Cisco Nexus 9000 Series NX-OS Release Notes, Release 7.0(3)I7(9)
This document describes the features, caveats, and limitations of Cisco NX-OS Release 7.0(3)I7(9) software for use on the following switches:
■ Cisco Nexus 9000 Series
■ Cisco Nexus 31128PQ
■ Cisco Nexus 3164Q
■ Cisco Nexus 3232C
■ Cisco Nexus 3264Q
For more information, see Related Content.
Date |
Description |
October 14, 2020 |
Added CSCvo49595 to Resolved Issues. |
September 29, 2020 |
Upgrade and Downgrade section revised. |
September 17, 2020 |
Added CSCvv31955 to Resolved Issues. |
August 31, 2020 |
Cisco NX-OS Release 7.0(3)I7(9) became available. |
DSCP Wildcard Mask |
Support added for creating an ACL that matches or filters traffic based on a DSCP bit mask on Cisco Nexus 9504 switches with 9464PX and 9464TX line cards. For more information, see the Cisco Nexus 9000 Series NX-OS Quality of Service Configuration Guide, Release 7.x. |
There are no new hardware features in this release.
Headline: Need to add config check for LLDP port-channel feature on vPC, FEX Pos Symptoms: When an LLDP port channel is enabled on a port channel which is configured later for vPC or FEX , the LLDP multiple neighbor feature might not work as expected. Workarounds: Disable the LLDP feature and re-enable the LLDP feature. Add back any non-default LLDP configuration that might have been present earlier on the switch. |
|
Headline: First Generation N9K: PVLAN l2 traffic drop observed after remove and reconfiguring PVLAN Symptoms: Traffic and other control traffic get dropped in this port. CC will fail for this port. Workarounds: Interface flap will recover the port from issue state. |
|
Headline: Post ND-ISSU 7.0(3)I7(6) >> 7.0(3)I7(9),Unconfig & Reconfig FHS policies at Vlans, did not get apply Symptoms: On Cisco NX-OS 7.0(3)I7(9), after reload 7.0(3)I7.x or performing a D-ISSU or ND-ISSU, the SISF policy can not be attached. Workarounds: 1. After reload or ISSU, the original policy A is still attached on VLAN x. After the above is performed, the policy is successfully attached. |
Bug ID |
Description |
Headline: Need to be able to configure MTU for interfaces under switch-profile |
|
Headline: MAC address is getting removed for PIP learned nve peer after uncofig/config of PIP |
|
Headline: Reload timer command fails if user session closes |
|
Headline: Config change of deleting cast-group and enabling IR under member VNI, fails Symptoms: On NVE1, config change of deleting mcast-group and enabling IR under member VNI, fails. Workarounds: Wait for a while after deleting mcast-group, and then enable IR under member VNI. |
|
Headline: N9K-C9336C-FX2 front port ingress direction silent drop packet |
|
Headline: Multi-Site BGW silently drops DCI BUM traffic if Rx line card has no active OIF fabric-link This will result in failure of both the data plane and control plane traffic such as ARP and HSRP in one or more VLANs between sites. 1. Remove and re-add VLAN. Note that these workarounds do not prevent the issue from occurring again if any of the triggers are invoked. Issue resolved in Cisco NX-OS 9.3.2 and later. |
|
Headline: Port-channel ECN marked packets statistics is incorrect on show policy-map int detail Symptoms: Port-channel ECN marked packets statistics is incorrect on show policy-map int detail Workarounds: Use the "show queuing" or "show queuing tabular" commands to check the counter. |
|
Headline: Security: service NTP SIGABRT due to heartbeat failure |
|
Headline: Multicast traffic forwarded with TTL 0 |
|
