Cisco Nexus 9000 Series NX-OS Release Notes, Release 7.0(3)I5(1)
This document describes the features, caveats, and limitations for Cisco NX-OS Release 7.0(3)I5(1) software for use on the following switches:
■ Cisco Nexus 9000 Series
■ Cisco Nexus 31128PQ
■ Cisco Nexus 3164Q
■ Cisco Nexus 3232C
■ Cisco Nexus 3264Q
Use this document in combination with documents listed in Related Documentation.
Table 1 shows the online change history for this document.
Table 1 Online History Change
Date |
Description |
September 28, 2020 |
Upgrade and Downgrade section revised. |
January 24, 2020 |
Added CSCvc95008 to Known Behaviors. |
July 25, 2018 |
Added CSCuy08187 to the Open Caveats. |
April 20, 2018 |
Added CSCvf40773 to the Open Caveats. |
November 17, 2017 |
Added Q-in-Q support for the Cisco Nexus 9300 in New and Changed Information. |
September 20, 2017 |
Added CSCvc79642 to the Open Caveats. |
September 4, 2017 |
Updated the instructions for upgrading from Cisco NX-OS Releases 7.0(3)I1(2), 7.0(3)I1(3), or 7.0(3)I1(3a). |
August 9, 2017 |
Removed Intelligent Traffic Director from the Cisco Nexus 9200 and 9300-EX platform switches Unsupported section. |
June 21, 2017 |
Replaced X9564TX2 with X9464TX2. |
April 20, 2017 |
Revised PIM6 description in New and Changed Information. |
April 6, 2017 |
Removed Cisco Plug-in for OpenFlow Compatibility Matrix table. |
March 3, 2017 |
Removed “Ingress DROP_ACL_DROP is seen with Cisco Nexus 9272Q, 9236C and 92160YC-X Switches on an ASIC during congestion” from the Limitations section. |
January 26, 2017 |
Revised Q-in-VNI support options for Cisco Nexus 9200 Series switches and Cisco Nexus 9300-EX Series switches. |
January 25, 2017 |
Revised Limitations for upgrading from N9K-X94xx, N9K-X95xx, and N9K-X96xx line cards to N9K-X9732C-EX line cards. |
January 6, 2017 |
Updated New Software Features for: · sFlow · Micro-Burst Monitoring and Detection Updated the Fibre Channel over Ethernet (FCoE) Features section. |
January 4, 2017 |
Removed Marker packet support for ERSPAN Type 3 from the Unsupported Feature section. |
November 23, 2016 |
■ Added DCBXP to New Software Features. Added new details for upgrading in Upgrade Instructions. |
November 22, 2016 |
Added CSCvc18548 to Open Caveats. |
November 21, 2016 |
Added CSCvc07028 to Resolved Caveats. |
November 15, 2016 |
Added the following to the list of switches that support QSFP+ with the QSA (QSFP to SFP/SFP+ Adapter) (40G to 10G QSA): ¯ N9K-C93108TC-EX ¯ N9K-C93180YC-EX
|
November 7, 2016 |
Added CSCvb37238 to the Resolved Caveats table. |
November 1, 2016 |
■ Removed from Upgrade Instructions: “A non-disruptive upgrade from 7.0(3)I4(3) to 7.0(3)I5(1) is not supported.” ■ Added to unsupported features for Cisco Nexus 9200 and 9300-EX Series Switches: ¯ Q-in-Q for VXLAN is not supported on Cisco Nexus 9200 and 9300-EX Series switches ¯ Q-in-VNI is not supported on Cisco Nexus 9200 Series switches (supported on Cisco Nexus 9300-EX Series switches) ¯ SVI uplinks with Q-in-VNI are not supported with Cisco Nexus 9300-EX Series switches ■ Added 93180YC-EX to list of switches that support FEX in Supported FEX Modules. ■ Removed 93108TC-EX from the FEX support list in New Hardware Features in Cisco Nexus 7.0(3)I5(1). Changed FEX support statement in the unsupported features list for Cisco Nexus 9200 and 9300-EX Series Switches to state that Cisco Nexus 93180YC-EX switches are supported but not Cisco Nexus 93108TC-EX and Cisco Nexus 9200 Series switches. |
October 30, 2016 |
Created the release notes for Release 7.0(3)I5(1). |
Guidelines and Limitations for Private VLANs
Obtaining Documentation and Submitting a Service Request
Cisco NX-OS software is a data center-class operating system designed for performance, resiliency, scalability, manageability, and programmability at its foundation. The Cisco NX-OS software provides a robust and comprehensive feature set that meets the requirements of virtualization and automation in mission-critical data center environments. The modular design of the Cisco NX-OS operating system makes zero-impact operations a reality and enables exceptional operational flexibility.
The Cisco Nexus 9000 Series uses an enhanced version of Cisco NX-OS software with a single binary image that supports every switch in the series, which simplifies image management.
This section includes the following sections:
The tables below list the Cisco Nexus 9000 Series hardware that Cisco NX-OS Release 7.0(3)I4(1) supports. For additional information about the supported hardware, see the Hardware Installation Guide for your Cisco Nexus 9000 Series device.
■ Table 3 lists the Cisco Nexus 9000 Series fabric modules
■ Table 4 lists the Cisco Nexus 9000 Series fans and fan trays
■ Table 5 lists the Cisco Nexus 9000 Series line cards
■ Table 6 lists the Cisco Nexus 9000 Series power supplies
■ Table 7 lists the Cisco Nexus 9000 Series supervisor modules
■ Table 8 lists the Cisco Nexus 9000 Series system controllers
■ Table 9 lists the Cisco Nexus 9000 Series uplink modules
■ Table 11 lists the 3232C and 3264Q switch hardware
■ Table 12 lists the Cisco Nexus 3164Q switch hardware
■ Table 13 lists the Cisco Nexus 31128PQ switch hardware
Table 2 Cisco Nexus 9000 Series Fabric Modules
Product ID |
Hardware |
Quantity |
N9K-C9504-FM |
Cisco Nexus 9504 40-Gigabit fabric module |
3 to 6 depending on line cards |
N9K-C9504-FM-E |
100-Gigabit -E fabric module (for the Cisco Nexus 9504 chassis) that supports the 100-Gigabit (-EX) line cards. When used, there must be 4 of these fabric modules installed in fabric slots 22, 23, 24, and 26. |
4 |
N9K-C9504-FM-S |
100-Gigabit -S fabric module (for the Cisco Nexus 9504 chassis) that supports the 100-Gigabit (-S) line cards. When used, there must be 4 of these fabric modules installed in fabric slots 22, 23, 24, and 26. |
4 |
N9K-C9508-FM |
Cisco Nexus 9508 Series 40-Gigabit fabric module |
3-6 depending on the line cards |
N9K-C9508-FM-E |
100-Gigabit -E fabric module (for the Cisco Nexus 9508 chassis) that supports the 100-Gigabit (-EX) line cards. When used, there must be 4 of these fabric modules installed in fabric slots 22, 23, 24, and 26. |
4 |
N9K-C9508-FM-S |
100-Gigabit -S fabric module (for the Cisco Nexus 9508 chassis) that supports the 100-Gigabit (-S) line cards. When used, there must be 4 of these fabric modules installed in fabric slots 22, 23, 24, and 26. |
4 |
N9K-C9516-FM |
Cisco Nexus 9500 platform 40-Gigabit fabric module |
3-6 depending on the line cards |
Table 3 Cisco Nexus 9000 Series Fans and Fan Trays
Product ID |
Hardware |
Quantity |
N9K-C9300-FAN1 |
Cisco Nexus 9300 fan 1 module with port-side intake airflow (burgundy coloring) Note: Supports early versions of the Cisco Nexus 9396 switch (N9K-C9396PX). |
