

No

No

Yes

Yes

RIF Passthru in DLSw+

Yes

Yes

Yes

No

No

Yes

Yes

SRB over FDDI on Cisco 4000, 4500, and 4700 Series Routers

No

No

No

No

No

No

No

TN3270 LU Nailing

No

No

No

No

No

No

No

TN3270 Server Enhancements

No

No

No

No

No

No

No

Token Ring LANE

No

No

No

No

No

No

No

Tunneling of Asynchronous Security Protocols

Yes

Yes

Yes

No

No

Yes

Yes

Internet

DRP Server Agent

No

No

No

No

No

No

No

 IP Routing

Easy IP (Phase 1)

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Hot Standby Router Protocol (HSRP) over ISL in Virtual LAN Configurations

No

No

No

No

No

No

No

IP Enhanced IGRP Route Authentication

Yes

Yes

Yes

Yes

Yes

Yes

Yes

IP Type of Service and Precedence for GRE Tunnels

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Network Address Translation (NAT)

Yes

Yes

Yes

Yes

Yes

Yes

Yes

TCP Enhancements, includes:

    • TCP Selective Acknowledgment

    • TCP Timestamp

Yes

Yes

Yes

Yes

Yes

Yes

Yes

 LAN Support

AppleTalk Access List Enhancements

Yes

Yes

Yes

No

No

Yes

Yes

DECnet Accounting

No

No

No

No

No

No

No

IPX Named Access Lists

Yes

Yes

Yes

No

Yes

Yes

Yes

IPX SAP-after-RIP

Yes

Yes

Yes

No

Yes

Yes

Yes

NLSP Enhancements

Yes

Yes

Yes

No

Yes

Yes

Yes

NLSP Multicast Support

Yes

Yes

Yes

No

Yes

Yes

Yes

 Management

Cisco Call History MIB Command Line Interface

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Cisco IOS Internationalization

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Entity MIB, Phase 1

Yes

Yes

Yes

Yes

Yes

Yes

Yes

SNMPv2C

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Virtual Profiles

Yes

Yes

Yes

Yes

Yes

Yes

Yes

VPDN MIB and Syslog Facility

Yes

Yes

Yes

No

Yes

Yes

Yes

 Multimedia

IP Multicast Load Splitting across Equal-Cost Paths

Yes

Yes

Yes

No

Yes

Yes

Yes

IP Multicast over ATM Point-to-Multipoint Virtual Connections

No

No

No

No

No

No

No

IP Multicast over Token Ring LANs

No

No

No

No

No

No

No

PIM Version 2

Yes

Yes

Yes

No

Yes

Yes

Yes

Stub IP Multicast Routing

Yes

Yes

Yes

No

Yes

Yes

Yes

Quality of Service

RTP Header Compression

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Security

Additional Vendor-Proprietary RADIUS Attributes

Yes

Yes

Yes

No

Yes

Yes

Yes

Cisco IOS Firewall: Context-Based Access Control

No

No

No

Yes

Yes

Yes

Yes

Certificate Authority Interoperability

No

No

Yes

No

No

No

Yes

Double Authentication

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Encrypted Kerberized Telnet

No

No

No

No

No

No

No

HTTP Security

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Internet Key Exchange Security Protocol

Yes

Yes

Yes

No

No

Yes

Yes

IPSec Network Security

Yes

Yes

Yes

No

No

Yes

Yes

Named Method Lists for AAA Authentication & Accounting

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Per-User Configuration

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Reflexive Access Lists

No

No

No

No

No

No

No

TCP Intercept

No

No

No

No

No

No

No

Vendor-Proprietary RADIUS Attributes

No

No

No

No

No

No

No

 Switching

AppleTalk Routing over ISL and IEEE 802.10 in Virtual LANs

No

No

No

No

No

No

No

CLNS and DECnet Fast Switching over PPP

No

No

No

No

No

No

No

DECnet/VINES/XNS over ISL, includes:

    • Banyan VINES Routing over ISL Virtual LANs

    • DECnet Routing over ISL Virtual LANs

    • XNS Routing over ISL Virtual LANs

No

No

No

No

No

No

No

Fast-Switched Policy Routing

Yes

Yes

Yes

Yes

Yes

Yes

Yes

IPX Routing over ISL Virtual LANs

No

No

No

No

No

No

No

VIP Distributed Switching Support for IP Encapsulated in ISL

No

No

No

No

No

No

No

 Terminal Services

Virtual Templates for Protocol Translation

No

No

No

No

No

No

No

 WAN Optimization

ATM MIB Enhancements

No

No

No

No

No

No

No

PAD Enhancements

No

No

No

No

No

No

No

PAD Subaddressing

Yes

Yes

Yes

Yes

Yes

Yes

Yes

 WAN Services

Always On/Dynamic ISDN (AO/DI)

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Bandwidth Allocation Control Protocol

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Dialer Watch

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Enhanced Local Management Interface (ELMI)

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Frame Relay Enhancements

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Frame Relay MIB Extensions

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Frame Relay Router ForeSight

Yes

Yes

Yes

Yes

Yes

Yes

Yes

ISDN Advice of Charge

Yes

Yes

Yes

Yes

Yes

Yes

Yes

ISDN Caller ID Callback

Yes

Yes

Yes

Yes

Yes

Yes

Yes

ISDN NFAS

No

No

No

No

No

No

No

Layer 2 Forwarding--Fast Switching

Yes

Yes

Yes

No

Yes

Yes

Yes

Leased Line ISDN at 128 kbps

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Microsoft Point-to-Point Compression

Yes

Yes

Yes

Yes

Yes

Yes

Yes

MS Callback

Yes

Yes

Yes

Yes

Yes

Yes

Yes

PPP over ATM

No

No

No

No

No

No

No

Stackable Home Gateway

Yes

Yes

Yes

No

Yes

Yes

Yes

Telnet Extensions for Dialout

No

No

No

No

No

No

No

X.25 Enhancements

Yes

Yes

Yes

Yes

Yes

Yes

Yes

X.25 on ISDN

Yes

Yes

Yes

Yes

Yes

Yes

Yes

X.25 Switching between PVCs and SVCs

Yes

Yes

Yes

Yes

Yes

Yes

Yes

X.28 Emulation

Yes

Yes

Yes

Yes

Yes

Yes

Yes

1This image is not available in Releases 11.3(1)T and 11.3(2)T. It is available in Release 11.3(3)T and later 11.3 T releases.
2This image is available in Release 11.3(3)T and later releases.

New and Changed Information

The following sections list the new features supported by the Cisco 1600 series routers for Cisco IOS Release 11.3 T.

No New Software Features in Release 11.3(5)T through 11.3(11)T

There are no new software features supported by the Cisco 1600 series in Cisco IOS Release 11.3(5)T through 11.3(11)T.

New Software Features in Release 11.3(4)T

The following new software feature is supported by the Cisco 1600 series in Release 11.3(4)T and later 11.3 T releases.

IP Type of Service and Precedence for GRE Tunnels

For more information about configuring the following new features, from CCO select Service & Support, go to Documentation Home Page, click Cisco IOS Software Configuration, click Cisco IOS Release 11.3, select Cisco IOS 11.3 T New Features, and then click 11.3(4)T New Features. This information is also available on the Documentation CD-ROM.

Prior to the IP Type of Service and Precedence for GRE Tunnels feature, at generic route encapsulation-based tunnel endpoints, the Type of Service (TOS) bits (including precedence bits) were not copied to the tunnel or GRE IP header that encapsulates the inner packet. Instead, those bits were set to zero. This was not a problem unless the intermediate routers between two tunnel endpoints honored TOS or precedence bits, in which case those settings were ignored.

With the advent of virtual private network (VPN) and QoS applications, it is desirable to copy the TOS bits when the router encapsulates the packets using GRE. Thus, intermediate routers between tunnel endpoints can take advantage of the QoS features such as weighted fair queuing (WFQ) and weighted random early detection (WRED).

New Hardware Features in Release 11.3(3)T

The following new hardware features are supported by the Cisco 1600 series in Release 11.3(3)T and later 11.3 T releases.

Cisco 1605-R Router

The Cisco 1605-R router was added to the Cisco 1600 series in this release, and can connect two Ethernet LANs to the Internet. The router has a WAN interface card slot and support for multiple WAN technologies. Cisco 1605-R router features include the following:

Cisco DSU/CSU 56/64-kbps Interface Card

The 1-port 56/64-kbps WAN interface card includes an integral DSU/CSU and can be configured to provide circuit-switched, dedicated, or leased-line service at 56 kbps. This card also supports 64-kbps dedicated lines.

Cisco T1 DSU/CSU WAN Interface Card

The Cisco T1 data service unit/channel service unit (DSU/CSU) WAN interface card is an integrated, managed T1, or fractional T1 WAN interface card. It provides nonchannelized data rates of 1 to 24 X 64 kbps or 1 to 24 X 56 kbps and follows ANSI T1.403 and AT&T Publication 62411 standards.

The Cisco T1 DSU/CSU WAN interface management features include the following:

New Software Features in Release 11.3(3)T

The following new software features are supported by the Cisco 1600 series in Release 11.3(3)T and later 11.3 T releases.

