Table Of Contents
Cisco MDS 9000 Family Release Notes
for Cisco MDS NX-OS Release 5.0(1b)
Release Date: August 13, 2010
Part Number: OL-21012-02 E0
This document describes the caveats and limitations associated with Cisco MDS NX-OS Release 5.0(1b), which is a limited release that supports only the Cisco MDS 8Gb Fabric Switch for HP BladeSystem c-Class.
Table 1 shows the on-line change history for this document.
Table 1 Online History Change
Revision Date Description
Created release notes.
Updated the "Licensed Cisco NX-OS Software Packages" section.
Added DDTS CSCtn68418.
Added DDTS CSCto68011.
April 30, 2012
Added open caveat CSCty32238.
This document includes the following:
The Cisco MDS 9000 Family of Multilayer Directors and Fabric Switches provides industry-leading availability, scalability, security, and management, allowing you to deploy high performance storage-area networks with lowest total cost of ownership. Layering a rich set of intelligent features onto a high performance, protocol agnostic switch fabric, the Cisco MDS 9000 Family addresses the stringent requirements of large data center storage environments: uncompromising high availability, security, scalability, ease of management, and seamless integration of new technologies.
Cisco MDS 9000 NX-OS Software powers the award winning Cisco MDS 9000 Series Multilayer Switches. It is designed to create a strategic SAN platform with superior reliability, performance, scalability, and features. Formerly known as Cisco SAN-OS, Cisco MDS 9000 NX Software is fully interoperable with earlier Cisco SAN-OS versions and enhances hardware platform and module support.
Software Download Process
This section describes the software download process for the Cisco MDS NX-OS software and includes the following topics:
Determining the Software Version
To determine the version of Cisco MDS NX-OS or SAN-OS software currently running on a Cisco MDS 9000 Family switch using the CLI, log in to the switch and enter the show version EXEC command.
Determining Software Version Compatibility
Table 2 lists the software versions that are compatible in a mixed SAN environment, the minimum software versions that are supported, and the versions that have been tested. We recommend that you use the latest software release supported by your vendor for all Cisco MDS 9000 Family products.
To download the latest Cisco MDS NX-OS software, access the Software Center at this URL:
Note If you would like to request a copy of the source code under the terms of either GPL or LGPL, please send an e-mail to email@example.com.
The images for the Cisco MDS 8Gb Fabric Switch for HP BladeSystem c-Class are listed in Table 3.
Table 3 Software Images
Cisco Switch Type Image Names
Cisco MDS 8Gb Fabric Switch for HP BladeSystem c-Class
Note Cisco MDS NX-OS Release 5.0(1b) is supported only on the Cisco MDS 8Gb Fabric Switch for HP BladeSystem c-Class. Do not install Release 5.0(1b) images on any other Cisco MDS 9000 Family switch, including any MDS 9100 Series switch.
For information about NX-OS features, see the documentation listed in the Related Documentation section.
Licensed Cisco NX-OS Software Packages
Most Cisco MDS 9000 family software features are included in the standard package. However, some features are logically grouped into add-on packages that must be licensed separately, such as the Cisco MDS 9000 Enterprise package, SAN Extension over IP package, Mainframe package, Fabric Manager Server (FMS) package, Storage Services Enabler (SSE) package, Storage Media Encryption package, and Data Mobility Manager package. On-demand ports activation licenses are also available for the Cisco MDS Blade Switch Series and 4-Gbps Cisco MDS 9100 Series Multilayer Fabric switches.
The standard software package that is bundled at no charge with the Cisco MDS 9000 Family switches includes the base set of features that Cisco believes are required by most customers for building a SAN. The Cisco MDS 9000 family also has a set of advanced features that are recommended for all enterprise SANs. These features are bundled together in the Cisco MDS 9000 Enterprise package. Refer to the Cisco MDS 9000 Enterprise package fact sheet for more information.
SAN Extension over IP Package
The Cisco MDS 9000 SAN Extension over IP package allows the customer to use FCIP to extend SANs over wide distances on IP networks using the Cisco MDS 9000 family IP storage services. Refer to the Cisco MDS 9000 SAN Extension over IP package fact sheet for more information.
The Cisco MDS 9000 Mainframe package uses the FICON protocol and allows control unit port management for in-band management from IBM S/390 and z/900 processors. FICON VSAN support is provided to help ensure true hardware-based separation of FICON and open systems. Switch cascading, fabric binding, and intermixing are also included in this package. Refer to the Cisco MDS 9000 Mainframe package fact sheet for more information.
