This document describes the features, caveats, and limitations for Cisco NX-OS Release 9.2(1) software for use on Cisco Nexus 3636C-R and 36180YC-R switches. Use this document in combination with documents listed in Related Documentation.
Table 1 shows the online change history for this document.
Table 1. Online History Change
Date |
Description |
January 31, 2019 |
Updated Open Caveats. |
December 14, 2018 |
Added Licensing Information. |
July 18, 2018 |
Created the release notes for Release 9.2(1). |
Resolved Caveats—Cisco NX-OS Release 9.2(1)
Upgrade Paths to Release 9.2(1)
Obtaining Documentation and Submitting a Service Request
Cisco NX-OS software is a data center-class operating system designed for performance, resiliency, scalability, manageability, and programmability at its foundation. The Cisco NX-OS software provides a robust and comprehensive feature set that meets the requirements of virtualization and automation in mission-critical data center environments. The modular design of the Cisco NX-OS operating system makes zero-impact operations a reality and enables exceptional operational flexibility.
The Cisco Nexus 3000 Series switches, which includes Cisco Nexus 3100, 3200, 3400, 3500, and 3600 platform switches, and Cisco Nexus 9300 and 9500 platform switches run on the same binary image, also called the “unified” image.
Cisco NX-OS Release 9.2(1) is the first release that adopts unified version numbering. As more platforms have been added, there is no need to have a “platform” designator as used in the past.
An example of a previous release number is: 7.0(3)I7(4). In this format, the ‘I’ is the platform designator.
Moving forward for the previously identified platforms, we will be adopting the simplified 3-letter versioning scheme. For example, (unified-release-major.major/minor..maintenance).
Note: In order to accommodate upgrade compatibility from an older software version that is expecting a platform designator, when the install all command is entered or the show install all impact command is entered, the version string appears as 9.2(1)I9(1). The “I9(1)” portion of the string can be safely ignored. It will later appear as 9.2(1).
Temporary licenses with an expiry date are available for evaluation and lab use purposes. They are strictly not allowed to be used in production. Please use a permanent or subscription license that has been purchased through Cisco for production purposes.
For more information, see the Cisco NX-OS Licensing Guide.
This section includes the following sections:
Table 2 lists the Cisco Nexus 3600 switch hardware that Cisco NX-OS Release 9.2(1) supports. For additional information about the supported hardware, see the Cisco Nexus 3600 NX-OS Mode Switch Hardware Installation Guide.
Table 2. Cisco Nexus 3600 Switch Hardware
Product ID |
Description |
N3K-C3636C-R |
The Cisco Nexus 3636C-R is a 1 rack unit (RU) switch with 36 100-Gigabit QSFP28 ports, 2 management ports, 1 console port, and 1 USB port. The switch supports both port-side exhaust and port-side intake airflow schemes. The switch has two power supplies, one for operations and the other for redundancy. Both power supplies must be either AC power supplies or DC power supplies. |
N3K-C36180YC-R
|
The Cisco Nexus 36180YC-R is a 1 rack unit (RU) switch with 48 1/10/25-Gigabit SFP ports and 6 40-Gigabit QSFP/100-Gigabit QSFP28 ports, 1 management port, 1 console port, and 1 USB port. The switch supports both port-side exhaust and port-side intake airflow schemes. The switch has two power supplies, one for operations and the other for redundancy. Both power supplies must be either AC power supplies or DC power supplies. |
See the Cisco Transceiver Modules Compatibility Information for a list of supported optical components.
This section lists the following topic:
■ New Hardware Features in Cisco NX-OS Release 9.2(1)
■ New Software Features in Cisco NX-OS Release 9.2(1)
Cisco NX-OS Release 9.2(1) supports the following new hardware:
■ There are no new hardware features in Cisco NX-OS Release 9.2(1).
Cisco NX-OS Release 9.2(1) includes the following new software features:
Fundamentals Features
■ show time-stamp running-config last-changed command—Displays the timestamp when the running configuration was last changed.
For more information, see the Cisco Nexus 3600 NX-OS Fundamentals Configuration Guide, Release 9.2(x).
■ Multicast VLAN Registration (MVR) updates—Enabling or disabling IGMP snooping on both vPC peers also enables the forwarding of IGMP queries from different MVR source VLANs into the same MVR receiver VLAN. The resulting IGMP queries may send out queries with different versions and query interval. For maintaining the behavior prior to Cisco NX-OS Release 7.0(3)I3(1), use the mvr suppress-query vlan command.
For more information, see the Cisco Nexus 3600 NX-OS Multicast Configuration Guide, Release 9.2(x).
Security Features
■ No Service Password-Recovery—Added the No Service Password-Recovery feature which disables the password recovery mechanism.
For more information, see the Cisco Nexus 3600 NX-OS Security Configuration Guide, Release 9.2(x).
