This document describes the features, bugs, and limitations for Cisco Nexus 3000 Series and Cisco Nexus 3100 Series switches. Use this document in combination with documents listed in the Obtaining Documentation and Submitting a Service Request section.
Note: Starting with Cisco NX-OS Release 7.0(3)I2(1), the Cisco NX-OS image filename has changed to start with "nxos" instead of "n3000."
Table 1 shows the online change history for this document.
Table 1 Online History Change
Date |
Description |
October 18, 2017 |
Created NX-OS Release 7.0(3)I6(2) release notes. |
March 9, 2018 |
Added a limitation for IGMP snooping. |
November 17, 2018 |
Replaced instances of Cisco NX-OS Release 6.0(2)U6(2) and 6.0(2)U6(3) with Cisco NX-OS Release 6.0(2)U6(2a) and 6.0(2)U6(3a). |
Upgrade and Downgrade Guidelines
Obtaining Documentation and Submitting a Service Request
Several new hardware and software features are introduced for the Cisco Nexus 3000 Series and Cisco Nexus 3100 Series devices to improve the performance, scalability, and management of the product line. Cisco NX-OS Release 7.x also supports all hardware and software supported in Cisco NX-OS Release 6.x, Cisco NX-OS Release 5.1, and Cisco NX-OS Release 5.0.
Cisco NX-OS offers the following benefits:
■ Cisco NX-OS runs on all Cisco data center switch platforms: Cisco Nexus 9000, Nexus 7000, Nexus 5000, Nexus 4000, Nexus 3000, Nexus 2000, and Nexus 1000V Series switches.
■ Cisco NX-OS software interoperates with Cisco products that run any variant of Cisco IOS software and also with any networking operating system that conforms to common networking standards.
■ Cisco NX-OS modular processes are triggered on demand, each in a separate protected memory space. Processes are started and system resources are allocated only when a feature is enabled. The modular processes are governed by a real-time preemptive scheduler that helps ensure timely processing of critical functions.
■ Cisco NX-OS provides a programmatic XML interface that is based on the NETCONF industry standard. The Cisco NX-OS XML interface provides a consistent API for devices. Cisco NX-OS also provides support for Simple Network Management Protocol (SNMP) Versions 1, 2, and 3 MIBs.
■ Cisco NX-OS enables administrators to limit access to switch operations by assigning roles to users. Administrators can customize access and restrict it to the users who require it.
This section includes the following:
■ Cisco Nexus 3000 Series Switches
■ Cisco Nexus 3100 Series Switches
The Cisco Nexus 3000 Series switches are high-performance, high-density, ultra-low-latency Ethernet switches that provide line-rate Layer 2 and Layer 3 switching. The Cisco Nexus 3000 Series includes the following switches:
■ The Cisco Nexus 3064 switch is a 1 RU switch that supports 48 1- or 10-Gigabit downlink ports, four Quad Small Form-Factor Pluggable (QSFP+) ports that can be used as a 40 Gigabit Ethernet port or 4 x10-Gigabit Ethernet ports, one 10/100/1000 management port, and one console port.
■ The Cisco Nexus 3048 switch is a 1 rack unit (RU) switch that supports 48 10/100/1000 Ethernet server-facing (downlink) ports, four 10-Gigabit network-facing (uplink) ports, one 100/1000 management port, and one console port.
■ The Cisco Nexus 3016 is a 1 RU, 16-port QSFP+ switch. Each QSFP+ port can be used as a 40-Gigabit Ethernet port or 4 x10-Gigabit Ethernet ports.
Each switch includes one or two power supply units and one fan tray module, and each switch can be ordered with either forward (port-side exhaust) airflow or reverse (port-side intake) airflow for cooling. All platforms support both AC and DC power supplies. All combinations of power (AC/DC) and airflow (forward/reverse) are available. The Cisco Nexus 3000 Series switches run the Cisco NX-OS software.
For information about the Cisco Nexus 3000 Series, see the Cisco Nexus 3000 Series Hardware Installation Guide.
The Cisco Nexus 3100 Series switches are high-performance, high-density, ultra-low-latency Ethernet switches that provide line-rate Layer 2 and Layer 3 switching. In Cisco NX-OS Release 7.0(3)I6(2), the Cisco Nexus 3100 Series includes the Cisco Nexus 3132, Nexus 3172, Nexus 3132Q-V, Nexus N31108PC-V, Nexus N31108TC-V, Nexus C3264Q-S, and Nexus C3232C switches.
