Cisco Nexus 9000 Series NX-OS Release Notes, Release 7.0(3)I4(8)
This document describes the features, caveats, and limitations for Cisco NX-OS Release 7.0(3)I4(8) software for use on the following switches:
■ Cisco Nexus 9000 Series
■ Cisco Nexus 31128PQ
■ Cisco Nexus 3164Q
■ Cisco Nexus 3232C
■ Cisco Nexus 3264Q
Use this document in combination with documents listed in Related Documentation.
Table 1 shows the online change history for this document.
Table 1 Online History Change
Date |
Description |
September 28, 2020 |
Upgrade and Downgrade section revised. |
January 24, 2020 |
Added CSSvc95008 to Known Behaviors. |
July 25, 2018 |
Added CSCuy08187 to Open Caveats. |
March 30, 2018 |
Created the release notes for Release 7.0(3)I4(8). |
Obtaining Documentation and Submitting a Service Request
Cisco NX-OS software is a data center-class operating system designed for performance, resiliency, scalability, manageability, and programmability at its foundation. The Cisco NX-OS software provides a robust and comprehensive feature set that meets the requirements of virtualization and automation in mission-critical data center environments. The modular design of the Cisco NX-OS operating system makes zero-impact operations a reality and enables exceptional operational flexibility.
The Cisco Nexus 9000 Series uses an enhanced version of Cisco NX-OS software with a single binary image that supports every switch in the series, which simplifies image management.
This section includes the following sections:
■ Supported Cisco Software Releases
Table 2 summarizes information about the Cisco Nexus platforms and software release versions that Cisco OpenFlow Plug-in supports.
Table 2 Cisco Plug-in for OpenFlow Compatibility Matrix
Switches |
Cisco Plug-in for OpenFlow |
Cisco Nexus 9300 platform switches and Cisco Nexus 31128PQ, 3232C, and 3264Q switches NX-OS 7.0(3)I3(1) and later |
ofa-2.1.4-r2-nxos-SPA-k9.ova |
Cisco Nexus 9300 platform switches and Cisco Nexus 31128PQ switches NX-OS 7.0(3)I2(1) |
ofa-2.1.0-r1-nxos-SPA-k9.ova |
The tables below list the Cisco Nexus 9000 Series hardware that Cisco NX-OS Release 7.0(3)I4(8) supports. For additional information about the supported hardware, see the Hardware Installation Guide for your Cisco Nexus 9000 Series device.
■ Table 3 lists the Cisco Nexus 9000 Series fabric modules
■ Table 4 lists the Cisco Nexus 9000 Series fans and fan trays
■ Table 5 lists the Cisco Nexus 9000 Series line cards
■ Table 6 lists the Cisco Nexus 9000 Series power supplies
■ Table 7 lists the Cisco Nexus 9000 Series supervisor modules
■ Table 8 lists the Cisco Nexus 9000 Series system controllers
■ Table 9 lists the Cisco Nexus 9000 Series uplink modules
■ Table 11 lists the 3232C and 3264Q switch hardware
■ Table 12 lists the Cisco Nexus 3164Q switch hardware
■ Table 13 lists the Cisco Nexus 31128PQ switch hardware
Table 3 Cisco Nexus 9000 Series Fabric Modules
Product ID |
Hardware |
Quantity |
N9K-C9504-FM |
Cisco Nexus 9504 40-Gigabit fabric module |
3 to 6 depending on line cards |
N9K-C9504-FM-E |
100-Gigabit -E fabric module (for the Cisco Nexus 9504 chassis) that supports the 100-Gigabit (-EX) line cards. When used, there must be 4 of these fabric modules installed in fabric slots 22, 23, 24, and 26. |
4 |
N9K-C9504-FM-S |
100-Gigabit -S fabric module (for the Cisco Nexus 9504 chassis) that supports the 100-Gigabit (-S) line cards. When used, there must be 4 of these fabric modules installed in fabric slots 22, 23, 24, and 26. |
4 |
N9K-C9508-FM |
Cisco Nexus 9508 Series 40-Gigabit fabric module |
3-6 depending on the line cards |
N9K-C9508-FM-E |
100-Gigabit -E fabric module (for the Cisco Nexus 9508 chassis) that supports the 100-Gigabit (-EX) line cards. When used, there must be 4 of these fabric modules installed in fabric slots 22, 23, 24, and 26. |
4 |
N9K-C9508-FM-S |
100-Gigabit -S fabric module (for the Cisco Nexus 9508 chassis) that supports the 100-Gigabit (-S) line cards. When used, there must be 4 of these fabric modules installed in fabric slots 22, 23, 24, and 26. |
4 |
N9K-C9516-FM |
Cisco Nexus 9500 platform 40-Gigabit fabric module |
3-6 depending on the line cards |
Table 4 Cisco Nexus 9000 Series Fans and Fan Trays
Product ID |
Hardware |
Quantity |
N9K-C9300-FAN1 |
Cisco Nexus 9300 fan 1 module with port-side intake airflow (burgundy coloring) Note: Supports early versions of the Cisco Nexus 9396 switch (N9K-C9396PX). |
