Guest

Cisco Ethernet Switching Network Modules

Cisco IGESM and Cisco Fiber IGESM , Cisco IOS Release 12.1(22)EA10 and Later

  • Viewing Options

  • PDF (318.0 KB)
  • Feedback
Release Notes for the Cisco Systems Intelligent Gigabit Ethernet Switch Modules for the IBM BladeCenter

Table Of Contents

Release Notes for the Cisco Systems
Intelligent Gigabit Ethernet Switch Modules
for the IBM BladeCenter

Contents

System Requirements

Hardware Supported

Device Manager System Requirements

Hardware Requirements

Software Requirements

Upgrading the Switch Software

Finding the Software Version and Feature Set

Deciding Which Files to Download from the Web

Upgrading a Switch by Using the CLI

Recovering from Software Failure

Installation Notes

New Features

New Hardware Features

New Software Features

Limitations and Restrictions

Cisco IOS Limitations and Restrictions

Device Manager Limitations and Restriction

Important Notes

Cisco IOS Notes

Device Manager Notes

Open Caveats

Resolved Caveats

Resolved Caveats in Cisco IOS Release 12.1(22)EA10a

Resolved Caveats in Cisco IOS Release 12.1(22)EA10

Documentation Updates

Software Configuration Guide Updates

"Configuring IEEE 802.1x Port-Based Authentication" Chapter

"Understanding Flex Links and the MAC Address-Table Move Update" Chapter

"Configuring Network Security with ACLs" Chapter

"Assigning the Switch IP Address and Default Gateway" Chapter

Command Reference Updates

platform chassis-management protected-mode

show platform summary

System Message Guide Updates

Related Documentation

Getting Help and Technical Assistance

Before You Call

Using the Documentation

Getting Help and Information from the World Wide Web

Software Service and Support

Hardware Service and Support

Notices

Edition Notice

Trademarks


Release Notes for the Cisco Systems
Intelligent Gigabit Ethernet Switch Modules
for the IBM BladeCenter


Revised September 24, 2008

This document provides important information about the Cisco Systems Intelligent Gigabit Ethernet Switch Modules, hereafter referred to as the switch, running Cisco IOS Release 12.1(22)EA10 and 121(22)EA10a. Review the new software features, open caveats, and resolved caveats sections for information specific to your switch.

These release notes include important information about this release and any limitations, restrictions, and caveats that apply to it. To verify that these are the correct release notes for your switch:

If your switch is running, you can use the show version user EXEC command. See the "Finding the Software Version and Feature Set" section.

If you are upgrading to a new release, see the software upgrade filename for the Cisco IOS version.

For the complete list of switch documentation, see the "Related Documentation" section.

Contents

This information is in the release notes:

"System Requirements" section

"Upgrading the Switch Software" section

"Installation Notes" section

"New Features" section

"Limitations and Restrictions" section

"Important Notes" section

"Open Caveats" section

"Resolved Caveats" section

"Documentation Updates" section

"Related Documentation" section

"Getting Help and Technical Assistance" section

"Notices" section

System Requirements

The system requirements for this release are described in these sections:

"Hardware Supported" section

"Device Manager System Requirements" section

Hardware Supported

These switches are supported by Cisco IOS Release 12.1(22)EA10 and later:

Cisco Systems Intelligent Gigabit Ethernet Switch Module for the IBM BladeCenter

Cisco Systems Intelligent Gigabit Fiber Ethernet Switch Module for the IBM BladeCenter

Device Manager System Requirements

These sections describe the hardware and software requirements for using the device manager:

"Hardware Requirements" section

"Software Requirements" section

Hardware Requirements

Table 1 lists the minimum hardware requirements for running the device manager.

Table 1 Minimum Hardware Requirements 

Processor Speed
DRAM
Number of Colors
Resolution
Font Size

Intel Pentium II1

64 MB2

256

1024 x 768

Small

1 We recommend Intel Pentium 4.

2 We recommend 256-MB DRAM.


Software Requirements

Table 2 lists the supported operating systems and browsers for using the device manager. The device manager verifies the browser version when starting a session to ensure that the browser is supported.


Note The device manager does not require a plug-in.


Table 2 Supported Operating Systems and Browsers 

Operating System
Minimum Service Pack or Patch
Microsoft Internet Explorer 1
Netscape Navigator

Windows 2000

None

5.5 or 6.0

7.1

Windows XP

None

5.5 or 6.0

7.1

1 Service Pack 1 or higher is required for Internet Explorer 5.5.


Upgrading the Switch Software

Before downloading software, read this section for important information. This section describes these procedures for downloading software:

"Finding the Software Version and Feature Set" section

"Deciding Which Files to Download from the Web" section

"Recovering from Software Failure" section

When you upgrade a switch, the switch continues to operate while the new software is copied to flash memory. If flash memory has enough space, the new image is copied to the selected switch but does not replace the running image until you reboot the switch. If a failure occurs during the copy process, you can still reboot your switch by using the old image. If flash memory does not have enough space for two images, the new image is copied over the existing one. Features provided by the new software are not available until you reload the switch.

If a failure occurs while copying a new image to the switch, and the old image has already been deleted, see the "Recovering from Corrupted Software" section in the "Troubleshooting" chapter of the software configuration guide for this release.


Caution Do not power cycle the switch while you are copying an image to the switch. If a power failure occurs while you are copying the software image to the switch, and there are no other images on the switch, see the "Troubleshooting" chapter in the software configuration guide for detailed recovery procedures.

Finding the Software Version and Feature Set

The image is stored as a bin file in a directory that is named with the Cisco IOS release. A subdirectory contains the files needed for web management. The image is stored on the system board flash device (flash:).

You can use the show version user EXEC command to see the software version that is running on your switch. In the display, check the line that begins with System image file is. This line shows the directory name in flash memory where the image is stored.

Although the show version output always shows the software version running on the switch, the model name shown at the end of this display is the factory configuration and does not change if you upgrade the software image.

You can also use the dir filesystem: privileged EXEC command to see the directory names of other software images that you might have stored in flash memory.

Deciding Which Files to Download from the Web

Table 3 lists the software filenames for this release.

Table 3 Cisco IOS Software Image Files for This Release 

Filename
Description

cigesm-i6q4l2-tar.121-22.EA10a.tar

Noncryptographic Cisco IOS 12.1(22)EA10a image and device manager files

cigesm-i6k212q4-tar.121-22.EA10a.tar

Cryptographic Cisco IOS 12.1(22)EA10a image and device manager files


Upgrading a Switch by Using the CLI

The upgrade procedure in this section describes how to perform the upgrade by using a combined tar file. The procedure assumes that you have already downloaded the tar file for this release from ibm.com to your TFTP server or management station. The tar file is an archive file from which you can extract files by using the archive download-sw command.

For information about where to access the tar files on ibm.com and the names of the tar files for this release, see the "Deciding Which Files to Download from the Web" section.


Caution Do not power cycle the switch while you are copying an image to the switch. If a power failure occurs while you are copying the software image to the switch, call your technical support representative immediately.

The upgrade procedure uses the archive download-sw privileged EXEC command to automatically extract and download the images to the switch. The archive download-sw command automatically deletes the old version and copies the new version to flash memory if the flash memory does not have space to store the old and new versions simultaneously. The archive download-sw command initiates this process:

It verifies adequate space on the flash memory before downloading the new image.