The Cisco Nexus 3172PQ switch is a 10-Gbps Enhanced Small Form-Factor Pluggable (SFP+)–based ToR switch with 48 SFP+ ports and 6 Enhanced Quad SFP+ (QSFP+) ports.
The Cisco Nexus 3172TQ switch is a 10GBASE-T switch with 48 10GBASE-T ports and 6 Quad SFP+ (QSFP+) ports.
Each SFP+ port can operate in 100-Mbps, 1-Gbps, or 10-Gbps mode, and each QSFP+ port can operate in native 40-Gbps or 4 x 10-Gbps mode. This switch is a true physical-layer-free (phy-less) switch that is optimized for low latency and low power consumption.
The Cisco Nexus 3132Q switch is a 1RU, 40-Gbps QSFP-based switch that supports 32 fixed 40-Gbps QSFP+ ports. It also has 4 SFP+ ports that can be internally multiplexed with the first QSFP port. Each QSFP+ port can operate in the default 40-Gbps mode or 4 x 10-Gbps mode, up to a maximum of 104 10-Gbps ports.
Each switch includes dual redundant power supply units, four redundant fans, one 10/100/1000 management port, and one console port. Each switch can be ordered with either forward (port-side exhaust) airflow or reverse (port-side intake) airflow for cooling. It supports both AC and DC power supplies. All combinations of power (AC/DC) and airflow (forward/reverse) are available. The Cisco Nexus 3100 Series switches run the Cisco NX-OS software.
For information about the Cisco Nexus 3100 Series, see the Cisco Nexus 3000 Series Hardware Installation Guide.
This section includes the following topics:
■ Twinax Cable Support on Cisco Nexus 3000 Switches
■ Cisco QSFP 40-Gbps Bidirectional Short-Reach Transceiver
The Cisco NX-OS Release 7.0(3)I6(2) software requires 1 GB of flash memory.
Cisco NX-OS Release 7.0(3)I6(2) supports the Cisco Nexus 3000 Series switches. You can find detailed information about supported hardware in the Cisco Nexus 3000 Series Hardware Installation Guide. See Table 2 for the hardware supported by the Cisco NX-OS Release 7.x software.
Table 2 Hardware Supported by Cisco NX-OS Related 7.x Software.
Hardware |
Part Number |
Cisco Nexus 3132Q-X switch |
N3K-C3132Q-40GX |
Cisco Nexus C3172TQ-XL switch |
N3K-C3172TQ-XL |
Cisco Nexus C3172PQ-XL switch |
N3K-C3172PQ-XL |
Cisco Nexus C3132Q-XL switch |
N3K-C3132Q-XL |
Cisco Nexus 3172TQ switch |
N3K-C3172TQ-10GT |
Cisco Nexus 3172PQ switch |
N3K-C3172PQ-10GE |
Cisco Nexus 3132Q-V switch |
N3k-C3132Q-V |
Cisco Nexus 3132Q switch |
N3K-C3132Q-40GE |
Cisco Nexus 31108TC-V |
N3K-C31108TC-V |
Cisco Nexus 31108PC-V switch |
N3K-C31108PC-V |
Cisco Nexus 3064-X switch |
N3K-C3064PQ-10GX |
Cisco Nexus 3064-X reversed airflow (port-side intake) AC power supply |
N3K-C3064-X-BA-L3 |
Cisco Nexus 3064-X forward airflow (port-side intake) DC power supply |
N3K-C3064-X-BD-L3 |
Cisco Nexus 3064-X forward airflow (port-side exhaust) DC power supply |
N3K-C3064-X-FD-L3 |
Cisco Nexus 3064-X forward airflow (port-side exhaust) AC power supply |
N3K-C3064-X-FA-L3 |
Cisco Nexus 3064-TQ switch |
N3K-C3064TQ-10GT |
Cisco Nexus 3064-T 500W reverse airflow (port-side intake) AC power supply |
NXA-PAC-500W-B |
Cisco Nexus 3064-T 500W forward airflow (port-side exhaust) AC power supply |
NXA-PAC-500W |
Cisco Nexus 3064-E switch |
N3K-C3064PQ-10GE |
Cisco Nexus 3064 switch |
N3K-C3064PQ |
Cisco Nexus 3064 fan module with reverse airflow (port-side intake); also used in the Cisco Nexus 3016 |
N3K-C3064-FAN-B |
Cisco Nexus 3064 fan module with forward airflow (port-side exhaust); also used in the Cisco Nexus 3016 |
N3K-C3064-FAN |
Cisco Nexus 3048 switch |
N3K-C3048TP-1GE |
Cisco Nexus 3048 fan module with reverse airflow (port-side intake) |
N3K-C3048-FAN-B |
Cisco Nexus 3048 fan module with forward airflow (port-side exhaust) |
N3K-C3048-FAN |
Cisco Nexus 3016 switch |