3 |
N9K-C9300-FAN1-B |
Cisco Nexus 9300 fan 1 module with port-side exhaust airflow (blue coloring) Note: Supports early versions of the Cisco Nexus 9396 switch (N9K-C9396PX). |
3 |
N9K-C9300-FAN2 |
Cisco Nexus 9300 fan 2 module with port-side intake airflow (burgundy coloring) Note: Supports the Cisco Nexus 93128TX, 9396PX, and 9396TX switches. |
3 |
N9K-C9300-FAN2-B |
Cisco Nexus 9300 fan 2 module with port-side exhaust airflow (blue coloring) Note: Supports the Cisco Nexus 93128TX, 9396PX, and 9396TX switches. |
3 |
N9K-C9300-FAN3 |
Cisco Nexus 9300 fan 2 module with port-side intake airflow (burgundy coloring) Note: Supports the Cisco Nexus 93120TX, 92304QC, and 9272Q switches. |
2 |
N9K-C9300-FAN3-B |
Cisco Nexus 9300 fan 2 module with port-side exhaust airflow (blue coloring) Note: Supports the Cisco Nexus 93120TX, 92304QC, and 9272Q switches. |
2 |
N9K-C9504-FAN |
Cisco Nexus 9504 fan tray |
3 |
N9K-C9508-FAN |
Cisco Nexus 9508 fan tray |
3 |
NXA-FAN-30CFM-B |
Cisco Nexus 9200 and 9300 fan module with port-side intake airflow (burgundy coloring) Note: Supports the Cisco Nexus 92160YC-X, 9236C, 93108TC-EX, 93180YC-EX, 9332PQ, 9372PX, 9372PX-E, 9372TX, and 9372TX-E switches. |
4 |
NXA-FAN-30CFM-F |
Cisco Nexus 9200 and 9300 fan module with port-side exhaust airflow (blue coloring) Note: Supports the Cisco Nexus 92160YC-X, 9236C, 93108TC-EX, 93180YC-EX, 9332PQ, 9372PX, 9372PX-E, 9372TX, and 9372TX-E switches. |
4 |
Table 5 Cisco Nexus 9500 Platform Line Cards
Product ID |
Description |
Quantity |
N9K-X9408PC-CFP2 |
Line card with 8 100-Gigabit CFP2 ports (supported by 40-Gigabit fabric modules [N9K-C9504-FM, N9K-C9508-FM, and N9K-9516FM]) |
■ 4 (Cisco Nexus 9504) ■ 8 (Cisco Nexus 9508) ■ 16 (Cisco Nexus 9516) |
N9K-X9432C-S |
Line card with 32 100-Gigabit QSFP28 ports (supported by four 100-Gigabit –S fabric modules [N9K-C9504-FM-S and N9K-C9508-FM-S]) |
■ 4 (Cisco Nexus 9504) ■ 8 (Cisco Nexus 9508) |
N9K-X9432PQ |
Line card with 32 40-Gigabit QSFP+ ports (supported by 40-Gigabit fabric modules [N9K-C9504-FM, N9K-C9508-FM, and N9K-9516FM]) Note: This line card supports static breakout. |
■ 4 (Cisco Nexus 9504) ■ 8 (Cisco Nexus 9508) ■ 16 (Cisco Nexus 9516) |
N9K-X9464PX |
Line card with 48 10-Gigabit SFP+ ports and 4 40-Gigabit QSFP+ ports (supported by 40-Gigabit fabric modules [N9K-C9504-FM, N9K-C9508-FM, and N9K-9516FM]) |
■ 4 (Cisco Nexus 9504) ■ 8 (Cisco Nexus 9508) ■ 16 (Cisco Nexus 9516) |
N9K-X9464TX |
Line card with 48 10GBASE-T ports and 4 40-Gigabit QSFP+ ports (supported by 40-Gigabit fabric modules [N9K-C9504-FM, N9K-C9508-FM, and N9K-9516FM]) |
■ 4 (Cisco Nexus 9504) ■ 8 (Cisco Nexus 9508) ■ 16 (Cisco Nexus 9516) |
N9K- X9464TX2 |
Line card with 48 1-/10GBASE-T ports and 4 40-Gigabit QSFP+ ports (supported by 40-Gigabit fabric modules [N9K-C9504-FM, N9K-C9508-FM, and N9K-9516FM]) |
■ 4 (Cisco Nexus 9504) ■ 8 (Cisco Nexus 9508) ■ 16 (Cisco Nexus 9516) |
N9K-X9536PQ |
Line card with 36 40-Gigabit Ethernet QSFP+ ports (supported by 40-Gigabit fabric modules [N9K-C9504-FM, N9K-C9508-FM, and N9K-9516FM]) |
■ 4 (Cisco Nexus 9504) ■ 8 (Cisco Nexus 9508) ■ 16 (Cisco Nexus 9516) |
N9K-X9564PX |
Line card with 48 1-/10-Gigabit SFP+ ports and 4 40-Gigabit QSFP+ ports (supported by 40-Gigabit fabric modules [N9K-C9504-FM, N9K-C9508-FM, and N9K-9516FM]) |
■ 4 (Cisco Nexus 9504) ■ 8 (Cisco Nexus 9508) ■ 16 (Cisco Nexus 9516) |
N9K-X9564TX |
Line card with 48 1-/10-GBASE-T ports and 4 40-Gigabit QSFP+ ports (supported by 40-Gigabit fabric modules [N9K-C9504-FM, N9K-C9508-FM, and N9K-9516FM]) |
■ 4 (Cisco Nexus 9504) ■ 8 (Cisco Nexus 9508) ■ 16 (Cisco Nexus 9516) |
N9K-X9636PQ |
Line card with 36 40-Gigabit QSFP+ ports (supported by 40-Gigabit fabric modules [N9K-C9504-FM and N9K-C9508-FM]) Note: Not supported on the Cisco Nexus 9516 switch (N9K-C9516). |
■ 4 (Cisco Nexus 9504) ■ 8 (Cisco Nexus 9508) |
N9K-X9732C-EX |
Line card with 32 40-/100-Gigabit Ethernet QSFP28 ports (supported by 100-Gigabit –E fabric modules [N9K-C9504-FM-E and N9K-C9508-FM-E]) |
■ 4 (Cisco Nexus 9504) ■ 8 (Cisco Nexus 9508) |
Table 6 Cisco Nexus 9000 Series Power Supplies
Product ID |
Description |
Quantity |
N9K-PAC-650W |
650-W AC power supply, port-side intake airflow (burgundy coloring) Note: Supports the Cisco Nexus 9332PQ, 9372PX, 9372PX-E, 9372TX, 9372TX-E, 9396PX, and 9396TX switches. |