If there is insufficient space on the flash memory to hold both the old and the new images, it deletes the old image. The image is always stored in a subdirectory on the flash memory. The subdirectory name is the same as the image release name, for example cigesm-i6q2l2q4-tar.121-22.EA9.tar.

After the new image is downloaded, it automatically sets the BOOT environment variable. You do not have to change the names of old file names to new file names.

If you enter the command with the /reload or the /force-reload option, it automatically reloads the switch after the upgrade.

For more information on using these commands, see the command reference for this release.

Follow these steps to upgrade the switch software by using the CLI:


Step 1 If your PC or workstation cannot act as a TFTP server, copy the file to a TFTP server to which you have access.

Step 2 Access the CLI by starting a Telnet session or by connecting to the switch service port.

To start a Telnet session on your PC or workstation, enter this command:

server% telnet switch_ip_address

Enter the Telnet username and password if you are prompted to do so.

Step 3 Enter privileged EXEC mode:

switch> enable
switch#

Enter the password if you are prompted to do so.

Step 4 Display the name of the running (default) image file (BOOT path-list). This example shows the name in italic:

switch# show boot
BOOT path-list:    flash:current_image
Config file:       flash:config.text
Enable Break:      1
Manual Boot:       no
HELPER path-list: 
NVRAM/Config file
buffer size: 32768

Step 5 If there is no software image defined in the BOOT path-list, enter dir flash: to display the contents of flash memory.

Step 6 Enter the archive download-sw /reload command.

Step 7 Press Return to confirm the reload.

Your Telnet session ends when the switch resets.

Step 8 After the switch reboots, use Telnet to return to the switch, and enter the show version user EXEC command to verify the upgrade procedure. If you have a previously opened browser session to the upgraded switch, close the browser, and start it again to ensure that you are using the latest HTML files.


Recovering from Software Failure

If the software fails, you can reload the software. For detailed recovery procedures, see the "Troubleshooting" chapter in the software configuration guide for your switch.

Installation Notes

Use the BladeCenter Management Module web page to assign IP information to the switch. For more information, refer to the Cisco Systems Intelligent Gigabit Ethernet Switch Module for the IBM BladeCenter Installation Guide or the Cisco Systems Intelligent Gb Fiber Ethernet Switch Module for the IBM BladeCenter Installation Guide.

New Features

These sections describe the new supported hardware and the new software features provided in this release:

"New Hardware Features" section

"New Software Features" section

New Hardware Features

For a complete list of supported hardware, see the "Hardware Supported" section.

New Software Features

There are no new software features in this release.

Limitations and Restrictions

You should review this section before you begin working with the switches. These are known limitations that will not be fixed, and there is not always a workaround. Some features might not work as documented, and some features could be affected by recent changes to the switch hardware or software.


Note These limitations and restrictions apply to all switches unless otherwise noted.


These sections describe the limitations and restrictions:

"Cisco IOS Limitations and Restrictions" section

"Device Manager Limitations and Restriction" section

Cisco IOS Limitations and Restrictions

These limitations and restrictions apply to the Cisco IOS configuration:

Root guard is inconsistent when configured on a port that is in the STP blocked state at the time of configuration. (CSCdp85954)

Aging of dynamic addresses does not always occur exactly after the specified aging time elapses. It might take up to three times this time period before the entries are removed from the table. (CSCdr96565)

Internal loopback in half-duplex mode causes input errors. We recommend that you configure the PHY to operate in full duplex before setting the internal loopback. (CSCds20365)

A source-based distribution port group does not share the broadcast with all the group members. When the destination of the packets is a broadcast, or an unknown unicast, or a multicast, the packets are forwarded on only one port member of a port group, not being shared among all members of the port group. (CSCdt24814)

When you enter the show controllers ethernet-controller interface-id or show interfaces interface-id counters privileged EXEC command and a large number of erroneous frames are received on an interface, the receive-error counts might be smaller than the actual values, and the receive-unicast frame count might be larger than the actual frame count. (CSCdt27223)

Two problems occur when a switch is in transparent mode:

If the switch is a leaf switch, any new VLANs added to it are not propagated upstream through VTP messages. As a result, the switch does not receive flooded traffic for that VLAN.

If the switch is connected to two VTP servers, it forwards their pruning messages. If the switch has a port on a VLAN that is not requested by other servers through their pruning messages, it does not receive flooded traffic for that VLAN.

There is no workaround. (CSCdt48011)

The receive count output for the show controllers ethernet-controller interface-id privileged EXEC command shows the incoming packets count before the ASIC either drops or allows the packet or not. Therefore, for ports in the STP blocking states, even though the receive count shows incoming frames, the packet is not forwarded to the other port. (CSCdu83640)

In some network topologies, when UplinkFast is enabled on all switches but BackboneFast is not enabled on all switches, a temporary loop might occur when the STP root switch is changed.

The workaround is to enable BackboneFast on all switches. (CSCdv02941)

At times, the Window XP pop-up window might not appear while authenticating a client (supplicant) because the user information is already stored in Windows XP. However, the Extensible Authentication Protocol over LAN (EAPOL) response to the switch (authenticator) might have an empty user ID that causes the IEEE 802.1x port to be unauthenticated.

The workaround is to manually re-initiate authentication by either logging off or by detaching the link and then reconnecting it. (CSCdv19671)

If two switches are connected and access ports connect two VLANs whose VLAN IDs are separated by the correct multiple of 64, the two switches might use the same bridge ID in the same spanning-tree instances. This might cause a loss of connectivity in the VLANs as the spanning tree blocks the ports that should be forwarding.

The workaround is to not cross-connect VLANs. For example, do not use an access port to connect VLAN 1 to VLAN 65 on either the same switch or from one switch to another switch. (CSCdv27247)

You can configure up to 256 multicast VLAN registration (MVR) groups by using the mvr vlan group interface configuration command, but only 255 groups are supported on a switch at one time. If you statically add a 256th group, and 255 groups are already configured, the switch continues trying (and failing) to add the new group.

The workaround is to set the mode to dynamic for switches that are connected to IGMP-capable devices. The new group can join the multicast stream if another stream is dynamically removed from the group. (CSCdv45190)

The ip http authentication enable global configuration command is not saved to the configuration file. Therefore, this configuration is lost after a reboot.

The workaround is to manually enter the command again after a reboot. (CSCdv67047)

If a port is configured as a secure port with the violation mode as restrict, the secure ports might process packets even after the maximum number of MAC addresses is reached, but those packets are not forwarded to other ports. (CSCdw02638)

If the STP root port changes on the switch, the connections between the switch and the internal
100 Mbps management module ports (ports 15 and 16) do not immediately change to the forwarding state. They remain in the listening state for a few seconds, during which time any traffic between the switch and management module is lost. This occurs if all of these conditions exist:

The switch is in IEEE 802.1w rapid STP (RSTP) mode.

An EtherChannel is configured between the switch external ports and any directly connected switches.

The STP root port is part of the EtherChannel group.

