Guest

Cisco Catalyst 3550 Series Switches

Release Notes for the Catalyst 3550 Multilayer Switch, Cisco IOS Release 12.1(6)EA1a

  • Viewing Options

  • PDF (498.0 KB)
  • Feedback
Release Notes for the Catalyst 3550 Multilayer Switch Cisco IOS Release 12.1(6)EA1a

Table Of Contents

Release Notes for the
Catalyst 3550 Multilayer Switch
Cisco IOS Release 12.1(6)EA1a

Contents

System Requirements

Hardware Supported

Software Compatibility

Recommended Platform Configuration for Web-Based Management

Operating System and Browser Support

Installing the Required Plug-In

Creating Clusters with Different Releases of IOS Software

Supported Catalyst 2900 XL and Catalyst 3500 XL Switches

Supported Catalyst 2950 Switches

Supported Catalyst 1900 and 2820 Switches

Downloading Software

Determining the Software Version and Feature Set

Which Files to Use

Upgrading a Switch by Using CMS

Upgrading a Switch by Using the CLI

Recovering from Software Failure

Installation Notes

Setting Up the Catalyst 3550 Initial Configuration

Configuring Browsers and Accessing CMS

Configuring Netscape Communicator (All Versions)

Configuring Microsoft Internet Explorer (4.01)

Configuring Microsoft Internet Explorer (5.0)

Displaying the CMS Access Page

New Features in This Release

New Hardware Features

New Software Features

Limitations and Restrictions

Important Notes

Open Caveats

Open IOS Caveats

Open Cluster Caveats

Open Cluster Management Suite Caveats

Resolved Caveats

Resolved IOS Caveats in Release 12.1(6)EA1a

Resolved IOS Caveats in Release 12.1(6)EA1

Resolved Cluster Caveats in Release 12.1(6)EA1a

Resolved Cluster Caveats in Release 12.1(6)EA1

Resolved Cluster Management Suite Caveat in Release 12.1(6)EA1a

Resolved Cluster Management Suite Caveats in Release 12.1(6)EA1

Documentation Updates

Errors

Additions

Omissions

Disabling Password Recovery

Attempting Password Recovery

Related Documentation

Obtaining Documentation

World Wide Web

Documentation CD-ROM

Ordering Documentation

Documentation Feedback

Obtaining Technical Assistance

Cisco.com

Technical Assistance Center

Cisco TAC Web Site

Cisco TAC Escalation Center


Release Notes for the
Catalyst 3550 Multilayer Switch
Cisco IOS Release 12.1(6)EA1a


December 14, 2001

Cisco IOS Release 12.1(6)EA1a runs on Catalyst 3550 multilayer switches.

These release notes include important information about this IOS release and any limitations, restrictions, and caveats that apply to it. Verify that these are the correct release notes for your switch:

If you are installing a new switch, refer to the IOS release label on the rear panel of your switch.

If your switch is on and running, you can use the show version privileged EXEC command. See the "Determining the Software Version and Feature Set" section.

If you are upgrading to a new release, refer to the software upgrade filename for the IOS version.

For the complete list of Catalyst 3550 switch documentation, see the "Related Documentation" section.

This IOS release is part of a special release of Cisco IOS software that is not released on the same 8-week maintenance cycle that is used for other platforms. As maintenance releases and future IOS releases become available, they will be posted to Cisco.com (previously Cisco Connection Online [CCO]) in the Cisco IOS software area.

Contents

This document has these sections:

"System Requirements" section

"Downloading Software" section

"Installation Notes" section

"New Features in This Release" section

"Limitations and Restrictions" section

"Important Notes" section

"Open Caveats" section

"Resolved Caveats" section

"Documentation Updates" section

"Related Documentation" section

"Obtaining Documentation" section

"Obtaining Technical Assistance" section

System Requirements

This section describes these system requirements for this IOS release:

"Hardware Supported" section

"Software Compatibility" section

Hardware Supported

Table 1 lists the hardware supported by this IOS release.

Table 1 Supported Hardware

Switch
Description

Catalyst 3550-12T

10 Gigabit Ethernet 10/100/1000BASE-T ports and 2 Gigabit Interface Converter (GBIC)-based Gigabit Ethernet slots

Catalyst 3550-12G

10 GBIC-based Gigabit Ethernet slots and 2 10/100/1000BASE-T ports

Catalyst 3550-24

24 autosensing 10/100 Ethernet ports and 2 GBIC-based Gigabit Ethernet slots

GBIC modules

1000BASE-SX GBIC

1000BASE-LX/LH GBIC

1000BASE-ZX GBIC

1000BASE-T GBIC

GigaStack GBIC

Redundant power system

Cisco RPS 300 Redundant Power System


Software Compatibility

This section describes these software compatibility requirements for this IOS release:

"Recommended Platform Configuration for Web-Based Management" section

"Operating System and Browser Support" section

"Installing the Required Plug-In" section

"Creating Clusters with Different Releases of IOS Software" section

Recommended Platform Configuration for Web-Based Management

Table 2 lists the recommended platforms for Web-based management.

Table 2 Recommended Platform Configuration for Web-Based Management

OS
Processor Speed
DRAM
Number of Colors
Resolution
Font Size

Windows NT 4.0

Pentium 300 MHz

128 MB

65,536

1024 x 768

Small

Solaris 2.5.1

SPARC 333 MHz

128 MB

Most colors for applications

Small (3)


The minimum PC requirement is a Pentium processor running at 233 MHz with 64 MB of DRAM. The minimum UNIX workstation requirement is a Sun Ultra 1 running at 143 MHz with 64 MB of DRAM.

For information about supported operating systems, see the next section.

Operating System and Browser Support

You can access the web-based interfaces through the browsers listed in Table 3. The switch checks the browser version when starting a session to ensure that the browser is supported. If the browser is not supported, the switch displays an error message, and the session does not start.

Table 3 Operating System and Browser Support

Operating System
Minimum Service Pack or Patch
Netscape Communicator 1
Microsoft Internet Explorer

Windows 95

Service Pack 1

4.61, 4.7

4.01a or 5.0

Windows 98

Second Edition

4.61, 4.7

4.01a or 5.0

Windows NT 4.0

Service Pack 3 or later

4.61, 4.7

4.01a or 5.0

Windows 2000

None

4.61, 4.7

4.01a or 5.0

Solaris 2.5.1 or later

Sun-recommended patch cluster for the OS and Motif library patch 103461-24

4.61, 4.7

Not supported

1 Netscape Communicator version 4.60 is not supported.



Note If your browser is Internet Explorer and you receive an error message stating that the page might not display correctly because your security settings prohibit running activeX controls, this might mean that your security settings are set too high. To lower security settings, go to Tools > Internet Options, and select the Security tab. Select the indicated Zone, and move the Security Level for this Zone slider from High to Medium (the default).


Installing the Required Plug-In

A Java plug-in is required for the browser to access the Java-based Cluster Management Suite (CMS). Download and install the plug-in before you start CMS. Each platform, Windows and Solaris, supports two plug-in versions, one of which is recommended. For information on the supported plug-ins, see the "Windows 2000, Windows 95, Windows 98, and Windows NT 4.0 Platforms" section and "Solaris Platforms" section.

You can download the recommended plug-ins from this site: http://www.cisco.com/pcgi-bin/tablebuild.pl/java.

If the Java applet does not initialize after you have installed the plug-in, open the Java Plug-in Control Panel (Start > Programs > Java Plug-in Control Panel), and verify these settings:

In the Proxies tab, verify that Use browser settings is checked and that no proxies are enabled.


Note If you are running an Internet virus checker on Windows 2000 and the plug-in takes a long time to load, you can speed up CMS operation by disabling the virus checker filter option or download option or both.

On McAfee VirusScan, from the Start menu, to disable the VirusScan Internet Filter option, the Download Scan option, or both, select Start > Programs > Network Associates > Virus Scan Console > Configure.

or

From the taskbar, right-click the Virus Shield icon and in the Quick Enable menu, disable the options by deselecting Internet Filter or Download Scan.


Windows 2000, Windows 95, Windows 98, and Windows NT 4.0 Platforms

These Java plug-ins are supported on the Windows platform:


Caution To avoid performance and compatibility issues, do not use Java plug-ins later than Java plug-in 1.3.0.

Java plug-in 1.3.0 (recommended)

If you start CMS without having installed the required Java plug-in, the browser automatically detects this. If you are using a supported Internet Explorer browser, it automatically downloads and installs the plug-in. If you are using a supported Netscape browser, the browser displays a Cisco.com page that contains the Java plug-in and installation instructions.

If you are using Windows 2000, Netscape Communicator might not detect the missing Java plug-in.

You can download this plug-in and instructions from this URL:

http://www.cisco.com/pcgi-bin/tablebuild.pl/java


Note Uninstall older versions of the Java plug-ins before installing the Java plug-in 1.3.0.


Java plug-in 1.2.2_05

This plug-in is not automatically downloaded to the switch; however, you can download it from http://www.cisco.com/pcgi-bin/tablebuild.pl/java.

Solaris Platforms

These Java plug-ins are supported on the Solaris platform:


Caution To avoid performance and compatibility issues, do not use Java plug-ins later than Java plug-in 1.3.0.

Java plug-in 1.2.2_07 (recommended)

You can download this plug-in and instructions from this URL:

http://www.cisco.com/pcgi-bin/tablebuild.pl/java

To install the Java plug-in, follow the instructions in the README_FIRST.txt file.

Java plug-in 1.3.0

You can download this plug-in and instructions from this URL:

http://www.cisco.com/pcgi-bin/tablebuild.pl/java

To install the Java plug-in, follow the instructions in the README_FIRST.txt file.