■ 2 |
N9K-PAC-650W-B |
650-W AC power supply, port-side exhaust airflow (blue coloring) Note: Supports the Cisco Nexus 9332PQ, 9372PX, 9372PX-E, 9372TX, 9372TX-E, 9396PX, and 9396TX switches. |
■ 2 |
N9K-PAC-1200W |
1200-W AC power supply, port-side intake airflow (burgundy coloring) Note: Supports the Cisco Nexus 93120TX switches. |
■ 2 |
N9K-PAC-1200W-B |
1200-W AC power supply, port-side exhaust airflow (blue coloring) Note: Supports the Cisco Nexus 93120TX switches. |
■ 2 |
N9K-PAC-3000W-B |
3000-W AC power supply Note: Supports the Cisco Nexus 9504, 9508, and 9516 switches. |
■ Up to 4 (Cisco Nexus 9504) ■ Up to 8 (Cisco Nexus 9508) ■ Up to 10 (Cisco Nexus 9516) |
N9K-PDC-3000W-B |
3000-W DC power supply Note: Supports the Cisco Nexus 9504, 9508, and 9516 switches. |
■ Up to 4 (Cisco Nexus 9504) ■ Up to 8 (Cisco Nexus 9508) ■ Up to 10 (Cisco Nexus 9516) |
N9K-PUV-1200W |
1200-W AC power supply (airflow direction determined by the installed fan modules) Note: Supports all of the Cisco Nexus 9200 and 9300 NX-OS mode switches. |
■ 2 |
N9K-PUV-3000W-B |
3000-W Universal AC/DC power supply |
■ Up to 4 (Cisco Nexus 9504) ■ Up to 8 (Cisco Nexus 9508) ■ Up to 10 (Cisco Nexus 9516) |
NXA-PAC-650W-PE |
Nexus 650W power supply port side exhaust. Note: Supports the Cisco Nexus 92160YC-X, 92304QC, and 9236C switches. |
■ 2 |
NXA-PAC-650W-PI |
Nexus 6500W power supply port side intake. Note: Supports the Cisco Nexus 92160YC-X, 92304QC, and 9236C switches. |
■ 2 |
UCSC-PSU-930WDC |
930-W DC power supply with port-side intake airflow Note: Supports all Cisco Nexus 9200 and 9300 NX-OS mode switches. |
■ 2 |
UCS-PSU-6332-DC |
930-W DC power supply with port-side exhaust airflow Note: Supports all Cisco Nexus 9200 and 9300 NX-OS mode switches. |
■ 2 |
Table 7 Cisco Nexus 9500 Platform Supervisor Modules
Product ID |
Description |
Quantity |
N9K-SUP-A |
Cisco Nexus 9500 platform supervisor A module with 4 cores |
■ 2 |
N9K-SUP-B |
Cisco Nexus 9500 platform supervisor B module with 6 cores |
■ 2 |
Table 8 Cisco Nexus 9000 Series Switches
Product ID |
Description |
Quantity |
N9K-C9236C |
Cisco Nexus 9236C 1-RU switch with 36 40-/100-Gigabit QSFP28 ports (144 10-/25-Gigabit ports when using breakout cables). Note: Beginning with Cisco NX-OS Release 7.0(3)I4(3), 25G CVR-2QSFP28-8SFP adapters are supported on the Cisco Nexus 9236C switches. |
■ 1 |
N9K-C9272Q |
Cisco Nexus 9272Q 2-RU switch with 72 40-Gigabit Ethernet QSFP+ ports (up to 35 of the ports [ports 37-71] also support breakout cables providing up to 140 10-Gigabit connections) |
■ 1 |
N9K-C9332PQ |
Cisco Nexus 9332PQ 1-RU switch with 32 40-Gigabit Ethernet QSFP+ ports and supports 4x10G breakout mode for ports 1 to 26 (except ports 13 and 14). Ports 27 to 32 (ALE uplink ports) support using the QSFP-to-SFP+ Adapter (QSA) for 10-Gigabit SFP/SFP+ transceivers in QSFP+ ports. |
■ 1 |
N9K-C9372PX |
Cisco Nexus 9372PX 1-RU switch with 48 1-/10-Gigabit Ethernet SFP+ ports and 6 40-Gigabit Ethernet QSFP+ ports. |
■ 1 |
N9K-C9372PX-E |
An enhanced version of the N9K-C9372PX switch. |
■ 1 |
N9K-C9372TX |
Cisco Nexus 9372TX 1-RU switch with 48 1/10GBASE-T ports and 6 40-Gigabit Ethernet QSFP+ ports. |
■ 1 |
N9K-C9372TX-E |
An enhanced version of the N9K-C9372TX switch. |
■ 1 |
N9K-C9396PX |
Cisco Nexus 9396PX 1-RU switch with 48 1-/10-Gigabit Ethernet SFP+ ports and an uplink module with up to 12 40-Gigabit Ethernet QSPF+ ports |
■ 1 |
N9K-C9396TX |
Cisco Nexus 9396TX 1-RU switch with 48 1/10GBASE-T and an uplink module with up to12 40-Gigabit Ethernet QSFP+ ports |
■ 1 |
N9K-C9504 |
Cisco Nexus 9504 4-slot modular switch |
■ 1 |
N9K-C9508 |
Cisco Nexus 9508 8-slot modular switch |
■ 1 |
N9K-C9516 |
Cisco Nexus 9516 16-slot modular switch |
■ 1 |
N9K-C92160YC-X |
Cisco Nexus 92160YC-X 1-RU switch with 48 10-/25-Gigabit SFP+ ports and 6 40-Gigabit QSFP+ ports (4 of these ports support 100-Gigabit QSFP28 optics). |
■ 1 |
N9K-C92304QC |
Cisco Nexus 92304QC 2-RU switch with 56 40-Gigabit Ethernet ports (64 10-Gigabit ports if using breakout cables) and 8 100-Gigabit ports. |
■ 1 |
N9K-C93120TX |
Cisco Nexus 93120TX 2RU switch with 96 1/10GBASE-T ports and 6 40-Gigabit QSFP+ uplink ports. |
■ 1 |
N9K-C93128TX |
Cisco Nexus 93128TX 3-RU switch with 96 1/10GBASE-T ports and an uplink module that supports up to 8 40-Gigabit Ethernet QSPF+ ports (the 1/10GBASE-T ports also support a speed of 100 Megabits per second.) |