Headline: Spine-BGW - BUM traffic dropped with VNI's sharing same mcast group between local and stretched VNIs |
|
Headline: QinQ in VNI local flooding doesn't work |
|
Headline: SSO is causing heavy permanent traffic drop && lot of v4, v6 adjacencies are tentative Symptoms: Traffic drop due to adjacencies are not learned after multiple SSOs Workarounds: Clearing MAC will resolve the issue |
|
Headline: Unicast traffic received on suspended port can be sent back to an active port on the port-channel |
|
Headline: n9k - VXLAN - L3 traffic incorreclty policed when CIR is reached Symptoms: VXLAN - L3 traffic is incorrectly policed when CIR is reached Workarounds: None |
|
Headline: Port in I state flap leading to leak in polcfgtable `show hardware internal tah sdk event-history error` 2020 Apr 25 11:00:12.273289: E_STRING (SDK_ERR) tah_alloc_vif_profile(310): (310): No more vif profiles available 65535, bit_count 1024 2020 Apr 25 11:00:12.269845: E_STRING (SDK_ERR) tah_alloc_vif_profile(310): (310): No more vif profiles available 65535, bit_count 1024 |
|
Headline: interface port-channel all command fails when subinterfaces are present |
|
Headline: While doing ND ISSU from 7.0(3)I7(7) to I7(8) on vPC primary seeing momentary traffic loss Symptoms: While doing ND ISSU from I7(7) to I7(8) on Cisco Nexus 9500 platform swtiches (vPC Primary) seeing momentary unicast traffic loss. Workarounds:N/A |
|
Headline: VXLAN Multi-Site | MAC addresses point to wrong NVE peer |
|
Headline: TTL=1 traffic over vPC peer-link with l3 peer-router enabled punted to software. 2) Elam has Sup hit flag set and DI as Sup index. L4 Protocol : 89 3) CoPP has huge count under ttl exception class. class-map copp-system-p-class-exception-diag (match-any) |
|
Headline: 3 msec packet loss on port-channel member down for flows hashing to non-impacted member port |
|
Headline: Reload ASCII causes source IP as 0x0 Symptoms: Analytics FT records will be dropped as the source address of packet will be 0x0. Workarounds: Unconfigure and reconfigure the FT analytics configuration |
|
Headline: ACL with HTTP tcp-option-length redirect statement is not matching traffic correctly. |
|
Headline: PCIE error seen on Cisco Nexus N9K-C9364C in syslog |
|
Headline: DHCP packets received on trusted port punted to CPU + DST MAC set to broadcast in case of bcast bit |
|
Headline: ARP not generated on egress VTEP for gleaned VXLAN traffic Adding static ARP resolves the issue or if we ping directly from the device SVI, ARP gets populated. |
|
Headline: DCNM configured VXLAN SVI's unable to be shutdown. "ERROR: Profile conflicts with manual config" |
|
Headline: Cisco Nexus 9000 config session errors out over 24 characters N9K-EXT# configure session B234567890123456789012345 << 25 charactersConfig Session started, Session ID is 1Enter configuration commands, one per line. End with CNTL/Z.N9K-EXT(config-s)# ip access-list TAC_TESTN9K-EXT(config-s-acl)# deny ip any anyN9K-EXT(config-s-acl)# commitVerification successful...Proceeding to apply configuration. This might take a while depending on amount of configuration in buffer.Please avoid other configuration changes during this time.Error: opening file: /tmp/ssnmgr_dme_cmds_B234567890123456789012345.txtCommit Successful 2 – After the commit takes place you will still see that it's in ACLMGR and there running configuration, but you cannot apply it and it also is not in DME. N9K-EXT# show running-config aclmgr | sec TAC N9K-EXT(config)# int vlan 200 |
|
