PDF(352.7 KB) View with Adobe Reader on a variety of devices
ePub(78.3 KB) View in various apps on iPhone, iPad, Android, Sony Reader, or Windows Phone
Mobi (Kindle)(95.3 KB) View on Kindle device or Kindle app on multiple devices
Updated:December 22, 2014
Bias-Free Language
The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
Cisco Nexus 9000 Series NX-OS Release Notes, Release 6.1(2)I3(3)
Publication Date: December 22, 2014 Current Release: Release 6.1(2)I3(3)
This document describes the features, caveats, and limitations for Cisco NX-OS Release 6.1(2)I3(3) software for use on the Cisco Nexus 9000 Series switches and the Cisco Nexus 3164Q switch. Use this document in combination with documents listed in Related Documentation.
Table 1 shows the online change history for this document.
Table 1 Online History Change
Date
Description
December 22, 2014
Created the release notes for Release 6.1(2)I3(3).
January 22, 2014
Corrected a statement about priority flow control support in the “Limitations” section.
Cisco NX-OS software is a data center-class operating system designed for performance, resiliency, scalability, manageability, and programmability at its foundation. The Cisco NX-OS software provides a robust and comprehensive feature set that meets the requirements of virtualization and automation in mission-critical data center environments. The modular design of the Cisco NX-OS operating system makes zero-impact operations a reality and enables exceptional operational flexibility.
The Cisco Nexus 9000 Series uses an enhanced version of Cisco NX-OS software with a single binary image that supports every switch in the series, which simplifies image management.
Cisco Nexus 9300 switch with 96 1-/10-Gigabit BASE-T ports and eight 40-Gigabit Ethernet QSPF ports (The 1-/10-Gigabit BASE-T ports also support a speed of 100 Megabits.)
40GBASE-LR4 QSFP 40G transceiver module for single mode fiber, 4 CWDM lanes in 1310-nm window muxed inside module, duplex LC connector, 10-km, 40G Ethernet rate only
QSFP-4x10G-AC7M
40GBASE-CR4 QSFP to four 10GBASE-CU SFP+ direct attach breakout cable assembly, 7 meter active
QSFP-4x10G-AC10M
40GBASE-CR4 QSFP to four 10GBASE-CU SFP+ direct attach breakout cable assembly, 10 meter active
QSFP-H40G-CU5M
40GBASE-CR4 QSFP direct-attach copper cable, 5 meter passive
QSFP-H40G-CU3M
40GBASE-CR4 QSFP direct-attach copper cable, 3 meter passive
QSFP-H40G-CU1M
40GBASE-CR4 QSFP direct-attach copper cable, 1 meter passive
QSFP-H40G-ACU7M
40GBASE-CR4 QSFP direct-attach copper cable, 7 meter active
QSFP-H40G-ACU10M
40GBASE-CR4 QSFP direct-attach copper cable, 10 meter active
SFP-10G-SR
10GBASE-SR SFP+ module
SFP-10G-LR
10GBASE-LR SFP+ module
SFP-H10GB-CU1M
10GBASE-CU SFP+ cable 1 meter
SFP-H10GB-CU3M
10GBASE-CU SFP+ cable 3 meter
SFP-H10GB-CU5M
10GBASE-CU SFP+ cable 5 meter
SFP-H10GB-ACU-7M
Active Twinax cable assembly, 7 meter
SFP-H10GB-ACU-10M
Active Twinax cable assembly, 10 meter
GLC-T
1000BASE-T SFP
GLC-SX-MM
GE SFP, LC connector SX transceiver
GLC-LH-SM
GE SFP, LC connector LX/LH transceiver
Note For the current release, if you are using the four 10G breakout cables with a Cisco Nexus 9000 Series switch, all ports on the I/O module must be set to breakout mode. A maximum of three l/O modules can be placed in breakout mode.
Supported FEX Modules
The following is a list of FEX modules the Cisco NX-OS Release 6.1(2)I3(3) supports with Cisco Nexus 9372PX and 9396PX switches:
Cisco Nexus 2224TP
Cisco Nexus 2232PP
Cisco Nexus 2232TM and 2232TM-E
Cisco Nexus 2248PQ
Cisco Nexus 2248TP and 2248TP-E
B22Dell
B22HP
New and Changed Information
This section lists the new and changed features in Release 6.1(2)I3(3), and includes the following topics:
New Hardware Features in Cisco NX-OS Release 6.1(2)I3(3)
Cisco NX-OS Release 6.1(2)|3(3) does not include new hardware.
New Software Features in Cisco NX-OS Release 6.1(2)I3(3)
Cisco NX-OS Release 6.1(2)I3(3) includes the new software features described in these sections for the Cisco Nexus 9000 Series switches and the Cisco Nexus 3164Q switch:
Cisco NX-OS to ACI Conversion - Added the ability to boot the ACI image from Cisco NX-OS mode (instead of from the loader> prompt) while converting a Cisco Nexus 9000 Series switch from Cisco NX-OS to ACI boot mode. For additional information, see the Cisco Nexus 9000 Series NX-OS Software Upgrade and Downgrade Guide.