■ 1 |
N9K-C93108TC-EX |
Cisco Nexus 93108TC-EX 1-RU switch with 48 10GBASE-T ports and 6 40/100-Gigabit QSFP28 ports. |
■ 1 |
N9K-C93180YC-EX |
Cisco Nexus 93180YC-EX 1-RU switch with 48 10-/25-Gigabit Ethernet ports and 6 40/100-Gigabit QSFP28 ports. |
■ 1 |
Table 9 Cisco Nexus 9000 Series Uplink Modules
Product ID |
Description |
Quantity |
N9K-M4PC-CFP2 |
Cisco Nexus 9300 uplink module with 4 100-Gigabit Ethernet CFP2 ports. For the Cisco Nexus 93128TX switch, only two of the ports are active. For the Cisco Nexus 9396PX and 9396TX switches, all four ports are active. |
■ 1 |
N9K-M6PQ |
Cisco Nexus 9300 uplink module with 6 40-Gigabit Ethernet QSFP+ ports for the Cisco Nexus 9396PX, 9396TX, and 93128TX switches. Note: The front-panel ports on these uplink modules do not support auto negotiation with copper cables. You can manually configure the speed on the peer switch. |
■ 1 |
N9K-M6PQ-E |
An enhanced version of the Cisco Nexus N9K-M6PQ uplink module. |
■ |
N9K-M12PQ |
Cisco Nexus 9300 uplink module with 12 40-Gigabit Ethernet QSPF+ ports. Note: The front-panel ports on these uplink modules do not support auto negotiation with copper cables. You can manually configure the speed on the peer switch. |
■ 1 (required) |
Table 10 Cisco Nexus 9500 Platform System Controller
Product ID |
Description |
Quantity |
N9K-SC-A |
Cisco Nexus 9500 Platform System Controller Module |
■ 2 |
Table 11 Cisco Nexus 3232C and 3264Q Switch Hardware
Product ID |
Description |
Quantity |
N3K-C3232C |
Cisco Nexus 3232C, 32 x 40G/100G 2 x 10G SFP+, 1-RU switch |
■ 1 |
N3K-C3264Q |
Cisco Nexus 3264Q, 64 x 40G 2 x 10G SFP+, 2-RU switch |
■ 1 |
NOTE: Beginning with Cisco NX-OS Release 7.0(3)I4(3), 25G CVR-2QSFP28-8SFP is supported on the Cisco Nexus 3232C switches.
Table 12 Cisco Nexus 3164Q Switch Hardware
Product ID |
Description |
Quantity |
N3K-C3164Q-40GE |
Cisco Nexus 3164Q, 64 x 40G SFP+, 2-RU switch |
■ 1 |
N9K-C9300-FAN3 |
Cisco Nexus 3164Q fan module |
■ 3 |
N9K-PAC-1200W |
Cisco Nexus 3164Q 1200W AC power supply |
■ 2 |
Table 13 Cisco Nexus 3164Q Switch Hardware
Product ID |
Description |
Quantity |
N3K-C3164Q-40GE |
Cisco Nexus 3164Q, 64 x 40G SFP+, 2-RU switch |
■ 1 |
N9K-C9300-FAN3 |
Cisco Nexus 3164Q fan module |
■ 3 |
N9K-PAC-1200W |
Cisco Nexus 3164Q 1200W AC power supply |
■ 2 |
NOTE: The Cisco Nexus M6PQ-E uplink module and the Cisco Nexus 9372PX-E and 9372TX-E switches need to run the following minimum Cisco NX-OS releases:
o 7.0(3)I2(2d)
o 7.0(3)I2(2e)
o 7.0(3)I3(2)
o 7.0(3)I4(1)
See the Cisco 10-Gigabit Ethernet Transceiver Modules Compatibility Matrix for a list of supported optical components.
Cisco NX-OS Release 7.0(3)I4(8) supports the following FEXes (Fabric extenders) on Cisco Nexus 9332PQ, 9372PX, 9372PX-E, 9396PX and 9500 Platform Switches:
■ Cisco Nexus 2224TP
■ Cisco Nexus 2232PP
■ Cisco Nexus 2232TM and 2232TM-E
■ Cisco Nexus 2248PQ
■ Cisco Nexus 2248TP and 2248TP-E
■ Cisco Nexus 2348TQ
■ Cisco Nexus 2348UPQ
■ Cisco Nexus B22Dell
■ Cisco Nexus B22HP
■ Cisco Nexus NB22FTS
■ Cisco Nexus NB22IBM
Note: Please note the following:
■ The 9408 and line card is not supported with the 2300 FEX.
■ Cisco Nexus 9300 platform switches do not support FEX on uplink modules (ALE).
■ For FEX HIF port channels, we recommend that you enable STP port type edge using the spanning tree port type edge [trunk] command.
■ The Cisco 2248PQ, 2348TQ, and 2348UPQ FEXes support connections to the Nexus 9300 or 9500 platform switches by using supported breakout cables to connect a QSFP+ uplink on the FEX and an SFP+ link on the parent switch (4x10G links).
Note: For Cisco Nexus 9500 switches, 4x10G breakout for FEX connectivity is not supported.
This section lists the following topics:
■ New Hardware Features in Cisco NX-OS Release 7.0(3)I4(8)
■ New Software Features in Cisco NX-OS Release 7.0(3)I4(8)
Cisco NX-OS Release 7.0(3)I4(8) does not include new hardware features.
Cisco NX-OS Release 7.0(3)I4(8) does not include new software features.
This section includes the following topics:
■ Resolved Caveats—Cisco NX-OS Release 7.0(3)I4(8)
■ Open Caveats—Cisco NX-OS Release 7.0(3)I4(8)
■ Known Behaviors—Cisco NX-OS Release 7.0(3)I4(8)
Table 14 lists the Resolved Caveats in Cisco NX-OS Release 7.0(3)I4(8). Click the bug ID to access the Bug Search tool and see additional information about the bug.