Headline: VLAN create fails if VLAN name already exists - CLI hangs and MTS is stuck The following configuration already exists in the running-config. VLAN 345 with name VLAN0045: Running the following command will cause failure: # show system internal mts buffers summary # show system internal mts sup sap 167 description |
|
Headline: IPv6 BGP neighborship fails to come up (Idle state) on N9K-C93180YC-FX %BGP-3-SOCKBIND: bgp- [1592] Cannot bind local socket for peer 2000:x:x:x Cannot assign requested address |
|
Headline: TRM/VXLAN-EVPN setup, BL does not create PIM join towards external RP |
|
Headline: Tahusd crash due to speed negotiated at 100MB in GLC-T N9K-C9364C - ports 65 and 66 |
|
Headline: Sup-redt traffic flow drop with TTAG header on top of VXLAN header. Server =>(encap)TOR2 ==>Spine ==> TOR1(decap)?CPU Server sending ICMP packets to TOR1 loopback address. Packets come to TOR1 with TTAG, getting dropped by TOR1 netstack and is not visible in ethanlyzer. |
|
Headline: Enhancement bug to support TTAG header on top of VXLAN header in ethanalyzer. 2020-04-01 18:07:24.371191 1.1.1.2 -> 1.1.2.3 ICMP Echo (ping) request |
|
Headline: no shutdown for HIF not working after downgrade/upgrade software |
|
Headline: BGP crashed when configured default-information originates under template N9K# show system reset-reason |
|
Headline: EoR Active and Standby sup swapped |
|
Headline: Cisco Nexus 9000 transit GRE traffic on a VTEP is not VXLAN encapsulated |
|
Headline: non-sysmgr(non-sysmgr) crashed when do "show tacacs-server" via xml client |
|
Headline: LIBOSC-2-OSC_ERR: DATACORRUPTION-DATAINCONSISTENCY: v3.0.1 Copy error Traceback with LLDP |
|
Headline: Peer-link STP inconsistency due to corrupt BPDU. |
|
Headline: sysmgr failed and stuck while writing to /mnt/pss |
|
Headline: N9K | "show tech details" missing most of the IPv6 event-histories show ipv6 internal event-history errors |
|
Headline: Global | Nexus 9k 7.0(3)I7(5a) Layer 2 Multicast traffic delivery issues |
|
Headline: Port-channel load balancing issue when PBR load-share in use When PBR sets several next-hops with "load-share" keyword, and in case the traffic has to be sent out (load-shared) over several port-channel interfaces further, an issue might be observed with load-balancing of the traffic over the physical member interfaces on these port-channel interfaces. |
|
Headline: VXLAN Spine MAC Address Learning Ignored - IGN_LRN_RVTEP_MISS |
|
Headline: MAC ACL + MAC packet classification could not let IPv6 NS/NA pass through Example configuration: interface Ethernet2/1 Workarounds: mac access-list test |
|
Headline: PTP unicast packets sent out with wrong destination MAC on primary ports after reloading |
|
Headline: SNMP traps can't be disabled N9K# show run all | i i entity_mib_change Workarounds: |
|
Headline: Python script not able to log out console user The following logs are seen : %VSHD-2-VSHD_SYSLOG_EOL_ERR: EOL function security_clear_vty from library libsecuritycli.so exited due to Signal 11 <pre> cli('clear line ttyS0') User Access Verification |
|
Headline: RX power shows -26.98 dBm when remote device TX shows -5.11 dBm N9K1 Switch# show int e1/1 transceiver details SFP Detail Diagnostics Information (internal calibration) Note: ++ high-alarm; + high-warning; -- low-alarm; - low-warning N9K2 switch# show int e1/1 transceiver details Note: ++ high-alarm; + high-warning; -- low-alarm; - low-warning |
|
Headline: 9736C-FX imposing two FCS headers on RX frames after link flap |
|
Headline: Cisco Nexus 9372 tahusd crash due to transceiver speed mismatch N9K# sh int trans |
