Guest

Cisco Catalyst 4500 Series Switches

Cisco IOS Software Release 12.2(52)SG for Cisco Catalyst 4500 Series Supervisor Engines, Cisco Catalyst 4900 Series Fixed-Configuration Switches, and Cisco Catalyst 4900M Series Switches

  • Viewing Options

  • PDF (290.8 KB)
  • Feedback

PB 531034

Overview

This product bulletin describes some of the primary hardware and software features supported by Cisco IOS ® Software Release 12.2(52)SG for the following switches and supervisor engines:

• Cisco® Catalyst® 4500 Series Supervisor Engine 6-E

• Cisco Catalyst 4900 Series and 4900M Series Switches

• Cisco Catalyst 4500 Series Supervisor Engine V-10GE, Supervisor Engine V, Supervisor Engine IV, Supervisor Engine II-Plus-10GE, Supervisor Engine II-Plus-TS, and Supervisor Engine II-Plus

Primary Hardware and Software Service Innovations Delivered in Cisco IOS Software Release 12.2(52)SG

Cisco IOS Software Release 12.2(52)SG is available for all shipping Cisco Catalyst 4500 Series Supervisor Engines , Cisco Catalyst 4900 Series, and Cisco Catalyst 4900M Series switches. Release 12.2(52)SG is a time-based release containing new hardware and software features. For detailed information on release trains, visit www.cisco.com/en/US/prod/collateral/switches/ps5718/ps4324/product_bulletin_c25_468800.html.
The following list highlights the primary hardware and software features in this release:

• 6000W power supply with dual AC input supplies (110V-220V, 15A) increases the Power over Ethernet (PoE) density of the chassis.

• Hot Standby Router Protocol (HSRP) version 2 for IPv4 and IPv6: Improved timers and troubleshooting techniques for HSRPv2.

• EnergyWise, a new Cisco technology for power-based management and reporting. EnergyWise provides measuring and reporting power for connected network devices.

• Network Mobility Services Protocol (NMSP), an enhancement that enables switch port tracking of hosts or users connected to switches. As part of the location service, the switch integrates with the Cisco 3300 Series Mobility Services Engine, which can be used for host/user lookup in determining the switch connectivity for troubleshooting purposes

• Cisco Smart Call Home is a proactive, connected service capability of the Cisco SMARTnet® Service, and is available at no additional cost on Call Home-capable devices, including Cisco Catalyst 4500 Series switches. Call Home devices can continuously monitor their own health using GOLD diagnostics technology, and automatically notify you of potential issues using secure transmissions.

• Layer 2 tunnelling protocols and Metro Ethernet feature 802.1q, L2TP, PPPoeIA, and Ethertype classification.

• IPv6 Repackaging: Many IPV6 features previously only available in Enterprise Services are now added to IP Base image.

Table 1 provides a release overview.

Table 4. Release Overview

Feature

Cisco Catalyst Classic 4500 Supervisors

Cisco Catalyst 4900

Cisco Catalyst 4500 Supervisor engine 6E

Cisco Catalyst 4900M

 

Cisco IOS Software Release on Which First Supported

Hardware

     

6000W AC power supply

12.2(52)SG

12.2(52)SG

Security Features

Identity enhancements

802.1X Filter-ID and Per-User ACL

12.2(52)SG

12.2(52)SG

Voice-aware port security

12.2(52)SG

12.2(52)SG

Layer 2 Tunneling and Metro Ethernet

IEEE 802.1q Tunnelling (QinQ) and Layer 2 Protocol Tunnelling

12.2(31)SGA

12.2(52)SG

EtherType classification

Not supported

12.2(52)SG

Point-to-Point Protocol over Ethernet Intermediate Agent (PPPoE IA)

12.2(50)SG

12.2(52)SG

IP Routing and Multicast

Policy-Based Routing (PBR)

12.1(13)EW

12.2(52)SG

IPV6 Repackaging

12.2(52)SG

12.2(52)SG

HSRPv2 IPv4/IPv6

12.2(52)SG

12.2(52)SG

PIM SSM Mapping

12.2(52)SG

12.2(52)SG

Management

EnergyWise Phase 1

12.2(52)SG

12.2(52)SG

Smart Call Home

12.2(52)SG

12,2(52)SG

Community PVLAN support

12.2(20)EW

12.2(52)SG

Network Mobility Service Protocol (NMSP)

12.2(52)SG

12.2(52)SG

Management port features

12.2(52)SG

12.2(52)SG

Features

The following new features of Cisco IOS Software Release 12.2(52)SG are applicable to all supervisor engines and Cisco Catalyst 4900 Series fixed-configuration systems, unless otherwise stated.