There is no workaround. (CSCed89186)

You can apply ACLs to a management VLAN or to any traffic that is going directly to the CPU, such as SNMP, Telnet, or web traffic. For information on creating ACLs for these interfaces, see the "Configuring IP Services" section of the Cisco IOS IP and IP Routing Configuration Guide for Cisco IOS Release 12.1 and the Cisco IOS IP and IP Routing Command Reference for Cisco IOS Release 12.1.

The SSH feature uses a large amount of switch memory, which limits the number of VLANs, trunk ports, and cluster members that you can configure on the switch. Before you download the cryptographic software image, your switch configuration must meet these conditions:

The number of trunk ports multiplied by the number of VLANs on the switch must be less than or equal to 128. These are examples of switch configurations that meet this condition:

If the switch has 2 trunk ports, it can have up to 64 VLANs.

If the switch has 32 VLANs, it can have up to 4 trunk ports.

If your switch has a saved configuration that does not meet these conditions and you upgrade the switch software to the cryptographic software image, the switch might run out of memory. If this happens, the switch does not operate properly. For example, it might continuously reload.

If the switch runs out of memory, this message appears:

%SYS-2-MALLOCFAIL: Memory allocation of (number_of_bytes) bytes failed ...

The workaround is to check your switch configuration and to ensure that it meets the previous conditions. (CSCdw66805)

When you use the policy-map global configuration command to create a policy map and do not specify any action for a class map, the association between that class map and policy map is not saved when you exit policy-map configuration mode.

The workaround is to specify an action in the policy map. (CSCdx75308)

When the Internet Group Management Protocol (IGMP) Immediate Leave is configured, new ports are added to the group membership each time a join message is received, and ports are pruned (removed) each time a leave message is received.

If the join and leave messages arrive at high rate, the CPU can become busy processing these messages. For example, the CPU usage is approximately 50 percent when 50 pairs of join and leave messages are received each second. Depending on the rate at which join and leave messages are received, the CPU usage can go very high, even up to 100 percent, as the switch continues processing these messages.

The workaround is to only use the Immediate Leave processing feature on VLANs where a single host is connected to each port. (CSCdx95638)

In a Remote Switched Port Analyzer (RSPAN) session, if at least one switch is used as an intermediate or destination switch and if traffic for a port is monitored in both directions, traffic does not reach the destination switch.

These are the workarounds:

Use a Catalyst 3550 or Catalyst 6000 switch as an intermediate or destination switch.

Monitor traffic in only one direction if a switch module is used as an intermediate or destination switch. (CSCdy38476)

If you assign a nonexistent VLAN ID to a static-access EtherChannel by setting the ciscoVlanMembershipMIB:vmVlan object, the switch does not create the VLAN in the VLAN database. (CSCdy65850)

When you configure a dynamic switch port by using the switchport access vlan dynamic interface configuration command, the port might allow unauthorized users to access network resources if the interface changes from access mode to trunk mode through Dynamic Trunking Protocol (DTP) negotiation.

The workaround is to configure the port as a static access port. (CSCdz32556)

The output from the show stack privileged EXEC command might show a large number of false interrupts.

There is no workaround. The number of interrupts does not affect the switch functionality. (CSCdz34545)

If you configure a static secure MAC address on an interface before enabling port security on the interface, the same MAC address is allowed on multiple interfaces. If the same MAC address is added on multiple ports before enabling port security and port security is later enabled on those ports, only the first MAC address can be added to the hardware database. If port security is first enabled on the interface, the same static MAC address is not allowed on multiple interfaces. (CSCdz74685)

If you press and hold the spacebar while the output of any show user EXEC command is being displayed, the Telnet session stops, and you can no longer communicate with the management VLAN.

These are the workarounds:

Enter the show commands from privileged EXEC mode, and use this command to set the terminal length to zero:

switch# terminal length 0

Open a Telnet session directly from a PC or workstation to the switch.

Do not hold down the spacebar while scrolling through the output of a show user EXEC command. Instead, slowly press and release the spacebar. (CSCea12888)

When you connect a switch to another switch through a trunk port and the number of VLANs on the first switch is lower than the number on the connected switch, interface errors are received on the management VLAN of the first switch.

The workaround is to match the configured VLANs on each side of the trunk port. (CSCea23138)

When you enable Port Fast on a static-access port and then change the port to dynamic, Port Fast remains enabled. However, if you change the port back to static, Port Fast is disabled.

The workaround is to configure Port Fast globally by using the spanning-tree portfast global configuration command. (CSCea24969)

When using the SPAN feature, the monitoring port receives copies of sent and received traffic for all monitored ports. If the monitoring port is oversubscribed, it will probably become congested. This might also affect how one or more of the monitored ports forwards traffic.

If there is not a good distribution of MAC addresses on a port channel, the switch might drop packets even though the port-channel has not reached 100 percent utilization.

The workaround is to use a different load balancing method (for example, use destination-based forwarding instead of source-based forwarding). (CSCeb75386)

If the switch has learned over 4000 MAC addresses, the clear mac address-table dynamic user EXEC command does not clear all of the addresses from the MAC address table.

The workaround is to repeatedly enter the clear mac address-table dynamic user EXEC command until the address table is cleared. (CSCec02055)

Port security is not supported on the internal 100 Mbps management module ports (ports 15 and 16). Preventing port security on these ports prevents the blocking of communication between the management module and the switch. (CSCec10814)

After a topology change in STP, some server or workstations connected to the management VLAN can transfer data because the affected switch ports start forwarding before they move to the forwarding state.


Note If the terminal does not belong to management VLAN, this failure does not occur.


The workaround is to place the ports in static-access mode for a single VLAN if the topology supports this configuration. (CSCec13986)

The output of the show flowcontrol user EXEC command incorrectly shows that the switch is not receiving and sending pause frames.

The workaround is to use the show controllers ethernet-controller privileged EXEC command to display the sent and received pause packets for a specific port. (CSCec74979)

If the internal 100 Mbps management module ports (ports 15 and 16) and the external 10/100/1000 ports (ports 17 to 20) are members of a VLAN or multiple VLANs, the spanning-tree states incorrectly show that a Layer 2 loop has occurred. In reality, there is no STP loop. (CSCed03370)

The Ethernet ports on the management module have a fixed static trunk configuration. This configuration cannot be changed. IP phones should not be connected to these management module ports. (CSCed11638)

The monitor session is placed in inactive state if a port is configured to be a Switched Port Analyzer (SPAN) destination port in a SPAN session and if a source port is not configured. While in this state, the source port cannot send and receive traffic, and no address learning occurs on the destination port. (CSCed20563)

These are the workarounds:

Identify a source port for the SPAN session.

Disable the SPAN session, and remove the designation of destination port for the port.

Use the shutdown and no shutdown interface configuration commands on the designated destination port.

Note that the switch default native vlan is VLAN 2, not VLAN 1, on the switch external 10/100/1000 ports (ports 17 to 20). The native VLAN of a trunk interface can be removed from the allowed VLAN list. This can affect IP connectivity to the switch management VLAN.

The workaround is to add the native VLAN back to the allowed VLAN list on the trunk interface. (CSCed25956)

When connected to some third-party devices that send early preambles, a switch port operating at 100 Mbps full duplex or 100 Mbps half duplex might bounce the line protocol up and down. The problem occurs only when the switch is receiving frames.