|
Headline: N9k: PFC mode config wiped out from port-channel interface with no member ports after reload If you re-add the "priority-flow-control mode off" command to the port-channel, the CLI accepts the config but doesn't get applied without any error. The members can't be re-added back into the port-channel due to config incompatibility. |
|
Headline: [ ] is removed from show run when configuring interface description for mgmt 0 |
|
Headline: nginx process memory leak will cause Cisco Nexus C3548P-10GX kernel panic nexus# show system reset-reason kernel stack trace indicates the panic was caused by out of memory. nexus# show logging onboard stack-trace <0>[1425843.864458] nxos_panic: Kernel panic - not syncing: Out of memory: system-wide panic_on_oom is enabled the process memory table shows that nginx_1 is rapidly growing in Used/Holding memory. Might emerge at the top of the sorted table at some point. nexus# show processes memory | sort -n -k 4 -r 985 515567616 0 726188032 ffb090b0/ffb0504c nginx_1 <<<<<<<<< bubbling up the table 1. disable and then enable nxapi feature to restore the memory. 2. simply changing the http port to a different port# than the current one and then revert it back for example, |
|
Headline: N9K/FEX: Sup bound traffic coming from FEX HIF dropped in LCND |
|
Headline: Longevity: kernel panic on EOR fabric module after DUT running 9.3(4) CCO for ~5days5hours |
|
Headline: Cisco Nexus 9000 Cloud Scale switches drop 25G broadcast traffic as output discard with queue-limit As this issue affects all multi-destination traffic, this issue can manifest itself with multiple different symptoms. Some common ones include: +++ 25G-connected hosts are not able to obtain IP addresses via DHCP |
|
Headline: Storm control commands broadcast/multicast added to interface configs after non-disruptive ISSU For instance, non-disruptive ISSU was performed as below versions and all L2/L3 interfaces were added with the following commands. I7.0(3)I4(1) > 7.0(3)I7(7)> 7.0(3)I7(8) interface Ethernet1/17 configure terminal Or Write erase and reapply the original configurations. |
|
Headline: SNMP slow response seen after reload With the below configuration: snmp-acl should permit check once for every OID. However, after reload, we see the permit checks are performed twice. Before reload: (from "debug snmp all") After reload: 2020-05-04 16:56:25.227101 us: [101] check_acl_permit : Call npacl_apply_filter for acl:snmp-acl:4194308 no snmp-server community <community> use-ipv4acl snmp-acl |
|
Headline: tahusd crash due to link flapping |
|
Headline: Not able to create (s,g) entry for non-directly connected source. |
|
Headline: Cisco FXOS and NX-OS Software CDP Error Checking Improvements for TLV types Cisco has evaluated the impact of the out-of-bound read and concluded that no exploitation was possible. |
|
Headline: Unexpected reload of sysmgr process |
|
Headline: VLAN tag is kept on encap VTEP |
|
Headline: bcm-crash after configuring/adding VLAN |
|
Headline: Non-Cisco (3rd Party) QSFP ports failed to come up after upgrade/reload |
|
Headline: JSON request for "show l2route mac all" or "show l2route evpn mac all" respond w/ empty flag field. |
|
Headline: sysmgr failed on active sup when standby sup reloaded |
|
Headline: Add event history error log with invalid character by show lldp entry |
|
Headline: CPU-PG stuck after port flapping 2020 Jun 5 04:12:04 NEW_DMC_DTV_TR9508_2 %TAHUSD-SLOT1-4-BUFFER_THRESHOLD_EXCEEDED: Module 1 Instance 0 Pool-group buffer 90 percent threshold is exceeded! slot 1 ============ Total Instant Usage (desc) 10948 0 1361 0 0 0 | |
