Guest

Cisco Catalyst 3550 Series Switches

Release Notes for the Catalyst 3550 Multilayer Switch, Cisco IOS Release 12.1(4)EA1c

  • Viewing Options

  • PDF (378.4 KB)
  • Feedback
Release Notes for the Catalyst 3550 Multilayer Switch Cisco IOS Release 12.1(4)EA1c

Table Of Contents

Release Notes for the
Catalyst 3550 Multilayer Switch
Cisco IOS Release 12.1(4)EA1c

Contents

System Requirements

Hardware Supported

Software Compatibility

Recommended Platform Configuration for Web-Based Management

Operating System and Browser Support

Installing the Required Plug-In

Creating Clusters with Different Releases of IOS Software

Supported Catalyst 2900 XL and Catalyst 3500 XL Switches

Supported Catalyst 2950 Switches

Supported Catalyst 1900 and 2820 Switches

Downloading Software

Determining the Software Version

Which Files to Use

Upgrading a Switch by Using CMS

Upgrading a Switch by Using the CLI

Recovering from Software Failure

Installation Notes

Setting Up the Catalyst 3550 Initial Configuration

Configuring Browsers and Accessing CMS

Configuring Netscape Communicator (All Versions)

Configuring Microsoft Internet Explorer (4.01)

Configuring Microsoft Internet Explorer (5.0)

Displaying the CMS Access Page

New Features in This Release

New Hardware Features

New Software Features

Limitations and Restrictions

Important Notes

Caveats

IOS Caveats

Cluster Caveats

Cluster Management Suite Caveats

Documentation Updates

Related Documentation

Obtaining Documentation

World Wide Web

Documentation CD-ROM

Ordering Documentation

Documentation Feedback

Obtaining Technical Assistance

Cisco.com

Technical Assistance Center

Contacting TAC by Using the Cisco TAC Website

Contacting TAC by Telephone


Release Notes for the
Catalyst 3550 Multilayer Switch
Cisco IOS Release 12.1(4)EA1c


August 31, 2001

Cisco IOS Release 12.1(4)EA1c runs on Catalyst 3550 multilayer switches.


Note Although VLAN maps are referenced in the documentation, they are not supported in this release. Cisco IOS Release 12.1(4)EA1e and later support VLAN maps.


These release notes include important information about this IOS release and any limitations, restrictions, and caveats that apply to it. For the complete list of Catalyst 3550 switch documentation, see the "Related Documentation" section.


Note The documentation shipped with the Catalyst 3550 switches refers to Release 12.1(4)EA1. The correct IOS release is Cisco IOS Release 12.1(4)EA1c.


This IOS release is part of a special release of Cisco IOS software that is not released on the same 8-week maintenance cycle that is used for other platforms. As maintenance releases and future IOS releases become available, they will be posted to Cisco.com (previously Cisco Connection Online [CCO]) in the Cisco IOS software area.

Contents

This document has these sections:

"System Requirements" section

"Downloading Software" section

"Installation Notes" section

"New Features in This Release" section

"Limitations and Restrictions" section

"Important Notes" section

"Caveats" section

"Documentation Updates" section

"Related Documentation" section

"Obtaining Documentation" section

"Obtaining Technical Assistance" section

System Requirements

This section describes these system requirements for Release 12.1(4)EA1c:

"Hardware Supported" section

"Software Compatibility" section

Hardware Supported

Table 1 lists the hardware supported by this IOS release.

Table 1 Supported Hardware

Switch
Description

Catalyst 3550-12T

10 Gigabit Ethernet 10/100/1000BASE-T ports and 2 Gigabit Interface Converter (GBIC) based Gigabit Ethernet slots

GBIC modules

1000BASE-SX GBIC

1000BASE-LX/LH GBIC

1000BASE-ZX GBIC

1000BASE-T GBIC

GigaStack GBIC

Redundant power system

Cisco RPS 300 Redundant Power System


Software Compatibility

This section describes these software compatibility requirements for Release 12.1(4)EA1c:

"Recommended Platform Configuration for Web-Based Management" section

"Operating System and Browser Support" section

"Installing the Required Plug-In" section

"Creating Clusters with Different Releases of IOS Software" section

Recommended Platform Configuration for Web-Based Management

The minimum PC requirement is a Pentium processor running at 233 MHz with 64 MB of DRAM. The minimum UNIX workstation requirement is a Sun Ultra 1 running at 143 MHz with 64 MB of DRAM. Table 2 lists the recommended platforms.

Table 2 Recommended Platform Configuration for Web-Based Management

OS
Processor Speed
DRAM
Number of Colors
Resolution
Font Size

Windows NT 4.0

Pentium 300 MHz

128 MB

65,536

1024 x 768

Small

Solaris 2.5.1

SPARC 333 MHz

128 MB

Most colors for applications

Small (3)


For information about supported operating systems, see the next section.

Operating System and Browser Support

You can access the web-based interfaces through the browsers listed in Table 3. The switch checks the browser version when starting a session to ensure that the browser is supported. If the browser is not supported, the switch displays an error message, and the session does not start.

Table 3 Operating System and Browser Support

Operating System
Minimum Service Pack or Patch
Netscape Communicator 1
Microsoft Internet Explorer

Windows 95

Service Pack 1

4.61, 4.7

4.01a or 5.0

Windows 98

Second Edition

4.61, 4.7

4.01a or 5.0

Windows NT 4.0

Service Pack 3 or later

4.61, 4.7

4.01a or 5.0

Windows 2000

None

4.61, 4.7

4.01a or 5.0

Solaris 2.5.1 or later

Sun-recommended patch cluster for the OS and Motif library patch 103461-24

4.61, 4.7

Not supported

1 Netscape Communicator version 4.60 is not supported.


When viewed through the Cluster Management Suite (CMS), Internet Explorer versions 4.01a and 5.0 do not display edge devices that are not connected to the command switch. Other functionality is similar to that of Netscape Communicator.


Note If your browser is Internet Explorer and you receive an error message stating that the page might not display correctly because your security settings prohibit running activeX controls, this might mean that your security settings are set too high. To lower security settings, go to Tools > Internet Options, and select the Security tab. Select the indicated Zone, and move the Security Level for this Zone slider from High to Medium (the default).


Installing the Required Plug-In

A Java plug-in is required for the browser to access the Java-based Cluster Management Suite (CMS). Download and install the plug-in before you start CMS. Each platform, Windows and Solaris, supports two plug-in versions, one of which is recommended.

You can download the recommended plug-ins from the Catalyst 3550 Multilayer Switch Documentation CD. You can also download plug-ins from http://www.cisco.com/pcgi-bin/tablebuild.pl/java.

If the Java applet does not initialize after you have installed the plug-in, open the Java Plug-in Control Panel (Start > Programs > Java Plug-in Control Panel), and verify these setting:

In the Proxies tab, verify that Use browser settings is checked and that no proxies are enabled.

If you are running McAfee VirusScan on Windows 2000 and the plug-in takes a long time to load, you can speed up CMS operation by disabling the VirusScan Internet Filter option, the Download Scan option, or both.

From the Start menu, disable the options by selecting Start > Programs > Network Associates > Virus Scan Console > Configure.

or

From the taskbar, right-click the Virus Shield icon and in the Quick Enable menu, disable the options by deselecting Internet Filter or Download Scan.

Windows 2000, Windows 95, Windows 98, and Windows NT 4.0 Users

These Java plug-ins are supported on the Windows platform:


Caution To avoid performance and compatibility issues, do not use Java plug-ins later than Java plug-in 1.3.0. In particular, do not use plug-in 1.3.0.02.

