Guest

Cisco Catalyst 4500 Series Switches

Cisco IOS XE Software Release 3.3.0SG and Cisco IOS Software Release 15.1(1)SG for Cisco Catalyst 4500E and Catalyst 4500-X Series Switches

  • Viewing Options

  • PDF (629.3 KB)
  • Feedback

Overview

This product bulletin describes the primary hardware and software features supported by Cisco IOS ® XE Software Release 3.3.0SG and Cisco IOS ® Software Release 15.1(1)SG for the following products:

• Cisco® Catalyst® 4500 Series Supervisor Engine 7-E, Supervisor Engine 7L-E running Cisco IOS® XE Software Release 3.3.0SG

• Cisco® Catalyst® 4500-X Series Switch running Cisco IOS® XE Software Release 3.3.0SG

• Cisco® Catalyst® 4500 Series Supervisor Engine 6-E, Supervisor Engine 6L-E running Cisco IOS® Software Release 15.1(1)SG

For detailed information about the features and hardware supported in Cisco IOS ® XE Software Release 3.3.0SG and Cisco IOS ® Software Release 15.1(1)SG, refer to the Cisco Catalyst 4500 Series Switch release notes and support documentation at: http://www.cisco.com/en/US/products/hw/switches/ps4324/tsd_products_support_series_home.html

Primary Hardware and Software Service Innovations Delivered in Cisco IOS® XE Software Release 3.3.0SG and Cisco IOS® Software Release 15.1(1)SG

Cisco IOS ® XE Software Release 3.3.0SG and Cisco IOS ® Software Release 15.1(1)SG are part of the new software release on Catalyst 4500E & Catalyst 4500-X Series Switches that delivers new software and hardware innovations in campus access and aggregation deployments that span across many technologies including Security, Video, High Availability, Network Virtualization, IP Multicast and Lower TCO as following.

Software Features

Security

Device Sensor for Simplified Profiling

Device Sensor is an infrastructure integrated device collection feature running on Catalyst 4500 that facilitates efficient profiling & simplified BYOD deployment for common workspace devices (printers, APs, IP phones & Tablets).
Benefits

• Offload sensor functionality to network infrastructure

• Contextual data passed via RADIUS from Switch to ISE (Cisco Identity Services Engine)

• More scalable & efficient

Figure 1. Device Sensor with ISE for profiling solution

MACSec Encryption on SUP7-E/SUP7L-E uplinks and 47xx Line cards
Cisco MACSec ensures data confidentiality and integrity of all wired network traffic whereas The "hop by hop" nature of MACSec preserves traffic visibility and allows Netflow, QoS, and other layer 2 technologies to work alongside the network encryption. IOS 3.3.0SG will provide support for following MACSec features:

IEEE 802.1ae MACSec Layer 2 encryption

IEEE 802.1ae MACSec encryption on user facing ports

IEEE 802.1ae MACSec encryption on user facing ports SSO

IEEE 802.1ae MACSec encryption between switch-to-switch links using Cisco SAP (Security Association Protocol)

Figure 2. MACSec uplinks and downlinks

Benefits

• Data confidentiality & Integrity

• Flexibility: Selectively enable MACSec on links where needed

• Network Intelligence: Intermediate network devices can inspect, monitor, and forward

MAC Authentication Bypass (MAB) - configurable user name and password
This feature allows the user to configure the format of the MAC address used in the username and password fields in the RADIUS Access-Request packet for MAB authentication. This allows the easy inter-operatibility with RADIUS servers or MAC databases which expect the MAC address in a different format than provided by the switch as default.
SXP Syslog
This feature enables CTS-SXP syslogs to be generated whenever a change to IP-to-SGT binding occurs (add, delete, change). These changes are learned and propagated on the CTS-SXP connection.

Medianet

Medianet is Cisco's end-to-end IP architecture that enables pervasive and quality rich-media (video, voice and data) experiences. A Medianet reduces total cost of ownership and scales video through features such as auto-configuration and media monitoring. At the same time, it helps to ensure a quality user experience while optimizing bandwidth use and efficiency.
For more information, please visit http://www.cisco.com/en/US/netsol/ns1094/index.html
Media Monitoring
Media Monitoring enhances visibility into the network to simplify, generate baselines, and accelerate troubleshooting of video, voice, and data applications, and validates network capacity and configuration before deploying new applications or before events.
Media Monitoring is composed of three features: Performance Monitor, Mediatrace, and IP SLA video operation (VO). These three features form a suite of tools to help enable the network operator to perform media performance monitoring and troubleshooting.