Creating Clusters with Different Releases of IOS Software

When a cluster consists of Catalyst 3550 switches and a mixture of other Catalyst switches, we strongly recommend using only the Catalyst 3550 switches as the command and standby command switches. When the command switch is a Catalyst 3550 switch, all standby command switches must either be Catalyst 3550 switches or Catalyst 2950 switches that are running Cisco IOS Release 12.1(6)EA2 or later.

These switches are eligible cluster members:

Catalyst 3500 XL switches running Release 12.0(5.1)XP or later

Catalyst 2950 switches running Release 12.0(5)WC(1) or later

Catalyst 2900 LRE XL switches running Release 12.0(5)WC(1) or later

Catalyst 2900 XL switches with 8 MB of DRAM running Release 12.0(5.1)XP or later

Catalyst 2900 XL switches with 4 MB of DRAM running Release 11.2(8.5)SA6 or later

Catalyst 1900 and 2820 switches running Release 9.00.00 or later

Some versions of the Catalyst 2900 XL software do not support clustering and if you have a cluster with switches that are running different versions of IOS software, software features added on the latest release might not be reflected on switches running the older versions. For example, if you start Visual Switch Manager (VSM) on a Catalyst 2900 XL switch running Release 11.2(8)SA6, the windows and functionality can be different from a switch running Release 12.0(5)WC(1) or later.


Note The CMS is not forward-compatible, which means that if a member switch is running a software version that is newer than the release running on the command switch, the member switch is displayed as an unknown device in the Front Panel view. You cannot configure any parameters or generate a report through CMS for that member; instead, you must launch the Device Manager application to perform configuration and obtain reports for that member.


Supported Catalyst 2900 XL and Catalyst 3500 XL Switches

Table 4 lists the cluster capabilities and software versions for Catalyst 2900 XL and Catalyst 3500 XL switches.

Table 4 Catalyst 2900 XL and Catalyst 3500 XL Switch Software and Cluster Capability

Switch
IOS Release
Cluster Capability

Catalyst 3500 XL

Release 12.0(5.1)XP or later

Member or command switch

Catalyst 2900 XL (8-MB switches)

Release 12.0(5.1)XP or later

Member switch only

Catalyst 2900 XL (4-MB switches such as the 2916M-XL)

Release 11.2(8.5)SA6 or later

Edge device; no clustering capabilities


Supported Catalyst 2950 Switches

The Catalyst 2950 switches can be command and member switches.

Supported Catalyst 1900 and 2820 Switches

Catalyst 1900 and 2820 switches are always member switches, not command switches. Catalyst 1900 and 2820 switches must be running Software Release 9.00 (-A or -EN) to be cluster members.

Downloading Software

This section describes these procedures for downloading software:

"Determining the Software Version and Feature Set" section

"Which Files to Use" section

"Upgrading a Switch by Using CMS" section

"Upgrading a Switch by Using the CLI" section


Note Before downloading software, read this section for important information.


Determining the Software Version and Feature Set

The IOS image is stored as a .bin file in a directory that is named with the IOS release. A subdirectory contains the HTML files needed for web management. The image is stored on the system board Flash device (flash:).

You can use the show version privileged EXEC command to see the software version that is running on your switch. In the display, check the line that begins with System image file is. It shows the directory name in Flash memory where the image is stored. A couple of lines below the image name, you see Running Layer 2/3 Switching Image if you are running the enhanced multilayer software image, or Running Layer 2 Switching Image Only if you are running the standard multilayer software image.


Note Although the show version output always shows the software image running on the switch (Layer 2 or Layer 2/3), the model name shown at the end of this display is the factory configuration (SMI or EMI) and does not change if you upgrade the software image.


You can also use the dir filesystem: privileged EXEC command to see the directory names of other software images that you might have stored in Flash memory.

Which Files to Use

The upgrade procedures in these release notes describe how to perform the upgrade by using a combined .tar file. This file contains both the IOS image file and the HTML files (needed for the CMS). You must use the combined .tar file to upgrade the switch through the CMS.

The .tar file is an archive file from which you can extract files by using the tar command. You also use the .tar file to upgrade the system by using the archive download-sw privileged EXEC command.

Table 5 lists the software file names for this IOS release.

Table 5 Cisco IOS Software Files for Catalyst 3550 Switches

Filename
Description

c3550-i9q3l2-mz.121-6.EA1a.tar

IOS image file and HTML files
This image, the standard multilayer software image, has Layer 2+ features only.

c3550-i5q3l2-mz.121-6.EA1a.tar

IOS image file and HTML files
This image, the enhanced multilayer software image, has both Layer 2 and Layer 3 features.



Note All Catalyst 3550 Gigabit Ethernet switches ship with the enhanced multilayer software image (EMI) installed. This image is an orderable upgrade for Catalyst 3550 Fast Ethernet switches with the standard multilayer software image (SMI) pre-installed.


Upgrading a Switch by Using CMS

You can upgrade switch software by using CMS. From the menu bar, select Administration > Software Upgrade. For detailed instructions, click Help.

Upgrading a Switch by Using the CLI

This procedure is for copying the combined .tar file to the Catalyst 3550 switch. You copy the file to the switch from a TFTP server and extract the files. You can download an image file and replace or keep the current image.

To download software, and if necessary, the TFTP server application, follow these steps:


Step 1 Use Table 5 to identify the file that you want to download.

Step 2 Download the software image file.

If you have a SmartNet support contract, log in to this URL to download the appropriate files:

http://www.cisco.com/cgi-bin/tablebuildpl/cat3550

If you do not have a SmartNet contract, go to this URL and follow the instructions to register on Cisco.com and download the appropriate files:

http://www.cisco.com/pcgi-bin/tablebuild.pl/cat3550

Step 3 Download the Cisco TFTP server from the URL listed in Step 2, if necessary. The information on this page describes how to download and configure the TFTP server.

Step 4 Copy the image to the appropriate TFTP directory on the workstation, and make sure the TFTP server is properly configured.

For more information, refer to Appendix B in the Catalyst 3550 Multilayer Switch Software Configuration Guide.

Step 5 Log in to the switch through the console port or a Telnet session.

Step 6 Check your VLAN 1 configuration by using the show interfaces vlan 1 privileged EXEC command, and verify that VLAN 1 is part of the same network as the TFTP server. (Check the Internet address is line near the top of the display.)

Step 7 Download the image file from the TFTP server to the switch. If you are installing the same version of software that is currently on the switch, overwrite the current image by using this privileged EXEC command:

archive download-sw /overwrite /reload tftp:[[//location]/directory]/image-name.tar

The /overwrite option overwrites the software image in Flash memory with the downloaded one.

The /reload option reloads the system after downloading the image unless the configuration has been changed and not been saved.

For //location, specify the IP address of the TFTP server.

For /directory/image-name.tar, specify the directory (optional) and the image to download. Directory and image names are case sensitive.

This example shows how to download an image from a TFTP server at 172.20.129.10 and to overwrite the image on the switch:

Switch# archive download-sw /overwrite tftp://172.20.129.10/c3550-i5q3l2-mz.121-6.EA1a.tar 

Note You can also download the image file from the TFTP server to the switch and keep the current image by replacing the /overwrite option with the /leave-old-sw option.



Recovering from Software Failure

In the software fails, you can reload the software. For detailed recovery procedures, refer to the "Troubleshooting" chapter in the Catalyst 3550 Multilayer Switch Software Configuration Guide.

Installation Notes

You can assign IP information to your switch by using the setup program, the Dynamic Host Configuration Protocol (DHCP)-based autoconfiguration (refer to the Catalyst 3550 Multilayer Switch Software Configuration Guide), or by manually assigning an IP address (refer to the Catalyst 3550 Multilayer Switch Software Configuration Guide).

This section describes these installation procedures:

"Setting Up the Catalyst 3550 Initial Configuration" section

"Configuring Browsers and Accessing CMS" section

Setting Up the Catalyst 3550 Initial Configuration

The first time that you access the switch, it runs a setup program that prompts you for an IP address and other configuration information necessary for the switch to communicate with the local routers and the Internet. This information is also required if you plan to use the CMS to configure and manage the switch.


Note If the switch will be a cluster member managed through the IP address of the command switch, it is not necessary to assign IP information or a password. If you are configuring the switch as a standalone switch or as a command switch, you must assign IP information.


Follow these steps to create an initial configuration for the switch:


Step 1 Enter Yes at the first two prompts.

Would you like to enter the initial configuration dialog? [yes/no]: yes

At any point you may enter a question mark '?' for help.
Use ctrl-c to abort configuration dialog at any prompt.
Default settings are in square brackets '[]'.

Basic management setup configures only enough connectivity
for management of the system, extended setup will ask you
to configure each interface on the system.

Would you like to enter basic management setup? [yes/no]: yes

Step 2 Enter a host name for the switch, and press Return.

On a command switch, the host name is limited to 28 characters; on a member switch to 31 characters. Do not use -n, where n is a number, as the last character in a host name for any switch.

Enter host name [Switch]: host_name

Step 3 Enter a secret password, and press Return.

The password can be from 1 to 25 alphanumeric characters, can start with a number, is case sensitive, allows spaces, but ignores leading spaces.

Enter enable secret: secret_password

Step 4 Enter an enable password, and press Return.

Enter enable password: enable_password

Step 5 Enter a virtual terminal (Telnet) password, and press Return.

The password can be from 1 to 25 alphanumeric characters, is case sensitive, allows spaces, but ignores leading spaces.

Enter virtual terminal password: terminal-password

Step 6 (Optional) Configure Simple Network Management Protocol (SNMP) by responding to the prompts.

