Cisco MDS 9000 Series Release Notes for Cisco MDS NX-OS Release 6.2(5)
MDS 9000 Chassis and Module Support
Determining the Software Version
Determining Software Version Compatibility
Selecting the Software Image for an MDS 9148 Switch
Selecting the Software Image for an MDS 9222i Switch
Selecting the Software Image for an MDS 9250i Switch
Selecting the Software Image for an MDS 9500 Series Switch
Selecting the Software Image for an MDS 9710 Switch
Upgrading Your Cisco MDS NX-OS Software Image
FICON Supported Releases and Upgrade Paths
Downgrading Your Cisco MDS SAN-OS Software Image
General Downgrading Guidelines
New Hardware in Cisco MDS NX-OS Release 6.2(5)
Cisco MDS 9250i Multiservice Fabric Switch
New Software Features in Cisco NX-OS Release 6.2(5)
New Software Features in Cisco NX-OS Release 6.2(3)
New Software Features in Cisco NX-OS Release 6.2(1)
Licensed Cisco NX-OS Software Packages
On-Demand Port Activation License
Deprecated and Changed Features
FCoE on the Cisco MDS 9710 Director
ASCII File Can Be Copied to the Startup Configuration
Fibre Channel Security Protocol (FC-SP) Not Supported
Install Module Command Changes
IOA Scaling Support on Supervisor-2 Module
Regulatory Compliance and Safety Information
Software Installation and Upgrade
Cisco NX-OS Configuration Guides
Intelligent Storage Networking Services Configuration Guides
Obtaining Documentation and Submitting a Service Request
Release Date: January 31, 2014
This document describes the caveats and limitations for switches in the Cisco MDS 9000 Series. Use this document in conjunction with documents listed in the “Obtaining Documentation and Submitting a Service Request” section.
Release notes are sometimes updated with new information on restrictions and caveats. Refer to the following website for the most recent version of the Cisco MDS 9000 Series Release Notes : http://www.cisco.com/en/US/products/ps5989/prod_release_notes_list.html.
Table 1 shows the online change history for this document.
Added resolved caveat CSCum21081. |
||
|
||
|
||
Added open caveat CSCva31989. |
||
Added open caveat CSCvs57660. |
||
Added open caveat CSCuv76123. |
This document includes the following:
The Cisco MDS 9000 Series of Multilayer Directors and Fabric Switches provides industry-leading availability, scalability, security, and management, allowing you to deploy high performance storage-area networks with lowest total cost of ownership. Layering a rich set of intelligent features onto a high performance, protocol agnostic switch fabric, the Cisco MDS 9000 Series addresses the stringent requirements of large data center storage environments: uncompromising high availability, security, scalability, ease of management, and seamless integration of new technologies.
Cisco MDS 9000 NX-OS software powers the award-winning Cisco MDS 9000 Series Multilayer Switches. It is designed to create a strategic SAN platform with superior reliability, performance, scalability, and features. Formerly known as Cisco SAN-OS, Cisco MDS 9000 NX-OS software is fully interoperable with earlier Cisco SAN-OS versions and enhances hardware platform and module support.
Table 2 lists the NX-OS software part numbers and hardware components supported by the Cisco MDS 9000 Series.
Note For the latest information about supported transceivers, see the Cisco MDS 9000 Family Pluggable Transceivers data sheet.
Table 3 lists the part numbers and optical components supported by the Cisco MDS 9000 Series.
Table 4 lists the MDS hardware chassis supported by Cisco MDS NX-OS Release 6.2 5.
Yes1 |
|
Table 5 lists the MDS hardware chassis supported by Cisco MDS NX-OS Release 5.x.
Table 6 lists the MDS hardware modules supported Cisco MDS NX-OS Release 6.2 Table 7 lists the MDS hardware modules supported by Cisco MDS NX-OS 5.x. For the list of MDS hardware modules supported by Cisco MDS SAN-OS 4.x, see Table 8 . For the list of MDS hardware modules supported by Cisco MDS SAN-OS 3.x, see Table 9 .
Yes 1 |
||||
Yes 1 |
||||
Yes5 |
||||
Yes 3 |
||||
4/44-port Host Optimized 8-Gbps Fibre Channel Switching Module |
||||
Table 9 lists the MDS hardware modules supported by Cisco MDS SAN-OS 3.x.
Yes11 |
||||||
4/44-port Host Optimized8-Gbps Fibre Channel Switching Module |
||||||
18/4-Port Multiservice Module (MSM-18/4)12 |
||||||
Use the software download procedure to upgrade to a later version, or downgrade to an earlier version, of an operating system. This section describes the software download process for the Cisco MDS NX-OS software and includes the following topics:
To determine the version of Cisco MDS NX-OS or SAN-OS software currently running on a Cisco MDS 9000 Series switch using the CLI, log in to the switch and enter the show version EXEC command.