Table 14 Resolved Caveats in Cisco NX-OS Release 7.0(3)I4(8)
Bug ID |
Description |
9300-EX|9200: Transit tunneled pkt egressing on trunk/sub-int donot have dot1q |
|
:7.0(3)I2(2a):9372PX - "FEX" crash on N2K-B22IBM-P |
|
Scale: On reload see po member mode mismatch - vPC not coming up |
|
As-path prepend doesn't work as expected |
|
SSTE: IPFIB crash while doing ISSU from 7.0(3)I5(1.23) to upg image |
|
Ping fails due to Vxlan-decap failure after over-night script of vlan config/unconfig |
|
TAH ISSU : ISSU failed during saving MTS state |
|
Kernel errors seen while collecting "sh-tech" after ISSU |
|
L2 flood traffic drops as VXLAN-DROP_DECAP_UUC after removing vn-id on L2 vlan |
|
Need option to use kstack for file transfers |
|
QSFP-40G-SR4-S / QSFP-100G-SR4-S: show int eth x/y trans not showing correct PID |
|
Static NAT stops working after reload or reconfiguring NAT statement if SVI is NAT inside interface. |
|
Kernel panic with Watchdog system not recovered completly-XCVR not inserted |
|
"Ethpm" crash during boot up with non-default "system jumbo" mtu in startup config |
|
Sflow TS missing data required for serviceability |
|
Session manager does not work for egress ACL |
|
N9396 ERSPAN market packet indicates incorrect clock granularity |
|
N9500/9432PQ-Need syslog reporting uncorrectable parity error on BCM followed by reload of LC. |
|
CLI yields strange output - " Message reported by command :: config terminal " |
|
N9K not generating ARP request for unresolved next-hop when receiving gleaned traffic |
|
Static mac insert failed for custom router mac |
|
Cisco NX-OS System Software CLI Arbitrary File Read Vulnerability |
|
Cisco NX-OS Python Parser Escape Vulnerability |
|
FM reloaded due to not responding on EOBC path |
|
N9K arp-ether tcam region carving needs extra warning message |
|
Nexus 9508 management port LEDs do not work properly |
|
G313:BGP-3-SLAB_LIB_SLAB_ERR: Slab error [double free attempted] in RPM Prefix tree slab |
|
Unicast DHCP offer/ack flooded even when destination mac address learned |
|
DHCP offer/ack sent back to the received port |
|
LC ipfib memory leak on 93180YC-EX |
|
Flood & Learn VXLAN: Traffic looped between Non-VPC VTEP and SPINE on SVI uplink |
|
Snmpbulkwalk slowness observed in ieee802SecyMIBs. |
|
N9K "ptp time-sync 0" inadvertently added to config |
|
N9K -- json output permissions failing on user with custom role |
|
During Upgrade from I4.5 to I4.6. The VPC legs did not come up on VPC secondary. |
|
VxLAN Overlay PIM packets (Register & Register-Stop) gets dropped on 40Gig uplink ports |
|
After VNF deployment, nexus still sends bfd packets to old mac-address |
|
N9K/openflow: redirect port bitmap is not updated when port-channel member comes up |
|
Clicking ejector handle causes OS print "Ejector pulled (left/right) for LC" messages continuously |
|
Link flap observed on port on X97xx line card if it matches the same src port/slice for bad port |
|
6.1(2)I1 3.5 to D+MR5 upgrade copp class alpha setting incorrect |
|
Line vty session limits does not work as expected with port-profile configurations present on N9k |
|
N9k - Forwarding consistency check fail when VTEP acting as leaf and spine - FL |
|
Switch sends different vlan IPv6 RA on a fex access port |
|
BGP locally originated path becomes invalid |
|
Bulk vlan name configuration causes MTS backup |
|
N9K:PBR with multiple "set ip next-hop verify-availability [next hop] track #" not work |
|
N9500: Kernel Messages: Failed to get the dvif for vlan |
|
N9K Connection to DWDM Carrier held down |
|
Corrupted packets causing traffic looping between LC and FM on 9516 |
|
CDP/LLDP have domain appended internally when no "ip domain-name x" is configured |
|
serial8250: too much work for irq4, defer to timer - kernel |
|
IR EVPN: BUM traffic gets dropped on ingress Leaf after route change in Underlay |
|
Ntp may go out of sync with dme after ntp server/peer configuration post issu |
|
Nexus 3000 / Nexus 9000 Evaluate Red Hat Linux CVE-2017-1000253 Vulnerability |
|
N9k -EX all interface counters stop incrementing |
|
BGP routes imported into RIB more than maximum path set |
|
eVPN : randomly SVI interface is not configured. |
|
Nexus broker switches disappears periodically in the NDB topology |
|
SFP-10G-SR-S incorrectly display copper length, uses udld copper default and syntax [no] udld enable |
|
Keeps loopback up in local database when admin down |
|
BGP session should not establish when update source interface is down. |
|
N9K USB not detected after OIR |
|
Configuration loss for FEX HIFs due to user_cfg flag absence |
|
Egress Packets are having 00:00 source mac after mode tap-agg command was applied on ingress |
|
N9K-C93180YC-EX Connection to DWDM carrier held down |
|
Reloading vpc peer switch puts other peers vpc member ports in DESG/BLK state |
|
N9K: Glean ARP is not generated for VXLAN encapsulated traffic |
|
Cisco Nexus 3000/9000 TCP Ports Incorrectly Exposed in the Default VRF |
|
N9K - CRC errors in Tahoe based switches on ports connecting to Mellanox adapters at the other end. |
|
N9500 not sending FollowUp message when PTP client facing interface flap. |
|
N9K PFM Crash due to SNMP Bulk-Get to read 40G-SR-BD DOM stuck in MTS |
|
Port moves to Uncalibrated status in a Port-channel |
|
No CoPP applied after cancelling setup |
|
NXAPI AAA auth requests sent to TACACS have no remote IP |
|
"vpc orphan-port suspend" without vpc domain config |
|
Service "bcm_usd" crash |
|
Need Syslog/Parser Warning Printed When NVE Source IP is Changed Without Shutting Down NVE |
|
N9500-E: L2PT may not work after module reload |
|
Reload ascii with config-profiles doesn't seem to work properly on the N9K |
|
Default interface Is Allowed in Exex Mode |
|
Cannot use characters < and > together in a password |
|
