|
|
July 26, 1999
These release notes for Cisco 1600 series support Cisco IOS Release 11.3 T, up to and including Release 11.3(11)T. These release notes are updated as needed to describe new features, memory requirements, hardware support, software platform deferrals, and changes to the microcode or modem code and related documents.
For a list of the software caveats that apply to Release 11.3(11)T, see the Caveats for Cisco IOS Release 11.3 T document that accompanies these release notes. The caveats document is updated for every maintenance release and is located on Cisco Connection Online (CCO) and the Documentation CD-ROM.
Use these release notes with the Cross-Platform Release Notes for Cisco IOS Release 11.3 T document on CCO and the Documentation CD-ROM.
These release notes discuss the following topics:
This section describes the system requirements for Release 11.3 T:
For Cisco routers to take advantage of the Release 11.3 features, you must upgrade the code or main system memory. Some platforms have specific chip or architecture requirements that affect what can be upgraded and in what increments.
| Platforms | Feature Set | Image Name | Software Image | Flash Memory Required | DRAM Memory Required | Runs from |
|---|---|---|---|---|---|---|
Cisco 1601- Cisco 1604 | IP Standard Feature Set | IP | c1600-y-l | 6 MB Flash | 2 MB DRAM | Flash |
IP Plus | c1600-sy-l | 6 MB Flash | 4 MB DRAM | Flash | ||
IP Plus 401 | c1600-sy40-l | 6 MB Flash | 4 MB DRAM | Flash | ||
IP Plus 562 | c1600-sy56-l | 6 MB Flash | 4 MB DRAM | Flash | ||
IP Plus IPSEC 562 | c1600-sy56i-l | 8 MB Flash | 4 MB DRAM | Flash | ||
IP/IPX Standard Feature Set | IP/IPX | c1600-ny-l | 6 MB Flash | 4 MB DRAM | Flash | |
IP/IPX Plus | c1600-nsy-l | 6 MB Flash | 4 MB DRAM | Flash | ||
IP/IPX/AT/IBM | c1600-bnr2y-l | 8 MB Flash | 4 MB DRAM | Flash | ||
IP/IPX/AT/IBM Plus | c1600-bnr2sy-l | 8 MB Flash | 6 MB DRAM | Flash | ||
IP/IPX/AT/IBM | c1600-bnr2sy40-l | 8 MB Flash | 6 MB DRAM | Flash | ||
IP/IPX/AT/IBM | c1600-bnr2sy56-l | 8 MB Flash | 6 MB DRAM | Flash | ||
IP/IPX/AT/IBM | c1600-bnr2sy56i-l | 8 MB Flash | 6 MB DRAM | Flash | ||
IP/FW | c1600-oy-1 | 6 MB Flash | 4 MB DRAM | Flash | ||
IP/IPX/FW Plus | c1600-nosy-l | 6 MB Flash | 4 MB DRAM | Flash | ||
IP/IPX/AT/IBM/FW Plus 562 | c1600-bnor2sy56-l | 82 MB Flash | 6 MB DRAM | Flash | ||
IP/IPX/AT/IBM/FW Plus IPSEC 562 | c1600-bnor2sy56i-l | 82 MB Flash | 6 MB DRAM | Flash | ||
Cisco 1605-R | IP Standard Feature Set | IP | c1600-y-mz | 2 MB Flash | 8 MB DRAM | RAM |
IP Plus | c1600-sy-mz | 4 MB Flash | 10 MB DRAM | RAM | ||
IP Plus 401 | c1600-sy40-mz | 4 MB Flash | 10 MB DRAM | RAM | ||
IP Plus 561 | c1600-sy56-mz | 4 MB Flash | 10 MB DRAM | RAM | ||
IP Plus IPSEC 561 | c1600-sy56i-mz | 4 MB Flash | 10 MB DRAM | RAM | ||
IP/IPX Standard Feature Set | IP/IPX | c1600-ny-mz | 4 MB Flash | 8 MB DRAM | RAM | |
IP/IPX Plus | c1600-nsy-mz | 4 MB Flash | 10 MB DRAM | RAM | ||
IP/IPX/AT/IBM | c1600-bnr2y-mz | 4 MB Flash | 12 MB DRAM | RAM | ||
IP/IPX/AT/IBM Plus | c1600-bnr2sy-mz | 4 MB Flash | 16 MB DRAM | RAM | ||
IP/IPX/AT/IBM Plus 401 | c1600-bnr2sy40-mz | 4 MB Flash | 16 MB DRAM | RAM | ||
IP/IPX/AT/IBM Plus 561 | c1600-bnr2sy56-mz | 4 MB Flash | 16 MB DRAM | RAM | ||
IP/IPX/AT/IBM | c1600-bnr2sy56i-mz | 4 MB Flash | 16 MB DRAM | RAM | ||
IP/FW | c1600-oy-mz | 4 MB Flash | 8 MB DRAM | RAM | ||
IP/IPX/FW Plus | c1600-nosy-mz | 4 MB Flash | 10 MB DRAM | RAM | ||
IP/IPX/AT/IBM/FW Plus 561 | c1600-bnor2sy56-mz | 4 MB Flash | 16 MB DRAM | RAM | ||
IP/IPX/AT/IBM/FW Plus IPSEC 561 | c1600-bnor2sy56i-mz | 4 MB Flash | 16 MB DRAM | RAM |
| 1This image is not available in Releases 11.3(1)T and 11.3(2)T. It is available in Release 11.3(3)T and later 11.3 T releases. 212 MB in Releases 11.3(1)T through 11.3(9)T. |
Cisco IOS Release 11.3 T supports the Cisco 1600 series:
For detailed descriptions of the new hardware features, see the "New and Changed Information" section
Table 1 lists the interfaces supported on the Cisco 1600 series. For more complete information, see the "Overview of the Router" chapter in the Cisco 1600 Series Hardware Installation Guide.
| Interface, Network Module, or Data Rate | Platforms Supported |
|---|---|
1 Ethernet port | Cisco 1601-1604 |
1 built-in WAN port | Cisco 1601-1604 |
1 WAN interface-card expansion slot | Cisco 1601-1604 |
1 built-in serial WAN port | Cisco 1601 |
1 onboard 56-kbps 4-wire DSU/CSU | Cisco 1602 |
1 ISDN BRI S/T port | Cisco 1603 |
ISDN BRI U interface with a built-in NT 1 device | Cisco 1601, Cisco 1602, Cisco 1605-R |
2 Ethernet LAN interfaces | Cisco 1605-R |
1 WAN interface card slot | Cisco 1605-R |
1-port ISDN BRI with S/T interface | Cisco 1601, Cisco 1602, Cisco 1605-R |
1-port synchronous/ asynchronous serial | Cisco 1600 series |
1-port ISDN BRI with integrated NT1 and with a U interface | Cisco 1600 series |
1-port ISDN Leased Line BRI S/T WAN interface | Cisco 1603, Cisco 1604 |
1-port 56/64kbps DSU/CSU WAN interface | Cisco 1600 series |
1-port T1/Fractional T1 DSU/CSU WAN interface | Cisco 1600 series |
To determine the version of Cisco IOS software running on your Cisco 1600 series router, log in to the router, and enter the show version user EXEC command:
router> show version Cisco Internetwork Operating System Software IOS (tm) 1600 Software (C1600-NY-MZ), Version 11.3(11)T, RELEASE SOFTWARE
For information about upgrading to a new software release, see the product bulletin Cisco IOS Software Release 11.3 Upgrade Paths and Packaging Simplification on CCO at:
Service & Support: Product Bulletins: Software
Under Cisco IOS 11.3, click Cisco IOS Software Release 11.3 Upgrade Paths (#703: 12/97)
This product bulletin does not contain information specific to Cisco IOS Release 11.3 T but provides generic upgrade information that may apply to Cisco IOS Release 11.3 T.
The Cisco IOS software is packaged in feature sets consisting of software images--depending on the platform. Each feature set contains a specific set of Cisco IOS features.
Release 11.3 T supports the same feature sets as Release 11.3, but Release 11.3 T can include new features supported by the Cisco 1600 series.
| Feature Set | Image Name | Feature Set Matrix Term | Software Images | Platforms |
|---|---|---|---|---|
IP Standard Feature Set | IP | Basic1 | c1600-y-l | Cisco 1600 series |
IP Plus | Plus2 | c1600-sy-l | Cisco 1600 series | |
IP Plus 403 | Plus 404 | c1600-sy40-l | Cisco 1600 series | |
IP Plus 563 | Plus 565 | c1600-sy56-l | Cisco 1600 series | |
IP Plus IPSEC 563 | Plus, IPSec 566 | c1600-sy56i-l | Cisco 1600 series | |
IP/IPX Standard Feature Set | IP/IPX | Basic | c1600-ny-l | Cisco 1600 series |
IP/IPX Plus | Plus | c1600-nsy-l | Cisco 1600 series | |
IP/IPX/AT/IBM | Basic | c1600-bnr2y-l | Cisco 1600 series | |
IP/IPX/AT/IBM Plus | Plus | c1600-bnr2sy-l | Cisco 1600 series | |
IP/IPX/AT/IBM Plus 403 | Plus 40 | c1600-bnr2sy40-l | Cisco 1600 series | |
IP/IPX/AT/IBM Plus 563 | Plus 56 | c1600-bnr2sy56-l | Cisco 1600 series | |
IP/IPX/AT/IBM Plus IPSEC 563 | Plus, IPSec 56 | c1600-bnr2sy56i-l | Cisco 1600 series | |
IP/FW | Basic | c1600-oy-1 | Cisco 1600 series | |
IP/IPX/FW Plus | Plus | c1600-nosy-l | Cisco 1600 series | |
IP/IPX/AT/IBM/FW Plus 563 | Plus 56 | c1600-bnor2sy56-l | Cisco 1600 series | |
IP/IPX/AT/IBM/FW Plus IPSEC 563 | Plus, IPSec 56 | c1600-bnor2sy56i-l | Cisco 1600 series |
| 1This feature set is offered in the basic feature set. 2This feature set is offered in the Plus feature set. 3This image is not available in Releases 11.3(1)T and 11.3(2)T. It is available in Release 11.3(3)T and later 11.3 T releases. 4This feature set is offered in the encryption feature sets, which consist of 40-bit (Plus 40) data encryption feature sets. 5This feature set is offered in the encryption feature sets, which consist of 56-bit (Plus 56) data encryption feature sets. 6This feature set is offered in the encryption feature sets, which consist of IPSec 56-bit (Plus IPSec 56) data encryption feature sets. |
 | Caution Cisco IOS images with strong encryption (including, but not limited to, 56-bit data encryption feature sets) are subject to United States government export controls and limited distribution. Images to be installed outside the United States require an export license. Customer orders may be denied or subject to delay because of United States government regulations. Contact your sales representative or distributor for more information, or send an e-mail to export@cisco.com. |
Table 3 and Table 4 list the features and feature sets supported by the Cisco 1601-1604 in Cisco IOS Release 11.3 T, and Table 5 and Table 6 list the features and feature sets supported by the Cisco 1605-R in Cisco IOS Release 11.3 T. All the tables use the following conventions:
| Feature Set | |||||||||
|---|---|---|---|---|---|---|---|---|---|
| Feature | IP | IP Plus | IP Plus 401 | IP Plus 561 | IP Plus IPSEC 562 | IP/IPX | IP/IPX Plus | IP/IPX/ AT/IBM | IP/IPX/ AT/IBM Plus |
| IBM Support |
|
|
|
|
|
|
|
|
|
APPN High Performance Routing | No | No | No | No | No | No | No | No | No |
APPN MIB Enhancements | No | No | No | No | No | No | No | No | No |
APPN over Ethernet LAN Emulation | No | No | No | No | No | No | No | No | No |
APPN Scalability Enhancements | No | No | No | No | No | No | No | No | No |
Bisync Enhancements, includes:
| No | No | No | No | Yes | No | No | Yes | Yes |
Cisco MultiPath Channel (CMPC) | No | No | No | No | No | No | No | No | No |
DLSw+ Enhancements, includes:
| No | No | No | No | No | No | No | Yes | Yes |
FRAS Enhancements, includes:
| No | No | No | No | No | No | No | Yes | Yes |
RIF Passthru in DLSw+ | No | No | No | No | No | No | No | Yes | Yes |
SRB over FDDI on Cisco 4000, 4500, and 4700 Series Routers | No | No | No | No | No | No | No | No | No |
TN3270 LU Nailing | No | No | No | No | No | No | No | No | No |
TN3270 Server Enhancements | No | No | No | No | No | No | No | No | No |
Token Ring LANE | No | No | No | No | No | No | No | No | No |
Tunneling of Asynchronous Security Protocols | No | No | No | No | Yes | No | No | Yes | Yes |
| Internet |
|
|
|
|
|
|
|
|
|
DRP Server Agent | No | No | No | No | No | No | No | No | No |
| IP Routing |
|
|
|
|
|
|
|
|
|
Easy IP (Phase 1) | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
Hot Standby Router Protocol (HSRP) over ISL in Virtual LAN Configurations | No | No | No | No | No | No | No | No | No |
IP Enhanced IGRP Route Authentication | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
IP Type of Service and Precedence for GRE Tunnels | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
Network Address Translation (NAT) | No | Yes | Yes | Yes | Yes | No | Yes | No | Yes |
TCP Enhancements, includes:
| Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
| LAN Support |
|
|
|
|
|
|
|
|
|
AppleTalk Access List Enhancements | No | No | No | No | Yes | No | No | No | Yes |
DECnet Accounting | No | No | No | No | No | No | No | No | No |
IPX Named Access Lists | No | No | No | No | Yes | Yes | Yes | Yes | Yes |
IPX SAP-after-RIP | No | No | No | No | Yes | Yes | Yes | Yes | Yes |
NLSP Enhancements | No | No | No | No | Yes | No | Yes | No | Yes |
NLSP Multicast Support | No | No | No | No | Yes | No | Yes | No | Yes |
| Management |
|
|
|
|
|
|
|
|
|
Cisco Call History MIB Command Line Interface | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
Cisco IOS Internationalization | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
Entity MIB, Phase 1 | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
SNMPv2C | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
Virtual Profiles | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
VPDN MIB and Syslog Facility | No | Yes | Yes | Yes | Yes | No | Yes | No | Yes |
| Multimedia |
|
|
|
|
|
|
|
|
|
IP Multicast Load Splitting across Equal-Cost Paths | No | Yes | Yes | Yes | Yes | No | Yes | No | Yes |
IP Multicast over ATM Point-to-Multipoint Virtual Connections | No | No | No | No | No | No | No | No | No |
IP Multicast over Token Ring LANs | No | No | No | No | No | No | No | No | No |