Step 7 Enter the interface name (physical interface or VLAN name) of the interface that connects to the management network, and press Return. For this release, always use vlan 1 as that interface.

Enter interface name used to connect to the
management network from the above interface summary: vlan 1

Step 8 Configure the interface by entering the switch IP address and subnet mask and pressing Return:

Configuring interface vlan 1:
Configure IP on this interface? [yes]: yes 
IP address for this interface: 10.4.120.106
Subnet mask for this interface [255.0.0.0]: 255.255.255.0

Step 9 Enter Y to configure the switch as the cluster command switch. Enter N to configure it as a member switch or as a standalone switch.

If you enter N, the switch appears as a candidate switch in the CMS. In this case, the message in Step 10 is not displayed.

Would you like to enable as a cluster command switch? [yes/no]: yes

Step 10 Assign a name to the cluster, and press Return.

Enter cluster name: cluster_name

The cluster name can be 1 to 31 alphanumeric characters, dashes, or underscores.

The initial configuration appears:

The following configuration command script was created:

hostname host-name
enable secret 5 $1$LiBw$0Xc1wyT.PXPkuhFwqyhVi0
enable password enable-password
line vty 0 15
password terminal-password
snmp-server community public
!
no ip routing
!
interface vlan 1
no shutdown
ip address 10.4.120.106 255.255.255.0

interface GigabitEthernet0/1
no ip address
!
interface GigabitEthernet0/2
no ip address
!         
...<output abbreviated>
!
interface GigabitEthernet0/12
no ip address

cluster enable cluster-name
!
end

Step 11 These choices are displayed:

[0] Go to the IOS command prompt without saving this config.

[1] Return back to the setup without saving this config.

[2] Save this configuration to nvram and exit.

Enter your selection [2]:2

Make your selection, and press Return.


After you complete the setup program, the switch can run the created default configuration. If you want to change this configuration or want to perform other management tasks, use one of these tools:

Command-line interface (CLI)

Cluster Management Suite from your browser

Configuring Browsers and Accessing CMS

For the browser to use CMS, a Java plug-in is required, as described in the "Installing the Required Plug-In" section. After you have assigned an IP address to the switch and installed the plug-in, you can access the switch from your browser and use the CMS to configure other switches. To use the web-based tools, see the "Software Compatibility" section to set up the appropriate browser options.

This section describes these installation procedures:

"Configuring Netscape Communicator (All Versions)" section

"Configuring Microsoft Internet Explorer (4.01)" section

"Configuring Microsoft Internet Explorer (5.0)" section

"Displaying the CMS Access Page" section

Configuring Netscape Communicator (All Versions)

Follow these steps to configure Netscape Communicator:


Step 1 Start Netscape Communicator.

Step 2 From the menu bar, select Edit > Preferences.

Step 3 In the Preferences window, click Advanced.

Step 4 Check the Enable Java, Enable JavaScript, and Enable Style Sheets check boxes.

Step 5 From the menu bar, select Edit > Preferences.

Step 6 In the Preferences window, click Advanced Cache, and select Every time.

Step 7 Click OK to return to the browser Home page.


Configuring Microsoft Internet Explorer (4.01)

Follow these steps to configure Microsoft Internet Explorer 4.01:


Step 1 Start Internet Explorer.

Step 2 From the menu bar, select View > Internet Options.

Step 3 In the Internet Options window, click the Advanced tab.

a. Scroll through the list of options until you see Java VM. Check the Java logging enabled and Java JIT compiler enabled check boxes.

b. Click Apply.

Step 4 In the Internet Options window, click the General tab.

a. In the Temporary Internet Files section, click Settings.

b. In the Settings window, select Every visit to the page, and click OK.


Configuring Microsoft Internet Explorer (5.0)


Note During the installation of this browser, make sure to check the Install Minimal or Customize Your Browser check box. In the Component Options window in the Internet Explorer 5 section, make sure to check the Microsoft Virtual Machine check box to display applets written in Java.


Follow these steps to configure Microsoft Internet Explorer 5.0:


Step 1 Start Internet Explorer.

Step 2 From the menu bar, select Tools > Internet Options.

Step 3 In the Internet Options window, click the Advanced tab.

a. Scroll through the list of options until you see Java VM. Check the Java logging enabled and JIT compiler for virtual machine enabled check boxes.

b. Click Apply.

Step 4 In the Internet Options window, click the General tab.

a. In the Temporary Internet Files section, click Settings.

b. In the Settings window, select Every visit to the page, and click OK.


If you are using Microsoft Internet Explorer 5.0 to make configuration changes to the switch, note that this browser does not automatically reflect the latest configuration changes. Make sure that you click Refresh for every configuration change.

Displaying the CMS Access Page

After the browser is configured, display the CMS access page:


Step 1 Enter the switch IP address in the browser Location field (Netscape Communicator) or Address field (Internet Explorer), and press Return.

Step 2 Enter your username and password when prompted. The password provides level 15 access. The Cisco Systems Access page appears. For more information on setting passwords and privilege levels, refer to the Catalyst 3550 Multilayer Switch Software Configuration Guide.

Step 3 Click Web Console to launch the CMS applet.

If you access CMS from a standalone or a cluster-member switch, Device Manager appears.


New Features in This Release

This section describes the new supported hardware and the new software features for the Catalyst 3550 switches that are provided in this release.

"New Hardware Features" section

"New Software Features" section

New Hardware Features

For a list of supported hardware, see the "Hardware Supported" section.

New Software Features

This software release contains these new features or enhancements:

QoS support on 10/100 Ethernet ports—The Catalyst 3550 Fast Ethernet switches use egress queues, which select the minimum-reserve level and buffer size and use weighted round robin (WRR) to provide congestion management.

Each 10/100 Ethernet port has four egress queues, one of which can be the egress expedite queue. Each queue can access one of eight minimum-reserve levels; by default each level has 100 packets of buffer space for queueing packets. You can configure the buffer size of the minimum-reserve levels on all 10/100 ports and assign the minimum-reserve level to an egress queue on a 10/100 Ethernet port by using the mls qos min-reserve global configuration command and the wrr-queue min-reserve interface configuration command.

8 policers are supported on ingress 10/100 Ethernet ports.

The Switch Database Management (SDM) templates have been added for Fast Ethernet switches. Note that the numbers in these templates are different than those for Gigabit Ethernet switches.


Note For a detailed description of these software features and other features supported on the switch, refer to the Catalyst 3550 Multilayer Switch Software Configuration Guide.


Password recovery disable—The default configuration for Catalyst 3550 switches allows an end user with physical access to the switch to recover from a lost password by interrupting the boot process while the switch is powering up and entering a new password. With the password recovery disable feature, system administrators can protect access to the switch password by disabling part of the password-recovery functionality. When you enter the no service password-recovery global configuration command, the password-recovery mechanism is disabled, and interrupting the boot process is allowed only if the user agrees to set the system back to the default configuration. For more information, see the "Documentation Updates" section.


Note The no service password-recovery global configuration command is available only on Catalyst 3550 Fast Ethernet switches; it is not available for Gigabit Ethernet switches.


Limitations and Restrictions

You should review this section before you begin working with the switches. These are known limitations that will not be fixed, and there is not always a workaround. Some features might not work as documented, and some features could be affected by recent changes to the switch hardware or software.

In IP multicast routing and fallback bridging, certain hardware features are used to replicate packets for the different VLANs of an outgoing trunk port. If the incoming speed is line rate, the outgoing interface cannot duplicate that speed (because of the replication of the packets). As a result, certain replicated packets are dropped. (CSCdt06418)

When a Catalyst 2900 XL or Catalyst 3500 XL cluster command-switch is connected to a Catalyst 3550 switch, the command switch does not find any cluster candidates beyond the Catalyst 3550 switch if it is not a member of the cluster. You must add the Catalyst 3550 switch to the cluster. You can then see any cluster candidates connected to it. (CSCdt09918)

When you use the no interface port-channel global configuration command to remove an EtherChannel group, the ports in the port group change to the administratively down state.

When you remove an EtherChannel group, enter the no shutdown interface configuration command on the interfaces that belonged to the port group to bring them back on line. (CSCdt10825)

The mac-address interface configuration command does not properly assign a MAC address to an interface. This command is not supported on Catalyst 3550 switches. (CSCds11328)

In the output displayed after a show interface interface-id privileged EXEC command, the output buffer failures field shows the number of packets lost before replication, whereas the packets output field shows the successful transmitted packets after replication. To determine actual discarded frames, multiply the output buffer failures by the number of VLANs on which the multicast data is replicated. (CSCdt26928)

Internet Group Management Protocol (IGMP) packets classified by quality of service (QoS) to map the Differentiated Service Code Point (DSCP) value and the class of service (CoS) value in a QoS policy map might only modify the DSCP property and leave the CoS value at zero. (CSCdt27705)

If you assign both tail-drop threshold percentages to 100 percent by using the wrr-queue threshold interface configuration command and display QoS information for this interface by using the show mls qos interface statistics privileged command, the drop-count statistics are always zero even if the thresholds were exceeded. To display the total number of discarded packets, use the show controllers ethernet-controllers interface-id privileged EXEC command. In the display, the number of discarded frames includes the frames that were dropped when the tail-drop thresholds were exceeded. (CSCdt29703)

Disabling autonegotiation on a GBIC interface by using the speed nonegotiate interface configuration command might cause the interface to show that the physical link is up, even when it is not connected. (CSCdv29722)

Open Shortest Path First (OSPF) path costs and Interior Gateway Routing Protocol (IGRP) metrics are incorrect for switch virtual interface (SVI) ports. You can manually configure the bandwidth of the SVI by using the bandwidth interface configuration command. Changing the bandwidth of the interface changes the routing metric for the routes when the SVI is used as an outgoing interface. (CSCdt29806)