N3K-C3016Q-40GE |
Cisco Nexus 3000 power supply with reverse airflow (port-side intake) |
N2200-PAC-400W-B |
Cisco Nexus 3000 power supply with forward airflow (port-side exhaust) |
N2200-PAC-400W |
Cisco Nexus 2000 power supply with forward airflow (port-side exhaust) |
N2200-PDC-400W |
Cisco Nexus 2000 DC power supply with reverse airflow (port-side intake) |
N3K-PDC-350W-B |
Starting with Cisco Release NX-OS 5.0(3)U1(1), the following algorithm is used to detect copper SFP+ twinax, QSFP+ twinax, and QSFP+ splitter cables on Cisco Nexus 3000 Series switches.
If the attached interconnect (transceiver) is a copper SFP+ twinax or QSFP+ twinax cable:
■ Verify the transceiver SPROM to match the Cisco magic code.
■ If the check succeeds, bring up the interface. Otherwise, print the following warning message appears stating that a non-Cisco transceiver is attached and that you should try to bring up the port.
2009 Oct 9 01:46:42 switch %ETHPORT-3-IF_NON-CISCO_TRANSCEIVER: Non-Cisco transceiver on interface Ethernet1/18 is detected.
If the attached transceiver is a QSFP+ splitter cable, then no special check is performed. The Cisco NX-OS software tries to bring up the port.
The following disclaimer applies to non-Cisco manufactured and non-Cisco certified QSFP copper splitter cables:
If a customer has a valid support contract for Cisco Nexus switches, Cisco TAC will support twinax cables that are a part of the compatibility matrix for the respective switches. However, if the twinax cables are not purchased through Cisco, a customer cannot return these cables through an RMA to Cisco for replacement.
If a twinax cable that is not part of the compatibility matrix is connected into a system, Cisco TAC will still debug the problem, provided the customer has a valid support contract on the switches. However TAC may ask the customer to replace the cables with Cisco qualified cables if there is a situation that points to the cables possibly being faulty or direct the customer to the cable provider for support. Cisco TAC cannot issue an RMA against uncertified cables for replacement.
The Cisco QSFP 40-Gbps Bidirectional (BiDi) transceiver is a short-reach pluggable optical transceiver with a duplex LC connector for 40-GbE short-reach data communications and interconnect applications by using multimode fiber (MMF). The Cisco QSFP 40-Gbps BiDi transceiver offers a solution that uses existing duplex MMF infrastructure for 40-GbE connectivity. With the Cisco QSFP 40-Gbps BiDi transceiver, customers can upgrade their network from 10-GbE to 40-GbE without incurring any fiber infrastructure upgrade cost. The Cisco QSFP 40-Gbps BiDi transceiver can enable 40-GbE connectivity in a range of up to 100 meters over OM3 fiber, which meets most data center reach requirements. It complies with the Multiple Source Agreement (MSA) QSFP specification and enables customers to use it on all Cisco QSFP 40-Gbps platforms and achieve high density in a 40-GbE network. It can be used in data centers, high-performance computing (HPC) networks, enterprise and distribution layers, and service provider transport applications.
This section lists the new and changed information in Release 7.0(3)I6(2):
Cisco NX-OS Release 7.0(3)I6(2) does not support any new hardware.
Cisco NX-OS Release 7.0(3)I6(2) does not include any new software features:
The open and resolved bugs and the known behaviors for this release are accessible through the Cisco Bug Search Tool. This web-based tool provides you with access to the Cisco bug tracking system, which maintains information about bugs and vulnerabilities in this product and other Cisco hardware and software products.