PIM Version 2 | No | Yes | Yes | Yes | Yes | No | Yes | No | Yes |
Stub IP Multicast Routing | No | Yes | Yes | Yes | Yes | No | Yes | No | Yes |
| Quality of Service |
|
|
|
|
|
|
|
|
|
RTP Header Compression | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
| Security |
|
|
|
|
|
|
|
|
|
Additional Vendor-Proprietary RADIUS Attributes | No | Yes | Yes | Yes | Yes | No | Yes | No | Yes |
Certificate Authority Interoperability | No | No | No | No | Yes | No | No | No | No |
Cisco IOS Firewall: Context-Based Access Control | No | No | No | No | No | No | No | No | No |
Double Authentication | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
Encrypted Kerberized Telnet | No | No | No | No | No | No | No | No | No |
HTTP Security | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
Internet Key Exchange Security Protocol | No | No | Yes | Yes | Yes | No | No | No | No |
IPSec Network Security | No | No | Yes | Yes | Yes | No | No | No | No |
Named Method Lists for AAA Authentication & Accounting | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
Per-User Configuration | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
Reflexive Access Lists | No | No | No | No | No | No | No | No | No |
TCP Intercept | No | No | No | No | No | No | No | No | No |
Vendor-Proprietary RADIUS Attributes | No | No | No | No | No | No | No | No | No |
| Switching |
|
|
|
|
|
|
|
|
|
AppleTalk Routing over ISL and IEEE 802.10 in Virtual LANs | No | No | No | No | No | No | No | No | No |
CLNS and DECnet Fast Switching over PPP | No | No | No | No | No | No | No | No | No |
DECnet/VINES/XNS over ISL, includes:
| No | No | No | No | No | No | No | No | No |
Fast-Switched Policy Routing | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
IPX Routing over ISL Virtual LANs | No | No | No | No | No | No | No | No | No |
VIP Distributed Switching Support for IP Encapsulated in ISL | No | No | No | No | No | No | No | No | No |
| Terminal Services |
|
|
|
|
|
|
|
|
|
Virtual Templates for Protocol Translation | No | No | No | No | No | No | No | No | No |
| WAN Optimization |
|
|
|
|
|
|
|
|
|
ATM MIB Enhancements | No | No | No | No | No | No | No | No | No |
PAD Enhancements | No | No | No | No | No | No | No | No | No |
PAD Subaddressing | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
| WAN Services |
|
|
|
|
|
|
|
|
|
Always On/Dynamic ISDN (AO/DI) | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
Bandwidth Allocation Control Protocol | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
Dialer Watch | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
Enhanced Local Management Interface (ELMI) | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
Frame Relay Enhancements | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
Frame Relay MIB Extensions | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
Frame Relay Router ForeSight | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
ISDN Advice of Charge | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
ISDN Caller ID Callback | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
ISDN NFAS | No | No | No | No | No | No | No | No | No |
Layer 2 Forwarding--Fast Switching | No | Yes | Yes | Yes | Yes | No | Yes | No | Yes |
Leased Line ISDN at 128 kbps | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
Microsoft Point-to-Point Compression | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
MS Callback | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
PPP over ATM | No | No | No | No | No | No | No | No | No |
Stackable Home Gateway | No | Yes | Yes | Yes | Yes | No | Yes | No | Yes |
Telnet Extensions for Dialout | No | No | No | No | No | No | No | No | No |
X.25 Enhancements | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
X.25 on ISDN | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
X.25 Switching between PVCs and SVCs | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
X.28 Emulation | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
| 1This image is not available in Releases 11.3(1)T and 11.3(2)T. It is available in Release 11.3(3)T and later 11.3 T releases. 2This image is available in Release 11.3(3)T and later releases. |
| Feature Set | |||||||
|---|---|---|---|---|---|---|---|
| Feature | IP/IPX/ AT/IBM Plus 401 | IP/IPX/ AT/IBM Plus 561 | IP/IPX/AT/IBM Plus IPSEC 562 | IP/FW | IP/ IPX/ FW Plus2 | IP/ IPX/ AT/IBM/ FW Plus 562 | IP/IPX/ AT/IBM/ FW Plus IPSEC 562 |
| IBM Support |
|
|
|
|
|
|
|
APPN High Performance Routing | No | No | No | No | No | No | No |
APPN MIB Enhancements | No | No | No | No | No | No | No |
APPN over Ethernet LAN Emulation | No | No | No | No | No | No | No |
APPN Scalability Enhancements | No | No | No | No | No | No | No |
Bisync Enhancements, includes:
| Yes | Yes | Yes | No | No | Yes | Yes |
Cisco MultiPath Channel (CMPC) | No | No | No | No | No | No | No |
DLSw+ Enhancements, includes:
| Yes | Yes | Yes | No | No | Yes | Yes |
FRAS Enhancements, includes:
| Yes | Yes | Yes | No | No | Yes | Yes |
RIF Passthru in DLSw+ | Yes | Yes | Yes | No | No | Yes | Yes |
SRB over FDDI on Cisco 4000, 4500, and 4700 Series Routers | No | No | No | No | No | No | No |
TN3270 LU Nailing | No | No | No | No | No | No | No |
TN3270 Server Enhancements | No | No | No | No | No | No | No |
Token Ring LANE | No | No | No | No | No | No | No |
Tunneling of Asynchronous Security Protocols | Yes | Yes | Yes | No | No | Yes | Yes |
| Internet |
|
|
|
|
|
|
|
DRP Server Agent | No | No | No | No | No | No | No |
| IP Routing |
|
|
|
|
|
|
|
Easy IP (Phase 1) | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
Hot Standby Router Protocol (HSRP) over ISL in Virtual LAN Configurations | No | No | No | No | No | No | No |
IP Enhanced IGRP Route Authentication | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
IP Type of Service and Precedence for GRE Tunnels | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
Network Address Translation (NAT) | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
TCP Enhancements, includes:
| Yes | Yes | Yes | Yes | Yes | Yes | Yes |
| LAN Support |
|
|
|
|
|
|
|
AppleTalk Access List Enhancements | Yes | Yes | Yes | No | No | Yes | Yes |
DECnet Accounting | No | No | No | No | No | No | No |
IPX Named Access Lists | Yes | Yes | Yes | No | Yes | Yes | Yes |
IPX SAP-after-RIP | Yes | Yes | Yes | No | Yes | Yes | Yes |
NLSP Enhancements | Yes | Yes | Yes | No | Yes | Yes | Yes |
NLSP Multicast Support | Yes | Yes | Yes | No | Yes | Yes | Yes |
| Management |
|
|
|
|
|
|
|
Cisco Call History MIB Command Line Interface | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
Cisco IOS Internationalization | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
Entity MIB, Phase 1 | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
SNMPv2C | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
Virtual Profiles | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
VPDN MIB and Syslog Facility | Yes | Yes | Yes | No | Yes | Yes | Yes |
| Multimedia |
|
|
|
|
|
|
|
IP Multicast Load Splitting across Equal-Cost Paths | Yes | Yes | Yes | No | Yes | Yes | Yes |
IP Multicast over ATM Point-to-Multipoint Virtual Connections | No | No | No | No | No | No | No |
IP Multicast over Token Ring LANs | No | No | No | No | No | No | No |
PIM Version 2 | Yes | Yes | Yes | No | Yes | Yes | Yes |
Stub IP Multicast Routing | Yes | Yes | Yes | No | Yes | Yes | Yes |
| Quality of Service |
|
|
|
|
|
|
|
RTP Header Compression | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
| Security |
|
|
|
|
|
|
|
Additional Vendor-Proprietary RADIUS Attributes | Yes | Yes | Yes | No | Yes | Yes | Yes |
Certificate Authority Interoperability | No | No | Yes | No | No | No | Yes |
Cisco IOS Firewall: Context-Based Access Control | No | No | No | Yes | Yes | Yes | Yes |
Double Authentication | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
Encrypted Kerberized Telnet | No | No | No | No | No | No | No |
HTTP Security | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
Internet Key Exchange Security Protocol | Yes | Yes | Yes | No | No | Yes | Yes |
IPSec Network Security | Yes | Yes | Yes | No | No | Yes | Yes |
Named Method Lists for AAA Authentication & Accounting | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
Per-User Configuration | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
Reflexive Access Lists | No | No | No | No | No | No | No |
TCP Intercept | No | No | No | No | No | No | No |
Vendor-Proprietary RADIUS Attributes | No | No | No | No | No | No | No |
| Switching |
|
|
|
|
|
|
|
AppleTalk Routing over ISL and IEEE 802.10 in Virtual LANs | No | No | No | No | No | No | No |
CLNS and DECnet Fast Switching over PPP | No | No | No | No | No | No | No |
DECnet/VINES/XNS over ISL, includes:
| No | No | No | No | No | No | No |
Fast-Switched Policy Routing | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
IPX Routing over ISL Virtual LANs | No | No | No | No | No | No | No |
VIP Distributed Switching Support for IP Encapsulated in ISL | No | No | No | No | No | No | No |
| Terminal Services |
|
|
|
|
|
|
|
Virtual Templates for Protocol Translation | No | No | No | No | No | No | No |
| WAN Optimization |
|
|
|
|
|
|
|
ATM MIB Enhancements | No | No | No | No | No | No | No |
PAD Enhancements | No | No | No | No | No | No | No |
PAD Subaddressing | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
| WAN Services |
|
|
|
|
|
|
|
Always On/Dynamic ISDN (AO/DI) | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
Bandwidth Allocation Control Protocol | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
Dialer Watch | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
Enhanced Local Management Interface (ELMI) | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
Frame Relay Enhancements | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
Frame Relay MIB Extensions | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
Frame Relay Router ForeSight | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
ISDN Advice of Charge | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
ISDN Caller ID Callback | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
ISDN NFAS | No | No | No | No | No | No | No |
Layer 2 Forwarding--Fast Switching | Yes | Yes | Yes | No | Yes | Yes | Yes |
Leased Line ISDN at 128 kbps | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
Microsoft Point-to-Point Compression | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
MS Callback | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
PPP over ATM | No | No | No | No | No | No | No |
Stackable Home Gateway | Yes | Yes | Yes | No | Yes | Yes | Yes |
Telnet Extensions for Dialout | No | No | No | No | No | No | No |
X.25 Enhancements | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
X.25 on ISDN | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
X.25 Switching between PVCs and SVCs | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
X.28 Emulation | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
| 1This image is not available in Releases 11.3(1)T and 11.3(2)T. It is available in Release 11.3(3)T and later 11.3 T releases. 2This image is available in Release 11.3(3)T and later releases. |
| Feature Set | |||||||||
|---|---|---|---|---|---|---|---|---|---|
| Feature | IP | IP Plus | IP Plus 401 | IP Plus 561 | IP Plus IPSEC 562 | IP/IPX | IP/IPX Plus | IP/IPX/ AT/IBM | IP/IPX/ AT/IBM Plus |
| IBM Support |
|
|
|
|
|
|
|
|
|
APPN High Performance Routing | No | No | No | No | No | No | No | No | No |
APPN MIB Enhancements | No | No | No | No | No | No | No | No | No |
APPN over Ethernet LAN Emulation | No | No | No | No | No | No | No | No | No |
APPN Scalability Enhancements | No | No | No | No | No | No | No | No | No |
Bisync Enhancements, includes:
| No | No | No | No | Yes | No | No | Yes | Yes |
Cisco MultiPath Channel (CMPC) | No | No | No | No | No | No | No | No | No |
DLSw+ Enhancements, includes:
| No | No | No | No | Yes | No | No | Yes | Yes |
FRAS Enhancements, includes:
| No | No | No | No | Yes | No | No | Yes | Yes |
RIF Passthru in DLSw+ | No | No | No | No | No | No | No | Yes | Yes |
