Cisco Nexus 9000 Series NX-OS Release Notes, Release 9.3(2)
Use this document with documents listed in Related Documentation.
Table 1 shows the online change history of this document.
March 4, 2020 |
Updated the Introduction section. |
January 26, 2020 |
Added CSCvc95008 to Known Behaviors. |
November 15, 2019 |
Updated Limitations section for breakout issue. |
November 6, 2019 |
Cisco Network Insights for Data Center
Open Caveats—Cisco NX-OS Release 9.3(2)
Known Behaviors—Cisco NX-OS Release 9.3(2)
Obtaining Documentation and Submitting a Service Request
Cisco Nexus 9000 Series switches and the Cisco Nexus 3000 Series switches, use same NX-OS binary image also called the “unified" image. The binary image covers the Cisco Nexus 9300 and 9500 and Cisco Nexus 3100, 3200, 3400-S, 3500, and 3600 platform switches. Cisco NX-OS Release 9.2(1) was the first release that adopted unified version numbering. With unified version numbering, the platform designator is obsolete.
Moving forward for the previously identified platforms, we will be adopting the simplified 3-letter versioning scheme. For example, a release with X.Y(Z) would mean:
X – Unified release major
Y – Major / Minor release
Z – Maintenance release (MR)
Where the Z = 1 is always the first FCS release of a Major/Minor release.
An example of a previous release number is: 7.0(3)I7(4). In this format, the ‘I’ is the platform designator.
Note: In order to accommodate upgrade compatibility from an older software version that is expecting a platform designator, when the install all command is entered or the show install all impact command is entered, the version string appears as 9.3(2)I9(1). The “I9(1)” portion of the string can be safely ignored. It will later appear as 9.3(2).
Note: The Cisco Nexus 34180YC and 3464C platform switches are not supported in Cisco NX-OS Release 9.3(2).
When you downgrade from Cisco NX-OS Release 9.3(2) to an earlier release, the features that use the ACI+NX-OS Essentials, Advantage, and add-on licenses or the Hardware Streaming Telemetry license continue to work in honor mode in the downgraded version. In addition, the output of the show license usage command continues to include entries for these unsupported licenses.
For more information, see the Cisco NX-OS Licensing Guide.
This section includes the following sections:
Table 2 Cisco Nexus 9500 Switches
Table 3 Cisco Nexus 9500 Cloud Scale Line Cards
Table 4 Cisco Nexus 9500 R-Series Line Cards
Table 5 Cisco Nexus 9500 Classic Line Cards
Table 6 Cisco Nexus 9500 Cloud Scale Fabric Modules
Table 7 Cisco Nexus 9500 R-Series Fabric Modules
Table 8 Cisco Nexus 9500 Fabric Modules
Table 9 Cisco Nexus 9500 Fabric Module Blanks with Power Connector
Table 10 Cisco Nexus 9500 Supervisor Modules
Table 11 Cisco Nexus 9500 System Controller
Table 12 Cisco Nexus 9500 Fans and Fan Trays
Table 13 Cisco Nexus 9500 Power Supplies
Table 14 Cisco Nexus 9200 and 9300 Fans and Fan Trays
Table 15 Cisco Nexus 9200 and 9300 Power Supplies
Table 16 Cisco Nexus 9200 and 9300 Switches
Table 17 Cisco Nexus 9000 Series Uplink Modules
Table 2 Cisco Nexus 9500 Switches
Description |
|
N9K-C9504 |
7.1-RU modular switch with slots for up to 4 line cards in addition to two supervisors, 2 system controllers, 3 to 6 fabric modules, 3 fan trays, and up to 4 power supplies. |
N9K-C9508 |
13-RU modular switch with slots for up to 8 line cards in addition to two supervisors, 2 system controllers, 3 to 6 fabric modules, 3 fan trays, and up to 8 power supplies. |
N9K-C9516 |
21-RU modular switch with slots for up to 16 line cards in addition to two supervisors, 2 system controllers, 3 to 6 fabric modules, 3 fan trays, and up to 10 power supplies. |
Table 3 Cisco Nexus 9500 Cloud Scale Line Cards
Product ID |
Description |
Maximum Quantity |
||
Cisco Nexus 9504 |
Cisco Nexus 9508 |
Cisco Nexus 9516 |
||
N9K-X9736C-FX |
Cisco Nexus 9500 36-port 40/100 Gigabit Ethernet QSFP28 line card |
4 |
8 |
16 |
N9K-X9732C-FX |
Cisco Nexus 9500 32-port 40/100 Gigabit Ethernet QSFP28 line card |
4 |
8 |
16 |
N9K-X9732C-EX |
Cisco Nexus 9500 32-port 40/100 Gigabit Ethernet QSFP28 line card |
4 |
8 |
16 |
N9K-X9736C-EX |
Cisco Nexus 9500 36-port 40/100 Gigabit Ethernet QSFP28 line card |
4 |
8 |
16 |
N9K-X9788TC-FX |
Cisco Nexus 9500 48-port 1/10-G BASE-T Ethernet and 4-port 40/100 Gigabit Ethernet QSFP28 line card |
4 |
8 |
16 |
N9K-X97160YC-EX |
Cisco Nexus 9500 48-port 10/25-Gigabit Ethernet SFP28 and 4-port 40/100 Gigabit Ethernet QSFP28 line card |
4 |
8 |
16 |
Table 4 Cisco Nexus 9500 R-Series Line Cards
Product ID |
Description |
Maximum Quantity |
|
Cisco Nexus 9504 |
Cisco Nexus 9508 |
||
N9K-X9636C-R |
Cisco Nexus 9500 36-port 40/100 Gigabit Ethernet QSFP28 line card |
4 |
8 |
N9K-X9636C-RX |
Cisco Nexus 9500 36-port 40/100 Gigabit Ethernet QSFP28 line card |
4 |
8 |
N9K-X9636Q-R |
Cisco Nexus 9500 36-port 40 Gigabit Ethernet QSFP line card |
4 |
8 |
N9K-X96136YC-R |
Cisco Nexus 9500 16-port 1/10 Gigabit, 32-port 10/25 Gigabit, and 4-port 40/100 Gigabit Ethernet line card |
4 |
8 |
Table 5 Cisco Nexus 9500 Classic Line Cards
Product ID |
Description |
Maximum Quantity |
||
Cisco Nexus 9504 |
Cisco Nexus 9508 |
Cisco Nexus 9516 |
||
N9K-X9408C-CFP2 |
Line card with 8 100 Gigabit CFP2 ports |
4 |
8 |
16 |
N9K-X9432C-S |
Cisco Nexus 9500 32-port 40/100 Gigabit Ethernet QSFP28 line card |
4 |
8 |
N/A |
N9K-X9432PQ |
Cisco Nexus 9500 32-port 40 Gigabit Ethernet QSFP+ line card |
4 |
8 |
16 |