Right after reload, N9Ks bring up vPC member ports and send LACPDUs with local Prio/SysID |
|
MS: Allocate BDs to L3 subinterface that last 9 bits are unique within the parent interface |
|
N9K-C9516-FM-E 16slot: Total power allocated/Budget doesn't match sum of individual reserved power |
|
Nginx Vulnerabilities on Nexus 9000 Switches |
|
N9K: Upgrading from 7.0.3.I7.1 to 7.0.3.I7.2 can re-enable SSH weak ciphers |
|
LC/FM reloads due to EOBC heartbeat as CPU busy servicing hrtimer |
|
statistics per-entry does not work correctly |
|
DHCP snooping binding table is deleted when vPC Peer receive Inform ACK |
|
N9K-EX LC ports will not come up |
|
Interfaces not programmed in vlan show after vni deletion |
|
Traffic to/from Hosts attached to N9K tahoe vpc not able to communicate across GRE tunnel |
|
Inactive dynamic NAT entries not timing out |
|
Egress port for ARP is not updated after re-enabling MAC Learning in Nexus 9000 |
|
Need to error disable and syslog alert when trunk_group tables for PO Intefaces are exhausted in HW |
|
vsh sessions hang leading to "Too many open files in system" |
|
Traffic leak on port-channe bring up |
|
N9K-C92160YCX: 1GB link remains down at Secu-I side. installed NIC is intel i350 |
|
aclmgr crashed several times in a L2 loop while moving a link from a 10GE L2 to a 20GE LAG |
|
VXLAN BUM - mcast/bcast/flood packet drop on decapsulation with TX SPAN enabled |
|
N9k- Platform manager crash causing reboot |
|
Fix egress_block_mask (vsl bit) programming in hw for BCM when vPC PO member is in "I" state |
Table 5 Open Caveats in Cisco NX-OS Release 7.0(3)I4(8)
Bug ID |
Description |
If EPLD is not latest, terminate non-disruptive ISSU |
Table 6 Known Behaviors in Cisco NX-OS Release 7.0(3)I4(8)
Description |
|
On Cisco Nexus 9300-EX switches, when 802.1q EtherType has changed on an interface, the EtherType of all interfaces on the same slice will be changed to the configured value. This change is not persistent after a reload of the switch and will revert to the EtherType value of the last port on the slice. |
To perform a software upgrade or downgrade, follow the instructions in the Cisco Nexus 9000 Series NX-OS Software Upgrade and Downgrade Guide, Release 7.x.
For information about an In Service Software Upgrade (ISSU), see the Cisco NX-OS ISSU Support application.
Note: Upgrading from Cisco NX-OS 7.0(3)I1(2), 7.0(3)I1(3), or 7.0(3)I1(3a) requires installing a patch for Cisco Nexus 9500 platform switches only. For more information on the upgrade patch, see Upgrade Patch Instructions.
This section lists limitations related to Cisco NX-OS Release 7.0(3)I4(8).
■ Ingress queuing policy is supported only at the system level (and not at the interface level) for Cisco Nexus 9508 switches with the X9732C-EX line card and Cisco Nexus 93108TC-EX and 93180YC-EX switches.
■ QinVNI has the following limitations:
¯ Single tag is supported on Cisco Nexus 9300 platform switches. It can be enabled by unconfiguring the overlay-encapsulation vxlan-with-tag command from interface nve:
N9564PX-2(config)# int nve 1
N9564PX-2(config-if-nve)# no overlay-encapsulation vxlan-with-tag
N9564PX-2# sh run int nve 1
!Command: show running-config interface nve1
!Time: Wed Jul 20 23:26:25 2016
version 7.0(3u)I4(2u)
interface nve1
no shutdown
source-interface loopback0
host-reachability protocol bgp
member vni 900001 associate-vrf
member vni 2000980
suppress-arp
mcast-group 225.4.0.1
¯ Single tag is not supported on Cisco Nexus 9500 platform switches; only double tag is supported.
¯ When upgrading from Cisco NX-OS Release 7.0(3)I3(1) or 7.0(3)I4(1) to Cisco NX-OS Release 7.0(3)I4(8) with Cisco Nexus 9300 platform switches without the overlay-encapsulation vxlan-with-tag command under interface nve, you should add overlay-encapsulation vxlan-with-tag under the nve interface in the older release before starting the ISSU upgrade. Cisco NX-OS Releases 7.0(3)I3(1) and 7.0(3)I4(1) support double tag. Cisco NX-OS Release 7.0(3)I4(8) also supports single tag.
■ Resilient hashing (port-channel load-balancing resiliency) and VXLAN configurations are not compatible with VTEPs using ALE uplink ports. Please note that resilient hashing is disabled by default.
■ Fast reload support is available for N9K-C9232C and N9K-C92304QC.
■ CoPP (Control Plane Policing) cannot be disabled. If you attempt to disable it in Cisco NX-OS Release 7.0(3)I4(8), an error message appears. In previous releases, attempting to disable CoPP causes packets to be rate limited at 50 packets per seconds.
■ Skip CoPP policy option has been removed from the Cisco NX-OS initial setup utility because using it can impact the control plane of the network.
■ When a switch comes up with Cisco NX-OS Release 7.0(3)I4(8) and a custom CoPP policy, a syslog warning is logged. This warning is for informational purposes only.
2017 Mar 10 05:06:11 tim %ACLQOS-SLOT1-4-ACLQOS_WARNING: ACLQOS Warning: COPP static acl:acl-mac-l2pt is missing, check 'show system internal access-list copp static-acls' for required static acls
A similar warning is logged when a custom CoPP policy is changed. This limitation applies to Cisco Nexus 9300 and 921xx platform switches and to N9K-X9732C-EX line cards.
■ hardware profile front portmode command is not supported on the Cisco Nexus 9000 Series switches.
■ PV (Port VLAN) configuration through an interface range is not supported.
■ Layer 3 routed traffic for missing Layer 2 adjacency information is not flooded back onto VLAN members of ingress units when the source MAC address of routed traffic is a non-VDC (Virtual Device Context) MAC address. This limitation is for hardware flood traffic and can occur when the SVI (Switched Virtual Interface) has a user-configured MAC address.
■ neighbor-down fib-accelerate command is supported in a BGP-only environment.