• Performance Monitor allows administrators to analyze the performance of rich-media traffic across the network to provide a holistic view of the network service being delivered.

• Mediatrace discovers Layer 2 and Layer 3 nodes along a flow path. Mediatrace implicitly uses Performance Monitor to provide a dynamic hop-by-hop analysis of media flows in real time to facilitate efficient and targeted diagnostics.

• IP SLA VO (Video Operations) generates synthetic traffic streams that are very similar to real media traffic. It can be used in conjunction with Mediatrace to perform capacity planning analysis and troubleshooting even before applications are deployed.

Media Awareness and Auto configuration
Cisco endpoints are equipped with the Media Services Interface (MSI) a software component that helps enable endpoints to consistently make use of intelligent network services to improve the quality of experience and reduce the cost of deployment and operations.
Media Services Proxy (MSP) helps by recognizing the type of flow by gleaning a limited set of signaling protocols (RTSP, SIP, H323) to provide same functionality to non-cisco endpoints.
Cisco AutoQoS simplifies quality-of-service (QoS) deployment for video endpoints by providing end to end QoS for voice, data and video traffic.

Wired Location Services

The wired location solution is designed to track the location of devices as they move around the network. Central location management is done with Cisco MSE whereas Campus switches communicate location info with MSE via NMSP protocol.
New NMSP enhancements in this release are as below:

• Location at switch level

• Local timezone change

• GPS support for location

• Priority settings for MIBs

• Name value pair

Lower TCO

Wireshark based Ethernet Analyzer Application

Wireshark based Ethernet Analyzer is an IOS-XE based built-in open source packet analyzer application using Application Hosting Capabilities of IOS XE for network analysis, monitoring and troubleshooting without the need for external sniffer. Wireshark will be available on Cisco ® Catalyst ® 4500 Series Supervisor Engine 7-E, Supervisor Engine 7L-E and C4500-X starting IOS XE3.3.0SG.

Figure 3. Wireshark Analyzer Application running on IOS-XE

EnergyWise 2.5
Starting with Cisco IOS Release 3.3.0SG and 15.1(1)SG, Energywise will provide support for following features:
Expand Endpoint device support

• New version of toolkit and API based partner integration

Increase end device functionality

• Wake-on-LAN (WoL)

• Caching off state devices

• Plug and play security support

Scalability enhancements

• Return EnergyWise Queries to NMS application

• Domain Analyzer

MAPI related IOS enhancements

• Stack ID support

Network Virtualization

EVN (Easy Virtual Network)

Easy Virtual Network (EVN) is Cisco's IP-based network virtualization solution that provides traffic separation and path isolation on a shared network infrastructure. EVN uses existing Virtual Route Forwarding (VRF)-Lite technology to Simplify Layer 3 network virtualization, Improve shared services support and Enhance management, troubleshooting.

High Availability

OSPFv3 NSF/SSO

This feature in OSPFv3 allows nonstop data forwarding along routes that are already known while the OSPFv3 routing protocol information is being restored.
HSRPv2 Global IPv6 address Support
The HSRP global IPv6 address feature allows users to configure multiple nonlink local addresses as virtual addresses, and it allows for the storage and management of multiple global IPv6 virtual addresses in addition to the existing primary link-local address. If an IPv6 address is used, it must include an IPv6 prefix length. If a link-local address is used, it must not have a prefix.
NSF support extended from Enterprise Services to IP Base
Starting with Cisco IOS Release 3.3.0SG and 15.1(1)SG, support for NSF (NSF for BGP, OSPF and EIGRP) has been extended from Enterprise Services to IP Base feature set.