SRB over FDDI on Cisco 4000, 4500, and 4700 Series Routers | No | No | No | No | No | No | No | No | No |
TN3270 LU Nailing | No | No | No | No | No | No | No | No | No |
TN3270 Server Enhancements | No | No | No | No | No | No | No | No | No |
Token Ring LANE | No | No | No | No | No | No | No | No | No |
Tunneling of Asynchronous Security Protocols | No | No | No | No | Yes | No | No | Yes | Yes |
| Internet |
|
|
|
|
|
|
|
|
|
DRP Server Agent | No | No | No | No | No | No | No | No | No |
| IP Routing |
|
|
|
|
|
|
|
|
|
Easy IP (Phase 1) | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
Hot Standby Router Protocol (HSRP) over ISL in Virtual LAN Configurations | No | No | No | No | No | No | No | No | No |
IP Enhanced IGRP Route Authentication | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
IP Type of Service and Precedence for GRE Tunnels | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
Network Address Translation (NAT) | No | Yes | Yes | Yes | Yes | No | Yes | No | Yes |
TCP Enhancements, includes:
| Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
| LAN Support |
|
|
|
|
|
|
|
|
|
AppleTalk Access List Enhancements | No | No | No | No | Yes | No | No | No | Yes |
DECnet Accounting | No | No | No | No | No | No | No | No | No |
IPX Named Access Lists | No | No | No | No | Yes | Yes | Yes | Yes | Yes |
IPX SAP-after-RIP | No | No | No | No | Yes | Yes | Yes | Yes | Yes |
NLSP Enhancements | No | No | No | No | Yes | No | Yes | No | Yes |
NLSP Multicast Support | No | No | No | No | Yes | No | Yes | No | Yes |
| Management |
|
|
|
|
|
|
|
|
|
Cisco Call History MIB Command Line Interface | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
Cisco IOS Internationalization | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
Entity MIB, Phase 1 | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
SNMPv2C | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
Virtual Profiles | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
VPDN MIB and Syslog Facility | No | Yes | Yes | Yes | Yes | No | Yes | No | Yes |
| Multimedia |
|
|
|
|
|
|
|
|
|
IP Multicast Load Splitting across Equal-Cost Paths | No | Yes | Yes | Yes | Yes | No | Yes | No | Yes |
IP Multicast over ATM Point-to-Multipoint Virtual Connections | No | No | No | No | No | No | No | No | No |
IP Multicast over Token Ring LANs | No | No | No | No | No | No | No | No | No |
PIM Version 2 | No | Yes | Yes | Yes | Yes | No | Yes | No | Yes |
Stub IP Multicast Routing | No | Yes | Yes | Yes | Yes | No | Yes | No | Yes |
| Quality of Service |
|
|
|
|
|
|
|
|
|
RTP Header Compression | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
| Security |
|
|
|
|
|
|
|
|
|
Additional Vendor-Proprietary RADIUS Attributes | No | Yes | Yes | Yes | Yes | No | Yes | No | Yes |
Cisco IOS Firewall: Context-Based Access Control | No | No | No | No | No | No | No | No | No |
Certificate Authority Interoperability | No | No | No | No | Yes | No | No | No | No |
Double Authentication | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
Encrypted Kerberized Telnet | No | No | No | No | No | No | No | No | No |
HTTP Security | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
Internet Key Exchange Security Protocol | No | No | Yes | Yes | Yes | No | No | No | No |
IPSec Network Security | No | No | Yes | Yes | Yes | No | No | No | No |
Named Method Lists for AAA Authentication & Accounting | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
Per-User Configuration | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
Reflexive Access Lists | No | No | No | No | No | No | No | No | No |
TCP Intercept | No | No | No | No | No | No | No | No | No |
Vendor-Proprietary RADIUS Attributes | No | No | No | No | No | No | No | No | No |
| Switching |
|
|
|
|
|
|
|
|
|
AppleTalk Routing over ISL and IEEE 802.10 in Virtual LANs | No | No | No | No | No | No | No | No | No |
CLNS and DECnet Fast Switching over PPP | No | No | No | No | No | No | No | No | No |
DECnet/VINES/XNS over ISL, includes:
| No | No | No | No | No | No | No | No | No |
Fast-Switched Policy Routing | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
IPX Routing over ISL Virtual LANs | No | No | No | No | No | No | No | No | No |
VIP Distributed Switching Support for IP Encapsulated in ISL | No | No | No | No | No | No | No | No | No |
| Terminal Services |
|
|
|
|
|
|
|
|
|
Virtual Templates for Protocol Translation | No | No | No | No | No | No | No | No | No |
| WAN Optimization |
|
|
|
|
|
|
|
|
|
ATM MIB Enhancements | No | No | No | No | No | No | No | No | No |
PAD Enhancements | No | No | No | No | No | No | No | No | No |
PAD Subaddressing | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
| WAN Services |
|
|
|
|
|
|
|
|
|
Always On/Dynamic ISDN (AO/DI) | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
Bandwidth Allocation Control Protocol | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
Dialer Watch | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
Enhanced Local Management Interface (ELMI) | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
Frame Relay Enhancements | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
Frame Relay MIB Extensions | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
Frame Relay Router ForeSight | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
ISDN Advice of Charge | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
ISDN Caller ID Callback | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
ISDN NFAS | No | No | No | No | No | No | No | No | No |
Layer 2 Forwarding--Fast Switching | No | Yes | Yes | Yes | Yes | No | Yes | No | Yes |
Leased Line ISDN at 128 kbps | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
Microsoft Point-to-Point Compression | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
MS Callback | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
PPP over ATM | No | No | No | No | No | No | No | No | No |
Stackable Home Gateway | No | Yes | Yes | Yes | Yes | No | Yes | No | Yes |
Telnet Extensions for Dialout | No | No | No | No | No | No | No | No | No |
X.25 Enhancements | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
X.25 on ISDN | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
X.25 Switching between PVCs and SVCs | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
X.28 Emulation | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
| 1This image is not available in Releases 11.3(1)T and 11.3(2)T. It is available in Release 11.3(3)T and later 11.3 T releases. 2This image is available in Release 11.3(3)T and later releases. |
| Feature Set | |||||||
|---|---|---|---|---|---|---|---|
| Feature | IP/IPX/ AT/IBM Plus 401 | IP/IPX/ AT/IBM Plus 561 | IP/IPX/AT/IBM Plus IPSEC 562 | IP/FW2 | IP/ IPX/ FW Plus2 | IP/ IPX/ AT/IBM/ FW Plus 562 | IP/IPX/ AT/IBM/ FW Plus IPSEC 562 |
| IBM Support |
|
|
|
|
|
|
|
APPN High Performance Routing | No | No | No | No | No | No | No |
APPN MIB Enhancements | No | No | No | No | No | No | No |
APPN over Ethernet LAN Emulation | No | No | No | No | No | No | No |
APPN Scalability Enhancements | No | No | No | No | No | No | No |
Bisync Enhancements, includes:
| Yes | Yes | Yes | No | No | Yes | Yes |
Cisco MultiPath Channel (CMPC) | No | No | No | No | No | No | No |
DLSw+ Enhancements, includes:
| Yes | Yes | Yes | No | No | Yes | Yes |
FRAS Enhancements, includes:
| Yes | Yes | Yes | No | No | Yes | Yes |
RIF Passthru in DLSw+ | Yes | Yes | Yes | No | No | Yes | Yes |
SRB over FDDI on Cisco 4000, 4500, and 4700 Series Routers | No | No | No | No | No | No | No |
TN3270 LU Nailing | No | No | No | No | No | No | No |
TN3270 Server Enhancements | No | No | No | No | No | No | No |
Token Ring LANE | No | No | No | No | No | No | No |
Tunneling of Asynchronous Security Protocols | Yes | Yes | Yes | No | No | Yes | Yes |
| Internet |
|
|
|
|
|
|
|
DRP Server Agent | No | No | No | No | No | No | No |
| IP Routing |
|
|
|
|
|
|
|
Easy IP (Phase 1) | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
Hot Standby Router Protocol (HSRP) over ISL in Virtual LAN Configurations | No | No | No | No | No | No | No |
IP Enhanced IGRP Route Authentication | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
IP Type of Service and Precedence for GRE Tunnels | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
Network Address Translation (NAT) | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
TCP Enhancements, includes:
| Yes | Yes | Yes | Yes | Yes | Yes | Yes |
| LAN Support |
|
|
|
|
|
|
|
AppleTalk Access List Enhancements | Yes | Yes | Yes | No | No | Yes | Yes |
DECnet Accounting | No | No | No | No | No | No | No |
IPX Named Access Lists | Yes | Yes | Yes | No | Yes | Yes | Yes |
IPX SAP-after-RIP | Yes | Yes | Yes | No | Yes | Yes | Yes |
NLSP Enhancements | Yes | Yes | Yes | No | Yes | Yes | Yes |
NLSP Multicast Support | Yes | Yes | Yes | No | Yes | Yes | Yes |
| Management |
|
|
|
|
|
|
|
Cisco Call History MIB Command Line Interface | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
Cisco IOS Internationalization | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
Entity MIB, Phase 1 | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
SNMPv2C | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
Virtual Profiles | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
VPDN MIB and Syslog Facility | Yes | Yes | Yes | No | Yes | Yes | Yes |
| Multimedia |
|
|
|
|
|
|
|
IP Multicast Load Splitting across Equal-Cost Paths | Yes | Yes | Yes | No | Yes | Yes | Yes |
IP Multicast over ATM Point-to-Multipoint Virtual Connections | No | No | No | No | No | No | No |
IP Multicast over Token Ring LANs | No | No | No | No | No | No | No |
PIM Version 2 | Yes | Yes | Yes | No | Yes | Yes | Yes |
Stub IP Multicast Routing | Yes | Yes | Yes | No | Yes | Yes | Yes |
| Quality of Service |
|
|
|
|
|
|
|
RTP Header Compression | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
| Security |
|
|
|
|
|
|
|
Additional Vendor-Proprietary RADIUS Attributes | Yes | Yes | Yes | No | Yes | Yes | Yes |
Cisco IOS Firewall: Context-Based Access Control | No | No | No | Yes | Yes | Yes | Yes |
Certificate Authority Interoperability | No | No | Yes | No | No | No | Yes |
Double Authentication | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
Encrypted Kerberized Telnet | No | No | No | No | No | No | No |
HTTP Security | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
Internet Key Exchange Security Protocol | Yes | Yes | Yes | No | No | Yes | Yes |
IPSec Network Security | Yes | Yes | Yes | No | No | Yes | Yes |
Named Method Lists for AAA Authentication & Accounting | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
Per-User Configuration | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
Reflexive Access Lists | No | No | No | No | No | No | No |
TCP Intercept | No | No | No | No | No | No | No |
Vendor-Proprietary RADIUS Attributes | No | No | No | No | No | No | No |
| Switching |
|
|
|
|
|
|
|
AppleTalk Routing over ISL and IEEE 802.10 in Virtual LANs | No | No | No | No | No | No | No |
CLNS and DECnet Fast Switching over PPP | No | No | No | No | No | No | No |
DECnet/VINES/XNS over ISL, includes:
| No | No | No | No | No | No | No |
Fast-Switched Policy Routing | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
IPX Routing over ISL Virtual LANs | No | No | No | No | No | No | No |
VIP Distributed Switching Support for IP Encapsulated in ISL | No | No | No | No | No | No | No |
| Terminal Services |
|
|
|
|
|
|
|
Virtual Templates for Protocol Translation | No | No | No | No | No | No | No |
| WAN Optimization |
|
|
|
|
|
|
|
ATM MIB Enhancements | No | No | No | No | No | No | No |
PAD Enhancements | No | No | No | No | No | No | No |
PAD Subaddressing | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
| WAN Services |
|
|
|
|
|
|
|
Always On/Dynamic ISDN (AO/DI) | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
Bandwidth Allocation Control Protocol | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
Dialer Watch | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