To determine the version of Cisco MDS NX-OS or SAN-OS software currently running on a Cisco MDS 9000 Series switch using Cisco DCNM for SAN, view the Switches tab in the Information pane, locate the switch using the IP address, logical name, or WWN, and check its version in the Release column.
Table 10 lists the software versions that are compatible in a mixed SAN environment, the minimum software versions that are supported, and the versions that have been tested. We recommend that you use the latest software release supported by your vendor for all Cisco MDS 9000 Series products.
The Cisco MDS NX-OS software is designed for mission-critical high-availability environments. To realize the benefits of nondisruptive upgrades on the Cisco MDS 9500 Directors, we highly recommend that you install dual supervisor modules.
To download the latest Cisco MDS NX-OS software, access the Software Center at this URL:
http://www.cisco.com/cisco/software/navigator.html?a=a&i=rpm
See the following sections in this release note for details on how you can nondisruptively upgrade your Cisco MDS 9000 switch. Issuing the install all command from the CLI, or using Cisco DCNM for SAN to perform the downgrade, enables the compatibility check. The check indicates if the upgrade can happen nondisruptively or disruptively depending on the current configuration of your switch and the reason.
At a minimum, you need to disable the default device alias distribution feature using the no device-alias distribute command in global configuration mode. The show incompatibility system bootflash: system image filename command determines which additional features need to be disabled.
Note If you would like to request a copy of the source code under the terms of either GPL or LGPL, please send an e-mail to mds-software-disclosure@cisco.com.
The system and kickstart image that you use for an MDS 9148 switch is shown in Table 11 .
The system and kickstart image that you use for an MDS 9222i switch is shown in Table 12 .
The system and kickstart image that you use for an MDS 9250i switch is shown in Table 13 .
The system and kickstart image that you use for an MDS 9500 Series switch with a Supervisor-2 or Supervisor-2A module is shown in Table 14 . Cisco NX-OS Release 6.x, Release 5.x, and Release 4.x do not support the Supervisor-1 module.
Use the show module command to display the type of supervisor module in the switch. The following is sample output from the show module command on a Supervisor-2 module:
The system and kickstart image that you use for an MDS 9710 switch is shown in Table 15 .
No payload encryption (NPE) images are available with Cisco MDS NX-OS Release 6.2(5) software. The NPE images are intended for countries who have import restrictions on products that encrypt payload data.
To differentiate an NPE image from the standard software image, the letters npe are included in the image name as follows:
When downloading software, ensure that you select the correct software images for you Cisco MDS 9000 Series switch. Nondisruptive software upgrades or downgrades between NPE images and non-NPE images are not supported.
This section lists the guidelines recommended for upgrading your Cisco MDS NX-OS software image and includes the following topics:
Note Before you begin the upgrade process, review the list of chassis and modules that Cisco MDS NX-OS Release 6.2(5) supports. See the “MDS 9000 Chassis and Module Support” section.
For detailed instructions for performing a software upgrade using Cisco DCNM, see the Cisco DCNM Release Notes, Release 6.2, which is available from the following website:
http://www.cisco.com/en/US/products/ps10495/prod_release_notes_list.html
Before upgrading your Cisco NX-OS software, you must determine if the following issue has occurred in your switch:
An ISSU or ISSD involves a supervisor switchover, so it is very important that you determine if this issue is present before a supervisor switchover occurs. If this issue is detected before the supervisor switchover, the affected interfaces can be restored easily by entering the shutdown and no shutdown command sequence.
The following example shows how to determine if the issue has occurred before a supervisor switchover:
Look for the value for a Max flogi key that is greater than 65535.
In the example, the fc4/32 interface has encountered this issue, but the fc6/32 interface is normal.
If you see that an interface has a Max flogi key greater than 65535 before a system switchover, ISSU, or ISSD, you must disable the interface and then reenable it by using the shutdown command followed by the no shutdown command. This process disrupts the devices on the interface that is being shut down. After the devices relogin, the Max flogi key is reset to 1 and you can avoid this issue.
If an install and/or ISSU, or supervisor switchover has occurred, compare the number of devices fabric login (FLOGI) with the number of devices in the Fibre Channel Name Server (FCNS) local database. Enter the show flogi database and the show fcns database local commands and use the CLI outputs for comparison. If the FLOGI database has fewer entries than the FCNS local database, the issue has occurred.
Also, if the following error message appears after an install, ISSU, or supervisor switchover, the issue might bug may have been encountered:
If you observe either of the above situations, open a case with the Cisco TAC.
Note If the Max flogi key value is a large number and is incrementing, it indicates that a device is repeatedly logging in. This situation might be a separate problem that needs further investigation. For assistance, contact the Cisco TAC.