N9K-X9636PQ |
Cisco Nexus 9500 36-port 40 Gigabit Ethernet QSFP+ line card |
4 |
8 |
N/A |
N9K-X9464PX |
Cisco Nexus 9500 48 1/10-Gigabit SFP+ and 4-port 40-Gigabit Ethernet QSFP+ line card |
4 |
8 |
16 |
N9K-X9464TX |
Cisco Nexus 9500 48 port 1/10-Gigabit BASE-T Ethernet and 4-port 40-Gigabit Ethernet QSFP+ line card |
4 |
8 |
16 |
N9K-X9464TX2 |
Cisco Nexus 9500 48 port 1/10-Gigabit BASE-T Ethernet and 4-port 40-Gigabit Ethernet QSFP+ line card |
4 |
8 |
16 |
N9K-X9536PQ |
Cisco Nexus 9500 36-port 40 Gigabit Ethernet QSFP+ line card |
4 |
8 |
16 |
N9K-X9564PX |
Cisco Nexus 9500 48 1/10-Gigabit SFP+ and 4 port 40-Gigabit Ethernet QSFP+ line card |
4 |
8 |
16 |
N9K-X9564TX |
Cisco Nexus 9500 48 port 1/10-Gigabit BASE-T Ethernet and 4 port 40-Gigabit Ethernet QSFP+ line card |
4 |
8 |
16 |
Table 6 Cisco Nexus 9500 Cloud Scale Fabric Modules
Product ID |
Description |
Minimum |
Maximum |
N9K-C9504-FM-E |
Cisco Nexus 9504 100-Gigabit cloud scale fabric module |
4 |
5 |
N9K-C9508-FM-E |
Cisco Nexus 9508 100-Gigabit cloud scale fabric module |
4 |
5 |
N9K-C9508-FM-E2 |
Cisco Nexus 9508 100-Gigabit cloud scale fabric module |
4 |
5 |
N9K-C9516-FM-E |
Cisco Nexus 9516 50-Gigabit cloud scale fabric module |
4 |
5 |
N9K-C9516-FM-E2
|
Cisco Nexus 9516 100-Gigabit cloud scale fabric module |
4 |
5 |
Table 7 Cisco Nexus 9500 R-Series Fabric Modules
Product ID |
Description |
Minimum |
Maximum |
N9K-C9504-FM-R |
Cisco Nexus 9504 100-Gigabit R-Series fabric module |
4 |
6 |
N9K-C9508-FM-R |
Cisco Nexus 9508 100-Gigabit R-Series fabric module |
4 |
6 |
Table 8 Cisco Nexus 9500 Fabric Modules
Product ID |
Description |
Minimum |
Maximum |
N9K-C9504-FM |
Cisco Nexus 9504 40-Gigabit fabric module |
3 |
6 |
N9K-C9508-FM |
Cisco Nexus 9508 40-Gigabit fabric module |
3 |
6 |
N9K-C9516-FM |
Cisco Nexus 9516 40-Gigabit fabric module |
3 |
6 |
N9K-C9504-FM-S |
Cisco Nexus 9504 100-Gigabit fabric module |
4 |
4 |
N9K-C9508-FM-S |
Cisco Nexus 9508 100-Gigabit fabric module |
4 |
4 |
Table 9 Cisco Nexus 9500 Fabric Module Blanks with Power Connector
Product ID |
Description |
Minimum |
Maximum |
N9K-C9508-FM-Z |
Cisco Nexus 9508 Fabric blank with Fan Tray Power Connector module |
N/A |
2 |
N9K-C9516-FM-Z |
Cisco Nexus 9516 Fabric blank with Fan Tray Power Connector module |
N/A |
2 |
Table 10 Cisco Nexus 9500 Supervisor Modules
Supervisor |
Description |
Quantity |
N9K-SUP-A |
1.8-GHz supervisor module with 4 cores, 4 threads, and 16 GB of memory |
2 |
N9K-SUP-A+ |
1.8-GHz supervisor module with 4 cores, 8 threads, and 16 GB of memory |
2 |
N9K-SUP-B |
2.2-GHz supervisor module with 6 cores, 12 threads, and 24 GB of memory |
2 |
N9K-SUP-B+ |
1.9-GHz supervisor module with 6 cores, 12 threads, and 32 GB of memory |
2 |
NOTE: N9K-SUP-A and N9K-SUP-A+ are not supported on Cisco Nexus 9504 and 9508 switches with -R line cards.
Table 11 Cisco Nexus 9500 System Controller
Product ID |
Description |
Quantity |
N9K-SC-A |
Cisco Nexus 9500 Platform System Controller Module |
2 |
Table 12 Cisco Nexus 9500 Fans and Fan Trays
Product ID |
Description |
Quantity |
N9K-C9504-FAN |
Fan tray for 4-slot modular chassis |
3 |
N9K-C9508-FAN |
Fan tray for 8-slot modular chassis |
3 |
N9K-C9516-FAN |
Fan tray for 16-slot modular chassis |
3 |
Table 13 Cisco Nexus 9500 Power Supplies
Product ID |
Description |
Quantity |
Cisco Nexus Switches |
N9K-PAC-3000W-B |
3 KW AC power supply |
Up to 4 |
Cisco Nexus 9504 |
N9K-PDC-3000W-B |
3 KW DC power supply |
Up to 4 |
Cisco Nexus 9504 |
N9K-PUV-3000W-B |
3 KW Universal AC/DC power supply |
Up to 4 |
Cisco Nexus 9504 |
N9K-PUV2-3000W-B |
3.15-KW Dual Input Universal AC/DC Power Supply |
Up to 4 |
Cisco Nexus 9504 |
Table 14 Cisco Nexus 9200 and 9300 Fans and Fan Trays
Product ID |
Description |
Quantity |
Cisco Nexus Switches |
|
N9K-C9300-FAN1 |
Fan 1 module with port-side intake airflow (burgundy coloring) |
3 |
9396PX (early versions) |
|
N9K-C9300-FAN1-B |
Fan 1 module with port-side exhaust airflow (blue coloring) |
3 |
9396PX (early versions) |
|
N9K-C9300-FAN2 |
Fan 2 module with port-side intake airflow (burgundy coloring) |
3 |
93128TX |
9396PX |
N9K-C9300-FAN2-B |
Fan 2 module with port-side exhaust airflow (blue coloring) |
3 |
93128TX |
9396PX |
N9K-C9300-FAN3 |
Fan 3 module with port-side intake airflow (burgundy coloring) |
3 |
92304QC |
93120TX |
N9K-C9300-FAN3-B |
Fan 3 module with port-side exhaust airflow (blue coloring) |
3 |
92304QC |
93120TX |
NXA-FAN-160CFM-PE |
Fan module with port-side exhaust airflow (blue coloring) |
3 |
9364C1 |
93360YC-FX2 |
NXA-FAN-160CFM-PI |
Fan module with port-side intake airflow (burgundy coloring) |
3 |
9364C1 |
93360YC-FX2 |
NXA-FAN-30CFM-B |
Fan module with port-side intake airflow (burgundy coloring) |
3 |
92160YC-X |
9332PQ 9372PX-E 9372TX-E 9348GC-FXP1 |
NXA-FAN-30CFM-F |
Fan module with port-side exhaust airflow (blue coloring) |
3 |
92160YC-X |
9332PQ 9372PX 9372PX-E 9372TX-E 9348GC-FXP |
NXA-FAN-35CFM-PE |
Fan module with port-side exhaust airflow (blue coloring) |
4 |
92300YC1 9232C1 |
9332C1
|
NXA-FAN-35CFM-PI |
Fan module with port-side intake airflow (burgundy coloring) |
4 |
92300YC1 9232C1 |
9332C1 |
NXA-FAN-65CFM-PE |
Fan module with port-side exhaust airflow (blue coloring) |
3 |
93240YC-FX21 |
9336C-FX21 |
NXA-FAN-65CFM-PI |
Fan module with port-side exhaust airflow (burgundy coloring) |
3 |
93240YC-FX21 |
9336C-FX21 |
1For specific fan speeds see the Overview section of the Hardware Installation Guide.