The workaround is to configure the port for 1000 Mbps and full duplex or to connect a hub or a nonaffected device to the switch. (CSCed39091)

If the switch is running IEEE 802.1w rapid STP (RSTP) mode and a directly connected switch is running IEEE 802.1D per-VLAN spanning-tree plus (PVST+), the switch runs PVST+ as expected. However, if the connected switch changes its configuration to RSTP, the switch continues to send IEEE 802.1D BPDUs instead of sending IEEE 802.1w BPDUs.

The workaround is to use the clear spanning-tree detected-protocols privileged EXEC command to restart the protocol migration process (force the renegotiation with neighboring switches). (CSCed40295)

All unknown unicast and broadcast traffic in an EtherChannel are sent to the port configured as the designated port. If this is the only type of traffic on the EtherChannel, it could reduce the aggregate bandwidth and speed on this port. (CSCed47701)

When using the police policy-map class configuration command on Gigabit-capable Ethernet ports, a value less than 8192 can cause the service policy configuration to fail.

The workaround is to enter a burst-byte value that is greater than or equal to 8192. (CSCed63013)

If a switch receives STP packets and non-STP packets that have a CoS value of 6 or 7 and all of these packets belong to the same management VLAN, a loop might occur.

These are the workarounds:

Change the CoS value of the non-STP packets to a value other than 6 or 7.

If the CoS value of the non-STP packets must be 6 or 7, configure these packets to belong to a VLAN other than the management VLAN. (CSCed88622)

If the switch does not receive traffic from stations in the network, it prematurely removes and then re-adds their dynamic MAC addresses from the MAC address table. This causes temporary flooding when the switch receives a packet for the affected addresses.

There is no workaround. (CSCed92062)

Using the spanning-tree bpduguard enable interface configuration command on the internal management module ports (ports 15 and 16) might change the port state to error -disabled. Because the switch does not allow the administrative state on the management module ports to be changed through the CLI, HTTP, or SNMP, the internal management module port remains in the error-disabled state. An entry in the system message log is added.

This problem only occurs when there are two switches in the BladeCenter chassis. The first switch sends out the BPDU packet on its interface, and it is received by the second switch being monitored. If there are no other switches present in the chassis, the interface does not go into error-disabled state.

The workaround is to reboot the switch after disabling BPDU guard on the switch or on the internal management module ports. Make sure that the saved configuration for the switch does not have BPDU guard enabled. (CSCee27729)

When a PC is attached to a switch through a hub, is authenticated on an IEEE 802.1x multiple-hosts port, is moved to another port, and is then attached through another hub, the switch does not authenticate the PC.

The workaround is to decrease the number of seconds between re-authentication attempts by entering the dot1x timeout reauth-period seconds interface configuration command. (CSCeg41561)

The bootloader on a switch can take a long time to load the IOS image (longer than 40 seconds), even when there is a valid image pointed to by the bootloader.

There is no workaround. (CSCeh01976)

IP connectivity and VLAN access to a switch are lost under these conditions:

The switch is restored to the factory defaults.

The switch is reloaded.

A saved configuration file that has the VTP domain name set to something other than null is transferred to the switch using TFTP.

These are the workarounds. You only need to do one of these

After resetting the factory defaults on the switch, edit the switch configuration file and change the VTP domain name so that it matches the VTP name in the saved configuration file you are going to TFTP onto the switch.

Before using TFTP to transfer the saved configuration file onto the switch, use a text editor to remove the VTP domain name in the saved configuration file. After you transfer the file and reload the switch, edit the configuration file and change the VTP domain name back to the desired name.

If you are starting from a switch that is set to the factory defaults, transfer the configuration file with TFTP and reload the switch. Connect to the switch through the console port and reload the switch again.

Instead of transferring the configuration file by TFTP, use a text editor to open the configuration file on the switch and copy and paste in the new configuration file. (CSC54813)

Certain combinations of features create conflicts with the port security feature. In Table 4, No means that port security cannot be enabled on a port if the referenced feature is also running on the same port. Yes means that both port security and the referenced feature can be enabled on the same port at the same time.

Table 4 Port Security Incompatibility with Other Switch Features 

DTP1 port2

No

Trunk port

No

Dynamic-access port3

No

SPAN source port

Yes

SPAN destination port

No

EtherChannel

No

Protected port

Yes

IEEE 802.1x port

Yes

1 DTP = Dynamic Trunking Protocol

2 A port configured with the switchport mode dynamic interface configuration command

3 A VLAN Query Protocol (VQP) port configured with the switchport access vlan dynamic interface configuration command


Device Manager Limitations and Restriction

These are the device manager limitations and restrictions:

Clustering is not supported in releases later than Cisco IOS 12.1(14)AY4.

When you are prompted to accept the security certificate and you click No, you see only a blank screen, and the device manager does not start.

The workaround is to click Yes when you are prompted to accept the certificate. (CSCef45718)

Important Notes

These important notes apply to all switches unless otherwise noted.

This section describes important information related to this release:

"Cisco IOS Notes" section

"Device Manager Notes" section

Cisco IOS Notes

These are the Cisco IOS configuration notes related to this release:

IGMP filtering controls only group specific query and membership reports, including join and leave reports. It does not control general IGMP queries.

When an IEEE 802.1x-authenticated client is disconnected from an IP phone, hub, or switch and does not send an EAPOL-Logoff message, the switch interface does not change to the unauthorized state. If this happens, it can take up to 60 minutes for the interface to change to the unauthorized state when the re-authentication time is the default value (3600 seconds).

The workaround is to change the number of seconds between re-authentication attempts by using the dot1x timeout re-authperiod seconds global configuration command. (CSCdz38483)

The guest VLAN might not assign a DHCP address to some clients. This is a problem with the IEEE 802.1x client, not with the switch.

The workaround is to either release and renew the IP address or to change the default timers. These examples show typical interface timer changes:

dot1x timeout quiet-period 3
dot1x timeout tx-period 5

The transmit-interface type number interface configuration command is not supported.

Device Manager Notes

These notes apply to the device manager:

We recommend this browser setting to speed up the time to display the device manager from Microsoft Internet Explorer.

From Microsoft Internet Explorer:

1. Choose Tools > Internet Options.

2. Click Settings in the "Temporary Internet files" area.

3. From the Settings window, choose Automatically.

4. Click OK.

5. Click OK to exit the Internet Options window.

The HTTP server interface must be enabled to display the device manager. By default, the HTTP server is enabled on the switch. Use the show running-config privileged EXEC command to see if the HTTP server is enabled or disabled.

Beginning in privileged EXEC mode, follow these steps to configure the HTTP server interface:

 
Command
Purpose

Step 1 

configure terminal

Enter global configuration mode.

Step 2 

ip http authentication {enable | local | tacacs}

Configure the HTTP server interface for the type of authentication that you want to use.

enable—Enable password, which is the default method of HTTP server user authentication, is used.

local—Local user database, as defined on the Cisco router or access server, is used.

tacacs—TACACS server is used.

Step 3 

end

Return to privileged EXEC mode.

Step 4 

show running-config

Verify your entries.

The device manager uses the HTTP protocol (the default is port 80) and the default method of authentication (the enable password) to communicate with the switch through any of its Ethernet ports and to allow switch management from a standard web browser.

