Guest

Cisco NX-OS Software

Cisco Nexus Software Release 5.0 for Cisco Nexus 7000 Series Switches

  • Viewing Options

  • PDF (139.8 KB)
  • Feedback

PB577133

This product bulletin introduces Cisco® NX-OS Software Release 5.0 for Cisco Nexus® 7000 Series Switches and summarizes the new features it offers.

New Features

Cisco NX-OS 5.0 for the Cisco Nexus 7000 Series provides a rich and comprehensive feature set to address the high demands of mission-critical data centers. Cisco NX-OS 5.0 is also used by the Cisco MDS 9000 Series Multilayer Switches, focusing on data center features and protocols, availability, and operational considerations.
Cisco NX-OS 5.0 supports all hardware and software supported in Cisco NX-OS Software Release 4.2. In addition, Cisco NX-OS 5.0 for the Cisco Nexus 7000 Series now supports several new software features and new and enhanced optics. The following list summarizes the main software and hardware features new in this release:

• Link-Level Discovery Protocol (LLDP) (IEEE 802.1ab)

• Bidirectional forwarding detection (BFD)

• IPv6 path maximum transmission unit (MTU) discovery (PMTU)

• Hot-Standby Router Protocol (HSRP) for IPv6

• Port level QinQ with support for Layer 2 Protocol Tunneling

• Promiscuous Trunk Ports for private VLANs

• Time Domain Reflectometer on Cisco Nexus 7000 Series 48 port 10/100/1000 Ethernet Module

• Object Tracking for IPv6

• Per-command authorization with TACACS with roles support

• Dynamic Host Configuration Protocol (DHCP) VRF support

• Configurable maximum fabric modules per system

• Display of actual power draw for line card and fan

• Embedded Event Manager (EEM) policies for fan

• Connectivity Management Processor (CMP) interface enhancements (IPv6 and banner support)

• XL functionality for I/O modules

• 6.0-kW DC power supply and power interface unit

Hardware Support

Cisco NX-OS 5.0 supports all the hardware for the Cisco Nexus 7000 Series previously supported up through Cisco NX-OS 4.2. Release 5.0 adds new hardware support for 8-port 10 Gigabit Ethernet GE (XL) and 48-port 1GE (XL) line cards and 6.0-kW DC power supply and power interface unit. XL refers to the capability to support 1 million hardware routing entries and 256,000 access control list (ACL) entries. This capability requires a new XL license. Table 1 lists the new modules supported, and Table 2 lists the new optics supported.

Table 1. New Hardware Modules Supported on Cisco Nexus 7000 Series with Cisco NX-OS 5.0

Description

Part Number

Cisco Nexus 7000 Series 8-Port 10 Gigabit Ethernet XL Module
(license required to enable XL feature; default is non-XL mode)

N7K-M108X2-12L

Cisco Nexus 7000 Series 48-Port Gigabit Ethernet XL Module (license required to enable XL feature; default is non-XL mode)

N7K-M148GS-11L

Cisco Nexus 7000 6.0kW DC Power Supply Module (cable included)

N7K-DC-6.0KW

Cisco Nexus 7000 DC Power Interface Unit

N7K-DC-PIU

Table 2. New Optics Supported in Cisco NX-OS 5.0

For Cisco Nexus 7000 Series 48-Port Gigabit Ethernet Module (SFP)

Part Number

• Gigabit Ethernet Small Form-Factor Pluggable (SFP), with LC connector and SX transceiver
• Gigabit Ethernet SFP, with LC connector and LX/LH transceiver
• Gigabit Ethernet SFP, with LC connector and ZX transceiver
• 1000BASE-SX SFP (DOM)
• 1000BASE-LX/LH SFP (DOM)
• 1000BASE-ZX Gigabit Ethernet SFP (DOM)
• 1000BASE-T Gigabit Ethernet SFP (DOM)
• Gigabit Ethernet SFP, with copper twisted pair
• Coarse Wavelength-Division Multiplexing (CWDM) SFP
• Dense Wavelength-Division Multiplexing (DWDM) SFP
• GLC-SX-MM
• GLC-LH-SM
• GLC-ZX-SM
• SFP-GE-S
• SFP-GE-L
• SFP-GE-Z
• SFP-GE-T
• GLC-T
• CWDM-SFP-xxxx
• DWDM-SFP-xxxx=