Table 15 Cisco Nexus 9200 and 9300 Power Supplies
Product ID |
Description |
Quantity |
Cisco Nexus Switches |
|
NXA-PAC-500W-PE |
500-W AC power supply with port-side exhaust airflow (blue coloring) |
2 |
93108TC-EX |
93180YC-EX 93180YC-FX |
NXA-PAC-500W-PI |
500-W AC power supply with port-side intake airflow (burgundy coloring) |
2 |
93108TC-EX |
93180YC-EX 93180YC-FX |
N9K-PAC-650W |
650-W AC power supply with port-side intake (burgundy coloring) |
2 |
9332PQ 9372TX |
9372TX-E |
N9K-PAC-650W-B |
650-W AC power supply with port-side exhaust (blue coloring) |
2 |
9332PQ 9372TX |
9372TX-E |
NXA-PAC-650W-PE |
650-W power supply with port-side exhaust (blue coloring) |
2 |
92160YC-X |
92304QC |
NXA-PAC-650W-PI |
650-W power supply with port-side intake (burgundy coloring) |
2 |
92160YC-X |
92304QC |
NXA-PAC-750W-PE |
750-W DC power supply with port-side exhaust airflow (blue coloring) |
2 |
9336C-FX2 |
|
NXA-PAC-750W-PI |
750-W DC power supply with port-side exhaust airflow (burgundy coloring) |
2 |
9336C-FX2 |
|
NXA-PAC-1100W-PE2 |
1100-W AC power supply with port-side exhaust airflow (blue coloring) |
2 |
93240YC-FX2 9332C |
9336C-FX2 |
NXA-PAC-1100W-PI2 |
1100-W AC power supply with port-side intake airflow (burgundy coloring) |
2 |
93240YC-FX2 9332C |
9336C-FX2 |
N9K-PAC-1200W |
1200-W AC power supply with port-side intake airflow (burgundy coloring) |
2 |
93120TX |
|
N9K-PAC-1200W-B |
1200-W AC power supply with port-side exhaust airflow (blue coloring) |
2 |
93120TX |
|
NXA-PAC-1200W-PE |
1200-W AC power supply with port-side exhaust airflow (blue coloring) |
2 |
9272Q |
9364C |
NXA-PAC-1200W-PI |
1200-W AC power supply with port-side intake airflow (burgundy coloring) |
2 |
9272Q |
9364C |
N9K-PUV-1200W |
3000-W Universal AC/DC power supply with bidirectional airflow (white coloring) |
2 |
92160YC-X |
93120TX |
NXA-PDC-930W-PE |
930-W DC power supply with port-side exhaust airflow (blue coloring) |
2 |
9272Q |
93120TX |
NXA-PDC-930W-PI |
930-W DC power supply with port-side intake airflow (burgundy coloring) |
2 |
9272Q |
93120TX |
NXA-PDC-1100W-PE |
1100-W DC power supply with port-side exhaust airflow (blue coloring) |
2 |
93240YC-FX2 |
9332C 9336C-FX2 |
NXA-PDC-1100W-PI |
1100-W DC power supply with port-side intake airflow (burgundy coloring) |
2 |
93240YC-FX2 |
9332C 9336C-FX2 |
UCSC-PSU-930WDC |
930-W DC power supply with port-side intake (green coloring) |
2 |
92160YC-X |
9332PQ 9372TX |
UCS-PSU-6332-DC |
930-W DC power supply with port-side exhaust (gray coloring) |
2 |
92160YC-X |
9332PQ 9372TX |
NXA-PDC-1100W-PE |
1100-W DC power supply with port-side exhaust airflow (blue coloring) |
2 |
93240YC-FX |
|
NXA-PHV-1100W-PE |
1100-W AC power supply with port-side exhaust airflow (blue coloring) |
2 |
93240YC-FX2 |
9336C-FX2 |
NXA-PHV-1100W-PI |
1100-W AC power supply with port-side intake airflow (burgundy coloring) |
2 |
93240YC-FX2 |
9336C-FX2 |
N2200-PAC-400W |
400-W AC power supply with port-side exhaust airflow (blue coloring) |
2 |
92348GC-X |
|
N2200-PAC-400W-B |
400-W AC power supply with port-side intake airflow (burgundy coloring) |
2 |
92348GC-X |
|
Table 16 Cisco Nexus 9200 and 9300 Switches
Cisco Nexus Switch |
Description |
N9K-C9336C-FX2 |
1-RU switch with 36 40-/100-Gb Ethernet QSFP28 ports. |
N9K-C93216TC-FX2 |
2-RU switch with 96 100M/1G/10G RJ45 ports, 12 40/100-Gigabit QSFP28 ports, 2 management ports (one RJ-45 and one SFP port, 1 console, port, and 1 USB port. |
N9K-C93240YC-FX2 |
1.2-RU Top-of-Rack switch with 48 10-/25-Gigabit SFP28 fiber ports and 12 40-/100-Gigabit Ethernet QSFP28 ports. |
N9K-C93360YC-FX2 |
2-RU switch with 96 10-/25-Gigabit SFP28 ports and 12 40/100-Gigabit QSFP28 ports |
N9K-C93108TC-FX |
1-RU Top-of-Rack switch with 48 100M/1/10GBASE-T (copper) ports and 6 40-/100-Gigabit QSFP28 ports |
N9K-C93108TC-FX-24 |
1-RU 24 1/10GBASE-T (copper) front panel ports and 6 fixed 40/100-Gigabit Ethernet QSFP28 spine-facing ports.
|
N9K-C93180YC-FX |
1-RU Top-of-Rack switch with 10-/25-/32-Gigabit Ethernet/FC ports and 6 40-/100-Gigabit QSFP28 ports. You can configure the 48 ports as 1/10/25-Gigabit Ethernet ports or as FCoE ports or as 8-/16-/32-Gigabit Fibre Channel ports. |
N9K-C93180YC-FX-24 |
1-RU 24 1/10/25-Gigabit Ethernet SFP28 front panel ports and 6 fixed 40/100-Gigabit Ethernet QSFP28 spine-facing ports. The SFP28 ports support 1-, 10-, and 25-Gigabit Ethernet connections and 8-, 16-, and 32-Gigabit Fibre Channel connections.
|
N9K-C93108TC-EX |
1-RU Top-of-Rack switch with 48 10GBASE-T (copper) ports and 6 40-/100-Gigabit QSFP28 ports |
N9K-C93108TC-EX-24 |
1-RU 24 1/10GBASE-T (copper) front panel ports and 6 40/100-Gigabit QSFP28 spine facing ports.