Hardware

6000W AC Power Supply

Compatible with all shipping Cisco Catalyst 4500 Series chassis and supervisor engines, the 6000W Power Supply has dual AC inputs:110V and 220V. The 110V is limited to 15A input current, for installation flexibility.
The 6000W Power Supply increases the density of PoE supported on the Cisco Catalyst 4500 Series. Capable of powering a fully loaded 4507R-E with class 3 devices in redundant mode Figure 2 shows the power supply, and Table 2 details the supported PoE numbers.

Figure 1. Cisco Catalyst 4500 Series 6000W Power Supply

Table 5. Scalability Numbers for the 6000W Power Supply

Input Voltage

Lines Connected

Maximum Total Output Power

Maximum Number of 15.4W PoE Devices

Maximum Number of 30W PoE Devices

220V AC

Dual

6000W

289

148

Single

3000W

144

74

110V AC

Dual

2100W

111

57

Single

1050W

55

28

Software Features

Consult Table 1 to see platform support for the following features.

Management

EnergyWise Phase 1

Cisco EnergyWise is an energy management architecture designed to measure power consumption and optimize power usage, resulting in effective delivery of power across the enterprise. IT professionals can quickly optimize the power consumed in a building, and the result is immediate cost saving with a clear return on investment.
Cisco EnergyWise measures current power consumption, can automate and take actions to optimize power levels, and can advise how much power is being consumed. After power consumption is understood, regulation using Cisco EnergyWise network protocols provides command and control of power usage. Energy consumed per location can easily be found with a realistic view of power consumed per wiring closet, building floor, or campus building. An EnergyWise entity is a device that can communicate with an EnergyWise-enabled network. Examples include PCs, phones, access points, and, in the future, HVAC and lighting controllers. Each entity has a unique ID. Entities can contain other entities in a parent-child relationship, such as an IP phone attached to a PoE switch.
An EnergyWise domain is a logical grouping of EnergyWise-enabled entities. All entities in the domain can be visualized as one unit of power consumption. Figure 3 provides an illustration of an EnergyWise network.

Figure 2. EnergyWise Network

Smart Call Home

Cisco Smart Call Home is a proactive, connected service capability of Cisco SMARTnet Service that is available at no additional cost on Cisco Catalyst 4500 Series Switches. Smart Call Home devices can continuously monitor their own health using GOLD diagnostics technology and automatically notify you of potential issues using secure transmissions. If a serious problem arises, Smart Call Home automatically detects it and generates a Cisco Technical Assistance Center (TAC) service request that is routed to the right team for a particular problem.

Network Mobility Service Protocol

Network Mobility Service Protocol (NMSP) enables switch port tracking of hosts or users connected to switches (Figure 4). As part of the location service, the switch integrates with the Cisco Mobility Services Engine, which can be used for host/user lookup to determine the switch connectivity for troubleshooting purposes. NMSP can also be used in the data center to locate servers, provide a centralized view of all servers and switch port utilization, and provide updates if a server is decommissioned or powered down.

Figure 3. NMSP Illustration

Security

Identity ACL Policy Enforcement Enhancements

Filter-ID and per-user access control list (ACL):
ACLs are an important policy enforcement option in identity-based networks.
Per-user ACLs are fully defined on the authentication server. Each element in a per-user ACL is defined as a RADIUS vendor-specific attribute (VSA). The authentication server returns the VSAs in the RADIUS Access-Accept message that it sends to the switch after a successful authentication.
Filter-IDs offer a more distributed method of group-to-policy mapping. In this mode, the full definition of the identity-based ACLs resides on the switch. The authentication server determines the user's group and the identifier (the Filter-ID) of the ACL that should be applied to that user. The authentication server sends the Filter-ID to the switch as an attribute in the RADIUS Access-Accept message. The switch matches the Filter-ID to a locally configured ACL that has the same number as the Filter-ID (for example, Filter-ID=101 will match up to ACL 101). That ACL is then applied to the port. While Filter-ID ACLs lack the centralized management of per-user ACLs, they do allow for local variation in policy.