Enhanced Local Management Interface (ELMI) | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
Frame Relay Enhancements | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
Frame Relay MIB Extensions | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
Frame Relay Router ForeSight | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
ISDN Advice of Charge | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
ISDN Caller ID Callback | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
ISDN NFAS | No | No | No | No | No | No | No |
Layer 2 Forwarding--Fast Switching | Yes | Yes | Yes | No | Yes | Yes | Yes |
Leased Line ISDN at 128 kbps | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
Microsoft Point-to-Point Compression | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
MS Callback | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
PPP over ATM | No | No | No | No | No | No | No |
Stackable Home Gateway | Yes | Yes | Yes | No | Yes | Yes | Yes |
Telnet Extensions for Dialout | No | No | No | No | No | No | No |
X.25 Enhancements | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
X.25 on ISDN | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
X.25 Switching between PVCs and SVCs | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
X.28 Emulation | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
| 1This image is not available in Releases 11.3(1)T and 11.3(2)T. It is available in Release 11.3(3)T and later 11.3 T releases. 2This image is available in Release 11.3(3)T and later releases. |
The following sections list the new features supported by the Cisco 1600 series routers for Cisco IOS Release 11.3 T.
There are no new software features supported by the Cisco 1600 series in Cisco IOS Release 11.3(5)T through 11.3(11)T.
The following new software feature is supported by the Cisco 1600 series in Release 11.3(4)T and later 11.3 T releases.
For more information about configuring the following new features, from CCO select Service & Support, go to Documentation Home Page, click Cisco IOS Software Configuration, click Cisco IOS Release 11.3, select Cisco IOS 11.3 T New Features, and then click 11.3(4)T New Features. This information is also available on the Documentation CD-ROM.
Prior to the IP Type of Service and Precedence for GRE Tunnels feature, at generic route encapsulation-based tunnel endpoints, the Type of Service (TOS) bits (including precedence bits) were not copied to the tunnel or GRE IP header that encapsulates the inner packet. Instead, those bits were set to zero. This was not a problem unless the intermediate routers between two tunnel endpoints honored TOS or precedence bits, in which case those settings were ignored.
With the advent of virtual private network (VPN) and QoS applications, it is desirable to copy the TOS bits when the router encapsulates the packets using GRE. Thus, intermediate routers between tunnel endpoints can take advantage of the QoS features such as weighted fair queuing (WFQ) and weighted random early detection (WRED).
The following new hardware features are supported by the Cisco 1600 series in Release 11.3(3)T and later 11.3 T releases.
The Cisco 1605-R router was added to the Cisco 1600 series in this release, and can connect two Ethernet LANs to the Internet. The router has a WAN interface card slot and support for multiple WAN technologies. Cisco 1605-R router features include the following:
The 1-port 56/64-kbps WAN interface card includes an integral DSU/CSU and can be configured to provide circuit-switched, dedicated, or leased-line service at 56 kbps. This card also supports 64-kbps dedicated lines.
The Cisco T1 data service unit/channel service unit (DSU/CSU) WAN interface card is an integrated, managed T1, or fractional T1 WAN interface card. It provides nonchannelized data rates of 1 to 24 X 64 kbps or 1 to 24 X 56 kbps and follows ANSI T1.403 and AT&T Publication 62411 standards.
The Cisco T1 DSU/CSU WAN interface management features include the following:
The following new software features are supported by the Cisco 1600 series in Release 11.3(3)T and later 11.3 T releases.
Remote Authentication Dial-In User Server (RADIUS) is an access server authentication, authorization, and accounting protocol originally developed by Livingston, Inc. Although an Internet Engineering Task Force (IETF) draft standard for RADIUS specifies a method for communicating vendor-proprietary information between the network access server and the RADIUS server, some vendors have extended the RADIUS attribute set in a unique way.
In this release, Cisco IOS software introduces support for additional vendor-proprietary RADIUS attributes. For a complete list of supported IETF and vendor-proprietary RADIUS attributes, refer to the "RADIUS Attributes" appendix in the Cisco IOS Release 11.3 Security Configuration Guide.
Always On/Dynamic ISDN (AO/DI) is an on-demand service that optimizes the use of an existing Integrated Services Digital Network (ISDN) signaling channel (D channel) to transport X.25 traffic. The X.25 D-channel call is placed from the subscriber to the packet data service provider. Multilink and TCP/IP protocols are encapsulated within the X.25 logical circuit carried by the D channel. The bearer channels (B channels) use the Multilink protocol without the standard Q.922 and X.25 encapsulations and invoke additional bandwidth as needed. AO/DI takes full advantage of existing packet handlers at the central office by using an existing D channel to transport the X.25 traffic.
The link associated with the X.25 D-channel packet connection is used as the primary link of the Multilink protocol. The D channel is a connectionless, packet-oriented link between the Customer Premise Equipment (CPE) and the central office. Because the D channel is always available, it is possible to offer "always available" services. On-demand functionality is achieved by using the B channels to temporarily boost data throughput and disconnecting them after use.
Certificate Authority (CA) interoperability is provided in support of the IP Security (IPSec) standard. CA interoperability permits Cisco IOS devices and CA devices to communicate so that your Cisco IOS device can obtain and use digital certificates from the CA. Although IPSec can be implemented in your network without the use of a CA, using a CA provides manageability and scalability for IPSec. For background and configuration information for IPSec, see the "IPSec Network Security" feature documentation.
The Cisco IOS Firewall feature set combines existing Cisco IOS firewall technology and the new context-based access control feature to provide an effective, robust firewall.
The Cisco IOS Firewall feature set is designed to prevent unauthorized, external individuals from gaining access to your internal network and to block attacks on your network, while at the same time allowing authorized users to access network resources.
You can use the Cisco IOS Firewall feature set to configure your Cisco IOS device as:
The Cisco IOS Firewall feature set provides the following capabilities:
Context-based access control (CBAC) is a new feature which provides intelligent filtering of packets through the firewall. CBAC creates temporary openings in the firewall to permit packets that are part of a permissible session. (These packets are normally blocked at the firewall.) A permissible session is one that originates from within your protected internal network.
Internet Key Exchange Security Protocol (ISAKMP/Oakley) is a key management protocol, used in conjunction with the IPSec standard. IPSec is an IP security feature that provides robust authentication and encryption of IP packets. IPSec can be configured without ISAKMP/Oakley, but ISAKMP/Oakley enhances IPSec by providing additional features, flexibility, and ease of configuration for the IPSec standard. ISAKMP/Oakley is a hybrid protocol that implements the Oakley key exchange inside the ISAKMP framework.
IPSec Network Security (IPSec) is a framework of open standards developed by the Internet Engineering Task Force (IETF). IPSec provides security for transmission of sensitive information over unprotected networks such as the Internet. IPSec acts at the network layer, protecting and authenticating IP packets between participating IPSec devices ("peers") such as Cisco routers.
IPSec provides the following network security services:
With IPSec, data can be transmitted across a public network without fear of observation, modification, or spoofing. This enables applications such as virtual private networks (VPNs), extranets, and remote user access.
IPSec services are similar to those provided by Cisco Encryption Technology, a proprietary security solution introduced in Release 11.2. (The IPSec standard was not yet available at Release 11.2.) However, IPSec provides a more robust security solution and is standards-based.
Microsoft Point-to-Point Compression (MPPC) compresses Point-to-Point Protocol (PPP) packets between Cisco and Microsoft client devices. The MPPC algorithm is designed to optimize processor and bandwidth utilization in order to support multiple simultaneous connections. The MPPC algorithm uses a Lempel-Ziv (LZ) based algorithm with a continuous history buffer called a dictionary.
In earlier Cisco IOS releases, only named authentication method lists were supported under Cisco authentication, authorization, and accounting (AAA) network security services. Release 11.3(3)T extends AAA to support both authorization and accounting named method lists. Named method lists for authorization and accounting function the same way as those for authentication; you can define different methods for authorization and accounting and apply those methods on a per-interface or per-line basis.
Network Address Translation (NAT) provides a mechanism for a privately addressed network to access registered networks, such as the Internet, without requiring a registered subnet address. This eliminates the need for host renumbering and allows the same IP address range to be used in multiple intranets.
With NAT, the privately addressed network (designated as "inside") continues to use its existing private or obsolete addresses. These addresses are converted into legal addresses before packets are forwarded onto the registered network (designated as "outside"). The translation function is compatible with standard routing; the feature is required only on the router connecting the inside network to the outside domain.
Translations can be static or dynamic. A static address translation establishes a one-to-one mapping between the inside network and the outside domain. Dynamic address translations are defined by describing the local addresses to be translated and the pool of addresses from which to allocate outside addresses. Allocation is done in numeric order and multiple pools of contiguous address blocks can be defined, providing the following benefits:
Because the addressing scheme on the inside network might conflict with registered addresses already assigned within the Internet, NAT can support a separate address pool for overlapping networks and translate as appropriate. Applications that use raw IP addresses as a part of their protocol exchanges are incompatible with NAT. Typically, these are less common applications that do not use fully qualified domain names.
The DMS100 and NI2 switch types have been added to the existing non-facility associated signaling (NFAS) with D Channel Backup feature. ISDN NFAS allows a single D channel to control multiple PRI interfaces. A backup D channel can be configured for use when the primary NFAS D channel fails. When the channelized T1 controllers are configured for ISDN PRI, only the NFAS primary D channel must be configured; its configuration is distributed to all the members of the associated NFAS group.
Use of a single D channel to control multiple PRI interfaces can free one B channel on each interface to carry other traffic. Any hard failure causes a switchover to the backup D channel, and currently connected calls remain connected.