Java plug-in 1.3.0 (recommended)

If you start CMS without having installed the required Java plug-in, the browser automatically detects this. If you are using a supported Internet Explorer browser, it automatically downloads and installs the plug-in. If you are using a supported Netscape browser, the browser displays a Cisco.com page that contains the Java plug-in and installation instructions.

If you are using Windows 2000, Netscape Communicator might not detect the missing Java plug-in.

You can download this plug-in and instructions from the Catalyst 3550 Multilayer Switch Documentation CD or from this URL:

http://www.cisco.com/pcgi-bin/tablebuild.pl/java


Note Uninstall older versions of the Java plug-ins before installing the Java plug-in 1.3.0.


Java plug-in 1.2.2_05

This plug-in is not automatically downloaded to the switch; however, you can download it from http://www.cisco.com/pcgi-bin/tablebuild.pl/java.

Solaris Users

These Java plug-ins are supported on the Solaris platform:


Caution To avoid performance and compatibility issues, do not use Java plug-ins later than Java plug-in 1.3.0.

Java plug-in 1.2.2_05

This plug-in is supported, but is not provided on the Cisco.com URL.

Java plug-in 1.2.2_07 (recommended)

You can download this plug-in and instructions from the Catalyst 3550 Multilayer Switch Documentation CD or from this URL:

http://www.cisco.com/pcgi-bin/tablebuild.pl/java

To install the Java plug-in, follow the instructions in the README_FIRST.txt file.

Java plug-in 1.3.0

You can download this plug-in and instructions from this URL:

http://www.cisco.com/pcgi-bin/tablebuild.pl/java

To install the Java plug-in, follow the instructions in the README_FIRST.txt file.

Creating Clusters with Different Releases of IOS Software

When a cluster has a mix of Catalyst switches, we strongly recommend using only the Catalyst 3550 switch as the command switch and these eligible switches as cluster members:

Catalyst 2916M-XL with 4 MB of DRAM running Release 11.2(8.5)SA6 or later

Catalyst 2900 XL switches with 8 MB of DRAM running Release 12.0(5.1)XU or later

Catalyst 3500 XL switches running Release 12.0(5.1)XU or later

Catalyst 2950 switches running Release 12.0(5)WC(1) or later

Catalyst 1900 and 2820 switches running Release 9.00.00 or later

All Catalyst 3550 switches should run Release 12.1(4)EA1c or later.

Some versions of the Catalyst 2900 XL software do not support clustering and if you have a cluster with switches that are running different versions of IOS software, changes on the latest release might not be reflected on switches running the older versions. For example, if you start Visual Switch Manager (VSM) on a Catalyst 2900 XL switch running Release 11.2(8)SA6, the windows and functionality can be different from a switch running Release 12.0(5)WC(1) or later.


Note If your command switch is a Catalyst 2900 XL or 3500 XL switch running IOS Release 12.0(5)XW or earlier, any device released after Release 12.0(5)XW will show as an unknown device in Cluster Manager. In this case, you will need to use VSM to manage this device.


Supported Catalyst 2900 XL and Catalyst 3500 XL Switches

Table 4 lists the cluster capabilities and software versions for Catalyst 2900 XL and Catalyst 3500 XL switches.

Table 4 Catalyst 2900 XL and Catalyst 3500 XL Switch Software and Cluster Capability

Switch
IOS Release
Cluster Capability

Catalyst 2900 XL and Catalyst 3500 XL

Release 12.0(5)XP and later

Member or command switch

Catalyst 2900 XL

Release 11.2(8)SA6

Member switch only

Catalyst 2900 XL

Release 11.2(8)SA5 and earlier

Edge device; no clustering capabilities.


Supported Catalyst 2950 Switches

The Catalyst 2950 switches can be command and member switches.

Supported Catalyst 1900 and 2820 Switches

Catalyst 1900 and 2820 switches are always member switches, not command switches. For Catalyst 1900 and 2820 switches to be cluster members, they must be running Software Release 9.00 (-A or -EN).

Downloading Software

This section describes these procedures for downloading software:

"Determining the Software Version" section

"Which Files to Use" section

"Upgrading a Switch by Using CMS" section

"Upgrading a Switch by Using the CLI" section


Note Before downloading software, read this section for important information.


Determining the Software Version

The IOS image is stored as a .bin file in a directory that is named with the IOS release. A subdirectory contains the HTML files needed for web management. The image is stored on the system board Flash device (flash:).

You can use the show version privileged EXEC command to see the software version that is running on your switch. In the display, check the line that begins with "System image file is..." It shows the directory name in Flash memory where the image is stored.

You can also use the dir filesystem: privileged EXEC command to see the directory names of other software images that you might have stored in Flash memory.

Which Files to Use

The upgrade procedures in these release notes describe how to perform the upgrade by using a combined .tar file. This file contains both the IOS image file and the HTML files (needed for the CMS). You must use the combined .tar file to upgrade the switch through the CMS.

The .tar file is an archive file from which you can extract files by using the tar command. You also use the .tar file to upgrade the system by using the archive download-sw privileged EXEC command.

Table 5 list the software file name for this IOS release.

Table 5 Cisco IOS Software Files for Catalyst 3550 Switches

Filename
Description

c3550-i5q3l2-mz.121-4.EA1c.tar

IOS image file and HTML files


Upgrading a Switch by Using CMS

You can upgrade switch software by using CMS. From the menu bar, select Administration > Software Upgrade. For detailed instructions, click the Help button in the window.

Upgrading a Switch by Using the CLI

This procedure is for copying the combined .tar file to the Catalyst 3550 switch. You copy the file to the switch from a TFTP server and extract the files. You can download an image file and replace or keep the current image.

To download software, and if necessary, the TFTP server application, follow these steps:


Step 1 Use Table 5 to identify the file that you want to download.

Step 2 Download the software image file.

If you have a SmartNet support contract, log in to one of these URLs to download the appropriate files:

http://www.cisco.com/cgi-bin/tablebuildpl/cat3550

If you do not have a SmartNet contract, download the appropriate files from this URLs:

http://www.cisco.com/pcgi-bin/tablebuild.pl/cat3550

Step 3 Download the TFTP server from the URL listed in Step 2, if necessary. The readme.txt file describes how to download the TFTP server.

Step 4 Copy the image to the appropriate TFTP directory on the workstation, and make sure the TFTP server is properly configured.

For more information, refer to Appendix B in the Catalyst 3550 Multilayer Switch Software Configuration Guide.

Step 5 Log in to the switch through the console port or a Telnet session.

Step 6 Download the image file from the TFTP server to the switch. If you are installing the same version of software that is currently on the switch, overwrite the current image by using this privileged EXEC command:

archive download-sw /overwrite /reload tftp:[[//location]/directory]/image-name.tar

The /overwrite option overwrites the software image in Flash memory with the downloaded one.

The /reload option reloads the system after downloading the image unless the configuration has been changed and not been saved.

For //location, specify the IP address of the TFTP server.

For /directory/image-name.tar, specify the directory (optional) and the image to download. Directory and image names are case sensitive.

This example shows how to download an image from a TFTP server at 172.20.129.10 and overwrite the image on the switch:

Switch# archive download-sw /overwrite tftp://172.20.129.10/c3550-i5q3l2-mz.121-4.EA1c.tar 

Note You can also download the image file from the TFTP server to the switch and keep the current image by replacing the /overwrite option with the /leave-old-sw option.



Recovering from Software Failure

In the event of a software failure, you can reload the software. For detailed recovery procedures, refer to the "Troubleshooting" chapter in the Catalyst 3550 Multilayer Switch Software Configuration Guide.

Installation Notes

You can assign IP information to your switch by using the setup program, the DHCP-based autoconfiguration (refer to the Catalyst 3550 Multilayer Switch Software Configuration Guide), or by manually assigning an IP address (refer to the Catalyst 3550 Multilayer Switch Software Configuration Guide).