System Management Features
■ PTP offload support added on the Cisco Nexus 96180C-R switch.
For more information, see the Cisco Nexus 3600 NX-OS System Management Configuration Guide, Release 9.2(x).
Upgrade and Downgrade Features
■ Optionality—Support added for modular package management. Cisco NX-OS software now provides the flexibility to add, remove, and upgrade the features selectively without changing the base NX-OS software.
For more information, see the Cisco Nexus 3600 NX-OS Upgrade and Downgrade Guide, Release 9.2(x).
VXLAN Features
■ VXLAN CLI Simplification—Support added for the reduction of CLI commands.
For more information, see the Cisco Nexus 3600 NX-OS VXLAN Configuration Guide, Release 9.2(x).
The following table lists the resolved bugs in Cisco NX-OS Release 9.2(1). You can use the bug ID to access the Cisco Bug Search Tool and see additional information about the bug.
Bug ID |
Description |
MVR knob to disable forwarding of IGMP queries |
|
VRRP3 fails when enabled as part of CR |
|
Evaluate Red Hat Linux CVE-2017-1000253 Vulnerability |
|
1G copper GLC-TE XCVR LED state is GREEN when link is not connected |
|
Packet tracer does not work |
|
N9000 SG-hash next-hop-based LB configuration missing after reload |
|
configure replace fails if macsec policy is associated with an interface |
|
Implement hardware profile command for dropping punt packets in controller environment |
|
After uninstalling feature-set mpls, the configuration replace feature fails. |
|
Evaluation of n9k-standalone-sw for CPU Side-Channel Information Disclosed |
|
Logs for breakout interfaces seen on a non-breakout port with no breakout configs |
|
100 GbE interface doesn't stop debounce timer after insert cable |
|
Show hardware internal errors improvements - show tech support |
|
Kernel loadable module for additional info on panic and Mammoth Signal Integrity PEX settings |
|
N9k -EX all interface counters stop incrementing |
|
Kernel panic triggered reload due to fast software PSU back-to-back access |
|
PSU: Total Power Available for additional modules displays Negative value |
|
DP:"sh inventory" and "sh env f d" NXA-FAN160CFM-F should be NXA-FAN160CFM-PE |
|
N95R: 7.0(3)F3.x is join/leave delay is slower than 7.0(3)F2.x |
|
(s,g) not timing out at decap even after data traffic stops. |
|
On SC reload the P40 reloads |
|
[NBM] CR fails for host-policy cli |
|
Packet drops on N9K when LACP peer delayed LACP PDU with C bit 1 |
|
With logging level nbm changed to 7, when creating a new SVI, the device is stuck in infinite reboot |
|
"no feature nv overlay" doesn't clean up all state in FM-E's |
|
Tunneling BFD packets on VXLAN is NOT working for T2 platforms |
|
Telnet stuck when Vlan SVI configured as NAT inside and physical interface as NAT outside |
|
Tahoe Nexus 93240 switch, 100gig link stays up when remote end in down state |
|
Redirected IP packet not forwarded to destination |
|
XLATE entry missing with > 1 FEX with same community VLAN host |
|
N9K to continue session w/ primary key on primary keychain when a peer is configured with mismatched key |
|
Account for cable type to choose FEC mode for 25G ports |
|
Elaborate and comprehensive status for each key configured under a keychain (primary and fallback) |
|
n9k LDAP fails to associate correct role when using search-map user profile attribute "memberOf" |
|
orib process still exists after disable relevant feature |
|
Dummy PIM neighbor 0.0.0.0 created after creating (S,G) entry when nbm is enabled |
|
nginx_f process core using NXAPI to remove large EVPN configuration |
|
NGMVPN and MRIB entries not cleaned up if Data/IGMP Traffic stopped after triggers |
|
OBFL no partitions mounted on eMMC device |
|
RACL CC doesn't catch label misprogramming on bdstatetable on Cisco ASIC based switches |
|
Generate syslog for repeated 2B Parity Error in MMU table |
|
Tahoe - same_if_uc Drop for ERSPAN Pk When Egress-Intf Is L2 and Same As Original Packet Ingress |
|
[N9K] Match Statements within route-map do not function as AND for table-map |
|
Tahoe: Packet drop issue after removing a L2VNI Gateway SVI on Nexus 9k |
|
When POAP is done, Maintenance mode profile configuration lost if switch reload |
|
Unable to make changes via configuration sync after upgrade |
|
interface stuck inactive after SFP plugged in |
|
Delete the *, G policy, OIF is not removed immediately (removed after 3 IGMP joins). |
The following table lists the open caveats in Cisco NX-OS Release 9.2(1). Click the bug ID to access the Cisco Bug Search Tool and see additional information about the bug.