In addition, follow these general guidelines before performing a software upgrade:
– Fibre Channel Ports : Fibre Channel ports can be nondisruptively upgraded without affecting traffic on the ports. See Table 16 for the nondisruptive upgrade path for all NX-OS and SAN-OS releases.
– Gigabit Ethernet Ports : Traffic on Gigabit Ethernet ports is disrupted during an upgrade or downgrade. This includes IPS modules and the Gigabit Ethernet ports on the MSM-18/4 module and the MDS 9222i and MDS 9250i switch. Those nodes that are members of VSANs traversing an FCIP ISL are impacted, and a fabric reconfiguration occurs. iSCSI initiators connected to the Gigabit Ethernet ports lose connectivity to iSCSI targets while the upgrade is in progress.
– FICON : If you have FICON enabled, the upgrade path is different. See the “FICON Supported Releases and Upgrade Paths” section.
Note In addition to these guidelines, you may want to review the information in the “Limitations and Restrictions” section prior to a software upgrade to determine if a feature may possibly behave differently following the upgrade.
Use Table 16 to determine your nondisruptive upgrade path to Cisco MDS NX-OS Release 6.2(5). Find the image release number you are currently using in the “Current Release” column of the table and follow the steps in the order specified to perform the upgrade.
Note The software upgrade information in Table 16 applies only to Fibre Channel switching traffic. Upgrading system software disrupts IP traffic and intelligent services traffic.
Cisco MDS NX-OS Release 6.2(5) is not a FICON-certified release.
Table 17 lists the SAN-OS and NX-OS releases that are certified for FICON. Refer to the specific release notes for FICON upgrade path information.
Use Table 18 to determine the nondisruptive upgrade path for FICON-certified releases. Find the image release number you are currently using in the Current Release with FICON Enabled column of the table and follow the recommended path.
This section lists the guidelines recommended for downgrading your Cisco MDS SAN-OS software image and includes the following topics:
Follow these general guidelines before you perform a software downgrade:
– Fibre Channel Ports : Fibre Channel ports can be nondisruptively downgraded without affecting traffic on the ports. See Table 19 for the nondisruptive downgrade path for all SAN-OS releases.
– Gigabit Ethernet Ports : Traffic on Gigabit Ethernet ports is disrupted during a downgrade. This includes IPS modules and the Gigabit Ethernet ports on the MSM-18/4 module, and the MDS 9222i switch. Those nodes that are members of VSANs traversing an FCIP ISL are impacted, and a fabric reconfiguration occurs. iSCSI initiators connected to the Gigabit Ethernet ports lose connectivity to iSCSI targets while the downgrade is in progress.
– FICON : If you have FICON enabled, the downgrade path is different. See the “FICON Downgrade Paths” section.
Use Table 19 to determine the nondisruptive downgrade path from Cisco NX-OS Release 6.2(5). Find the NX-OS or SAN-OS image that you want to downgrade to in the To SAN-OS Release column of the table and follow the steps in the order specified to perform the downgrade.
Note The software downgrade information in Table 19 applies only to Fibre Channel switching traffic. Downgrading system software disrupts IP and intelligent services traffic.
Table 20 lists the downgrade paths for FICON releases. Find the image release number that you want to downgrade to in the To Release with FICON Enabled column of the table and follow the recommended downgrade path.
This section briefly describes the new hardware introduced in Cisco NX-OS Release 6.2(5). For detailed information about the new hardware, see the Cisco MDS 9250i Hardware Installation Guide that is available from this URL:
http://www.cisco.com/en/US/partner/products/ps5989/prod_installation_guides_list.html
The Cisco MDS 9250i Multiservice Fabric Switch (DS-C9250I-K9) is an optimized platform for deploying high-performance SAN extension solutions, distributed intelligent fabric services, and cost-effective multiprotocol connectivity for both open systems and mainframe environments.
The Cisco MDS 9250i switch is an ideal solution for local office and remote branch-office SANs and also in large-scale SANs operating the Cisco MDS 9700 and 9500 Series Multilayer director platforms.
The Cisco MDS 9250i switch offers 40 autosensing 2-, 4-, 8-, and 16-Gbps line-rate Fibre Channel ports, eight 10-Gigabit Ethernet Fibre Channel over Ethernet (FCoE) ports, and two 10-Gigabit Ethernet IP storage services ports in a fixed two-rack-unit (2RU) form factor.
This section briefly describes the new software features introduced in Cisco NX-OS Release 6.2(5).
– Changed the CLI output for the show ioa cluster flows command.
– Introduced the ioa-ping command.
– Introduced the ability to display IOA engine utilization.
– Introduced the ability to display hosts and targets by device alias in IOA.
This section briefly describes the new software features introduced in Cisco NX-OS Release 6.2(3).