This section describes these installation procedures:

"Setting Up the Catalyst 3550 Initial Configuration" section

"Configuring Browsers and Accessing CMS" section

Setting Up the Catalyst 3550 Initial Configuration

The first time that you access the switch, it runs a setup program that prompts you for IP address and other configuration information necessary for the switch to communicate with the local routers and the Internet. This information is also required if you plan to use the CMS to configure and manage the switch.


Note If the switch will be a cluster member managed through the IP address of the command switch, it is not necessary to assign IP information or a password. If you are configuring the switch as a standalone switch or as a command switch, you must assign IP information.


Follow these steps to create an initial configuration for the switch:


Step 1 Enter Y at the first two prompts.

Continue with configuration dialog? [yes/no]: yes

At any point you may enter a question mark '?' for help.
Use ctrl-c to abort configuration dialog at any prompt.
Default settings are in square brackets '[]'.

Basic management setup configures only enough connectivity
for management of the system, extended setup will ask you
to configure each interface on the system.

Would you like to enter basic management setup? [yes/no]: yes

Note To exit from the setup program, you must type no. The program does not recognize n for no.


Step 2 Enter a host name for the switch, and press Return.

On a command switch, the host name is limited to 28 characters; on a member switch to 31 characters. Do not use -n, where n is a number, as the last character in a host name for any switch.

Enter host name [Switch]: host_name

Step 3 Enter a secret password, and press Return.

The password can be from 1 to 25 alphanumeric characters, can start with a number, is case sensitive, allows spaces, but ignores leading spaces.

Enter enable secret: secret_password

Step 4 Enter an enable password, and press Return.

Enter enable password: enable_password

Step 5 Enter a virtual terminal (Telnet) password, and press Return.

The password can be from 1 to 25 alphanumeric characters, is case sensitive, allows spaces, but ignores leading spaces.

Enter virtual terminal password: terminal-password

Step 6 (Optional) Configure SNMP network management by responding to the prompts.

Step 7 Enter the interface name (physical interface or VLAN name) of the interface that connects to the management network, and press Return.

Enter interface name used to connect to the
management network from the above interface summary: interface-name

Step 8 Configure the interface by entering the switch IP address and subnet mask and pressing Return:

Configuring interface interface-name:
Configure IP on this interface? [yes]: yes 
IP address for this interface: 10.4.120.106
Subnet mask for this interface [255.0.0.0]: 255.255.255.0

Step 9 Enter Y to configure the switch as the cluster command switch. Enter N to configure it as a member switch or as a standalone switch.

If you enter N, the switch appears as a candidate switch in the Cluster Management Suite. In this case, the message in Step 10 is not displayed.

Would you like to enable as a cluster command switch? [yes/no]: yes

Step 10 Assign a name to the cluster, and press Return.

Enter cluster name: cluster_name

The cluster name can be 1 to 31 alphanumeric characters, dashes, or underscores.

Step 11 The initial configuration is displayed:

The following configuration command script was created:

hostname host-name
enable secret 5 $1$LiBw$0Xc1wyT.PXPkuhFwqyhVi0
enable password enable-password
line vty 0 15
password terminal-password
snmp-server community public
!
no ip routing
!
interface interface-name
no shutdown
ip address 10.4.120.106 255.255.255.0

interface GigabitEthernet0/1
shutdown
no ip address
!
interface GigabitEthernet0/2
shutdown
no ip address
!         
...<output abbreviated>
!
interface GigabitEthernet0/12
shutdown
no ip address

cluster enable cluster-name
!
end

Step 12 Verify that the information is correct, and enter either Y or N at the prompt:

Use this configuration? [yes/no]: yes

These choices are displayed:

[0] Go to the IOS command prompt without saving this config.

[1] Return back to the setup without saving this config.

[2] Save this configuration to nvram and exit.

Enter your selection [2]:

Make your selection, and press Return.


After you complete the setup program, the switch can run the created default configuration. If you want to change this configuration or want to perform other management tasks, use one of these tools:

Command-line interface (CLI)

Cluster Management Suite from your browser

Configuring Browsers and Accessing CMS

For the browser to use CMS, a Java plug-in is required, as described in the "Installing the Required Plug-In" section. After you have assigned an IP address to the switch and installed the plug-in, you can access the switch from your browser and use the CMS to configure other switches. To use the web-based tools, see the "Software Compatibility" section to set up the appropriate browser options.

This section describes these installation procedures:

"Configuring Netscape Communicator (All Versions)" section

"Configuring Microsoft Internet Explorer (4.01)" section

"Configuring Microsoft Internet Explorer (5.0)" section

"Displaying the CMS Access Page" section

Configuring Netscape Communicator (All Versions)

Follow these steps to configure Netscape Communicator:


Step 1 Start Netscape Communicator.

Step 2 From the menu bar, select Edit > Preferences.

Step 3 In the Preferences window, click Advanced.

Step 4 Check the Enable Java, Enable JavaScript, and Enable Style Sheets check boxes.

Step 5 From the menu bar, select Edit > Preferences.

Step 6 In the Preferences window, click Advanced Cache, and select Every time.

Step 7 Click OK to return to the browser Home page.


Configuring Microsoft Internet Explorer (4.01)

Follow these steps to configure Microsoft Internet Explorer 4.01:


Step 1 Start Internet Explorer.

Step 2 From the menu bar, select View > Internet Options.

Step 3 In the Internet Options window, click the Advanced tab.

a. Scroll through the list of options until you see Java VM. Select the Java logging enabled and Java JIT compiler enabled check boxes.

b. Click Apply.

Step 4 In the Internet Options window, click the General tab.

a. In the Temporary Internet Files section, click Settings.

b. In the Settings window, select Every visit to the page, and click OK.


Configuring Microsoft Internet Explorer (5.0)


Note During the installation of this browser, make sure to check the Install Minimal or Customize Your Browser check box. In the Component Options window in the Internet Explorer 5 section, make sure to check the Microsoft Virtual Machine check box to display applets written in Java.


Follow these steps to configure Microsoft Internet Explorer 5.0:


Step 1 Start Internet Explorer.

Step 2 From the menu bar, select Tools > Internet Options.

Step 3 In the Internet Options window, click the Advanced tab.

a. Scroll through the list of options until you see Java VM. Check the Java logging enabled and JIT compiler for virtual machine enabled check boxes.

b. Click Apply.

Step 4 In the Internet Options window, click the General tab.

a. In the Temporary Internet Files section, click Settings.

b. In the Settings window, select Every visit to the page, and click OK.

If you are using Microsoft Internet Explorer 5.0 to make configuration changes to the switch, note that this browser does not automatically reflect the latest configuration changes. Make sure you click the browser Refresh button for every configuration change.


Displaying the CMS Access Page

After the browser is configured, display the CMS access page:


Step 1 Enter the switch IP address in the browser Location field (Netscape Communicator) or Address field (Internet Explorer), and press Return.

Step 2 Enter your username and password when prompted. The password provides level 15 access. The Cisco Systems Access page appears. For more information on setting passwords and privilege levels, refer to the Catalyst 3550 Multilayer Switch Software Configuration Guide.

Step 3 Click Web Console to launch the CMS applet.

If you access CMS from a standalone or cluster member switch, Device Manager appears.


New Features in This Release

This section describes the new supported hardware and the new software features for the Catalyst 3550 switches that are provided in this release.

"New Hardware Features" section

"New Software Features" section

New Hardware Features

For a list of supported hardware, see the "Hardware Supported" section.

New Software Features

For a detailed list of key features for this software release, refer to the Catalyst 3550 Multilayer Switch Software Configuration Guide.