When there is a transition from the cluster active command-switch to the standby command-switch, Catalyst 1900, 2820, and 4-MB 2900 switches that are cluster members might lose their cluster configuration. You must manually add these switches back to the cluster.
(CSCds32517, CSCds44529, CSCds55711, CSCds55787, CSCdt70872)

On the Catalyst 3550, coldStart and warmStart traps are not consistently sent. (CSCdt33779)

Remote Monitoring (RMON) collection functions on physical interfaces, but it is not supported on EtherChannels and SVIs. (CSCdt36101)

When clustering is enabled, do not configure SNMP community strings of more than 59 bytes, or clustering SNMP might not work correctly. (CSCdt39616)

If both the active command-switch and the standby command-switch fail at the same time, the cluster is not automatically recreated. Even if there is a third passive command-switch, it might not recreate all cluster members because it might not have all the latest cluster configuration information. You must manually recreate the cluster if both the active and standby command-switches simultaneously fail. (CSCdt43501)

Multicast router information is displayed in the show ip igmp snooping mrouter privileged EXEC command when IGMP snooping is disabled. Multicast VLAN Registration (MVR) and IGMP snooping use the same commands to display multicast router information. In this case, MVR is enabled, and IGMP snooping is disabled. (CSCdt48002)

The configurations for the tunnel keywords and commands related to IP multicasting and the track keyword related to the Hot Standby Router Protocol (HSRP) are not kept properly after rebooting the switch. If these configurations reference routed ports, the configuration is not applied after reboot. (CSCdt48614)

When a VLAN interface has been disabled and restarted multiple times by using the shutdown and no shutdown interface configuration commands, the interface might not restart following a no shutdown command. To restart the interface, re-enter a shutdown and no shutdown command sequence. (CSCdt54435)

When you configure the ip pim spt-threshold infinity interface configuration command, you want all sources for the specified group to use the shared tree and not use the source tree. However, the switch does not automatically start to use the shared tree. No connectivity problem occurs, but the switch continues to use the shortest path tree for multicast group entries already installed in the multicast routing table. You can enter the clear ip mroute * privileged EXEC command to force the change to the shared tree. (CSCdt60412)

The show ip mroute count privileged EXEC command might display incorrect packet counts. In certain transient states (for example, when a multicast stream is forwarded only to the CPU during the route-learning process and the CPU is programming this route into the hardware), a multicast stream packet count might be counted twice. Do not trust the counter during this transient state. (CSCds61396)

If the number of multicast routes configured on the switch is greater than the switch can support, it might run out of available memory, which can cause it to reboot. This is a limitation in the platform-independent code.

The workaround is to not configure the switch to operate with more than the maximum number of supported multicast routes. You can use the show sdm prefer and show sdm prefer routing privileged EXEC commands to view approximate maximum configuration guidelines for the current SDM template and the routing template. ((CSCdt63354))

Configuring too many multicast groups might result in an extremely low memory condition and cause the software control data structure to go out of sync, causing unpredictable forwarding behavior. The memory resources can only be recovered by issuing the clear ip mroute privileged EXEC command. To prevent this situation, do not configure more than the recommended multicast routes on the switch. (CSCdt63480)

The dec keyword is not supported in the bridge bridge-group protocol global configuration command. If two Catalyst 3550 switches are connected to each other through an interface that is configured for IP routing and fallback bridging, and the bridge group is configured with the bridge bridge-group protocol dec command, both switches act as if they were the spanning tree root. Therefore, spanning-tree loops might be undetected. (CSCdt63589)

When you configure an EtherChannel between a Catalyst 3550 and a Catalyst 1900 switch, some of Catalyst 3550 links in the EtherChannel might go down, but one link in the channel remains up, and connectivity is maintained.

The workaround is to disable the Port Aggregation Protocol (PAgP) on both devices by using the channel-group channel-group-number mode on interface configuration command. PAgP negotiation between these two devices is not reliable. (CSCdt78727)

Modifying a multicast boundary access list does not prevent packets from being forwarded by any multicast routes that were in existence before the access list was modified if the packets arriving on the input interface do not violate the boundary. However, no new multicast routes that violate the updated version of the multicast boundary access list are learned, and any multicast routes that are in violation of the updated access list are not relearned if they age out.

After updating a multicast boundary, the workaround is to use the clear ip mroute privileged EXEC command to delete any existing multicast routes that violate the updated boundary. (CSCdr79083)

When changing the link speed of a Gigabit Ethernet port from 1000 Mbps to 100 Mbps, there is a slight chance that the port will stop transmitting packets. If this occurs, shut down the port, and re-enable it by using the shutdown and no shutdown interface configuration commands. (CSCds84279)

When an IP packet with a cyclic redundancy check (CRC) error is received, the per-packet per-DSCP counter (for DSCP 0) is incremented. Normal networks should not have packets with CRC errors. (CSCdr85898)

The behavior of a software access control list (ACL) with QoS is different from a hardware ACL with QoS. On the Catalyst 3550 switch, when the QoS hardware rewrites the DSCP of a packet, the rewriting of this field happens before software running on the CPU examines the packet, and the CPU sees only the new value and not the original DSCP value.

When the security hardware ACL matches a packet on input, the match uses the original DSCP value. For output security ACLs, the security ACL hardware should match against the final, possibly changed, DSCP value as set by the QoS hardware. Under some circumstances, a match to a security ACL in hardware prevents the QoS hardware from rewriting the DSCP and causes the CPU to use the original DSCP.

If a security ACL is applied in software (because the ACL did not fit into hardware, and packets were sent to the CPU for examination), the match probably uses the new DSCP value as determined by the QoS hardware, regardless of whether the ACL is applied at the input or at the output. When packets are logged by the ACL, this problem can also affect whether or not a match is logged by the CPU even if the ACL fits into hardware and the permit or deny filtering was completed in hardware.

To avoid these issues, whenever the switch rewrites the DSCP of any packet to a value different from the original DSCP, security ACLs should not test against DSCP values in any of their access control elements (ACEs), regardless of whether the ACL is being applied to an IP access group or to a VLAN map. This restriction does not apply to ACLs used in QoS class maps.

If the switch is not configured to rewrite the DSCP value of any packet, it is safe to match against DSCP in ACLs used for IP access groups or for VLAN maps because the DSCP does not change as the packet is processed by the switch.

The DSCP field of an IP packet encompasses the two fields that were originally designated precedence and TOS (type of service). Statements relating to DSCP apply equally to either IP precedence or IP TOS. (CSCdt94355)

Traffic suppression (configured by using the switchport broadcast, switchport multicast, and switchport unicast interface configuration commands) is supported only on physical interfaces; it is not supported on EtherChannel port channels even though you can enter these commands through the CLI.

The Cisco RPS 300 Redundant Power System supports the Catalyst 3550 multilayer switch and provides redundancy for up to six connected devices until one of these devices requires backup power. If a connected device has a power failure, the RPS immediately begins supplying power to that device and sends status information to other connected devices that it is no longer available as a backup power source. As described in the device documentation, when the RPS LED is amber, the RPS is connected but down. However, this might merely mean that the RPS is in standby mode. Press the Standby/Active button on the RPS to put it into active mode. You can view RPS status through the CLI by using the show rps privileged EXEC command. For more information, refer to the RPS 300 Hardware Installation Guide.

You can connect the switch to a PC by using the switch console port and the supplied rollover cable and the DB-9 adapter. You need to provide a RJ-45-to-DB-25 female DTE adapter if you want to connect the switch console port to a terminal. You can order a kit (part number ACS-DSBUASYN=) with this RJ-45-to-DB-25 female DTE adapter from Cisco.

Host names and Domain Name System (DNS) server names that contain commas on a cluster command switch, member switch, or candidate switch can cause CMS to behave unexpectedly. You can avoid this instability in the interface by not using commas in host names or DNS names. Do not enter commas when also entering multiple DNS names in the IP Configuration tab of the IP Management window in CMS.

ACEs that contain the host keyword precede all other ACEs in standard ACLs. You can reposition the ACEs in a standard ACL with one restriction: No ACE with the any keyword or a wildcard mask can precede an ACE with the host keyword.

Important Notes

This section describes important information related to this IOS release.

When you are configuring a cascaded stack of Catalyst 3550 switches by using the GigaStack GBIC and want to include more than one VLAN in the stack, be sure to configure all the GigaStack GBIC interfaces as trunk ports by using the switchport mode trunk interface configuration command and to use the same encapsulation method by using the switchport encapsulation {isl | dot1q} interface configuration command. For more information about these commands, refer to the Catalyst 3550 Multilayer Switch Command Reference.

If the 1000BASE-T GBIC (WS-G5482) is not securely inserted, the switch might fail to recognize it or might display an incorrect media type following a show interface privileged EXEC command entry. If this happens, remove and reinsert the GBIC.

If you use CMS on Windows 2000, it might not apply configuration changes if the enable password is changed from the CLI during your CMS session. You have to restart CMS and enter the new password when prompted. Platforms other than Windows 2000 prompt you for the new enable password when it is changed.

CMS does not display QoS classes that are created through the CLI if these classes have multiple match statements. When using CMS, you cannot create classes that match more than one match statement. CMS does not display policies that have such classes.

If you use Internet Explorer Version 5.5 and select a URL with a nonstandard port at the end of the address (for example, www.add.com:84), you must enter http:// as the URL prefix. Otherwise, you cannot launch CMS.

Within an ACL, you can change the sequence of ACEs that have the host keyword. However, because such ACEs are independent of each other, the change has no effect on the way the ACL filters traffic.