IP Multicast

IGMPv3 Host Stack

IGMPv3 Host Stack support on the switches will enable the switch to behave as a Multicast network end point or host.
Per Interface IGMP State Limit
This feature allows you to configure a limit on the number of IGMP states on a per-interface or global basis.
Per Interface Mroute State Limit
Per Interface mroute State Limit, feature will limit the number of mroute states on a per-interface basis.
Bandwidth based Call Admission Control (CAC) policy for Multicast
This feature implements a method to monitor bandwidth per interface and multicast group avoiding Oversubscription due to multicast services.
IPv6 SSM mapping - MLDv1 receivers
This feature allows deployment of IPv6 SSM with hosts that are incapable of providing MLD version 2 support in their TCP/IP host stack and their IP multicast receiving application. SSM mapping allows the router to look up the source of a multicast MLD version 1 report either in the running configuration of the router or from a DNS server. The router can then initiate an (S, G) join toward the source. SSM mapping for IPv6 supports both static and dynamic Domain Name System (DNS) mapping for MLD version 1 receivers.
IPv6 BSR - ability to configure RP mapping
This feature allows an IPv6 BSR router to directly announce scope-to-RP mappings instead of learning them from candidate-RP messages.
MSDP MD5 password authentication
The MSDP MD5 Password Authentication feature provides support for Message Digest 5 (MD5) signature protection on a TCP connection between two Multicast Source Discovery Protocol (MSDP) peers.
MLD group limits
This feature allows to configure Global and per-interface CLI to limit number of MLD groups.
IPv6: Multicast Address Group Range Support
The feature is to disable PIM+MLD control plane actions and to disable traffic forwarding for selected multicast groups.
IGMP static group range support
Introduces the capability to configure group ranges in class maps and attach class maps to the ip igmp static-group command
PIM triggered joins
This feature achieves better multicast route convergence after HA Switchover
Support directly connected addresses in autoRP candidate RP
This enhancement will allow to accept directly connected addresses as a parameter in send-rp-announce command

Routing

BGP Support for 4-byte ASN

Due to increased demand for AS numbers, IANA started allocating 4 byte AS numbers. The addition of this feature allows to use an expanded 4-byte AS number granted by IANA.
BGP Per Neighbor Graceful Restart Configuration
This feature allows for enabling and disabling Gracefull Restart Per BGP Neighbor
BGP Support for Dual AS Configuration for Network AS Migrations
When a service provider merges its AS with another, this feature provides a seamless way to transition the customers over to the new AS.
BGP Dynamic Neighbors
BGP Dynamic Neighbors allow for configuration of prefix ranges which should accept incoming TCP sessions and dynamically create a BGP neighbor relationship with the source IP
BGP Support for Next-Hop Address Tracking
This feature allows for support of BGP for address tracking to trigger path re-calculation due to changes to BGP next-hop internal routes
OSPF Generic Time to Live (TTL) Security Check (GTSM)
This feature enables checking of ttl values on OSPF packets from Neighbors and also allows users to set TTL values sent to neighbors. This feature increases protection against OSPF denial of service attacks.
OSPF Graceful Shutdown
OSPF Graceful Shutdown will provide the capability to temporarily shutdown a protocol without losing the configuration.
OSPF Mechanism to exclude Connected prefixes from LSA Advertisements
This feature provides OSPF mechanism to exclude IP prefixes of connected networks from link state advertisements (LSAs), thereby reducing OSPF convergence time.
OSPFv3 IPSec ESP Encryption and Authentication
OSPFv3 relies on the IPv6 IPSec Authentication Header (AH) and Encapsulating Security Payload (ESP) to ensure integrity, authentication, and confidentiality of routing exchanges. This feature provides the support for Authentication Header (AH) and Encapsulating Security Payload (ESP) support for Virtual Links.
OSPF Enhanced Traffic Statistics for OSPFv2 and OSPFv3
New OSPF traffic statistics are collected and displayed including:

• per interface statistics of rx/tx packets sorted by packet type

• per interface ospf packet header errors including reason for a drop

• per interface ospf lsa errors including type of the error

• traffic stat are displayed also on per ospf pdb base.

Manageability

Table 1. Supported MIBs for Cisco Catalyst 4500E and 4500-X

MIBs

Platforms

IEEE8021-SECY-MIB

C4500E, C4500-X

CISCO-POWER-ETHERNET-EXT-MIB Enh

C4500E

CISCO-TRUSTSEC-SXP-MIB

C4500E, C4500-X

CISCO-LAG-MIB Enhancement

C4500E, C4500-X

CISCO-VRF-MIB

C4500E, C4500-X

CBQOS MIB

C4500E, C4500-X

CISCO-AUTH-FRAMEWORK-MIB

C4500E, C4500-X

IGMP-STD-MIB

C4500E, C4500-X

CISCO-ENTITY-DISPLAY-MIB

C4500E, C4500-X

Application Visibility

VLAN ID support for Flexible NetFlow

Allows user to configure "ingress VLAN" as a "key field" in the Flexible NetFlow record