|
Headline: BFD incorrectly maintaining session in directly connected neighbor async mode |
|
Headline: DHCP Snoop Memory Leak When Receiving High Amounts Of CFS Traffic ========================================== 2020 Mar 31 04:15:33.393 [hostname] %SISF-3-INTERNAL: Internal error, Cannot allocate packet + The crash may eventually result in a core of the process ========================================== VDC Module Instance Process-name PID Date(Year-Month-Day Time) 1. Supervisor switchover |
|
Headline: Unable to disable auto-negotiation on 100-Mb RJ45 ports |
|
Headline: OSPF LSAs are not refreshed after failed ISSU For example, consider a Nexus 9000 device named "N9K-1" that failed an update via ISSU. N9K-1# show logging logfile | include ignore-case issu Some time (typically less than an hour) later, connectivity to prefixes advertised by N9K-1 via OSPF may be disrupted, as OSPF neighbors flush the LSAs advertised by N9K-1 from their local Link State Database. An example of this is shown below, where N9K-1 has an OSPF Router ID of 192.0.2.10 and N9K-Spine has an OSPF Router ID of 192.0.2.20. N9K-1# show ip ospf | include ID N9K-Spine# show ip ospf | include ID N9K-1# show ip ospf database Router Link States (Area 0.0.0.0) Link ID ADV Router Age Seq# Checksum Link Count N9K-Spine# show ip ospf database Router Link States (Area 0.0.0.0) Link ID ADV Router Age Seq# Checksum Link Count N9K-1# show ip ospf neighbors N9K-Spine# show ip ospf neighbors |
|
Headline: Modify IPv6 LPM 4096 cause Cisco Nexus 9508 IPv6 forwarding issue hardware profile multicast max-limit lpm-entries 0 N9K# show system routing mode |
|
Headline: Supervisor switchover causes removal in HW of the outgoing interface of ECMP path This can be verified via the 'show forwarding route <ip_prefix/mask> detail' as follows: slot 1 |
|
Headline: SPAN shows error (Failed to insert SPAN acl entry. Make sure SPAN TCAM is carved.) A precautionary measure to not run into this issue is: Never issue sh/noshut of monitor session until we see the line card is UP notfication in the console log, so that we dont run into this issue. |
|
Headline: N9K - Mgmt0 RJ45 copper port goes down, once SFP is inserted on SFP port |
|
Headline: Ports don't come up after Cisco NX-OS upgrade from any release to Cisco NX-OS I7.8, 9.3.3, and 9.3.4 %USER-2-SYSTEM_MSG: BCMXXXXX UCODE Download Failure at PHY ID 0 - tahusd |
|
Headline: SDB PSS For EVPN Multi-Site Site ID Has Duplicate Entries Or 2.) Remove NVE feature and reconfigure |
|
Headline: BGP mass prefix withdrawal causing high CPU spikes for event_manager and policyelem PID Runtime(ms) Invoked uSecs 1Sec Process PID Runtime(ms) Invoked uSecs 1Sec Process PID Runtime(ms) Invoked uSecs 1Sec Process |
|
Headline: BGP mass prefix withdrawal causing high CPU spikes for event_manager and policyelem PID Runtime(ms) Invoked uSecs 1Sec Process PID Runtime(ms) Invoked uSecs 1Sec Process PID Runtime(ms) Invoked uSecs 1Sec Process |
|
Headline: N9K-C9372PX - Ports Fail to Come Up after upgrade from 7.0(3)I4(7) to 7.0(3)I7(7) |
|
Headline: Cisco Nexus 9000 interface e1/49 using QSFP-40G-SR-BD won't came up after removing/reseating SFP If removing qsfp of e1/49 and putting it back, e1/49 shows 'Link not connected'. Appears not hot-swappable. Single link e1/49 also with same issue. If it's an individual link, shut/no shut the interface as workaround. |
|