|
N9K-C93180LC-EX |
1-RU Top-of-Rack switch with 24 40-/50-Gigabit QSFP+ downlink ports and 6 40/100-Gigabit uplink ports. You can configure 18 downlink ports as 100-Gigabit QSFP28 ports or as 10-Gigabit SFP+ ports (using breakout cables) |
N9K-C93180YC-EX |
1-RU Top-of-Rack switch with 48 10-/25-Gigabit SFP28 fiber ports and 6 40-/100-Gigabit QSFP28 ports |
N9K-C93180YC-EX-24 |
1-RU 24 1/10/25-Gigabit front panel ports and 6-port 40/100 Gigabit QSFP28 spine-facing ports
|
N9K-C92160YC-X |
1-RU Top-of-Rack switch with 48 10-/25-Gigabit SFP+ ports and 6 40-Gigabit QSFP+ ports (4 of these ports support 100-Gigabit QSFP28 optics). |
N9K-C92300YC |
1.5-RU Top-of-Rack switch with 48 10-/25-Gigabit SFP28 ports and 18 fixed 40-/100-Gigabit QSFP28 ports. |
N9K-C92304QC |
2-RU Top-of-Rack switch with 56 40-Gigabit Ethernet QSFP+ ports (16 of these ports support 4x10 breakout cables) and 8 100-Gigabit QSFP28 ports. |
N9K-C9236C |
1-RU Top-of-Rack switch with 36 40-/100-Gigabit QSFP28 ports (144 10-/25-Gigabit ports when using breakout cables) |
N9K-C92348GC-X |
The Cisco Nexus 92348GC-X switch (N9K-C92348GC-X) is a 1RU switch that supports 696 Gbps of bandwidth and over 250 mpps. The 1GBASE-T downlink ports on the 92348GC-X can be configured to work as 100-Mbps, 1-Gbps ports. The 4 ports of SFP28 can be configured as 1/10/25-Gbps and the 2 ports of QSFP28 can be configured as 40- and 100-Gbps ports. The Cisco Nexus 92348GC-X is ideal for big data customers that require a Gigabit Ethernet ToR switch with local switching. |
N9K-C9272Q |
2-RU Top-of-Rack switch with 72 40-Gigabit Ethernet QSFP+ ports (35 of these ports also support 4x10 breakout cables for 140 10-Gigabit ports) |
N9K-C9332C |
1-RU fixed switch with 32 40/100-Gigabit QSFP28 ports and 2 fixed 1/10-Gigabit SFP+ ports. |
N9K-C9364C |
2-RU Top-of-Rack switch with 64 40-/100-Gigabit QSFP28 ports and 2 1-/10-Gigabit SFP+ ports. - Ports 1 to 64 support 40/100-Gigabit speeds. Ports 65 and 66 support 1/10 Gb speeds. |
N9K-C93120TX |
2-RU Top-of-Rack switch with 96 1/10GBASE-T (copper) ports and 6 40-Gigabit QSFP+ ports |
N9K-C93128TX |
3-RU Top-of-Rack switch with 96 1/10GBASE-T (copper) ports and an uplink module up to 8 40-Gigabit QSFP+ ports |
N9K-C9332PQ |
1-RU switch with 32 40-Gigabit Ethernet QSFP+ ports (26 ports support 4x10 breakout cables and 6 ports support QSFP-to-SFP adapters) |
Nexus 9300 with 48p 100M/1 G, 4p 10/25 G SFP+ and 2p 100 G QSFP |
|
N9K-C9372PX |
1-RU Top-of-Rack switch with 48 1-/10-Gigabit SFP+ ports and 6 40-Gigabit QSFP+ ports |
N9K-C9372PX-E |
An enhanced version of the Cisco Nexus 9372PX-E switch. |
N9K-C9372TX |
1-RU Top-of-Rack switch with 48 1-/10GBASE-T (copper) ports and 6 40-Gigabit QSFP+ ports |
N9K-C9372TX-E |
An enhanced version of the Cisco Nexus 9372TX-E switch. |
N9K-C9396PX |
2-RU Top-of-Rack switch with 48 1-/10-Gigabit Ethernet SFP+ ports and an uplink module with up to 12 40-Gigabit QSFP+ ports |
N9K-C9396TX |
2-RU Top-of-Rack switch with 48 1/10GBASE-T (copper) ports and an uplink module with up to 12 40-Gigabit QSFP+ ports |
Table 17 Cisco Nexus 9000 Series Uplink Modules
Product ID |
Description |
N9K-M4PC-CFP2 |
Cisco Nexus 9300 uplink module with 4 100-Gigabit Ethernet CFP2 ports. For the Cisco Nexus 93128TX switch, only two of the ports are active. For the Cisco Nexus 9396PX and 9396TX switches, all four ports are active. |
N9K-M6PQ |
Cisco Nexus 9300 uplink module with 6 40-Gigabit Ethernet QSFP+ ports for the Cisco Nexus 9396PX, 9396TX, and 93128TX switches. |
N9K-M6PQ-E |
An enhanced version of the Cisco Nexus N9K-M6PQ uplink module. |
N9K-M12PQ |
Cisco Nexus 9300 uplink module with 12 40-Gigabit Ethernet QSPF+ ports. |
To determine which transceivers and cables are supported by this switch, see the Transceiver Module (TMG) Compatibility Matrix.
To see the transceiver specifications and installation information, see https://www.cisco.com/c/en/us/support/interfaces-modules/transceiver-modules/products-installation-guides-list.html.
Straight-through FEX module support has been added for the following switches:
■ N9K-C93360YC-FX2
For more information, see the Cisco Nexus 9000 Series Switch FEX Support page.
■ Beginning with Cisco NX-OS Release 9.2(1), straight-through FEX support is added to Cisco Nexus 93240YC-FX2 and 9336C-FX2 switches.
■ Beginning with Cisco NX-OS Release 9.3(1), straight-through FEX support is added to Cisco Nexus 93360YC-FX2.
■ Active-Active FEX and straight-through FEX are not supported on the Cisco Nexus 92348GC switch.
■ For FEX HIF port channels, enable the STP port type edge using the spanning tree port type edge [trunk] command.
This section lists the following topics:
■ New Hardware Features in Cisco NX-OS Release 9.3(2)
■ New Software Features in Cisco NX-OS Release 9.3(2)
Cisco NX-OS Release 9.3(2) supports the following new hardware:
■ N9K-C93108TC-EX-24: Cisco Nexus 9300 platform switch with 24 1/10GBASE-T (copper) front panel ports and 6 40/100-Gigabit QSFP28 spine facing ports.
■ N9K-C93108TC-FX-24: Cisco Nexus 9300 platform switch with 24 1/10GBASE-T (copper) front panel ports and 6 fixed 40/100-Gigabit Ethernet QSFP28 spine-facing ports
■ N9K-C93180YC-EX-24: Cisco Nexus 9300 platform switch with 24 1/10/25-Gigabit front panel ports and 6-port 40/100 Gigabit QSFP28 spine-facing ports
■ N9K-C93180YC-FX-24: Cisco Nexus 9300 platform switch with 24 1/10/25-Gigabit Ethernet SFP28 front panel ports and 6 fixed 40/100-Gigabit Ethernet QSFP28 spine-facing ports. The SFP28 ports support 1-, 10-, and 25-Gigabit Ethernet connections and 8-, 16-, and 32-Gigabit Fibre Channel connections.
Cisco NX-OS Release 9.3(2) supports the following new software features:
■ Erase Configuration: Added support for the management IPv6 address and route to preserve after the write erase operation in Cisco Nexus 9000 Series switches.
For more information, see the Cisco Nexus 9000 Series NX-OS Fundamentals Configuration Guide, Release 9.3(x)
■ Introduced the Following licenses for the Cisco Nexus 9300-XF and -GF platform switches:
o ACI-PREMIER-XF: LAN_ENTERPRISE_SERVICES_PKG, NETWORK_SERVICES_PKG, VPN_FABRIC, ACI-ES-XF, NXOS_ESSENTIALS_XF/GF/M4/M8-16 and NXOS_ADVANTAGE_XF/GF/M4/M8-16
o ACI-PREMIER-GF: LAN_ENTERPRISE_SERVICES_PKG, NETWORK_SERVICES_PKG, VPN_FABRIC, ACI-ES-GF, NXOS_ESSENTIALS_XF/GF/M4/M8-16 and NXOS_ADVANTAGE_XF/GF/M4/M8-16
For more information, see the Cisco NX-OS Licensing Guide.
Programmability Features
■ Native Data Source: Added support for the path mac-all command.
■ Telemetry Multi-Threading: Updated associated show command outputs.
For more information, see the Cisco Nexus 9000 Series NX-OS Programmability Guide, Release 9.3(x).
Security Features
■ User-Defined MAC address: Add the ability to enable configuring a user-defined MAC address limit between the range of 16 to 256 for Cisco Nexus 3048, 3172PQ, 3172TQ, 3132Q-X, 3132Q-XL, 3172PQ-XL, 3172TQ-XL, 31108PC-V, 31108TC-V, 3132Q-V, 3132C-Z, 3232C, 3264Q, 3264C-E, 36180YC-R, 3636C-R switches.
For more information, see the Cisco Nexus 9000 Series NX-OS Security Configuration Guide, Release 9.3(x).
■ SNMP: Added support for new syslog trap message-generated.
For more information, see the Cisco Nexus 9000 Series NX-OS System Management Configuration Guide, Release 9.3(x).
■ Cisco NX-OS Release 9.3(2) supports the Cisco Network Insights Advisor (NIA) and Cisco Network Insights for Resources (NIR) on Cisco Nexus 9500 platform switches with 9700-EX and 9700-FX line cards. Also, Cisco Nexus 9200, 9300-EX and 9300-FX platform switches.
For more information, see the Cisco Network Insights documentation.
Note: All caveats listed in this document are those that were reported against the Cisco Nexus 9000 Series switches.
Cisco Nexus 9000 Series, Cisco Nexus 9500-R/Cisco Nexus-3600-R Series, Cisco Nexus 3000 Series, and Cisco Nexus 3500 Series are platforms that run on the unified software and binary. Since some caveats listed against these platforms could be applicable to the Cisco Nexus 3000 series platform too, we recommend that you review the list of caveats in the Release Notes of the other platforms for this release, to see if those are applicable to your network configuration.