3 |
N9K-C9300-FAN1-B |
Cisco Nexus 9300 fan 1 module with port-side exhaust airflow (blue coloring) Note: Supports early versions of the Cisco Nexus 9396 switch (N9K-C9396PX). |
3 |
N9K-C9300-FAN2 |
Cisco Nexus 9300 fan 2 module with port-side intake airflow (burgundy coloring) Note: Supports the Cisco Nexus 93128TX, 9396PX, and 9396TX switches. |
3 |
N9K-C9300-FAN2-B |
Cisco Nexus 9300 fan 2 module with port-side exhaust airflow (blue coloring) Note: Supports the Cisco Nexus 93128TX, 9396PX, and 9396TX switches. |
3 |
N9K-C9300-FAN3 |
Cisco Nexus 9300 fan 2 module with port-side intake airflow (burgundy coloring) Note: Supports the Cisco Nexus 93120TX, 92304QC, and 9272Q switches. |
2 |
N9K-C9300-FAN3-B |
Cisco Nexus 9300 fan 2 module with port-side exhaust airflow (blue coloring) Note: Supports the Cisco Nexus 93120TX, 92304QC, and 9272Q switches. |
2 |
N9K-C9504-FAN |
Cisco Nexus 9504 fan tray |
3 |
N9K-C9508-FAN |
Cisco Nexus 9508 fan tray |
3 |
NXA-FAN-30CFM-B |
Cisco Nexus 9200 and 9300 fan module with port-side intake airflow (burgundy coloring) Note: Supports the Cisco Nexus 92160YC-X, 9236C, 93108TC-EX, 93180YC-EX, 9332PQ, 9372PX, 9372PX-E, 9372TX, and 9372TX-E switches. |
4 |
NXA-FAN-30CFM-F |
Cisco Nexus 9200 and 9300 fan module with port-side exhaust airflow (blue coloring) Note: Supports the Cisco Nexus 92160YC-X, 9236C, 93108TC-EX, 93180YC-EX, 9332PQ, 9372PX, 9372PX-E, 9372TX, and 9372TX-E switches. |
4 |
Table 4 Cisco Nexus 9500 Platform Line Cards
Product ID |
Description |
Quantity |
N9K-X9408PC-CFP2 |
Line card with 8 100-Gigabit CFP2 ports (supported by 40-Gigabit fabric modules [N9K-C9504-FM, N9K-C9508-FM, and N9K-9516FM]) |
■ 4 (Cisco Nexus 9504) ■ 8 (Cisco Nexus 9508) ■ 16 (Cisco Nexus 9516) |
N9K-X9432C-S |
Line card with 32 100-Gigabit QSFP28 ports (supported by four 100-Gigabit –S fabric modules [N9K-C9504-FM-S and N9K-C9508-FM-S]) |
■ 4 (Cisco Nexus 9504) ■ 8 (Cisco Nexus 9508) |
N9K-X9432PQ |
Line card with 32 40-Gigabit QSFP+ ports (supported by 40-Gigabit fabric modules [N9K-C9504-FM, N9K-C9508-FM, and N9K-9516FM]) Note: ■ This line card supports static breakout. ■ The 40-Gigabit ports support 1/10-Gigabit Ethernet with SFP/SFP+ transceivers when used with a CVR-QSFP-SFP10G adapter. |
■ 4 (Cisco Nexus 9504) ■ 8 (Cisco Nexus 9508) ■ 16 (Cisco Nexus 9516) |
N9K-X9464PX |
Line card with 48 10-Gigabit SFP+ ports and 4 40-Gigabit QSFP+ ports (supported by 40-Gigabit fabric modules [N9K-C9504-FM, N9K-C9508-FM, and N9K-9516FM]) |
■ 4 (Cisco Nexus 9504) ■ 8 (Cisco Nexus 9508) ■ 16 (Cisco Nexus 9516) |
N9K-X9464TX |
Line card with 48 10GBASE-T ports and 4 40-Gigabit QSFP+ ports (supported by 40-Gigabit fabric modules [N9K-C9504-FM, N9K-C9508-FM, and N9K-9516FM]) |
■ 4 (Cisco Nexus 9504) ■ 8 (Cisco Nexus 9508) ■ 16 (Cisco Nexus 9516) |
N9K- X9464TX2 |
Line card with 48 1-/10GBASE-T ports and 4 40-Gigabit QSFP+ ports (supported by 40-Gigabit fabric modules [N9K-C9504-FM, N9K-C9508-FM, and N9K-9516FM]) |
■ 4 (Cisco Nexus 9504) ■ 8 (Cisco Nexus 9508) ■ 16 (Cisco Nexus 9516) |
N9K-X9536PQ |
Line card with 36 40-Gigabit Ethernet QSFP+ ports (supported by 40-Gigabit fabric modules [N9K-C9504-FM, N9K-C9508-FM, and N9K-9516FM]) |
■ 4 (Cisco Nexus 9504) ■ 8 (Cisco Nexus 9508) ■ 16 (Cisco Nexus 9516) |
N9K-X9564PX |
Line card with 48 1-/10-Gigabit SFP+ ports and 4 40-Gigabit QSFP+ ports (supported by 40-Gigabit fabric modules [N9K-C9504-FM, N9K-C9508-FM, and N9K-9516FM]) |
■ 4 (Cisco Nexus 9504) ■ 8 (Cisco Nexus 9508) ■ 16 (Cisco Nexus 9516) |
N9K-X9564TX |
Line card with 48 1-/10-GBASE-T ports and 4 40-Gigabit QSFP+ ports (supported by 40-Gigabit fabric modules [N9K-C9504-FM, N9K-C9508-FM, and N9K-9516FM]) |
■ 4 (Cisco Nexus 9504) ■ 8 (Cisco Nexus 9508) ■ 16 (Cisco Nexus 9516) |
N9K-X9636PQ |
Line card with 36 40-Gigabit QSFP+ ports (supported by 40-Gigabit fabric modules [N9K-C9504-FM and N9K-C9508-FM]) Note: Not supported on the Cisco Nexus 9516 switch (N9K-C9516). |
■ 4 (Cisco Nexus 9504) ■ 8 (Cisco Nexus 9508) |
N9K-X9732C-EX |
Line card with 32 40-/100-Gigabit Ethernet QSFP28 ports (supported by 100-Gigabit –E fabric modules [N9K-C9504-FM-E and N9K-C9508-FM-E]) |
■ 4 (Cisco Nexus 9504) ■ 8 (Cisco Nexus 9508) |
Table 5 Cisco Nexus 9000 Series Power Supplies
Product ID |
Hardware |
Quantity |
N9K-PAC-650W |
650-W AC power supply, port-side intake airflow (burgundy coloring) Note: Supports the Cisco Nexus 9332PQ, 9372PX, 9372PX-E, 9372TX, 9372TX-E, 9396PX, and 9396TX switches. |
2 |
N9K-PAC-650W-B |
650-W AC power supply, port-side exhaust airflow (blue coloring) Note: Supports the Cisco Nexus 9332PQ, 9372PX, 9372PX-E, 9372TX, 9372TX-E, 9396PX, and 9396TX switches. |
2 |
N9K-PAC-1200W |
1200-W AC power supply, port-side intake airflow (burgundy coloring) Note: Supports the Cisco Nexus 93120TX switches. |
2 |
N9K-PAC-1200W-B |
1200-W AC power supply, port-side exhaust airflow (blue coloring) Note: Supports the Cisco Nexus 93120TX switches. |
2 |
N9K-PAC-3000W-B |
3000-W AC power supply Note: Supports the Cisco Nexus 9504, 9508, and 9516 switches. |
■ Up to 4 (Cisco Nexus 9504) ■ Up to 8 (Cisco Nexus 9508) ■ Up to 10 (Cisco Nexus 9516) |
N9K-PDC-3000W-B |
3000-W DC power supply Note: Supports the Cisco Nexus 9504, 9508, and 9516 switches. |
■ Up to 4 (Cisco Nexus 9504) ■ Up to 8 (Cisco Nexus 9508) ■ Up to 10 (Cisco Nexus 9516) |
N9K-PUV-1200W |
1200-W AC power supply (airflow direction determined by the installed fan modules) Note: Supports all of the Cisco Nexus 9200 and 9300 NX-OS mode switches. |
2 |
N9K-PUV-3000W-B |
3000-W Universal AC/DC power supply |
■ Up to 4 (Cisco Nexus 9504) ■ Up to 8 (Cisco Nexus 9508) ■ Up to 10 (Cisco Nexus 9516) |
NXA-PAC-1200W |
1200 W AC power supply, port-side intake airflow (burgundy coloring) Note: Supports the Cisco Nexus 9272Q switches. |
2 |
NXA-PAC-1200W-B |
1200 W AC power supply, port-side exhaust airflow (blue coloring) Note: Supports the Cisco Nexus 9272Q switches. |
2 |
NXA-PAC-650W |
Cisco Nexus 9200 and 9300 650 W AC power supply (NEBS compliant), port-side intake airflow (burgundy coloring) Note: Supports the Cisco Nexus 92160YC-X, 92304QC, 9236C, 93108TC-EX, and 93180YC-EX switches. |
2 |
NXA-PAC-650W-B |
Cisco Nexus 9200 and 9300 650 W AC power supply (NEBS compliant), port-side exhaust airflow (blue coloring) Note: Supports the Cisco Nexus 92160YC-X, 92304QC, 9236C, 93108TC-EX, and 93180YC-EX switches. |
2 |
UCSC-PSU-930WDC |
930-W DC power supply with port-side intake airflow Note: Supports all Cisco Nexus 9200 and 9300 NX-OS mode switches. |
2 |
UCS-PSU-6332-DC |
930-W DC power supply with port-side exhaust airflow Note: Supports all Cisco Nexus 9200 and 9300 NX-OS mode switches. |