Note: You must have a Cisco.com account to log in and access the Cisco Bug Search Tool. if you do not have one, you can register for an account.
For more information about the Cisco Bug Search Tool, see the Bug Search Tool Help & FAQ.
■ Resolved Bugs for this Release
■ Known Behaviors for this Release
Table 3 lists descriptions of resolved bugs in Cisco NX-OS Release 7.0(3)I6(2). You can use the record ID to search the Cisco Bug Search Tool for details about the bug.
Table 3 Cisco NX-OS Release 7.0(3)I6(2) — Resolved Bugs
Record Number |
Description |
Dynamic port Breakout Support for POAP on Cisco Nexus 3000 platforms running in N3K mode. |
|
When gratuitous ARP is received from a host, a Cisco Nexus 3000 Switch HSRP Virtual IP address may not respond to ICMP echo request from the host. |
|
Cisco Nexus 3100 Switches does not support RSPAN VLANs. However, the CLI allows to configure an RSPAN VLAN. |
|
Serial Number (S/N) for power supply is not updated after replacement. However, there is no functional impact. |
|
On Cisco Nexus 31128 Switches, the SVI counters does not increment even after carving TCAM for SVI statistics. |
|
On a Cisco Nexus C3172TQ Switch running 6.0(2)U5(2), 7.0(3)I2(3), and/or 7.0(3)I4(4) images, the right side LED of the mgmt0 interface always remains green without cable. |
|
The ssh command in the local management shell on Cisco Nexus 3000 Series Switches allows users to manipulate arguments passed to ssh in the command line. |
|
Cisco Nexus 3232C Switches running 7.0(3)I6(1) image may experience NAT flows packet loss with atomic update enabled while new dynamic NAT entries are being created. |
|
Cisco Nexus 3100 Switch may unexpectedly reload after upgrading to 703I4(5) due to a dhcp_snoop hap reset. |
|
Cisco Nexus 3048 switch does not boot when a USB flash memory device is inserted. |
|
Layer 2 connectivity cannot be established between two hosts connected on same VLAN on a same Cisco Nexus 3000 Switch or via other switches on the same VLAN because of CoPP IP ACLs missing on the running configuration. |
|
Policy Based Routing redirects packets which punt to CPU. |
|
Show inventory and Show environment, lists wrong FAN PID on Cisco Nexus 3000 Switches. |
|
vlan_mgr crashes after a PO Config/unconfig and show startup command, or show run diff or show startup interface commands. This is seen in on Cisco Nexus 3000 Switches running 7.0(3)I6(1) image. |
|
Power Supply Unit fans on Cisco Nexus 3000 Switch fails after an upgrade to 7.0(3)I4(5) |
|
There is a change in show queuing interface command syntax on Cisco Nexus 3000 and Cisco Nexus 3100 Switches, after an upgrade from 6.0(2)U6(x) to 7.0(3)I(x). |
|
The show policy-map interface command on Cisco Nexus 3000 switches does not show drop counters for best effort and default queue, while show queuing interface command shows the drop counters. |
|
Layer 2 multicast traffic drops when egressing port sending routed multicast traffic. |
|
Process PTP crashes on Cisco Nexus 3000 switches. |
|
Cisco Nexus 3132Q Switch running 703I4(7) version of code returns incorrect SNMP sysObjectID. |
Table 4 lists descriptions of open bugs in Cisco NX-OS Release 7.0(3)I6(2). You can use the record ID to search the Cisco Bug Search Tool for details about the bug.