Note The Cisco Nexus 3164Q switch operates only in Cisco NX-OS mode and cannot be converted to ACI boot mode.
Traceroute - Added source interface support. For additional information, see the Cisco Nexus 9000 Series NX-OS Troubleshooting Guide.
Subinterface support on port-channel interfaces.
Note Layer 3 port-channel subinterfaces are not supported with the following: multicast routing, router ACLs, QoS, policy-based routing (PBR), SPAN, and ERSPAN.
Installation Notes
Only one software image (called nx-os) is required to load the Cisco NX-OS operating system. This image runs on all Cisco Nexus 9000 Series switches and the Cisco Nexus 3164Q switch. For installation instructions, see the Cisco Nexus 9000 Series NX-OS Software Upgrade and Downgrade Guide.
Upgrade Instructions
To perform a software upgrade, follow the installation instructions in the Cisco Nexus 9000 Series NX-OS Software Upgrade and Downgrade Guide.
Downgrade Instructions
Disable the Guest Shell if you need to downgrade from Cisco NX-OS Release 6.1(2)I3(3) to an earlier release.
Note If you perform a software maintenance upgrade (SMU) and later upgrade your device to a new Cisco NX-OS software release, the new image will overwrite both the previous Cisco NX-OS release and the SMU package file.
Limitations
This section lists limitations related to Cisco NX-OS Release 6.1(2)I3(3).
Layer 3 routed traffic for missing Layer 2 adjacency information is not flooded back onto VLAN members of ingress units when the source MAC address of routed traffic is a non-VDC MAC address. This limitation is for hardware flood traffic and can occur when the SVI has a user-configured MAC address.
The neighbor-down fib-accelerate command is supported in a BGP-only environment.
The uplink module should not be removed from a Cisco Nexus 9300 Series switch that is running Cisco NX-OS Release 6.1(2)I3(3). The ports on the uplink module should be used only for uplinks.
The PortLoopback and BootupPortLoopback tests are not supported.
The ASIC Memory-NS test is applicable only for the N9K-X9564PX and N9K-X9564TX line cards.
Priority flow control (PFC) is supported on Cisco Nexus 9500 Series switches with the N9K-X9636PQ line card. It is not yet supported on Cisco Nexus 9300 Series switches and Cisco Nexus 9500 Series switches with the N9K-X9564PX or N9K-X9564TX line card.
If you configure the FEX with 100/full-duplex speed and you do not explicitly configure the neighboring device with 100/full-duplex speed, the data packet traffic does not pass properly even though the link appears to be “up.”
– no speed: Auto negotiates and advertises all speeds (only full duplex).
– speed 100: Does not auto negotiate; pause cannot be advertised. The peer must be set to not auto negotiate (only 100 Mbps full duplex is supported).
– speed 1000: Auto negotiates and advertises pause (advertises only for 1000 Mbps full duplex).
Eight QoS groups are supported only on modular platforms with the following Cisco Nexus 9500 Series line cards: N9K-X9636PQ, N9K-X9464PX, N9K-X9464TX, and N9K-X9432PQ.
Cisco NX-OS Release 6.1(2)I3(3) supports flooding for Microsoft Network Load Balancing (NLB) unicast mode on Cisco Nexus 9500 Series switches but not on Cisco Nexus 9300 Series switches. NLB is not supported in max-host system routing mode. NLB multicast mode is not supported on Cisco Nexus 9500 or 9300 Series switches.
Note To workaround the situation of Unicast NLB limitation, we can statically hard code the ARP and MAC address pointing to the correct interface. Please refer to bug ID CSCuq03168 in detail in the “Open Caveats—Cisco NX-OS Release 6.1(2)I3(3)” section.
When routed ACL is applied to multiple SVIs (switched virtual interfaces) in the egress direction, TCAM resources are not shared.
When VACL (VLAN ACL) is applied to multiple VLANs, TCAM resources are not shared.
N9K hardware does not support range checks (layer 4 operators) in egress TCAM. Because of this, ACL/QoS policies with layer 4 operations-based classification need to be expanded to multiple entries in the egress TCAM. Egress TCAM space planning should take this limitation into account.
If the same QOS policy and ACL is applied on multiple interfaces, the label will be shared only when the qos-policy is applied with the no-stats option.
Limitations for ALE uplink ports are listed at the following URL:
This section lists features that are not supported in the current release.
VXLAN Features
This section lists VXLAN features that are not supported.
VXLAN routing is not supported.
The default Layer 3 gateway for VXLAN VLANs should be provisioned on a different device.
Switched Port Analyzer (SPAN) Tx for VXLAN traffic is not supported for the access-to-network direction.
Ingress router access control lists (RACLs) are not supported on Layer 3 uplinks for VXLAN traffic. Egress VACLs cannot be used on decapsulated packets in the network-to-access direction on the inner payload. As a best practice, use PACLs or VACLs for the access-to-network direction.