2 |
Table 6 Cisco Nexus 9500 Platform Supervisor Modules
Product ID |
Hardware |
Quantity |
N9K-SUP-A |
Cisco Nexus 9500 platform supervisor A module with 4 cores |
2 |
N9K-SUP-B |
Cisco Nexus 9500 platform supervisor B module with 6 cores |
2 |
Table 7 Cisco Nexus 9000 Series Switches
Product ID |
Description |
Quantity |
N9K-C9236C |
Cisco Nexus 9236C 1-RU switch with 36 40-/100-Gigabit QSFP28 ports (144 10-/25-Gigabit ports when using breakout cables). Note: ■ Beginning with Cisco NX-OS Release 7.0(3)I4(3), 25G CVR-2QSFP28-8SFP adapters are supported on the Cisco Nexus 9236C switches. ■ Beginning with Cisco NX-OS Release 7.0(3)I5(1), the switch supports 4x10G breakout cables. |
1 |
N9K-C9272Q |
Cisco Nexus 9272Q 2-RU switch with 72 40-Gigabit Ethernet QSFP+ ports (up to 35 of the ports [ports 37-71] also support breakout cables providing up to 140 10-Gigabit connections) |
1 |
N9K-C9332PQ |
Cisco Nexus 9332PQ 1-RU switch with 32 40-Gigabit Ethernet QSFP+ ports and supports 4x10G breakout mode for ports 1 to 26 (except ports 13 and 14). Ports 27 to 32 (ALE uplink ports) support using the QSFP-to-SFP+ Adapter (QSA) for 10-Gigabit SFP/SFP+ transceivers in QSFP+ ports. |
1 |
N9K-C9372PX |
Cisco Nexus 9372PX 1-RU switch with 48 1-/10-Gigabit Ethernet SFP+ ports and 6 40-Gigabit Ethernet QSFP+ ports. |
1 |
N9K-C9372PX-E |
An enhanced version of the N9K-C9372PX switch. |
1 |
N9K-C9372TX |
Cisco Nexus 9372TX 1-RU switch with 48 1/10GBASE-T ports and 6 40-Gigabit Ethernet QSFP+ ports. |
1 |
N9K-C9372TX-E |
An enhanced version of the N9K-C9372TX switch. |
1 |
N9K-C9396PX |
Cisco Nexus 9396PX 1-RU switch with 48 1-/10-Gigabit Ethernet SFP+ ports and an uplink module with up to 12 40-Gigabit Ethernet QSPF+ ports |
1 |
N9K-C9396TX |
Cisco Nexus 9396TX 1-RU switch with 48 1/10GBASE-T and an uplink module with up to12 40-Gigabit Ethernet QSFP+ ports |
1 |
N9K-C9504 |
Cisco Nexus 9504 4-slot modular switch |
1 |
N9K-C9508 |
Cisco Nexus 9508 8-slot modular switch |
1 |
N9K-C9516 |
Cisco Nexus 9516 16-slot modular switch |
1 |
N9K-C92160YC-X |
Cisco Nexus 92160YC-X 1-RU switch with 48 10-/25-Gigabit SFP+ ports and 6 40-Gigabit QSFP+ ports (4 of these ports support 100-Gigabit QSFP28 optics). |
1 |
N9K-C92304QC |
Cisco Nexus 92304QC 2-RU switch with 56 40-Gigabit Ethernet ports (64 10-Gigabit ports if using breakout cables) and 8 100-Gigabit ports. |
1 |
N9K-C93108TC-EX |
Cisco Nexus 93108TC-EX 1-RU switch with 48 10GBASE-T ports and 6 40/100-Gigabit QSFP28 ports. Note: The 40-Gigabit ports support 1/10-Gigabit Ethernet with SFP/SFP+ transceivers when used with a CVR-QSFP-SFP10G adapter. |
N9K-C93108TC-EX |
N9K-C93120TX |
Cisco Nexus 93120TX 2RU switch with 96 1/10GBASE-T ports and 6 40-Gigabit QSFP+ uplink ports. |
1 |
N9K-C93128TX |
Cisco Nexus 93128TX 3-RU switch with 96 1/10GBASE-T ports and an uplink module that supports up to 8 40-Gigabit Ethernet QSPF+ ports (the 1/10GBASE-T ports also support a speed of 100 Megabits per second.) |
1 |
N9K-C93180YC-EX |
Cisco Nexus 93180YC-EX 1-RU switch with 48 10-/25-Gigabit Ethernet ports and 6 40/100-Gigabit QSFP28 ports. Note: The 40-Gigabit ports support 1/10-Gigabit Ethernet with SFP/SFP+ transceivers when used with a CVR-QSFP-SFP10G adapter. |
1 |
Table 8 Cisco Nexus 9000 Series Uplink Modules
Product ID |
Hardware |
Quantity |
N9K-M4PC-CFP2 |
Cisco Nexus 9300 uplink module with 4 100-Gigabit Ethernet CFP2 ports. For the Cisco Nexus 93128TX switch, only two of the ports are active. For the Cisco Nexus 9396PX and 9396TX switches, all four ports are active. |
1 |
N9K-M6PQ |
Cisco Nexus 9300 uplink module with 6 40-Gigabit Ethernet QSFP+ ports for the Cisco Nexus 9396PX, 9396TX, and 93128TX switches. Note: The front-panel ports on these uplink modules do not support auto negotiation with copper cables. You can manually configure the speed on the peer switch. |
1 |
N9K-M6PQ-E |
An enhanced version of the Cisco Nexus N9K-M6PQ uplink module. |
|
N9K-M12PQ |
Cisco Nexus 9300 uplink module with 12 40-Gigabit Ethernet QSPF+ ports. Note: The front-panel ports on these uplink modules do not support auto negotiation with copper cables. You can manually configure the speed on the peer switch. |
1 (required) |
Table 9 Cisco Nexus 9500 Platform System Controller
Product ID |
Hardware |
Quantity |
N9K-SC-A |
Cisco Nexus 9500 Platform System Controller Module |
2 |
Table 10 Cisco Nexus 3232C and 3264Q Switch Hardware
Product ID |
Hardware |
Quantity |
N3K-C3232C |
Cisco Nexus 3232C, 32 x 40G/100G 2 x 10G SFP+, 1-RU switch Note: The 40-Gigabit ports support 1/10-Gigabit Ethernet with SFP/SFP+ transceivers when used with a CVR-QSFP-SFP10G adapter. |
1 |
N3K-C3264Q |
Cisco Nexus 3264Q, 64 x 40G 2 x 10G SFP+, 2-RU switch Note: The 40-Gigabit ports support 1/10-Gigabit Ethernet with SFP/SFP+ transceivers when used with a CVR-QSFP-SFP10G adapter. |
1 |
Note: Beginning with Cisco NX-OS Release 7.0(3)I4(3), 25G CVR-2QSFP28-8SFP is supported on the Cisco Nexus 3232C switches.
Table 11 Cisco Nexus 3164Q Switch Hardware
Product ID |
Hardware |
Quantity |
N3K-C3164Q-40GE |
Cisco Nexus 3164Q, 64 x 40G SFP+, 2-RU switch |
1 |
N9K-C9300-FAN3 |
Cisco Nexus 3164Q fan module |
3 |
N9K-PAC-1200W |
Cisco Nexus 3164Q 1200W AC power supply |
2 |
Table 12 Cisco Nexus 31128PQ Switch Hardware
Product ID |
Hardware |
Quantity |
N3K-C31128PQ-10GE |
Nexus 31128PQ, 96 SFP+ ports, 8 QSFP+ ports, 2RU switch |
1 |
Note: The Cisco Nexus M6PQ-E uplink module and the Cisco Nexus 9372PX-E and 9372TX-E switches need to run the following minimum Cisco NX-OS releases:
· 7.0(3)I2(2d)
· 7.0(3)I2(2e)
· 7.0(3)I3(2)
· 7.0(3)I4(1)
To determine which transceivers and cables are supported by this switch, see http://www.cisco.com/c/en/us/support/interfaces-modules/transceiver-modules/products-device-support-tables-list.html.
To see the transceiver specifications and installation information, see http://www.cisco.com/c/en/us/support/interfaces-modules/transceiver-modules/products-installation-guides-list.html.
Cisco NX-OS Release 7.0(3)I5(1) supports the following FEXes (Fabric extenders) on 93180YC-EX, 9332PQ, 9372PX, 9372PX-E, 9396PX and 9500 platform switches:
■ Cisco Nexus 2224TP
■ Cisco Nexus 2232PP
■ Cisco Nexus 2232TM and 2232TM-E
■ Cisco Nexus 2248PQ
■ Cisco Nexus 2248TP and 2248TP-E
■ Cisco Nexus 2348TQ
■ Cisco Nexus 2348UPQ
■ Cisco Nexus B22Dell
■ Cisco Nexus B22HP
■ Cisco Nexus NB22FTS
■ Cisco Nexus NB22IBM
Note: Please note the following:
■ The 9408 and line card is not supported with the 2300 FEX.
■ Cisco Nexus 9300 Series switches do not support FEX on uplink modules (ALE).
■ For FEX HIF port channels, we recommend that you enable STP port type edge using the spanning tree port type edge [trunk] command.