By default, DLSw+ terminates the RIF for Token Ring, terminates the LLC for all media types, and forwards only data across a WAN with DLSw+ and TCP/IP headers. The RIF is a field in source-route bridged frames that indicates the SRB path the frame should take when traversing a Token Ring network. In the case of an explorer packet, the RIF is a field of the source-route bridged frame that indicates the SRB path that the SRB explorer has traversed so far. The RIF is limited to seven hop counts by the IBM standards. Because DLSw+ terminates the RIF at the virtual ring, the network scalability increases because the hop count of the packet starts over, and the packet can traverse seven additional hops. RIF termination simplifies network design because ring numbers no longer have to be unique throughout an entire enterprise.
However, some environments do not function properly if the RIF is terminated. For that reason, DLSw+ now supports the RIF Passthru feature, in which the entire source-route bridged path appears in the RIF.
The Virtual Private Dialup Network (VPDN) Management Information Base (MIB) and Syslog Facility feature is intended to support all the tables and objects defined in "Cisco VPDN Management MIB" for the user sessions of the VPDN features. There are a number of commands that provide information and statistics through the command-line interface (CLI); the Cisco VPDN MIB has been created to satisfy the need to provide information and statistics through SNMP.
The following new software features are supported by the Cisco 1600 series in Release 11.3(2)T and later 11.3 T releases.
The DRP Server Agent can now measure client-to-server link latency (round-trip time) for use in traffic-redirection decisions.
Protocol-Independent Multicast (PIM) Version 2 includes the following improvements over PIM Version 1:
PIM Version 1, together with the Auto-RP feature, performs the same tasks as the PIM Version 2 BSR. However, Auto-RP is a standalone protocol, separate from PIM Version 1, and is a Cisco proprietary protocol. PIM Version 2 is a standards-track protocol in the Internet Engineering Task Force (IETF).
The Cisco PIM Version 2 implementation allows good interoperability and transition between Version 1 and Version 2. You can upgrade to PIM Version 2 incrementally. You can configure PIM Versions 1 and 2 on different routers within one network. Internally, all routers on a shared media network must run the same PIM version. Therefore, if a PIM Version 2 router detects a PIM Version 1 router, the Version 2 router downgrades itself to Version 1 until all Version 1 routers have been shut down or upgraded.
PIM uses the BSR to discover and announce RP-set information for each group prefix to all the routers in a PIM domain. This is the same function accomplished by Auto-RP, but the BSR is part of the PIM Version 2 specification. The BSR mechanism interoperates with Auto-RP.
To avoid a single point of failure, you can configure several candidate BSRs in a PIM domain. A BSR is automatically elected among the candidate BSRs; candidates use bootstrap messages to discover which BSR has the highest priority. This router then announces to all PIM routers in the PIM domain that it is the BSR.
Routers that are configured as candidate RPs then unicast to the BSR the group range for which they are responsible. The BSR includes this information in its bootstrap messages and disseminates it to all PIM routers in the domain. Based on this information, all routers are able to map multicast groups to specific RPs. As long as a router is receiving the bootstrap message, it has a current RP map.
Dialer Watch is a backup feature that integrates dial backup with routing capabilities. Prior dial backup implementations used the following conditions to trigger backup:
Prior backup implementations might not have supplied optimum performance on some networks, such as those using Frame Relay multipoint subinterfaces or Frame Relay connections that do not support end-to-end LMI.
Dialer Watch provides reliable connectivity without relying solely on defining interesting traffic to trigger outgoing calls at the central router. Dialer Watch uses the convergence times and characteristics of dynamic routing protocols. Integrating backup and routing features enables Dialer Watch to monitor every deleted route. By configuring a set of watched routes that define the primary interface, you can monitor and track the status of the primary interface as watched routes are added and deleted. Watched routes are monitored in the following sequence:
1. Whenever a watched route is deleted, Dialer Watch checks to see if there is at least one valid route for any of the watched IP addresses defined.
2. If there is no valid route, the primary line is considered down and unusable.
3. If there is a valid route for at least one of the defined watched IP addresses, and if the route is pointing to an interface other than the backup interface configured for Dialer Watch, the primary link is considered up.
4. If the primary link goes down, Dialer Watch is immediately notified by the routing protocol, and the secondary link is brought up.
5. When the secondary link is up, the primary link is rechecked at the expiration of each idle timeout.
6. If the primary link remains down, the idle timer is indefinitely reset.
7. If the primary link is up, the secondary backup link is disconnected. Additionally, you can set a disable timer to create a delay for the secondary link to disconnect after the primary link is reestablished.
The MS Callback feature provides client-server callback services for Microsoft Windows 95 and Microsoft Windows NT clients. MS Callback supports the Microsoft Callback Control Protocol (MSCB). MSCB is a Microsoft proprietary protocol used by Windows 95 and Windows NT clients. MS Callback supports negotiated PPP Link Control Protocol (LCP) extensions initiated and agreed upon by the Microsoft client. MS Callback is added to existing PPP Callback functionality. Therefore, if you configure your Cisco access server to perform PPP Callback using Cisco IOS Release 11.3(2)T or later, MS Callback is automatically available.
MS Callback supports AAA security models using a local database or AAA server. MSCB uses LCP callback options with suboption type 6. The Cisco MS Callback feature supports clients with a user-specified callback number and server specified (preconfigured) callback number. MS Callback does not affect non-Microsoft machines that implement standard PPP LCP extensions as described in RFC 1570. In this scenario, MS Callback is transparent.
The following new software features are supported by the Cisco 1600 series in Release 11.3(1)T and later 11.3 T releases.
Three types of encapsulation are supported in DLSw+: direct, Fast-Sequenced Transport (FST), and TCP. Previously, DLSw+ supported only backup peers for FST and TCP peer types. This new Frame Relay/Direct Backup Peer feature extends the backup peer capability to all types of DLSw+ transportation types.
The Cisco Bisync 3780 support feature has been enhanced to add a user-configurable address on contention interfaces.
The Cisco Bisync support protocol stack (BSC) Extended Addressing feature can be used to configure a set of nonstandard Bisync addresses (for non-IBM Bisync devices that do not use the standard set of 3270 Control Unit addresses).
The BSTUN over Frame Relay feature provides a tunnel mechanism for Binary Synchronous Communications (Bisync) protocol without TCP/IP encapsulation.
With the Border Peer Caching feature, border peers can build three caches (local, remote, and group) and check these caches before forwarding explorers for other routers.
The Cisco DLSw+ Management Information Base (MIB) enhancement feature includes more information about the "plus" features. For example, the MIB describes the encapsulation type being used: direct, LLC2, FST, and TCP. Furthermore, for FST and direct, which use fast cache entries instead of circuits to establish sessions, the MIB includes FST and direct cache entries.
The MIB also describes configured defaults for promiscuous and on-demand peers. It provides information about border peers, dynamic peers, and backup peers. Previously, the MIB was not informed about the remote-peer IP address when using direct or LLC2 encapsulation. Now the remote-peer IP address is sent through the capabilities exchange and listed in the MIB. Finally, the new MIB includes traps for peer up or down and circuit up or down. This MIB provides SNMP network management access to most of the information in the show dlsw capabilities command.
DLSw+ SNA type of service (TOS) sets the IP precedence bits in the IP header of DLSw+ packets. When APPN is running with DLSw+ and the priority option is specified on the dlsw remote peer command, SNA TOS maps APPN class of service (COS) to TCP TOS.
The Frame Relay Access Support (FRAS) Boundary Network Node (BNN) enhancement provides seamless processing at the router regardless of end-station changes. End stations can be added or deleted without reconfiguring the router. The FRAS BNN enhancement coexists with the original FRAS BNN feature.
Frame Relay Access Support (FRAS) Dial Backup over DLSw+ is an enhancement to the Cisco FRAS implementation that you can use to configure a secondary path that is used when the Frame Relay network becomes unavailable. If preconfigured properly, when the primary link to the Frame Relay WAN fails, FRAS Dial Backup over DLSw+ automatically moves existing sessions to the alternate link. When the primary link is restored, existing sessions are kept on the backup connection so that they can be moved nondisruptively to the primary link at your discretion.
Frame Relay Access Support (FRAS) DLCI Backup is an enhancement to the Cisco FRAS implementation that you can use to configure a secondary serial or ISDN path to the host to be used when the Frame Relay network becomes unavailable. When the primary Frame Relay link to the Frame Relay WAN fails, the FRAS DLCI Backup feature causes the router to reroute all sessions from the main Frame Relay interface to the secondary interface. The secondary interface can be either serial or ISDN and must have a data link connection identifier (DLCI) configured.
The FRAS (Frame Relay Access Support) Host feature provides connectivity from a Systems Network Architecture (SNA) Frame Relay Access Device (FRAD) to a Cisco router for SNA mainframe access. This feature also provides connectivity from remote SNA FRADs to LAN-attached front-end processors (FEPs) or to LAN-attached SNA minicomputers (such as AS/400s).
The FRAS Management Information Base (MIB) CISCO-DLCSW-MIB.MY is a collection of managed objects that can be accessed via a network management protocol such as SNMP. The objects in the MIB support LLC- and SDLC-attached devices for both BNN and BAN formats of RFC 1490. The FRAS MIB user interface is defined by the network manager SNMP application.
Data-link switching plus (DLSw+) supports LLC2-to-Synchronous Data Link Control (SDLC) Protocol conversion between PU4 devices. The LLC2-SDLC for PU4 feature allows a SDLC-attached FEP to communicate over DLSw+ to a LAN-attached FEP.
DLSw+ filters NetBIOS Session Alive packets from the WAN. You can transport NetBIOS in a dial-on-demand routing (DDR) environment by filtering NetBIOS Session Alive packets. NetBIOS periodically sends Session Alive packets as LLC2 I-frames. These packets do not require a response and are superfluous to the function of proper data flow. Furthermore, these packets keep DDR interfaces up, which causes unwanted per-packet charges in DDR networks.
Cisco IOS encapsulates source-route bridging (SRB) traffic using RFC-1490 bridged IEEE 802.5 encapsulation to provide SRB over Frame Relay functionality. This functionality can be used between Cisco routers or between a Cisco router and RFC-1490-compliant FRADs or routers.
The Cisco implementation of block serial tunneling (BSTUN) encapsulates Binary Synchronous Communications (Bisync) protocol, Adplex, ADT Security Systems, Inc., Diebold, and asynchronous generic traffic for transfer over router links.
Silicon Switch Processor (SSP) address resolution packets are sent via User Datagram Protocol (UDP) unicast service rather than via TCP. SSP packets include CANUREACH.EX, NETBIOS_NAME_QUERY_EX, NB_ADD_NAME.QUERY_EX, and DATAFRAME.
UDP unicast enhances the scalability of TCP peer networks because it allows DLSw+ to better control address resolution packets and unnumbered information (UI) frames during periods of congestion. Previously, these frames were carried over TCP. TCP retransmits frames that get lost or delayed in transit and aggravate congestion. Because address resolution packets and UI frames are not sent on a reliable transport on the LAN, sending them reliably over the WAN is unnecessary. By using UDP for these frames, DLSw+ minimizes network congestion. UDP Unicast Enhancement does not affect Fast-Sequenced Transport (FST) or direct peer encapsulations.
The Easy IP (Phase 1) feature combines Network Address Translation (NAT) and PPP/Internet Protocol Control Protocol (IPCP). This feature enables a Cisco router to automatically negotiate its own registered WAN interface Internet Protocol (IP) address from a central server and to enable all remote hosts to access the global Internet using this single registered IP address. Because Easy IP uses existing port-level multiplexed NAT functionality within the Cisco IOS software, IP addresses on the remote LAN are invisible to the Internet.
The Hot Standby Router Protocol (HSRP) provides a very high level of redundancy between hosts and gateway routers. HSRP also provides high network availability by enabling backup routes between hosts on Ethernet, Fast Ethernet, FDDI, and Token Ring networks. Cisco IOS devices that are running the HSRP send and receive multicast hello packets to detect router failure and to designate active and standby routers.