QoS classification is not supported for VXLAN traffic in the network-to-access direction.
The QoS buffer-boost feature is not applicable for VXLAN traffic.
ACL and QoS for VXLAN traffic in the network-to-access direction is not supported.
Native VLANs for VXLAN are not supported. All traffic on VXLAN Layer 2 trunks needs to be tagged.
Consistency checkers are not supported for VXLAN tables.
Just one network virtualization edge (NVE) interface is allowed on the switch.
Because the NVE (VXLAN) process is not restartable, patching support is not supported for VXLAN.
vPC type-1 consistency checkers are not supported for VXLAN configurations.
Dynamic re-IP of an NVE tunnel is not supported. Tunnels must be shut down prior to live IP address changes.
VXLAN Topology Restrictions
A device cannot be a VXLAN gateway (vxlan-vlan flows) and a VXLAN bridge (vxlan-vxlan flows) for the same multicast groups, which are also called the bud-node topology. As a best practice, use the device as either a bridging device or a gateway device, but not both.
Due to bud-node restrictions, a VXLAN tunnel endpoint (VTEP) cannot reach the rendezvous point (RP) through another VTEP. Because of this limitation, there can be no direct Layer 3 links between two VTEPs, unless one of the VTEPs is the RP.
FEX host interface ports are not supported for VLANs extended with VXLAN.
VXLAN ACL Limitations
The following ACL related features are not supported:
Ingress RACL that is applied on an uplink Layer 3 interface that matches on the inner or outer payload in the network-to-access direction (decapsulated path)
Egress RACL that is applied on an uplink Layer 3 interface that matches on the inner or outer payload in the access-to-network direction (encapsulated path)
Egress VACL for decapsulated VXLAN traffic
We recommend that you use a PACL or VACL on the access side to filter out traffic entering the overlay network.
PVLANs
Private VLANs (PVLANs) are not supported.
DHCP
DHCP subnet broadcast is not supported.
FEX
FEX is supported only on the Cisco Nexus 9372PX and 9396PX switches. It is not supported on the other Cisco Nexus 9300 Series switches or the Cisco Nexus 9500 Series switches.
Other Unsupported Features
The following lists other features not supported in the current release:
Due to a Poodle vulnerability, SSLv3 is no longer supported.
The Cisco Nexus 9300 Series switches and the Cisco Nexus 3164Q switch do not support the 64-bit ALPM routing mode.
Table 5 lists the open caveats in the Cisco NX-OS Release 6.1(2)I3(3) release. Click the bug ID to access the Bug Search tool and see additional information about the bug.
Table 5 Open Caveats in Cisco NX-OS Release 6.1(2)I3(3)
BGP prefixes can experience temporary traffic drop during supervisor switchover when BGP prefixes have the Nexthop learned over BGP (Recursive Nexthop) in the presence of a default route in the system.
When QoS Lite TCAM is configured, policer violated statistics shown as part of the show policy-map interface command are reported as 0 instead of NA (Not-Applicable).
When using a Nexus 9000 Switch with a FEX and an LACP port-channel with n o lacp suspend-individual configuration, the port channel gets stuck in I state if the end device stops sending LACP PDUs for a brief period of time.
Even though there are no QoS classification policies currently active on any of the FEX HIF interfaces, the show incompatibility command still reports FEX QoS incompatibility during downgrade from 3.2 to earlier versions of software.
The show incompatibility nxos <image version lower than 3.3> command gives an incorrect message for cmd ip icmp-errors source-interface <intf> cmd.
Resolved Caveats—Cisco NX-OS Release 6.1(2)I3(3)
Table 6 lists the resolved caveats in the Cisco NX-OS Release 6.1(2)I3(3) release. Click the bug ID to access the Bug Search tool and see additional information about the bug.
Table 6 Resolved Caveats in Cisco NX-OS Release 6.1(2)I3(3)
Cisco Nexus 9000 Series FPGA/EPLD Upgrade Release Notes
Cisco Nexus 9000 Series NX-OS Release Note s
Documentation Feedback
To provide technical feedback on this document, or to report an error or omission, please send your comments to nexus9k-docfeedback@cisco.com. We appreciate your feedback.
Obtaining Documentation and Submitting a Service Request
For information on obtaining documentation and gathering additional information, see the monthly What’s New in Cisco Product Documentation, which also lists all new and revised Cisco technical documentation, at:
Subscribe to the What’s New in Cisco Product Documentation as a Really Simple Syndication (RSS) feed and set content to be delivered directly to your desktop using a reader application. The RSS feeds are a free service and Cisco currently supports RSS version 2.0.
This product includes cryptographic software written by Eric Young (eay@cryptsoft.com). This product includes software developed by the OpenSSL Project for use in the OpenSSL Toolkit. (http://www.openssl.org/). This product includes software written by Tim Hudson (tjh@cryptsoft.com).
Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this URL: www.cisco.com/go/trademarks. Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1110R)
Cisco Nexus 9000 Series NX-OS Release Notes, Release 6.1(2)I3(3)