Additional Vendor-Proprietary RADIUS Attributes

Remote Authentication Dial-In User Server (RADIUS) is an access server authentication, authorization, and accounting protocol originally developed by Livingston, Inc. Although an Internet Engineering Task Force (IETF) draft standard for RADIUS specifies a method for communicating vendor-proprietary information between the network access server and the RADIUS server, some vendors have extended the RADIUS attribute set in a unique way.

In this release, Cisco IOS software introduces support for additional vendor-proprietary RADIUS attributes. For a complete list of supported IETF and vendor-proprietary RADIUS attributes, refer to the "RADIUS Attributes" appendix in the Cisco IOS Release 11.3 Security Configuration Guide.

Always On/Dynamic ISDN (AO/DI)

Always On/Dynamic ISDN (AO/DI) is an on-demand service that optimizes the use of an existing Integrated Services Digital Network (ISDN) signaling channel (D channel) to transport X.25 traffic. The X.25 D-channel call is placed from the subscriber to the packet data service provider. Multilink and TCP/IP protocols are encapsulated within the X.25 logical circuit carried by the D channel. The bearer channels (B channels) use the Multilink protocol without the standard Q.922 and X.25 encapsulations and invoke additional bandwidth as needed. AO/DI takes full advantage of existing packet handlers at the central office by using an existing D channel to transport the X.25 traffic.

The link associated with the X.25 D-channel packet connection is used as the primary link of the Multilink protocol. The D channel is a connectionless, packet-oriented link between the Customer Premise Equipment (CPE) and the central office. Because the D channel is always available, it is possible to offer "always available" services. On-demand functionality is achieved by using the B channels to temporarily boost data throughput and disconnecting them after use.

Certificate Authority Interoperability

Certificate Authority (CA) interoperability is provided in support of the IP Security (IPSec) standard. CA interoperability permits Cisco IOS devices and CA devices to communicate so that your Cisco IOS device can obtain and use digital certificates from the CA. Although IPSec can be implemented in your network without the use of a CA, using a CA provides manageability and scalability for IPSec. For background and configuration information for IPSec, see the "IPSec Network Security" feature documentation.

The Cisco IOS Firewall Feature Set: Context-Based Access Control

The Cisco IOS Firewall feature set combines existing Cisco IOS firewall technology and the new context-based access control feature to provide an effective, robust firewall.

The Cisco IOS Firewall feature set is designed to prevent unauthorized, external individuals from gaining access to your internal network and to block attacks on your network, while at the same time allowing authorized users to access network resources.

You can use the Cisco IOS Firewall feature set to configure your Cisco IOS device as:

The Cisco IOS Firewall feature set provides the following capabilities:

Context-based access control (CBAC) is a new feature which provides intelligent filtering of packets through the firewall. CBAC creates temporary openings in the firewall to permit packets that are part of a permissible session. (These packets are normally blocked at the firewall.) A permissible session is one that originates from within your protected internal network.

Internet Key Exchange Security Protocol

Internet Key Exchange Security Protocol (ISAKMP/Oakley) is a key management protocol, used in conjunction with the IPSec standard. IPSec is an IP security feature that provides robust authentication and encryption of IP packets. IPSec can be configured without ISAKMP/Oakley, but ISAKMP/Oakley enhances IPSec by providing additional features, flexibility, and ease of configuration for the IPSec standard. ISAKMP/Oakley is a hybrid protocol that implements the Oakley key exchange inside the ISAKMP framework.

IPSec Network Security

IPSec Network Security (IPSec) is a framework of open standards developed by the Internet Engineering Task Force (IETF). IPSec provides security for transmission of sensitive information over unprotected networks such as the Internet. IPSec acts at the network layer, protecting and authenticating IP packets between participating IPSec devices ("peers") such as Cisco routers.

IPSec provides the following network security services:

With IPSec, data can be transmitted across a public network without fear of observation, modification, or spoofing. This enables applications such as virtual private networks (VPNs), extranets, and remote user access.

IPSec services are similar to those provided by Cisco Encryption Technology, a proprietary security solution introduced in Release 11.2. (The IPSec standard was not yet available at Release 11.2.) However, IPSec provides a more robust security solution and is standards-based.

Microsoft Point-to-Point Compression

Microsoft Point-to-Point Compression (MPPC) compresses Point-to-Point Protocol (PPP) packets between Cisco and Microsoft client devices. The MPPC algorithm is designed to optimize processor and bandwidth utilization in order to support multiple simultaneous connections. The MPPC algorithm uses a Lempel-Ziv (LZ) based algorithm with a continuous history buffer called a dictionary.

Named Method Lists for AAA

In earlier Cisco IOS releases, only named authentication method lists were supported under Cisco authentication, authorization, and accounting (AAA) network security services. Release 11.3(3)T extends AAA to support both authorization and accounting named method lists. Named method lists for authorization and accounting function the same way as those for authentication; you can define different methods for authorization and accounting and apply those methods on a per-interface or per-line basis.

Network Address Translation

Network Address Translation (NAT) provides a mechanism for a privately addressed network to access registered networks, such as the Internet, without requiring a registered subnet address. This eliminates the need for host renumbering and allows the same IP address range to be used in multiple intranets.

With NAT, the privately addressed network (designated as "inside") continues to use its existing private or obsolete addresses. These addresses are converted into legal addresses before packets are forwarded onto the registered network (designated as "outside"). The translation function is compatible with standard routing; the feature is required only on the router connecting the inside network to the outside domain.

Translations can be static or dynamic. A static address translation establishes a one-to-one mapping between the inside network and the outside domain. Dynamic address translations are defined by describing the local addresses to be translated and the pool of addresses from which to allocate outside addresses. Allocation is done in numeric order and multiple pools of contiguous address blocks can be defined, providing the following benefits:

Because the addressing scheme on the inside network might conflict with registered addresses already assigned within the Internet, NAT can support a separate address pool for overlapping networks and translate as appropriate. Applications that use raw IP addresses as a part of their protocol exchanges are incompatible with NAT. Typically, these are less common applications that do not use fully qualified domain names.

NFAS with D Channel Back Up

The DMS100 and NI2 switch types have been added to the existing non-facility associated signaling (NFAS) with D Channel Backup feature. ISDN NFAS allows a single D channel to control multiple PRI interfaces. A backup D channel can be configured for use when the primary NFAS D channel fails. When the channelized T1 controllers are configured for ISDN PRI, only the NFAS primary D channel must be configured; its configuration is distributed to all the members of the associated NFAS group.

Use of a single D channel to control multiple PRI interfaces can free one B channel on each interface to carry other traffic. Any hard failure causes a switchover to the backup D channel, and currently connected calls remain connected.

RIF Passthru in DLSw+

By default, DLSw+ terminates the RIF for Token Ring, terminates the LLC for all media types, and forwards only data across a WAN with DLSw+ and TCP/IP headers. The RIF is a field in source-route bridged frames that indicates the SRB path the frame should take when traversing a Token Ring network. In the case of an explorer packet, the RIF is a field of the source-route bridged frame that indicates the SRB path that the SRB explorer has traversed so far. The RIF is limited to seven hop counts by the IBM standards. Because DLSw+ terminates the RIF at the virtual ring, the network scalability increases because the hop count of the packet starts over, and the packet can traverse seven additional hops. RIF termination simplifies network design because ring numbers no longer have to be unique throughout an entire enterprise.

However, some environments do not function properly if the RIF is terminated. For that reason, DLSw+ now supports the RIF Passthru feature, in which the entire source-route bridged path appears in the RIF.

VPDN MIB and Syslog Facility

The Virtual Private Dialup Network (VPDN) Management Information Base (MIB) and Syslog Facility feature is intended to support all the tables and objects defined in "Cisco VPDN Management MIB" for the user sessions of the VPDN features. There are a number of commands that provide information and statistics through the command-line interface (CLI); the Cisco VPDN MIB has been created to satisfy the need to provide information and statistics through SNMP.

New Software Features in Release 11.3(2)T

The following new software features are supported by the Cisco 1600 series in Release 11.3(2)T and later 11.3 T releases.

DRP Server Agent Enhancements

The DRP Server Agent can now measure client-to-server link latency (round-trip time) for use in traffic-redirection decisions.

PIM Version 2

Protocol-Independent Multicast (PIM) Version 2 includes the following improvements over PIM Version 1:

PIM Version 1, together with the Auto-RP feature, performs the same tasks as the PIM Version 2 BSR. However, Auto-RP is a standalone protocol, separate from PIM Version 1, and is a Cisco proprietary protocol. PIM Version 2 is a standards-track protocol in the Internet Engineering Task Force (IETF).

The Cisco PIM Version 2 implementation allows good interoperability and transition between Version 1 and Version 2. You can upgrade to PIM Version 2 incrementally. You can configure PIM Versions 1 and 2 on different routers within one network. Internally, all routers on a shared media network must run the same PIM version. Therefore, if a PIM Version 2 router detects a PIM Version 1 router, the Version 2 router downgrades itself to Version 1 until all Version 1 routers have been shut down or upgraded.