Limitations and Restrictions

You should review this section before you begin working with the switches. These are known limitations that will not be fixed and there is not always a workaround. Some features might not work as documented, and some features could be affected by recent changes to the switch hardware or software.

In IP multicast routing and fallback bridging, certain hardware features are used to replicate packets for the different VLANs of an outgoing trunk port. If the incoming speed is line rate, the outgoing interface cannot duplicate that speed (because of the replication of the packets). As a result, certain replicated packets are dropped. (CSCdt06148)

The mac-address interface configuration command does not properly assign a MAC address to an interface. This command is not supported on Catalyst 3550 switches. (CSCds11328)

In the output displayed after a show interface interface-id privileged EXEC command, the output buffer failures field shows the number of packets lost before replication, whereas the packets output field shows the successful transmitted packets after replication. To determine actual discarded frames, multiply the output buffer failures by the number of VLANs on which the multicast data is replicated. (CSCdt26928)

If you assign both tail-drop threshold percentages to 100 percent by using the wrr-queue threshold interface configuration command and display quality of service (QoS) information for this interface by using the show mls qos interface statistics privileged command, the drop-count statistics are always 0 even if the thresholds were exceeded. To display the total number of discarded packets, see the show controllers ethernet-controllers interface-id privileged EXEC command. In this display, the number of discarded frames includes the frames that were dropped when the tail-drop thresholds were exceeded. (CSCdt29703)

Open Shortest Path First (OSPF) path costs and Interior Gateway Routing Protocol (IGRP) metrics are incorrect for switch virtual interface (SVI) ports. You can manually configure the bandwidth of the SVI by using the bandwidth interface configuration command. Changing the bandwidth of the interface changes the routing metric for the routes when the SVI is used as an outgoing interface. (CSCdt29806)

On the Catalyst 3550, coldStart and warmStart traps are not consistently sent. (CSCdt33779)

Remote Monitoring (RMON) collection works on physical interfaces, but it is not supported on EtherChannels and SVIs. (CSCdt36101)

Multicast router information is displayed in the show ip igmp snooping mrouter privileged EXEC command when IGMP snooping is disabled. MVR and IGMP snooping use the same commands to display multicast router information. In this case, MVR is enabled and IGMP snooping is disabled. (CSCdt48002)

The dec keyword is not supported in the bridge bridge-group protocol global configuration command. If two Catalyst 3550 switches are connected to each other through an interface that is configured for IP routing and fallback bridging, and the bridge group is configured with the bridge bridge-group protocol dec command, both switches act as if they were the root of the spanning tree. Therefore, spanning-tree loops might go undetected. (CSCdt63589)

Modifying a multicast boundary access list does not prevent packets from being forwarded by any multicast routes that were in existence before the access list was modified if the packets arriving on the input interface do not violate the boundary. However, no new multicast routes that violate the updated version of the multicast boundary access list are learned, and any multicast routes that are in violation of the updated access list are not relearned if they age out.

After updating a multicast boundary, the workaround is to use the clear ip mroute privileged EXEC command to delete any existing multicast routes that violate the updated boundary. (CSCdr79083)

When an IP packet with a cyclic redundancy check (CRC) error is received, the per-packet per-DSCP counter (for DSCP 0) is incremented. Normal networks should not have packets with CRC errors. (CSCdr85898)

The behavior of a software access control list (ACL) with QoS is different from a hardware ACL with QoS. On the Catalyst 3550 switch, when the QoS hardware rewrites the DSCP of a packet, the rewriting of this field happens before software running on the CPU examines the packet, and the CPU sees only the new value and not the original DSCP value.

When the security hardware ACL matches a packet on input, the match uses the original DSCP value. For output security ACLs, the security ACL hardware should match against the final, possibly changed, DSCP value as set by the QoS hardware. Under some circumstances, a match to a security ACL in hardware prevents the QoS hardware from rewriting the DSCP and causes the CPU to see the original DSCP.

If a security ACL is applied in software (because the ACL did not fit into hardware, and packets were sent to the CPU for examination), the match most likely is made by using the new DSCP value as determined by the QoS hardware, regardless of whether the ACL is applied at the input or at the output. When packets are logged by the ACL, this problem can also affect whether or not a match is logged by the CPU even if the ACL fits into hardware and the permit or deny filtering was completed in hardware.

To avoid being affected by these issues, whenever the switch rewrites the DSCP of any packet to a value different from the original DSCP, security ACLs should not test against DSCP values in any of their ACEs, regardless of whether the ACL is being applied to an IP access group or to a VLAN map. This restriction does not apply to ACLs used in QoS class maps.

If the switch is not configured to rewrite the DSCP value of any packet, it is safe to match against DSCP in ACLs used for IP access groups or for VLAN maps because the DSCP does not change as the packet is processed by the switch.

The DSCP field of an IP packet encompasses the two fields that were originally designated precedence and TOS (type of service). Statements relating to DSCP apply equally to either IP precedence or IP TOS. (CSCdt94355)

The Cisco RPS 300 Redundant Power System supports the Catalyst 3550 multilayer switch and provides redundancy for up to six connected devices until one of these devices requires backup power. If a connected device has a power failure, the RPS immediately begins supplying power to that device and sends status information to other connected devices indicating that it is no longer available as a backup power source. As described in the device documentation, when the RPS LED is amber, the RPS is connected but down. However, this might merely mean that the RPS is in standby mode. Press the Standby/Active button on the RPS to put it into active mode. You can view RPS status through the CLI by using the show rps privileged EXEC command. For more information, refer to the RPS 300 Hardware Installation Guide.

You can connect the switch to a PC by using the switch console port and the supplied rollover cable and the DB-9 adapter. You need to provide a RJ-45-to-DB-25 female DTE adapter if you want to connect the switch console port to a terminal. You can order a kit (part number ACS-DSBUASYN=) with this RJ-45-to-DB-25 female DTE adapter from Cisco.

Host names and Domain Name System (DNS) server names that contain commas on a cluster command switch, member switch, or candidate switch can cause CMS to behave unexpectedly. You can avoid this instability in the interface by not using commas in host names or DNS names. Do not enter commas when also entering multiple DNS names in the IP Configuration tab of the IP Management window in CMS.

Access control elements (ACEs) that contain the host keyword precede all other ACEs in standard access control lists (ACLs). You can reposition the ACEs in a standard ACL with one restriction: No ACE with the any keyword or a wildcard mask can precede an ACE with the host keyword.

Important Notes

This section describes important information related to Release 12.1(4)EA1c.

When you are configuring a cascaded stack of Catalyst 3550 switches by using the GigaStack GBIC and want to include more than one VLAN in the stack, be sure to configure all the GigaStack GBIC interfaces as trunk ports by using the switchport mode trunk interface configuration command and to use the same encapsulation method by using the switchport encapsulation {isl | dot1q} interface configuration command. For more information about these commands, refer to the Catalyst 3550 Multilayer Switch Command Reference.

If the 1000BASE-T GBIC (WS-G5482) is not securely inserted, the switch might fail to recognize it or might display an incorrect media type following a show interface privileged EXEC command entry. If this happens, remove and reinsert the GBIC.

If you use CMS on Windows 2000, it might not apply configuration changes if the enable password is changed from the CLI during your CMS session. You have to restart CMS and enter the new password when prompted. Platforms other than Windows 2000 prompt you for the new enable password when it is changed.

CMS does not display QoS classes that are created through the CLI if these classes have multiple match statements. When using CMS, you cannot create classes that match more than one match statement. CMS does not display policies that have such classes.

If you use Internet Explorer Version 5.5 and point to a URL with a nonstandard port at the end of the address (for example, www.add.com:84), you must enter http:// as the URL prefix. Otherwise, you cannot launch CMS.