Storage Services Enabler Package
The Cisco MDS 9000 SSE package allows network-based storage applications and services to run on the Cisco MDS 9000 family SSMs, Cisco MDS 9000 18/4-Port Multiservice Module (MSM-18/4), and Cisco MDS 9222i. Intelligent fabric applications simplify complex IT storage environments and help organizations gain control of capital and operating costs by providing consistent and automated storage management. Refer to the Cisco MDS 9000 SSE package fact sheet for more information.
On-Demand Port Activation License
On-demand ports allow customers to benefit from Cisco NX-OS Software features while initially purchasing only a small number of activated ports on 8-Gbps or 4-Gbps Cisco MDS 9100 Series Multilayer Fabric switches. As needed, customers can expand switch connectivity by licensing additional ports.
Storage Media Encryption Package
The Cisco MDS 9000 Storage Media Encryption package enables encryption of data at rest on heterogeneous tape devices and virtual tape libraries as a transparent fabric service. Cisco SME is completely integrated with Cisco MDS 9000 Family switches and the Cisco Fabric Manager application, enabling highly available encryption services to be deployed without rewiring or reconfiguring SANs, and allowing them to be managed easily without installing additional management software. Refer to the Cisco MDS 9000 Storage Media Encryption package fact sheet for more information. The Storage Media Encryption package is for use only with Cisco MDS 9000 Family switches.
Data Mobility Manager Package
The Cisco MDS 9000 Data Mobility Manager package enables data migration between heterogeneous disk arrays without introducing a virtualization layer or rewiring or reconfiguring SANs. Cisco DMM allows concurrent migration between multiple LUNs of unequal size. Rate-adjusted migration, data verification, dual Fibre Channel fabric support, and management using Cisco Fabric Manager provide a complete solution that greatly simplifies and eliminates most downtime associated with data migration. Refer to the Cisco MDS 9000 Data Mobility Manager package fact sheet for more information. The Data Mobility Manager package is for use only with Cisco MDS 9000 Family switches.
I/O Accelerator Package
The Cisco I/O Accelerator (IOA) package activates IOA on the Cisco MDS 9222i fabric switch, the Cisco MDS 9000 18/4 Multiservice Module (MSM-18/4), and on the SSN-16 module. The IOA package is licensed per service engine and is tied to the chassis. The number of licenses required is equal to the number of service engines on which the intelligent fabric application is used.The SSN-16 requires a separate license for each engine on which you want to run IOA. Each SSN-16 engine that you configure for IOA checks out a license from the pool managed at the chassis level. SSN-16 IOA licenses are available as single licenses.
XRC Acceleration License
The Cisco Extended Remote Copy (XRC) acceleration license activates FICON XRC acceleration on the Cisco MDS 9222i switch and on the MSM-18/4 in the Cisco MDS 9500 Series directors. One license per chassis is required. You must install the Mainframe Package and the SAN Extension over FCIP Package before you install the XRC acceleration license. The Mainframe Package enables the underlying FICON support, and the FCIP license or licenses enable the underlying FCIP support. XRC acceleration is not supported on the SSN-16.
Limitations and Restrictions
This section lists the limitations and restrictions for this release. The following limitations are described:
Features Not Supported on the Cisco MDS 8Gb Fabric Switch
The following NX-OS features are not supported on the Cisco MDS 8Gb Fabric Switch for HP BladeSystem c-Class:
•Translative loop support
•FCC - no generation, quench reaction only
In addition, the following features have these limits:
•VSANs - 31 maximum
•SPAN - 1 session maximum
The management port on Cisco MDS switches supports one user-configured IPv6 address, but does not support auto-configuration of an IPv6 address.
When a user belongs to a role which has a VSAN policy set to Deny and the role allows access to a specific set of VSANs (for example, 1 through 10), the user is restricted from performing the configuration, clear, execute, and debug commands which had a VSAN parameter outside this specified set. Users are allowed to perform show commands for all VSANs.
Schedule Job Configurations
Scheduler job configurations need to be entered in a single line with a semicolon(;) as the delimiter.
Maximum Number of Zones Supported in Interop Mode 4
In interop mode 4, the maximum number of zones that is supported in an active zone set is 2047, due to limitations in the connected vendor switch.
When IVR is used in interop mode 4, the maximum number of zones supported, including IVR zones, in the active zone set is 2047.
Reserved VSAN Range and Isolated VSAN Range Guidelines
On an NPV switch with a trunking configuration on any interface, or on a regular switch where the feature fport_channel_trunk command has been issued to enable the Trunking F PortChannels feature, follow these configuration guidelines for reserved VSANs and the isolated VSAN:
•If trunk mode is on for any of the interfaces or NP PortChannel is up, the reserved VSANs are 3040 to 4078, and they are not available for user configuration.