Voice-Aware Port Security

Allows more granular control of port security and includes the ability to shut down an individual VLAN if there is a port-security, bpdu-guard, dhcp-rate-limit, or arp-inspection violation on a trunk. For example, a trunk port had an IP phone connected with a PC, if the PC commits a violation, it is now possible to disable the data VLAN without affecting the voice VLAN.

Layer 2 Tunneling and Metro Ethernet Features

IEEE 802.1Q Tunneling and Layer 2 Tunneling Protocol now supported on the Supervisor Engine 6-E in addition to the legacy supervisors.
IEEE 802.1Q (QinQ) allows ISPs to use VLANs internally while mixing traffic from clients that are already VLAN-tagged. The outer tag comes first, followed by the inner tag. As the Layer 2 traffic enters a service provider switch from a customer switch, the existing VLAN tag (imposed by the customer switch) is preserved and a new tag controlled by the ISP is imposed on the frame, in addition to the existing tag. The new tagged frame is treated as a Layer 2 frame with unknown EtherType and the outer VLAN tag is used for subsequent switching inside the service provider infrastructure.
When the frame reaches the other end of the service provider network, the outermost tag is stripped off at the edge switch before sending to the customer network, which sees the same frame that was sent out of its peer customer edge switch.
Each customer edge port connected to an 802.1Q tunnel port is typically configured as a trunk port. The port on the customer edge is unaware of the presence of an 802.1Q tunnel on the other end, and can reach all other customer edge trunk ports connected to the service provider network as if they were directly connected.
Layer 2 Tunneling Protocol (L2TP) allows customer switches on either side of the service provider network to participate in Layer 2 protocols by allowing protocol packets to be encapsulated with a special tunnel MAC address, which is used for forwarding the protocol frames through the service provider infrastructure. The edge service provider switches decapsulate the protocol frames and forward them to the appropriate customer switches, which can then process the frames as if they had been received from a neighboring switch. The protocols that are tunneled are Spanning Tree Protocol, Cisco Discovery Protocol, and VLAN Trunking Protocol (VTP).

EtherType Classification

The ability to classify non-IP packets based on the EtherType value allows users to apply security ACLs and QoS policies on non-IP packets that belong to different protocols, such as Point-to-Point Protocol over Ethernet (PPPoE).
In order to support EtherType classification on the Supervisor Engine 6-E hardware, the existing MAC access list configuration CLI is modified to allow EtherType as a classification criterion. Once an access list is created to match the EtherType value, it can be attached to a target interface as a security ACL (to accept/drop packets with specific EtherType values). Also, Modular QoS CLI (MQC) constructs can be used to define QoS policies based on the classification criteria, which are then attached to the required target interfaces (port and/or VLAN).

Point-to-Point Protocol over Ethernet Intermediate Agent (PPPoEIA)

PPPoEIA enables subscriber line identification over Ethernet during the PPPoE discovery phase. The switch tags PPPoE discovery packets that are destined for the broadband remote-access server with the subscriber's circuit and remote IDs, and untags PPPoE discovery packets that are destined for the subscriber. The software release supports access, trunk, and private VLAN ports; per-port and per-port-per-VLAN configuration; Dynamic Host Control Protocol (DHCP) option 82; configurable circuit and remote IDs; and nonstop forwarding (NSF) and single signon (SSO). Simple Network Management Protocol (SNMP) MIB is not supported in this release. Upon release, this feature will be compliant with RFC 2516 and DSL Forum TR-101 Section 3.9.2.

IP Routing and Multicast

Policy-Based Routing (PBR)

Support for PBR has been added to the Supervisor Engine 6E. PBR provides a flexible means of routing packets based on configured policies. When administrative issues dictate that traffic be routed through specific paths, PBR provides the solution by defining policies that selectively cause packets to take different paths, essentially overriding the forwarding behavior specified by the routes derived from routing protocols.
IPv6 Repackaging
Many features previously available in Enterprise Services image are now being made available in the IP Base image. This will ensure parity between IPv6 and IPv4 features available within packages. Following table captures some of the key features from both images.

Table 6.