If you use the Netscape browser to view the CMS GUI and you resize the browser window while CMS is initializing, CMS does not resize to fit the window.

Resize the browser window again when CMS is not busy.

CMS does not start if the temporary directory on your computer runs out of memory. This problem can occur because of a bug in the 1.2.2 version of the Java plug-in. The plug-in creates temporary files in the directory whenever it runs CMS, and the directory eventually runs out of plug-in space.

The workaround is to remove all the jar_cache*.tmp files from the temporary directory. The path to the directory is different for different operating systems:

Solaris: /var/tmp
Windows NT and Windows 2000: \TEMP
Windows 95 and 98: \Windows\Temp

Open Caveats

This section describes these open caveats with possible unexpected activity in this IOS release:

"Open IOS Caveats" section

"Open Cluster Caveats" section

"Open Cluster Management Suite Caveats" section

Open IOS Caveats

This section describes the severity 3 IOS configuration caveats:

CSCdw07801

After you have changed the system maximum transmission unit (MTU) size by using the system mtu global configuration command, the new MTU value is applied to all interfaces on the switch. However, the show interfaces privileged EXEC command still displays the default MTU size (1500 bytes), which could mislead you about the maximum MTU size on the interface.

The workaround is to use the show system mtu privileged EXEC command to verify the setting of the system MTU.

CSCdv10257

You cannot set the vmVlanType object in CISCO-VLAN-MEMBERSHIP-MIB, which means that you cannot convert a port from static to dynamic access using SNMP.

The workaround is to use the switchport access vlan dynamic interface configuration command to to change an access port from static to dynamic.

CSCdv10276

The switch does not generate the vmVmpsChange trap in CISCO-VLAN-MEMBERSHIP-MIB, so there is no way to monitor VMPS change event by using SNMP.

There is no workaround.

CSCdv15832

If a routed interface is configured with a multicast boundary by using the ip multicast boundary interface configuration command, and there are ACLs configured, if the ACLs are modified or the multicast boundary is removed, this might not affect the existing multicast routes.

The workaround is to delete the multicast routing table by using the clear ip mroute * privileged EXEC command.

CSCdv29396

If you enter a global configuration mode command while in interface range configuration mode, this could cause the switch to reset if that global configuration mode command causes the parser to enter a submode of global configuration mode.

The workaround is to not enter global configuration mode commands while you are in interface range configuration mode.

CSCuk29469

The Catalyst 3550 switch uses the configured Multicast VLAN Registration (MVR) query response time instead of the value specified in the general query to prune member ports. Because the default value for MVR query response time is 0.5 second and the default general query maximum response time is 10 seconds, you might experience traffic disruption of up to 9.5 seconds at every general query interval.

The workaround is to use the mvr querytime global configuration command to set the MVR query response time to match the value in the general query (the default is 10 seconds). When you apply this workaround, you can expect longer latency when a member leaves the group by sending an explicit leave message (for example, by changing channels in a set-top box).

CSCdv34017

Pause frame counters are not displayed with the show interfaces interface-id privileged EXEC command.

The workaround is to display pause frame counters by using the show controllers ethernet-controller interface-id privileged EXEC command.

CSCdv46715

If you configure a trunk port for Dynamic Trunking Protocol (DTP) nonegotiate mode and change the encapsulation type from ISL to 802.1Q by using the switchport trunk encapsulation interface configuration command, the port becomes an access port and is no longer trunking.

There is no workaround.

CSCdv47319

The switch might fail while deleting 7000 multicast routes with the maximum number of SVIs supported by the SDM access template.

There is no workaround.

CSCdt51254

If you try to configure an ACL that uses the log keyword, an error is displayed, and a match none statement is added to the show class-map class-map-name display. Not only does the match none statement make the ACL useless, but any previously entered match commands for the same class map are not retained.

The workaround is to re-enter the old ACL without the log keyword.

CSCds55220

If you configure the DHCP server to allocate addresses from a pool to the switch, two devices on the network might have the same IP address. Pooled addresses are temporarily allocated to a device and are returned to the pool when not in use. If you save the configuration file after the switch receives such an address, the pooled address is saved, and the switch does not attempt to access the DHCP server after a reboot to receive a new IP address. As a result, two devices might have the same IP address.

The workaround is to make sure that you configure the DHCP server with reserved leases that are bound to each switch by the switch hardware address.

CSCdv59364

If you use the setup program for initial configuration and set an IP address for a specific port (making it a router port and not a switch port), the setup program does not write the no switchport interface configuration command to the configuration file, making the port unusable without manual reconfiguration.

The workaround is to not use the setup program for configuring routed ports. Always enter no when prompted with the Configure IP on this interface? message.

CSCdt62226

You might see this message, where dec represents an internal implementation value in hexadecimal:

ETHCNTR-3-UNEXPECTED_EVENT: Request [dec] encountered event 1 in state 2

The workaround is to ignore this message; switch operation is not affected.

CSCdv64589

You cannot configure the cluster SNMP traps by using the snmp-server host global configuration command through the CLI, and you cannot monitor SNMP traps for the cluster on the Catalyst 3550 switch.

There is no workaround.

CSCdv66568

After you change connections between GigaStack ports, the link might not be established, and LEDs on the GigaStack GBIC might continue to blink for more than 2 minutes. (It is normal for the LEDs to blink for a short time.)

The workaround is to disconnect and reconnect one of the links connected to the GigaStack GBIC with the continuous blinking LEDs.

CSCdv68158

If a 10/100BASE-TX port on a Catalyst 3550-24 switch is connected to a Catalyst 2820 or Catalyst 1900 switch using an ISL trunk at 100 Mbps, the bidirectional communication cannot be established. The Catalyst 2820 or Catalyst 1900 switch can receive data from the Catalyst 3550-24 but cannot send data to it. For example, the Catalyst 2820 or Catalyst 1900 switch sees the Catalyst 3550-24 switch as a CDP neighbor, but the Catalyst 3550-24 switch does not see the Catalyst 2820 or Catalyst 1900 switch.

The workaround is to not use ISL trunks between the Catalyst 3550-24 and a Catalyst 2820 or Catalyst 1900 switch. Configure the link as an access link instead of a trunk link.

CSCdv70296

If a port is put into self-looped state, Spanning Tree Protocol (STP) remains in the blocking state after the self-looped condition is removed.

The workaound is to enter the shutdown interface configuration command followed by the no shutdown interface configuration command on the port in the blocking state.

CSCdv73411

If you change an active QoS ACL or change an active class map to use a different ACL when the QoS ternary content addressable memory (TCAM) region is nearly full, the QoS ACL entries in the TCAM might get corrupted. As a result, ACL based QoS classification might not behave correctly on the switch.

The workaound, before you change the ACL or the class map, is to use the no service-policy command in interface-range configuration mode to detach the affected policy map from all interfaces that have the policy map applied. After you change the ACL or the class map, re-apply the policy map to those interfaces by using the service-policy interface range command.

CSCdv78313

When a Catalyst 3550 switch is connected in a redundant way to a network where the links to the Catalyst 3550 switch are misconfigured to be trunking with ISL encapsulation and the Catalyst 3550 switch is not trunking, some ISL traffic might be flooded, and some ISL traffic might be dropped by the connected switch. The ISL traffic that is dropped by the connected switch is traffic with the User bits and Type bits set to 0. Traffic that has either the User bits or Type bits not set to 0 is not as likely to be dropped.

The workaround is to not misconfigure ISL trunking and to use 802.1Q trunking instead.

CSCdt79172

When the switch is operating with equal-cost routes and it is required to learn more unicast routes than it can support, the CPU might run out of memory, and the switch might fail.

The workaround is to remain within the documented recommended and supported limits.

CSCdv79737

If a stack contains both Catalyst 3550 switches and Catalyst 3500 XL or Catalyst 2900 XL switches, cross-stack UplinkFast does not function if the management VLAN on the Catalyst 3500 XL or Catalyst 2900 XL switches is changed to other than VLAN 1 (the default).

The workaround is to make sure that the management VLAN of all Catalyst 3500 XL or 2900 XL switches in the stack is set to VLAN 1.

CSCdv80814

Changing the switch mode of a port channel from access to trunk or trunk to access might lead to a condition where all packets received from the port channel are discarded as No Dest frames. The transmission path is not affected, so you will see one-way communication from the Catalyst 3550 to its link partner.

Entering the shutdown and no shutdown interface configuration commands on the port channel clears the problem.

CSCdv82135

The switch supports a policer traffic rate up to 1,000,000,000 bps even though the help string for the police rate-bps burst-byte [exceed-action {drop | policed-dscp-transmit}] policy-map class configuration command shows the traffic-rate range as 8,000 to 2,000,000,000.

The switch can support a policer burst size up to 2,000,000 bytes, even though the help string for the police rate-bps burst-byte [exceed-action {drop | policed-dscp-transmit}] policy-map class configuration command shows the burst-size range as 8,000 to 512,000,000.

Any traffic rate configured larger than 1,000,000,000 bps and any burst size configured larger than 2,000,000 bytes leads to inaccurate policing operation.

The workaround is to not configure the policer traffic rate larger than 1,000,000,000 bps and to not configure the policer burst size larger than 2,000,000 bytes on the switch.

CSCdv82280

If you configure a policy map with class statements that match both a MAC ACL and an IP ACL (by using the match access-group acl-index-or-name class-map configuration command) and then remove the classes that match one protocol by using the no class class-map-name policy-map configuration command, the message QM-4-HARDWARE_NOT_SUPPORTED:Hardware limitation has reached for policymap appears, and the policy map is detached from the interface.

The workaround is to re-attach the policy map by using the service-policy interface configuration command.