If you change the HTTP port, you must include the new port number when you enter the IP address in the browser Location or Address field (for example, http://10.1.126.45:184 where 184 is the new HTTP port number). You should write down the port number through which you are connected. Use care when changing the switch IP information.

If you are not using the default method of authentication (the enable password), you need to configure the HTTP server interface with the method of authentication used on the switch.

Beginning in privileged EXEC mode, follow these steps to configure the HTTP server interface:

 
Command
Purpose

Step 1 

configure terminal

Enter global configuration mode.

Step 2 

ip http authentication {enable | local | tacacs}

Configure the HTTP server interface for the type of authentication that you want to use.

enable—Enable password, which is the default method of HTTP server user authentication, is used.

local—Local user database, as defined on the Cisco router or access server, is used.

tacacs—TACACS server is used.

Step 3 

end

Return to privileged EXEC mode.

Step 4 

show running-config

Verify your entries.

If you use Internet Explorer Version 5.5 and select a URL with a nonstandard port at the end of the address (for example, www.cisco.com:84), you must enter http:// as the URL prefix. Otherwise, you cannot start the device manager.

Open Caveats

These are the open Cisco IOS configuration caveats in this release:

CSCeh28776

In the device manager express setup page, Telnet access is shown as disabled. Telnet access is enabled on the device by configuring the username and then login local on the vty lines.

The workaround is to use the CLI to check for Telnet status or to configure passwords on vty lines to enable Telnet access.

CSCeh58774

The duplex setting shown by the device manager for an Ethernet interface is not the same as the duplex setting in the running configuration. This occurs when you change the only duplex setting on the device manager from Auto to Full. The speed setting remains Auto. When the device manager page is refreshed after the configuration change, the duplex setting is reported as Auto.

The workaround is to configure the Ethernet interface at 10, 100, or 1000 Mbps, remove the full duplex setting on the Ethernet interface and let the duplex return to Auto. If you had configured full duplex because the Ethernet interface was autonegotiating to half duplex, configure the speed and duplex settings on both link partners.

CSCsc78651

When the switch restarts, the VLAN 1 interface is placed in the administrative down (shutdown) state even though VLAN 1 is configured as administrative up (no shutdown).

These are workarounds:

Place the VLAN 1 interface in the administrative up state by using the no shutdown interface command after the switch restarts.

Designate the VLAN 1 interface as the primary management VLAN by using the management interface configuration command.

Do not use the VLAN 1 interface for managing the switch.

Resolved Caveats

These caveats were resolved in these releases:

"Resolved Caveats in Cisco IOS Release 12.1(22)EA10a" section

"Resolved Caveats in Cisco IOS Release 12.1(22)EA10" section

Resolved Caveats in Cisco IOS Release 12.1(22)EA10a

These caveats were resolved in Cisco IOS Release 12.1(22)EA10a

CSCsi92350

The switch no longer might reload with a signal 10 exception.

CSCsj15899

When an IEEE 802.1x-enabled interface has MAC authentication bypass (MAB) and guest VLAN enabled and the multiple-host mode configured, the switch no longer reloads if it receives traffic that is not an Extensible Authentication Protocol (EAP) frame and has a MAC address that is not in the MAB profile.

Resolved Caveats in Cisco IOS Release 12.1(22)EA10

These caveats were resolved in Cisco IOS Release 12.1(22)EA10:

CSCei83729

Strict priority queuing now works correctly.

CSCsb12598

Cisco IOS device may crash while processing malformed Secure Sockets Layer (SSL) packets. In order to trigger these vulnerabilities, a malicious client must send malformed packets during the SSL protocol exchange with the vulnerable device.

Successful repeated exploitation of any of these vulnerabilities may lead to a sustained Denial-of-Service (DoS); however, vulnerabilities are not known to compromise either the confidentiality or integrity of the data or the device. These vulnerabilities are not believed to allow an attacker will not be able to decrypt any previously encrypted information.

Cisco IOS is affected by the following vulnerabilities:

Processing ClientHello messages, documented as Cisco bug ID CSCsb12598

Processing ChangeCipherSpec messages, documented as Cisco bug ID CSCsb40304

Processing Finished messages, documented as Cisco bug ID CSCsd92405

Cisco has made free software available to address these vulnerabilities for affected customers. There are workarounds available to mitigate the effects of these vulnerabilities.

This advisory is posted at http://www.cisco.com/warp/public/707/cisco-sa-20070522-SSL.shtml.


Note Another related advisory has been posted with this advisory. This additional advisory also describes a vulnerability related to cryptography that affects Cisco IOS. This related advisory is available at the following link: http://www.cisco.com/warp/public/707/cisco-sa-20070522-crypto.shtml.


A combined software table for Cisco IOS is available to aid customers in choosing a software releases that fixes all security vulnerabilities published as of May 22, 2007. This software table is available at the following link: http://www.cisco.com/warp/public/707/cisco-sa-20070522-cry-bundle.shtml.

CSCsb40304

Cisco IOS device may crash while processing malformed Secure Sockets Layer (SSL) packets. In order to trigger these vulnerabilities, a malicious client must send malformed packets during the SSL protocol exchange with the vulnerable device.

Successful repeated exploitation of any of these vulnerabilities may lead to a sustained Denial-of-Service (DoS); however, vulnerabilities are not known to compromise either the confidentiality or integrity of the data or the device. These vulnerabilities are not believed to allow an attacker will not be able to decrypt any previously encrypted information.

Cisco IOS is affected by the following vulnerabilities:

Processing ClientHello messages, documented as Cisco bug ID CSCsb12598

Processing ChangeCipherSpec messages, documented as Cisco bug ID CSCsb40304

Processing Finished messages, documented as Cisco bug ID CSCsd92405

Cisco has made free software available to address these vulnerabilities for affected customers. There are workarounds available to mitigate the effects of these vulnerabilities.

This advisory is posted at http://www.cisco.com/warp/public/707/cisco-sa-20070522-SSL.shtml.


Note Another related advisory has been posted with this advisory. This additional advisory also describes a vulnerability related to cryptography that affects Cisco IOS. This related advisory is available at the following link: http://www.cisco.com/warp/public/707/cisco-sa-20070522-crypto.shtml.


A combined software table for Cisco IOS is available to aid customers in choosing a software releases that fixes all security vulnerabilities published as of May 22, 2007. This software table is available at the following link: http://www.cisco.com/warp/public/707/cisco-sa-20070522-cry-bundle.shtml.

CSCsd92405

Cisco IOS device may crash while processing malformed Secure Sockets Layer (SSL) packets. In order to trigger these vulnerabilities, a malicious client must send malformed packets during the SSL protocol exchange with the vulnerable device.

Successful repeated exploitation of any of these vulnerabilities may lead to a sustained Denial-of-Service (DoS); however, vulnerabilities are not known to compromise either the confidentiality or integrity of the data or the device. These vulnerabilities are not believed to allow an attacker will not be able to decrypt any previously encrypted information.

Cisco IOS is affected by the following vulnerabilities:

Processing ClientHello messages, documented as Cisco bug ID CSCsb12598

Processing ChangeCipherSpec messages, documented as Cisco bug ID CSCsb40304

Processing Finished messages, documented as Cisco bug ID CSCsd92405

Cisco has made free software available to address these vulnerabilities for affected customers. There are workarounds available to mitigate the effects of these vulnerabilities.

