Cisco announces Cisco IOS® Software updates for Cisco® Catalyst® 3750-X, 3560-X, 3750-E, 3750G, 3560-E, 3560G, 2960, and 2960-S Series Switches; Cisco Catalyst 3750V2 and 3560V2 Switches; Cisco Industrial Ethernet (IE) 3000 Series Switches; and Cisco Catalyst Blade Switch 3000 and 3100 platforms.
• Ease of use and manageability enhancements: This release incorporates various manageability improvements to Cisco Catalyst Smart Operations such as enhancements to Auto SmartPorts and Smart Install, which are meant to reduce time of deployment and deployment costs in heterogeneous switch, router, and endpoint device environments. It also supports the Cisco Call Home technology and includes future support for the Smart Call Home extension. For more details, see the following "Cisco Smart Operations Ease-of-Use and Manageability Enhancements" section.
• Cisco medianet enhancements: In this release three new extensions of the medianet technology are introduced:
– Cisco IP Service Level Agreement (IPSLA) Media Operation is an extension of IPSLA, which allows customers to perform the active monitoring of the network performance and can be used for network troubleshooting, network readiness assessment, and health monitoring. In particular, Media Operation adds the capability to generate and analyze video traffic on demand.
– Performance Passive Monitoring is used to identify the quality of video traffic traversing the network. Network nodes can thereby measure the quality of video traffic in real time and report the measurements to various collection and reporting functions within Cisco IOS Software or to an external Network Management System (NMS). Real-time measurement and report of video traffic enable visibility, troubleshooting, and management of video applications across the network.
– Mediatrace is a tool that can be used to troubleshoot network problems for a given media flow. It relies on the Resource Reservation Protocol (RSVP) for communication between different nodes on the media path. Its purpose is to trace the media flow in the network from the source endpoint to the destination endpoint.
• Cisco EnergyWise enhancements: two new extensions of the EnergyWise technology are introduced:
– Integration with Wake on LAN (WoL) provides the ability to wake-up a sleeping, hibernating, or powered-off computer by broadcasting a "magic packet" containing a MAC address across the LAN. WoL is widely supported in desktop PCs. With this enhancement EnergyWise can be used to wake up the desktop PCs within a designated LAN using the local switch to propagate the magic packets whereas before a designated "last man standing" PC would need to stay powered up for the purposes of WoL.
– EnergyWise enhanced Software Development Kit (SDK) and corresponding Cisco IOS enhancements now support EnergyWise mid-points where the device has multiple children, for example a Power Distribution Unit (PDU) with EnergyWise SDK support can now report and control all the individual plug outlets (identified as EnergyWise children) in the EnergyWise domain. This allows EnergyWise to monitor and control every plug outlet on a supporting PDU.
• Cisco Smart Logging and Telemetry (SLT): This new technology provides a single mechanism of logging and telemetry of traffic that is associated to a specific event on a switch (for example, an event triggered by an ACL-permitted or -denied packet). Important Layer 2 features such as Dynamic ARP Inspection, Dynamic Host Configuration Protocol (DHCP) Snooping, IP Source Guard, and Port ACLs can now log events (such as policy violations) to an external analyzer device by exporting event information and portions of packets over a NetFlow v9 transport. Therefore, NetFlow v9 capable software can receive packet sections along with additional information when an event is triggered on a switch (for instance, when an ARP poisoning attack or an IP spoofing attack is attempted and detected) and can analyze the actual contents of the packet(s) that originated such event. (See Figure 1.) This technology also allows the analyzer software to generate application visibility data up to Layer 7 from the collected packet information.
Figure 1. Smart Logging and Telemetry
• VLAN Access Control List (VACL) logging: VACL logging is a useful security capability that allows IP packets that are denied by a VACL entry to generate log messages on a per-flow basis.
• Cisco Rolling Stack Upgrade (RSU) on Cisco Catalyst 3750-E and 3750-X: With previous releases, whenever Cisco IOS Software was upgraded on a stack of switches, a complete stack reload was required, which resulted in hosts losing network connectivity for several minutes. Starting from this release, in networks that use redundant uplinks and downlinks to the hosts, the intrinsic redundancy of the network can be used to perform a stack upgrade one member at a time with minimal traffic disruption. In this case, hosts with connectivity (either wireless or wired) to two different switches in the same stack would experience minimal traffic loss when switching from one uplink path to the redundant one while the rolling upgrade is being performed.