■ The Cisco 2248PQ, 2348TQ, and 2348UPQ FEXes support connections to the Nexus 9300 or 9500 switches by using supported breakout cables to connect a QSFP+ uplink on the FEX and an SFP+ link on the parent switch (4x10G links).
■ For Cisco Nexus 9500 switches, 4x10G breakout for FEX connectivity is not supported.
This section lists the following topics:
■ New Hardware Features in Cisco NX-OS Release 7.0(3)I5(1)
■ New Software Features in Cisco NX-OS Release 7.0(3)I5(1)
Cisco NX-OS Release 7.0(3)I5(1) supports the following new hardware:
■ The Cisco Nexus 93108TC-EX and 93180YC-EX switches support using a 1-Gigabit SFP transceiver or a 10-Gigabit SFP+ transceiver in a 40-Gigabit QSFP+ port when you also use a CVR-QSFP-SFP10G adapter.
■ The Cisco Nexus 93180YC-EX switches support Fabric Extenders (FEX).
■ The Cisco Nexus 9504, 9508, and 9516 switch N9K-X9432PQ line card supports using a 1-Gigabit SFP transceiver or a 10-Gigabit SFP+ transceiver in a 40-Gigabit port when you also use a CVR-QSFP-SFP10G adapter.
■ The Cisco Nexus 9236C switch supports 40-Gigabit QSFP to 4 10-Gigabit SFP+ breakout cables.
■ To display information about the transceivers installed in your switch, you can use the show inventory all command.
Cisco NX-OS Release 7.0(3)I5(1) supports the following new software features:
Fabric Extender (FEX) Features
■ Support for the Cisco Nexus 9300-EX Series switches.
■ Switch vPC Topology and Straight Through FEX Topologies (Host vPC) – Enables each FEX to be single-homed (straight-through FEX topology) with a Cisco Nexus 9000 Series switch. The host interfaces on the FEX are configured as port channels and those port channels are configured as vPCs.
For more information see the Cisco Nexus 2000 Series NX-OS Fabric Extender Configuration Guide for Cisco Nexus 9000 Series Switches.
Fibre Channel over Ethernet (FCoE) Features
■ shutdown lan command – Detects an inconsistency when a secondary vPC leg goes down. To avoid having the FCoE link go down when the system detects a vPC inconsistency, use the shutdown lan command to shut down the LAN traffic on port-channels and individual Ethernet ports.
■ FCoE Over FEX – Enables Fibre Channel traffic to be carried on a FEX port. The FEX is connected to Cisco Nexus 9000 device (in FCoE NPV mode) through a Fabric Port Channel (FPC).
■ FCoE Over FEX with vPC – Enables Fibre Channel traffic to be carried over a FEX (Straight through FEX) using a virtual PortChannel (vPC).
■ Fibre Channel Slow Drain Device Detection – Enables slow drain device detection and congestion avoidance when slow devices are attached to the network fabric resulting with end devices not accepting frames at a configured rate that leads to traffic congestion on the links.
■ MAC bound VFC – Binds the virtual Fibre Channel interface to a host MAC address before a virtual Fibre Channel interface can be used.
■ Pause frame timeout value – Enables a pause frame timeout value on a port to empty the buffer space in the ISL link and helps to reduce the fabric slowdown and the congestion on other unrelated flows using the same link.
■ FCoE NPV – Added support for the Cisco Nexus 9236C, 9272Q, 92160YC-X, and 93180YC-EX switches. Also added FCoE NPV support for the N2K-B22HP-P, N2K-B22IBM-P, N2K-C2232PP, and N2K-C2348UPQ FEX modules on the Cisco Nexus 93180YC-EX switch.
For more information, see the Cisco Nexus 9000 Series NX-OS FCoE Configuration Guide.
FIPS Compliance
■ Beginning with Cisco NX-OS Release 7.0(3)I5(1), Cisco Nexus 9000 Series switches and the Cisco Nexus 3164Q, 31128PQ, 3232C, and 3264Q switches are FIPS compliant.
Fundamentals Feature
■ Archiving – Support added for configuration archive and archive log.
For more information, see the Cisco Nexus 9000 Series NX-OS Fundamentals Configuration Guide, Release 7.x.
Intelligent Traffic Director (ITD) Features
■ failaction bucket distribute and failaction mode least-bucket commands – Specify how traffic is reassigned after a node failure.
■ ITD - Added support for Cisco Nexus 9300-EX Series switches.
■ Non-disruptive add/delete for include/exclude ACLs – Adds or deletes the access control entries (ACEs) in the include or exclude ACL without shutting down the ITD service. Doing so minimizes traffic disruption.
For more information, see the Cisco Nexus 9000 Series NX-OS Intelligent Traffic Director Configuration Guide.
Interfaces Features
■ Added support for per-member link BFD.
■ Added support for Layer 3 over vPC.
■ Added support for configuring selective Q-in-Q on a dot1q-tunnel port.
■ Added support for Q-in-Q on the Cisco Nexus 9300 switch.
For more information, see the Cisco Nexus 9000 Series NX-OS Interfaces Configuration Guide, Release 7.x.
Label Switching Features
■ With the introduction of RFC 7752 in Cisco NX-OS Release 7.0(3)I5(1), you can configure the BGP link state address family for a neighbor session with a controller to advertise the corresponding SIDs. You can configure this feature in global configuration mode and neighbor address family configuration mode.
■ Cisco Nexus 9000 Series switches are often deployed in massive scale data centers (MSDCs). In such environments, there is a requirement to support BGP Egress Peer Engineering (EPE) with Segment Routing (SR). The SR-based Egress Peer Engineering (EPE) solution allows a centralized (SDN) controller to program any egress peer policy at ingress border routers or at hosts within the domain. With the introduction of RFC 7752 and draft-ietf-idr-bgpls-segment-routing-epe in Cisco NX-OS Release 7.0(3)I5(1), you can configure Egress Engineering. The feature is valid only for external BGP neighbors and it is not configured by default.
Layer 2 Features
■ PVLANs – Adds support for PVLANs over port channels and vPCs for Cisco Nexus 9300 and 9300-EX Series switches.
■ system private-vlan fex trunk command – Enables PVLANs to be brought up on non-PVLAN FEX trunks.
For more information, see the Cisco Nexus 9000 Series NX-OS Layer 2 Switching Configuration Guide.
Multicast Routing Features
■ MLDv1 and MLDv2 – Configures the Multicast Listener Discovery (MLD) IPv6 protocol on Cisco NX-OS devices. A host uses MLD to request multicast data for a particular group. Using the information obtained through MLD, the software maintains a list of multicast group or channel memberships on a per-interface basis. The devices that receive MLD packets send the multicast data that they receive for requested groups or channels out the network segment of the known receivers. Cisco Nexus 9200, 9300, and 9300-EX Series switches support MLD.
■ PIM6 – Configures Protocol Independent Multicast (PIM) on Cisco NX-OS devices in your IPv6 network. PIM and PIM6 advertise group membership across a routing domain by constructing multicast distribution trees. All Cisco Nexus 9000 Series switches and the Cisco Nexus 3164Q, 31128PQ, 3232C, and 3264Q switches support PIM6 ASM and SSM. PIM6 Bidir is not supported.
For more information, see the Cisco Nexus 9000 Series NX-OS Multicast Routing Configuration Guide.
NX-OSv 9000 Features
■ NX-OSv 9000 – A virtual platform that is designed to simulate the control plane aspects of a network element running Cisco Nexus 9000 software. When NX-OSv 9000 runs as a virtual machine, line card (LC) ASIC provisioning or any interaction from the control plane to hardware ASIC is handled by the NX-OSv 9000 software data plane.
For more information, see the NX-OSv 9000 Guide.
OpenFlow Features
■ Cisco OpenFlow Agent for Nexus 3000 and 9000 Series Switches – OpenFlow is an open standardized interface that allows a software-defined networking (SDN) controller to manage the forwarding plane of a network. Cisco OpenFlow Agent provides better control over networks, making them more open, programmable, and application-aware.
¯ The Cisco OpenFlow Agent is integrated into NX-OS, eliminating the need to install the container-based Cisco Plug-in for OpenFlow used in previous releases.
¯ Support is added for the logical partitioning of the switch into multiple logical sub-switches based on VLAN ranges.
¯ Support is added for matching on IPv6 headers.
For more information, see Cisco OpenFlow Agent for Nexus 3000 and 9000 Series Switches.
Programmability Features
■ Model-Driven Programmability – Data modeling provides a programmatic and standards-based method of writing configurations to the network device, replacing the process of manual configuration.
¯ Many additional features and settings have been added to the data model, allowing model-driven configuration.
¯ NX-OS Model-Driven Programmability now supports the YANG data modeling language and three standards-based programmable interfaces: NETCONF, RESTConf, and gRPC.
■ NX-API CLI Developer Sandbox – The developer sandbox converts one or more NX-OS CLI configuration or operating commands into a structured payload for delivery through the programmable interfaces, such as the REST interface.
¯ Support is added for converting CLI commands to a NETCONF NX-OS YANG payload.
