Cisco Systems® announces Cisco IOS® Software updates for Cisco® Catalyst® 3750, Catalyst 3560, Catalyst 3550, Catalyst 2970, and Catalyst 2960 series Intelligent Ethernet switches. This new release furthers Cisco leadership in providing secure, reliable, and feature-rich LAN switching solutions.
• IPv6 neighbor discovery throttling-Implements the mechanism to drop in hardware of any additional IPv6 packets whose next hop is the same neighbor the switch is actively resolving. Performing this drop in hardware will avoid adding further load on the switch.
• Cisco Discovery Protocol support for IPv6-Cisco Discovery Protocol support for an IPv6 address adds the ability to transfer IPv6 addressing information between two Cisco devices using Cisco Discovery Protocol, providing IPv6 information to network management products and troubleshooting tools.
• Secure Shell (SSH) Protocol over IPv6-SSH connections can be made to and from the switch. SSH connections to the switch are accepted over IPv6 transport with no command-line interface (CLI) implications. When making connections from the switch, the CLI is identical to the existing SSH CLI except that either an IPv4 or an IPv6 address can be used where previously only an IPv4 address was allowed. A hostname that resolves to an IPv6 address can also be used
• IPv6 MIBs
– CISCO-IETF-IP-MIB maps to http://www.ietf.org/internet-drafts/draft-ietf-ipv6-rfc2011-update-11.txt. This draft describes managed objects used for implementations of IP in a version-independent manner.
– CISCO-IETF-IP-FORWARD-MIB maps to http://www.ietf.org/internet-drafts/draft-ietf-ipv6-rfc2096-update-08.txt. This draft describes managed objects related to the forwarding of IP packets in a version-independent manner.
• IEEE 802.1x MAC-Authentication-Bypass-This feature allows clientless end users (with no 802.1x supplicant) to authenticate to the network, utilizing the MAC address of the device. The switch will initiate an Extensible Authentication Protocol (EAP) conversation with an authentication, authorization, and accounting (AAA) server on behalf of a device to authenticate the MAC address itself. This process is transparent to the end user and utilizes a prepopulated database.
• IEEE 802.1x inaccessible authentication bypass-Provides a way for the network administrator to configure "critical" ports that are allowed access to the network if the 802.1x authentication process cannot reach any of the configured AAA servers. This feature is also known as "Critical Auth" or "AAA-Down."
• LAN port IP inaccessible authentication bypass-As with 802.1X, failure of the AAA server to respond can prevent network access to hosts in a Network Admissions Control (NAC) Layer 2 IP environment. The LAN Port IP AAA-Down feature uses the same AAA infrastructure as "802.1x inaccessible authentication bypass" to detect when all configured servers are unavailable. During this period, a per-port local policy can be applied until the servers become available again.
• Generic Online Diagnostics Framework (GOLD)-GOLD provides a fault detection framework that provides troubleshooting tools for customers and the Cisco Technical Assistance Center (TAC) and can be either run on demand or scheduled.
– This initial implementation includes support for items listed in Table 1.
Table 1. Supported Features
• Stackwise MIB-A new MIB specifically for a Catalyst 3750 stack, providing all relevant information about individual switches in a stack.
Table 2. Overview of new Stackwise MIB Object Types
• CISCO-PORT-QOS-MIB-Provides information about quality-of-service (QoS) statistics, which are currently available via the CLI, using Simple Network Management Protocol (SNMP).
• CISCO-DHCP-SNOOPING-MIB-Provides SNMP support for the Dynamic Host Configuration Protocol (DHCP) snooping capability.
• Virtual routing and forwarding (VRF)-aware IP-directed broadcast-Provides per-interface support for IP-directed broadcasts to be transmitted within a VRF domain. Access lists can be used to control which broadcasts are forwarded. Broadcasts stay within the VRF domain, even if there is a duplicate address of the destination interface in a different VRF or in a global routing interface.
• Trunk failover-Link state tracking, also known as trunk failover, provides Layer 2 redundancy in the network when used in conjunction with server network interface card (NIC) adapter teaming.