Within an ACL, you can change the sequence of ACEs that have the host keyword. However, because such ACEs are independent of each other, the change has no effect on the way the ACL filters traffic.

If you use the Netscape browser to view the CMS GUI and you resize the browser window while CMS is initializing, CMS does not resize to fit the window.

Resize the browser window again when CMS is not busy.

CMS does not start if the temporary directory on your computer runs out of memory. This problem can occur because of a bug in the 1.2.2 version of the Java plug-in. The plug-in creates temporary files in the directory whenever it runs CMS, and the directory eventually runs out of plug-in space.

The workaround is to remove all the jar_cache*.tmp files from the temporary directory. The path to the directory is different for different operating systems:

Solaris: /var/tmp
Windows NT and Windows 2000: \TEMP
Windows 95 and 98: \Windows\Temp

Caveats

This section describes these open caveats with possible unexpected activity in Release 12.1(4)EA1c:

"IOS Caveats" section

"Cluster Caveats" section

"Cluster Management Suite Caveats" section

IOS Caveats

This section describes these IOS configuration caveats:

CSCdu79951

When a Catalyst 3550 switch is operating in Layer 3 mode, entering a clear adjacency privileged EXEC command might cause a memory corruption which could cause the switch to fail.

The workaround is to use the clear arp privileged EXEC command to clear adjacency tables. Do not use the clear adjacency command.

CSCdu01957

The time-range option in the access-list access-list-number {deny | permit} global configuration command does not work on QoS classification.

There is no workaround.

CSCdu10704

When routed ports are grouped into an EtherChannel and a single physical interface in the EtherChannel is shut down by administrative command, all packets received on the remaining ports of that EtherChannel are routed in software rather than hardware.

The workaround and recovery procedure is to shut down and re-enable the port-channel interface. To shut down a single physical interface in an EtherChannel of routed ports, follow these steps:

a. Shut down the port-channel interface.

b. Use the no channel-group interface configuration command on the physical interface that you are shutting down. This removes the interface from the EtherChannel so that the port is not re-enabled in step c.

c. Re-enable the port-channel interface.

CSCdt10825

When you use the no interface port-channel global configuration command to remove an EtherChannel group, the ports in the port group change state to administratively down.

When you remove an EtherChannel, issue the no shutdown interface configuration command on the interfaces that belonged to the port group to bring them back on line.

CSCdt11224

Sometimes unknown unicast, unknown multicast, and broadcast packets are flooded from the multicast VLAN to MVR receiver ports.

There is no workaround.

CSCdt11329

Although ports on the Catalyst 3550-12T are 10/100/1000BASE-T, there is no CLI command to force the speed to 1000 Mbps; the only options are 10 Mbps, 100 Mbps, or auto.

There is no workaround.

CSCdu11760

After reloading the switch, any ports that are shown as shut down in the saved configuration still bring up link even though they are disabled. This can cause the device at the other end of the link to determine that connectivity is present when it is not.

Whenever a port is configured as administratively down, the port it connects to on the device at the other end of the link should also be configured as administratively down.

CSCdu11973

If dynamic trunking is enabled on the physical interfaces that make up a port channel, some of the physical interfaces in the port channel might be put into the wrong access VLAN. This causes connectivity problems and might also result in packets being forwarded into the wrong VLAN.

The workaround is to always disable dynamic trunking on port-channel interfaces by using either the switchport mode access or the switchport mode trunk interface configuration command.

CSCdt27705

IGMP packets classified by QoS to map the Differentiated Service Code Point (DSCP) value and the class of service (CoS) value in a QoS policy map might only modify the DSCP property and leave the CoS value at zero.

There is no workaround.

CSCdt39109

When copying the SVI configuration to a Layer 3 (routed) port, you might see this message:

SYS-3-MGDTIMER: Running timer, init, timer = 116FB7C

The workaround is to ignore this message. The IGMP code is re-initializing a timer that is already initialized.

CSCdt41738

When VTP pruning is enabled in the network and you change the switch to VTP transparent mode, VLANs with members might be mistakenly pruned, which can result in loss of connectivity.

The workaround is to configure the upstream switch, which is not in transparent mode, with all its VLANs as pruning ineligible on the trunk link leading to the downstream switches, which are in transparent mode. Use the switchport trunk pruning interface configuration command.

CSCdt42463

When you configure the switch with an SVI, disable IP routing, shut down the SVI, and power-cycle the switch, IP connectivity is lost when the switch comes up because the IP address of the SVI is missing from the Address Resolution Protocol (ARP) table even though the SVI is configured.

The workaround is to delete the IP addresses in the SVI by using the no ip address ip-address interface configuration command, and then re-add them so that these addresses appear in the ARP table.

CSCdt43859

When a VLAN in the VLAN Trunk Protocol (VTP) database has been deleted or disabled, the show interface privileged EXEC command display might indicate that ports in the VLAN have a status of up (when the ports in the VLAN are not forwarding), instead of down. The forwarding behavior is correct; only the display is incorrect.

The workaround is to ignore the erroneous display.

CSCdt48614

When a switch is rebooted, configurations that include a Layer-3 command that references a routed port might not be properly retained. These commands include multicast routing commands with the tunnel keyword and HSRP commands with the track keywords.

There is no workaround for this problem.

CSCdt51254

If you try to configure an ACL that uses the log keyword, an error is displayed, and a match none statement is added to the show class-map class-map-name display. Not only does the match none statement make the ACL useless, but any previously entered match commands for the same class map are not retained.

The workaround is to re-enter the old ACL without the log keyword.

CSCdt54435

When a VLAN interface has been disabled and restarted multiple times by using the shutdown and no shutdown interface configuration commands, the interface might not restart following a no shutdown command.

The workaround is to again execute a shutdown and no shutdown command sequence.

CSCds55220

If you configure the DHCP server to allocate addresses from a pool to the switch, two devices on the network might have the same IP address. Pooled addresses are temporarily allocated to a device and are returned to the pool when not in use. If you save the configuration file after the switch receives such an address, the pooled address is saved, and the switch does not attempt to access the DHCP server after a reboot to receive a new IP address. As a result, two devices might have the same IP address.

The workaround is to make sure you configure the DHCP server with reserved leases that are bound to each switch by the switch hardware address.

CSCdt55808

While toggling between the no switchport and switchport interface configuration commands, you might see this message:

SM-4-BADEVENT: Event linkup is invalid for the current state dtp

The workaround is to ignore this message; switch operation is not affected.

CSCdt57901

When you configure the Hot Standby Router Protocol (HSRP) and enter the standby priority interface configuration command, you are forced to enter the preempt keyword, which prevents you from forcing a switchover between two routers or command switches in HSRP mode.

The workaround is to force the link down on one device by using the shutdown interface configuration command so that the other link comes up.

CSCdt60412

When you configure the ip pim spt-threshold infinity interface configuration command, you want all sources for the specified group to use the shared tree and not use the source tree. However, the switch does not automatically start to use the shared tree. No connectivity problem occurs, but the switch is not using the most optimum route because it fails to join the shared tree.

The workaround is to enter the clear ip mroute * privileged EXEC command to force the switchover to the shared tree.

CSCds61396

The show ip mroute privileged EXEC command might display incorrect packet counts. In certain transient states (for example, when a multicast stream is forwarded only to CPU during the route-learning process and the CPU is programming this route into the hardware), a multicast stream packet count might be counted twice.

The workaround is to not trust the counter during this transient state.

CSCdt61708

If a GBIC in the Catalyst 3550 switch is connected to another GBIC that does not support autonegotiation, the switch does not display an error message, and you cannot disable autonegotiation. After the GBIC ports fails to negotiate with its partner, the speed interface configuration command for the interface is no longer configurable.

