[c-nsp] 12.4(20)T oddities

Sat Aug 30 05:03:43 EDT 2008

I upgraded a 2811 to 20T the other night.  I did another 2811 tonight 
after a different maintenance window.  The routers are basically 
identical, except for the quantity of modules installed in them.  I 
noticed the first night that I was seeing a number of tracebacks. 
Nothing was a show-stopper though.  One happened on boot and I don't 
have it handy at the moment.  Here are 2 that I still have in the log:

000435: Aug 27 00:47:47 CDT: %SCHED-7-WATCH: Attempt to enqueue 
uninitialized watched queue (address 0). -Process= "Call Manager XML 
client", ipl= 0, pid= 342,  -Traceback= 0x41774928 0x42DF4DF8 0x42B15C58 
0x42B54260

000440: Aug 27 00:49:20 CDT: %SCHED-7-WATCH: Attempt to enqueue 
uninitialized watched queue (address 0). -Process= "SSH Process", ipl= 
0, pid= 317,  -Traceback= 0x41774928 0x42DF4DF8 0x42B15C58 0x42B54260

Another odd thing that I noticed was that SSH from SecureCRT broke after 
the upgrade.  SSH from a Linux command line (OpenSSH) still works 
though.  This error is logged on the router:

000552: Aug 30 03:45:26.430 CDT: SSH2 0:  Invalid modulus length

I wiped the router's RSA keys and regenerated them first at with a 2048 
bit modulus and then 1024 bit.  Neither solved the problem.  I even 
removed the local SecureCRT known_hosts key for that host (though that 
shouldn't have matter because SCRT will prompt you if the key has 
changed).  Below is the output from debug ip ssh packet/detail:

001258: Aug 30 03:53:11.320 CDT: SSH0: starting SSH control process
001259: Aug 30 03:53:11.320 CDT: SSH0: sent protocol version id 
SSH-2.0-Cisco-1.25
001260: Aug 30 03:53:11.324 CDT: SSH0: protocol version id is - 
SSH-2.0-SecureCRT_6.0.0 (build 183) SecureCRT
001261: Aug 30 03:53:11.324 CDT: SSH2 0: send:packet of  length 344 
(length also includes padlen of 5)
001262: Aug 30 03:53:11.324 CDT: SSH2 0: SSH2_MSG_KEXINIT sent
001263: Aug 30 03:53:11.324 CDT: SSH2 0: ssh_receive: 424 bytes received
001264: Aug 30 03:53:11.324 CDT: SSH2 0: input: total packet length of 
424 bytes
001265: Aug 30 03:53:11.324 CDT: SSH2 0: partial packet length(block 
size)8 bytes,needed 416 bytes,
                maclen 0
001266: Aug 30 03:53:11.324 CDT: SSH2 0: input: padlength 7 bytes
001267: Aug 30 03:53:11.324 CDT: SSH2 0: SSH2_MSG_KEXINIT received
001268: Aug 30 03:53:11.324 CDT: SSH2:kex: client->server enc:aes128-cbc 
mac:hmac-md5
001269: Aug 30 03:53:11.328 CDT: SSH2:kex: server->client enc:aes128-cbc 
mac:hmac-md5
001270: Aug 30 03:53:11.328 CDT: SSH2 0: ssh_receive: 24 bytes received
001271: Aug 30 03:53:11.328 CDT: SSH2 0: input: total packet length of 
24 bytes
001272: Aug 30 03:53:11.328 CDT: SSH2 0: partial packet length(block 
size)8 bytes,needed 16 bytes,
                maclen 0
001273: Aug 30 03:53:11.328 CDT: SSH2 0: input: padlength 6 bytes
001274: Aug 30 03:53:11.328 CDT: SSH2 0: SSH2_MSG_KEX_DH_GEX_REQUEST 
received
001275: Aug 30 03:53:11.328 CDT: SSH2 0: Range sent by client is - 1024 
< 2046 < 2046
001276: Aug 30 03:53:11.328 CDT: SSH2 0:  Invalid modulus length
001277: Aug 30 03:53:11.428 CDT: SSH0: Session disconnected - error 0x00

Any thoughts?  I'm holding off on any more 20T upgrades until this can 
be resolved.  While I do have a local NOC server that I can SSH from if 
needed I'm not inclined to hinder my management abilities like that.

As I was writing the config and disconnecting this 3rd traceback popped up:

001301: Aug 30 03:59:06 CDT: %SCHED-7-WATCH: Attempt to enqueue 
uninitialized watched queue (address 0). -Process= "Virtual Exec", ipl= 
0, pid= 354,  -Traceback= 0x41774928 0x42DF4DF8 0x42B15C58 0x42B54260[OK]

Does anyone have any thoughts on any of this?  So far this has been the 
most problematic T release I've used.  They are generally more reliable. 
  So far I haven't noticed any VoIP issues or other actual 
show-stoppers.  I'm itching to try out some of the new and long-awaited 
features but I may have to wait for a (20)T1 to do that outside of a lab.

Thanks
  Justin