Table 4 Cisco NX-OS Release 7.0(3)I6(2) —Open Bugs
Record Number |
Description |
Static MAC addresses pointing to a vPC PO are flushed and traffic flooding is seen when the vPC PO is made shut. |
|
After running no shut on the vPC peer-link, some packet duplication occurs for all the sourced multicast groups. |
|
VRRPv3 tracking support to be added. |
|
When ALPM is enabled on vPC devices, inconsistency is detected between the hardware and software MAC table on both vPC nodes after learning more than 32K MAC addresses. In ALPM mode, the supported MAC table limit is 32K. MAC tables on both vPC devices go out of sync. |
|
When the IPV6alpmCarveValue attribute is configured from REST API, in combination with other configurations such as "routingMode" attribute, the configuration takes effect in the DME config. However it is not applied in the running config. |
Table 5 lists descriptions of known behaviors in Cisco NX-OS Release 7.0(3)I6(2). You can use the record ID to search the Cisco Bug Search Tool for details about the bug
Table 5 Cisco NX-OS Release 7.0(3)I6(2) —Known Behaviors
Record Number |
Description |
On the Cisco Nexus 3000 DME enabled platform, the GLC-T 1G interface allows configuring 10G speed since the speed command is handled through DME and there is absolutely no functional issue. |
|
From Cisco Nexus 3000 release 7.0(3)I4(2) onwards, there is a minor issue on differences between startup and running SNMP configurations after ASCII replay is done. |
|
Rollback checkpoint fails when the checkpoint configuration has a peer-gateway configuration under VPC domain. |
|
For the MPLS label imposition, the show mpls switching command does not show correct out-label if the next-hop is SR-RNH. |
|
For the MPLS label imposition, ECMP is not programmed if next-hops are a mix of RNH and CNH. |
|
For the MPLS label imposition, contention between prefixes learned via label imposition and SR BGP. |
|
Default-Mgmt VRF route Leak: Strict compatibility check is missing. |
|
When IGMP report is received from only one NVE peer on an NVE interface, access to network traffic is replicated to all NVE peers even when those peers are not sending any IGMP join requests. |
|
When IGMP snooping is enabled, the NVE interface is added by default as a static mrouter port. This causes traffic to be received on all the remote VTEPs. |
|
MPLS label imposition statistics are not displayed correctly. |
|
Due to an IGMP enhancement, the display for show ip igmp snooping command is changed. |
|
When the ethanalayzer is used to monitor the packets for more than 30 minutes, a syslog is generated to indicate the system temporary directory (\tmp) usage is full. |
|
python/yum crashes when /tmp is full. |
|
When a unicast ARP request packet for Virtual IP gets hashed to HSRP secondary, HSRP secondary should send the packet to active. However, in addition to this, the packet is also being flooded in the VLAN. |
|
A BGP session flap is seen after a reboot/fast-reload on QI/Nep platforms. |
|
In a vPC scenario where one peer is upgraded to 7.0(3)I2 and another peer is still running 6.0(2)U6: If on one peer, a vPC peer link is configured to be part of an SVI interface but the other end is not configured to be part of the SVI, a type 2 inconsistency is reported in peer running 7.0(3)I2. The same is not reported in the peer running 6.0(2)U6 as this consistency check is specific to 7.0(3)I2 release only. |
|
HSRP standby device tunnels the packet to vPC peer. |
|
After invoking the clear fabric database host command, the profile remains applied on the secondary vPC switch. |
|
clear ip igmp snooping groups * vlan x does not clear IGMP groups learned on a vPC peer. |
|
The show interface transceiver command output for 40 G copper passive cables changed in release 7.0(3)I2(2). Earlier releases included an additional "(passive)” field. |
|
The L2 consistency check fails to detect inconsistency between hardware and software L2 entries for an HSRP virtual MAC. |
|
The show routing hash does not show the exact path for Routes over tunnel. |
|
OFA: of_agent memory leak during install scale flows. |
|
OFA: openflow configure gone after reload. |
|
Alibaba: loopack interface not down after nve shut. |
|
VRF static route should move to the bottom in show running. |
|
Bootup time of the box is high. |
|
For L3 interfaces, for RFC 5549 traffic (advertising v4 routes over v6 interface/neighbors), even if the egress interface is not v4-aware, the traffic will still be forwarded and not dropped. |
|
PTP Corrections values are higher than expected. |
|
Counter is not showing CRC error packets in egress direction. |