•The Exchange Virtual Fabric Protocol (EVFP) isolated VSAN is 4079, and it is not available for user configuration.
The following VSAN IDs are assigned in the Fibre Channel Framing and Signaling (FC-FS) interface standard:
Applying Zone Configurations to VSAN 1
In the setup script, you can configure system default values for the default-zone to be permit or deny, and you can configure default values for the zone distribution method and for the zone mode.
These default settings are applied when a new VSAN is created. However, the settings will not take effect on VSAN 1, because it exists prior to running the setup script. Therefore, when you need those settings for VSAN 1, you must explicitly issue the following commands:
•zone default-zone permit vsan 1
•zoneset distribute full vsan 1
•zone mode enhanced vsan 1
PPRC Not Supported with FCIP Write Acceleration
IBM Peer to Peer Remote Copy (PPRC) is not supported with FCIP Write Acceleration.
Configuring a Persistent FCID in an IVR Configuration with Brocade Switches
The following information is relevant if you have a fabric that consists of Cisco MDS 9000 switches and Brocade switches, and the Cisco MDS switches are running either NX-OS Release 4.x or Release 5.x and Brocade is running FOS higher than 6.x. In an IVR configuration, when IVR NAT is enabled on a Cisco MDS 9000 switch, the device in the native VSAN should be configured with a persistent FCID. Assuming the FCID is 0xAABBCC, AA should be configured with the virtual IVR domain ID of the VSAN that contains the ISLs and BB should be configured in the following range:
•1 through 64 if the Brocade switch is operating in native interop mode.
•1 through 30 if the Brocade switch is operating in McData Fabric mode or McData Open Fabric Mode.
This configuration ensures that the devices connected to the Cisco MDS 9000 switch can be seen in the name server database on the Brocade switch.
This section lists the open and resolved caveats for this release. Use Table 4 to determine the status of a particular caveat. In the table, "O" indicates an open caveat and "R" indicates a resolved caveat.
Table 4 Open Caveats and Resolved Caveats Reference
DDTS Number NX-OS Software Release (Open or Resolved) NX-OS Software Release (Open or Resolved) 5.0(1a) 5.0(1b)
Symptom: The fcdomain service on both supervisor modules fails, which results in a reload of the device. An error message similar to the following is displayed:'' %SYSMGR-2-SERVICE_CRASHED: Service ''fcdomain'' (PID 4688) hasn't caught signal 11 (core will be saved)''
This issue affects the following products when they have SNMP configured:
–Cisco MDS 9000 Series Multilayer switches
–Cisco Nexus 5000 Series switches and Cisco Nexus 2000 Series, running in FC switching mode (NPV mode is not affected).
The following products are confirmed not vulnerable:
–Cisco Nexus 7000 Series switches
–Cisco Nexus 4000 Series switches
Workaround: The following workaround is available:
Infrastructure Access Control Lists
Caution Because the feature in this vulnerability uses UDP as a transport, it is possible to spoof the sender's IP address, which may defeat ACLs that permit communication to these ports from trusted IP addresses.
Although it is often difficult to block traffic that transits a network, it is possible to identify traffic that should never be allowed to target infrastructure devices and block that traffic at the border of networks. Infrastructure Access Control Lists (iACLs) are a network security best practice and should be considered as a long-term addition to good network security as well as a workaround for this specific vulnerability. The iACL example below should be included as part of the deployed infrastructure access-list which will protect all devices with IP addresses in the infrastructure IP address range:!---!--- Feature: SNMP!---!---!--- Permit SNMP traffic from trusted sources.!---ip access-list 150 permit udp TRUSTED_SOURCE_ADDRESSES WILDCARDINFRASTRUCTURE_ADDRESSES WILDCARD eq port snmpip access-list 150 permit tcp TRUSTED_SOURCE_ADDRESSES WILDCARDINFRASTRUCTURE_ADDRESSES WILDCARD eq port snmp!---!--- Deny SNMP traffic from all other sources.!---ip access-list 150 deny udp any any eq port snmpip access-list 150 deny tcp any any eq port snmp!---!--- Permit/deny all other Layer 3 and Layer 4 traffic in!--- accordance with existing security policies and!--- configurations. Permit all other traffic to transit the!--- device.!---access-list 150 permit ip any any!--- Apply access-list to management interfaceinterface serial 2/0ip access-group 150 in
For more information on IP Access Control Lists see the "Configuring IPv4 and IPv6 Access Control List" section in the Cisco MDS 9000 Family NX-OS Security Configuration Guide at the following location:
For more information on IP Access Control Lists see the "Configuring ACLs" section in the Cisco Nexus 5000 Series NX-OS Software Configuration Guide at the following location:
Symptom: On certain hardware, certain Cisco MDS 9000 Series features and applications do not work. These include IVR, IOA, DMM, SME, fcflow, and SPAN.