• Virtual Router Redundancy Protocol (VRRP) for IPv4: Virtual Router Redundancy Protocol is a standard-based first-hop redundancy protocol. With VRRP, a group of routers functions as one virtual router by sharing one virtual IP address and one virtual MAC address. The master router performs packet forwarding, while the backup routers stay idle. VRRP is typically used in multivendor first-hop gateway redundancy deployments.
• OSPFv2 IETF Graceful Restart (RFC 3623) and OSPFv3 Graceful Restart (RFC 5187): Also known as nonstop forwarding (NSF) in Cisco IOS Software terminology, this release introduces the IETF standardized Graceful Restart (GR) function that is described in RFC 3623 and in RFC 5187. Under very specific situations, a router may undergo certain well-known failure conditions that should not affect packet forwarding across the switching platform. The NSF capability allows the forwarding of data packets to continue along routes that are already known, while the routing protocol information is being restored. This capability is useful in cases in which there is a component failure. Prior to RFC 3623 and RFC 5187, Cisco implemented Cisco proprietary NSF, referred to as Cisco NSF. The IETF Graceful Restart feature allows you to configure IETF NSF in multivendor networks. Configuring IETF NSF increases the availability of your network by allowing OSPF routers to stay on the forwarding path even as their OSPF software is restarted.
• Protocol Storm Protection (PSP): In order to better filter packets that reach the CPU, a more granular protocol limiting algorithm has been implemented in this release. In addition to automatically rate limiting control protocol frames that are sent to the CPU from the protocol queue(s), the new algorithm allows the users to configure an explicit threshold above which to drop certain protocol packets (ARP, DHCP, IGMP) in software or by blocking their source associated to the specific VLAN and switch port from which they are originated.
• Support for 16 static IPv4 routes in LAN Base (3560-X and 3750-X): In Cisco IOS Software Release 12.2(55)SE support was added in LAN Base for up to 16 user-configurable static IPv4 routes on the Cisco Catalyst 2960, 2975, and 2960-S Series only. In this release the same support was added to the Cisco Catalyst 3560-X and 3750-X as well.
• Web Cache Communication Protocol (WCCP) deny access control entry (ACE) support on Cisco Catalyst 3560-E, 3750-E, 3560-X, and 3750-X: In previous releases, the WCCP protocol only supported permit ACEs in the redirect-list ACL. In this release, support for deny ACEs in the redirect list was added.
• Improved support for IPv6-based switch management protocols: This release brings support for various control plane protocols over IPv6, such as NTP, RADIUS, TACACS+, and SSH/SCP.
• Support for new standard IPv6 features: This release adds support for RFC 4292/RFC 4293 MIBs for IPv6 traffic as well as support for RFC 5460 (DHCPv6 Bulk Leasequery) and RFC 3315 (DHCPv6 Relay Source Configuration).
• New IPv6 Switch Database Management (SDM) template on Cisco Catalyst 3560-E, 3750-E, 3560-X, and 3750-X: A new SDM template is added to address the needs of those networks that require a higher number of indirect IPv6 routes. With this template the number of the indirect IPv6 unicast routes is increased to up to 2048 (IPv6 direct routes would also be up to 2048).
• IPv6 Host and MLD Snooping Support in LAN Lite (2960 and 2960-S only): Starting from this release IPv6 management protocols as well as MLD snooping are supported in the LAN Lite feature set.
• Ternary content-addressable memory (TCAM) consistency check routines: Support for new routines to detect and correct invalid TCAM table entries on the Cisco Catalyst 2960-S, 3560E, 3560X, 3750E, 3750X, and CBS 31x0 switches.
• IEEE 802.1X with Wake on LAN (WoL) support in LAN Lite (2960 and 2960-S only): Support for this capability, previously available only in the LAN Base feature set (or better), is now available in LAN Lite as well. The IEEE 802.1X authentication with wake-on-LAN feature allows dormant PCs to be powered when the switch receives a special Ethernet frame. One can use this feature in environments where administrators need to connect to systems that have been powered down and that support WoL.