For more information, see the Cisco Nexus 9000 Series NX-OS Programmability Guide and the Cisco Nexus 3000 and 9000 Series NX-API REST SDK Documentation.
Quality of Service Features
■ AFD (Approximate Fair Dropping) – Support for AFD, an Active Queue Management (AQM) algorithm to avoid traffic congestion where packets are dropped in a manner so that the short-lived flows (or mice flows) are not impacted. Instead they are dropped from the long lived flows (or elephant flows).
■ DCBXP – Added support for the Cisco Nexus 9200 and 9300-EX Series Switches.
■ DPP (Dynamic Packet Prioritization) – DPP prioritizes a configured number of packets of every flow in a particular class of traffic to be sent out of another class of traffic that DPP is mapped to. (Ideally a strict priority class or class with high bandwidth, but not a no-drop class).
■ Micro-Burst Monitoring and Detection – Added support for micro-burst monitoring on Cisco Nexus 9200 and 9300-EX Series switches to provide monitoring of traffic to detect unexpected data bursts within a very small time window (microseconds).
For more information, see the Cisco Nexus 9000 Series NX-OS Quality of Service Configuration Guide.
Security Features
■ Port security – Configures Layer 2 physical interfaces and Layer 2 port-channel interfaces to allow inbound traffic from only a restricted set of MAC addresses. Port security is not supported on vPCs, and we do not recommend enabling port security in vPC deployments.
■ x509v3 authentication for SSH – Configures SSH authentication using X.509v3 certificates (RFC 6187) and a smartcard to enable two-factor authentication for Cisco device access.
For more information, see the Cisco Nexus 9000 Series NX-OS Security Configuration Guide.
Software Upgrade and Downgrade Features
■ Enhanced in-service software upgrade (ISSU) – Enables you to upgrade the device software while the switch continues to forward traffic, which reduces the downtime typically caused by software upgrades (just like a regular ISSU, also known as a nondisruptive upgrade). However, with container-based ISSU, the software runs inside a separate Linux container (LXC) for the supervisor and line cards, and a third container is created as part of the ISSU procedure and is brought up as a standby supervisor. Container-based ISSUs are supported only on the following devices:
¯ Cisco Nexus 3164Q switches
¯ Cisco Nexus 9332PQ, 9372PX, 9372TX, 9396PX, 9396TX, 93120TX, and 93128TX switches
Note:
■ After you upgrade to Cisco NX-OS Release 7.0(3)I5(1) from an earlier release, you can enable enhanced ISSU use with future upgrades.
■ LXC mode is not supported for FCoE (fibre channel over Ethernet).
For more information, see the Cisco Nexus 9000 Series NX-OS Software Upgrade and Downgrade Guide.
System Management Features
■ IPv6 ACLs – Added support for IPv6 ACLs for tap aggregation. Starting with Release 7.0(3)I5(1), support for IPv6 ACLs is added on the Cisco Nexus 9000 Series switches. The redirect action is supported in IPv6 ACLs. All the match options that are currently supported for IPv6 PACL are now supported with the redirect action.
■ sFlow Enhancements –Added support (with some limitations) for the Cisco Nexus 9200 and 9300-EX Series switches.
■ GIR Enhancements – Added support for GIR enhancements. Starting with Release 7.0(3)I5(1), the following maintenance mode enhancements have been added to Cisco Nexus 9000 Series switches.
■ Streaming Telemetry - Telemetry enables a push model for continuously streaming data and notifications collected from the Data Management Engine (DME) database, providing near-real-time access to monitoring data.
For more information, see the Cisco Nexus 9000 Series NX-OS Programmability Guide, Release 7.x
Tetration
■ Tetration is now supported on the N9K-C92160YC-X switch and Cisco Nexus 9300-EX Series switches.
Unicast Routing Features
■ Host to LPM spillover – Enables excess host routes to be stored in the LPM table in order to achieve a larger host scale. In ALPM mode, Cisco Nexus 9300 and 9500 platform switches and the Cisco Nexus 3164Q, 3232C, and 3264Q switches allow fewer host routes. If you add more host routes than the supported scale, the routes that are spilled over from the host table take the space of the LPM routes in the LPM table. The total number of LPM routes allowed in that mode is reduced by the number of host routes stored. In the default system routing mode, Cisco Nexus 9300 Series switches and the Cisco Nexus 3164Q, 3232C, and 3264Q switches support a higher host scale and fewer LPM routes, and the LPM space can be used to store additional host routes. For Cisco Nexus 9500 platform switches, only the default system routing and nonhierarchical routing modes support this feature on line cards. Fabric modules do not support this feature.
■ IPv6 support for DNS – Adds Domain Name Server (DNS) support for IPv6 addresses.
■ LPM dual-host mode—You can configure this LPM routing mode in order to increase the ARP/ND scale to double the default mode value. Only Cisco Nexus 9200 and 9300-EX Series switches support this routing mode. For a list of verified scalability numbers, see the Cisco Nexus 9000 Series NX-OS Verified Scalability Guide, Release 7.0(3)I5(1).
■ Policy-based routing (PBR) – Adds IPv4v and IPv6 support for this feature on Cisco Nexus 9200 and 9300-EX Series switches. Adds IPv4 support for this feature on Cisco Nexus 9500 platform switches with the X9732C-EX line card.For more information, see the Cisco Nexus 9000 Series NX-OS Unicast Routing Configuration Guide.
VXLAN Features
■ OAM Protocol – The VXLAN operations, administration, and maintenance (OAM) protocol is a protocol for installing, monitoring, and troubleshooting Ethernet networks to enhance management in VXLAN based overlay networks.
■ VRRP over VXLAN – Enables you to configure VRRP over VXLAN on Cisco Nexus 9000 Series switches.
■ IGMP snooping over VXLAN – Enables you to configure IGMP snooping over VXLAN.
Note: Beginning with Cisco NX-OS Release 7.0(3)I5(1), IGMP snooping on VXLAN VLANs is supported for Cisco Nexus 9300 and 9300-EX Series switches and only with multicast underlay networks (not with ingress replication underlay networks).
For more information, see the Cisco Nexus 9000 Series NX-OS VXLAN Configuration Guide, Release 7.x.
This section includes the following topics:
■ Resolved Caveats—Cisco NX-OS Release 7.0(3)I5(1)
■ Open Caveats—Cisco NX-OS Release 7.0(3)I5(1)
■ Known Behaviors—Cisco NX-OS Release 7.0(3)I5(1)
Table 14 lists the Resolved Caveats in Cisco NX-OS Release 7.0(3)I5(1). Click the bug ID to access the Bug Search tool and see additional information about the bug.
Table 13 Resolved Caveats in Cisco NX-OS Release 7.0(3)I5(1)
Bug ID |
Description |
For Release 7.0(3)I2(3), the output for the show hardware command is displaying the wrong response in JSON-RPC format. |
|
8-9 seconds of additional traffic loss is seen when HSRP active is reloaded because of removing the VMAC (Virtual MAC) on an HSRP (Hot Standby Router Protocol)-configured standby switch. |
|
The output for show hardware access-list resource utilization on Cisco Nexus 9000 and Cisco Nexus 3000 Series switches running 7.0(3)I2.x or 7.0(3)I3.x is incorrect. |
|
Bypass health diagnostics when buffer utilization exceeds threshold. |
|
Since 7.0(3)I4(1), system vrf-member-change retain-l3-config is enabled by default and keeps the Layer 3 configuration after an interface is moved from one VRF to another. After an interface is moved from a VRF to the default VRF, the no ip dhcp relay address x.x.x.x use-vrf default does not work. |
|
In the description field of an SVI, the configuration will no longer take any combination of the ">" and "<" character together. No error message is given but changes do not take effect. |
|
Public SSL certificate is not able to configure in NX-API. |
|
A Cisco Nexus switch configured with a custom maintenance profile (GIR / mmode) may crash when deleting the maintenance profile in the CLI. |
|
The copy run start command fails. |
|
The show system error-id list produces an error and vsh.bin crashes. |
|
Increase capture duration of kernel trace in case of process crashes. |
|
Performing an ISSU from 7.0(3)I4(1) to 7.0(3)I4(2), FEX connectivity breaks for the device connected on its HIF port. When things are broken, EVEN_PARITY=1 is seen for the respective FEX HIF port. |
|
VLAN strings with more than 255 characters are being truncated in the show run output. |
|
The show cdp internal runtime-context int e1/1 output for some interface MTU values display 0, which causes the CDP packet to not send the MTU field. |
|
Enable Layer 2 ECC on Marvell ARM boards. |
|
OSPF sessions can be in INIT state due to authentication mismatch using key-id 0. |
|
MPLS tag traffic is not working when using backup next-hop. |
|
The MAC addresses learned over the overlay are not aging up in on VTEP with vPC. |
|
PSS writes fail when the NAT statistics continuously query. |
|
The MAC address(es) learned from a vPC peer-link and carrying MPLS traffic will become out of sync in HW/SW when a user tries to add a new VLAN on a Cisco Nexus 9000 Series switch. |
|
After a remote device reload, some of the 10G breakout interfaces in a 40G AOC cable go up as expected and some remain down. |
|
High cache utilization on a Cisco Nexus 3164 causes a high memory leak. |
|
Interfaces cannot operate in 25G mode when using Mellanox SFP 25G copper cable (e.g. SFP-H25GB-CU3M) on a N9K-C93180YC-EX. Interface speed falls back to 10G. |
|
ALL vPC VLANs go into an err-disable state. This occurs even if the SVI with the unsupported configuration is in the shutdown state. |
|
MAC addresses are not learnt on a port-channel despite active traffic being received on the port-channel. |
|
Upon a non-disruptive upgrade to 7.0(3)I4(3), netconf does not start or respond and generates the following error: %XMLSA-2-INITFAIL: XML sub agent initialization fails: xml session creation failed. Out of memory. |
|
VPC port-channel mac learning disabled after removing one member link |
|
entSensorStatus is not working for specific physical indexes. |
|
After killing the nginx process, it will not get restarted on Cisco 9500 platform switches. |
|
LLDP packets are not punted to the OpenFlow controller from the OpenFlow instance. |
|
pimNeighborLoss trap sends with reverse IP in trap varbind. |
|
The broadcast DHCP Discover packet from a PXE client was not forwarding out from one of the VTEPs. |
|
Rescan script is using the wrong mi-fpga base address, which causes rescan failure. |
|
SSH is terminated and changes through Netconfig are not applied to the device. |
|
The VLAN range configuration does not always display correctly. |
|
Service vPC crash may be seen after NX-OS upgrade to 7.0(3)I5(1). |
Table 15 lists the Resolved Caveats in Cisco NX-OS Release 7.0(3)I5(1). Click the bug ID to access the Bug Search tool and see additional information about the bug.