The following devices with hardware revision 1.5 are affected by this issue:
–DS-X9248-96K9, 48-port 8-Gbps Fibre Channel Switching Module
–DS-X9248-48K9, 4/44-port host-optimized 8-Gbps Fibre Channel Switching Module
–DS-X9224-96K9, 24-port 8-Gbps Fibre Channel Switching Module
The following devices with hardware revision 1.0 are affected by this issue:
–DS-X9304-18K9, 18/4-Port Multiservice Module (MSM-18/4)
For this module, the affected version is 73-14372-01A0 hardware version 1.0 (due to the new 73-number)
–DS-C9222i-K9, Cisco MDS 9222i Multilayer Fabric Switch
For this switch, the affected version is 73-14373-01A0 hardware version 1.0 (due to the new 73-number)
For the DS-X9248-96K9, DS-X9248-48K9 and DS-X9224-96K9 modules, the output of the show module command indicates whether or not the device is affected.switch# sh mod 2Mod Ports Module-Type Model Status--- ----- ----------------------------------- ------------------ ----------2 24 1/2/4/8 Gbps FC Module DS-X9224-96K9 okMod Sw Hw World-Wide-Name(s) (WWN)--- -------------- ------ --------------------------------------------------2 5.2(1) <B>1.0</B> 20:41:00:0d:ec:24:f4:c0 to20:58:00:0d:ec:24:f4:c0
In the preceding output, the device is hardware revision 1.0 and therefore not affected.
For the DS-X9304-18K9 and the DS-C9222i-K9, the show module command might indicate hardware version 1.0 due to new part numbers; however the show sprom module command shows the affected parts.switch# sh mod 9Mod Ports Module-Type Model Status--- ----- ----------------------------------- ------------------ ----------9 22 4x1GE IPS, 18x1/2/4Gbps FC Module DS-X9304-18K9 okMod Sw Hw World-Wide-Name(s) (WWN)--- -------------- ------ --------------------------------------------------9 5.2(1) 1.0 22:01:00:0d:ec:25:e9:80 to 22:12:00:0d:ec:25:e9:80Mod MAC-Address(es) Serial-Num--- -------------------------------------- ----------9 00-1a-e2-03-4c-5c to 00-1a-e2-03-4c-64 JAE1131SCBWswitch# sh sprom module 9 1 |egrep "Part|Serial"Serial Number : JAE1131SCBWPart Number : 73-10688-06 <-- Not 73-14372-01 so h/w ver 1.0 is OKPart Revision : A0
Workaround: Upgrade to software release that has the fix for this issue.
–After performing a software upgrade to a Cisco NX-OS release that contains a fix for this issue, it may be necessary to enter the shut command followed by the no shut command on the affected host ports to regain connectivity.
–If you perform a nondisruptive upgrade or downgrade from a release that contains a fix to a release that does not contain the fix, you need to reload each module affected by this issue.
–If you have a Cisco MDS 9222i swtich that is affected by this issue, and you perform a nondisruptive upgrade or downgrade from a release that contains a fix to a release that does not contain the fix, you need to reload the switch.
Symptom: When you try to save a configuration, you might see the following message:switch# copy run start[########################################] 100%Configuration update aborted: request was aborted%DAEMON-3-SYSTEM_MSG: ntp:can't open /mnt/pss/ntp.drift.TEMP: No space left on device- ntpd[xxxx]%PLATFORM-2-MEMORY_ALERT: Memory Status Alert : MINOR%PLATFORM-2-MEMORY_ALERT: Memory Status Alert : MINOR ALERT RECOVERED`show system internal flash` output will display /isan as 100% full.Mount-on 1K-blocks Used Available Use% Filesystem/ 204800 54624 150176 27 /dev/root/proc 0 0 0 0 proc/isan 409600 409576 24 100 none
This symptom was seen because the Call Home feature had duplicate message throttling disabled and there were flapping interfaces that generated thousands of Call Home messages. These messages filled up the ISAN directory.