PIM uses the BSR to discover and announce RP-set information for each group prefix to all the routers in a PIM domain. This is the same function accomplished by Auto-RP, but the BSR is part of the PIM Version 2 specification. The BSR mechanism interoperates with Auto-RP.

To avoid a single point of failure, you can configure several candidate BSRs in a PIM domain. A BSR is automatically elected among the candidate BSRs; candidates use bootstrap messages to discover which BSR has the highest priority. This router then announces to all PIM routers in the PIM domain that it is the BSR.

Routers that are configured as candidate RPs then unicast to the BSR the group range for which they are responsible. The BSR includes this information in its bootstrap messages and disseminates it to all PIM routers in the domain. Based on this information, all routers are able to map multicast groups to specific RPs. As long as a router is receiving the bootstrap message, it has a current RP map.

Dialer Watch

Dialer Watch is a backup feature that integrates dial backup with routing capabilities. Prior dial backup implementations used the following conditions to trigger backup:

Prior backup implementations might not have supplied optimum performance on some networks, such as those using Frame Relay multipoint subinterfaces or Frame Relay connections that do not support end-to-end LMI.

Dialer Watch provides reliable connectivity without relying solely on defining interesting traffic to trigger outgoing calls at the central router. Dialer Watch uses the convergence times and characteristics of dynamic routing protocols. Integrating backup and routing features enables Dialer Watch to monitor every deleted route. By configuring a set of watched routes that define the primary interface, you can monitor and track the status of the primary interface as watched routes are added and deleted. Watched routes are monitored in the following sequence:

    1. Whenever a watched route is deleted, Dialer Watch checks to see if there is at least one valid route for any of the watched IP addresses defined.

    2. If there is no valid route, the primary line is considered down and unusable.

    3. If there is a valid route for at least one of the defined watched IP addresses, and if the route is pointing to an interface other than the backup interface configured for Dialer Watch, the primary link is considered up.

    4. If the primary link goes down, Dialer Watch is immediately notified by the routing protocol, and the secondary link is brought up.

    5. When the secondary link is up, the primary link is rechecked at the expiration of each idle timeout.

    6. If the primary link remains down, the idle timer is indefinitely reset.

    7. If the primary link is up, the secondary backup link is disconnected. Additionally, you can set a disable timer to create a delay for the secondary link to disconnect after the primary link is reestablished.

MS Callback

The MS Callback feature provides client-server callback services for Microsoft Windows 95 and Microsoft Windows NT clients. MS Callback supports the Microsoft Callback Control Protocol (MSCB). MSCB is a Microsoft proprietary protocol used by Windows 95 and Windows NT clients. MS Callback supports negotiated PPP Link Control Protocol (LCP) extensions initiated and agreed upon by the Microsoft client. MS Callback is added to existing PPP Callback functionality. Therefore, if you configure your Cisco access server to perform PPP Callback using Cisco IOS Release 11.3(2)T or later, MS Callback is automatically available.

MS Callback supports AAA security models using a local database or AAA server. MSCB uses LCP callback options with suboption type 6. The Cisco MS Callback feature supports clients with a user-specified callback number and server specified (preconfigured) callback number. MS Callback does not affect non-Microsoft machines that implement standard PPP LCP extensions as described in RFC 1570. In this scenario, MS Callback is transparent.

New Software Features in Release 11.3(1)T

The following new software features are supported by the Cisco 1600 series in Release 11.3(1)T and later 11.3 T releases.

IBM SUPPORT:

Backup Peer Extensions for Encapsulation Types

Three types of encapsulation are supported in DLSw+: direct, Fast-Sequenced Transport (FST), and TCP. Previously, DLSw+ supported only backup peers for FST and TCP peer types. This new Frame Relay/Direct Backup Peer feature extends the backup peer capability to all types of DLSw+ transportation types.

Bisync 3780 Support

The Cisco Bisync 3780 support feature has been enhanced to add a user-configurable address on contention interfaces.

BSC Extended Addressing

The Cisco Bisync support protocol stack (BSC) Extended Addressing feature can be used to configure a set of nonstandard Bisync addresses (for non-IBM Bisync devices that do not use the standard set of 3270 Control Unit addresses).

Block Serial Tunneling (BSTUN) over Frame Relay

The BSTUN over Frame Relay feature provides a tunnel mechanism for Binary Synchronous Communications (Bisync) protocol without TCP/IP encapsulation.

DLSw+ Border Peer Caching

With the Border Peer Caching feature, border peers can build three caches (local, remote, and group) and check these caches before forwarding explorers for other routers.

DLSw+ MIB Enhancements

The Cisco DLSw+ Management Information Base (MIB) enhancement feature includes more information about the "plus" features. For example, the MIB describes the encapsulation type being used: direct, LLC2, FST, and TCP. Furthermore, for FST and direct, which use fast cache entries instead of circuits to establish sessions, the MIB includes FST and direct cache entries.

The MIB also describes configured defaults for promiscuous and on-demand peers. It provides information about border peers, dynamic peers, and backup peers. Previously, the MIB was not informed about the remote-peer IP address when using direct or LLC2 encapsulation. Now the remote-peer IP address is sent through the capabilities exchange and listed in the MIB. Finally, the new MIB includes traps for peer up or down and circuit up or down. This MIB provides SNMP network management access to most of the information in the show dlsw capabilities command.

DLSw+ SNA Type of Service

DLSw+ SNA type of service (TOS) sets the IP precedence bits in the IP header of DLSw+ packets. When APPN is running with DLSw+ and the priority option is specified on the dlsw remote peer command, SNA TOS maps APPN class of service (COS) to TCP TOS.

FRAS Boundary Network Node Enhancement

The Frame Relay Access Support (FRAS) Boundary Network Node (BNN) enhancement provides seamless processing at the router regardless of end-station changes. End stations can be added or deleted without reconfiguring the router. The FRAS BNN enhancement coexists with the original FRAS BNN feature.

FRAS Dial Backup over DLSw+

Frame Relay Access Support (FRAS) Dial Backup over DLSw+ is an enhancement to the Cisco FRAS implementation that you can use to configure a secondary path that is used when the Frame Relay network becomes unavailable. If preconfigured properly, when the primary link to the Frame Relay WAN fails, FRAS Dial Backup over DLSw+ automatically moves existing sessions to the alternate link. When the primary link is restored, existing sessions are kept on the backup connection so that they can be moved nondisruptively to the primary link at your discretion.

FRAS DLCI Backup

Frame Relay Access Support (FRAS) DLCI Backup is an enhancement to the Cisco FRAS implementation that you can use to configure a secondary serial or ISDN path to the host to be used when the Frame Relay network becomes unavailable. When the primary Frame Relay link to the Frame Relay WAN fails, the FRAS DLCI Backup feature causes the router to reroute all sessions from the main Frame Relay interface to the secondary interface. The secondary interface can be either serial or ISDN and must have a data link connection identifier (DLCI) configured.

FRAS Host

The FRAS (Frame Relay Access Support) Host feature provides connectivity from a Systems Network Architecture (SNA) Frame Relay Access Device (FRAD) to a Cisco router for SNA mainframe access. This feature also provides connectivity from remote SNA FRADs to LAN-attached front-end processors (FEPs) or to LAN-attached SNA minicomputers (such as AS/400s).

FRAS MIB

The FRAS Management Information Base (MIB) CISCO-DLCSW-MIB.MY is a collection of managed objects that can be accessed via a network management protocol such as SNMP. The objects in the MIB support LLC- and SDLC-attached devices for both BNN and BAN formats of RFC 1490. The FRAS MIB user interface is defined by the network manager SNMP application.

LLC2-to-SDLC Conversion Between PU4 Devices

Data-link switching plus (DLSw+) supports LLC2-to-Synchronous Data Link Control (SDLC) Protocol conversion between PU4 devices. The LLC2-SDLC for PU4 feature allows a SDLC-attached FEP to communicate over DLSw+ to a LAN-attached FEP.

NetBIOS Dial-on-Demand Routing

DLSw+ filters NetBIOS Session Alive packets from the WAN. You can transport NetBIOS in a dial-on-demand routing (DDR) environment by filtering NetBIOS Session Alive packets. NetBIOS periodically sends Session Alive packets as LLC2 I-frames. These packets do not require a response and are superfluous to the function of proper data flow. Furthermore, these packets keep DDR interfaces up, which causes unwanted per-packet charges in DDR networks.

SRB over Frame Relay

Cisco IOS encapsulates source-route bridging (SRB) traffic using RFC-1490 bridged IEEE 802.5 encapsulation to provide SRB over Frame Relay functionality. This functionality can be used between Cisco routers or between a Cisco router and RFC-1490-compliant FRADs or routers.

Tunneling of Asynchronous Security Protocols

The Cisco implementation of block serial tunneling (BSTUN) encapsulates Binary Synchronous Communications (Bisync) protocol, Adplex, ADT Security Systems, Inc., Diebold, and asynchronous generic traffic for transfer over router links.

UDP Unicast Enhancement

Silicon Switch Processor (SSP) address resolution packets are sent via User Datagram Protocol (UDP) unicast service rather than via TCP. SSP packets include CANUREACH.EX, NETBIOS_NAME_QUERY_EX, NB_ADD_NAME.QUERY_EX, and DATAFRAME.