This section includes the following topics:
■ Resolved Caveats—Cisco NX-OS Release 9.3(2)
■ Open Caveats—Cisco NX-OS Release 9.3(2)
■ Known Behaviors—Cisco NX-OS Release 9.3(2)
The following table lists the Resolved Caveats in Cisco NX-OS Release 9.3(2). Click the bug ID to access the Bug Search tool and see additional information about the bug.
Big ID |
Description |
Cisco NX-OS Authenticated SNMP Denial of Service Vulnerability |
|
mmode crash when modifying maintenance profile |
|
"show system error-id list" error and vsh.bin crashed |
|
Need support for DOM on FEX HIF ports |
|
PIM BIDir DF election issue |
|
9200/9300/9700-EX: Need fix to avoid mcast flood on NDR & allow FEX to receive mcast traffic on NDR |
|
BGP routes not advertised to peer after shut/no shut of interface connected to peer |
|
Failure to configure 'rd auto' after deleting/re-configuring VRF |
|
BGP Traceback on shutdown of NVE interface with controller topology |
|
During switch bootup seeing MSDP-3-TSP_RWSEM_LOCK_FAIL: rwsem_lock_no_sig |
|
n9k as-override no work after reload with maintenance mode |
|
Cisco NX-OS Border Gateway Protocol Denial of Service Vulnerability |
|
BGP-3-SLAB_LIB_SLAB_ERR: Slab error [double free attempted] in RPM Prefix tree slab |
|
"fragments" setting under ACL doesn't supress fragment ACE under PBR |
|
BGP locally originated path becomes invalid |
|
EVPN-SR: EVPN withdraw is sent first before LU withdraw with single BGP session for EVPN/LU |
|
BGP routes imported into RIB more than maximum path set |
|
TRM L3: After Local receiver goes away NGMVPN needs to withdraw local interest for remote S,G |
|
BGP session should not establish when update source interface is down. |
|
BGP stuck into Shut (NoMem) and neighbourship not formed |
|
OIF is stuck in the mroute table after removing IGMP join-group |
|
N9000 pim triggered register not enabled by default |
|
"sh ip mroute summary" shows bogus values for pps and bit-rate |
|
Standby Sup reload due to EOBC heartbeat failure (kfu_mts-app-137) |
|
traffic duplication may be seen with ECMP to external source/RP |
|
STP port type edge not working after upgrade to I7(x) in dual-homed FEX setup |
|
N9000 does not set vlan routable flag when igmp snooping is enabled on vlan SVI |
|
VRF is stuck in "Delete Holddown" state |
|
9300-EX with AA FEX: few v3 mcast groups blackhole shut/no shut of MCT |
|
default gw not installed in URIB after nh move |
|
IGMP/PIM heartbeat cores on the secondary VPC peer |
|
Dummy PIM neighbor 0.0.0.0 created after creating (S,G) entry when nbm is enabled |
|
Reloading N9K EOR vpc peer caused packet loss from north to south |
|
Cisco NX-OS Software Command Injection Vulnerability (CVE-2019-1791) |
|
VxLAN Pseudo BGW Config for peer-type fabric-external Incorrectly Disables Split Horizon Check |
|
9500: PIM register packet not send for 3 groups |
|
N9508: reload the module after repeated 2B Parity Error in MMU table |
|
When POAP is done, Maintenance mode profile config lost if switch reload |
|
BGP traceback after changing VNID associated with vlan at the controller |
|
N3164 Fastboot behavior with ALL IPv6 BGP neighbors down |
|
Evaluation of n9k-standalone-sw for August CPU Side-Channel Information Disclosure Vulnerabilities |
|
NX-OS : BGP : can not delete from urib ipv4 routes with ipv6 next-hop aka RFC5549 |
|
N9K-C93180LC-EX // LACP PDU timeout on bottom/even port if link goes down on top/odd port |
|
Egress policy is getting pushed to other interfaces where it is not applied. |
|
Ports may enter Internal-Fail errDisable when config/bringup and saving config |
|
On changing the vlan -> vni mapping, vnis are in down state |
|
BFD SHA1-auth interop CLI |
|
Failaction least bucket/ node per assigned to a node which is down |
|
Provide option to not run L3CC during transient conditions |
|
N9000 prefers mBGP route over directly connected one causing mcast traffic black holing |
|
Unable to delete remotely authenticated users when username contains period/dot "." |
|
n9k switch-profile ACL support |
|
ISIS does not advertise local or learned routes to neighbors after upgrade and coming out of mmode |
|
UC_DF_CHECK_FAIILURE For Traffic on Infra Vlan on VPC Peer-link and advertise-pip |
|
On 9200-EX, 9300-EX, 9700-EX, 9300-FX, 9300-FX2, ing-sup region should not be first region in TCAM |
|
TRM:SG Mroute deleted on 1 BL leads to traffic duplication after Border Leaf Reload |
|
Cisco FXOS and NX-OS Software Authenticated SNMP Denial of Service Vulnerability |
|
can not change AD for ISIS ipv6 routes using distance command under ipv6 address family |
|
vntag_mgr crash simultaneously |
|
UnCorrectable Multibit ECC Errors in Tahoe Platforms |
|
N9K-C9348GC-FXP:take about 4 sec to detect link down on rj45 port |
|
System reset-reason on ascii reload shows---Module PowerCycled |
|
"aaa bypass-user" option to bypass ACS authorization/accounting does not work |
|
N3K: Nexus 31108PCV - tacacs-server key is not saved to config when using "< >" together |
|
CVE-2018-17182: Use-after-free in vmacache_flush_all() kernel function vulnerability |
|
COPP Crash after Modifying COPP when booted with POAP On N9000 |
|
Gold POST test failure alerts not reaching the remote syslog server. |
|
N9K-C9516-FM-E: MAC is down but iETH link up |
|
Regarding ISIS redistribute maximum-prefix less than static route number |
|
IPV6 Route table not cleared when change ISIS IPV6 multi-topology to Single-topology |
|
Stuck PO lock can inadvertently lock other PO while using copy+R+S and create system wide lock |
|
URIB process crash due to VRF description character length |
|
TACACS authentication with type 6 encryption fails after upgrade |
|
Vlan not added to flood list, when new vlans are created in FL ingress-replication VXLAN |
|
unable to use domain name as argument to ssh6 - ssh: Invalid Hostname |
|
Vlan VNI in stale state if peer-vtep is used along with peer-ip in F&L ingress-replication VXLAN |
|
With passive TWINAX cable N2K-C2348TQ-10G-E reports the Fan Failure |
|
TAHUSD crash with repeated mac move |
|
mac address out of sync between vpc peers after repeated mac move and stopping the mac move |
|
N9k - During ISSU DME database Restore Failure |
|
IPV4 adjacency down when change ISIS IPV6 MT to ST |
|
Partial config sync after defaulting the interface in switch-profile// 9.2.2//N93180 |
|
N9k acl-mgr memory leak |
|
N9k -EX all interface counters stop incrementing |
|
PCM get locked permanently during FEX configs |
|
N9K-PoAP: PoAP showing 0.0.0.0 as the DHCP server address. |
|
IPv6 traffic with ip version 7 header is not dropped but forwarded on N9K |
|
Nexus9000 Mcast pim spt-threshold infinity not honored when LHR transits from non-DR to DR |
|
NVE failed to learn remote VTEP RMAC after ISSU terminated or canceled |
|