Headline: Memory leak in "ascii-cfg" process due to command "write-memory" in archive config |
|
Headline: N9K: DHCP Relay ACLs not programmed into TCAM after FEX fabric port-channel member comes up This issue can be reactively worked around by reloading the Cisco Nexus 9500 platform switch without modifying the administrative state of FEX fabric port-channel members. |
|
Headline: nginx process memory leak on doing NXAPI polling on TACACS user using https on 3548P-10GX. (config)#no feature nxapi 2. Reload the box. |
|
Headline: Cisco Nexus 9000 reloads due to "NVE" process atomic250-lsw03-1 %$ VDC-1 %$ %VPC-2-PEER_KEEP_ALIVE_RECV_FAIL: In domain 1, VPC peer keep-alive receive has failed |
|
Headline: Nexus HSRP stuck in "Initial" state after reload with static HSRP MAC configure <pre> !Command: show running-config interface Vlan2250-2251 version 7.0(3)I7(6) Bios:version 5.3.1 interface Vlan2250 interface Vlan2251 - Reload both switches (Broken VLAN 2251 doesn't come up, Working VLAN 2250 does come up): <pre> N3K-C3172PQ-2# show hsrp brief Workarounds: -Shutdown/no shutdown SVI VLAN 2251 (or impacted HSRP VLAN) will move the HSRP state out of "Initial" and continue to next state eventually transitioning to Standby or Active as expected.-Temporary fix would be to use any MAC not in this range 0000.0C9F.xxxx. However, HSRP MAC range is 0000.0C9F.Fxxx which we anyway cannot configure statically for a group. |
|
Headline: 1G SFP Port goes down slowly when cable is disconnected |
|
Headline: Multicast IP PIM register not sent and data packet got punt to CPU. Apply Static OIL makes it work. Even after static OIL removal, the working state still remains. The issue will trigger once again, after the sender stops sending packets for a while and the S,G timed out. |
Bug ID |
Description |
On Cisco Nexus 9300-EX, 9348GC-FXP, 93108TC-FX, 93180YC-FX, 9336C-FX2, and 93240YC-FX2 switches, when 802.1q EtherType has changed on an interface, the EtherType of all interfaces on the same slice will be changed to the configured value. This change is not persistent after a reload of the switch and will revert to the EtherType value of the last port on the slice. |
</nf:source> <============nf: is extra
<namespace> : extra characters are seen with XML and JSON from NX-API.
Table 1 Cisco Nexus 9000 Series Fabric Modules
Table 2 Cisco Nexus 9000 Series Fans and Fan Trays
Table 3 Cisco Nexus 9500 Platform Switches Line Cards
Table 4 Cisco Nexus 9000 Series Power Supplies
Table 5 Cisco Nexus 9500 Platform Switches Supervisor Modules
Table 6 Cisco Nexus 9000 Series Switches
Table 7 Cisco Nexus 9000 Series Uplink Modules
Table 8 Cisco Nexus 9500 Platform Switches System Controller
Table 9 Cisco Nexus 3232C and 3264Q Switch Hardware
Table 10 Cisco Nexus 3164Q Switch Hardware
Table 11 Cisco Nexus 31128PQ Switch Hardware
Table 1 Cisco Nexus 9000 Series Fabric Modules
N9K-C9516-FM-E2 |
16-slot fabric module for -E line cards. |
4 – N9K-X97160YC-EX |
Table 2 Cisco Nexus 9000 Series Fans and Fan Trays
1 For specific fan speeds, see the Overview section of the Hardware Installation Guide.
Table 3 Cisco Nexus 9500 Platform Switches Line Cards
Line card with 48 1/10-Gigabit SFP+ ports and 4 40-Gigabit QSFP+ uplink ports |
|||||
Line card with 48 10GBASE-T (copper) ports and 4 40-Gigabit QSFP+ ports |
|||||
Line card with 48 10GBASE-T (copper) ports and 4 40-Gigabit QSFP+ ports |
|||||
Line card with 48 1-/10-Gigabit SFP+ ports and 4 40-Gigabit QSFP+ ports |
|||||
Line card with 48 1-/10GBASE-T (copper) ports and 4 40-Gigabit QSFP+ ports |
|||||
N9K-X9732C-FX |