UDP unicast enhances the scalability of TCP peer networks because it allows DLSw+ to better control address resolution packets and unnumbered information (UI) frames during periods of congestion. Previously, these frames were carried over TCP. TCP retransmits frames that get lost or delayed in transit and aggravate congestion. Because address resolution packets and UI frames are not sent on a reliable transport on the LAN, sending them reliably over the WAN is unnecessary. By using UDP for these frames, DLSw+ minimizes network congestion. UDP Unicast Enhancement does not affect Fast-Sequenced Transport (FST) or direct peer encapsulations.

IP ROUTING:

Easy IP (Phase 1)

The Easy IP (Phase 1) feature combines Network Address Translation (NAT) and PPP/Internet Protocol Control Protocol (IPCP). This feature enables a Cisco router to automatically negotiate its own registered WAN interface Internet Protocol (IP) address from a central server and to enable all remote hosts to access the global Internet using this single registered IP address. Because Easy IP uses existing port-level multiplexed NAT functionality within the Cisco IOS software, IP addresses on the remote LAN are invisible to the Internet.

Hot Standby Router Protocol over ISL in Virtual LAN Configurations

The Hot Standby Router Protocol (HSRP) provides a very high level of redundancy between hosts and gateway routers. HSRP also provides high network availability by enabling backup routes between hosts on Ethernet, Fast Ethernet, FDDI, and Token Ring networks. Cisco IOS devices that are running the HSRP send and receive multicast hello packets to detect router failure and to designate active and standby routers.

HSRP was first introduced with ATM LAN Emulation in Cisco IOS Release 11.0 and in Release 11.1 for virtual LAN (VLAN) configurations in IP networks using IEEE 802.10 encapsulations on FDDI media. Starting with Release 11.3, HSRP is also supported over Inter-Switch Links (ISLs) in VLAN configurations on Fast Ethernet. Now, HSRP functionality can be deployed with Cisco IOS VLANS using IEEE 802.10 on FDDI, ATM LAN Emulation, and ISL encapsulation on Fast Ethernet.

IP Enhanced IGRP Route Authentication

This feature provides MD5 authentication of routing updates from the IP EIGRP routing protocol. The MD5 keyed digest in each IP Enhanced IGRP packet prevents the introduction of unauthorized or false routing messages from unapproved sources.

LAN SUPPORT:

AppleTalk Access List Enhancements

This feature adds functionality and improved performance when using AppleTalk access lists and filters.

The specific AppleTalk access list enhancements include the following:

In previous releases of the Cisco IOS software, AppleTalk access lists, with the exception of Name Binding Protocol (NBP) access lists, could be applied to outbound interfaces only. With this release, access lists can be applied to inbound and outbound interfaces.
In previous releases of Cisco IOS software, NBP access lists could be applied to inbound interfaces only. With this release, NBP access lists can be applied to inbound and outbound interfaces.

IPX Named Access Lists

You can now identify IPX access lists with an alphanumeric string (a name) rather than a number. You can use this feature to configure an unlimited number of the following types of access lists:

If you identify your access list with a name rather than a number, the mode and command syntax are slightly different. Currently, only packet and route filters can use a named list.

This feature provides enhanced security because you can use a separate and easily identifiable access list for each user or interface. It also removes the limit of 100 lists per filter type.

Consider the following before configuring IPX named access lists:

IPX SAP-after-RIP

This feature links Service Advertising Protocol (SAP) updates to Routing Information Protocol (RIP) updates so that SAP broadcast and unicast updates automatically occur immediately after the corresponding RIP update. The feature ensures that no service information is rejected by a remote router because it lacks a valid route to the service. As a result of this feature, periodic SAP updates are sent as often as RIP updates.

The default of the router is to send RIP and SAP periodic updates, each using its own update interval depending on the configuration. In addition, RIP and SAP periodic updates are offset slightly, and they tend to diverge from each other over time. This feature synchronizes SAP and RIP updates.

In addition, you can disable the sending of general RIP or SAP queries on a link when it first comes up. Sending all SAP and RIP information in a single update reduces bandwidth demands and eliminates erroneous rejections of SAP broadcasts.

Linking SAP and RIP updates populates the service table at the remote router more quickly because services are not rejected for lack of a route to the service. This can be especially useful on WAN circuits where the update intervals are greatly increased to reduce the overall level of periodic update traffic on the link.

RIP and SAP general queries are normally sent by remote routers when a circuit first comes up. On WAN circuits, two full updates of each kind are often sent across the link. The first update is a full broadcast update, triggered locally by the link-up event. The second update is a specific (unicast) reply triggered by the general query received from the remote router. Disabling the sending of general queries when the link first comes up reduces traffic to a single update and saves bandwidth.

NLSP Enhancements

This feature allows the router to interpret the maximum lifetime field in a Level 1 link-state packet (LSP) in hours or seconds. Previously, the field was interpreted in seconds only. The router keeps LSP packets for a much longer time, which reduces overhead on slower-speed serial links and keeps ISDN links from becoming active unnecessarily.

NLSP Multicast Support

The NLSP Multicast Support feature adds support for the use of NLSP multicast addressing for Ethernet, Token Ring, and FDDI router interfaces. This capability is only possible when the underlying Cisco hardware device or driver supports multicast addressing.

With this feature, the router defaults to using multicasts instead of broadcasts on Ethernet, Token Ring, and FDDI interfaces to address all NLSP routers on the network. If an adjacent device does not support NLSP multicasting, the router uses broadcasts on the affected interface. When routers running prior versions of Cisco IOS software are on the same network with routers running Cisco IOS Release 11.3, broadcasts are used on any segment shared by the two routers.

MANAGEMENT:

Cisco Call History MIB Command-Line Interface

A Cisco IOS command-line interface (CLI) is available for setting two Cisco Call History MIB parameters. These parameters are the number of entries to be retained by the MIB and the length of time to retain them, which correspond to the following MIB objects:

When you save the router configuration before reloading the router, the parameter values are also saved. Before this release, SNMP was the only available means for setting the values of these parameters. However, when the parameters are set by SNMP, the old values are lost, and the parameters are reset to their default values whenever a router is reloaded. The Cisco Call History MIB CLI is enabled by default.

Cisco IOS Internationalization

The Cisco IOS Internationalization feature makes available HTML Server Side Includes (SSIs) to customize international or domestic HTML pages used for the Cisco web browser interface (such as ClickStart pages) and to store them in Flash memory on multiple Cisco IOS platforms. In addition, you can display 8-bit or multibyte international character sets (such as Japanese) and print the escape (ESC) character as a single character instead of as the caret and bracket symbols (^[) on the Cisco Web browser and at the router command line.

Entity MIB, Phase 1

The Entity MIB (RFC 2037) describes the logical resources, physical resources, and logical-to-physical mappings of devices managed by a single SNMP agent. This feature implements the first phase of the Entity MIB, the Logical Entity Table. The Logical Entity Table describes the logical entities managed by a single agent. The Entity MIB also records the time of the last modification to any object in the Entity MIB and sends out a trap when any object is modified. The Entity MIB provides no managed objects with write access.

SNMPv2C

The SNMPv2C feature replaces support for SNMPv2Classic with support for SNMPv2 and SNMPv2C. SNMPv2C replaces the Party-based Administrative and Security Framework of SNMPv2Classic with the Community-based Administrative Framework while retaining 64-bit counters and get-bulk functionality. This feature implements RFCs 1901 through 1907, deprecating the implementation of RFCs 1441 through 1451.


Note Cisco IOS software continues to support SNMPv1.

The following commands are obsolete in Release 11.3:

In addition, the snmp-server trap-authentication command has been deprecated. Use the snmp-server enable traps snmp authentication command in its place. Existing configurations that use the snmp-server trap-authentication command are not affected; however, this command is not saved to the startup configuration.

Virtual Profiles

Virtual Profiles is a unique PPP application that defines and applies per-user configuration information for users who dial in to a router. Virtual Profiles allows user-specific configuration information to be applied irrespective of the media used for the dial-in call. The configuration information for virtual profiles can come from a virtual interface template, per-user configuration information stored on an AAA server, or both, depending on how the router and AAA server are configured.

Virtual profiles overcome current limitations on network scalability:

Virtual profiles overcome the limitations listed above by providing a unique interface for each user dialing in to a Cisco router or access server.

MULTIMEDIA:

IP Multicast Load Splitting Across Equal-Cost Paths

You can configure load splitting of IP multicast traffic across equal-cost paths. Previously, when there were equal-cost paths between routers, IP multicast packets traversed only one path. If a tunnel was configured, the same next hop was always used, and no load splitting occurred.

IP multicast load splitting is accomplished indirectly by consolidating the available bandwidth of all the physical links into a single tunnel interface. The underlying physical connections then use existing unicast load-splitting mechanisms for the tunnel (multicast) traffic. By configuring load splitting among equal-cost paths, you can use your links between routers more efficiently when sending IP multicast traffic.


Note This feature is load splitting the traffic, not load balancing the traffic.

