Cisco systems, in their own field reports have identified a variety of new bugs in a number of products.
I found the story below (Dodgy circuit board forces Cisco to recall some Catalyst switches) on an arab website.
Curious, I then went to Cisco's site and, after rooting around for a while, found a great many product field notices that were posted between 12-27-1999 and 01-07-2000.
Will someone with the necessary technical expertise please access the site and analyze the significance and timing of these bug reports?
Given the fact that several of these field reporting areas were inactive for 6 weeks or longer prior to this recent flurry of activity, what is happening at Cisco appears to represent a spike in problems right at and following the rollover.
�.I'll be waiting with interest to hear what you all come up with.
One or more glitches (which are characterized in most of the Cisco reports as bugs) were reported in the following Cisco product areas:
1)Access Products
Field notices about Cisco's Access Servers, Access Routers, and Multiservice Access Concentrators. This includes the 700, 800, 1000, 1400 1600, 1700, 2500, 2600, 3600, MC3810, 4x00, and AS5x00 Series.
2)LAN Switches
Field notices about the Catalyst family of switches, the Cisco LightStream 1010 ATM Switch, and the CDDI/FDDI Workgroup Concentrator and Adapters.
3)Security Products
Field notices about Cisco Security Products such as the Cisco PIX Firewall, CiscoSecure, and the Centri Firewall.
4)Voice Switching Products
Field notices about Cisco Voice Switching Products such as Virtual Switch Controller and Virtual Switch Office.
5)Web Scaling
Field notices about LocalDirector, Cache Engine, DistributedDirector, and IP/TV.
6)Year 2000
Year 2000 field notices about all Cisco hardware and software.
Some of the bugs mentioned on the Cisco website include, quote:
January 7, 2000
Any PIX Firewall on which version 4.4(3) software is present will continuously reboot. No other released versions of PIX Firewall are affected. This bug has been assigned Cisco bug ID CSCdp59021. If you are a registered CCO user and you have logged in, you can view the bug details by navigating to the Bug Toolkit and entering the bug identification number.
January 3, 2000
The Kerberos Client functionality on Cisco products, when configured to provide access control, will fail in a "deny" state when the expiration of the credentials is in January or February of leap years, thus denying any Kerberos-authenticated access. This bug has been assigned Cisco bug ID CSCdp60101. If you are a registered CCO user and you have logged in, you can view the bug details January 3, 2000
December 29, 1999
Cisco Secure PIX Firewall: PIX-515 Ethernet Controller Issue
Under medium to heavy network load conditions, the outside Ethernet interface of the PIX-515 will stop transmitting packets. On a PIX-515 with two built-in Ethernet interfaces, the outside interface is typically connected to the unprotected network. Review the PIX documentation for further details on naming and using PIX Firewall interfaces. This problem does not happen nor is it triggered on the rollover from December 31, 1999 to January 1, 2000. This is not a year 2000 problem. Inaccesibility of the NVRAM clock does not interfere with normal Catalyst switch operation.
Cisco is still investigating the root cause of this issue. Preliminary findings indicate that either a design or manufacturing error results in an erroneous condition on the Ethernet control unit. The condition is not hazardous, but it can cause the outside interface to stop transmitting packets until the interface is reset by the PIX software. See the Workaround/Solution section of this Field Notice for further details.
All security policies implemented by the PIX Firewall are applied throughout this condition. The PIX is no more vulnerable to compromise during this condition than it is when the condition does not exist.
December 27
LocalDirector User Interface 3.1 and 3.1.1 SSL Root Certificate Expiration
Several Verisign Certificate Authority (CA) root certificates contained in the product will expire at midnight GMT on December 31, 1999. Depending on the configuration of the LUI, availability of SSL servers could be interrupted.
Link to Cisco site:
http://www.cisco.com/warp/public/770/index.shtml
It's interesting that the Year 2000 field category reports (9/9/2000:
"There are no significant documented product issues to report at this time. We have discovered an issue with an infrequently used dial authentication mechanism (Kerberos). The few affected customers have been notified. For workaround & resolution, please see the posted field notice. "
Finally, Here's the story from from the arabia online website:
Published 03-Jan-2000 06:55 GMT
Dodgy circuit board forces Cisco to recall some Catalyst switches
Cisco Systems is undertaking a low-key recall of some Catalyst 5000 network switches due to a faulty circuit board. Not every switch in the family is affected, and customers around the world are being told to check their serial numbers against a list provided by Cisco. In a notice posted on the company's Cisco Connections Online web site, customers are warned that the defect "will cause the power supplies to go into over-current shutdown, cutting off power to the system. The short may also cause smoke to be generated, but will not produce fire or sparks." Only the Cisco Catalyst 5000 WS-X5012 products within the following serial number ranges may have the defect: 9880340 To 9883950 10120340 To 10125399 10172043 To 10175339 10290340 To 10295339 10510340 To 10515339 Cisco notes that the WS-X5012A is not affected by this problem. To deal with these defective boards, Cisco is offering support and a free replacement through a product recall. Customers in the Middle East should first contact the reseller that sold them the switch.
http://itparabia.com/channel_article/1,1928,0-14-1040,00.html
Link to Cisco (repeat from above:
http://www.cisco.com/warp/public/770/index.shtml
-- Carl Jenkins (Somewherepress@aol.com), January 10, 2000