HSRP was first introduced with ATM LAN Emulation in Cisco IOS Release 11.0 and in Release 11.1 for virtual LAN (VLAN) configurations in IP networks using IEEE 802.10 encapsulations on FDDI media. Starting with Release 11.3, HSRP is also supported over Inter-Switch Links (ISLs) in VLAN configurations on Fast Ethernet. Now, HSRP functionality can be deployed with Cisco IOS VLANS using IEEE 802.10 on FDDI, ATM LAN Emulation, and ISL encapsulation on Fast Ethernet.
This feature provides MD5 authentication of routing updates from the IP EIGRP routing protocol. The MD5 keyed digest in each IP Enhanced IGRP packet prevents the introduction of unauthorized or false routing messages from unapproved sources.
This feature adds functionality and improved performance when using AppleTalk access lists and filters.
The specific AppleTalk access list enhancements include the following:
You can now identify IPX access lists with an alphanumeric string (a name) rather than a number. You can use this feature to configure an unlimited number of the following types of access lists:
If you identify your access list with a name rather than a number, the mode and command syntax are slightly different. Currently, only packet and route filters can use a named list.
This feature provides enhanced security because you can use a separate and easily identifiable access list for each user or interface. It also removes the limit of 100 lists per filter type.
Consider the following before configuring IPX named access lists:
This feature links Service Advertising Protocol (SAP) updates to Routing Information Protocol (RIP) updates so that SAP broadcast and unicast updates automatically occur immediately after the corresponding RIP update. The feature ensures that no service information is rejected by a remote router because it lacks a valid route to the service. As a result of this feature, periodic SAP updates are sent as often as RIP updates.
The default of the router is to send RIP and SAP periodic updates, each using its own update interval depending on the configuration. In addition, RIP and SAP periodic updates are offset slightly, and they tend to diverge from each other over time. This feature synchronizes SAP and RIP updates.
In addition, you can disable the sending of general RIP or SAP queries on a link when it first comes up. Sending all SAP and RIP information in a single update reduces bandwidth demands and eliminates erroneous rejections of SAP broadcasts.
Linking SAP and RIP updates populates the service table at the remote router more quickly because services are not rejected for lack of a route to the service. This can be especially useful on WAN circuits where the update intervals are greatly increased to reduce the overall level of periodic update traffic on the link.
RIP and SAP general queries are normally sent by remote routers when a circuit first comes up. On WAN circuits, two full updates of each kind are often sent across the link. The first update is a full broadcast update, triggered locally by the link-up event. The second update is a specific (unicast) reply triggered by the general query received from the remote router. Disabling the sending of general queries when the link first comes up reduces traffic to a single update and saves bandwidth.
This feature allows the router to interpret the maximum lifetime field in a Level 1 link-state packet (LSP) in hours or seconds. Previously, the field was interpreted in seconds only. The router keeps LSP packets for a much longer time, which reduces overhead on slower-speed serial links and keeps ISDN links from becoming active unnecessarily.
The NLSP Multicast Support feature adds support for the use of NLSP multicast addressing for Ethernet, Token Ring, and FDDI router interfaces. This capability is only possible when the underlying Cisco hardware device or driver supports multicast addressing.
With this feature, the router defaults to using multicasts instead of broadcasts on Ethernet, Token Ring, and FDDI interfaces to address all NLSP routers on the network. If an adjacent device does not support NLSP multicasting, the router uses broadcasts on the affected interface. When routers running prior versions of Cisco IOS software are on the same network with routers running Cisco IOS Release 11.3, broadcasts are used on any segment shared by the two routers.
A Cisco IOS command-line interface (CLI) is available for setting two Cisco Call History MIB parameters. These parameters are the number of entries to be retained by the MIB and the length of time to retain them, which correspond to the following MIB objects:
When you save the router configuration before reloading the router, the parameter values are also saved. Before this release, SNMP was the only available means for setting the values of these parameters. However, when the parameters are set by SNMP, the old values are lost, and the parameters are reset to their default values whenever a router is reloaded. The Cisco Call History MIB CLI is enabled by default.
The Cisco IOS Internationalization feature makes available HTML Server Side Includes (SSIs) to customize international or domestic HTML pages used for the Cisco web browser interface (such as ClickStart pages) and to store them in Flash memory on multiple Cisco IOS platforms. In addition, you can display 8-bit or multibyte international character sets (such as Japanese) and print the escape (ESC) character as a single character instead of as the caret and bracket symbols (^[) on the Cisco Web browser and at the router command line.
The Entity MIB (RFC 2037) describes the logical resources, physical resources, and logical-to-physical mappings of devices managed by a single SNMP agent. This feature implements the first phase of the Entity MIB, the Logical Entity Table. The Logical Entity Table describes the logical entities managed by a single agent. The Entity MIB also records the time of the last modification to any object in the Entity MIB and sends out a trap when any object is modified. The Entity MIB provides no managed objects with write access.
The SNMPv2C feature replaces support for SNMPv2Classic with support for SNMPv2 and SNMPv2C. SNMPv2C replaces the Party-based Administrative and Security Framework of SNMPv2Classic with the Community-based Administrative Framework while retaining 64-bit counters and get-bulk functionality. This feature implements RFCs 1901 through 1907, deprecating the implementation of RFCs 1441 through 1451.
The following commands are obsolete in Release 11.3:
In addition, the snmp-server trap-authentication command has been deprecated. Use the snmp-server enable traps snmp authentication command in its place. Existing configurations that use the snmp-server trap-authentication command are not affected; however, this command is not saved to the startup configuration.
Virtual Profiles is a unique PPP application that defines and applies per-user configuration information for users who dial in to a router. Virtual Profiles allows user-specific configuration information to be applied irrespective of the media used for the dial-in call. The configuration information for virtual profiles can come from a virtual interface template, per-user configuration information stored on an AAA server, or both, depending on how the router and AAA server are configured.
Virtual profiles overcome current limitations on network scalability:
Virtual profiles overcome the limitations listed above by providing a unique interface for each user dialing in to a Cisco router or access server.
You can configure load splitting of IP multicast traffic across equal-cost paths. Previously, when there were equal-cost paths between routers, IP multicast packets traversed only one path. If a tunnel was configured, the same next hop was always used, and no load splitting occurred.
IP multicast load splitting is accomplished indirectly by consolidating the available bandwidth of all the physical links into a single tunnel interface. The underlying physical connections then use existing unicast load-splitting mechanisms for the tunnel (multicast) traffic. By configuring load splitting among equal-cost paths, you can use your links between routers more efficiently when sending IP multicast traffic.
Prior to this feature, IP multicast datagrams used the MAC-level broadcast address 0xFFFF.FFFF.FFFF, which placed an unnecessary burden on all devices that did not participate in IP multicast. The IP multicast over Token Ring LANs feature defines a way to map IP multicast addresses to a single Token Ring MAC address. This feature defines the Token Ring functional address (0xc000.0004.0000) that should be used over Token Ring. The Cisco Systems implementation complies with RFC 1469, IP Multicast over Token-Ring Local Area Networks (June 1993).
IP multicast transmissions over Token Ring interfaces are more efficient than they used to be. This feature reduces the load on other machines that do not participate in IP multicast because they do not receive these packets.
The following restrictions apply to this feature:
When using PIM in a large network, there are often stub regions over which the administrator has limited control. To reduce the configuration and administration burden, you can configure a subset of PIM functionality that provides the stub region with connectivity but does not allow it to participate in or potentially complicate any routing decisions.
Stub IP multicast routing allows simple multicast connectivity and configuration at stub networks. It eliminates periodic flood-and-prune behavior across slow-speed links (ISDN and below) using dense mode. It does this by using forwarded IGMP reports as a type of Join message and selective PIM message filtering.
Real-time Transport Protocol (RTP) carries packetized audio and video traffic over an IP network. RTP is described in RFC 1889. RTP is not intended for data traffic, which uses Transmission Control Protocol (TCP) or User Datagram Protocol (UDP). RTP provides end-to-end network transport functions intended for applications transmitting real-time requirements, such as audio, video, or simulation data over multicast or unicast network services.
The minimal 12 bytes of the RTP header, combined with 20 bytes of IP header and 8 bytes of UDP header create a 40-byte RTP/IP/UDP header. The RTP packet has a payload of approximately 20 to 150 bytes for audio applications that use compressed payloads. It is very inefficient to transmit the RTP/IP/UDP header without compressing it.
The RTP header compression feature compresses the RTP/IP/UDP header in an RTP data packet from 40 bytes to approximately 2 to 5 bytes. It is a hop-by-hop compression scheme similar to RFC 1144 for TCP header compression. Using RTP header compression can benefit both telephony voice and multicast backbone (MBONE) applications running over slow links.
RTP header compression is supported on serial lines using Frame Relay, HDLC, or PPP encapsulation. It is also supported over ISDN interfaces.
Enabling compression on both ends of a low-bandwidth serial link can greatly reduce the network overhead if there is a lot of RTP traffic on that slow link. This compression is beneficial especially when the RTP payload size is small (as with compressed audio payloads of 20 to 50 bytes). Although the MBONE-style RTP traffic has higher payload sizes, compact encodings like Compressed Encoding for Linear Prediction (CELP) can also help considerably.
Double authentication provides additional authentication for Point-to-Point Protocol (PPP) sessions. Previously, PPP session authentication was limited to CHAP (or PAP). With double authentication, remote users must pass a second stage of user authentication--after CHAP or PAP authentication--before they can gain network access.
If you configure your local host (NAS or router) for double authentication, remote users must complete a second stage of authentication to gain their assigned user network privileges. This second double authentication requires a password that is known to the user but not stored on the remote host of the user. Therefore, the second authentication is specific to a user, not to a host. This feature provides an additional level of security that is effective even if the remote host is stolen.
Encrypted Kerberized Telnet enables a router to initiate or receive an encrypted Telnet session. Previously, all Telnet session traffic could only be transmitted as clear-text (readable) data.
You can use Encrypted Kerberized Telnet when establishing a Telnet session to or from a router. When you use this feature, first you are authenticated by your Kerberos credentials, and then an encrypted Telnet session is established.
The Cisco implementation of Encrypted Kerberized Telnet uses the following encryption standard: 56-bit Data Encryption Standard (DES) encryption with 64-bit Cipher Feedback (CFB). This feature is available only if you have the 56-bit encryption image. The 56-bit DES encryption image is subject to U.S. government export-control regulations.
All Cisco routers and access servers running Cisco IOS Release 11.0(6) or later have an HTTP server, which is an embedded subcomponent of the Cisco IOS software. Users with a privilege level of 15 can use a web browser to issue Cisco IOS commands from a predefined home page. In Cisco IOS Release 11.3, the HTTP security feature enables users with a privilege level other than 15 to access the HTTP server.
In addition, a new command has been added to specify how HTTP server users are authenticated. The HTTP server in the Cisco IOS Release 11.2 software uses the enable password method to authenticate a user at privilege level 15. In Release 11.3, system administrators can specify enable; local; Terminal Access Controller Access Control System (TACACS); or authentication, authorization, and accounting (AAA) user authentication.
Using the HTTP Security feature, network administrators can provide HTTP-server access to users with a privilege level of less than 15. The Cisco Web browser interface then mirrors the functionality of the command-line interface (CLI).
The Per-User Configuration can tie together the following dial-in features:
A virtual access interface created dynamically for any user dial-in session is deleted when the session ends. The resources used during the session are returned for other dial-in uses.
With per-user configuration:
The TCP Intercept feature implements software to protect TCP servers from TCP SYN-flooding attacks, which are a type of denial-of-service attack. A SYN-flooding attack occurs when a hacker floods a server with requests for connection. Because these messages have unreachable return addresses, the connections cannot be established. The resulting volume of unresolved open connections eventually overwhelms the server and can cause it to deny service to valid requests, thereby preventing legitimate users from connecting to a Web site, accessing e-mail, using FTP service, and so on.