SUP7-E, SUP7L-E, C4500-X feature parity with SUP6-E, SUP6L-E

Starting IOS XE 3.3.0SG, SUP7-E, SUP7L-E & C4500-X will have complete features parity with SUP6-E & SUP6L-E.
For complete list of new software and hardware features supported with IOS XE 3.3.0SG, refer to the Release Notes of Catalyst 4500E Series Switch, Cisco IOS XE 3.3.0SG at: http://www.cisco.com/en/US/products/hw/switches/ps4324/tsd_products_support_series_home.html

Hardware Features

Cisco Catalyst 4500-X Series Fixed 10 Gigabit Ethernet Aggregation Switch
IOS XE 3.3.0SG enables software support for the brand new Cisco Catalyst 4500-X series compact 10 Gigabit Ethernet Aggregation platform offering industry leading performance, deep buffers, unprecedented traffic visibility and integrated network services. Catalyst 4500-X is the only Cisco platform that combines best-in-class performance and comprehensive Borderless Networks software features in a compact 1RU form factor and is ideal for space constrained campus aggregation deployments. For more details, please visit: http://wwwin.cisco.com/dss/csstg/gsbu/c4500x.
Optics
GLC-FE-100EX and GLC-FE-100ZX for Fast Ethernet SFP ports on WS-X4248-FE-SFP
GLC-GE-100FX and GLC-EX-SMD for Fast Ethernet SFP ports on WS-X4640-CSFP-E
GLC-GE-100FX and GLC-EX-SMD for Fast Ethernet on SFP WS-X4612-SFP-E and WS-X4624-SFP-E
Line cards
Starting with Cisco IOS Release 15.1(1)SG, support for WS-X4640-CSFP-E Line Card has been extended to SUP6E and SUP6L-E.

Repackaging of Features

Starting with Cisco IOS Release 15.1(1)SG and Cisco IOS XE Release 3.3.0SG, support for all IP SLAs and NSF features have been extended from Enterprise Services to IP Base feature set.

Cisco IOS Software Release Trains for the Cisco Catalyst 4500 Series

Cisco IOS Release 15.1(1)SG and Cisco IOS Release XE 3.3.0SG are part of a scheduled time-based release containing new hardware and software features as shown in below figures.

Figure 4. Cisco IOS Software Release Trains for Cisco IOS® Software Release 15.1(1)SG

Figure 5. Cisco IOS Software Release Trains for Cisco IOS® XE Software Release 3.3.0SG

For configuration details and information about the new features in Cisco IOS ® XE Software Release 3.3.0SG and Cisco IOS ® Software Release 15.1(1)SG, refer to the release notes at: http://www.cisco.com/en/US/docs/switches/lan/catalyst4500/release/note/OL_24726.html http://www.cisco.com/en/US/docs/switches/lan/catalyst4500/release/note/OL_24727.html

Support

Support for Cisco IOS ® XE Software Release 3.3.0SG and Cisco IOS ® Software Release 15.1(1)SG follows the standard Cisco support policy, available at http://www.cisco.com/en/US/products/products_end-of-life_policy.html.
For more information about the Cisco Catalyst 4500 Series, visit http://www.cisco.com/univercd/cc/td/doc/product/lan/cat4000/index.htm.

Ordering Information

Tables 2, 3 and 4 provide product numbers and ordering information for Cisco IOS ® XE Software Release 3.3.0SG and Cisco IOS ® Software Release 15.1(1)SG on Catalyst 4500E & Catalyst 4500-X Series Switches

Table 2. Cisco IOS® XE Software Release 3.3.0SG Product Numbers and Images for Cisco Catalyst 4500E Series Switches

Product Number

Description

Image

S45EU-33-1511SG

CAT4500e SUP7-E/SUP7L-E Universal Image

cat4500e-universalk.SPA.03.03.00.SG.151-1.SG.bin

S45EUK9-33-1511SG

CAT4500e SUP7-E/SUP7L-E Universal Crypto Image

cat4500e-universalk9.SPA.03.02.00.SG.151-1.SG.bin

S45EUN-33-1511SG

CAT4500e SUP7-E/SUP7L-E Universal No MACSEC Image

cat4500e-universalk9npe.SPA.03.03.00.SG.151-1.SG.bin

C4500E-LIC=

Base product ID for paper delivered software licenses

NA

C4500E-LB

LAN BASE software license (paper delivery)