The workaround is to make sure both ends of the GBIC link are always enabled for autonegotiation; that the duplex and speed interface configuration commands are set to their default values (auto).

CSCdt62226

You might see this message, where dec represents an internal implementation value in hexadecimal:

ETHCNTR-3-UNEXPECTED_EVENT: Request [dec] encountered event 1 in state 2

The workaround is to ignore this message; switch operation is not affected.

CSCdt63354 and CSCdu79051

If the number of multicast routes configured on the switch is greater than the switch can support, it might run out of available memory, which can cause it to reboot.

The workaround is to not configure the switch to operate with more than the maximum number of supported multicast routes. You can use the show sdm prefer and show sdm prefer routing privileged EXEC commands to view approximate maximum configuration guidelines for the current Switch Database Management (SDM) template and the routing template.

CSCdt63480

Configuring too many multicast groups might result in an extreme low memory condition and cause the software control data structure to go out of sync, resulting in unpredictable forwarding behavior. The memory resources can only be recovered by issuing the clear ip mroute privileged EXEC command.

To prevent this situation from occurring, do not configure more than the recommended multicast routes on the switch.

CSCdu63688

Enabling BPDU debug by using the debug spanning-tree bpdu privileged EXEC command could cause the switch to become non-functional or possibly to reset.

The workaround is to not use the debug spanning-tree bpdu command.

CSCdt64650

In a configuration in which a route exists in two routing protocols on the same interface, the switch programs itself so that the route is reachable by using information from only one of the routing protocols instead of both.

The workaround is to not configure the switch in this way.

CSCdt65803

The ip default-network network number global configuration command does not always work properly. Instead of adding a default network, the command might result in adding a static route that cannot be deleted later.

The workaround is that when you use the ip default-network command, check to see that none of the switch active interfaces has an IP address with the same major network address as the network number entered in the command. If the network address is the same, add an IP default static route using the ip route global configuration command (ip route prefix mask {address | interface} [distance] [tag tag] [permanent]), instead of the ip default-network command.

CSCdt78727

When configuring an EtherChannel between a Catalyst 3550 and a Catalyst 1900 switch, some of Catalyst 3550 links in the EtherChannel might go down, but one link in the channel remains up, and connectivity is maintained.

The workaround is to disable the Port Aggregation Protocol (PAgP) on both devices by using the channel-group channel-group-number mode on interface configuration command. PAgP negotiation between these two devices is not reliable.

CSCdt79172

When the switch is operating with equal-cost routes and it is required to learn more unicast routes than it can support, the CPU might run out of memory and the switch might fail.

The workaround is to not cause the CPU to run out of memory by pushing the system beyond the documented recommended and supported limits.

CSCdu79905

When the switch is operating in Layer 3 mode and you change the IP address of an EtherChannel port channel, the CEF table does not get updated.

There is no workaround.

CSCdt79987

If a Catalyst 1900 switch and a Catalyst 3550 switch are connected through an EtherChannel port group, a Catalyst 3550 port in the group might be shut down because of a loopback detected when the link state changes. There is actually no loopback, and the port should not be shut down.

The workaround for this type of configuration is to disable the keepalive timer for the port channel interface by entering the keepalive 0 interface configuration command for the port-channel number.

CSCdu80687

If a Catalyst 3550 switch in Layer 3 mode exceeds the recommended number of unicast MAC addresses and multicast routes, resulting in a full adjacency table, entering a clear arp privileged EXEC command might cause the switch to fail.

The workaround is to not configure the switch to operate with more than the maximum number of supported multicast routes. You can use the show sdm prefer and show sdm prefer routing privileged EXEC commands to view approximate maximum configuration guidelines for the current SDM template and the routing template.

CSCdu81118

When the switch is in Layer 3 mode and routing with EIGRP, enabling EtherChannel and creating a port channel increases the delay metric for the EIGRP route to a large value, making it unavailable as the preferred route.

The workaround is to use the delay interface configuration command to set the delay metric (in tens of microseconds) for the port channel to these default values:

10 Mbps link: 100 (1000 microseconds)

100 Mbps link: 10 (100 microseconds)

1000 Mbps link: 1 (10 microseconds)

CSCdt82690

An EtherChannel group between the Catalyst 3550 and another device that supports EtherChannel might be erroneously shut down on the Catalyst 3550 side because the Catalyst 3550 reported a loopback condition detected when there is actually no loopback situation.

The workaround is to turn off the keepalive timer for the EtherChannel interface by using the no keepalive interface configuration command. The keepalive timer should only be set on physical interfaces and not on logical interfaces. The problem occurs when the Catalyst 3550 sends keepalive messages on the port-channel interface, which can sometimes result in an incorrect shutdown.

CSCds84279

When changing link speed of a Gigabit Ethernet port from 1000 Mbps to 100 Mbps, there is a slight chance that the port will lock up and stop transmitting packets.

If this occurs, the workaround is to shut down the port and bring it back up by using the shutdown and no shutdown interface configuration commands.

CSCdt85647

Debug messages do not always get logged. If you enter the logging synchronous line configuration command on the console line and then log out or disconnect from the console, when the console's synchronous message queue fills up, all logging to all destinations ceases.

You can use any one of the following workarounds:

Do not enter the logging synchronous command on the console.

Disable logging to the console.

Do not disconnect from the console; always remain logged in.

CSCdt95414

When IP traffic is redirected for some reason, the IP redirects cache does not age out, and the switch does not relearn the original route to the destination.

The workaround is to use the clear ip redirect or clear arp-cache privileged EXEC commands to clear the cache.

CSCdt96928

If you configure the switch to have over 200 SVIs, and delete a large number of these VLANs from the VTP database at one time while changing link states on some of the ports in the VLANs, the switch might shut down.

We recommend configuring a maximum of 16 routed interfaces (SVIs and routed ports) on the switch. Do not exceed this recommended limit.

CSCdt97404

If a GBIC port is disabled, either through an administrative command or because an error has been detected (loopback detection, UDLD, and so on), the switch does not shut down the link on the GBIC port, and the remote end of the connection might not detect that the connection is down. Although the link is enabled, it is not possible to transmit or receive frames on the port when it is in this state.

Connectivity problems at both Layer 2 and Layer 3 might persist for several minutes until the appropriate hold timers expire and the remote end removes routes from its routing table (if the affected routes are static routes, they might never be removed from the routing table), removes MAC addresses from the Layer 2 MAC address table, or spanning tree reconfigures to reflect a new network topology.

The workaround is if a GBIC port is set to administratively set down, you should also set the port at the remote end of the link to administratively down. There is no workaround if UDLD detects a unidirectional link and shuts down one end of the link.

Cluster Caveats

This section describes these cluster configuration caveats:

CSCdt09918

When a Catalyst 2900 XL or Catalyst 3500 XL cluster command switch is connected to a Catalyst 3550 switch, the command switch does not see any cluster candidates beyond the Catalyst 3550 switch if the Catalyst 3550 switch is not a member of the cluster.

The workaround is to add the Catalyst 3550 switch to the cluster. You can then see any cluster candidates connected to the Catalyst 3550.

CSCds20465

In a full 16-member cluster with the Catalyst 3550 as the command switch, if the command switch is continuously polled from the CMS network management application, HTTP requests might fail with a Premature end of file message.

The workaround is to close the browser and reopen it.

CSCdt43501

If both the active command switch and the standby command switch fail at the same time, the cluster is not automatically recreated. Even if there is a third passive command switch, it might not include all cluster members because it might not have all the latest cluster configuration information.

The workaround is to manually recreate the cluster if both the active and standby command switch simultaneously fail.

CSCdt60520

When both the active command switch and the standby command switch are Catalyst 3550 switches, changing HSRP priority on the command switch is not supported.