Workaround: To work around this issue, enable Call Home duplicate message throttling. If you find that the /isan directory is 100 percent full, open a TAC case to get assistance with deleting the files. OP
The documentation set for NX-OS for the Cisco MDS 9000 Family includes the following documents. To find a document online, access the following web site:
•Cisco MDS 9000 Family Release Notes for Cisco MDS NX-OS Releases
•Cisco MDS 9000 Family Release Notes for MDS SAN-OS Releases
•Cisco MDS 9000 Family Release Notes for Storage Services Interface Images
•Cisco MDS 9000 Family Release Notes for Cisco MDS 9000 EPLD Images
Regulatory Compliance and Safety Information
•Regulatory Compliance and Safety Information for the Cisco MDS 9000 Family
•Cisco Data Center Interoperability Support Matrix
•Cisco MDS 9000 NX-OS Hardware and Software Compatibility Information and Feature Lists
•Cisco MDS NX-OS Release Compatibility Matrix for Storage Service Interface Images
•Cisco MDS 9000 Family Switch-to-Switch Interoperability Configuration Guide
•Cisco MDS NX-OS Release Compatibility Matrix for IBM SAN Volume Controller Software for Cisco MDS 9000
•Cisco MDS SAN-OS Release Compatibility Matrix for VERITAS Storage Foundation for Networks Software
•Cisco MDS 9500 Series Hardware Installation Guide
•Cisco MDS 9200 Series Hardware Installation Guide
•Cisco MDS 9100 Series Hardware Installation Guide
•Cisco MDS 9124 and Cisco MDS 9134 Multilayer Fabric Switch Quick Start Guide
Software Installation and Upgrade
•Cisco MDS 9000 NX-OS Release 4.1(x) and SAN-OS 3(x) Software Upgrade and Downgrade Guide
•Cisco MDS 9000 Family Storage Services Interface Image Install and Upgrade Guide
•Cisco MDS 9000 Family Storage Services Module Software Installation and Upgrade Guide
•Cisco MDS 9000 Family NX-OS Licensing Guide
•Cisco MDS 9000 Family NX-OS Fundamentals Configuration Guide
•Cisco MDS 9000 Family NX-OS System Management Configuration Guide
•Cisco MDS 9000 Family NX-OS Interfaces Configuration Guide
•Cisco MDS 9000 Family NX-OS Fabric Configuration Guide
•Cisco MDS 9000 Family NX-OS Quality of Service Configuration Guide
•Cisco MDS 9000 Family NX-OS Security Configuration Guide
•Cisco MDS 9000 Family NX-OS IP Services Configuration Guide
•Cisco MDS 9000 Family NX-OS Intelligent Storage Services Configuration Guide
•Cisco MDS 9000 Family NX-OS High Availability and Redundancy Configuration Guide
•Cisco MDS 9000 Family NX-OS Inter-VSAN Routing Configuration Guide
•Cisco MDS 9000 Family Command Reference
Intelligent Storage Networking Services Configuration Guides
•Cisco MDS 9000 I/O Acceleration Configuration Guide
•Cisco MDS 9000 Family SANTap Deployment Guide
•Cisco MDS 9000 Family Data Mobility Manager Configuration Guide
•Cisco MDS 9000 Family Storage Media Encryption Configuration Guide
•Cisco MDS 9000 Family Secure Erase Configuration Guide
•Cisco MDS 9000 Family Cookbook for Cisco MDS SAN-OS
Troubleshooting and Reference
•Cisco NX-OS System Messages Reference
•Cisco MDS 9000 Family NX-OS Troubleshooting Guide
•Cisco MDS 9000 Family NX-OS MIB Quick Reference
•Cisco MDS 9000 Family NX-OS SMI-S Programming Reference
Obtaining Documentation and Submitting a Service Request
For information on obtaining documentation, submitting a service request, and gathering additional information, see the monthly What's New in Cisco Product Documentation, which also lists all new and revised Cisco technical documentation, at:
Subscribe to the What's New in Cisco Product Documentation as a Really Simple Syndication (RSS) feed and set content to be delivered directly to your desktop using a reader application. The RSS feeds are a free service and Cisco currently supports RSS version 2.0.
This document is to be used in conjunction with the documents listed in the "CSCtn68418" section.
Cisco and the Cisco Logo are trademarks of Cisco Systems, Inc. and/or its affiliates in the U.S. and other countries. A listing of Cisco's trademarks can be found at www.cisco.com/go/trademarks. Third party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1005R)
Any Internet Protocol (IP) addresses used in this document are not intended to be actual addresses. Any examples, command display output, and figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses in illustrative content is unintentional and coincidental.
© 2010 Cisco Systems, Inc. All rights reserved.