The TCP Intercept feature helps prevent SYN-flooding attacks by intercepting and validating TCP connection requests. In intercept mode, the TCP intercept software intercepts TCP synchronization (SYN) packets from clients to servers that match an extended access list. The software establishes a connection with the client on behalf of the destination server and if successful, establishes the connection with the server on behalf of the client and knits the two half-connections together transparently. Thus, connection attempts from unreachable hosts never reach the server. The software continues to intercept and forward packets throughout the duration of the connection.
Remote Authentication Dial-In User Server (RADIUS) is an access server authentication and accounting protocol originally developed by Livingston, Inc. Although an Internet Engineering Task Force (IETF) draft standard for RADIUS specifies a method for communicating vendor-proprietary information between the network access server and the RADIUS server, some vendors have extended the RADIUS attribute set in a unique way. Cisco IOS software currently supports the IETF draft standard RADIUS. In this release, Cisco IOS software introduces support for the most common vendor-proprietary RADIUS attributes.
Some vendor-proprietary implementations of RADIUS let the administrator define static routes and IP pool definitions on the RADIUS server, instead of on each network access server. As each network access server starts up, it queries the RADIUS server for static route and IP pool information. In this release, a new command enables the Cisco router to obtain static routes and IP pool definition information from the RADIUS server at start-up time. This frees the user from having to configure such information on each network access server.
IP policy routing can now be fast-switched. Previously, policy routing could only be process-switched, which meant that on most platforms, the switching rate was approximately 1,000 to 10,000 packets per second. This was not fast enough for many applications. Users who need policy routing to occur at faster speeds can implement policy routing without slowing down the router.
Beginning with Cisco IOS Release 11.2, virtual interfaces can be configured independently of any physical interface and applied dynamically, as needed, to create virtual access interfaces. When a user dials in, a predefined configuration template is used to configure a virtual access interface; when the user is done, the virtual access interface is torn down, and the resources are freed for other dial-in uses.
This feature provides a generic service that can be used to apply predefined configurations (virtual interface templates) in creating and freeing virtual access interfaces, as needed. Virtual interface templates and virtual access interfaces are basically serial interfaces with no hardware associations; they are created and freed as needed.
The virtual interface template service provides the following benefits to customers with large numbers of dial-in users:
Using Cisco IOS Release 11.3, you can simplify the process of configuring protocol translation to tunnel PPP or SLIP across X.25, TCP, and LAT networks. Release 11.3 provides virtual template interfaces that you can configure independently and apply to any protocol translation configuration. You can configure virtual interface templates for one-step and two-step protocol translation.
Before virtual templates were implemented, you enabled asynchronous protocol functions on vty lines by creating virtual asynchronous interfaces rather than virtual access interfaces. (For one-step translation, you did so by specifying ppp or slip as outgoing options in the translate command. For two-step translation, you did so by specifying the vty-async command.) The differences between virtual asynchronous interfaces and virtual access interfaces are as follows:
The Cisco implementation of packet assembler/disassembler (PAD) has been enhanced:
You can use this feature to append a specified value to an X.121 calling address when that address is not sufficient to identify the source of a call. You can use PAD subaddressing to create unique X.121 calling addresses by including either a physical port number or a value specified for a line as a subaddress to the X.121 calling address.
PAD subaddressing enables an X.25 host application to uniquely identify the source of an X.121 call. For example, in some bank security-alarm applications, the central alarm host identifies the physical location of the alarm units from subaddressing information contained in the Call Request packet.
The Bandwidth Allocation Control Protocol (BACP) described in RFC 2125 provides Multilink PPP peers with the ability to govern link utilization. After peers have successfully negotiated BACP, they can use the Bandwidth Allocation Protocol (BAP), a subset of BACP, to negotiate bandwidth allocation. BAP provides a set of rules governing dynamic bandwidth allocation through call control, a defined method for adding and removing links from a multilink bundle for Multilink PPP.
The addition of any link to an existing multilink bundle is controlled by a BAP call or callback request message, and the removal of a link can be controlled by a link drop message. BACP is designed to operate in both the virtual interface environment and the dialer interface environment. It can operate over any physical interface that is Multilink-PPP capable and has a dial capability; at initial release, BACP supports ISDN and asynchronous serial interfaces.
BACP provides the following benefits:
The Enhanced Local Management Interface feature provides an enhancement to the Frame Relay LMI protocol. Enhanced Local Management Interface enables automated exchange of Frame Relay Quality of Service (QoS) parameter information between the Cisco router and the Cisco wide-area switch. Routers can base congestion management and prioritization decisions on known QoS values, such as the Committed Information Rate (CIR), Committed Burst Size (Bc), and Excess Burst Size (Be). The router senses QoS values from the switch and can be configured to use those values in traffic shaping. This enhancement works between Cisco routers and Cisco wide-area switches (Cisco BPX and Cisco IGX platforms).
The Frame Relay enhancements introduced with this feature include:
Frame Relay compression can occur on the CSA board or on the main CPU of the router. FRF.9 is standard-based and therefore provides multivendor compatibility. FRF.9 compression uses higher compression ratios, allowing more data to be compressed for faster transmission.
The Cisco Frame Relay MIB adds proprietary extensions to the standard Frame Relay MIB (RFC 1315). It provides additional link-level and virtual circuit-level information and statistics that are mostly specific to Cisco Frame Relay implementation. This MIB provides SNMP network management access to most of the information covered by the show frame-relay commands, such as show frame-relay lmi, show frame-relay pvc, show frame-relay map, and show frame-relay svc.
ForeSight is the network traffic control software used in Cisco wide-area switches. The Cisco wide-area Frame Relay switch can extend ForeSight messages over a User-to-Network Interface (UNI), passing the backward congestion notification for virtual connections. The Router ForeSight feature allows Cisco Frame Relay routers to process and react to ForeSight messages and adjust virtual circuit level traffic shaping in a timely manner.
The Router Foresight feature must be explicitly configured on both the Cisco router and the Cisco wide-area switch. When ForeSight is enabled, a ForeSight message is sent out at the configured time interval, which can range from 40 to 5000 milliseconds. The time interval between the ForeSight messages is set during configuration of the switch. Refer to the appropriate Cisco wide-area switch documentation for details for configuring this feature.
When a Cisco router receives a ForeSight message indicating that certain Data Link Connection Identifiers (DLCIs) are experiencing congestion, the Cisco router activates its traffic shaping function to slow down the output rate. The router reacts as it would if it detected the congestion by receiving a packet with the backward explicit congestion notification (BECN) bit set.
BECN requires a user packet to be sent in the direction of the congested DLCI to convey the signal, a process that is not predictable and therefore not reliable as a notification mechanism. Timed ForeSight messages guarantee that the router receives notification before congestion becomes a problem. Traffic can be slowed down in the direction of the congested DLCI.
The Frame Relay router ForeSight feature provides an improved mechanism for managing network traffic. It provides these benefits:
The ISDN Advice of Charge (AOC) feature is for ISDN PRI NET5 and ISDN BRI NET3 switch types only. Users can obtain charging information for all calls during the call (AOC-D), at the end of the call (AOC-E), or both to track call costs and to control and possibly reduce tariff charges through the use of the short-hold mode option.
The ISDN AOC feature also supports, for the AOC-D service, an optional, configurable short-hold mode that provides a dynamic idle timeout by measuring the call-charging period, based on the frequency of the AOC-D or the AOC-E message from the network. The short-hold mode idle time does the following:
Users must have subscribed through their local ISDN network for the ISDN services (AOC-D or AOC-E). No router configuration changes are required to retrieve this call charging information. Call accounting information for AOC-D and AOC-E messages is stored in SNMP MIB objects.
The ISDN caller ID callback feature allows the initial incoming call from the client to the server to be rejected based on the caller ID message contained in the ISDN setup message and allows a callback to be initiated to the calling destination. This feature is independent of the encapsulation in effect and can be used with various encapsulations, such as PPP, HDLC, Frame Relay, and X.25.
In Cisco IOS Release 11.2, ISDN callback functionality required PPP or Combinet Packet Protocol (CPP) client authentication and client-server callback negotiation to proceed. If authentication and callback negotiations were successful, the callback server had to disconnect the call and then place a return call. Both the initial call and the return call were subject to tolls, and when service providers charge by the minute, even brief calls could be expensive.
ISDN Non-Facility Associated Signaling (NFAS) allows a single D channel to control multiple PRI interfaces. A backup D channel can also be configured for use when the primary NFAS D channel fails. Use of a single D channel to control multiple PRI interfaces can free the B channel on each interface to carry other traffic. After the controllers are configured, only the NFAS primary D channel must be configured; its configuration is distributed to all the members of the associated NFAS group.
You can limit debug messages to those related to a particular subinterface. Some debug commands generate a large amount of output; by restricting output to information on a particular subinterface, you can reduce the number of debug messages generated.
Cisco routers fast-switch Layer 2 Forwarding (L2F) traffic. In stack group environments in which some L2F traffic is offloaded to a powerful router, fast switching provides improved scalability.
In Cisco IOS Release 11.2, leased-line service at 64 kbps via ISDN BRI is provided in Japan and Germany. In Cisco IOS Release 11.3, leased-line service at 128 kbps via ISDN BRI is provided in Japan. This service combines two B channels into a single pipe.
Interleaving on Multilink PPP allows large packets to be multilink encapsulated and fragmented into a small enough size to satisfy the delay requirements of real-time traffic; small real-time packets are not multilink encapsulated and are transmitted between fragments of the large packets. The interleaving feature also provides a special transmit queue for the smaller, delay-sensitive packets, enabling them to be transmitted earlier than other flows.
Weighted fair-queuing on Multilink PPP works at the packet level, not at the level of multilink fragments. Thus, if a small real-time packet gets queued behind a larger best-effort packet and no special queue has been reserved for real-time packets, the small packet is scheduled for transmission only after all the fragments of the larger packet are scheduled for transmission.
Weighted fair-queuing is supported on all interfaces that support Multilink PPP, including Multilink PPP virtual access interfaces and virtual interface templates. Weighted fair-queuing is enabled by default.
Fair-queuing on Multilink PPP overcomes a prior restriction. Previously, fair-queuing was not allowed on virtual access interfaces and virtual interface templates. Interleaving provides the delay bounds for delay-sensitive voice packets on a slow link that is used for other best-effort traffic.
The Telnet Extensions for Dialout feature is the network access server component of the Cisco DialOut Utility, used by local users to send faxes or connect to services outside the LAN by using modems attached (or internal) to a network access server. This feature extends the functionality of Telnet because users can control the activity of these modems from their desktop computers, using standard communications software. Because the Telnet Extensions for Dialout feature works with the client/desktop Cisco DialOut Utility, it is not a standalone feature. It enables the network access server to interface with the client/desktop component of the Cisco DialOut Utility. The client/desktop component of Cisco DialOut Utility must be installed on the client workstation before this feature can be used.
Telnet extensions allow the communications software running on the desktop computer of a client to control modem settings such as baud rate, parity, bit size, and stop bits. In addition, these extensions allow the network access server to return Carrier Detect signals to the communications software so that the software can determine when to start dialing a particular number.
The Telnet Extensions for Dialout feature uses reverse Telnet to access modems attached to the network access server. To enable this feature, you only need to configure the access server or router for reverse Telnet and configure the appropriate lines to both send and receive calls.
The network service provider can select a specific VPDN tunnel for outgoing calls from a dial-in user by using the dialed number information service (DNIS) information provided on ISDN lines. The ability to select a tunnel based on DNIS provides additional flexibility to network service providers who offer VPDN services and to the corporations that use the services. Instead of having to use only the domain name for tunnel selection, tunnel selection can be based on the dialed number.
With this feature, a corporation that might have only one domain name can provide multiple, specific phone numbers for dialing into the network access server at the service provider point of presence. The service provider can select the tunnel to the appropriate services or portion of the corporate network based on the dialed number.