■ Uplink modules should not be removed from a Cisco Nexus 9300 platform switch that is running Cisco NX-OS Release 7.0(3)I4(8). The ports on uplink modules should be used only for uplinks.
■ PortLoopback and BootupPortLoopback tests are not supported.
■ PFC (Priority Flow Control) and LLFC (Link-Level Flow Control) are supported for all Cisco Nexus 9300 and 9500 platform switches except for the 100G 9408PC line card and the 100G M4PC generic expansion module (GEM).
■ FEXes configured with 100/full-duplex speed, without explicitly configuring the neighboring device with 100/full-duplex speed, will not pass data packet traffic properly. This occurs with or without the link appearing to be “up.”
¯ no speed–Auto negotiates and advertises all speeds (only full duplex).
¯ speed 100–Does not auto negotiate; pause cannot be advertised. The peer must be set to not auto negotiate (only 100 Mbps full duplex is supported).
¯ speed 1000–Auto negotiates and advertises pause (advertises only for 1000 Mbps full duplex).
■ Eight QoS groups are supported only on modular platforms with the Cisco Nexus 9300 N9K-M4PC-CFP2 uplink module, and the following Cisco Nexus 9500 platform line cards:
¯ N9K-X9432PQ
¯ N9K-X9464PX
¯ N9K-X9464TX
¯ N9K-X9636PQ
■ Cisco NX-OS Release 7.0(3)|4(2) supports flooding for Microsoft Network Load Balancing (NLB) unicast mode on Cisco Nexus 9500 platform switches but not on Cisco Nexus 9300 platform switches. NLB is not supported in max-host system routing mode. NLB multicast mode is not supported on Cisco Nexus 9500 or 9300 platform switches.
Note: To work around the situation of Unicast NLB limitation, Cisco can statically hard code the address resolution protocol (ARP) and MAC address pointing to the correct interface. Please refer to bug ID CSCuq03168 in detail in the Open Caveats section.
■ TCAM resources are not shared when:
¯ Applying VACL (VLAN ACL) to multiple VLANs
¯ Routed ACL (Access Control List) is applied to multiple SVIs in the egress direction
■ Cisco Nexus 9000 Series switch hardware does not support range checks (layer 4 operators) in egress TCAM. Because of this, ACL/QoS policies with layer 4 operations-based classification need to be expanded to multiple entries in the egress TCAM. Egress TCAM space planning should take this limitation into account.
■ Applying the same QoS policy and ACL on multiple interfaces requires applying the qos-policy with the no-stats option to share the label.
■ Multiple port VLAN mappings configured on an interface during a rollback operation causes the rollback feature to fail.
■ The following switches support QSFP+ with the QSA (QSFP to SFP/SFP+ Adapter) (40G to 10G QSA):
¯ N9K-C93120TX
¯ N9K-C93128TX
¯ N9K-C9332PQ
¯ N9K-C9372PX
¯ N9K-C9372PX-E
¯ N9K-C9372TX
¯ N9K-C9396PX
Note: The Cisco Nexus 9300 support for the QSFP+ breakout has the following limitations:
■ Only 10G can be supported using QSA on 40G uplink ports on Cisco Nexus 9300 platform switches in NX-OS.
■ 1G with QSA is not supported.
■ For the Cisco Nexus 9332PQ switch, all ports except 13-14 and 27-32 can support breakout
■ All ports in the QSA speed group must operate at the same speed (see the configuration guide)
■ The following switches support the breakout cable (40G ports to 4x10G ports):
¯ N9K-C9332PQ
¯ N9K-X9436PQ
¯ N9K-X9536PQ
¯ N9K-C93180YC-EX
¯ N9K-C93108TC-EX
¯ N9K-X9732C-EX line card
■ Weighted ECMP (Equal-Cost Multi-Path) is not supported on Cisco Nexus 9000 Series switches.
■ Limitations for ALE (Application Link Engine) uplink ports are listed at the following URL:
This section lists features that are not supported for private VLANs in the current release.
■ VXLAN
■ DHCP
■ FEX
■ Cisco Nexus 3232C and 3264Q Switches
■ Cisco 9200 Nexus Series, 93108TC-EX, and 93180YC-EX Switches
■ Cisco Nexus 9408 Line Card and 9300 Platform Switches
■ Cisco Nexus 9732C-EX Line Card
This section lists VXLAN features that are not supported.
■ ACL and QoS for VXLAN traffic in the network-to-access direction are not supported.
■ Consistency checkers are not supported for VXLAN tables.
■ DHCP snooping and DAI features are not supported on VXLAN VLANs.
■ IGMP snooping is not supported on VXLAN VLANs.
■ Native VLANs for VXLAN are not supported. All traffic on VXLAN Layer 2 trunks needs to be tagged.
■ QoS buffer-boost is not applicable for VXLAN traffic.
■ QoS classification is not supported for VXLAN traffic in the network-to-access direction.
■ Static MAC pointing to remote VTEP (VXLAN Tunnel End Point) is not supported with BGP EVPN (Ethernet VPN).
■ TX SPAN (Switched Port Analyzer) for VXLAN traffic is not supported for the access-to-network direction.
■ VXLAN routing and VXLAN Bud Nodes features on the 3164Q platform are not supported.
The following ACL related features are not supported:
■ Ingress RACL that is applied on an uplink Layer 3 interface that matches on the inner or outer payload in the network-to-access direction (decapsulated path).
■ Egress RACL that is applied on an uplink Layer 3 interface that matches on the inner or outer payload in the access-to-network direction (encapsulated path).
■ Egress VACL for decapsulated VXLAN traffic.
Note: We recommend that you use a PACL or VACL on the access side to filter out traffic entering the overlay network.
DHCP subnet broadcast is not supported.
■ VTEP connected to FEX host interface ports is not supported.
■ ASCII replay with FEX needs be done twice for HIF configurations to be applied. The second time should be done after the FEXs have come up.
■ Cisco Nexus 9300 platform switches do not support FEX on uplink modules (ALE).
■ FEX is supported only on the Cisco Nexus 9332PQ, 9372PX, 9372PX-E, 9396PX, and 9500 platform switches (FEX is not supported on the N9K-X9732C-EX line card, 93180YC-EX and 93108TC-EX switches, and Cisco Nexus 9200 platform switches).