IP Multicast over Token Ring LANs

Prior to this feature, IP multicast datagrams used the MAC-level broadcast address 0xFFFF.FFFF.FFFF, which placed an unnecessary burden on all devices that did not participate in IP multicast. The IP multicast over Token Ring LANs feature defines a way to map IP multicast addresses to a single Token Ring MAC address. This feature defines the Token Ring functional address (0xc000.0004.0000) that should be used over Token Ring. The Cisco Systems implementation complies with RFC 1469, IP Multicast over Token-Ring Local Area Networks (June 1993).

IP multicast transmissions over Token Ring interfaces are more efficient than they used to be. This feature reduces the load on other machines that do not participate in IP multicast because they do not receive these packets.

The following restrictions apply to this feature:

Stub IP Multicast Routing

When using PIM in a large network, there are often stub regions over which the administrator has limited control. To reduce the configuration and administration burden, you can configure a subset of PIM functionality that provides the stub region with connectivity but does not allow it to participate in or potentially complicate any routing decisions.

Stub IP multicast routing allows simple multicast connectivity and configuration at stub networks. It eliminates periodic flood-and-prune behavior across slow-speed links (ISDN and below) using dense mode. It does this by using forwarded IGMP reports as a type of Join message and selective PIM message filtering.

QUALITY OF SERVICE:

RTP Header Compression

Real-time Transport Protocol (RTP) carries packetized audio and video traffic over an IP network. RTP is described in RFC 1889. RTP is not intended for data traffic, which uses Transmission Control Protocol (TCP) or User Datagram Protocol (UDP). RTP provides end-to-end network transport functions intended for applications transmitting real-time requirements, such as audio, video, or simulation data over multicast or unicast network services.

The minimal 12 bytes of the RTP header, combined with 20 bytes of IP header and 8 bytes of UDP header create a 40-byte RTP/IP/UDP header. The RTP packet has a payload of approximately 20 to 150 bytes for audio applications that use compressed payloads. It is very inefficient to transmit the RTP/IP/UDP header without compressing it.

The RTP header compression feature compresses the RTP/IP/UDP header in an RTP data packet from 40 bytes to approximately 2 to 5 bytes. It is a hop-by-hop compression scheme similar to RFC 1144 for TCP header compression. Using RTP header compression can benefit both telephony voice and multicast backbone (MBONE) applications running over slow links.

RTP header compression is supported on serial lines using Frame Relay, HDLC, or PPP encapsulation. It is also supported over ISDN interfaces.

Enabling compression on both ends of a low-bandwidth serial link can greatly reduce the network overhead if there is a lot of RTP traffic on that slow link. This compression is beneficial especially when the RTP payload size is small (as with compressed audio payloads of 20 to 50 bytes). Although the MBONE-style RTP traffic has higher payload sizes, compact encodings like Compressed Encoding for Linear Prediction (CELP) can also help considerably.

SECURITY:

Double Authentication

Double authentication provides additional authentication for Point-to-Point Protocol (PPP) sessions. Previously, PPP session authentication was limited to CHAP (or PAP). With double authentication, remote users must pass a second stage of user authentication--after CHAP or PAP authentication--before they can gain network access.

If you configure your local host (NAS or router) for double authentication, remote users must complete a second stage of authentication to gain their assigned user network privileges. This second double authentication requires a password that is known to the user but not stored on the remote host of the user. Therefore, the second authentication is specific to a user, not to a host. This feature provides an additional level of security that is effective even if the remote host is stolen.

Encrypted Kerberized Telnet

Encrypted Kerberized Telnet enables a router to initiate or receive an encrypted Telnet session. Previously, all Telnet session traffic could only be transmitted as clear-text (readable) data.

You can use Encrypted Kerberized Telnet when establishing a Telnet session to or from a router. When you use this feature, first you are authenticated by your Kerberos credentials, and then an encrypted Telnet session is established.

The Cisco implementation of Encrypted Kerberized Telnet uses the following encryption standard: 56-bit Data Encryption Standard (DES) encryption with 64-bit Cipher Feedback (CFB). This feature is available only if you have the 56-bit encryption image. The 56-bit DES encryption image is subject to U.S. government export-control regulations.

HTTP Security

All Cisco routers and access servers running Cisco IOS Release 11.0(6) or later have an HTTP server, which is an embedded subcomponent of the Cisco IOS software. Users with a privilege level of 15 can use a web browser to issue Cisco IOS commands from a predefined home page. In Cisco IOS Release 11.3, the HTTP security feature enables users with a privilege level other than 15 to access the HTTP server.

In addition, a new command has been added to specify how HTTP server users are authenticated. The HTTP server in the Cisco IOS Release 11.2 software uses the enable password method to authenticate a user at privilege level 15. In Release 11.3, system administrators can specify enable; local; Terminal Access Controller Access Control System (TACACS); or authentication, authorization, and accounting (AAA) user authentication.

Using the HTTP Security feature, network administrators can provide HTTP-server access to users with a privilege level of less than 15. The Cisco Web browser interface then mirrors the functionality of the command-line interface (CLI).

Per-User Configuration

The Per-User Configuration can tie together the following dial-in features:

A virtual access interface created dynamically for any user dial-in session is deleted when the session ends. The resources used during the session are returned for other dial-in uses.

With per-user configuration:

TCP Intercept

The TCP Intercept feature implements software to protect TCP servers from TCP SYN-flooding attacks, which are a type of denial-of-service attack. A SYN-flooding attack occurs when a hacker floods a server with requests for connection. Because these messages have unreachable return addresses, the connections cannot be established. The resulting volume of unresolved open connections eventually overwhelms the server and can cause it to deny service to valid requests, thereby preventing legitimate users from connecting to a Web site, accessing e-mail, using FTP service, and so on.

The TCP Intercept feature helps prevent SYN-flooding attacks by intercepting and validating TCP connection requests. In intercept mode, the TCP intercept software intercepts TCP synchronization (SYN) packets from clients to servers that match an extended access list. The software establishes a connection with the client on behalf of the destination server and if successful, establishes the connection with the server on behalf of the client and knits the two half-connections together transparently. Thus, connection attempts from unreachable hosts never reach the server. The software continues to intercept and forward packets throughout the duration of the connection.

Vendor-Proprietary RADIUS Attributes

Remote Authentication Dial-In User Server (RADIUS) is an access server authentication and accounting protocol originally developed by Livingston, Inc. Although an Internet Engineering Task Force (IETF) draft standard for RADIUS specifies a method for communicating vendor-proprietary information between the network access server and the RADIUS server, some vendors have extended the RADIUS attribute set in a unique way. Cisco IOS software currently supports the IETF draft standard RADIUS. In this release, Cisco IOS software introduces support for the most common vendor-proprietary RADIUS attributes.

Some vendor-proprietary implementations of RADIUS let the administrator define static routes and IP pool definitions on the RADIUS server, instead of on each network access server. As each network access server starts up, it queries the RADIUS server for static route and IP pool information. In this release, a new command enables the Cisco router to obtain static routes and IP pool definition information from the RADIUS server at start-up time. This frees the user from having to configure such information on each network access server.

SWITCHING:

Fast-Switched Policy Routing

IP policy routing can now be fast-switched. Previously, policy routing could only be process-switched, which meant that on most platforms, the switching rate was approximately 1,000 to 10,000 packets per second. This was not fast enough for many applications. Users who need policy routing to occur at faster speeds can implement policy routing without slowing down the router.

TERMINAL SERVICES:

Virtual Interface Template Service

Beginning with Cisco IOS Release 11.2, virtual interfaces can be configured independently of any physical interface and applied dynamically, as needed, to create virtual access interfaces. When a user dials in, a predefined configuration template is used to configure a virtual access interface; when the user is done, the virtual access interface is torn down, and the resources are freed for other dial-in uses.

This feature provides a generic service that can be used to apply predefined configurations (virtual interface templates) in creating and freeing virtual access interfaces, as needed. Virtual interface templates and virtual access interfaces are basically serial interfaces with no hardware associations; they are created and freed as needed.

The virtual interface template service provides the following benefits to customers with large numbers of dial-in users:

Virtual Templates for Protocol Translation


Note The Cisco 1600 Series does not support protocol translation.

Using Cisco IOS Release 11.3, you can simplify the process of configuring protocol translation to tunnel PPP or SLIP across X.25, TCP, and LAT networks. Release 11.3 provides virtual template interfaces that you can configure independently and apply to any protocol translation configuration. You can configure virtual interface templates for one-step and two-step protocol translation.

Before virtual templates were implemented, you enabled asynchronous protocol functions on vty lines by creating virtual asynchronous interfaces rather than virtual access interfaces. (For one-step translation, you did so by specifying ppp or slip as outgoing options in the translate command. For two-step translation, you did so by specifying the vty-async command.) The differences between virtual asynchronous interfaces and virtual access interfaces are as follows:

WAN OPTIMIZATION:

PAD Enhancements

The Cisco implementation of packet assembler/disassembler (PAD) has been enhanced:


Note The Cisco 1600 Series does not support protocol translation.

PAD Subaddressing

You can use this feature to append a specified value to an X.121 calling address when that address is not sufficient to identify the source of a call. You can use PAD subaddressing to create unique X.121 calling addresses by including either a physical port number or a value specified for a line as a subaddress to the X.121 calling address.