This advisory is posted at http://www.cisco.com/warp/public/707/cisco-sa-20070522-SSL.shtml.


Note Another related advisory has been posted with this advisory. This additional advisory also describes a vulnerability related to cryptography that affects Cisco IOS. This related advisory is available at the following link: http://www.cisco.com/warp/public/707/cisco-sa-20070522-crypto.shtml.


A combined software table for Cisco IOS is available to aid customers in choosing a software releases that fixes all security vulnerabilities published as of May 22, 2007. This software table is available at the following link: http://www.cisco.com/warp/public/707/cisco-sa-20070522-cry-bundle.shtml.

CSCsd95616

Two crafted Protocol Independent Multicast (PIM) packet vulnerabilities exist in Cisco IOS software that may lead to a denial of service (DoS) condition. Cisco has released free software updates that address these vulnerabilities. Workarounds that mitigate these vulnerabilities are available.

This advisory is posted at http://www.cisco.com/warp/public/707/cisco-sa-20080924-multicast.shtml.

CSCsf04754

Multiple Cisco products contain either of two authentication vulnerabilities in the Simple Network Management Protocol version 3 (SNMPv3) feature. These vulnerabilities can be exploited when processing a malformed SNMPv3 message. These vulnerabilities could allow the disclosure of network information or may enable an attacker to perform configuration changes to vulnerable devices. The SNMP server is an optional service that is disabled by default. Only SNMPv3 is impacted by these vulnerabilities. Workarounds are available for mitigating the impact of the vulnerabilities described in this document.

The United States Computer Emergency Response Team (US-CERT) has assigned Vulnerability Note VU#878044 to these vulnerabilities.

Common Vulnerabilities and Exposures (CVE) identifier CVE-2008-0960 has been assigned to these vulnerabilities.

This advisory will be posted at http://www.cisco.com/warp/public/707/cisco-sa-20080610-snmpv3.shtml

CSCsh77929

A host with an Intel network interface card (NIC) connected to an external copper switch port no longer loses connectivity when the host reboots.

Documentation Updates

This section provides updates to the product documentation:

"Software Configuration Guide Updates" section

"Command Reference Updates" section

"System Message Guide Updates" section

These changes will be included in the next revision of the Cisco IGESM blade switch documentation.

Software Configuration Guide Updates

These corrections apply to the software configuration guide in the referenced chapter.

"Configuring IEEE 802.1x Port-Based Authentication" Chapter

This information about the dot1x timeout tx-period seconds interface configuration command is incorrect:

The range for seconds is from 5 to 65535.

The correct range is from 1 to 65535 seconds.

"Understanding Flex Links and the MAC Address-Table Move Update" Chapter

This information in the "MAC Address-Table Move Update" section is incorrect:

The switch then starts forwarding traffic from the server to the PC through port 4, which reduces the loss of traffic from the server to the PC.

This is the correct information:

Switch A does not need to wait for the MAC address-table update. The switch detects a failure on port 1 and immediately starts forwarding server traffic from port 2, the new forwarding port. This change occurs in 100 milliseconds (ms). The PC is directly connected to switch A, and the connection status does not change. Switch A does not need to update the PC entry in the MAC address table.

"Configuring Network Security with ACLs" Chapter

This information was corrected in the Applying ACLs to a Physical Interface section:

This example shows how to apply access list 2 on an interface to filter packets entering the interface:

Switch(config)# interface gigabitethernet0/20
Switch(config-if)# ip access-group 2 in

"Assigning the Switch IP Address and Default Gateway" Chapter

This information was added to the chapter:

Configuring Protected Mode

By default, protected mode is disabled, and the BladeCenter chassis management module controls the CIGESM blade switch. In Cisco IOS Release 12.1(22)EA9 and later, you can enable protected mode to prevent the management module from controlling the blade switch. By locking out the management module from control of the switch, server administrators cannot manage the switch from the management module. When protected mode is enabled, the chassis management module cannot control or configure these features and functions of the CIGESM blade switch:

IP addresses

Administration of external ports

Whether the blade switch can be managed with traffic received over external ports

That the CIGESM will not revert to the manufacturing default configuration


Note To prevent physical damage to the blade switch, the management module can still reboot or power down the blade switch if the switch is in protected mode and an over-temperature or over-current condition is detected by the module.


Protected Mode Guidelines and Restrictions

These guidelines and restrictions apply to protected mode:

Protected mode must be enabled on the chassis management module before you enter this command on the blade switch. For information about enabling protected mode on the chassis management module, see the management module documentation at this URL:

http://www-03.ibm.com/servers/eserver/support/bladecenter/index.html

After protected mode is operational on the switch, the management module cannot configure or administer the blade switch.

The blade switch must be rebooted for protected mode to become operational.

Protected mode remains active even when the switch is moved to another chassis.

Recovery from lost passwords requires direct access through the external serial port on the switch.

Beginning in privileged EXEC mode, follow these steps to enable protected mode and prevent the management module from controlling the switch:

 
Command
Purpose

Step 1 

configure terminal

Enter global configuration mode.

Step 2 

platform chassis-management protected-mode

Enable the switch to block control from the management module.

Step 3 

exit

Return to global configuration mode.

Step 4 

end

Return to privileged EXEC mode.

Step 5 

show platform summary

Verify that protected mode will be enabled on the next reboot.

Note After rebooting the switch, enter the show platform summary user EXEC command to verify that protected mode is operations.

To disable protected mode and return control of the blade switch to the management module, enter the no platform chassis-management protected-mode.

Command Reference Updates

These changes were made to the command reference.

This information about the dot1x timeout tx-period seconds interface configuration command is incorrect:

The range for seconds is from 5 to 65535.

The correct range is from 1 to 65535 seconds.

The usage guidelines for the set and unset bootloader commands in the command reference are incorrect.

These are the correct usage guidelines for the set command:

Environment variables are case sensitive and must be entered as documented.

Environment variables that have values are stored in flash memory outside of the flash file system.

Under normal circumstances, it is not necessary to alter the setting of the environment variables.

The MANUAL_BOOT environment variable can also be set by using the boot manual global configuration command.

The BOOT environment variable can also be set by using the boot system filesystem:/file-url global configuration command.

The ENABLE_BREAK environment variable can also be set by using the boot enable-break global configuration command.

The HELPER environment variable can also be set by using the boot helper filesystem:/file-url global configuration command.

The CONFIG_FILE environment variable can also be set by using the boot config-file flash:/file-url global configuration command.

The HELPER_CONFIG_FILE environment variable can also be set by using the boot helper-config-file filesystem:/file-url global configuration command.

The HELPER_CONFIG_FILE environment variable can also be set by using the boot helper-config-file filesystem:/file-url global configuration command.

The bootloader prompt string (PS1) can be up to 120 printable characters except the equal sign (=).

These are the correct guidelines for the unset command:

Under normal circumstances, it is not necessary to alter the setting of the environment variables.

The MANUAL_BOOT environment variable can also be reset by using the no boot manual global configuration command.

The BOOT environment variable can also be reset by using the no boot system global configuration command.

The ENABLE_BREAK environment variable can also be reset by using the no boot enable-break global configuration command.

The HELPER environment variable can also be reset by using the no boot helper global configuration command.

The CONFIG_FILE environment variable can also be reset by using the no boot config-file global configuration command.

