This product bulletin describes the hardware and software features supported by Cisco IOS® Software Release 12.2(31)SGA for the Cisco® Catalyst® 4500 Series Supervisor Engine II-Plus, II-Plus-TS, II-Plus-10GE, IV, V, and V-10GE. The Cisco Catalyst 4500 Series Supervisor Engine III is not supported in this software release.
KEY RELEASE MESSAGE
Cisco is pleased to announce the 12.2(31)SGA IOS software release, for all shipping Catalyst 4500 Series IOS Supervisor engines. With the introduction of the In-Service Software Upgrade (ISSU) feature, the Catalyst 4500 platform offers full Cisco IOS Software image upgrade and downgrade capability without having to take the switch or network out of service.
A new Catalyst 4900 fixed configuration platform-ME-4924-10GE is introduced in this release for Broadband Aggregation. ME-4924-10GE has 28 Gigabit Ethernet (SFP) and two 10 Gigabit Ethernet (X2) wire-rate ports. This new switch is 1 RU and features 1+1 redundant internal AC or DC power supplies and a hot swappable fan tray.
NEW SOFTWARE FEATURES
In-Service Software Upgrade
In-Service Software Upgrade (ISSU) allows a customer to upgrade or downgrade complete IOS images with minimal to no impact on a Catalyst 4500 system with redundant supervisor engines. It enables rapid, non-disruptive software upgrades for new line cards, new power supplies, new features, or bug fixes. ISSU offers continuous packet forwarding during the supervisor engine switchover running different IOS software versions. Together with Nonstop Forwarding/Stateful Switchover (NSF/SSO), ISSU allows forwarding of data packets along known routes without any route flaps or network instabilities during the software upgrade. As a result, IP phone calls do not drop even when the IOS Software images are upgraded or downgraded. There is no impact to the overall network capacity since the switch and all the forwarding paths remain active during the entire upgrade process. ISSU is typically deployed in the enterprise wiring closet or service provider Metro Ethernet aggregation. ISSU eliminates planned downtime to maximize system and network availability. The ISSU feature is available in both IP Base and Enterprise Service packages with dual supervisor engine configurations.
Trunk Port Security over EtherChannel
Trunk port security over EtherChannel
® is an extension of trunk port security where redundant links from a single station are connected to a Catalyst 4500/4900 using EtherChannel. The feature enables customers to block access to the Catalyst 4500/4900 by MAC addresses other than the ones specified (or learned) on EtherChannel trunk interfaces. It preserves all the advantages of port security and EtherChannel, including redundancy and load sharing. This feature is typically deployed in data center environments with dual NIC servers connecting to a Catalyst 4500/4900 using EtherChannel.
Match CoS for Non-IPv4 Traffic
The match class of service (CoS) feature helps a service provider to classify packets based on CoS values while preserving its customers' packet differentiated services code point (DSCP) values inside the service provider network. The match Cos for non-IPv4 feature provides uniform class-level quality-of-service (QoS) semantics irrespective of traffic type on a dot1q-tunnel and regular trunk ports. This is typically deployed in a Q-in-Q environment, where double-tagged IPv4 packets are forwarded as non-IPV4 packets.
L2PT over Trunk
Layer 2 Protocol Tunneling (L2PT) allows customer switches to participate in L2 protocols across a Service Provider network. This is achieved by encapsulating Layer 2 protocol packets, such as Cisco Discovery Protocol (CDP), Spanning -Tree Protocol (STP), or VLAN Trunking Protocol (VTP), before sending them across the service provider network. As a result the CPE switches on either side of the SP network can continue to process the L2 protocol control packets as if they were being received from a directly connected neighboring switch. The existing implementation allowed L2PT to be used only on tunnel ports. This feature will extend the functionality so that L2PT will be available on trunk ports configured with dot1q encapsulation.
The CoS mutation feature enables Service Providers to provide differentiated services for video, voice, and data within the SP network. In a typical L2 VPN offered by service providers, double tagged Q-in-Q traffic is forwarded with the outer tag representing service provider's VLAN and inner tag representing the customer's VLAN. SPs could either retain the CoS values from the customer tag in the service provider tag or change the CoS value of the outer service provider tag based on inner customer QoS matching and classification. As a result, Differentiated levels of service can be provided within the service provider network.
IP Unnumbered for SVI
IP unnumbered interface configuration enables IP processing on an interface without assigning it an explicit IP address. IP Unnumbered for SVI extends the current support for point-to-point links to switched virtual interfaces (SVIs). This feature is crucial in large service provider environments where SVIs are used to terminate L2 traffic from the CPE. This feature helps to conserve IP addresses space and, simplify configuration and address management.
CISCO IOS SOFTWARE PACKAGING FOR THE CISCO CATALYST 4500 SERIES
A new Cisco IOS Software package for Cisco Catalyst 4500 Series switches was introduced in Cisco IOS Software Release 12.2(25)SG. It is a new foundation for features and functionality and provides consistency across all Cisco Catalyst switches. The new Cisco IOS Software release train is designated as 12.2SG.
Prior Cisco IOS Software images for the Cisco Catalyst 4500 Series, formally known as "Basic Layer 3" and "Enhanced Layer 3" images, now map to "IP Base" and "Enterprise Services," respectively. BGP is now included in the "Enterprise Services" image. Unless otherwise specified, all currently shipping Cisco Catalyst 4500 software features based on Cisco IOS Software are supported in the IP Base image of Release 12.2(31)SGA, with a few exceptions:
The IP Base image does not support any enhanced routing-related features (including NSF/SSO, BGP, EIGRP, OSPF, IS-IS, Internetwork Packet Exchange [IPX] protocol, AppleTalk, VRF-lite, and PBR). The IP Base image supports EIGRP-Stub for limited routing on Cisco Catalyst 4500 Series Supervisor Engines II-Plus, II-Plus-TS, II-Plus-10GE, IV, V, and V-10GE. For more information on EIGRP-Stub functionality, go to
The Enterprise Services image supports all Cisco Catalyst 4500 Series software features based on Cisco IOS Software, including enhanced routing. Customers planning to enable BGP for Supervisor Engine IV, V, or V-10GE will no longer need to purchase a separate BGP license (FR-IRC4); BGP capability is included in the Enterprises Services package. Table 1 shows a more detailed description of the feature differences between the IP Base and Enterprise Services (ES) images as they relate to the Cisco Catalyst 4500 Series Supervisor Engines.
Table 1. Feature Comparison for Cisco IOS Software Release 12.2(31)SGA IP Base and Enterprise Services
Supervisor Engine II-Plus (II-Plus-TS and II-Plus-10GE): IP Base
Figure 1 displays the Cisco IOS Software Release 12.2(31)SGA plan relative to the 12.2S release train and identifies the recommended migration path. Note that 12.2(31)SGA will be the base release for a new maintenance train: the 12.2(31)SGA maintenance train. Moving forward, Catalyst 4500 will have two active maintenance trains: 12.2(25)EWA and 12.2(31)SGA.
Figure 1. Cisco IOS Software Release Plan for the Cisco Catalyst 4500 Series
Summary of migration plan:
• Customers requiring the latest Cisco Catalyst 4500 Series hardware and software features should migrate to Cisco IOS Software Release 12.2(31)SGA.
• Cisco IOS Software Release 12.2(25)EWA will continue offering maintenance releases. The latest release from the 12.2(25)EWA maintenance train was 12.2(25)EWA6.
• Cisco IOS Software Release 12.2(18)EW6 has reached its end of service. 12.2(18)EW was the last image from the 12.2(18) maintenance train.