PAD subaddressing enables an X.25 host application to uniquely identify the source of an X.121 call. For example, in some bank security-alarm applications, the central alarm host identifies the physical location of the alarm units from subaddressing information contained in the Call Request packet.

WAN SERVICES:

Bandwidth Allocation Control Protocol

The Bandwidth Allocation Control Protocol (BACP) described in RFC 2125 provides Multilink PPP peers with the ability to govern link utilization. After peers have successfully negotiated BACP, they can use the Bandwidth Allocation Protocol (BAP), a subset of BACP, to negotiate bandwidth allocation. BAP provides a set of rules governing dynamic bandwidth allocation through call control, a defined method for adding and removing links from a multilink bundle for Multilink PPP.

The addition of any link to an existing multilink bundle is controlled by a BAP call or callback request message, and the removal of a link can be controlled by a link drop message. BACP is designed to operate in both the virtual interface environment and the dialer interface environment. It can operate over any physical interface that is Multilink-PPP capable and has a dial capability; at initial release, BACP supports ISDN and asynchronous serial interfaces.

BACP provides the following benefits:

Enhanced Local Management Interface

The Enhanced Local Management Interface feature provides an enhancement to the Frame Relay LMI protocol. Enhanced Local Management Interface enables automated exchange of Frame Relay Quality of Service (QoS) parameter information between the Cisco router and the Cisco wide-area switch. Routers can base congestion management and prioritization decisions on known QoS values, such as the Committed Information Rate (CIR), Committed Burst Size (Bc), and Excess Burst Size (Be). The router senses QoS values from the switch and can be configured to use those values in traffic shaping. This enhancement works between Cisco routers and Cisco wide-area switches (Cisco BPX and Cisco IGX platforms).

Frame Relay Enhancements

The Frame Relay enhancements introduced with this feature include:

Frame Relay compression can occur on the CSA board or on the main CPU of the router. FRF.9 is standard-based and therefore provides multivendor compatibility. FRF.9 compression uses higher compression ratios, allowing more data to be compressed for faster transmission.

Frame Relay MIB Extensions

The Cisco Frame Relay MIB adds proprietary extensions to the standard Frame Relay MIB (RFC 1315). It provides additional link-level and virtual circuit-level information and statistics that are mostly specific to Cisco Frame Relay implementation. This MIB provides SNMP network management access to most of the information covered by the show frame-relay commands, such as show frame-relay lmi, show frame-relay pvc, show frame-relay map, and show frame-relay svc.

Frame Relay Router ForeSight

ForeSight is the network traffic control software used in Cisco wide-area switches. The Cisco wide-area Frame Relay switch can extend ForeSight messages over a User-to-Network Interface (UNI), passing the backward congestion notification for virtual connections. The Router ForeSight feature allows Cisco Frame Relay routers to process and react to ForeSight messages and adjust virtual circuit level traffic shaping in a timely manner.

The Router Foresight feature must be explicitly configured on both the Cisco router and the Cisco wide-area switch. When ForeSight is enabled, a ForeSight message is sent out at the configured time interval, which can range from 40 to 5000 milliseconds. The time interval between the ForeSight messages is set during configuration of the switch. Refer to the appropriate Cisco wide-area switch documentation for details for configuring this feature.

When a Cisco router receives a ForeSight message indicating that certain Data Link Connection Identifiers (DLCIs) are experiencing congestion, the Cisco router activates its traffic shaping function to slow down the output rate. The router reacts as it would if it detected the congestion by receiving a packet with the backward explicit congestion notification (BECN) bit set.

BECN requires a user packet to be sent in the direction of the congested DLCI to convey the signal, a process that is not predictable and therefore not reliable as a notification mechanism. Timed ForeSight messages guarantee that the router receives notification before congestion becomes a problem. Traffic can be slowed down in the direction of the congested DLCI.

The Frame Relay router ForeSight feature provides an improved mechanism for managing network traffic. It provides these benefits:

ISDN Advice of Charge

The ISDN Advice of Charge (AOC) feature is for ISDN PRI NET5 and ISDN BRI NET3 switch types only. Users can obtain charging information for all calls during the call (AOC-D), at the end of the call (AOC-E), or both to track call costs and to control and possibly reduce tariff charges through the use of the short-hold mode option.

The ISDN AOC feature also supports, for the AOC-D service, an optional, configurable short-hold mode that provides a dynamic idle timeout by measuring the call-charging period, based on the frequency of the AOC-D or the AOC-E message from the network. The short-hold mode idle time does the following:

Users must have subscribed through their local ISDN network for the ISDN services (AOC-D or AOC-E). No router configuration changes are required to retrieve this call charging information. Call accounting information for AOC-D and AOC-E messages is stored in SNMP MIB objects.

ISDN Caller ID Callback

The ISDN caller ID callback feature allows the initial incoming call from the client to the server to be rejected based on the caller ID message contained in the ISDN setup message and allows a callback to be initiated to the calling destination. This feature is independent of the encapsulation in effect and can be used with various encapsulations, such as PPP, HDLC, Frame Relay, and X.25.

In Cisco IOS Release 11.2, ISDN callback functionality required PPP or Combinet Packet Protocol (CPP) client authentication and client-server callback negotiation to proceed. If authentication and callback negotiations were successful, the callback server had to disconnect the call and then place a return call. Both the initial call and the return call were subject to tolls, and when service providers charge by the minute, even brief calls could be expensive.


Note ISDN caller ID callback conflicts with the dialer callback security feature for the dialer profiles feature for dial-on-demand routing (DDR). If dialer callback security is configured, it takes precedence; ISDN caller ID callback is ignored.

ISDN NFAS

ISDN Non-Facility Associated Signaling (NFAS) allows a single D channel to control multiple PRI interfaces. A backup D channel can also be configured for use when the primary NFAS D channel fails. Use of a single D channel to control multiple PRI interfaces can free the B channel on each interface to carry other traffic. After the controllers are configured, only the NFAS primary D channel must be configured; its configuration is distributed to all the members of the associated NFAS group.

LANE Per-subinterface Debug Messages

You can limit debug messages to those related to a particular subinterface. Some debug commands generate a large amount of output; by restricting output to information on a particular subinterface, you can reduce the number of debug messages generated.

Layer 2 Forwarding--Fast Switching

Cisco routers fast-switch Layer 2 Forwarding (L2F) traffic. In stack group environments in which some L2F traffic is offloaded to a powerful router, fast switching provides improved scalability.

Leased-Line ISDN at 128 kbps

In Cisco IOS Release 11.2, leased-line service at 64 kbps via ISDN BRI is provided in Japan and Germany. In Cisco IOS Release 11.3, leased-line service at 128 kbps via ISDN BRI is provided in Japan. This service combines two B channels into a single pipe.


Note After an ISDN BRI interface is configured for access over leased lines, it is no longer a dialer interface, and signaling over the D channel no longer applies. Although the interface is called interface bri n, it is configured as a synchronous serial interface. However, the Cisco IOS commands that set the physical characteristics of a serial interface (such as the pulse time) do not apply to this interface.

Multilink PPP Interleaving and Fair-Queuing Support

Interleaving on Multilink PPP allows large packets to be multilink encapsulated and fragmented into a small enough size to satisfy the delay requirements of real-time traffic; small real-time packets are not multilink encapsulated and are transmitted between fragments of the large packets. The interleaving feature also provides a special transmit queue for the smaller, delay-sensitive packets, enabling them to be transmitted earlier than other flows.

Weighted fair-queuing on Multilink PPP works at the packet level, not at the level of multilink fragments. Thus, if a small real-time packet gets queued behind a larger best-effort packet and no special queue has been reserved for real-time packets, the small packet is scheduled for transmission only after all the fragments of the larger packet are scheduled for transmission.

Weighted fair-queuing is supported on all interfaces that support Multilink PPP, including Multilink PPP virtual access interfaces and virtual interface templates. Weighted fair-queuing is enabled by default.

Fair-queuing on Multilink PPP overcomes a prior restriction. Previously, fair-queuing was not allowed on virtual access interfaces and virtual interface templates. Interleaving provides the delay bounds for delay-sensitive voice packets on a slow link that is used for other best-effort traffic.

Telnet Extensions for Dialout

The Telnet Extensions for Dialout feature is the network access server component of the Cisco DialOut Utility, used by local users to send faxes or connect to services outside the LAN by using modems attached (or internal) to a network access server. This feature extends the functionality of Telnet because users can control the activity of these modems from their desktop computers, using standard communications software. Because the Telnet Extensions for Dialout feature works with the client/desktop Cisco DialOut Utility, it is not a standalone feature. It enables the network access server to interface with the client/desktop component of the Cisco DialOut Utility. The client/desktop component of Cisco DialOut Utility must be installed on the client workstation before this feature can be used.

Telnet extensions allow the communications software running on the desktop computer of a client to control modem settings such as baud rate, parity, bit size, and stop bits. In addition, these extensions allow the network access server to return Carrier Detect signals to the communications software so that the software can determine when to start dialing a particular number.