|
VPC: Auto-pulled hosts are out of sync among peers. |
|
ISSU is blocked for upgrade. |
|
L3 orphan ports on a vPC setup may get duplicate traffic, which is avoidable with some changes in config. |
|
After configuring Dynamic Arp Inspection, the switch drops the invalid ARP request packets with target protocol address 0.0.0.0 as expected. But statistics for these drop packets are not shown in the show ip arp inspection statistics vlan CLI. These are reflected in the show ip arp statistics CLI. |
|
Block non-disruptive ISSU if SDK firmware changed. |
|
TFTP image download fails as ARP to gateway fails in loader prompt. |
|
Service impacting upgrade/downgrade as it is a ToR switch. |
|
Management IP address is not reachable from the kickstart boot prompt (also known as recovery prompt). |
|
N3K-C3132Q-40G-SUP: interface port LED's are flapped during an ISSU. |
|
Tx span is unsupported while configuring vlan interface as source. |
|
Automatic ARP resolution does not happen for IR peers in VPC setup in specific scenarios. |
|
N3K_IMR4: XCVR Wavesplitter type is shown as "unknown" type. |
|
When configuring large access-list on a switch port (> 1533 entries with the default TCAM carving of 1536 entries for the region), the error message:"ERROR: Sufficient free entries are not available in TCAM bank" is seen. |
|
Feature bash-shell will get enabled on executing show tech install. Error will be seen on executing show tech install with network operator role. |
|
show run bgp all does not reliably nvgen allowas-in [occurrences]. |
|
copy r s is getting stuck at 97% on QI2CR-XL 16GB switch. |
|
When the setup script is executed after the system is up and interfaces are configured with non-default configs, the default interface layer and default switchport interface state set in the setup script will not affect those interfaces with non-default configuration. |
|
Hide Shrinkimage option from ISSU command if it is not supported. |
|
LED Status shown as incorrectly on QS. |
|
User is able to change the configuration on the vPC peer when the peer is going through ISSU in conditions where the user already in the config mode. |
|
VXLAN access and network ports have been added to the broadcast (BCAST) and multicast (MCAST) domains; this causes packets to flood on all VXLAN ports attached to the MCAST and BCAST domains, including the source port. However, packets are dropped on the egress of the source port. As a result, unknown unicast and broadcast traffic is incremented in the Out-Discard counter without affecting the Xmit-Err counter. |
|
If you attempt to copy an image with compact option through SCP with the image name similar to the one already present in the DUT (compacted one), the copying will fail in spite of enabling the deletion of the image using allow delete boot-image command. |
Large core files are split into 3 or more files. For example:
■ 1405964207_0x101_fwm_log.3679.tar.gzaa
■ 1405964207_0x101_fwm_log.3679.tar.gzab
■ 1405964207_0x101_fwm_log.3679.tar.gzac
To decode the multiple core files, first club the files to a single file:
$ cat 1405964207_0x101_fwm_log.3679.tar.gz* > 1405964207_0x101_fwm_log.3679.tar.gz
■ The only supported method of upgrading is install all from Release 6.0(2)U6(3) due to the need to upgrade the BIOS. Without the Release 7.0(3)I6(2) BIOS, the 7.0(3)I6(2) image will not load.
■ The no-save option is now required to downgrade from Release 7.x to Release 6.x. The bios-force is a hidden option that is only available on Cisco Nexus 3000 Series switches that are running 7.x releases.
■ Cisco Nexus 3000 Series switches that use software versions older than Cisco NX-OS Release 5.0(3)U5(1) need to be updated to Cisco NX-OS Release 5.0(3)U5(1) before they are upgraded to Cisco NX-OS Release 6.0(2).
■ Cisco NX-OS Release 5.0(3)U3(1) does not support a software upgrade from Cisco NX-OS Release 5.0(3)U2(2c). If you want to upgrade through this path, see CSCty75328 for details about how to work around this issue.
Note: It is recommended that you upgrade to Cisco NX-OS Release 7.0(3)I6(2) by using Cisco NX-OS install procedures.
■ In Cisco NX-OS Release 6.0(2)U2(2), the default interface name in LLDP MIB is in short form. To make it long form, you must set lldp portid-subtype to 1. In Cisco NX-OS Release 6.0(2)U2(3), this behavior was reversed. The default interface name in LLDP MIB is now in long form. To make it short form, you must set lldp portid-subtype to 0.
■ If you have set lldp port-subtype to 1 and you are upgrading to Cisco NX-OS Release 6.0(2)U2(4), ensure that you set lldp port-subtype to 0.