N9K - Prevent "No lacp suspend-individual" From Being Configured on FEX Fabric Interfaces |
|
no vn-segment failed to run |
|
NVE failed to learn remote vtep RMAC after config change from DCNM/MW mode |
|
Wrong Error message reported for ERSPAN destination on FEX HIF |
|
Tunnel ECMP Index value triggers a crash |
|
Spanning-tree BPDU Generated On Voice VLAN For MVAP Is Sent Untagged |
|
Nginx crash while handling Bash request |
|
N9300 may experience high correction after cable/transceiver is plugged in |
|
Block stormcontrol-cli on N3K/N9K-R |
|
N9K: 'power redundancy-mode insrc-redundant' missed after reload |
|
N9k stale S,G entry seen in VXLAN TRM environment |
|
N9000 does send PTP mgmt packets out of the interface where it was received on |
|
Packet drop if sfp of channel member port removed |
|
Private-vlan host-associate command with range causes the process to hang |
|
Frequent IGMP leave/join, leak in egress BW |
|
N9300-EX/N9200 may experience permanent PTP high correction |
|
AS-SET value showing 0 for aggregated routes in EVPN route. |
|
Non-disruptive ISSU failing on N9k with "l3vm Startup failure" error |
|
N9K not learning mac address |
|
S Q-in-VNI L2 flood received on VPC peer-link not flooded when 'system dot1q tunnel transit' enabled |
|
FEX port running FCoE goes into ErrDisabled(Pause Frame) without RX pause frames |
|
MST reconfig will cause VLAN hardware programing to be missing on T2 |
|
Non encaped bridged traffic don't egress on peer-link when vPC leg down when any tunnel intf is up |
|
VXLAN:NGMVPN service crashes due to could not allocate slab for fabric mroute |
|
VXLAN: Seeing BGP-3-ASSERT error and traceback |
|
N9K: Port link up suddenly w/ SFP-10G-SR-S but w/o connected cable |
|
Fail to delete sub-if Port-Channel with certain BFD modes/flags enabled on parent interface |
|
Egress packet loss from CPU when dest is recursive through EVPN |
|
Cisco NX-OS Software SNMP Access Control List Configuration Name Bypass Vulnerability |
|
Nexus 9000-FX QinQ VxLAN BGP EVPN. Multitag not functional after device is reloaded |
|
copying SVI config from file to running-config does not set jumbo MTU in HW |
|
Nexus 9k memory leak when SNMP walks OIDs (92160YC-X & N3048) |
|
N9K-C93108TC-FX Shutting the link the peer port will be in up state |
|
N9K BGP sessions unstable when TCP packets received from same source to multiple local addresses. |
|
N9K-X9736C-FX's /35 and /36 ports not coming up with QSFP-100G-SR4-S |
|
ISIS is calculating metric for IPv6 based on worse LSP |
|
ptp multiple high corrections while issuing "show interface transceiver details" |
|
N9K-C9364C- transceiver shows N/A issue randomly |
|
QSFP-100G-SR4 breakout link down if only enable one pair 25G port |
|
IGMP v2/v3 mix: shutdown igmpv2 receivers and igmpv3 receivers are also removed from mrib oifl |
|
Need new CLI for setting configurable MAC UP timer |
|
Evaluation of n9k-standalone-sw for Intel 2019.1 QSR - MDS |
|
NVE loopback flaps up and down after reload in autorecovery scenario in 7.0.3.I7.6 |
|
Procjob process does not check NULL payload of MTS messages |
|
SNMP v3 information leaking vulnerability still found in 7.0.3.I7.6 |
|
N9K: mrouter port is not created dynamically based on dummy PIM Hellos from OTV ED |
|
Gen 1 N9K May Not Bring Link Up When Connected To 3rd Party NIC Following Link Flap |
|
N9K : peer port flapping and new igmp join coming will cause port oversubscription |
|
ebgp peer no advertise local-labeled-route template inheritance does not work after process restart |
|
SAN-PO from NPV N9k to an FC switch will not come up |
|
Root Port in BLK state for few vlans on vpc secondary after vpc role preempt |
|
N9K: Do not add DHCP Padding to compensate for stripped option 82 header |
|
mcastfwd crash is seen |
|
Removing GLC-T/GLC-TE transceiver on HIF on FEX N2K-C2232PP keeps interface down |
|
DHCP Relay feature breaks when TCAM carvings are changed. |
|
bcm_usd crash at soc_alpm_insert |
|
Configuring no mpls ip forwarding on one interface breaks the same interface on different module |
|
Packet loss reported when upgrading a cloud scale switch in A-A FEX to i7.6 |
|
N9K-EX : no shut of admin down port leads to fatal error in device DEV_SUGARBOWL_ASIC error message |
|
Increase NTP MD5 authentication-key string length limit to 32 characters |
|
DHCP request with BCAST flag set may result in control plane failure |
|
EPLD Upgrade failure on N9K-SUP-A |
|
N9K encapsulates with incorrect/null source IP address and MAC address |
|
Link flap may cause port down |
|
pixm crashed after dvif exhausted with multiple fex reconnected |
|
prevent tac-pac running when the user is not network-admin |
|
Sflow sampling rate is double for Sflow when rate is set to 65536 |
|
vxlan multisite-Routes not advertised to peer on border gateways |
|
N9K FCoE hosts in a chassis connected over FIP bridge are impacted when a single host resets |
|
NX BGP: md5 does not work if vrf name is more than 19 character |
|
Only the first shell:roles role is used to assign the account into Linux groups in NX-OS |
|
Peer-link shutdown delayed on Secondary after shutting down VPC domain on Primary. |
|
N9K-C9364 running 7.0(3)I7(5) crash due to "tahusd" |
|
"policyelem" process crash when configure n9k via NX-API REST |
|
L3VNI Overlap VRF name under "show nve vni" |
|
Address 9500 SC EOBC Reloads |
|
New ACL entry on some SVIs could not be loaded to the hardware |
|
FHS config lost by upgrading from old version to 9.2(4) or 9.3(1) |
|
N9K: Radius authentication fails after reload/upgrade when DNS is used. |
|
Nexus 9500 - vPC Auto-Recovery starts after System Switchover |
|
not able to configure max igmp snooping group-timeout 10080 |
|
Port-channel member ports will cost TCAM entries as well as port-channel |
|
Unexpected Config Refresh removes member vni configs |
|
Some interfaces are down following a disruptive upgrade from 9.2.3 to 9.3.1 |
|
N9k allows upgrade when MD5 hash of image file does not match original leading to boot loop |
|
FT flow records in EX ToR switches does not have the correct STEP field set |
|
N9300: NXA-PAC-1100W-P series PS might not work if connected to same ATS |
|
Crash at the moment of collecting stats for TAHUSD process |
|
Nexus 93180LC-EX crashes due to tahusd process in disruptive upgrade from 7.0(3)I7(1) to 7.0(3)I7(6) |
|
Fatal SAP 28 pile up post SNMP crashes |
|
SNMP crash seen due to corrupted TLV |
|
Not able to configure ERSPAN source on FEX port |
|
Packets looping on internal ports of LC and FM after replacing N9K-X97160YC-EX with N9K-X9736C-FX |
|
Configure replace fails when 'switchport trunk allowed vlan' list is too large |
The following table lists the open caveats in the Cisco NX-OS Release 9.3(2). Click the bug ID to access the Bug Search tool and see additional information about the bug.