IP Base Image

• CDP
• ICMPv6 & ICMPv6 redirect
• IPv6 Maximum Transmission Unit (MTU) path discovery
• IPv6 Neighbor discovery
• IPv6 Access List (ACL) and Receive ACL
• Syslog, SNMP, SSH, Telnet, SSLover IPv6
• Stateless DHCPv6, DHCPv6 Relay Agent
• HSRP for IPv6
• Basic Routing: RIP for IPv6 (RIPng), EIGRPv6
• IPv6 Multicast Listener Discovery (MLD) v1&v2
• IPv6 static multicast route
• QoS queuing, MQC packet classification, marking, shaping, policing and WRED

Enterprise Services Image

• DHCPv6 prefix delegation
• OSPFv3
• Multiprotocol BGP Extensions for IPv6
• IPv6 PIM Sparse Mode
• IPv6 PIM Source-Specific Mode (SSM)
• IPv6 Bootstrap Router (BSR)
• IPv6 Multicast Scope Boundary
• IPv6 MLD Access Group

HSRP Version 2 (HSRPv2) IPv4 and IPv6

HSRPv2 advertises and learns millisecond timer values. This change ensures stability of the HSRP groups in all cases.
HSRPv2 permits an expanded group number range, 0 to 4095, and consequently uses a new MAC address range of 0000.0C9F.F000 to 0000.0C9F.FFFF. The increased group number range does not imply that an interface can, or should, support that many HSRP groups. The expanded group number range was changed to allow the group number to match the VLAN number on subinterfaces.
HSRPv2 provides improved management and troubleshooting. The HSRPv2 packet format includes a 6-byte identifier field that is used to uniquely identify the sender of the message. Typically, this field is populated with the interface MAC address.
HSRPv2 uses the new IP Multicast address 224.0.0.102 to send hello packets instead of the address of 224.0.0.2, which is used by version 1. This new address allows Cisco Group Management Protocol leave processing to be enabled at the same time as HSRP.

PIM SSM Mapping

The Source Specific Multicast (SSM) Mapping feature extends the Cisco IOS suite of SSM transition tools, which also includes URL Rendezvous Directory (URD) and Internet Group Management Protocol Version 3 Lite (IGMP v3lite). SSM mapping supports SSM transition in cases where neither URD nor IGMP v3lite is available, or when supporting SSM on the end system is impossible or unwanted due to administrative or technical reasons. SSM mapping enables you to use SSM for video delivery to legacy set-top boxes (STBs) that do not support IGMPv3, or for applications that do not take advantage of the IGMPv3 host stack.

Cisco IOS Software Release Trains for the Cisco Catalyst 4500 Series

Cisco IOS Software Release 12.2(52)SG is a scheduled time-based release containing new hardware and software features. The Cisco Catalyst 4500 Series currently has two active maintenance trains: 12.2(31)SGA and 12.2(50)SG. This 12.2(52)SG is a new feature release containing the lates hardware and software features.

Figure 4. Overview of SG and SGA released images

Cisco Catalyst 4500 Cisco IOS Software Migration Guide

• Customers requiring the latest Cisco Catalyst 4500 Series hardware and software features should migrate to Cisco IOS Software Release 12.2(52)SG.

• Cisco IOS Software Release 12.2(50)SG will continue offering maintenance releases. .

Cisco IOS Software Release 12.2(52)SG Release Summary

Cisco IOS Software Release 12.2(52)SG is a new feature time-based release. For more information on release trains, visit www.cisco.com/en/US/prod/collateral/switches/ps5718/ps4324/product_bulletin_c25_468800.html.
This release provides new hardware support, i with the 6000W Power Supply, and many new software and management features such as EnergyWise Phase 1, Smart Call Home, and NMSP.
For configuration details and information about the new features in Cisco IOS Software Release 12.2(52)SG, visit the release notes at www.cisco.com/en/US/products/hw/switches/ps4324/prod_release_notes_list.html.

Support

Support for Cisco IOS Software Release 12.2(52)SG follows the standard Cisco support policy, available at www.cisco.com/en/US/products/products_end-of-life_policy.html.
For more information about the Cisco Catalyst 4500 Series, visit www.cisco.com/univercd/cc/td/doc/product/lan/cat4000/index.htm.

Ordering Information

Tables 4 and 5 provide product numbers and ordering information for Cisco IOS Software Release 12.2(52)SG and supporting hardware.