CSCdv84231

If an IGMP group leave message is received within the query response interval after a general query, the group leave message is ignored. This delays the pruning of member ports until the next general query.

There is no workaround.

CSCdu87797

If Catalyst 3550 GBIC ports containing GigaStack GBICs are configured as routed ports with EtherChannel group assignments, they might not correctly join the channel group.

GigaStack GBICs are not supported as EtherChannel group members on the Catalyst 3550 switch. The workaround is to not configure channel-group settings on interfaces containing GigaStack GBICs.

CSCdv91307

Changing the system MTU by using the system mtu global configuration command when there is a tunnel interface or loopback interface configured on the switch might cause the switch to fail. This problem does not occur if the tunnel interface or loopback interface is configured after you change the system MTU. If you save the configuration and enter a reload privileged EXEC command, the switch always comes up without failing.

The workaround is to change the system MTU before configuring any tunnel interface or loopback interface on the switch. If there are any tunnel interfaces or loopback interfaces already configured, use no interface tunnel global configuration command or no interface loopback global configuration command to remove the interface before changing the system MTU.

Open Cluster Caveats

There are no open severity 3 cluster configuration caveats.

Open Cluster Management Suite Caveats

This section describes the severity 3 CMS configuration caveats:

CSCds29230

CMS performance degrades if the Topology View is open for several hours on a Solaris machine. The cause might be a memory leak.

The workaround is to close the browser, reopen it, and launch CMS again.

CSCdv35455

If you select multiple FastEthernet ports on a Catalyst 3550 switch, the speed of 1000 Mbps is shown as an option in the Modify Port Settings window. Ignore this speed option.

CSCdv37429

The burst rate and burst size that you request with the QoS wizard appear to be configured incorrectly if you display them in the Policy Details window.

The values are configured on the device as you requested; this is a display problem. There is no workaround.

CSCdv57881

You cannot modify the multicast groups that are shown in the IGMP Snooping window.

The workaround is to delete the group that you want to modify and then recreate it with the change that you want.

CSCdt60328

If you enable the STP bridge protocol data unit (BPDU) guard feature on a switch, also enable Port Fast on a port that connects to that switch, and then disconnect and reconnect that switch, you cannot refresh the GUI.

The workaround is to disable Port Fast, and then shut down and re-enable the port by using the CLI.

CSCdt61586

The device manager does not launch properly if the HTTP port for the command switch is other than 80.

The workaround is to launch the device manager manually by entering the URL. For example, to view cluster member 1 by using HTTP port 5000, you would enter:

http://nnn.nnn.nnn.nnn:5000/es1/homepage.htm

CSCdu69526

You cannot use CMS to configure dynamic-access ports on Catalyst 2900 XL switches that run IOS Release 11.2(8.6)SA6.

The workaround is to use the CLI to configure dynamic-access ports on these devices.

CSCdt79358

If you select an HSRP group in the Router Redundancy window and click Delete, the group is not deleted but changes to a disabled state. To delete the group, you must click Delete again.

There is no workaround.

CSCdu79932

If you try to enable Port Fast on an interface that does not accept it—a trunk port, for example—no message warns you that Port Fast was not enabled.

There is no workaround.

CSCds80920

If you are printing a Topology View or Front Panel View that contains many devices and are running Solaris 2.6 with JDK1.2.2, you might get an Out of Memory error message.

The workaround is to close the browser, re-open it, and launch CMS again. Before you perform any other task, bring up the view that you want to print, and click Print in the CMS menu.

Resolved Caveats

This section describes caveats that have been resolved:

"Resolved IOS Caveats in Release 12.1(6)EA1a" section

"Resolved IOS Caveats in Release 12.1(6)EA1" section

"Resolved Cluster Caveats in Release 12.1(6)EA1a" section

"Resolved Cluster Caveats in Release 12.1(6)EA1" section

"Resolved Cluster Management Suite Caveat in Release 12.1(6)EA1a" section

"Resolved Cluster Management Suite Caveats in Release 12.1(6)EA1" section

Resolved IOS Caveats in Release 12.1(6)EA1a

These severity 3 IOS configuration caveats are resolved in IOS Release 12.1(6)EA1a:

CSCdt11224

Unknown unicast, unknown multicast, and broadcast packets are no longer occasionally flooded from the multicast VLAN to MVR receiver ports.

CSCdv20470

When an interface-range macro created with the define interface-range global configuration command is referenced in a subsequent interface range macro global configuration command, it is no longer rejected or produces results on interfaces that were not included in the macro definition.

CSCdv21103

When a dynamic port is configured with an access VLAN that is later deleted from the VLAN database, Dynamic Trunking Protocol (DTP) negotiation no longer fails on that port the next time the switch is reloaded or the port is shut down and re-enabled.

CSCdv21765

If the MAC address table associated with an MVR VLAN or an MVR receiver VLAN contains a large number of MAC addresses, disabling and re-enabling MVR no longer requires excessive time for the CPU to search the table for conflicting static multicast addresses.

CSCdv28407

Applying VLAN access maps to a VLAN no longer cause frames to be intermittently forwarded between protected ports.

CSCdv32094

When the show snmp host privileged EXEC command is executed through the CMS, the browser output now provides the same full information as does the CLI, enabling you to configure the SNMP trap management features.

CSCdv34376

When the internal power supply of the Catalyst 3550 switch fails and the RPS is providing power to the switch, the RPS LED now correctly flashes amber.

When the RPS is backing up another switch and is not available to the Catalyst 3550 switch, the RPS LED now correctly flashes green.

CSCdv42163

When IGMP snooping or MVR is enabled, non-IP packets with a destination MAC address matching the multicast group address are forwarded as IP packets. If the multicast VLAN belongs to a bridge group, the non-IP packets are fallback bridged within the bridge group.

CSCdv46631

If you apply a policy map to an interface and then change the interface to the trust DSCP state by using the trust dscp policy-map class configuration command, the DSCP and CoS values in the packets received from that interface can now be trusted.

CSCdv47727

If you use the SNMP get operation to retrieve the portIfIndex object in CISCO-STACK-MIB, the switch now returns the correct value for GBIC ports.

CSCdv51072

You can now use SNMP to set the port priority, path cost, or STP enable MIB objects in CISCO-BRIDGE-MIB.

CSCdv50452

Because the Catalyst 3550 switch does not support QoS policy maps on virtual interfaces such as a port channel or a VLAN interface, the switch software no longer allows you to apply a policy map to a virtual interface.

CSCdv52460

When using cross-stack UplinkFast (CSUF), temporary spanning-tree loops no longer occur when the switches in the stack first receive BPDUs from a new root switch that is not a member of the stack or when the BPDUs from an old root switch age out without any loss of link or other loss of connectivity between any of the switches in the stack and the immediate neighbor switches of the stack.

CSCdv53183

If you configure a bridge group on VLAN interfaces or routed ports without configuring the global bridge protocol, data packets are no longer forwarded within the bridge group with STP disabled.

CSCdv53258

If you configure a static forwarding address on a VLAN that is a member of a bridge group before you configure the global bridge protocol for the bridge group, traffic is now correctly forwarded to the trunk ports and the access ports in that VLAN.

CSCdu55510

The Cisco BRIDGE-MIB extension that manages multiple spanning-tree instances by using community string indexing now works on the Catalyst 3550 switch.

CSCdv59356

When you use the setup program during initial installation, the ports are no longer administratively shut down when you exit the setup program. You do not have to manually bring up the ports to access the switch.

CSCdv61129

When the CSUF feature advises stack members of spanning-tree changes on individual stack members, the hello timer and the message age timer are now started correctly, and CSUF no longer causes possible spanning-tree loops.

CSCdv61405

If UplinkFast is enabled and all physical ports that can receive BPDUs from the root bridge of the spanning tree gain link within the same short period of time (such as when a neighboring switch that multiple uplinks connect to is rebooted), temporary spanning-tree loops no longer occur.

CSCdt67895

The Catalyst 3550 switch can now send topology change and newRoot trap messages.

CSCdv77415

If a stack of switches contains some members that are Catalyst 3550 switches, and other members that are Catalyst 2900 XL, Catalyst 3500XL, or Catalyst 2950 switches running a version of IOS Release 12.0, the cross-stack UplinkFast transitions no longer only occur on the management VLAN of the Catalyst 2900 XL, Catalyst 3500 XL, or Catalyst 2950 switches. The fast STP transitions now occur on all VLANs on the stack port.

CSCdt85647

If you enter the logging synchronous line configuration command on the console line and then log out or disconnect from the console, when the console's synchronous message queue fills up, logging no longer stops, and debug messages are now correctly logged.

CSCdu88934

If the Enhanced Interior Gateway Routing Protocol (EIGRP) is enabled and configured on the switch and the maximum number of supported routes are operating, disabling EIGRP routing by using the no router eigrp global configuration command no longer causes the switch to reset.

CSCdr90575

Spurious output no longer appears on the console part way through the setup program and it is not necessary to repeat keyboard entries several times before they are accepted.

Resolved IOS Caveats in Release 12.1(6)EA1

These severity 3 IOS configuration caveats were resolved in IOS Release 12.1(6)EA1:

CSCdu01957

The time-range option in the access-list access-list-number {deny | permit} global configuration command now works on QoS classification.

CSCdu10704

When routed ports are grouped into an EtherChannel and a single physical interface in the EtherChannel is shut down by administrative command, all packets received on the remaining ports of that EtherChannel are now routed in hardware rather than in software.

CSCdt11329

The speed interface configuration command now has keywords to force the speed to 1000 Mbps on 10/100/1000BASE-T ports.