The Cisco X.25 implementation has been restructured to meet additional design goals that include greater modularity and consistent availability of X.25 services to the code that uses them. The following have been updated:
Basic Rate Interface (BRI) is an Integrated Systems Digital Network (ISDN) interface, and it consists of two B channels (B1 and B2) and one D channel. The B channels are used to transfer data, voice, and video. The D channel controls the B channels.
ISDN uses the D channel to carry signal information. ISDN can also use the D channel in a BRI to carry X.25 packets. The D channel has a capacity of 16 kbps, and the X.25 over D channel can use up to 9.6 kbps.
You can set the parameters of the X.25-over-D-channel interface without disrupting the original ISDN interface configuration. In a normal ISDN BRI interface, the D and B channels are bundled together and represented as a single interface. The original BRI interface continues to represent the D, B1, and B2 channels.
Because some end-user equipment uses static terminal endpoint identifiers (TEIs) to access this feature, static TEIs are supported. The dialer recognizes the X.25-over-D-channel calls and initiates them on a new interface.
X.25 traffic over the D channel can be used as a primary interface where low-volume, sporadic interactive traffic is the normal mode of operation. Supported traffic includes IPX, AppleTalk, transparent bridging, XNS, DECnet, and IP.
This feature allows X.25 switching between permanent virtual connections (PVCs) and switched virtual connections (SVCs). Previously, X.25 switching was permitted only between circuits of the same type. Traffic that entered the router over a SVC could be forwarded only to another SVC. Likewise, traffic that entered the router over a PVC could be forwarded only to another PVC. This feature allows switching between the two circuit types.
The Cisco IOS software provides an X.28 user emulation mode through which you can interact and control the PAD. During an exchange of control information, messages or commands sent from the terminal to the PAD are called PAD command signals. Messages sent from the PAD to the terminal are called PAD service signals. These signals and any transmitted data take the form of encoded character streams as defined by International Alphabet Number 5.
For asynchronous devices such as a terminals or modems to access an X.25 network host, the packets of a device must be assembled or disassembled by a PAD device. Using standard X.28 commands from the PAD, calls can be made into an X.25 network, X.3 PAD parameters can be set, or calls can be reset. There are 22 available X.3 PAD parameters to configure. These parameters can also be set by a remote X.25 host using X.29. The X.28 standard interface is common in many European countries and adheres to the X.25 International Telecommunication Union Telecommunication (ITU-T) standards.
The new X.28 interface is designed for asynchronous devices that require X.25 transport to access a remote or native asynchronous or synchronous host application. Applications such as dial-up users accessing a remote X.25 host can use the X.28 interface. For example, banks implement Cisco routers to support back-office applications, ATMs, point-of-sales authorization devices, and alarm systems. These alarm devices are connected asynchronously to the same Cisco router and report alarm conditions to a remote alarm host for the dispatch of police. The Cisco X.28 PAD implementation calls can be transported over a public packet network, a private X.25 network, the Internet, a private IP-based network, or a Frame Relay network. With this new service, Cisco offers the flexibility to either use the X.28 interface directly or over a Cisco IOS application service such as protocol translation. The protocol translation vty asynchronous application provides bidirectional access to an X.25 application with the PAD service or protocols, such as Digital Equipment Corporation (DEC), local-area transport (LAT), and TCP.
If you are upgrading to Cisco IOS Release 11.3 from an earlier Cisco IOS software release, you should save your current configuration file before configuring your access server with the Cisco IOS Release 11.3 T software. An unrecoverable error could occur during download or configuration.
Before downloading a software upgrade, read Product Bulletin #703, Cisco IOS Software Release Upgrade Paths and Packaging Simplification. The information in this bulletin supersedes all previous instructions. This bulletin is in the following location on CCO. Click Service & Support. Near the bottom of the web page go to Product Bulletins, scroll down to the Software section, and then click Cisco IOS Software Release 11.3 Upgrade Paths No. 703 under the heading Cisco IOS 11.3.
The following sections contain important notes about Cisco IOS Release 11.3 and can apply to the Cisco 1600 series.
Cisco IOS Release 11.3(8)T was deferred to Release 11.3(8)T1 on all software images to incorporate corrections to the following caveats:
For more information on these caveats, refer to Bug Navigator II. Bug Navigator II is available at http://www.cisco.com/support/bugtools. On CCO, click this path:
Service & Support/ Online Technical Support/ Software Bug Toolkit/ Bug Navigator II
Release 11.3(4)T1 is an early deployment release of software support for the Cisco 1600 series routers. Release 11.3(4)T1 is the same as Release 11.3(4)T except the following defect has been resolved in Release 11.3(4)T1:
The configuration command frame-relay interface-dlci is not working. This affects Frame Relay users who need to configure point-to-point subinterfaces. [CSCdk18271]
The Token Ring interface is reset whenever IPX routing is enabled on that interface.
The Cisco implementation of AppleTalk does not forward packets with local-source and destination network addresses. This behavior does not conform to the definition of AppleTalk in the Apple Computer publication Inside AppleTalk. However, this behavior is designed to prevent any possible corruption of the AppleTalk Address Resolution Protocol (AARP) table in any AppleTalk node that is performing MAC-address gleaning.
As of Release 11.3(2)T, the command bridge group multicast-source is no longer available. This command was removed to comply with the source-route-transparent (SRT) bridging implementation.
Due to a production problem, many source-route bridging commands were omitted from the printed version of the Cisco IOS Software Command Summary (78-4746-01). For complete documentation of all source-route bridging commands, refer to the Bridging and IBM Networking Command Reference (78-4743-01). You can also obtain the most current documentation on the Documentation CD-ROM or Cisco Connection Online (CCO).
A new authorization feature was added in Release 11.3(1) that allows for separate configuration and authorization of Multilink PPP. This can cause MLP authorization to fail in TACACS+ servers that do not include the relevant authorization permissions in the configuration. For TACACS+, the following attribute-value (AV) pair should be added for all users who are allowed to negotiate Multilink PPP:
service = ppp protocol = multilink {
Caveats describe unexpected behavior in Cisco IOS software releases. Severity 1 caveats are the most serious caveats; severity 2 caveats are less serious.
For information on caveats in Cisco IOS Release 11.3 T, see Caveats for Cisco IOS Release 11.3 T on CCO and the Documentation CD-ROM.
All caveats in Release 11.3 are also in Release 11.3 T.
For information on caveats in Cisco IOS Release 11.3, see the "Important Notes and Caveats for Release 11.3" section in Cross-Platform Release Notes for Cisco IOS Release 11.3 on CCO and the Documentation CD-ROM. These release notes list severity 1 and 2 caveats affecting all maintenance releases.
The following sections describe the documentation available for the Cisco 1600 series. These documents consist of hardware and software installation guides, Cisco IOS configuration and command references, system error messages, feature modules, and other documents.
Documentation is available as printed manuals or electronic documents, except for feature modules, which are available online on CCO and the Documentation CD-ROM.
Use these release notes with these documents:
The following documents are specific to Release 11. 3 and are located on CCO and the Documentation CD-ROM:
These documents are available for the Cisco 1600 series on CCO and the Documentation CD-ROM:
On CCO at:
Service & Support: Documentation Home Page: Access Servers and Access Routers: Modular Access Routers: Cisco 1600 Series Routers
On the Documentation CD-ROM at:
Cisco Product Documentation: Access Servers and Access Routers: Modular Access Routers: Cisco 1600 Series Routers
Feature modules describe new features supported by Release 11.3 T and are updates to the Cisco IOS documentation set. A feature module consists of a brief overview of the feature, benefits, configuration tasks, and a command reference. As updates, the feature modules are available online only. Feature module information is incorporated in the next printing of the Cisco IOS documentation set.
On CCO at:
Service & Support: Documentation Home Page: Cisco IOS Software Configuration: Cisco IOS Release 11.3: Cisco IOS 11.3 [AA, NA, T, XA] New Features
On the Documentation CD-ROM at:
Cisco Product Documentation: Cisco IOS Software Configuration: Cisco IOS Release 11.3: Cisco IOS 11.3 [AA, NA, T, XA] New Features
The Cisco IOS software documentation set consists of the Cisco IOS configuration guides, Cisco IOS command references, and several other supporting documents, which are shipped with your order in electronic form on the Documentation CD-ROM--unless you specifically ordered the printed versions.
Each module in the Cisco IOS documentation set consists of two books: a configuration guide and a corresponding command reference. Chapters in a configuration guide describe protocols, configuration tasks, Cisco IOS software functionality, and contain comprehensive configuration examples. Chapters in a command reference provide complete command syntax information. Use each configuration guide with its corresponding command reference.
On CCO and the Documentation CD-ROM, two master hot-linked documents provide information for the Cisco IOS software documentation set.
You can reach these documents on CCO at:
Service & Support: Documentation Home Page: Cisco IOS Software Configuration: Cisco IOS Release 11.3: Cisco IOS Release 11.3 Configuration Guides, Command References: Configuration Guide Master Index or Command Reference Master Index
Table 7 describes the contents of the Cisco IOS Release 11.3 software documentation set, which is available in electronic form and also in printed form upon request.
You can reach the Cisco IOS documentation set from CCO at:
Service & Support: Documentation Home Page: Cisco IOS Software Configuration: Cisco IOS Release 11.3
You can reach the Cisco IOS documentation set on the Documentation CD-ROM at:
Cisco Product Documentation: Cisco IOS Software Configuration: Cisco IOS Release 11.3
.
| Books | Chapter Topics |
|---|---|
| Configuration Fundamentals Overview |
| IP Addressing |
| AppleTalk |
| Apollo Domain |
| Wide-Area Networking Overview |
| AAA Security Services |
| Business Applications and Scenarios |
| Switching Paths for IP Networks |
| Transparent Bridging |
|
|
For service and support for a product purchased from a reseller, contact the reseller, who offers a wide variety of Cisco service and support programs described in "Service and Support" of Cisco Information Packet shipped with your product.
For service and support for a product purchased directly from Cisco, use CCO.
If you have a CCO login account, you can access the following URL, which contains links and tips on configuring your Cisco products:
http://www.cisco.com/kobayashi/serv_tips.shtml
This URL is subject to change without notice. If it changes, point your Web browser to CCO and click on this path: Products & Technologies: Products: Technical Tips.
The following sections are provided from the Technical Tips page:
Cisco Connection Online (CCO) is Cisco Systems' primary, real-time support channel. Maintenance customers and partners can self-register on CCO to obtain additional information and services.
Available 24 hours a day, 7 days a week, CCO provides a wealth of standard and value-added services to Cisco's customers and business partners. CCO services include product information, product documentation, software updates, release notes, technical tips, the Bug Navigator, configuration notes, brochures, descriptions of service offerings, and download access to public and authorized files.
CCO serves a wide variety of users through two interfaces that are updated and enhanced simultaneously: a character-based version and a multimedia version that resides on the World Wide Web (WWW). The character-based CCO supports Zmodem, Kermit, Xmodem, FTP, and Internet e-mail, and it is excellent for quick access to information over lower bandwidths. The WWW version of CCO provides richly formatted documents with photographs, figures, graphics, and video, as well as hyperlinks to related information.
You can access CCO in the following ways:
For a copy of CCO's Frequently Asked Questions (FAQ), contact cco-help@cisco.com. For additional information, contact cco-team@cisco.com.
Cisco documentation and additional literature are available in a CD-ROM package, which ships with your product. The Documentation CD-ROM, a member of the Cisco Connection Family, is updated monthly. Therefore, it might be more current than printed documentation. To order additional copies of the Documentation CD-ROM, contact your local sales representative or call customer service. The CD-ROM package is available as a single package or as an annual subscription. You can also access Cisco documentation on the World Wide Web at http://www.cisco.com, http://www-china.cisco.com, or http://www-europe.cisco.com.
If you are reading Cisco product documentation on the World Wide Web, you can submit comments electronically. Click Feedback in the toolbar and select Documentation. After you complete the form, click Submit to send it to Cisco. We appreciate your comments.
Posted: Mon Aug 7 20:48:57 PDT 2000
Copyright 1989-2000©Cisco Systems Inc.