• IEEE 1588 enhancement on the Cisco Industrial Ethernet (IE) 3000 Series: This feature enhancement allows Precision Time Protocol (PTP) messages to pass through expansion module ports.
• New PROFINET function on the Cisco IE 3000 Series to support topology editor functions in the SIMATIC STEP 7 application.
• Enhancement of the Common Industrial Protocol (CIP) on the Cisco IE 3000 Series to initiate a time domain reflectometry (TDR) cable diagnostics test and to query the results via the CIP protocol.
Cisco Smart Operations Ease-of-Use and Manageability Enhancements
• Cisco Call Home technology: Call Home provides email-based and web-based notification of critical system events. Multiple message formats are available for compatibility with pager services, standard email, or Extensible Markup Language (XML)-based automated parsing applications. Common uses can include direct paging of a network support engineer, email notification to a network operations center, XML delivery to a support website, and (future) use of Cisco Smart Call Home (SCH) services (depending on the service support in place for your device) to immediately generate a case with the Cisco Technical Assistance Center (TAC). The Call Home feature delivers alert messages containing information on configuration, diagnostics, environmental conditions, inventory, and syslog events. (See Figure 2.)
Figure 2. Call Home
• Smart Install enhancements. The improvements include:
– Support for on-demand upgrade of multiple client switches.
– A new command is added to permit the state change of a client switch.
– An option is added to remove a client switch entry from a director's database.
– A global configuration command is added to turn off Smart Install on a director or client switch.
• Auto SmartPorts (ASP) enhancements. The new Auto SmartPorts capabilities include:
– Inclusion of the media-player keyword as an option in the AutoQoS video CLI.
– Improvements in the auto-detection of a digital media player and application of the corresponding macro.
Product Support for New Features and Enhancements
Table 1. New Features in Cisco IOS Software Release 12.2(58)SE for the Cisco Catalyst 3750-X, 3750-E, 3560-X, and 3560-E Series Switches
Table 2. New Features in Cisco IOS Software Release 12.2(58)SE for the Cisco Catalyst 3750G and 3560G Series and Cisco Catalyst 3750V2 and 3560V2 Switches
Table 3. New Features in Cisco IOS Software Release 12.2(58)SE for the Cisco Catalyst 2960 and 2960-S Series, Cisco IE 3000 Series, and Cisco Catalyst Blade Switch 3000 and 3100 Platforms
Part Numbers for Supported Products
Table 4. Part Numbers for Cisco Catalyst Switches Software Licenses Supported by Cisco IOS Software Release 12.2(58)SE
• Cisco IOS Software upgrade planner: htttp://www.cisco.com/cgi-bin/Software/Iosplanner/Planner-tool/iosplanner.cgi?majorRel=
• Guest-level access planner: http://www.cisco.com/kobayashi/sw-center/index.shtml
• Cisco Catalyst 3750-X Series Switches: http://www.cisco.com/go/3750x
• Cisco Catalyst 3560-X Series Switches: http://www.cisco.com/go/3560x
• Cisco Catalyst 3750-E Series Switches: http://www.cisco.com/go/3750e
• Cisco Catalyst 3750 Series Switches: http://www.cisco.com/go/3750
• Cisco Catalyst 3560-E Series Switches: http://www.cisco.com/go/3560e
• Cisco Catalyst 3560 Series Switches: http://www.cisco.com/go/3560
• Cisco Catalyst 2960-S Series Switches: http://www.cisco.com/go/2960s
• Cisco Catalyst 2960 Series Switches: http://www.cisco.com/go/2960
• Cisco Catalyst 3750-X, 3560-X, 3750-E, 3560-E, 3750, 3560, 2960-S, and 2960 Series release notes:
• Cisco Catalyst Blade Switches: http://www.cisco.com/en/US/products/ps6748/index.html
• Cisco IE 3000 Series Switches: http://www.cisco.com/en/US/products/ps9703/index.html
Software Image Migration Guide
Figure 3. Cisco IOS Software 12.2 Release Train