NA

C4500E-IPB

IP BASE software license (paper delivery)

NA

C4500E-LB-IPB

LAN BASE to IP BASE upgrade license (paper delivery)

NA

C4500E-LB-ES

LAN BASE to Enterprise Services upgrade license (paper delivery)

NA

C4500E-IP-ES

IP BASE to Enterprise Services upgrade license (paper delivery)

NA

C4500E-LIC-PAK

Base product ID for paper delivered software licenses for spare Supervisor Engine 7-E

NA

C4500E-IP-ES-S

IP BASE to Enterprise Services upgrade license for spare Supervisor Engine7-E(paper delivery)

NA

C4500E-IPB-S

IP BASE software license for spare Supervisor Engine 7-E (paper delivery)

NA

L-C4500E-LIC=

Base product ID for electronically delivered software licenses

NA

L-C4500E-LB-IP

LAN BASE to IP BASE upgrade license (electronically delivered)

NA

L-C4500E-IP-ES

IP BASE to Enterprise Services upgrade license (electronically delivered)

NA

L-C4500E-LB-ES

LAN BASE to Enterprise Services upgrade license (electronically delivered)

NA

Table 3. Cisco IOS® XE Software Release 3.3.0SG Product Numbers and Images for Cisco Catalyst 4500-X Series Switches

Product Number

Description

Image

S45XU-33-1511SG

CAT4500-X Universal Image

cat4500e-universal.SPA.03.03.00.SG.151-1.SG.bin

S45XUK9-33-1511SG

CAT4500-X Universal Crypto Image

cat4500e-universalk9.SPA.03.03.00.SG.151-1.SG.bin

C4500X-LIC=

Base product ID for paper delivered software licenses

NA

C4500X-IPB

IP BASE software license (paper delivery)

NA

C4500X-IP-ES

IP BASE to Enterprise Services upgrade license (paper delivery)

NA

L-C4500-LIC=

Base product ID for electronically delivered software licenses

NA

L-C4500X-IP-ES

IP BASE to Enterprise Services upgrade license (electronically delivered)

NA

Table 4. Cisco IOS Software Release 15.1(1)SG Product Numbers and Images for Cisco Catalyst 4500E Series Switches

Product Number

Description

Image

S45ELB-15101SG(=)

Cisco IOS Software for the Cisco Catalyst 4500 Supervisor Engine 6-E and Sup6L-E (LAN Base image)

cat4500e-lanbase-mz

S45ELBK9-15101SG(=)

Cisco IOS Software for the Cisco Catalyst 4500 Supervisor Engine 6-E and Sup6L-E (LAN Base image with 3DES)

cat4500e-lanbase k9-mz

S45EIPB-15101SG(=)

Cisco IOS Software for the Cisco Catalyst 4500 Supervisor Engine 6-E and Sup6L-E (IP Base image)

Cat4500e-ipbase-mz

S45EIPBK9-15101SG (=)

Cisco IOS Software for the Cisco Catalyst 4500E Series Supervisor Engine 6-E and Sup6L-E (IP Base image with 3DES)

Cat4500e-ipbasek9-mz

S45EES-15101SG(=)

Cisco IOS Software for the Cisco Catalyst 4500E Series Supervisor Engine 6-E and Sup6L-E (Enterprise Services image)

Cat4500e-entservices-mz

S45EESK9-15101SG(=)

Cisco IOS Software for the Cisco Catalyst 4500E Series Supervisor Engine 6-E and Sup6L-E (Enterprise Services image with 3DES)

Cat4500e-entservicesk9-mz

S45EESU-15101SG(=)

Cisco IOS Enterprise image upgrade from LAN Base for the Supervisor 6-E and Supervisor 6L-E

Cat4500e-entservices-mz

S45EESUK9-15101SG(=)

Cisco IOS Enterprise with 3DES upgrade from LAN Base for the supervisor 6-E and Supervisor 6L-E

Cat4500e-entservicesk9-mz

S45EIPBU-15101SG(=)

Cisco IOS Software for the Catalyst 4500E Series Supervisor Engine 6-E and Sup6L-E, Catalyst4948E IOS IP Base Upgrade

Cat4500e-ipbase-mz

S45EIBUK9-15101SG(=)

Cisco IOS Software for the Catalyst 4500E Series Supervisor Engine 6-E and Sup6L-E, Catalyst4948E IOS IP Base Upgrade SSH

Cat4500e-ipbasek9-mz