For Cisco Nexus 7000 Series 32-Port 10Gb Ethernet Module

Part Number

• 10GBASE SFP
• SFP-10GB-ER

For Cisco Nexus 7000 Series 8-Port 10Gb Ethernet XL Module

Part Number

• 10GBASE-SR X2 transceiver module for MMF, with 850-nm wavelength and SC duplex connector
• 10GBASE-LR X2 transceiver module for SMF, with 1310-nm wavelength and SC duplex connector
• 10GBASE-LRM X2 transceiver module for MMF, with 1310-nm wavelength, SC duplex connector length, and SC duplex connector
• DWDM 10GBASE-DWDM
• X2-10GB-SR
• X2-10GB-LR
• X2-10GB-LRM
• X2-10GB-ER
• DWDM-X2-xx.xx

Software Support

Cisco NX-OS 5.0 supports all the software features previously supported on the Cisco Nexus 7000 Series up through Cisco NX-OS 4.2. Cisco NX-OS 5.0 is compatible with In Service Software Upgrade (ISSU) with a 4.x train. In addition, Cisco NX-OS 5.0 supports the new software features described in Table 3.
For more detailed information about features and ISSU, refer to the Cisco NX-OS 5.0 release notes (see "For More Information" at the end of this document).

Table 3. New Software Features in Cisco NX-OS 5.0

Software Feature

Description

Bidirectional Forwarding Detection (BFD)

• BFD provides low-overhead, short-duration detection of failures in the path between adjacent forwarding engines.
• Cisco NX-OS supports BFD (version 1) for the verification of IPv4 single-hop connectivity. Cisco NX-OS supports asynchronous mode.
• BFD is a fixed-length hello protocol, in which each end of a connection transmits packets periodically over a forwarding path. Cisco NX-OS supports BFD adaptive detection times.
• BFD works over Gigabit Ethernet, 10 Gigabit Ethernet, PortChannel interfaces and can be used with the following protocols: Border Gateway Protocol (BGP), Intermediate System-to-Intermediate System (IS-IS), Open Shortest Path First (OSPF), Enhanced Interior Gateway Routing Protocol (EIGRP), Hot-Standby Router Protocol (HSRP), Protocol Independent Multicast (PIM), and static routes.

Link Level Discovery Protocol (LLDP)

LLDP (IEEE 802.1AB) is a neighbor discovery protocol that is used for network devices to advertise information about themselves to other devices on the network.

LLDP supports a set of attributes that it uses to discover neighbor devices. LLDP-supported devices can use type-length-value (TLV) elements to receive and send information to their neighbors. Details such as configuration information, device capabilities, and device identity can be advertised using this protocol.

The following TLV elements are being supported in Cisco NX-OS:

• Port description TLV
• System name TLV
• System description TLV
• System capabilities TLV
• Management address TLV
• Chassis ID
• Port VLAN

Hot Standby Routing Protocol for IPv6 (HSRPv6)

Cisco NX-OS 5.0 supports IPv6 for HSRP. This support includes link-layer address as well as global IPv6 address support.

Port level QinQ with support for Layer 2 Protocol Tunneling

This feature adds another layer of IEEE 802.1Q tag to the 802.1Q tagged packets that enter the network. The purpose is to expand the VLAN space by tagging the tagged packets, thus producing a double-tagged frame. The expanded VLAN space allows network administrators to provide certain services, such as Internet access on specific VLANs for specific customers, yet to still provide other types of services for their other customers on other VLANs.

Private VLAN Trunk Promiscuous ports

This feature extends support for PVLANs on trunk ports.

IPv6 PMTU discovery

As in IPv4, path MTU discovery in IPv6 allows a host to dynamically discover and adjust to differences in the MTU size of every link along a given data path. In IPv6, however, fragmentation is handled by the source of a packet when the PMTU of one link along a given data path is not large enough to accommodate the size of the packets. Having IPv6 hosts handle packet fragmentation saves IPv6 router processing resources and helps IPv6 networks run more efficiently.

Object Tracking for IPv6

With this enhancement, objects tracked now include static as well as dynamic IPv6 routes and also IPv6 routing on interfaces, similar to IPv4.

Per-command authorization with TACACS with roles support

The current Cisco NX-OS code does not support any means for commands to be verified by a server outside the switch. The capability to verify users (authentication) and commands (authorization) using a TACACS+ server is now supported. A TACACS+ server can be used to perform any or all AAA services.

DHCP VRF support

In typical network deployments, multiple VPNs and VRF instances are being serviced by one single network element (such as a router) where a relay agent can exist. It may be desirable to have just one DHCP server placed in one VRF to cater to all the clients in different VRFs. This approach would enable a network administrator to conserve address space by allowing overlapping addresses. The relay agent can now support multiple clients on different VPNs, and many of these clients from different VPNs can share the same IP address.