The Telnet Extensions for Dialout feature uses reverse Telnet to access modems attached to the network access server. To enable this feature, you only need to configure the access server or router for reverse Telnet and configure the appropriate lines to both send and receive calls.

VPDN Tunnel Lookup Based on Dialed Number Information

The network service provider can select a specific VPDN tunnel for outgoing calls from a dial-in user by using the dialed number information service (DNIS) information provided on ISDN lines. The ability to select a tunnel based on DNIS provides additional flexibility to network service providers who offer VPDN services and to the corporations that use the services. Instead of having to use only the domain name for tunnel selection, tunnel selection can be based on the dialed number.

With this feature, a corporation that might have only one domain name can provide multiple, specific phone numbers for dialing into the network access server at the service provider point of presence. The service provider can select the tunnel to the appropriate services or portion of the corporate network based on the dialed number.

X.25 Enhancements

The Cisco X.25 implementation has been restructured to meet additional design goals that include greater modularity and consistent availability of X.25 services to the code that uses them. The following have been updated:


Note The Cisco 1600 Series does not support protocol translation.

X.25 Over ISDN

Basic Rate Interface (BRI) is an Integrated Systems Digital Network (ISDN) interface, and it consists of two B channels (B1 and B2) and one D channel. The B channels are used to transfer data, voice, and video. The D channel controls the B channels.

ISDN uses the D channel to carry signal information. ISDN can also use the D channel in a BRI to carry X.25 packets. The D channel has a capacity of 16 kbps, and the X.25 over D channel can use up to 9.6 kbps.

You can set the parameters of the X.25-over-D-channel interface without disrupting the original ISDN interface configuration. In a normal ISDN BRI interface, the D and B channels are bundled together and represented as a single interface. The original BRI interface continues to represent the D, B1, and B2 channels.

Because some end-user equipment uses static terminal endpoint identifiers (TEIs) to access this feature, static TEIs are supported. The dialer recognizes the X.25-over-D-channel calls and initiates them on a new interface.

X.25 traffic over the D channel can be used as a primary interface where low-volume, sporadic interactive traffic is the normal mode of operation. Supported traffic includes IPX, AppleTalk, transparent bridging, XNS, DECnet, and IP.

X.25 Switching Between PVCs and SVCs

This feature allows X.25 switching between permanent virtual connections (PVCs) and switched virtual connections (SVCs). Previously, X.25 switching was permitted only between circuits of the same type. Traffic that entered the router over a SVC could be forwarded only to another SVC. Likewise, traffic that entered the router over a PVC could be forwarded only to another PVC. This feature allows switching between the two circuit types.

X.28 Emulation

The Cisco IOS software provides an X.28 user emulation mode through which you can interact and control the PAD. During an exchange of control information, messages or commands sent from the terminal to the PAD are called PAD command signals. Messages sent from the PAD to the terminal are called PAD service signals. These signals and any transmitted data take the form of encoded character streams as defined by International Alphabet Number 5.

For asynchronous devices such as a terminals or modems to access an X.25 network host, the packets of a device must be assembled or disassembled by a PAD device. Using standard X.28 commands from the PAD, calls can be made into an X.25 network, X.3 PAD parameters can be set, or calls can be reset. There are 22 available X.3 PAD parameters to configure. These parameters can also be set by a remote X.25 host using X.29. The X.28 standard interface is common in many European countries and adheres to the X.25 International Telecommunication Union Telecommunication (ITU-T) standards.

The new X.28 interface is designed for asynchronous devices that require X.25 transport to access a remote or native asynchronous or synchronous host application. Applications such as dial-up users accessing a remote X.25 host can use the X.28 interface. For example, banks implement Cisco routers to support back-office applications, ATMs, point-of-sales authorization devices, and alarm systems. These alarm devices are connected asynchronously to the same Cisco router and report alarm conditions to a remote alarm host for the dispatch of police. The Cisco X.28 PAD implementation calls can be transported over a public packet network, a private X.25 network, the Internet, a private IP-based network, or a Frame Relay network. With this new service, Cisco offers the flexibility to either use the X.28 interface directly or over a Cisco IOS application service such as protocol translation. The protocol translation vty asynchronous application provides bidirectional access to an X.25 application with the PAD service or protocols, such as Digital Equipment Corporation (DEC), local-area transport (LAT), and TCP.


Note The Cisco 1600 Series does not support protocol translation.

Installation Notes

If you are upgrading to Cisco IOS Release 11.3 from an earlier Cisco IOS software release, you should save your current configuration file before configuring your access server with the Cisco IOS Release 11.3 T software. An unrecoverable error could occur during download or configuration.

Before downloading a software upgrade, read Product Bulletin #703, Cisco IOS Software Release Upgrade Paths and Packaging Simplification. The information in this bulletin supersedes all previous instructions. This bulletin is in the following location on CCO. Click Service & Support. Near the bottom of the web page go to Product Bulletins, scroll down to the Software section, and then click Cisco IOS Software Release 11.3 Upgrade Paths No. 703 under the heading Cisco IOS 11.3.

Important Notes

The following sections contain important notes about Cisco IOS Release 11.3 and can apply to the Cisco 1600 series.

Image Deferral, Cisco IOS Release 11.3(8)T

Cisco IOS Release 11.3(8)T was deferred to Release 11.3(8)T1 on all software images to incorporate corrections to the following caveats:

For more information on these caveats, refer to Bug Navigator II. Bug Navigator II is available at http://www.cisco.com/support/bugtools. On CCO, click this path:

Service & Support/ Online Technical Support/ Software Bug Toolkit/ Bug Navigator II

Release 11.3(4)T1

Release 11.3(4)T1 is an early deployment release of software support for the Cisco 1600 series routers. Release 11.3(4)T1 is the same as Release 11.3(4)T except the following defect has been resolved in Release 11.3(4)T1:

The configuration command frame-relay interface-dlci is not working. This affects Frame Relay users who need to configure point-to-point subinterfaces. [CSCdk18271]

Enabling IPX Routing

The Token Ring interface is reset whenever IPX routing is enabled on that interface.

Forwarding of Locally Sourced AppleTalk Packets

The Cisco implementation of AppleTalk does not forward packets with local-source and destination network addresses. This behavior does not conform to the definition of AppleTalk in the Apple Computer publication Inside AppleTalk. However, this behavior is designed to prevent any possible corruption of the AppleTalk Address Resolution Protocol (AARP) table in any AppleTalk node that is performing MAC-address gleaning.

Removed Bridging Command

As of Release 11.3(2)T, the command bridge group multicast-source is no longer available. This command was removed to comply with the source-route-transparent (SRT) bridging implementation.

Missing Source-Route Bridging Commands

Due to a production problem, many source-route bridging commands were omitted from the printed version of the Cisco IOS Software Command Summary (78-4746-01). For complete documentation of all source-route bridging commands, refer to the Bridging and IBM Networking Command Reference (78-4743-01). You can also obtain the most current documentation on the Documentation CD-ROM or Cisco Connection Online (CCO).

New TACACS+ Attribute-Value (AV) Pair

A new authorization feature was added in Release 11.3(1) that allows for separate configuration and authorization of Multilink PPP. This can cause MLP authorization to fail in TACACS+ servers that do not include the relevant authorization permissions in the configuration. For TACACS+, the following attribute-value (AV) pair should be added for all users who are allowed to negotiate Multilink PPP:

service = ppp protocol = multilink {

Caveats

Caveats describe unexpected behavior in Cisco IOS software releases. Severity 1 caveats are the most serious caveats; severity 2 caveats are less serious.

For information on caveats in Cisco IOS Release 11.3 T, see Caveats for Cisco IOS Release  11.3  T on CCO and the Documentation CD-ROM.

All caveats in Release 11.3 are also in Release 11.3 T.

For information on caveats in Cisco IOS Release 11.3, see the "Important Notes and Caveats for Release 11.3"  section in Cross-Platform Release Notes for Cisco IOS Release 11.3   on CCO and the Documentation CD-ROM. These release notes list severity 1 and 2 caveats affecting all maintenance releases.


Note If you have an account with CCO, you can use Bug Navigator II to find caveats of any severity for any release. You can reach Bug Navigator II on CCO at Service & Support: Online Technical Support: Software Bug Toolkit, or at http://www.cisco.com/support/bugtools.

Related Documentation

The following sections describe the documentation available for the Cisco 1600 series. These documents consist of hardware and software installation guides, Cisco IOS configuration and command references, system error messages, feature modules, and other documents.

Documentation is available as printed manuals or electronic documents, except for feature modules, which are available online on CCO and the Documentation CD-ROM.