■ While performing a non-disruptive ISSU, VRRP and VRRPV3 will display the following messages:
¯ If VRRPV3 is enabled:
2015 Dec 29 20:41:44 MDP-N9K-6 %$ VDC-1 %$ %USER-0-SYSTEM_MSG: ISSU ERROR: Service "vrrpv3" has sent the following message: Feature vrrpv3 is configured. User can change vrrpv3 timers to 120 seconds or fine tune these timers based on upgrade time on all Vrrp Peers to avoid Vrrp State transitions. - sysmgr
¯ If VRRP is enabled:
2015 Dec 29 20:45:10 MDP-N9K-6 %$ VDC-1 %$ %USER-0-SYSTEM_MSG: ISSU ERROR: Service "vrrp-eng" has sent the following message: Feature vrrp is configured. User can change vrrp timers to 120 seconds or fine tune these timers based on upgrade time on all Vrrp Peers to avoid Vrrp State transitions. – sysmgr
■ An error occurs when you try to perform an ISSU if you changed the reserved VLAN without entering the copy running-config save-config and reload commands.
This section provides information on upgrading Cisco Nexus 3000 and 3100 Series switches to Cisco NX-OS Release 7.0(3)I6(2).
Note: Beginning with the 7.0(3)I2(1) release, kickstart and system images are no longer used to install the Cisco NX-OS software image on Cisco Nexus 3000 and 3100 Series switches. Instead, a single binary image is used (for example, nxos.7.0.3.I4.1.bin). To install the software, you would use the install all nxos bootflash:nxos.7.0.3.I4.1.bin command.
From |
To |
Limitations |
Recommended Procedure |
7.0(3)I2(1) or later |
7.0(3)I6(2) |
None |
install all is the recommended upgrade method supported. |
6.0(2)U6(3a)[1] |
7.0(3)I6(2) |
None |
install all is the only upgrade method supported because of a BIOS upgrade requirement. Warning: Make sure that you store the pre-Release, 6.0(2)U6(3)’s configuration file. For more information, see the Cisco Nexus 3000 Series NX-OS Software Upgrade and Downgrade Guide, Release 7.x. |
6.0(2)U6(2a)[2] or earlier |
7.0(3)I6(2) |
First, upgrade to Cisco NX-OS Release 6.0(2)U6(3a) or a later release. Note: A Cisco Nexus 3048 switch requires an additional step when you upgrade from a software version older than Cisco NX-OS 6.0(2)U6(2), otherwise the switch can fail to boot. You must first upgrade the switch to Cisco NX-OS Release 6.0(2)U6(2a), then to Cisco NX-OS Release 6.0(2)U6(3a), and finally to Cisco NX-OS Release 7.0(3)I6(1). |
install all is the only upgrade method supported because of a BIOS upgrade requirement. For more information, see the Cisco Nexus 3000 Series NX-OS Software Upgrade and Downgrade Guide, Release 7.x. |
The following are the known limitations for Cisco NX-OS Release 7.0(3)I6(2).
■ Subinterfaces cannot be used as network ports.
■ Cisco Nexus 3000-XL platforms do not support breakout using speed 10000 CLI command. Use the interface breakout module 1 port <num> map 10g-4x CLI command instead.
■ While installing the NXAPI https certificate that is present in the device, the following error message can appear if the user does not have the permission to install this certificate (See CSCup72219):
Certificate file read error.Please re-check permissions.
■ After configuring the NXAPI feature, the default http port (port 80) is still in the listening state even after we run the no nxapi http command. This results in the sandbox becoming accessible. Although the sandbox becomes accessible, HTTP requests from the sandbox to the device do not go through. Thus, the functionality is not affected. (See CSCup77051).
■ Chunking is enabled while displaying XML output for any CLI, and html tags (& lt; and & gt;) are displayed instead of < and > both on the sandbox and while running the Python script (See CSCup84801).
This is expected behavior. Each chunk should be in XML format for you to parse it and extract everything inside the <body> tag. This is done so that it can be later concatenated with similar output from all the chunks of the CLI XML output. After all the chunks are concatenated to get the complete XML output for the CLI, this complete XML output can be parsed for any parameter.
The following workaround is recommended to address this issue:
¯ Concatenate the <body> outputs from each chunk
¯ Replace all the html tags (& lt; and & gt;) with < and >
¯ Parse for any XML tag needed
■ If you use the write erase command, you cannot view the output for the show startup feature command. To view the startup configuration, you must then use the show startup-config command. This limitation will remain until you run the copy running-config startup-config command. After that, the show startup-config feature command will display the feature-only configuration output as expected (See CSCuq15638).