Table 14 Open Caveats in Cisco NX-OS Release 7.0(3)I5(1)
Bug ID |
Description |
If EPLD is not latest, terminate non-disruptive ISSU |
|
Hardcoding the Cisco Nexus 9500 platform line card module speed to 100 causes the duplex full port to go down. |
|
N3K-C3048TP-1GE sometimes fails to reboot with 7.0(3) images because of an MD5Sum mismatch. |
|
Cisco Nexus 3000 Series switches take more than 10 secs to populate the S,G entry. |
|
Copp copy to already existing policy does not reprogram the modified classes. |
|
show feature | json generates more elements in each row of the cfcFeatureCtrlTable table and misses the row delimiter: ROW_cfcFeatureCtrlTable. Because of this, the output of show feature is not backward compatible. |
|
Switch running 7.0(3)I5(1) reloads with pktmgr hap reset when vPC-peered with older release |
|
Configuration Won't Apply To FEX Ports After Upgrade. |
Table 15 Known Behaviors in Cisco NX-OS Release 7.0(3)I5(1)
Bug ID |
Description |
On Cisco Nexus 9300-EX switches, when 802.1q EtherType has changed on an interface, the EtherType of all interfaces on the same slice will be changed to the configured value. This change is not persistent after a reload of the switch and will revert to the EtherType value of the last port on the slice. |
To perform a software upgrade or downgrade, follow the instructions in the Cisco Nexus 9000 Series NX-OS Software Upgrade and Downgrade Guide, Release 7.x.
For information about an In Service Software Upgrade (ISSU), see the Cisco NX-OS ISSU Support application.
Note: Upgrading from Cisco NX-OS 7.0(3)I1(2), 7.0(3)I1(3), or 7.0(3)I1(3a) requires installing a patch for Cisco Nexus 9500 platform switches only. For more information on the upgrade patch, see Upgrade Patch Instructions.
This section lists limitations related to Cisco NX-OS Release 7.0(3)I5(1).
■ Ingress queuing policy is supported only at the system level (and not at the interface level) for Cisco Nexus 9508 switches with the X9732C-EX line card and Cisco Nexus 93108TC-EX and 93180YC-EX switches.
■ Q-in-VNI has the following limitations:
¯ Single tag is supported on Cisco Nexus 9300 Series switches. It can be enabled by unconfiguring the overlay-encapsulation vxlan-with-tag command from interface nve:
N9564PX-2(config)# int nve 1
N9564PX-2(config-if-nve)# no overlay-encapsulation vxlan-with-tag
N9564PX-2# sh run int nve 1
!Command: show running-config interface nve1
!Time: Wed Jul 20 23:26:25 2016
version 7.0(3u)I4(2u)
interface nve1
no shutdown
source-interface loopback0
host-reachability protocol bgp
member vni 900001 associate-vrf
member vni 2000980
suppress-arp
mcast-group 225.4.0.1
¯ Single tag is not supported on Cisco Nexus 9500 platform switches; only double tag is supported.
¯ Double tag is not supported on Cisco Nexus 9300-EX Series switches, only single tag is supported.
¯ When upgrading from Cisco Nexus 7.0(3)I3(1) or Release 7.0(3)I4(1) to Release 7.0(3)I5(1) with Cisco Nexus 9300 Series switches without the overlay-encapsulation vxlan-with-tag command under interface nve, you should add overlay-encapsulation vxlan-with-tag under the nve interface in the older release before starting the ISSU upgrade. We were only supporting double tag in Cisco Nexus 7.0(3)I3(1) and Release 7.0(3)I4(1) . We now support single tag also in Release 7.0(3)I5(1).
¯ We do not support traffic between ports configured for Q-in-VNI and ports configured for trunk on Cisco Nexus 9300-EX Series switches.
■ Resilient hashing (port-channel load-balancing resiliency) and VXLAN configurations are not compatible with VTEPs using ALE uplink ports. Please note that resilient hashing is disabled by default.
■ Fast reload is not supported for any Cisco Nexus 3000 or 9000 Series switches starting with Cisco NX-OS Release 7.0(3)I4(1).
■ CoPP (Control Plane Policing) cannot be disabled. If you attempt to disable it in Cisco NX-OS Release 7.0(3)I5(1), an error message appears. In previous releases, attempting to disable CoPP causes packets to be rate limited at 50 packets per seconds.
■ Skip CoPP policy option has been removed from the Cisco NX-OS initial setup utility because using it can impact the control plane of the network.
■ hardware profile front portmode command is not supported on the Cisco Nexus 9000 Series switches.
■ PV (Port VLAN) configuration through an interface range is not supported.
■ Layer 3 routed traffic for missing Layer 2 adjacency information is not flooded back onto VLAN members of ingress units when the source MAC address of routed traffic is a non-VDC (Virtual Device Context) MAC address. This limitation is for hardware flood traffic and can occur when the SVI (Switched Virtual Interface) has a user-configured MAC address.
■ neighbor-down fib-accelerate command is supported in a BGP-only environment.
■ Uplink modules should not be removed from a Cisco Nexus 9300 Series switch that is running Cisco NX-OS Release 7.0(3)I5(1). The ports on uplink modules should be used only for uplinks.
■ PortLoopback and BootupPortLoopback tests are not supported.
■ PFC (Priority Flow Control) and LLFC (Link-Level Flow Control) are supported for all Cisco Nexus 9300 and 9500 platform hardware except for the 100G 9408PC line card and the 100G M4PC generic expansion module (GEM).
■ FEXes configured with 100/full-duplex speed, without explicitly configuring the neighboring device with 100/full-duplex speed, will not pass data packet traffic properly. This occurs with or without the link appearing to be “up.”
¯ no speed–Auto negotiates and advertises all speeds (only full duplex).
¯ speed 100–Does not auto negotiate; pause cannot be advertised. The peer must be set to not auto negotiate (only 100 Mbps full duplex is supported).
¯ speed 1000–Auto negotiates and advertises pause (advertises only for 1000 Mbps full duplex).
■ Eight QoS groups are supported only on modular platforms with the Cisco Nexus 9300 N9K-M4PC-CFP2 uplink module, and the following Cisco Nexus 9500 platform line cards:
¯ N9K-X9432PQ
¯ N9K-X9464PX
¯ N9K-X9464TX
¯ N9K-X9636PQ
■ Flooding for Microsoft Network Load Balancing (NLB) unicast mode is supported only on Cisco Nexus 9500 platform switches. However, if the NLB servers are connected on FEX HIFs, the flooding does not work. NLB is not supported in max-host system routing mode, and NLB multicast mode is not supported.
Note: To work around the situation of Unicast NLB limitation, Cisco can statically hard code the address resolution protocol (ARP) and MAC address pointing to the correct interface. Please refer to bug ID CSCuq03168.
■ TCAM resources are not shared when:
¯ Applying VACL (VLAN ACL) to multiple VLANs
¯ Routed ACL (Access Control List) is applied to multiple SVIs in the egress direction
■ Cisco Nexus 9000 Series switch hardware does not support range checks (layer 4 operators) in egress TCAM. Because of this, ACL/QoS policies with layer 4 operations-based classification need to be expanded to multiple entries in the egress TCAM. Egress TCAM space planning should take this limitation into account.