■ FEX vPC is not supported between any model of FEX and the Nexus 9300 (TOR) and 9500 platform switches (EOR) as the parent switches.
■ IPSG (IP Source Guard) is not supported on FEX ports.
The following features are not supported for the Cisco Nexus 3232C and 3264Q switches:
■ 3264Q and 3232C platforms do not support the PXE boot of the NXOS image from the loader.
■ Automatic negotiation support for 25G and 50G ports on the Cisco Nexus 3232C switch
■ Cisco Nexus 2000 Series Fabric Extenders (FEX)
■ Cisco NX-OS to ACI conversion (The Cisco Nexus 3232C and 3264Q switches operate only in Cisco NX-OS mode.)
■ DCBXP
■ Designated router delay
■ DHCP subnet broadcast is not supported
■ Due to a Poodle vulnerability, SSLv3 is no longer supported
■ FCoE NPV
■ Intelligent Traffic Director (ITD)
■ ISSU
■ Policy-based routing (PBR)
■ Port loopback tests
■ Resilient hashing
■ SPAN on CPU as destination
■ Virtual port channel (vPC) peering between Cisco Nexus 3232C or 3264Q switches and Cisco Nexus 9300 platform switches or between Cisco Nexus 3232C or 3264Q switches and Cisco Nexus 3100 Series switches
■ VXLAN
The following features are not supported for the Cisco Nexus 9200 and 9300-EX Series switches:
■ Segment routing, static MPLS, and MPLS stripping (supported for Cisco Nexus 9200 platform switches but not for Cisco Nexus 93108TC-EX and 93180YC-EX switches)
■ 64-bit ALPM routing mode
■ 9272PQ and 92160YC platforms do not support the PXE boot of the NXOS image from the loader.
■ ACL filters to span subinterface traffic on the parent interface
■ Cisco Nexus 2000 Series Fabric Extenders
■ DCBXP for LLDP
■ Egress port ACLs
■ Egress QoS policer or marking
■ FCoE NPV
■ FEX
■ GRE v4 payload over v6 tunnels
■ Intelligent Traffic Director
■ IP length-based matches
■ IPinIP on 92160
■ ISSU
■ Layer 2 Q-in-Q (supported for Cisco Nexus 9300-EX Series switches but not for Cisco Nexus 9200 Series switches)
■ Micro-burst detection
■ MTU (Multi Transmission Unit) checks for packets received with an MPLS header
■ OpenFlow, due to a hardware limitation
■ Packet-based statistics for traffic storm control (only byte-based statistics are supported)
■ Policy-based routing
■ PV routing for VXLAN
■ PVLANs
■ Q-in-VNI and Q-in-Q for VXLAN
■ Resilient hashing for ECMP
■ Resilient hashing for port-channel
■ Rx SPAN for multicast if the SPAN source and destination are on the same slice and no forwarding interface is on the slice
■ sFlow
■ Traffic storm control for copy-to-CPU packets
■ Traffic storm control with unknown multicast traffic
■ Tx SPAN for multicast, unknown multicast, and broadcast traffic
■ VACL redirects for TAP aggregation
The following features are not supported for the Cisco Nexus N9K-X9408PC-CFP2 line card and Cisco Nexus 9300 platform switches with generic expansion modules (N9K-M4PC-CFP2):
■ Breakout ports
■ Port-channel (No LACP)
■ vPC
■ MCT (Multichassis EtherChannel Trunk)
■ FEX (this applies to the 9408 and –EX switches, not all 9300 platform switches)
■ PTP (Precision Time Protocol)
■ PFC/LLFC
■ 802.3x
■ PVLAN
■ Storm Control
■ VXLAN access port
■ SPAN destination/ERSPAN destination IP
■ Shaping support on 100g port is limited
■ Only support 40G flows
The following features are not supported for Cisco Nexus 9508 switches with an N9K-X9732C-EX line card:
■ FEX
■ TAP aggregation
■ SPAN port-channel destinations
■ Marker packet support for ERSPAN Type 3
The following lists other features not supported in the current release:
■ Cisco Nexus 9300 platform switches do not support the 64-bit ALPM routing mode.
■ Due to a Poodle vulnerability, SSLv3 is no longer supported.
■ IPSG is not supported on the following:
¯ The last six 40G physical ports on the 9372PX, 9372TX, and 9332PQ switches
¯ All 40G physical ports on the 9396PX, 9396TX, and 93128TX switches
The entire Cisco Nexus 9000 Series NX-OS documentation set is available at the following URL:
The Cisco Nexus 3164Q Switch - Read Me First is available at the following URL:
The Cisco Nexus 31128PQ Switch - Read Me First is available at the following URL:
The Cisco Nexus 3232C/3264Q Switch - Read Me First is available at the following URL:
http://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus3232and3264/sw/7x/readme/b_Cisco_Nexus_3232C_and_3264Q_Switch_Read_Me_First.html
To provide technical feedback on this document, or to report an error or omission, please send your comments to nexus9k-docfeedback@cisco.com. We appreciate your feedback.
For information on obtaining documentation and gathering additional information, see the monthly What’s New in Cisco Product Documentation, which also lists all new and revised Cisco technical documentation, at:
http://www.cisco.com/en/US/docs/general/whatsnew/whatsnew.html
Open a service request online at:
https://tools.cisco.com/ServiceRequestTool/create/launch.do
Subscribe to the What’s New in Cisco Product Documentation as a Really Simple Syndication (RSS) feed and set content to be delivered directly to your desktop using a reader application. The RSS feeds are a free service and Cisco currently supports RSS version 2.0.
This product includes cryptographic software written by Eric Young (eay@cryptsoft.com). This product includes software developed by the OpenSSL Project for use in the OpenSSL Toolkit. (http://www.openssl.org/). This product includes software written by Tim Hudson (tjh@cryptsoft.com).
Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this URL: www.cisco.com/go/trademarks. Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1110R)
Cisco Nexus 9000 Series NX-OS Release Notes, Release 7.0(3)I4(8)
© 2018-2020 Cisco Systems, Inc. All rights reserved.