Table 7. Cisco IOS Software Release 12.2(52)SG Product Numbers and Images for Cisco Catalyst 4500 Series

Product Number

Description

Image

S45LB-12252SG

Cisco IOS Software for the Cisco Catalyst 4500 Series Supervisor Engine II-Plus-10GE (LAN Base image)

cat4500-lanbase-mz

S45LB-12252SG

Cisco IOS Software for the Cisco Catalyst 4500 Series Supervisor Engine II-Plus-10GE (LAN Base image with 3DES)

cat4500-lanbasek9-mz

S45IPBU-12252SG=

Cisco IOS Software for the Cisco Catalyst 4500 Series Supervisor Engine II-Plus-10GE (IP Base Upgrade image)

Cat4500-ipbase-mz

S45IPBU-12252SG=

Cisco IOS Software for the Cisco Catalyst 4500 Series Supervisor Engine II-Plus-10GE (IP Base Upgrade image with 3DES)

Cat4500-ipbasek9-mz

S45IPB-12252SG(=)

Cisco IOS Software for the Cisco Catalyst 4500 Series Supervisor Engines II-Plus, II-Plus-TS, II-Plus-10GE, IV, V, and V-10GE (IP Base image without Crypto)

Cat4500-ipbase-mz

S45IPBK9-12252SG(=)

Cisco IOS Software for the Cisco Catalyst 4500 Series Supervisor Engines II-Plus, II-Plus-TS, II-Plus-10GE, IV, V, and V-10GE (IP Base image with Triple Data Encryption Standard [3DES])

Cat4500-ipbasek9-mz

S45ES-12252SG(=)

Cisco IOS Software for the Cisco Catalyst 4500 Series Supervisor Engines IV, V, and V-10GE (Enterprise Services image with Border Gateway Protocol (BGP) support, without Crypto)

Cat4500-entservices-mz

S45ESK9-12252SG(=)

Cisco IOS Software for the Cisco Catalyst 4500 Series Supervisor Engines IV, V, and V-10GE (Enterprise Services image with 3DES and BGP support)

Cat4500-entservicesk9-mz

S45EIPB-12252SG(=)

Cisco IOS Software for the Cisco Catalyst 4500 Supervisor Engine 6-E (IP Base image)

Cat4500e-ipbase-mz

S45EIPBK9-12252SG(=)

Cisco IOS Software for the Cisco Catalyst 4500 Series Supervisor Engine 6-E (IP Base image with 3DES)

Cat4500e-ipbasek9-mz

S45EES-12252SG(=)

Cisco IOS Software for the Cisco Catalyst 4500 Series Supervisor Engine 6-E (Enterprise Services image)

Cat4500e-entservices-mz

S45EESK9-12252SG(=)

Cisco IOS Software for the Cisco Catalyst 4500 Series Supervisor Engine 6-E (Enterprise Services image with 3DES)

Cat4500e-entservicesk9-mz

Table 8. Cisco IOS Software Release 12.2(52)SG Product Numbers and Images for Cisco Catalyst 4900 Series

Product Number

Description

Image

S49IPB-12252SG(=)

Cisco IOS Software for Cisco Catalyst 4900 Series Switches (IP Base image)

cat4500-ipbase-mz

S49IPBK9-12252SG(=)

Cisco IOS Software for Cisco Catalyst 4900 Series Switches (IP Base image with 3DES)

cat4500-ipbasek9-mz

S49ES-12252SG(=)

Cisco IOS Software for Cisco Catalyst 4900 Series Switches (Enterprise Services image with BGP support)

cat4500-entservices-mz

S49ESK9-12252SG(=)

Cisco IOS Software for Cisco Catalyst 4900 Series Switches (Enterprise Services image with 3DES and BGP support)

cat4500-entservicesk9-mz

S49MIPB-12252SG(=)

Cisco IOS Software for Cisco Catalyst 4900M Switches (IP Base image)

cat4500e-ipbase-mz

S49MIPBK9-12252SG(=)

Cisco IOS Software for Cisco Catalyst 4900M Switches (IP Base image with 3DES)

cat4500e-ipbasek9-mz

S49MES-12252SG(=)

Cisco IOS Software for Cisco Catalyst 4900M Switches (Enterprise Services image with BGP support)

cat4500e-entservices-mz

S49MESK9-12252SG(=)

Cisco IOS Software for Cisco Catalyst 4900M Switches (Enterprise Services image with 3DES and BGP support)

cat4500e-entservicesk9-mz