Line card with 32 100 Gigabit Ethernet. Each QSFP28 supports 1x100-, 2x50-, 1x40-, 4x25-, 4x10-, and 1x1/10-Gigabit Ethernet. . |
4 |
8 |
16 |
N9K-C9504-FM-E |
N9K-X9736Q-FX |
Line card with 36 1-/10-/40-Gigabit QSFP28 ports |
4 |
8 |
16 |
N9K-C9504-FM-E N9K-C9508-FM-E N9K-C9516-FM-E |
N9K-X9788TC-FX |
Line card with 48 1-/10-G BASE-T (copper) and 4 100-Gigabit QSFP28 ports |
4 |
8 |
16 |
N9K-C9504-FM-E N9K-C9516-FM-E |
N9K-X97160YC-EX |
Line card with 48 10-/25-Gigabit SFP28 ports and 4 40-/100-Gigabit QSFP28 ports |
4 |
8 |
16 |
N9K-C9504-FM-E |
Table 4 Cisco Nexus 9000 Series Power Supplies
Table 5 Cisco Nexus 9500 Platform Switches Supervisor Modules
Table 6 Cisco Nexus 9000 Series Switches
Table 7 Cisco Nexus 9000 Series Uplink Modules
An enhanced version of the Cisco Nexus N9K-M6PQ uplink module. |
|
Cisco Nexus 9300 uplink module with 12 40-Gigabit Ethernet QSPF+ ports. |
Table 8 Cisco Nexus 9500 Platform Switches System Controller
Table 9 Cisco Nexus 3232C and 3264Q Switch Hardware
Table 10 Cisco Nexus 3164Q Switch Hardware
Table 11 Cisco Nexus 31128PQ Switch Hardware
To perform a software upgrade or downgrade, follow the instructions in the Cisco Nexus 9000 Series NX-OS Software Upgrade and Downgrade Guide, Release 7.x.
For information about an In Service Software Upgrade (ISSU), see the Cisco NX-OS ISSU Support application.
Note: Upgrading from Cisco NX-OS 7.0(3)I1(2), 7.0(3)I1(3), or 7.0(3)I1(3a) requires installing a patch for Cisco Nexus 9500 platform switches only. For more information on the upgrade patch, see Upgrade Patch Instructions.
The following features are not supported for the Cisco Nexus 3232C and 3264Q switches:
■ 3264Q and 3232C platforms do not support the PXE boot of the NX-OS image from the loader.
■ Automatic negotiation support for 25-Gb and 50-Gb ports on the Cisco Nexus 3232C switch
■ Cisco Nexus 2000 Series Fabric Extenders (FEX)
■ Cisco NX-OS to ACI conversion (The Cisco Nexus 3232C and 3264Q switches operate only in Cisco NX-OS mode.)
■ DCBXP
■ Designated router delay
■ DHCP subnet broadcast is not supported
■ Due to a Poodle vulnerability, SSLv3 is no longer supported
■ FCoE NPV
■ Intelligent Traffic Director (ITD)
■ Enhanced ISSU. NOTE: Check the appropriate guide to determine which platforms support Enhanced ISSU.
■ MLD
■ NetFlow
■ PIM6
■ Policy-based routing (PBR)
■ Port loopback tests
■ Resilient hashing
■ SPAN on CPU as destination
■ Virtual port channel (vPC) peering between Cisco Nexus 3232C or 3264Q switches and Cisco Nexus 9300 platform switches or between Cisco Nexus 3232C or 3264Q switches and Cisco Nexus 3100 Series switches
■ VXLAN IGMP snooping
The following features are not supported for the Cisco Nexus 9200 platform switches and the Cisco Nexus 93108TC-EX and 93180YC-EX switches:
■ 64-bit ALPM routing mode
■ Cisco Nexus 9272PQ and Cisco Nexus 92160YC platforms do not support the PXE boot of the NXOS image from the loader.
■ ACL filters to span subinterface traffic on the parent interface
■ Egress port ACLs
■ Egress QoS policer is supported on the Cisco Nexus 9300-EX and 9300-FX platform switches. It is not supported on the Cisco Nexus 9200 platform switch. The only policer action supported is drop. Remark action is not supported on egress policer.
■ FEX (supported for Cisco Nexus 9300-EX platform switches but not for Cisco Nexus 9200 platform switches.)
■ GRE v4 payload over v6 tunnels
■ IP length-based matches
■ IP-in-IP on Cisco Nexus 92160 switch
■ ISSU enhanced is not supported on the Cisco Nexus 9300-FX platform switch.