CSCdu11973

If dynamic trunking is enabled on the physical interfaces that make up a port channel, the physical interfaces in the port channel are now put into the correct access VLAN, eliminating connectivity problems and preventing packets from being forwarded into the wrong VLAN.

CSCdv13157

The Catalyst 3550 switch now creates a crashinfo file that saves information that helps Cisco technical support representatives debug problems that caused the IOS image to fail (crash). The switch writes the crash information to the console at the time of the failure, and the file is created the next time you boot the IOS image after the failure. You can provide this information to the Cisco technical support representative by using the show tech-support privileged EXEC command.

All crashinfo files are kept in the same directory on the Flash file system as follows:

flash:/crashinfo/crashinfo_n, where n is a sequence number.

CSCdt39109

When copying the SVI configuration to a Layer 3 (routed) port, you no longer see this message:

SYS-3-MGDTIMER: Running timer, init, timer = 116FB7C

CSCdt43859

When a VLAN in the VTP database has been deleted or disabled, the show interface privileged EXEC command now correctly displays the status for the ports in the VLAN as down.

CSCdv52104

If a switch running cross-stack UplinkFast is receiving BPDUs from the root on multiple ports, and the root configuration message ages out on the root port before it has aged out on all of the blocking ports, the switch no longer undergoes an UplinkFast transition that causes a temporary spanning-tree loop.

CSCdt55808

While toggling between the no switchport and switchport interface configuration commands, you no longer see this message:

SM-4-BADEVENT: Event linkup is invalid for the current state dtp

CSCdt57901

When you configure HSRP and enter the standby priority interface configuration command, you are no longer forced to enter the preempt keyword, which had prevented you from forcing a change between two routers or command switches in HSRP mode.

CSCdt61708

If a GBIC in the Catalyst 3550 switch is connected to another GBIC that does not support autonegotiation, you can now disable autonegotiation on 1000BASE-SX, -LX, and -ZX GBICs by using the speed nonegotiate interface configuration command. However, Gigastack GBICs and 1000BASE-T GBICs do not support the disabling of autonegotiation.

CSCdu63688

Enabling BPDU debug by using the debug spanning-tree bpdu privileged EXEC command no longer causes the switch to fail or possibly to reset.

CSCdt65803

The ip default-network network number global configuration command now works properly and adds a default network. It no longer adds a static route that cannot be deleted later.

CSCdu79051

A large number of multicast routes no longer causes the switch to reset due to a low-memory condition.

CSCdu79905

When the switch is operating in Layer 3 mode and you change the IP address of an interface, the old static route is now removed from the Cisco Express Forwarding (CEF) table, and the old IP address can be used again for other interfaces. The route for the newly entered IP address is populated into the CEF table and functions properly.

CSCdu79951

When a Catalyst 3550 switch is operating in Layer 3 mode, entering a clear adjacency privileged EXEC command no longer causes possible memory corruption or switch failure.

CSCdt79987

If a Catalyst 1900 switch and a Catalyst 3550 switch are connected through an EtherChannel port group, a Catalyst 3550 port in the group no longer shuts down because of a falsely detected loopback condition.

CSCdu80687

If a Catalyst 3550 switch in Layer 3 mode exceeds the recommended number of unicast MAC addresses, unicast routes, and multicast routes, a TCAM overflow results. Entering a clear arp privileged EXEC command no longer causes the switch to reset.

CSCdu81118

When the switch is in Layer 3 mode and routing with EIGRP, enabling EtherChannel and creating a port channel no longer increases the delay metric for the EIGRP route to a large value, thus making it unavailable as the preferred route.

CSCdt82690

An EtherChannel group between the Catalyst 3550 and another device that supports EtherChannel no longer is erroneously shut down on the Catalyst 3550 side because the Catalyst 3550 reported a detected loopback condition when there is actually no loopback situation.

CSCdt95414

When IP traffic is redirected for some reason, the IP redirects cache now ages out, and the switch relearns the original route to the destination.

CSCdt97404

If a GBIC port is disabled, either through an administrative command or because an error has been detected (loopback detection, UDLD, and so on), the switch now correctly shuts down the link on the GBIC port.

Resolved Cluster Caveats in Release 12.1(6)EA1a

No new severity 3 cluster configuration caveats are resolved in IOS Release 12.1(6)EA1a.

Resolved Cluster Caveats in Release 12.1(6)EA1

These severity 3 cluster configuration caveats were resolved in IOS Release 12.1(6)EA1:

CSCds20465

In a full 16-member cluster with a Catalyst 3550 command switch, if the command switch is continuously polled from the CMS network management application, HTTP requests no longer fail with a Premature end of file message. You no longer need to close the browser and reopen it.

CSCdt60520

When both the active command-switch and the standby command-switch are Catalyst 3550 switches, HSRP priority changes on the command switch are now supported.

CSCdt64048

If there are more than two Catalyst 1900 or Catalyst 2820 switches in a cluster with the Catalyst 3550 as the command switch, the cluster no longer loses network connectivity when the CMS continuously polls the Catalyst 1900 or Catalyst 2820 switches.

CSCdt67153

If there are redundant paths from a cluster command-switch to a cluster candidate, and one of the paths goes through a routed port, the command switch always uses the routed port path, and subsequent candidates are now discovered on the correct VLAN.

CSCdu73440

When you use the cluster standby-group name global configuration command to bind an HSRP group to a cluster with the same name before you enable the cluster command switch, the cluster configuration is no longer lost.

Resolved Cluster Management Suite Caveat in Release 12.1(6)EA1a

These severity 3 Cluster Management Suite caveats are resolved in IOS Release 12.1(6)EA1a:

CSCdv33121

In the Create VLAN and Modify VLAN windows, you can now enter an MTU (maximum transmission unit) size of as little as 576 bytes.

CSCdv36309

If you change the Policed DSCP table in the QoS Maps window and apply the changes, the table entries are now correctly updated on the device.

CSCdt89722

When you launch the Front Panel view, browse a non-CMS page, use the browser's Back button, and launch the Front Panel view again, you can now display a popup menu in the Front Panel view.

Resolved Cluster Management Suite Caveats in Release 12.1(6)EA1

These severity 3 Cluster Management Suite caveats were resolved in IOS Release 12.1(6)EA1:

CSCdu01104

When you add a cluster member and remove a cluster member in quick succession, the Front Panel view now shows the replacement.

CSCdu02133, CSCdu03253, CSCdt90554

You can now use the Modify VLAN window to modify VLAN settings.

CSCdu04736

When you create a standby command group and then click Remove Group, the entire group is consistently removed.

CSCdu07231

If the command switch is a Catalyst 3550 switch that is running Release 12.1(4)EA1b or later, you can use CMS on the command switch to upgrade software on Catalyst 2900 XL switches with only 4 MB of RAM.

CSCdu08110

EtherChannel links between Catalyst 3550 switches are now displayed correctly on the Topology view. These links no longer appear as multiple links (two separate lines).

CSCdu09588

Link reports now contain full and correct information when they are launched for a link to a device that has an STP-blocked link.

CSCdu10411

You can now change the VLAN mode of a port from a dynamic-access or static-access state to a trunk state.

CSCdu22344

When you select an extended ACL and click Modify or Details in the ACL window, the displayed ACE list is now consistently accurate.

CSCdt66690

The inventory report now shows IP addresses for Catalyst 3550 switches.

CSCdt68402

When you request a routing table report from the Router Reports window, the report now shows all default routes.

CSCdt68799

When you apply changes to the Unknown MACs tab of the Flooding Control window and the device is a Catalyst 2950 switch, you no longer receive an error message.

CSCdt69599

The Max. update Rate field on the Uplink Fast tab of the STP window no longer shows that you can enter a value of up to 65535 packets per second.

CSCdt71640

Link graphs now show the total number of errors and total number of packets dropped on a link at each polling interval.

CSCdt72652

A default network other than 0.0.0.0 in the IP Routing window no longer prevents an IP address from appearing in the Default Router IP field.

CSCdt73251

A link report no longer halts if it is for a link that is configured as a trunk on a switch with more than 250 VLANs.

CSCdt75783

You can now use CMS to configure Protected Port on Catalyst 2950 switches.

CSCdt76817

The UplinkFast tab of the STP window now recognizes the stackable GBIC connector type.

CSCdt76918

When you enter a process ID (as part of the task of adding an IGRP, EIGRP, or OSPF network), the validity of the ID is now checked. For OSPF, the validity of the area value is now checked as well.

CSCdt82846

When you select an interface to be a monitor port in the SPAN window, the message Error: SPAN Grouped port cannot be a monitor port is no longer displayed when the interface is not in any port group.

CSCdt87058

In the Topology view, you can now display a link report for an EtherChannel.

CSCdt97265

Including a Catalyst 2820 switch with an FDDI Fiber SAS module in the cluster no longer prevents the Front Panel view from displaying the switches in the cluster.

Documentation Updates

You can access all Catalyst 3550 documentation at this URL:

http://www.cisco.com/univercd/cc/td/doc/product/lan/c3550/index.htm

This section provides updates to the product documentation. These changes will be included in the next version of the documentation.

Errors

In the Catalyst 3550 Hardware Installation Guide, the model numbers for the Catalyst 3550-24 switches are incorrect. These are the correct model numbers:

WS-C3550-24-SMI

WS-C3550-24-EMI

The SMI designation means that the switch ships with the standard multilayer software image (Layer 2+ features); the EMI designation means the switch ships with the enhanced multilayer software image (Layer 2+ and Layer 3 features.)

Additions

This Korean regulatory statement about the Catalyst 3550-12T and Catalyst 3550-12G switches has not yet been included in the Catalyst 3550 Multilayer Switch Hardware Installation Guide:

Warning This is a Class A Device and is registered for EMC requirements for industrial use. The seller or buyer should be aware of this. If this type was sold or purchased by mistake, it should be replaced with a residential-use type.