Use these release notes with these documents:

Release-Specific Documents

The following documents are specific to Release 11. 3 and are located on CCO and the Documentation CD-ROM:

On CCO at:
Service & Support: Documentation Home Page: Cisco IOS Software Configuration: Cisco IOS Release 11.3: Release Notes for Cisco IOS Release 11.3
On the Documentation CD-ROM at:
Cisco Product Documentation: Cisco IOS Software Configuration: Cisco IOS Release 11.3: Release Notes for Cisco IOS Release 11.3
Service & Support: Technical Documents
As a supplement to the caveats listed in the "Caveats" section, see Caveats for Cisco IOS Release 11.3 T, which contains caveats applicable to all platforms for all maintenance releases of Release 11.3 T.
On CCO at:
Service & Support: Documentation Home Page: Cisco IOS Software Configuration: Cisco IOS Release 11.3: Product Specific Release Notes for Cisco IOS Release 11.3: Caveats for Cisco IOS Release 11.3 T
On the Documentation CD-ROM at:
Cisco Product Documentation: Cisco IOS Software Configuration: Cisco IOS Release 11.3: Product Specific Release Notes for Cisco IOS Release 11.3: Caveats for Cisco IOS Release 11.3 T

Platform-Specific Documents

These documents are available for the Cisco 1600 series on CCO and the Documentation CD-ROM:

On CCO at:

Service & Support: Documentation Home Page: Access Servers and Access Routers: Modular Access Routers: Cisco 1600 Series Routers

On the Documentation CD-ROM at:

Cisco Product Documentation: Access Servers and Access Routers: Modular Access Routers: Cisco 1600 Series Routers

Feature Modules

Feature modules describe new features supported by Release 11.3 T and are updates to the Cisco IOS documentation set. A feature module consists of a brief overview of the feature, benefits, configuration tasks, and a command reference. As updates, the feature modules are available online only. Feature module information is incorporated in the next printing of the Cisco IOS documentation set.

On CCO at:

Service & Support: Documentation Home Page: Cisco IOS Software Configuration: Cisco IOS Release 11.3: Cisco IOS 11.3 [AA, NA, T, XA] New Features

On the Documentation CD-ROM at:

Cisco Product Documentation: Cisco IOS Software Configuration: Cisco IOS Release 11.3: Cisco IOS 11.3 [AA, NA, T, XA] New Features

Cisco IOS Software Documentation Set

The Cisco IOS software documentation set consists of the Cisco IOS configuration guides, Cisco IOS command references, and several other supporting documents, which are shipped with your order in electronic form on the Documentation CD-ROM--unless you specifically ordered the printed versions.

Documentation Modules

Each module in the Cisco IOS documentation set consists of two books: a configuration guide and a corresponding command reference. Chapters in a configuration guide describe protocols, configuration tasks, Cisco IOS software functionality, and contain comprehensive configuration examples. Chapters in a command reference provide complete command syntax information. Use each configuration guide with its corresponding command reference.

On CCO and the Documentation CD-ROM, two master hot-linked documents provide information for the Cisco IOS software documentation set.

You can reach these documents on CCO at:

Service & Support: Documentation Home Page: Cisco IOS Software Configuration: Cisco IOS Release 11.3: Cisco IOS Release 11.3 Configuration Guides, Command References: Configuration Guide Master Index or Command Reference Master Index

Release 11.3 Documentation Set

Table 7 describes the contents of the Cisco IOS Release 11.3 software documentation set, which is available in electronic form and also in printed form upon request.


Note You can find the most current Cisco IOS documentation on CCO and the Documentation CD-ROM. These electronic documents may contain updates and modifications made after the paper documents were printed.

You can reach the Cisco IOS documentation set from CCO at:

Service & Support: Documentation Home Page: Cisco IOS Software Configuration: Cisco IOS Release 11.3

You can reach the Cisco IOS documentation set on the Documentation CD-ROM at:

Cisco Product Documentation: Cisco IOS Software Configuration: Cisco IOS Release 11.3

.
Table 7: Cisco IOS Software Release 11.3 Documentation Set
Books Chapter Topics

  • Configuration Fundamentals Configuration Guide

  • Configuration Fundamentals Command Reference

Configuration Fundamentals Overview
Cisco IOS User Interfaces
File Management
Interface Configuration
System Management

  • Network Protocols Configuration Guide, Part 1

  • Network Protocols Command Reference, Part 1

IP Addressing
IP Services
IP Routing Protocols

  • Network Protocols Configuration Guide, Part 2

  • Network Protocols Command Reference, Part 2

AppleTalk
Novell IPX

  • Network Protocols Configuration Guide, Part 3

  • Network Protocols Command Reference, Part 3

Apollo Domain
Banyan VINES
DECnet
ISO CLNS
XNS

  • Wide-Area Networking Configuration Guide

  • Wide-Area Networking Command Reference

Wide-Area Networking Overview
ATM
Frame Relay
SMDS
X.25 and LAPB

  • Security Configuration Guide

  • Security Command Reference

AAA Security Services
Security Server Protocols
Traffic Filtering
Network Data Encryption
Passwords and Privileges
Neighbor Router Authentication
IP Security Options

  • Dial Solutions Configuration Guide

  • Dial Solutions Command Reference

Business Applications and Scenarios
Dial-In Port Setup
Dial-In Terminal Services and Remote Note Configuration
Dial Authentication
Dial-on-Demand Routing (DDR)
Dial Backup
Dial-Out Modem Pooling
Large-Scale Dial Solutions
Dial-Related Addressing Services (NAT/Easy IP)
Cost-Control Solutions
Network Traffic over ISDN Channels
X.25 over ISDN
Virtual Private Dialup Networks

  • Cisco IOS Switching Services Configuration Guide

  • Cisco IOS Switching Services Command Reference

Switching Paths for IP Networks
NetFlow Switching
Virtual LAN (VLAN) Routing
LAN Emulation

  • Bridging and IBM Networking Configuration Guide

  • Bridging and IBM Networking Command Reference

Transparent Bridging
Source-Route Bridging
Remote Source-Route Bridging
DLSw+
STUN and BSTUN
LLC2 and SDLC
IBM Network Media Translation
DSPU and SNA Service Point Support
SNA Frame Relay Access Support
APPN
NCIA Client/Server Topologies
IBM Channel Attach

  • Configuration Guide Master Index

  • Command Reference Master Index

 


Note The Cisco Management Information Base (MIB) User Quick Reference publication is no longer being published. For the latest list of MIBs supported by Cisco, see the Cisco Network Management Toolkit on Cisco Connection Online. On CCO, go to Service & Support, select Software Center, and click Network Management Products. Next, select Cisco Network Management Toolkit, and click Cisco MIBs.

Service and Support

For service and support for a product purchased from a reseller, contact the reseller, who offers a wide variety of Cisco service and support programs described in "Service and Support" of Cisco Information Packet shipped with your product.


Note If you purchased your product from a reseller, you can access CCO as a guest. CCO is Cisco Systems' primary real-time support channel. Your reseller offers programs that include direct access to CCO services.

For service and support for a product purchased directly from Cisco, use CCO.

Software Configuration Tips on the Cisco Technical Assistance Center Home Page

If you have a CCO login account, you can access the following URL, which contains links and tips on configuring your Cisco products:

http://www.cisco.com/kobayashi/serv_tips.shtml

This URL is subject to change without notice. If it changes, point your Web browser to CCO  and click on this path: Products & Technologies: Products: Technical Tips.

The following sections are provided from the Technical Tips page:

Cisco Connection Online

Cisco Connection Online (CCO) is Cisco Systems' primary, real-time support channel. Maintenance customers and partners can self-register on CCO to obtain additional information and services.

Available 24 hours a day, 7 days a week, CCO provides a wealth of standard and value-added services to Cisco's customers and business partners. CCO services include product information, product documentation, software updates, release notes, technical tips, the Bug Navigator, configuration notes, brochures, descriptions of service offerings, and download access to public and authorized files.

CCO serves a wide variety of users through two interfaces that are updated and enhanced simultaneously: a character-based version and a multimedia version that resides on the World Wide Web (WWW). The character-based CCO supports Zmodem, Kermit, Xmodem, FTP, and Internet e-mail, and it is excellent for quick access to information over lower bandwidths. The WWW version of CCO provides richly formatted documents with photographs, figures, graphics, and video, as well as hyperlinks to related information.

You can access CCO in the following ways:

For a copy of CCO's Frequently Asked Questions (FAQ), contact cco-help@cisco.com. For additional information, contact cco-team@cisco.com.


Note If you are a network administrator and need personal technical assistance with a Cisco product that is under warranty or covered by a maintenance contract, contact Cisco's Technical Assistance Center (TAC) at 800 553-2447, 408 526-7209, or tac@cisco.com. To obtain general information about Cisco Systems, Cisco products, or upgrades, contact 800 553-6387, 408 526-7208, or cs-rep@cisco.com.

Documentation CD-ROM

Cisco documentation and additional literature are available in a CD-ROM package, which ships with your product. The Documentation CD-ROM, a member of the Cisco Connection Family, is updated monthly. Therefore, it might be more current than printed documentation. To order additional copies of the Documentation CD-ROM, contact your local sales representative or call customer service. The CD-ROM package is available as a single package or as an annual subscription. You can also access Cisco documentation on the World Wide Web at http://www.cisco.com, http://www-china.cisco.com, or http://www-europe.cisco.com.

If you are reading Cisco product documentation on the World Wide Web, you can submit comments electronically. Click Feedback in the toolbar and select Documentation. After you complete the form, click Submit to send it to Cisco. We appreciate your comments.



hometocprevnextglossaryfeedbacksearchhelp
Posted: Mon Aug 7 20:48:57 PDT 2000
Copyright 1989-2000©Cisco Systems Inc.