IBM Support

IV17407: CISCOMPLSTELNET AGENT CAN NOT LOGIN TO DEVICE WITH SSHV2

Subscribe

You can track all active APARs for this component.

 

APAR status

  • Closed as program error.

Error description

  • CiscoMPLSTelnet agent can not log into device with SSHv2 tested
    with ITNM 3.9 fp1 (.49)
    
    Unable to collect mpls interfaces information
    
    Specifically, it's the following fields from the
    SSH_MSG_CHANNEL_OPEN packet.
    
    uint32 initial window size
    and
    uint32 maximum packet size
    
    Implementations MUST correctly handle window sizes
    of up to 2^32 - 1 bytes. The window MUST NOT be increased above
    2^32 - 1 bytes.
    
    
    We found that when we used 2^32-1 as the value for these
    fields, the router would not return a prompt.
    
    modifed our code to use 2^30-1
    

Local fix

Problem summary

  • ****************************************************************
    * USERS AFFECTED:                                              *
    * Users trying to discovery certain Cisco devices running      *
    * IOS-XR                                                       *
    ****************************************************************
    * PROBLEM DESCRIPTION:                                         *
    * The CiscoSwitchTelnet agent is unable to login to a device   *
    * running IOS-XR                                               *
    ****************************************************************
    * RECOMMENDATION:                                              *
    * Apply a testfix or upgrade to 3.9FP2                         *
    * | fix pack | 3.9.0-ITNMIP-FP0002                             *
    ****************************************************************
    

Problem conclusion

  • The Cisco device does not correctly support the RFC values for
    window and max packet size
    The RFC defines that
    Implementations MUST correctly handle window sizes
    of up to 2^32 - 1 bytes. The window MUST NOT be increased above
    2^32 - 1 bytes.
    And we were using 2^32 -1.
    Changing this to 2^31-1 allows ITNM to login to the devices
    

Temporary fix

Comments

APAR Information

  • APAR number

    IV17407

  • Reported component name

    TIV NETWK MGR I

  • Reported component ID

    5724S4500

  • Reported release

    390

  • Status

    CLOSED PER

  • PE

    NoPE

  • HIPER

    NoHIPER

  • Special Attention

    NoSpecatt

  • Submitted date

    2012-03-16

  • Closed date

    2012-04-11

  • Last modified date

    2012-04-11

  • APAR is sysrouted FROM one or more of the following:

  • APAR is sysrouted TO one or more of the following:

Fix information

  • Fixed component name

    TIV NETWK MGR I

  • Fixed component ID

    5724S4500

Applicable component levels

  • R390 PSY

       UP

[{"Business Unit":{"code":"BU053","label":"Cloud & Data Platform"},"Product":{"code":"SSSHRK","label":"Tivoli Network Manager IP Edition"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"3.9","Edition":"","Line of Business":{"code":"LOB45","label":"Automation"}}]

Document Information

Modified date:
11 April 2012