• DHCP option-82 configurable remote ID and circuit ID-DHCP option 82 provides customers a great deal of flexibility when it comes to identifying individual users for various reasons (for example, location of attachment or controlling how many IP addresses a device or user is allowed from the DHCP server). This enhancement provides customers additional flexibility to determine what information is provided within the option-82 remote ID suboption and option-82 circuit ID suboption.
– Remote ID-The customer now has the option to use a switch's configured hostname or specify an ASCII text string; both are subject to a maximum length of 63 bytes. The default is to provide the MAC address of the switch.
– Circuit ID-The customer now has the option to configure an ASCII text string up to 63 bytes and override the default circuit ID, which is vlan-module-port in binary format.
• Cisco Network Service (CNS) Image Agent-Enhances the existing CNS functionality implemented on the IE2100 with support of the new Image Agent capability. CNS Image Agent works with the CNS Image Server and allows for the distribution of images to the switch.
• IP phone enhancement-PHY loop detection-This enhancement implements a mechanism to detect external loopback conditions on Fast Ethernet ports and prevent the links from coming up.
• Enhanced Interior Gateway Routing Protocol (EIGRP) stub-EIGRP stub provides full routing support for only those Layer 3 devices directly connected to the switch and not for routers downstream of the switch. Available in the IP Base images for the Catalyst 3750 and 3560 switches. Complete EIGRP routing support is available on those switches in the IP Services and Advanced IP Services images.
• EIGRP-VRF Lite-Allows EIGRP to route into a VRF domain.
• Flex links preemption-Currently within flex links, the switch port backup interface feature allows users to configure a Layer 2 interface to back up another Layer 2 interface. The two interfaces provide mutual backup to each other-that is, only one of the interfaces forwards traffic and is called the "active interface." The other one is in backup mode, which is not forwarding traffic and is ready to take over in case the forwarding interface is down, and is called the "backup interface." When the active interface goes down, the backup interface takes over as active and starts forwarding traffic.
– If preemption mode is off, this interface will go into backup mode.
– Configure preemption mode to always force a switchover to the "original" active.
– Configure preemption mode to switch over to higher available bandwidth interface.
• Flex links on the Catalyst 3550-Support for flex links is now available on the Catalyst 3550 switch in both IP Base (SMI) and IP Services (EMI) images.
Table 3. Cisco IOS Software Release 12.2(25)SEE New Features
Table 4. Cisco Catalyst Switches Supported with Cisco IOS Software Release 12.2(25)SEE
• Cisco Catalyst 3750 Series software: http://www.cisco.com/cgi-bin/tablebuild.pl/cat3750
• Cisco Catalyst 3560 Series software: http://www.cisco.com/cgi-bin/tablebuild.pl/cat3560
• Cisco Catalyst 3550 Series software: http://www.cisco.com/cgi-bin/tablebuild.pl/cat3550
• Cisco Catalyst 2970 Series software: http://www.cisco.com/cgi-bin/tablebuild.pl/cat2970
• Cisco Catalyst 2960 Series software: http://www.cisco.com/pcgi-bin/tablebuild.pl/cat2960
• Cisco Catalyst 3750 Series switches: http://www.cisco.com/go/catalyst3750
• Cisco Catalyst 3560 Series switches: http://www.cisco.com/go/catalyst3560
• Cisco Catalyst 3550 Series switches: http://www.cisco.com/go/catalyst3550
• Cisco Catalyst 2970 Series switches: http://www.cisco.com/go/catalyst2970
• Cisco Catalyst 2960 Series switches: http://www.cisco.com/go/catalyst2960
• Cisco Catalyst 3750, 3560, 3550, 2970, and 2960 series release notes:
• Cisco EtherSwitch Service Modules for Cisco 2600, 2800, 3700, and 3800 series routers http://www.cisco.com/en/US/products/ps5854/products_data_sheet0900aecd8028d15f.html
Software Image Migration Guide
Figure 1. Cisco IOS Software Release 12.2 Release Train