Time Domain Reflectometer (TDR)

TDRs are used to find physical layer network problems such as cable faults. By being able to remotely diagnose a cable failure, network administrators can now identify the root cause of a problem more quickly and more effectively to provide users a more prompt response to their connectivity problems. Moreover, with cable diagnostic capabilities now embedded directly on the Cisco Nexus 7000 Series modules, it is no longer necessary to unplug cables and connect cable testers to diagnose a link fault since each line card's port can independently detect cabling problems and report them to the switch software.

IS-IS Non Stop Routing

This feature combines stateful high availability with graceful restart support for the IS-IS protocol to maintain routing sessions during switch supervisor switchover, thus maintaining zero downtime during system upgrades (ISSU) and disruptions.

Network Time Protocol (NTP) Enhancements

NTP ACLs:

• The NTP access group can be used to specify the servers and peers from which time responses are accepted. These lists are built on the ACL infrastructure of Cisco NX-OS.

NTP authentication:

• Authentication support allows the NTP client to verify that servers are known and trusted and not intruders intending accidentally or intentionally to masquerade as legitimate servers. NTP authentication uses symmetric key cryptography.

NTP logging and debugging:

• With logging enabled, significant NTP daemon events (such as synchronization to a server or a clock reset) are logged.

SGACL Log/statistics

This feature enables statistics collection for SGACLs as well as logging for SGACLs.

Route Policy Manager Enhancements

These enhancements include:

• match metric command
• match mac command
• match vlan command

Call Home enhancements

Enhancements include support for:

• Multiple SMTP server capability with Call Home
• Call Home messages for process failures on line card
• Support for HTTP proxy
• Enhancement for syslog alerts
• VRF support for HTTP transport

Secure Shell (SSH) enhancements

Enhancements include:

• Support for SSH command in boot mode 
• PKI X509 certificate support for SSH
• File copy without password to SCP server

Authentication, authorization, and accounting (AAA) enhancements

Enhancements include:

• Per-command authorization with roles for AAA
• AAA Challenge Handshake Authentication Protocol (CHAP) authentication
• Lightweight Directory Access Protocol (LDAP) and Microsoft Active Directory support for AAA
• Support for an OTP (OneTimePassword) scheme for AAA infrastructure
• Enhancement to enable or disable fallback to local if remote authentication fails
• Added support in the SNMP MIB to get the list of logged in users
• Capability to configure test parameters at the AAA group level instead of having to set them up individually for each server in the AAA group
• Capability to disable username accounts
• Capability to enable AAA accounting on LOGFLASH for the Cisco Nexus 7000 Series

IEEE 802.1x enhancements

Enhancements include:

• Support for dot1x on PortChannels
• Enhancements related to Protected Access Credential (PAC) provisioning

Configurable maximum fabric modules per system

Cisco NX-OS reserves power for all five fabric modules in the Cisco Nexus 7000 Series. This feature allows customers to release some of the reserved power, by allowing power to the configured fabric module. Fabric modules in slots that are unsupported will be kept powered down.

Display of actual power draw for line card and fan

Support is now provided to display the actual power draw for newer line cards like the Cisco Nexus 7000 Series 48-Port Gigabit Ethernet XL and 8-Port 10 Gigabit Ethernet XL Modules.

Support is also provided to display the estimated power draw for the fan.

Fan EEM policies

For the Cisco Nexus 7000 10-Slot Switch:

• Fan table speed is capped at a lower value, and hence the maximum reserved power for the fan can be reduced.
• Fan table mappings at various speeds have changed.
• Fan shutdown policy in the 10-slot chassis has changed as follows:
• If a system fan is removed: Earlier releases shut off the other fan in 3 minutes. The new policy is to increase the speed of the other fan based on the table mapping.
• If a fabric fan is removed: Earlier releases shut off the other fan in 3 minutes. The new policy is to increase the speed of the other fan to the maximum.
• Hysteresis:
• Fan speed is controlled by temperature: If the temperature increases to T1, the fan speed is increased to cool down. If successful, the fan speed is not reduced until the temperature is down to T1 - 5°C

For the Cisco Nexus 7000 18-Slot Switch:

• Fan table speed is capped at a lower value, and hence the maximum reserved power for the fan can be reduced.
• Fan table mappings at various speeds have changed.
• Fan shutdown policy has not changed.
• Hysteresis policy is similar to that for the Cisco Nexus 7000 10-Slot Switch.

ACL logging on management interfaces

ACL log feature allows the user to monitor flows that hit specific ACLs. User can configure specific ACEs with logging option. When such an option is configured, statistics for each flow that matches the permit or deny conditions of the ACL entry are logged in software.