■ Applying the same QoS policy and ACL on multiple interfaces requires applying the qos-policy with the no-stats option to share the label.
■ Multiple port VLAN mappings configured on an interface during a rollback operation causes the rollback feature to fail.
■ The following switches support QSFP+ with the QSA (QSFP to SFP/SFP+ Adapter) (40G to 10G QSA):
¯ N9K-C93120TX
¯ N9K-C93128TX
¯ N9K-C9332PQ
¯ N9K-C9372PX
¯ N9K-C9372PX-E
¯ N9K-C9372TX
¯ N9K-C9396PX
¯ N9K-C93108TC-EX
¯ N9K-C93180YC-EX
Note: The Cisco Nexus 9300 support for the QSFP+ breakout has the following limitations:
■ Only 10G can be supported using QSA on 40G uplink ports on Cisco Nexus 9300 switches in NX-OS.
■ 1G with QSA is not supported.
■ For the Cisco Nexus 9332PQ switch, all ports except 13-14 and 27-32 can support breakout
■ All ports in the QSA speed group must operate at the same speed (see the configuration guide)
■ The following switches support the breakout cable (40G ports to 4x10G ports):
¯ N9K-C9332PQ
¯ N9K-X9436PQ
¯ N9K-X9536PQ
¯ N9K-C93180YC-EX
¯ N9K-C93108TC-EX
¯ N9K-X9732C-EX line card
■ Weighted ECMP (Equal-Cost Multi-Path) Nexus 3000 feature is not supported on the Cisco Nexus 9000 Series switch.
■ When upgrading from N9K-X94xx, N9K-X95xx, and N9K-X96xx line cards to N9K-X9732C-EX line cards and their fabric modules, upgrade the Cisco NX-OS software before inserting the line cards and fabric modules. Failure to do so can cause a diagnostic failure on the line card and no TCAM space to be allocated. You must use the write_erase command followed by the reload command.
■ Limitations for ALE (Application Link Engine) uplink ports are listed at the following URL:
This section provides guidelines and limitations for configuring private VLANs.
■ Secondary and Primary VLAN Configuration
■ Private VLAN Port Configuration
■ Limitations with Other Features
Private VLANs (PVLANs) have the following configuration guidelines and limitations:
■ PVLANs must be enabled before the device can apply the PVLAN functionality.
■ VLAN interface feature must be enabled before the device can apply this functionality.
■ VLAN network interfaces for all VLANs that you plan to configure as secondary VLANs should be shut down before being configured.
■ When a static MAC is created on a regular VLAN, and then that VLAN is converted to a secondary VLAN, the Cisco NX-OS maintains the MAC that was configured on the secondary VLAN as the static MAC.
■ PVLANs support port modes as follows:
¯ Community host
¯ Isolated host
¯ Isolated host trunk
¯ Promiscuous
¯ Promiscuous trunk
■ When configuring PVLAN promiscuous or PVLAN isolated trunks, it is recommended to allow non-private VLANs in the list specified by the switchport private-vlan trunk allowed id command.
■ PVLANs are mapped or associated depending on the PVLAN trunk mode.
■ PVLANs support the following:
¯ Layer 2 forwarding
¯ PACLs (Port Access Control Lists)
¯ Promiscuous trunk
¯ PVLAN across switches through a regular trunk port
¯ RACLs (Router Access Control Lists)
■ PVLANs support SVIs as follows:
¯ HSRP (Hot Standby Router Protocol) on the primary SVI
¯ Primary and secondary IPs on the SVI
¯ SVI allowed only on primary VLANs
■ PVLANs support STP as follows:
¯ MST (Multiple Spanning Tree)
¯ RSTP (Rapid Spanning Tree Protocol)
■ PVLANs port mode is not supported on the following:
¯ 40G interfaces of the Cisco Nexus C9396PX or Cisco Nexus C93128TX
¯ Cisco Nexus 3164Q
■ PVLANs are supported on breakout ports for the Cisco Nexus 9200 and 9300-EX Series switches
■ PVLANs do not provide support for the following:
¯ DHCP (Dynamic Host Channel Protocol) snooping
¯ IP multicast or IGMP snooping
¯ PVLAN QoS
¯ SPAN (Switch Port Analyzer) when the source is a PVLAN VLAN
¯ Tunnels
¯ VACLs
¯ VTP (VLAN Trunk Protocol)
¯ VXLANs
■ Shared interfaces cannot be configured to be part of a PVLAN. For more details, see the Cisco Nexus 9000 Series NX-OS Interfaces Configuration Guide.
■ Configuring multiple isolated VLAN configurations per PVLAN group is allowed by the Cisco NX-OS CLI. However, such a configuration is not supported. A PVLAN group can have at most one isolated VLAN.
Follow these guidelines when configuring secondary or primary VLANs in PVLANs:
■ Default VLANs (VLAN1), or any of the internally allocated VLANs, cannot be configured as primary or secondary VLANs.
■ VLAN configuration (config-vlan) mode must be used to configure PVLANs.
■ Primary VLANs can have multiple isolated and community VLANs associated with it. An isolated or community VLAN can be associated with only one primary VLAN.
■ PVLANs provide host isolation at Layer 2. However, hosts can communicate with each other at Layer 3.
■ PVLAN groups can have one isolated VLAN at most. Multiple isolated VLAN configurations per primary VLAN configurations are not supported.
■ When a secondary VLAN is associated with the primary VLAN, the STP parameters of the primary VLAN, such as bridge priorities, are propagated to the secondary VLAN. However, STP parameters do not necessarily propagate to other devices. You should manually check the STP configuration to ensure that the spanning tree topologies for the primary, isolated, and community VLANs match exactly so that the VLANs can properly share the same forwarding database.
■ For normal trunk ports, note the following:
¯ Separate instances of STP exist for each VLAN in the PVLAN.
¯ STP parameters for the primary and all secondary VLANs must match.
¯ Primary and all associated secondary VLANs should be in the same MST instance.
■ For non-trunking ports, STP is aware only of the primary VLAN for any PVLAN host port; STP runs only on the primary VLAN for all PVLAN ports.
Note: We recommend that you enable BPDU Guard on all ports that you configure as a host port; do not enable this feature on promiscuous ports.
■ PVLAN promiscuous trunk ports allow you to configure a maximum of 16 PVLAN primary and secondary VLAN pairs on each promiscuous trunk port.
■ For PVLAN isolated trunk ports, note the following:
¯ You can configure a maximum of 16 PVLAN primary and secondary VLAN pairs on each isolated trunk port.
¯ The native VLAN must be either a normal VLAN or a PVLAN secondary VLAN. You cannot configure a PVLAN primary port as the native VLAN for a PVLAN isolated trunk port.
■ Downgrading a system that has PVLAN ports configured requires unconfiguring the ports.
■ Before configuring a VLAN as a secondary VLAN, you must shut down the VLAN network interface for the secondary VLAN.
Follow these guidelines when configuring PVLAN ports:
■ Deleting a VLAN used in the PVLAN configuration causes PVLAN ports (promiscuous ports or host ports, not trunk ports) that are associated with the VLAN to become inactive.
■ Layer 2 access ports that are assigned to the VLANs that you configure as primary, isolated, or community VLANs are inactive while the VLAN is part of the PVLAN configuration. Layer 2 trunk interfaces, which may carry PVLANs, are active and remain part of the STP database.
■ Use only the PVLAN configuration commands to assign ports to primary, isolated, or community VLANs.
Consider these configuration limitations with other features when configuring PVLANs:
Note: In some cases, the configuration is accepted with no error messages, but the commands have no effect.
■ After configuring the association between the primary and secondary VLANs and deleting the association, all static MAC addresses that were created on the primary VLANs remain on the primary VLAN only.
■ After configuring the association between the primary and secondary VLANs:
¯ Static MAC addresses for the secondary VLANs cannot be created.
¯ Dynamic MAC addresses that learned the secondary VLANs are aged out.
■ Destination SPAN ports cannot be isolated ports. However, a source SPAN port can be an isolated port.
■ Ensure consistent PVLAN type, states, and configuration across vPC peers. There is currently no PVLAN consistency check for vPC. Inconsistent PVLAN configs across vPV peers may end up in incorrect forwarding and impacts.
■ In PVLANs, STP controls only the primary VLAN.
■ PVLAN host or promiscuous ports cannot be SPAN destination ports.
■ PVLAN ports can be configured as SPAN source ports.
■ vPC pairing between T2 and TH platforms is not recommended.
Note: See the Cisco Nexus 9000 Series NX-OS Security Configuration Guide for information on configuring static MAC addresses.
This section lists features that are not supported in the current release.
■ Cisco Nexus 3232C and 3264Q Switches
■ Cisco Nexus 9200 and 9300-EX Series Switches
■ Cisco Nexus 9408 Line Card and 9300 Series Switches
■ Cisco Nexus 9732C-EX Line Card
■ DHCP
■ FEX
■ VXLAN
The following features are not supported for the Cisco Nexus 3232C and 3264Q switches:
■ 3264Q and 3232C platforms do not support the PXE boot of the NXOS image from the loader.