Bug ID |
Description |
OTM URIB Assert Error on Boot |
|
Cisco Nexus 3000 Series switches take more than 10 secs to populate the S,G entry. |
|
After reload license is not checked out despite having "port-license acquire" cli under port. |
|
H-85: After range of VLAN delete/add, NGOAM session for couple of VLANs down-BGP IMET route missing |
|
Anycast prefix with label advertised diff areas is not seen as labelled prefix |
|
cevQSFPUnknown for QSFP-40/100-SRBD in entPhysicalVendorType in entPhysicalTable ENTITY-MIB |
|
linkFlapErrDisabled on back-to-back specific ports 19-22, 27-36 for ToR |
This section lists limitations related to Cisco NX-OS Release 9.2(1).
Interface Behavior Changes
■ Output format for the exec command CLI show vpc orphan-ports has changed from 7.0(3)F3(4) release to 9.2(1) release.
Programmability Behavior Changes
■ Release 9.2(1) brings in the new kernel and the new processes.
■ Interface counter statistics are grouped together in the XML/JSON output. The output for the show interface counters command in JSON format has changed.
■ NX-API does not support insecure HTTP by default.
■ NX-API does not support weak TLSv1 protocol by default.
Security Behavior Changes
■ Stronger ciphers are used in Release 9.2(1).
■ A new command, no service password-recovery is now supported.
■ Only one version out of v4 and v6 versions of the uRPF command can be configured on an interface. If one version is configured, all the mode changes must be done by the same version and another version is blocked on that interface.
This section lists limitations related to Cisco NX-OS Release 9.2(1).
■ IPv4 traffic might drop when only IPv6 uRPF is enabled on the interface. For more information, see CSCvh99632.
■ The PTP process restart and system switchover accumulates high corrections for a few seconds. For more information, see CSCvg49023.
■ The LDP neighbor might flap on switchover in a scaled setup with many interfaces. Increase the discovery hello hold time for MPLS under the MPLS LDP configuration. For more information, see CSCvg71349.
■ CoPP (Control Plane Policing) cannot be disabled. If you attempt to disable it, an error message appears. For more information, see CSCvi09329.
■ The skip CoPP policy option has been removed from the Cisco NX-OS initial setup utility because using it can impact the control plane of the network. For more information, see CSCvc44819.
■ On Cisco Nexus N3K-C3636C-R and N3K-C36180YC-R switches, auto-negotiation may not work when bringing up 100G links using QSFP-100G-CR4 cable. To work around this issue, you must hard-code the speed on all ports of the Cisco Nexus N3K-C3636C-R, on ports 49-64 of the Cisco Nexus N3K-C36180YC-R and disable auto-negotiation. For more information, see CSCvi82402.
See the following upgrade paths for upgrading from an earlier release to Release 9.2(1):
■ Release 7.0(3)F3(3) -> Release 7.0(3)F3(4) -> Release 9.2(1)
■ Release 7.0(3)F3(3c) -> Release 9.2(1)
■ Release 7.0(3)F3(4) -> Release 9.2(1)
Note: An upgrade from a release prior to 7.0(3)F3(3) to Release 9.2(1) is not supported. You must upgrade to either Release 7.0(3)F3(3), 7.0(3)F3(3c), or 7.0(3)F3(4) and then upgrade to Release 9.2(1).
The entire Cisco Nexus 3600 NX-OS documentation set is available at the following URL:
https://www.cisco.com/c/en/us/support/switches/nexus-3000-series-switches/tsd-products-support-series-home.html
The Cisco Nexus 3600 NX-OS Hardware Installation Guide is available at the following URL: https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus3600/hw/installation/guide/b_n3600_hardware_install_guide.html
The Cisco Nexus 3600 NX-OS Verified Scalability Guide is available at the following URL:
To provide technical feedback on this document, or to report an error or omission, please send your comments to nexus3k-docfeedback@cisco.com. We appreciate your feedback.
For information on obtaining documentation and gathering additional information, see the monthly What’s New in Cisco Product Documentation, which also lists all new and revised Cisco technical documentation, at:
http://www.cisco.com/en/US/docs/general/whatsnew/whatsnew.html
Open a service request online at:
https://tools.cisco.com/ServiceRequestTool/create/launch.do
Subscribe to the What’s New in Cisco Product Documentation as a Really Simple Syndication (RSS) feed and set content to be delivered directly to your desktop using a reader application. The RSS feeds are a free service and Cisco currently supports RSS version 2.0.
This product includes cryptographic software written by Eric Young (eay@cryptsoft.com). This product includes software developed by the OpenSSL Project for use in the OpenSSL Toolkit. (http://www.openssl.org/). This product includes software written by Tim Hudson (tjh@cryptsoft.com).
Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this URL: www.cisco.com/go/trademarks. Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1110R)
Cisco Nexus 3600 Series NX-OS Release Notes, Release 9.2(1)
© 2018 Cisco Systems, Inc. All rights reserved.