The HELPER_CONFIG_FILE environment variable can also be reset by using the no boot helper-config-file global configuration command.

These commands were added to the command reference:

platform chassis-management protected-mode

show platform summary

platform chassis-management protected-mode

Use the platform chassis-management protected-mode global configuration command to enable protected mode on the CIGESM blade switch. Use the no form of this command to return to the default setting.

platform chassis-management protected-mode

no platform chassis-management protected-mode

Syntax Description

This command has no arguments or keywords.

Defaults

Protected mode is turned off.

Command Modes

Global configuration

Command History

Release
Modification

12.1(22)EA9

This command was introduced.

Usage Guidelines

By default, the IBM management module controls the blade switch. When you enter this command, control of the blade switch by the management module is disabled.

Protected mode must be enabled on the chassis management module before you enter this command on the blade switch. For information about enabling protected mode on the chassis management module, see the management module documentation at this URL:

http://www-03.ibm.com/servers/eserver/support/bladecenter/index.html

You must reboot the blade switch after entering the command.

The switch blocks this command if, after rebooting, an IP-manageable interface on the switch module is not reachable from an external interface. (This prevents the switch module from being unmanageable after reboot.)

Related Commands

Command
Description

show platform summary

Displays information about how the switch status interacts with the BladeCenter chassis.

show platform summary

Use the show platform summary user EXEC command to display information about how the switch interprets its interface with the BladeCenter chassis.

show platform summary

Syntax Description

This command has no arguments or keywords.

Command Modes

User EXEC

Command History

Release
Modification

12.1(14)AY

This command was introduced.

12.1(22)EA9

Support for status of protected mode was added.

Examples

This is an example of output from the show platform summary command:

Switch# show platform summary
Platform Summary:

Switch Slot: 2
Chassis Type: BladeCenter
Current IP Addr: 10.10.139.221, 255.255.255.224,  gw: 10.10.139.193 
Default IP Addr: 10.10.10.92, 255.255.255.0,  gw: 0.0.0.0 
IP Fields read from VPD: 10.10.139.221, 255.255.255.224,  gw: 10.10.139.193
Static IP Fields in VPD: 10.10.139.221  255.255.255.224  10.10.139.193  
IP Acquisition Method used: static

Active Mgmt Module in Mgmt Slot: 1
Native Vlan for Mgmt Module Ethernet ports: 1
External Mgmt over Extern ports Disabled
Mgmt Module Protected Mode: Not operational
Mgmt Module Protected Mode configured on switch: FALSE
Mgmt Module enabled Protected Mode: FALSE
ESM_SFP_3_#

Related Commands

Command
Description

show platform hardware eeprom chassis-mgmt

Displays contents of Vital Product Data (VPD) EEPROM memory.

show platform hardware esm pic-version

Displays the current version of the PIC microcontroller image.

show platform hardware esm registers

Displays the current value (in hex) of the PIC microcontroller registers.

System Message Guide Updates

These messages were added to the system message guide:

Error Message    ETHCNTR-3-LOOP_BACK_DETECTED: Loop-back detected on [chars]. 

Explanation    A loopback condition might be the result of a balun cable incorrectly connected to a port. [chars] is the interface name.

Recommended Action    Check the cables. If a balun cable is connected and the loopback condition is desired, no action is required. Otherwise, connect the correct cable, and then enable the port.

Error Message    DOT1X-5-ERR_INVALID_AAA_MANDATORY_AV: Received unknown mandatory AV: 
[chars]=[chars] 

Explanation    During authentication, authorization, and accounting (AAA) authorization, the switch received an unexpected mandatory Attribute-Value (AV) pair. The first [chars] is the AV pair name, and the second [chars] is the type of packet.

Recommended Action    Check the RADIUS server configuration and ensure that the switch does not send the AV pair to the RADIUS server as part of the user profile information.

Error Message    HARDWARE-2-FAN_ERROR: Fan [chars] Failure

Explanation    The switch fan is not working. [chars] is the fan name.

Recommended Action    This is a hardware failure. The fan might recover automatically. If the fan failure persists, copy the message exactly as it appears on the console or in the system log. Research and attempt to resolve the error by using the Output Interpreter. Use the Bug Toolkit to look for similar reported problems.If you still require assistance, contact Cisco technical support and provide the representative with the gathered information. For more information about the online tools and about contacting Cisco, see the "Error Message Traceback Reports" section in the "System Message Overview" chapter.

Error Message    RADIUS-3-NOACCOUNTINGRESPONSE: Accounting message [chars] for session 
[chars] failed to receive Accounting Response. 

Recommended Action    The RADIUS server has not responded after the maximum number of retransmissions. The first [chars] is the type of accounting message, and the second [chars] is the accounting session identifier.

Explanation    Make sure that there is network connectivity between the switch and the RADIUS server and that the server is running.

Error Message    SPANTREE-7-PORTDEL_SUCCESS: [chars] deleted from Vlan [dec] 

Explanation    The interface has been deleted from specified VLAN. [chars] is the interface, and [dec] is the VLAN ID.

Recommended Action    No action is required.

Related Documentation

In addition to this document, the following related documentation comes with the switch modules:

Cisco Systems Intelligent Gigabit Ethernet Switch Modules for the IBM BladeCenter Software Configuration Guide

This Cisco document is in PDF format on the IBM BladeCenter Documentation CD. It has software configuration information for the switch modules. It provides:

Configuration instructions

Information about features

Information about getting help

Guidance for planning, implementing, and administering LAN operating system software

Usage examples

Troubleshooting information

Cisco Systems Intelligent Gigabit Ethernet Switch Modules for the IBM BladeCenter System Command Reference

This document is in PDF format on the IBM BladeCenter Documentation CD. It includes:

Command-line interface (CLI) modes

CLI commands and examples

Syntax description

Defaults

Command history

Usage guidelines

Related commands

Cisco Systems Intelligent Gigabit Ethernet Switch Modules for the IBM BladeCenter System Message Guide

This document is in PDF format on the IBM BladeCenter Documentation CD. It has information about the switch-specific system messages. During operation, the system software sends these messages to the console or logging server on another system. Not all system messages indicate problems with the system. Some messages are informational, while others can help diagnose problems with communication lines, internal hardware, or the system software. This document also includes error messages that display when the system fails.

Cisco Systems Intelligent Gigabit Ethernet Switch Module for the IBM BladeCenter Installation Guide

Cisco Systems Intelligent Gb Fiber Ethernet Switch Module for the IBM BladeCenter Installation Guide

These documents contain installation and configuration instructions for the modules. They also provide general information about your module, including warranty information, and how to get help. These documents are also on the IBM BladeCenter Documentation CD.