The workaround, if you want to have the standby command switch take over, is to reload the command switch.

CSCdt64048

If there are more than two Catalyst 1900 or Catalyst 2820 switches in a cluster with the Catalyst 3550 as the command switch, the cluster might lose network connectivity when the network management Cluster Management Suite (CMS) continuously polls the Catalyst 1900 or Catalyst 2820 switches.

The workaround is to stop the continuous CMS polling of the Catalyst 1900 or 2820 switches or to remove some of these switches from the cluster.

CSCdt67153

If there are redundant paths from a cluster command switch to a cluster candidate, and one of the paths goes through a routed port, the command switch always uses the routed port path. If this path loses connectivity to the candidate for some reason, the command switch still uses this path and does not change to other paths, so the candidate cannot be added to the cluster.

The workaround if a candidate cannot be added to the cluster is to explicitly specify the candidate VLAN in the cluster member command or CMS or to change the network topology so that the path does not go through a routed port.

CSCdt70872, CSCds44529, CSCds32517, CSCds55711, CSCds55787

When there is a transition from the cluster active command switch to the standby command switch, Catalyst 1900, 2820, and 4-MB 2900 switches that are cluster members might lose their cluster configuration.

The workaround is to manually add these switches back to the cluster.

CSCdu73440

When you use the cluster standby-group name global configuration command to bind an HSRP group to a cluster with the same name before you enable the cluster command switch, the cluster configuration is lost.

Before using the cluster standby-group name command, be sure that the cluster commander is an active switch.

Cluster Management Suite Caveats

This section describes these CMS configuration caveats:

CSCdu01104

If you add a cluster member and remove a cluster member in quick succession, the Front Panel view does not show the replacement.

You can see the change in the Topology view. If you close the Front Panel view and then reopen it, it also shows the change.

CSCdu02133, CSCdu03253, CSCdt90554

The Modify VLAN window opens when you click Modify on the Configure VLANs tab of the VLAN window, but you cannot modify the settings of any VLAN. The window message says There are errors in this window. It shows the message ERROR: Please enter the STE Max hops in the range of 0-3 in its status bar.

You cannot use the Modify VLAN window to set the VLAN mode to Dynamic Access. If you set the mode to Dynamic Access from the CLI and try to open the VLAN window, you see the message Unknown ifc mode:dynamic access.

The workaround is to remove the VLAN that you want to modify and create the same VLAN with identical settings.

CSCdu04736

If you create a standby commander group and then click Remove Group, some of the members or the entire group might not be removed. The VLAN for the group might not cover all the members of the group, or CMS might not have retrieved the updated states of the members.

The workaround is to take one or both of these actions:

Check the VLAN Configuration.

Choose View > Refresh. Then choose Cluster > Standby Commanders and try to remove the group again in the Standby Command Configuration window.

CSCdu07231

If the command switch is a Catalyst 3550 switch that is running 12.1(4)EA1b, you cannot use CMS on the command switch to upgrade software on Catalyst 2900 XL switches with only 4 MB of RAM. If you attempt the upgrade, you see the message insufficient flash space available.

The workaround is to use the Device Manager for the Catalyst 2900 XL switch to upgrade its software.

CSCdu08110

EtherChannel links between Catalyst 3550 switches are not displayed correctly on the Topology view. These links appear as multiple links (two separate lines). This problem occurs under all conditions — whether the VLAN mode is static access or dynamic access, whether the link has PAgP or DTP configured.

Right-click these links to open the MultiLink Decomposer window. It shows the correct representation.

CSCdu09588

Link reports contain partial or incorrect information if they are launched for a link to a device that has an STP-blocked link.

There is no workaround.

CSCdu10411

If you try to change the VLAN mode of a port from either a dynamic-access or static-access state to a trunk state, CMS displays an error message, and the change does not occur.

The workaround is to follow these steps:

a. Launch either the Topology view or Front Panel view, and select the device on which you want to configure the trunk port.

b. Choose VLAN > VLAN from the menu bar to open the VLAN window to the Assign VLANs tab.

c. Modify the port status to Trunk Desirable, and click Apply.

d. Click the Configure Trunks tab, modify the trunk encapsulation to either 802.1Q or ISL, and click Apply.

e. Click the Assign VLANs tab, modify the port VLAN mode to Trunk, and click OK.

This workaround is for Catalyst 3550 switches only. There is no workaround for Catalyst 2900 XL switches with 4 MB of RAM.

CSCdu22344

From the Device > ACL window, if you select an extended ACL and then click Modify or Details, the displayed ACE list might not be accurate. When an ACE has the deny keyword based only on source and destination address, subsequent ACEs with the deny keyword are not displayed. The ACL configuration is correct; only the displayed information is incorrect.

The workaround is to use the show ip access-list [access-list-number | name] privileged EXEC command to view the list of ACEs for an extended ACL.

CSCds29230

CMS performance degrades if the Topology View is open for several hours on a Solaris machine. The cause may be a memory leak.

The workaround is to close the browser, reopen it, and launch CMS again.

CSCdt60328

If you enable the STP BPDU guard feature on a switch, also enable Port Fast on a port that connects to a switch, and then disconnect and reconnect that switch, you cannot refresh the GUI.

The workaround is to disable Port Fast, and then shut down and re-enable the port by using the CLI.

CSCdt61586

The device manager does not launch properly if the HTTP port for the command switch is other than 80.

The workaround is to launch the device manager manually by entering in the URL. For example, to view cluster member 1 by using HTTP port 5000, you would enter:

http://nnn.nnn.nnn.nnn:5000/es1/homepage.htm

CSCdt66690

The inventory report shows no IP addresses for Catalyst 3550 switches. It shows an IP address only for devices that can have only one IP address.

There is no workaround.

CSCdt68402

When you request a routing table report from the Router Reports window, the report shows default static routes but no other default routes (such as default RIP routes, default IGRP routes, and so on).

The workaround is to enter the show ip route privileged EXEC command to see all the default routes.

CSCdt68799

If you apply changes to the Unknown MACs tab of the Flooding Control window and the device is a Catalyst 2950 switch, you see an error message that ends with % Invalid input detected at `^' marker.

The workaround is to not use the Unknown MACs tab for Catalyst 2950 switches. They do not support this feature.

CSCdt69599

The Max. update Rate field on the Uplink Fast tab of the STP window erroneously shows that you can enter a value of up to 65535 packets per second. The correct maximum value is 1000 packets per second.

CSCdt71640

Link graphs do not show the total number of errors and total number of packets dropped on a link at each polling interval. Rather, at each polling interval, they show the increment in the number of errors and packets dropped since the previous polling interval.

The workaround is to add the base totals and the increments to get the totals as of the last polling interval.

CSCdt72652

If the default network is other than 0.0.0.0 in the IP Routing window, no IP address appears in the Default Router IP field, even if one has been set.

The workaround is to enter the show ip route privileged EXEC command to see the IP address.

CSCdt73251

A link report might freeze for up to 5 minutes if it is for a link that is configured as a trunk on a switch with a large number (more than 250) VLANs.

The workaround is to use the 1.3.0 version of the Java plug-in.

CSCdt75783

Protected Port cannot be configured on Catalyst 2950 switches with CMS.

The workaround is to follow these steps to set protected ports through the CLI:

a. Connect to the Catalyst 2950 switch in privileged EXEC mode.

b. Enter global configuration mode: configure terminal.

c. Enter interface configuration mode: interface interface name.

d. Configure the protected port: port protected or no port protected.

e. Return to privileged EXEC mode.

CSCdt76817

The UplinkFast tab of the STP window does not recognize the stackable GBIC connector type. It lists the connector type as EMPTY.

There is no workaround.