■ Layer 2 Q-in-Q is supported only on Cisco Nexus 9300-EX platform switches (93108TC-EX and 93180YC-EX) and Cisco Nexus 9500 platform switches with the X9732C-EX line card.
■ MTU (Multi Transmission Unit) checks for packets received with an MPLS header
■ NetFlow is not supported on Cisco Nexus 9200 platform switches. It is supported on Cisco Nexus 9300-EX and 9300-FX platform switches.
■ Packet-based statistics for traffic storm control (only byte-based statistics are supported)
■ PVLANs (supported on Cisco Nexus 9300 and 9300-EX platform switches but not on Cisco Nexus 9200 platform switches)
■ Q-in-VNI is not supported on Cisco Nexus 9200 platform switches. Beginning with Cisco NX-OS Release 7.0(3)I5(1), Q-in-VNI is supported on Cisco Nexus 9300-EX platform switches.
■ Q-in-Q for VXLAN is not supported on Cisco Nexus 9200 and 9300-EX platform switches
Q-in-VNI is not supported on Cisco Nexus 9200 platform switches (supported on Cisco Nexus 9300-EX platform switches)
■ Resilient hashing for ECMP on the Cisco Nexus 9200 platform switches.
■ Resilient hashing for port-channel
■ Rx SPAN for multicast if the SPAN source and destination are on the same slice and no forwarding interface is on the slice
■ SVI uplinks with Q-in-VNI are not supported with Cisco Nexus 9300-EX platform switches
■ Traffic storm control for copy-to-CPU packets
■ Traffic storm control with unknown multicast traffic
■ Tx SPAN for multicast, unknown multicast, and broadcast traffic
■ VACL redirects for TAP aggregation
The following features are not supported for the Cisco Nexus 9500 platform N9K-X9408PC-CFP2 line card and Cisco Nexus 9300 platform switches with generic expansion modules (N9K-M4PC-CFP2):
■ 802.3x
■ Breakout ports
■ FEX (this applies to the N9K-X9408PC-CFP2 and –EX switches, not all Cisco Nexus 9300 platform switches)
■ MCT (Multichassis EtherChannel Trunk)
■ NetFlow
■ Only support 40G flows
■ Port-channel (No LACP)
■ PFC/LLFC
■ PTP (Precision Time Protocol)
■ PVLAN (supported on Cisco Nexus 9300 platform switches)
■ Shaping support on 100g port is limited
■ SPAN destination/ERSPAN destination IP
■ Storm Control
■ vPC
■ VXLAN access port
The following features are not supported for Cisco Nexus 9508 switches with an N9K-X9732C-EX line card:
■ FEX
■ IPv6 support for policy-based routing
■ LPM dual-host mode
■ SPAN port-channel destinations
The entire Cisco Nexus 9000 Series NX-OS documentation set is available at the following location: Cisco Nexus 9000 Series Switches
Cisco Nexus 9000 Series Software Upgrade and Downgrade Guide is available at the following location: Cisco Nexus 9000 Series NX-OS Software Upgrade and Downgrade Guide, Release 7.x
The Cisco Nexus 3164Q Switch - Read Me First is available at the following location: Cisco Nexus 3164Q Switch — READ ME FIRST
The Cisco Nexus 31128PQ Switch - Read Me First is available at the following location: Cisco Nexus 31128PQ Switch — READ ME FIRST
The Cisco Nexus 3232C/3264Q Switch - Read Me First is available at the following location: Cisco Nexus 3232C and 3264Q Switches — READ ME FIRST
The Cisco Nexus 3000 and 9000 Series NX-API REST SDK User Guide and API Reference is available at the following location: Cisco Nexus NX-API References
The Cisco Nexus 9000 Series FPGA/EPLD Upgrade Release Notes, Release 7.0(3)I7(9) is available at the following location:
Cisco Nexus 9000 Series FPGA/EPLD Upgrade Release Notes, Release 7.0(3)I7(9)
Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this URL: www.cisco.com/go/trademarks. Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1110R)