■ A Python traceback is seen while running the show xml command by using the Python shell. The exception type is httplib.IncompleteRead. This happens when you use Python scripts to leverage the NXAPI for retrieving switch data through XML or JSON. You should handle the exceptions in your Python scripts (See CSCuq19257).
■ While upgrading to a new release, when you create a checkpoint without running the setup script, the checkpoint file does not contain the copp-s-mpls class. After you run the write erase command and reload the switch, the copp-s-mpls class is created when the default configuration is applied. When a rollback is done to this checkpoint file, it detects a change in the CoPP policy and tries to delete all class-maps. Because you cannot delete static class-maps, this operation fails and, in turn, the rollback also fails.
This can also happen if you create a checkpoint, then create a new user-defined class and insert the new class before any other existing class (See CSCup56505).
The following workarounds are recommended to address this issue:
¯ Run setup after upgrading to a new release.
¯ Always insert the new classes at the end before a rollback.
■ When both the ip icmp-errors source and ip source intf icmp error commands are configured, then the command that is configured last takes effect.
Thereafter, if the last configured command is removed, the switch does not get configured with the command that was configured first.
■ Users who upgrade to 7.0(3)I6(2) need to run the set up script if they want to enable the MPLS static or the VRRpv3 feature.
■ The following Cisco Nexus 9000 features are not supported on the Cisco Nexus 3100 Series switches in N3K or N9K mode.
¯ FEX
¯ Network address translation (NAT)
¯ Multicast PIM Bidir
¯ Support for up to 4000 VLANs
¯ Port VLAN (PV) switching and routing support for VXLAN
¯ Auto-Config
¯ Port profiles
¯ Secure login enhancements:
§ Ability to block login attempts and enforce a quiet period
§ Ability to restrict the maximum login sessions per user
§ Ability to restrict the password length
§ Ability to prompt the user to enter a password after entering the username
§ Ability to hide the shared secret used for RADIUS or TACACS+ authentication or accounting
§ SHA256 hashing support for encrypted passwords
¯ SHA256 algorithm to verify operating system integrity
¯ Non-hierarchical routing mode
¯ NX-API REST
■ Link Level Flow Control (LLFC) is not supported on Cisco Nexus 3000 series and Cisco Nexus 3100 series switches.
■ You can disable IGMP snooping either globally or for a specific VLAN.
■ You cannot disable IGMP snooping on a PIM enabled SVIs. The warning message displayed is: IGMP snooping cannot be disabled on a PIM enabled SVIs. There are one or more VLANs with PIM enabled.
The Cisco Management Information Base (MIB) list includes Cisco proprietary MIBs and many other Internet Engineering Task Force (IETF) standard MIBs. These standard MIBs are defined in Requests for Comments (RFCs). To find specific MIB information, you must examine the Cisco proprietary MIB structure and related IETF-standard MIBs supported by the Cisco Nexus 3000 Series switch. The MIB Support List is available at the following FTP sites:
ftp://ftp.cisco.com/pub/mibs/supportlists/nexus3000/Nexus3000MIBSupportList.html
Documentation for the Cisco Nexus 3000 Series Switch is available at the following URL:
http://www.cisco.com/en/US/products/ps11541/tsd_products_support_series_home.html
There is no new documentation for this release.
To provide technical feedback on this document, or to report an error or omission, please send your comments to nexus3k-docfeedback@cisco.com. We appreciate your feedback.
For information on obtaining documentation, submitting a service request, and gathering additional information, see the monthly What’s New in Cisco Product Documentation, which also lists all new and revised Cisco technical documentation, at:
http://www.cisco.com/en/US/docs/general/whatsnew/whatsnew.html
Subscribe to the What’s New in Cisco Product Documentation as a Really Simple Syndication (RSS) feed and set content to be delivered directly to your desktop using a reader application. The RSS feeds are a free service and Cisco currently supports RSS version 2.0.
Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this URL: www.cisco.com/go/trademarks. Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1110R)
© 2017 Cisco Systems, Inc. All rights reserved.
Cisco NX-OS Release 6.0(2)U6(3) is no longer available for a software download through www.cisco.com. This software release has been replaced by Cisco NX-OS Release 6.0(2)U6(3a).
[2] Cisco NX-OS Release 6.0(2)U6(2) is no longer available for a software download through www.cisco.com. This software release has been replaced by Cisco NX-OS Release 6.0(2)U6(2a).