Storm control counters not incrementing |
|
OC ACL: delete ipv4 ace with hop-limit configs fails |
|
CRC seen on links with Dual speed BiDi & 40g BiDi optics. |
|
PTP High correction on slave when master have SVI which have IGMP Connected Group Membership |
|
ACL Stats - Packet hitting an ACE entry with log option will be counted twice |
|
vlan counters should display L3 counters info |
|
EOR/FX:FT latency max out issue started appearing |
|
Generate Error message for FHS policy, When lable are not available. |
|
Multiste EVPN Scale-after multiple flaps of NVE mac address is out of sync between BGP and L2RIB |
|
Nexus 9300 - Block CLI to configure sub-interface with 40G uplink ports |
|
Interface BW not accounting unicast BW after SSO switchover |
|
TRM Multisite: traffic drop on BGW after restarting ngmvpn |
|
Affinity, mask, priority and record route CLI's are not generated under LSP Attribute |
|
25g AOC/LR/SR Cable type is shown as unknown |
|
The host specific routes (IP-MAC) may stay in BGP after corresponding SVI removed |
|
After reload N9500 Chassis, sometimes aclmgr fails to lookup fib for pbr and leads sequence timeout |
|
Netstack core seen in non-destructive ISSU using FQDN for NTP |
The following known behaviors are in this release:
Table 2 Known Behaviors in Cisco NX-OS Release 9.3(2)
Bug ID |
Description |
On Cisco Nexus 9300-EX, 9348GC-FXP, 93108TC-FX, 93180YC-FX, 9336C-FX2, 93216TC-FX2, 93360YC-FX2, 93240YC-FX2, 92348GC-X, C93108TC-EX-24, C93108TC-FX-24, C93180YC-EX-24, and C93180YC-FX-24 switches, when 802.1q EtherType has changed on an interface, the EtherType of all interfaces on the same slice will be changed to the configured value. This change is not persistent after a reload of the switch and will revert to the EtherType value of the last port on the slice. |
|
|
On Cisco Nexus N2K-C2348TQ HIFs fail to utilize redundant Port-Channel links, to NIF, during link failover events. |
■ MTU 9216 is the default value for FEX fabric ports-channels.
■ MTU 9216 is the only allowed value to be configured on FEX fabric port-channels. Configuring any other value will throw an error.
■ If the MTU value on a FEX fabric port-channel was set to 9216 before upgrading to Cisco NX-OS Release 9.3(2), the show running config command will not display the MTU config as it is the new default in Cisco NX-OS Release 9.3(2). Due to this, the show running-config diff command displays the difference which is expected. Refer to CSCvp87914.
■ Release 9.3(2) brings in a new kernel and new processes.
■ Interface counter statistics are grouped together in the XML/JSON output. The output for the show interface-counters command in JSON format has changed/
■ NX-API does not support insecure HTTP by default.
■ NX-API does not support weak TLSv1 protocol by default.
■ Stronger ciphers are used in this release.
■ A new command, no service password-recovery is supported.
■ Only one version out of v4 and v6 versions of the uRPF command can be configured on an interface. If one version is configured, all the mode changes must be done by the same version. The other version is blocked on that interface. Cisco Nexus 9300-EX, 9300-FX, and 9300-FX2 platform switches do not have this limitation and you can configure v4 and v6 version of urpf cmd individually.
■ When large files, for example NX-OS, images are copied to USB, the following message is printed:
As long as these messages correspond to a copy operation to USB, this message can be ignored.
■ In the NX-API sandbox, whenever XML or JSON output is generated for the show run command or the show startup command, the output contains additional characters.
</nf:source> <============nf: is extra
<namespace> : extra characters are seen with XML and JSON from NX-API.
To perform a software upgrade, follow the installation instructions in the Cisco Nexus 9000 Series NX-OS Software Upgrade and Downgrade Guide, Release 9.2(x).
o 9.2(4)
o 9.2(3)
o 9.2(2)
o 9.2(1)
o 7.0(3)I7(7)
o 7.0(3)I7(6)
o 7.0(3)I7(5)
o 7.0(3)I7(4)
For a previous release, see the Cisco NX-OS ISSU Support application.
Note: Enhanced ISSU to Cisco NX-OS Release 9.3(2) is not supported as there are kernel fixes that cannot take effect without reloading the underlying kernel.
■ Enhanced ISSU: Enhanced ISSU to Cisco NX-OS Release 9.3(2) is not supported as there are kernel fixes that cannot take effect without reloading the underlying kernel. However, enhanced ISSU from Cisco NX-OS Release 9.3(2) to later releases is supported, even in cases of kernel incompatibility.
■ When downgrading from the Cisco NX-OS Release 9.3(2) to earlier releases, make sure that the ACL TCAM usage for ingress features does exceed the allocated TCAM space in the absence of the label sharing feature. Label sharing is a new feature in Cisco NX-OS Release 9.3(2). Otherwise, interfaces with RACLs that could not fit in the TCAM will be disabled after the downgrade.
■ When upgrading from Cisco NX-OS Release 9.2(2) or earlier releases to Cisco NX-OS Release 9.3(2), you need to make sure that ingress RACL TCAM region is not more than 50% full. Otherwise, the atomic update feature will be enabled after the upgrade and interfaces with RACLs that exceed 50% of TCAM allocation will remain down.
■ When upgrading from Cisco NX-OS Releases 7.0(3)I4(8), 7.0(3)I5(3), and 7.0(3)I6(1) to Cisco NX-OS Release 9.3(2) results in a disruptive upgrade. If syncing images to standby SUP failed during the disruptive upgrade from Cisco NX-OS Releases 7.0(3)I4(8), 7.0(3)I5(3,) or 7.0(3)I6(1) to 9.3(2), you should manually copy the image to the standby SUP and perform the disruptive upgrade.
■ When upgrading to Cisco NX-OS Release to 9.3(2) from any release prior to 7.0(3)I2(3) an intermediate upgrade to 7.0(3)I4(x), 7.0(3)I5(x), 7.0(3)I6(x), or 7.0(3)I7(x) is required. We recommend using Cisco NX-OS Release 7.0(3)I4(8) or 7.0(3)I7(4) as the interim release to aid in a smooth migration. For further details, please refer to CSCvk66763.
■ When upgrading from Cisco NX-OS Release 7.0(3)I6(1) or 7.0(3)I7(1) to Cisco NX-OS Release 9.3(2), if the Cisco Nexus 9000 Series switches are running vPC and they are connected to an IOS-based switch via Layer 2 vPC, there is a likelihood that the Layer 2 port channel on the IOS side will become error disabled. The workaround is to disable the spanning-tree etherchannel guard misconfig command on the IOS switch before starting the upgrade process. Once both the Cisco Nexus 9000 Series switches are upgraded, you can re-enable the command. For more information, see defect CSCvg05807.
■ An upgrade performed via the install all command for Cisco NX-OS Release 7.0(3)I2(2b) to Release 9.3(2) might result in the VLANs being unable to be added to the existing FEX HIF trunk ports. To recover from this, the following steps should be performed after all FEXs have come online and the HIFs are operationally up:
1. Enter the copy run bootflash:fex_config_restore.cfg command at the prompt.
2. Enter the copy bootflash:fex_config_restore.cfg running-config echo-commands command at the prompt.
■ In Cisco NX-OS Release 7.0(3)I6(1) and earlier, performing an ASCII replay or running the copy file run command on a FEX HIF configuration requires manually reapplying the FEX configuration after the FEX comes back up.
■ When upgrading to Cisco NX-OS Release 9.3(2) from 7.0(3)I2(x) or before and running EVPN VXLAN configuration, an intermediate upgrade to 7.0(3)I4(x) or 7.0(3)I5(x) or 7.0(3)I6(x) is required. For further details, please refer to CSCvh02777.
■ An ISSU can be performed only from a Cisco NX-OS Release 7.0(3)I4(1) to a later image.
■ While performing an ISSU, VRRP and VRRPv3 displays the following messages:
The following are the upgrade paths from previous 7.0(3)F3(x) releases:
■ Release 7.0(3)F3(x) -> Release 7.0(3)F3(4) -> Release 9.3(2)
NOTE: This upgrade is disruptive.
Cisco NX-OS Release 7.0(3)I1(2) Upgrade Patch
https://software.cisco.com/download/special/release.html?config=ea82d4567eeb829ad4f32ae29c627cfc
Cisco NX-OS Release 7.0(3)I1(3) Upgrade Patch
https://software.cisco.com/download/special/release.html?config=e3e68dd1e8db9633978e080b9b715df8
Cisco NX-OS Release 7.0(3)I1(3a) Upgrade Patch
https://software.cisco.com/download/special/release.html?config=0f2015eebc7ea0d606441171b4a3baf2
4. Upgrade using the install all command.
The following table is an example of a patch upgrade:
Disable the Guest Shell if you need to downgrade from Cisco NX-OS Release 9.3(2) to an earlier release.
■ ISSU (non-disruptive) downgrade is not supported.