Omissions

This section describes the password recovery disable feature, which was added to the software after the completion of the customer documentation. This feature is not documented in the November, 2001 release of the Catalyst 3550 Multilayer Switch Command Reference and the Catalyst 3550 Multilayer Switch Software Configuration Guide. It will be included in the next release of documentation.

Disabling Password Recovery

The default configuration for Catalyst 3550 switches allows an end user with physical access to the switch to recover from a lost password by interrupting the boot process while the switch is powering up and then entering a new password. The password recovery disable feature for Catalyst 3550 Fast Ethernet switches allows the system administrator to protect access to the switch password by disabling part of this functionality and allowing the user to interrupt the boot process only by agreeing to set the system back to the default configuration. With password recovery disabled, you can still interrupt the boot process and change the password, but the configuration file (config.text) and the VLAN database file (vlan.dat) are deleted.


Note The password recovery disable feature is valid only on Catalyst 3550 Fast Ethernet switches; it is not available for Catalyst 3550 Gigabit Ethernet switches.


To disable the password-recovery mechanism, use the no service password-recovery global configuration command.


Note If you disable password recovery, we recommend that you keep a backup copy of the configuration file on a secure server in case the end user interrupts the boot process and sets the system back to defaults. Do not keep a backup copy of the configuration file on the switch. If the switch is operating in VTP transparent mode, we recommend that you also keep a backup copy of the VLAN database file on a secure server. When the switch is returned to the default system configuration, you can download the saved files to the switch by using the XMODEM protocol. For more information, see the "Attempting Password Recovery" section.


Beginning in privileged EXEC mode, follow these steps to disable password recovery:

 
Command
Purpose

Step 1 

configure terminal

Enter global configuration mode.

Step 2 

no service password-recovery

Disable password recovery.

This setting is saved in an area of the Flash memory that is accessible by the boot loader and the IOS image, but it is not part of the file system and is not accessible by any user.

Step 3 

end

Return to privileged EXEC mode.

Step 4 

show version

Verify the configuration by checking the last few lines of the display.

To re-enable password recovery, use the service password-recovery global configuration command.


Note Disabling password recovery does not work if you have used the boot manual global configuration command to set the switch to boot manually because this command allows the user to automatically see the boot loader prompt (switch:) after power-cycling the switch.


Attempting Password Recovery

As explained in the "Troubleshooting" chapter of the Catalyst 3550 Software Configuration Guide, to recover a lost or forgotten password, you hold down the Mode button while powering up the switch until the LEDs stop flashing. This interrupts the initialization process and causes the switch to enter boot loader mode. In this mode and with password recovery enabled (the default), you can initialize the Flash file system, rename the configuration file from its default name (which contains the password definition), and boot the switch. Without the configuration file, the setup program starts to run, but you halt it so that you can rename the configuration file to its default name, load it into memory to retain the original switch configuration, and then enter a new password to recover from the password you forgot or lost.

If the password-recovery mechanism is disabled and you hold down the Mode button while powering up the switch, the switch continues with its initialization, places the Flash file system online, and displays this message:

	The password-recovery mechanism has been triggered, but
	is currently disabled.  Access to the boot loader prompt
	through the password-recovery mechanism is disallowed at
	this point.  However, if you agree to let the system be
	reset back to the default system configuration, access
	to the boot loader prompt can still be allowed.

	Would you like to reset the system back to the default configuration (y/n)?

If you enter n (no), the normal boot process continues, as if the Mode button had not been pressed, and the you cannot access the boot loader prompt.

If you enter y (yes), the configuration file in flash and the VLAN database file are deleted. When the default configuration loads, you can reset the password.


Caution Returning the switch to the default configuration results in the loss of all existing configurations.

Related Documentation

These documents provide complete information about the switch and are available from this Cisco.com site:

http://www.cisco.com/univercd/cc/td/doc/product/lan/c3550/index.htm

You can order printed copies of documents with a DOC-xxxxxx= number from the Cisco.com sites and from the telephone numbers listed in the "Ordering Documentation" section.

Catalyst 3550 Multilayer Switch Software Configuration Guide (order number DOC-7811194=)

Catalyst 3550 Multilayer Switch Command Reference (order number DOC-7811195=)

Catalyst 3550 Multilayer Switch System Message Guide (order number DOC-7811196=)

Cluster Management Suite (CMS) online help (available only from the switch CMS software)

Catalyst 3550 Multilayer Switch Hardware Installation Guide (order number DOC-7811358=)

1000BASE-T Gigabit Interface Converter Installation Note (not orderable but is available on Cisco.com)

Catalyst GigaStack Gigabit Interface Converter Hardware Installation Guide (order number DOC-786460=)

Obtaining Documentation

The following sections explain how to obtain documentation from Cisco Systems.

World Wide Web

You can access the most current Cisco documentation on the World Wide Web at the following URL:

http://www.cisco.com

Translated documentation is available at the following URL:

http://www.cisco.com/public/countries_languages.shtml

Documentation CD-ROM

Cisco documentation and additional literature are available in a Cisco Documentation CD-ROM package, which is shipped with your product. The Documentation CD-ROM is updated monthly and may be more current than printed documentation. The CD-ROM package is available as a single unit or through an annual subscription.

Ordering Documentation

Cisco documentation is available in the following ways:

Registered Cisco Direct Customers can order Cisco product documentation from the Networking Products MarketPlace:

http://www.cisco.com/cgi-bin/order/order_root.pl

Registered Cisco.com users can order the Documentation CD-ROM through the online Subscription Store:

http://www.cisco.com/go/subscription

Nonregistered Cisco.com users can order documentation through a local account representative by calling Cisco corporate headquarters (California, USA) at 408 526-7208 or, elsewhere in North America, by calling 800 553-NETS (6387).

Documentation Feedback

If you are reading Cisco product documentation on the World Wide Web, you can send us your comments by completing the online survey. When you display the document listing for this platform, click Give Us Your Feedback.

You can e-mail your comments to bug-doc@cisco.com.

To submit your comments by mail, use the response card behind the front cover of your document, or write to the following address:

Cisco Systems, Inc.
Attn: Document Resource Connection
170 West Tasman Drive
San Jose, CA 95134-9883

We appreciate your comments.

Obtaining Technical Assistance

Cisco provides Cisco.com as a starting point for all technical assistance. Customers and partners can obtain documentation, troubleshooting tips, and sample configurations from online tools by using the Cisco Technical Assistance Center (TAC) Web Site. Cisco.com registered users have complete access to the technical support resources on the Cisco TAC Web Site.

Cisco.com

Cisco.com is the foundation of a suite of interactive, networked services that provides immediate, open access to Cisco information, networking solutions, services, programs, and resources at any time, from anywhere in the world.

Cisco.com is a highly integrated Internet application and a powerful, easy-to-use tool that provides a broad range of features and services to help you to

Streamline business processes and improve productivity

Resolve technical issues with online support

Download and test software packages

Order Cisco learning materials and merchandise

Register for online skill assessment, training, and certification programs

You can self-register on Cisco.com to obtain customized information and service. To access Cisco.com, go to the following URL:

http://www.cisco.com

Technical Assistance Center

The Cisco TAC is available to all customers who need technical assistance with a Cisco product, technology, or solution. Two types of support are available through the Cisco TAC: the Cisco TAC Web Site and the Cisco TAC Escalation Center.

Inquiries to Cisco TAC are categorized according to the urgency of the issue:

Priority level 4 (P4)—You need information or assistance concerning Cisco product capabilities, product installation, or basic product configuration.

Priority level 3 (P3)—Your network performance is degraded. Network functionality is noticeably impaired, but most business operations continue.

Priority level 2 (P2)—Your production network is severely degraded, affecting significant aspects of business operations. No workaround is available.

Priority level 1 (P1)—Your production network is down, and a critical impact to business operations will occur if service is not restored quickly. No workaround is available.

Which Cisco TAC resource you choose is based on the priority of the problem and the conditions of service contracts, when applicable.

Cisco TAC Web Site

The Cisco TAC Web Site allows you to resolve P3 and P4 issues yourself, saving both cost and time. The site provides around-the-clock access to online tools, knowledge bases, and software. To access the Cisco TAC Web Site, go to the following URL:

http://www.cisco.com/tac

All customers, partners, and resellers who have a valid Cisco services contract have complete access to the technical support resources on the Cisco TAC Web Site. The Cisco TAC Web Site requires a Cisco.com login ID and password. If you have a valid service contract but do not have a login ID or password, go to the following URL to register:

http://www.cisco.com/register/

If you cannot resolve your technical issues by using the Cisco TAC Web Site, and you are a Cisco.com registered user, you can open a case online by using the TAC Case Open tool at the following URL:

http://www.cisco.com/tac/caseopen

If you have Internet access, it is recommended that you open P3 and P4 cases through the Cisco TAC Web Site.

Cisco TAC Escalation Center

The Cisco TAC Escalation Center addresses issues that are classified as priority level 1 or priority level 2; these classifications are assigned when severe network degradation significantly impacts business operations. When you contact the TAC Escalation Center with a P1 or P2 problem, a Cisco TAC engineer will automatically open a case.

To obtain a directory of toll-free Cisco TAC telephone numbers for your country, go to the following URL:

http://www.cisco.com/warp/public/687/Directory/DirTAC.shtml

Before calling, please check with your network operations center to determine the level of Cisco support services to which your company is entitled; for example, SMARTnet, SMARTnet Onsite, or Network Supported Accounts (NSA). In addition, please have available your service agreement number and your product serial number.