■ Automatic negotiation support for 25G and 50G ports on the Cisco Nexus 3232C switch
■ Cisco Nexus 2000 Series Fabric Extenders (FEX)
■ Cisco NX-OS to ACI conversion (The Cisco Nexus 3232C and 3264Q switches operate only in Cisco NX-OS mode.)
■ DCBXP
■ Designated router delay
■ DHCP subnet broadcast is not supported
■ Due to a Poodle vulnerability, SSLv3 is no longer supported
■ FCoE NPV
■ Intelligent Traffic Director (ITD)
■ ISSU (regular and enhanced)
■ MLD
■ PIM6
■ Policy-based routing (PBR)
■ Port loopback tests
■ Resilient hashing
■ SPAN on CPU as destination
■ Virtual port channel (vPC) peering between Cisco Nexus 3232C or 3264Q switches and Cisco Nexus 9300 Series switches or between Cisco Nexus 3232C or 3264Q switches and Cisco Nexus 3100 Series switches
■ VXLAN
■ VXLAN IGMP snooping
The following features are not supported for the Cisco Nexus 9200 Series switches and the Cisco Nexus 93108TC-EX and 93180YC-EX switches:
■ 64-bit ALPM routing mode
■ 9272PQ and 92160YC platforms do not support the PXE boot of the NXOS image from the loader.
■ ACL filters to span subinterface traffic on the parent interface
■ Cisco Nexus 2000 Series Fabric Extenders
■ Egress port ACLs
■ Egress QoS policer or marking
■ FEX (supported for Cisco 93180YC-EX switches but not for Cisco Nexus 93108TC-EX and Cisco Nexus 9200 Series switches)
■ GRE v4 payload over v6 tunnels
■ Host to LPM spillover
■ IP length-based matches
■ IP-in-IP on 92160
■ ISSU
■ Layer 2 Q-in-Q is supported only on Cisco Nexus 9300-EX Series switches (93108TC-EX and 93180YC-EX) and Cisco Nexus 9500 platform switches with the X9732C-EX line card.
■ MTU (Multi Transmission Unit) checks for packets received with an MPLS header
■ Packet-based statistics for traffic storm control (only byte-based statistics are supported)
■ PV routing for VXLAN
■ PVLANs (supported on Cisco Nexus 9300 and 9300-EX Series switches but not on Cisco Nexus 9200 Series switches)
■ Q-in-VNI is not supported on Cisco Nexus 9200 Series switches. Beginning with Cisco NX-OS Release 7.0(3)I5(1), Q-in-VNI is supported on Cisco Nexus 9300-EX Series switches.
■ Q-in-Q for VXLAN is not supported on Cisco Nexus 9200 and 9300-EX Series switches
■ Q-in-VNI is not supported on Cisco Nexus 9200 Series switches (supported on Cisco Nexus 9300-EX Series switches)
■ Resilient hashing for ECMP
■ Resilient hashing for port-channel
■ Rx SPAN for multicast if the SPAN source and destination are on the same slice and no forwarding interface is on the slice
■ SVI uplinks with Q-in-VNI are not supported with Cisco Nexus 9300-EX Series switches
■ Traffic storm control for copy-to-CPU packets
■ Traffic storm control with unknown multicast traffic
■ Tx SPAN for multicast, unknown multicast, and broadcast traffic
■ VACL redirects for TAP aggregation
The following features are not supported for the Cisco Nexus N9K-X9408PC-CFP2 line card and Cisco Nexus 9300 Series switches with generic expansion modules (N9K-M4PC-CFP2):
■ 802.3x
■ Breakout ports
■ FEX (this applies to the 9408 and –EX switches, not all 9300 switches)
■ MCT (Multichassis EtherChannel Trunk)
■ Only support 40G flows
■ Port-channel (No LACP)
■ PFC/LLFC
■ PTP (Precision Time Protocol)
■ PVLAN (supported on Cisco Nexus 9300 Series switches)
■ Shaping support on 100g port is limited
■ SPAN destination/ERSPAN destination IP
■ Storm Control
■ vPC
■ VXLAN access port.
The following features are not supported for Cisco Nexus 9508 switches with an N9K-X9732C-EX line card:
■ FCoE
■ FEX
■ IPv6 support for policy-based routing
■ LPM dual-host mode
■ SPAN port-channel destinations
■ TAP aggregation
■ VXLAN IGMP snooping
DHCP subnet broadcast is not supported.
■ ASCII replay with FEX needs be done twice for HIF configurations to be applied. The second time should be done after the FEXs have come up.
■ Cisco Nexus 9300 Series switches do not support FEX on uplink modules (ALE).
■ FEX is supported only on the Cisco Nexus 9332PQ, 9372PX, 9372PX-E, 9396PX, 93180YC-EX, and 9500 platform switches (FEX is not supported on the N9K-X9732C-EX line card, 93108TC-EX switches, and Cisco Nexus 9200 platforms).
■ FEX vPC is not supported between any model of FEX and the Nexus 9300 (TOR) and 9500 Switches (EOR) as the parent switches.
■ IPSG (IP Source Guard) is not supported on FEX ports.
■ VTEP connected to FEX host interface ports is not supported.
The following lists other features not supported in the current release:
■ Cisco Nexus 9300 Series switches do not support the 64-bit ALPM routing mode.
■ Due to a Poodle vulnerability, SSLv3 is no longer supported.
■ IPSG is not supported on the following:
¯ The last six 40G physical ports on the 9372PX, 9372TX, and 9332PQ switches
¯ All 40G physical ports on the 9396PX, 9396TX, and 93128TX switches
This section lists VXLAN features that are not supported.
■ ACL and QoS for VXLAN traffic in the network-to-access direction are not supported.
■ Consistency checkers are not supported for VXLAN tables.
■ DHCP snooping and DAI features are not supported on VXLAN VLANs.
■ Native VLANs for VXLAN are not supported. All traffic on VXLAN Layer 2 trunks needs to be tagged.
■ QoS buffer-boost is not applicable for VXLAN traffic.
■ QoS classification is not supported for VXLAN traffic in the network-to-access direction.
■ Static MAC pointing to remote VTEP (VXLAN Tunnel End Point) is not supported with BGP EVPN (Ethernet VPN).
■ TX SPAN (Switched Port Analyzer) for VXLAN traffic is not supported for the access-to-network direction.
■ VXLAN routing and VXLAN Bud Nodes features on the 3164Q platform are not supported.
The following ACL related features are not supported:
■ Egress RACL that is applied on an uplink Layer 3 interface that matches on the inner or outer payload in the access-to-network direction (encapsulated path).
■ Egress VACL for decapsulated VXLAN traffic.
Note: We recommend that you use a PACL or VACL on the access side to filter out traffic entering the overlay network.
■ Ingress RACL that is applied on an uplink Layer 3 interface that matches on the inner or outer payload in the network-to-access direction (decapsulated path).
The entire Cisco Nexus 9000 Series NX-OS documentation set is available at the following URL:
The Cisco Nexus 3164Q Switch - Read Me First is available at the following URL:
The Cisco Nexus 31128PQ Switch - Read Me First is available at the following URL:
The Cisco Nexus 3232C/3264Q Switch - Read Me First is available at the following URL:
http://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus3232and3264/sw/7x/readme/b_Cisco_Nexus_3232C_and_3264Q_Switch_Read_Me_First.html
The Cisco Nexus 3000 and 9000 Series NX-API REST SDK User Guide and API Reference is available at the following URL:
https://developer.cisco.com/site/nx-os/docs/n3k-n9k-api-ref/
There is no new documentation for Release 7.0(3)I4(3).
To provide technical feedback on this document, or to report an error or omission, please send your comments to nexus9k-docfeedback@cisco.com. We appreciate your feedback.
For information on obtaining documentation and gathering additional information, see the monthly What’s New in Cisco Product Documentation, which also lists all new and revised Cisco technical documentation, at:
http://www.cisco.com/en/US/docs/general/whatsnew/whatsnew.html
Open a service request online at:
https://tools.cisco.com/ServiceRequestTool/create/launch.do
Subscribe to the What’s New in Cisco Product Documentation as a Really Simple Syndication (RSS) feed and set content to be delivered directly to your desktop using a reader application. The RSS feeds are a free service and Cisco currently supports RSS version 2.0.
This product includes cryptographic software written by Eric Young (eay@cryptsoft.com). This product includes software developed by the OpenSSL Project for use in the OpenSSL Toolkit. (http://www.openssl.org/). This product includes software written by Tim Hudson (tjh@cryptsoft.com).
Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this URL: www.cisco.com/go/trademarks. Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1110R)
Cisco Nexus 9000 Series NX-OS Release Notes, Release 7.0(3)I5(1)
© 2016-2020 Cisco Systems, Inc. All rights reserved.