For information about software maintenance upgrades, see the “Performing Software Maintenance Upgrades” section in the Cisco Nexus 9000 Series NX-OS System Management Configuration Guide.
If you are going to apply the patch for the issue described in CSCvh04723, you must make sure that the ACL is deleted before applying the patch. Otherwise, the issue will be seen again. This issue applies only to the ACL which has the redirect keyword in it.
This section lists limitations related to Cisco NX-OS Release 9.3(2).
■ Due to the design of airflow, back-to-front fans requires fan speed to be run at full speed all the time. You might also see fan speeds increase from 40% to 70% post-upgrade. This applies to the following PIDs: N9K-C9272Q, N9K-C9236C, N9K-C93180YC-FX, N9K-C93180TC-FX, N9K-C9364C, N3K-C36180YC-R, N9K-C9336C-FX2, N9K-C9332C. This change is made as of cisco NX-OS Release 7.0(3)I7(3). If your PID is not listed, please contact Cisco TAC for additional verification.
■ PTP is not supported on the 96136YC-R line card or for line cards on the Cisco Nexus 9504 switch.
■ The following features are not supported on the Cisco Nexus 3464C and 9364C switches.
o 100 G port cannot support breakout (HW limitation)
o FEX
o ISSU
o Segment routing
o Tetration (HW limitation)
■ The following feature is not supported on the Cisco Nexus 9332C:
o uRPF
■ Only the following switches support QSFP+ with the QSFP to SFP/SFP+ adapter (40 Gb to 10 Gb):
o N9K-C93108TC-FX
o N9K-C93180YC-FX
■ Note: The Cisco Nexus 9300 platforms support for the QSFP+ breakout has the following limitations:
■ For the Cisco Nexus 9332PQ switch, all ports except 13-14 and 27-32 can support breakout.
■ The following switches support the breakout cable (40 Gb ports to 4x10-Gb ports):
o N9K-C93180LC-EX—last four ports are breakout capable (10x4, 24x4, 50x2)
o N9K-X9732C-FX line card
o N9K-C93180YC-EX
o N9K-C93108TC-EX
o N9K-C93180YC-FX
o N9K-C93108TC-FX
o N9K-C9348GC-FXP
■ Limitations for ALE (Application Link Engine) uplink ports are listed at the following URL:
https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus9000/sw/ale_ports/b_Limitations_for_ALE_Uplink_Ports_on_Cisco_Nexus_9000_Series_Switches.html
Notes regarding unsupported features:
■ Cisco Nexus 9200, 9300-EX, and 9300-FX Platform Switches
■ Cisco Nexus 9500 Platform N9K-X9408PC-CFP2 Line Card and 9300 Platform Switches
The following features are not supported for the Cisco Nexus 9200 platform switches and the Cisco Nexus 93108TC-EX and 93180YC-EX switches:
■ Cisco Nexus 9272PQ and Cisco Nexus 92160YC platforms do not support the PXE boot of the NXOS image from the loader.
■ ACL filters to span subinterface traffic on the parent interface
■ Egress QoS policer is supported on the Cisco Nexus 9300-EX and 9300-FX platform switches. It is not supported on the Cisco Nexus 9200 platform switch. The only policer action supported is drop. Remark action is not supported on egress policer.
■ FEX (supported for Cisco Nexus 9300-EX platform switches but not for Cisco Nexus 9200 platform switches.)
■ GRE v4 payload over v6 tunnels
■ IP-in-IP on Cisco Nexus 92160 switch
■ ISSU enhanced is not supported on the Cisco Nexus 9300-FX platform switch.
■ MTU (Multi Transmission Unit) checks for packets received with an MPLS header
■ NetFlow is not supported on Cisco Nexus 9200 platform switches. It is supported on Cisco Nexus 9300-EX, 9300-FX, 9300-FX2, 9500-EX LCS, and 9500-FX LCS platform switches.
■ Packet-based statistics for traffic storm control (only byte-based statistics are supported)
■ PVLANs (supported on Cisco Nexus 9300 and 9300-EX platform switches but not on Cisco Nexus 9200 platform switches)
■ Q-in-VNI is not supported on Cisco Nexus 9200 platform switches. Beginning with Cisco NX-OS Release 7.0(3)I5(1), Q-in-VNI is supported on Cisco Nexus 9300-EX platform switches.
■ Q-in-Q for VXLAN is not supported on Cisco Nexus 9200 and 9300-EX platform switches
■ Q-in-VNI is not supported on Cisco Nexus 9200 platform switches (supported on Cisco Nexus 9300-EX platform switches)
■ Resilient hashing for ECMP on the Cisco Nexus 9200 platform switches.
■ Resilient hashing for port-channel
■ Rx SPAN for multicast if the SPAN source and destination are on the same slice and no forwarding interface is on the slice
■ SVI uplinks with Q-in-VNI are not supported with Cisco Nexus 9300-EX platform switches
■ Traffic storm control for copy-to-CPU packets
■ Traffic storm control with unknown multicast traffic
■ Tx SPAN for multicast, unknown multicast, and broadcast traffic
■ VACL redirects for TAP aggregation
The following features are not supported for the Cisco Nexus 9500 platform N9K-X9408PC-CFP2 line card and Cisco Nexus 9300 platform switches with generic expansion modules (N9K-M4PC-CFP2):
■ FEX (this applies to the N9K-X9408PC-CFP2 and –EX switches, not all Cisco Nexus 9300 platform switches)
■ MCT (Multichassis EtherChannel Trunk)
■ PTP (Precision Time Protocol)
■ PVLAN (supported on Cisco Nexus 9300 platform switches)
■ Shaping support on 100g port is limited
■ SPAN destination/ERSPAN destination IP
The following features are not supported for the N9K-X96136YC-R line card:
■ Breakout is not supported.
■ PTP and gPTP are not supported.
The following feature is not supported for the N9K-X9736C-FX line card:
■ Ports 29-36 do not support 1 Gbps speed.
The following features are not supported for Cisco Nexus 9500 cloud scale (EX/FX) line cards:
■ IPv6 support for policy-based routing
■ SPAN port-channel destinations
The entire Cisco Nexus 9000 Series NX-OS documentation set is available at the following URL:
https://www.cisco.com/c/en/us/support/switches/nexus-9000-series-switches/tsd-products-support-series-home.html
Cisco Nexus 9000 Series Software Upgrade and Downgrade Guide: Cisco Nexus 9000 Series NX-OS Software Upgrade and Downgrade Guide, Release 9.3(x)
The Cisco Nexus 3000 and 9000 Series NX-API REST SDK User Guide and API Reference is available at the following URL:
https://developer.cisco.com/site/nx-os/docs/n3k-n9k-api-ref/
The Cisco NX-OS Supported MIBs URL:
ftp://ftp.cisco.com/pub/mibs/supportlists/nexus9000/Nexus9000MIBSupportList.html
The Cisco Nexus 9000 Series FPGA/EPLD Upgrade Release Notes, Release 9.3(2) is available at the following URL:
To provide technical feedback on this document, or to report an error or omission, please send your comments to nexus9k-docfeedback@cisco.com. We appreciate your feedback.
For information on obtaining documentation and gathering additional information, see the monthly What’s New in Cisco Product Documentation, which also lists all new and revised Cisco technical documentation, at:
https://www.cisco.com/en/US/docs/general/whatsnew/whatsnew.html
Open a service request online at:
https://tools.cisco.com/ServiceRequestTool/create/launch.do
Subscribe to the What’s New in Cisco Product Documentation as a Really Simple Syndication (RSS) feed and set content to be delivered directly to your desktop using a reader application. The RSS feeds are a free service and Cisco currently supports RSS version 2.0.
This product includes cryptographic software written by Eric Young (eay@cryptsoft.com). This product includes software developed by the OpenSSL Project for use in the OpenSSL Toolkit. (http://www.openssl.org/). This product includes software written by Tim Hudson (tjh@cryptsoft.com).
Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this URL: www.cisco.com/go/trademarks. Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1110R)