BladeCenter Type 8677 Installation and User's Guide

This document is in PDF format on the IBM BladeCenter Documentation CD. It contains general information about your BladeCenter unit, including:

Information about features

How to set up, cable, and start the BladeCenter unit

How to install options on the BladeCenter unit

How to configure the BladeCenter unit

How to perform basic troubleshooting of the BladeCenter unit

How to get help

BladeCenter Management Module User's Guide

This document is in PDF format on the IBM BladeCenter Documentation CD. It provides general information about the management module, including:

Information about features

How to start the management module

How to install the management module

How to configure and use the management module

BladeCenter HS20 Installation and User's Guide (for each blade server type)

These documents are in PDF format on the IBM BladeCenter Documentation CD. Each provides general information about a blade server, including:

Information about features

How to set up and start your blade server

How to install options on your blade server

How to configure your blade server

How to install an operating system on your blade server

How to perform basic troubleshooting of your blade server

How to get help

Cisco IOS Release 12.1 documentation at
http://www.cisco.com/en/US/products/sw/iosswrel/ps1831/tsd_products_support_series_home.html

For information about related products, see this document:

Cisco Small Form-Factor Pluggable Modules Installation Notes

Getting Help and Technical Assistance

If you need help, service, or technical assistance or just want more information about IBM products, you will find a wide variety of sources available from IBM to assist you. This appendix contains information about where to go for additional information about IBM and IBM products, what to do if you experience a problem with your BladeCenter system, and whom to call for service, if it is necessary.

Before You Call

Before you call, make sure that you have taken these steps to try to solve the problem yourself:

Check all cables to make sure that they are connected.

Check the power switches to make sure that the system is turned on.

Use the troubleshooting information in your system documentation, and use the diagnostic tools that come with your system. Information about diagnostic tools is in the Hardware Maintenance Manual and Troubleshooting Guide on the IBM BladeCenter Documentation CD or at the IBM Support Web site.

Go to the IBM Support Web site at this URL to check for technical information, hints, tips, and new device drivers:

http://www-304.ibm.com/jct01004c/systems/support/

You can solve many problems without outside assistance by following the troubleshooting procedures that IBM provides in the online help or in the publications that are provided with your system and software. The information that comes with your system also describes the diagnostic tests that you can perform. Most xSeries and IntelliStation® systems, operating systems, and programs come with information that contains troubleshooting procedures and explanations of error messages and error codes. If you suspect a software problem, see the information for the operating system or program.

Using the Documentation

Information about your IBM BladeCenter, xSeries, or IntelliStation system and preinstalled software, if any, is available in the documentation that comes with your system. That documentation includes printed books, online books, readme files, and help files. See the troubleshooting information in your system documentation for instructions for using the diagnostic programs. The troubleshooting information or the diagnostic programs might tell you that you need additional or updated device drivers or other software. IBM maintains pages on the World Wide Web where you can get the latest technical information and download device drivers and updates. To access these pages, go to this URL:

http://www-304.ibm.com/jct01004c/systems/support/

Also, you can order publications through the IBM Publications Ordering System at this URL:

http://www.ibm.com/shop/publications/order/

Getting Help and Information from the World Wide Web

On the World Wide Web, the IBM Web site has up-to-date information about IBM BladeCenter, xSeries, and IntelliStation products, services, and support. The address for IBM BladeCenter and xSeries information is http://www.ibm.com/xseries/. The address for IBM IntelliStation information is http://www.ibm.com/pc/intellistation/

You can find service information for your IBM products, including supported options, at

http://www-304.ibm.com/jct01004c/systems/support/

Software Service and Support

Through IBM Support Line, you can get telephone assistance, for a fee, with usage, configuration, and software problems with BladeCenter and xSeries servers, IntelliStation workstations, and appliances. For information about which products are supported by Support Line in your country or region, go to http://www.ibm.com/services/sl/products/.

For more information about Support Line and other IBM services, go to http://www.ibm.com/services/, or go to http://www.ibm.com/planetwide/ for support telephone numbers. In the U.S. and Canada, call 1-800-IBM-SERV (1-800-426-7378).

Hardware Service and Support

You can receive hardware service through IBM Integrated Technology Services or through your IBM reseller, if your reseller is authorized by IBM to provide warranty service. Go to http://www.ibm.com/planetwide/ for support telephone numbers, or in the U.S. and Canada, call 1-800-IBM-SERV (1-800-426-7378).

In the U.S. and Canada, hardware service and support is available 24 hours a day, 7 days a week. In the U.K., these services are available Monday through Friday, from 9 a.m. to 6 p.m.

Notices

This information was developed for products and services offered in the U.S.A.

IBM may not offer the products, services, or features discussed in this document in other countries. Consult your local IBM representative for information on the products and services currently available in your area. Any reference to an IBM product, program, or service is not intended to state or imply that only that IBM product, program, or service may be used. Any functionally equivalent product, program, or service that does not infringe any IBM intellectual property right may be used instead. However, it is the user's responsibility to evaluate and verify the operation of any non-IBM product, program, or service.

IBM may have patents or pending patent applications covering subject matter described in this document. The furnishing of this document does not give you any license to these patents. You can send license inquiries, in writing, to:

IBM Director of Licensing
IBM Corporation
North Castle Drive
Armonk, NY 10504-1785
U.S.A.

INTERNATIONAL BUSINESS MACHINES CORPORATION PROVIDES THIS PUBLICATION "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF NON-INFRINGEMENT, MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Some states do not allow disclaimer of express or implied warranties in certain transactions, therefore, this statement may not apply to you.

This information could include technical inaccuracies or typographical errors. Changes are periodically made to the information herein; these changes will be incorporated in new editions of the publication. IBM may make improvements and/or changes in the product(s) and/or the program(s) described in this publication at any time without notice.

Any references in this information to non-IBM Web sites are provided for convenience only and do not in any manner serve as an endorsement of those Web sites. The materials at those Web sites are not part of the materials for this IBM product, and use of those Web sites is at your own risk.

IBM may use or distribute any of the information you supply in any way it believes appropriate without incurring any obligation to you.

Edition Notice

© Copyright International Business Machines Corporation 2007. All rights reserved.

U.S. Government Users Restricted Rights — Use, duplication, or disclosure restricted by GSA ADP Schedule Contract with IBM Corp.

Trademarks

The following terms are trademarks of International Business Machines Corporation in the United States, other countries, or both:

Active Memory
Predictive Failure Analysis

Active PCI

PS/2

Active PCI-X

ServeRAID

Alert on LAN

ServerGuide

BladeCenter

ServerProven

C2T Interconnect

TechConnect

Chipkill

ThinkPad

EtherJet

Tivoli

e-business logo

Tivoli Enterprise

<eserver>Eserver

Update Connector

FlashCopy

Wake on LAN

IBM

XA-32

IBM (logo)

XA-64

IntelliStation

X-Architecture

NetBAY

XceL4

Netfinity

XpandOnDemand

NetView

xSeries

OS/2 WARP

 

Cisco, Cisco IOS, Cisco Systems, the Cisco Systems logo, Catalyst, EtherChannel, IOS, IP/TV, Packet, and SwitchProbe are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the United States and certain other countries.

Intel, MMX, and Pentium are trademarks of Intel Corporation in the United States, other countries, or both.

Microsoft, Windows, and Windows NT are trademarks of Microsoft Corporation in the United States, other countries, or both.

Red Hat, the Red Hat "Shadow Man" logo, and all Red Hat-based trademarks and logos are trademarks or registered trademarks of Red Hat, Inc., in the United States and other countries.

UNIX is a registered trademark of The Open Group in the United States and other countries.

Java and all Java-based trademarks and logos are trademarks or registered trademarks of Sun Microsystems, Inc. in the United States, other countries, or both.

Other company, product, or service names may be trademarks or service marks of others.