CSCdt76918

When you enter a process ID (as part of the task of adding an IGRP, EIGRP, or OSPF network), the validity of the ID is not checked. In the case of OSPF, the validity of the area value is also not checked.

The workaround is to be sure to enter process IDs between 1 and 65535. Enter area values between 0 and 2147483647.

CSCdt79358

If you select an HSRP group in the Router Redundancy window and click Delete, the group is not deleted but changes to a disabled state. To delete the group, you must click Delete again.

There is no workaround.

CSCds80920

If you are printing a Topology View or Front Panel View that contains many devices and are running Solaris 2.6 with JDK1.2.2, you might get an Out of Memory error message.

The workaround is to close the browser, re-open it, and launch CMS again. Before you perform any other task, bring up the view you want to print, and click Print in the CMS menu.

CSCdt82846

When you select an interface to be a monitor port in the SPAN window, sometimes the message Error: SPAN Grouped port cannot be a monitor port is displayed even though the interface is not in any port group.

If this happens, the workaround is to use the CLI to configure a SPAN session.

CSCdt87058

In the Topology view, you cannot launch a link report for an EtherChannel.

There is no workaround.

CSCdt89722

When you perform the following actions, you sometimes cannot display a popup menu in the Front Panel view: launch the Front Panel view, browse a non-CMS page, use the browser's Back button, and launch the Front Panel view again.

The workaround is to close the browser, reopen it, and launch CMS again.

CSCdt97265

If one of the cluster members is a Catalyst 2820 switch with an FDDI Fiber SAS module, the Front Panel view does not display anything.

The workaround is to remove the Catalyst 2820 switch from the cluster or substitute an FDDI Fiber DAS module or an FDDI UTP SAS module.

Documentation Updates

All documentation for this release, except for these release notes, is provided on the Catalyst 3550 Multilayer Switch Documentation CD. The Cisco Documentation CD contains documentation for all Cisco products.

The documentation shipped with the switch refers to Release 12.1(4)EA1. The correct IOS release is Cisco IOS Release 12.1(4)EA1c.

Depending on the configuration of the operating system for your PC, the CD might not automatically launch. To view the contents of this CD, double-click the index.htm file. Your browser launches, and you can select and view the documents on the CD. If you need more information about how to set your PC to automatically launch CDs, consult your PC operating system documentation or your system administrator.

If your PC is set to automatically launch CDs, the index page opens when you insert the CD or when you click the CD icon.

In the Catalyst 3550 Multilayer Switch Software Configuration Guide, in Chapter 6 "Administering the Switch," Table 6-6 shows the number of allowed Multicast routes for the Access Template as 8 K. The correct number should be 7 K.

Related Documentation

You can order printed copies of documents with a DOC-xxxxxxx= number. For more information, see the "Obtaining Documentation" section.

These publications provide more information about the switch:

Catalyst 3550 Multilayer Switch Documentation CD

This CD is shipped with the switch and contains these documents:

Catalyst 3550 Multilayer Switch Software Configuration Guide (order number DOC-7811194=)

Catalyst 3550 Multilayer Switch Command Reference (order number DOC-7811195=)

Catalyst 3550 Multilayer Switch System Message Guide (order number DOC-7811196=)

Catalyst 3550 Multilayer Switch Hardware Installation Guide (order number DOC-7811358=)

Catalyst GigaStack Gigabit Interface Converter Hardware Installation Guide (order number DOC-786460=)

1000BASE-T GBIC Installation Notes (not orderable but available on Cisco.com)

Cluster Management Suite (CMS) online help

Obtaining Documentation

The following sections provide sources for obtaining documentation from Cisco Systems.

World Wide Web

You can access the most current Cisco documentation on the World Wide Web at these sites:

http://www.cisco.com

http://www-china.cisco.com

http://www-europe.cisco.com

Documentation CD-ROM

Cisco documentation and additional literature are available in a CD-ROM package, which ships with your product. The Documentation CD-ROM is updated monthly and might be more current than printed documentation. The CD-ROM package is available as a single unit or as an annual subscription.

Ordering Documentation

Cisco documentation is available in these ways:

Registered Cisco Direct Customers can order Cisco Product documentation from the Networking Products MarketPlace:

http://www.cisco.com/cgi-bin/order/order_root.pl

Registered Cisco.com users can order the Documentation CD-ROM through the online Subscription Store:

http://www.cisco.com/go/subscription

Nonregistered Cisco.com users can order documentation through a local account representative by calling Cisco corporate headquarters (California, USA) at 408 526-7208 or, in North America, by calling 800 553-NETS(6387).

Documentation Feedback

If you are reading Cisco product documentation on the World Wide Web, you can send us your comments by completing the online survey. When you display the document listing for this platform, click Give Us Your Feedback. If you are using the product-specific CD and you are connected to the Internet, click the pencil-and-paper icon in the toolbar to display the survey. After you display the survey, select the manual that you wish to comment on. Click Submit to send your comments to the Cisco documentation group.

You can e-mail your comments to bug-doc@cisco.com.

To submit your comments by mail, for your convenience many documents contain a response card behind the front cover. Otherwise, you can mail your comments to this address:

Cisco Systems, Inc.
Document Resource Connection
170 West Tasman Drive
San Jose, CA 95134-9883

We appreciate your comments.

Obtaining Technical Assistance

Cisco provides Cisco.com as a starting point for all technical assistance. Customers and partners can obtain documentation, troubleshooting tips, and sample configurations from online tools. For Cisco.com registered users, additional troubleshooting tools are available from the TAC website.

Cisco.com

Cisco.com is the foundation of a suite of interactive, networked services that provides immediate, open access to Cisco information and resources at anytime, from anywhere in the world. This highly integrated Internet application is a powerful, easy-to-use tool for doing business with Cisco.

Cisco.com provides a broad range of features and services to help customers and partners streamline business processes and improve productivity. Through Cisco.com, you can find information about Cisco and our networking solutions, services, and programs. In addition, you can resolve technical issues with online technical support, download and test software packages, and order Cisco learning materials and merchandise. Valuable online skill assessment, training, and certification programs are also available.

Customers and partners can self-register on Cisco.com to obtain additional personalized information and services. Registered users can order products, check on the status of an order, access technical support, and view benefits specific to their relationships with Cisco.

To access Cisco.com, go to this website:

http://www.cisco.com

Technical Assistance Center

The Cisco TAC website is available to all customers who need technical assistance with a Cisco product or technology that is under warranty or covered by a maintenance contract.

Contacting TAC by Using the Cisco TAC Website

If you have a priority level 3 (P3) or priority level 4 (P4) problem, contact TAC by going to the TAC website:

http://www.cisco.com/tac

P3 and P4 level problems are defined as follows:

P3—Your network performance is degraded. Network functionality is noticeably impaired, but most business operations continue.

P4—You need information or assistance on Cisco product capabilities, product installation, or basic product configuration.

In each of the above cases, use the Cisco TAC website to quickly find answers to your questions.

To register for Cisco.com, go to this website:

http://www.cisco.com/register/

If you cannot resolve your technical issue by using the TAC online resources, Cisco.com registered users can open a case online by using the TAC Case Open tool at this website:

http://www.cisco.com/tac/caseopen

Contacting TAC by Telephone

If you have a priority level 1(P1) or priority level 2 (P2) problem, contact TAC by telephone and immediately open a case. To obtain a directory of toll-free numbers for your country, go to this website:

http://www.cisco.com/warp/public/687/Directory/DirTAC.shtml

P1 and P2 level problems are defined as follows:

P1—Your production network is down, causing a critical impact to business operations if service is not restored quickly. No workaround is available.

P2—Your production network is severely degraded, affecting significant aspects of your business operations. No workaround is available.