IPv6 on Connectivity Management Processor (CMP) interface

The following features are provided:

• IPv6 support on CMP management interface
• IPv6 configurability from startup scripts
• Telnet and SSH reachability to CMP through IPv6
• Ping6 and Traceroute6 support on CMP

Virtual Port Channel (vPC) enhancements

This enhancement allows new ports to be enabled on the vPC primary switch when the peer link is down.

MIB enhancements

IP-MIB ( RFC-2011)

IP Forwarding Table (RFC4292)

UDP MIB (RFC4113)

CISCO-SYSTEM-EXT-MIB

• cseHaRestartNotify
• cseShutDownNotify
• cseFailSwCoreNotify
• cseFailSwCoreNotifyExtended
• ciscoSwFailureNotifEnable

CISCO-ENHANCED-MEMPOOL-MIB

• ModuleInstalledMemory
• ModuleSystemHeapFree
• Dynamically load/unload MIB

CiscoConfigManMIB

• ccmHistoryRunningLastSaved
• ccmHistoryStartupLastChanged
• ccmHistoryRunningLastChanged

Ordering Information

Cisco NX-OS is available in four license levels. A rich feature set is provided with the Base license, which is bundled with the hardware at no extra cost. The Enterprise license enables incremental functions that are applicable to many enterprise deployments. The Advanced LAN Enterprise license enables next-generation functions such as virtual device contexts (VDCs) and Cisco TrustSec. In addition, two new licenses are being introduced: Scalable services to enable XL capabilities on the line cards and the Transport Services license to enable OTV functionality. The Scalable Feature license is applied on a per-chassis basis.
Table 4 summarizes the license packages.

Table 4. License Packages

Package

Content

Base package

Provides a rich feature set appropriate for most data center requirements

Enterprise package

Provides incremental functions available only with the Enterprise license:

• IP routing
• OSPFv2 and v3 (IPv4 and v6)
• IS-IS Protocol (IPv4)
• BGP (IPv4 and v6)
• EIGRP (IPv4 and v6)
• IP Multicast
• PIM: Sparse, Bidir, Any-Source Multicast (ASM), and Source-Specific Multicast (SSM) modes (IPv4 and v6)
• Multicast Source Discovery Protocol (MSDP) (IPv4)
• Policy-based routing (PBR) (IPv4 and v6)
• GRE tunnels

Advanced LAN package

Enables use of the following functions in Cisco NX-OS:

• VDCs
• Cisco TrustSec

Transport Services license

Enables OTV functionality (requires enterprise license for deployment)

Cisco Nexus 7000 10-Slot Switch Scalable Feature license

Chassis license for XL feature modules; one per chassis

Cisco Nexus 7000 18-Slot Switch Scalable Feature license

Chassis license for XL feature modules; one per chassis

To place an order, visit the Cisco Ordering homepage. To download software, visit the Cisco Software Center. Table 5 provides ordering information.

Table 5. Ordering Information

Description

Part Number

Cisco NX-OS Enterprise LAN License

N7K-LAN1K9

Cisco NX-OS Advanced LAN License

N7K-ADV1K9

Cisco NX-OS Transport Services License

N7K-TRS1K9

Cisco Nexus 7010 Scalable Feature License

N7K-C7010-XL

Cisco Nexus 7018 Scalable Feature License

N7K-C7018-XL

Cisco NX-OS 5.0 Software for the Cisco Nexus 7000 Supervisor 1

N7KS1K9-50

Cisco NX-OS 5.0 No Payload Encryption Software (no CTS)

N7K1S1NPEK9-50

Cisco Services and Support

Cisco offers a wide range of services to help accelerate your success in deploying and optimizing Cisco Nexus 7000 Series Switches in your data center. Cisco's innovative services are delivered through a unique combination of people, processes, tools, and partners and are focused on helping you increase operational efficiency and improve your data center network. Cisco Advanced Services uses an architecture-led approach to help you align your data center infrastructure with your business goals and achieve long-term value. Cisco SMARTnet ® Service helps you resolve mission-critical problems with direct access at any time to Cisco network experts and award-winning resources. With this service, you can take advantage of the Smart Call Home service capability, which offers proactive diagnostics and real-time alerts on your Cisco Nexus 7000 Series Switches. Spanning the entire network lifecycle, Cisco Services helps protect your investment, optimize network operations, support migration, and strengthen your IT expertise. For more information about Cisco Data Center Services, visit http://www.cisco.com/go/dcservices.

For More Information

For more information about Cisco NX-OS, visit the product homepage at http://www.cisco.com/go/nxos or contact your local account representative.