– Changed the CLI output for the show fcdomain vsan command.
– Deprecated the show interface counters performance command.
This section briefly describes the new software features introduced in Cisco NX-OS Release 6.2(1).
Starting with Cisco NX-OS Release 6.2(1), the Cisco MDS 9000 Series supports the generic online diagnostics (GOLD) feature. With online diagnostics, you can test and verify the hardware functionality of a device while the device is connected to a live network. In particular, the online diagnostics help you verify that hardware and internal data paths are operating as designed so that you can rapidly isolate faults.
For more information about this feature, see the Cisco MDS 9000 System Management Configuration Guide at this URL:
http://www.cisco.com/en/US/products/ps5989/products_installation_and_configuration_guides_list.html
For more information about this feature, see the Cisco MDS 9000 Security Configuration Guide, at this URL:
http://www.cisco.com/en/US/products/ps5989/products_installation_and_configuration_guides_list.html
– Enhance the clear snmp counters command.
– Display ISL related information.
– Display a warning messages for a shared port interface when you bring down the port.
– Display throughput information for all ports on a line card or ISL or on a switch or chassis.
– Provide an estimated time for DMM job completion.
– Shorten the show dmm job job-id 50571379 session session_id (1-20) command to show dmm job-id 50571379 session_id 1
Information about the modified CLI commands can be found in the Cisco MDS 9000 Command Reference at this URL:
http://www.cisco.com/en/US/products/ps5989/prod_command_reference_list.html
Most Cisco MDS 9000 Series software features are included in the standard package. However, some features are logically grouped into add-on packages that must be licensed separately, such as the Cisco MDS 9000 Enterprise package, SAN Extension over IP package, Mainframe package, and Data Mobility Manager package. On-demand ports activation licenses are also available for the Cisco MDS 9250i Multiservice Fabric Switch, Cisco MDS 9148 48-Port Multilayer Fabric Switch, and the Cisco MDS 8-Gb Fabric Switch for HP c-Class Blade System.
Note A license is not required to use the Cisco MDS 9000 8-port 10-Gbps Fibre Channel over Ethernet (FCoE) module (DS-X9708-K9).
Additional information about licensed Cisco NX-OS software packages is available at this URL:
http://www.cisco.com/en/US/partner/products/ps6029/products_data_sheets_list.html
The standard software package that is bundled at no charge with the Cisco MDS 9000 Series switches includes the base set of features that Cisco believes are required by most customers for building a SAN. The Cisco MDS 9000 Series also has a set of advanced features that are recommended for all enterprise SANs. These features are bundled together in the Cisco MDS 9000 Enterprise package. Refer to the Cisco MDS 9000 Enterprise package fact sheet for more information.
The Cisco MDS 9000 SAN Extension over IP package allows the customer to use FCIP to extend SANs over wide distances on IP networks using the Cisco MDS 9000 Series IP storage services. Refer to the Cisco MDS 9000 SAN Extension over IP package fact sheet for more information.
The Cisco MDS 9000 Mainframe package uses the FICON protocol and allows control unit port management for in-band management from IBM S/390 and z/900 processors. FICON VSAN support is provided to help ensure true hardware-based separation of FICON and open systems. Switch cascading, fabric binding, and intermixing are also included in this package. Refer to the Cisco MDS 9000 Mainframe package fact sheet for more information.
The Cisco MDS 9000 Data Mobility Manager package enables data migration between heterogeneous disk arrays without introducing a virtualization layer or rewiring or reconfiguring SANs. Cisco DMM allows concurrent migration between multiple LUNs of unequal size. Rate-adjusted migration, data verification, dual Fibre Channel fabric support, and management using Cisco DCNM for SAN provide a complete solution that greatly simplifies and eliminates most downtime associated with data migration. Refer to the Cisco MDS 9000 Data Mobility Manager package fact sheet for more information. The Data Mobility Manager package is for use only with Cisco MDS 9000 Series switches.
On-demand ports allow customers to benefit from Cisco NX-OS Software features while initially purchasing only a small number of activated ports on the Cisco MDS 9250i Multiservice Fabric Switch, MDS 9148 48-Port Multilayer Fabric Switch, and the Cisco MDS 8-Gb Fabric Switch for HP c-Class Blade System. As needed, customers can expand switch connectivity by licensing additional ports.
The Cisco I/O Accelerator (IOA) package activates IOA on the Cisco MDS 9222i fabric switch, the Cisco MDS 9000 18/4 Multiservice Module (MSM-18/4), and on the SSN-16 module. The IOA package is licensed per service engine and is tied to the chassis. The number of licenses required is equal to the number of service engines on which the intelligent fabric application is used.The SSN-16 requires a separate license for each engine on which you want to run IOA. Each SSN-16 engine that you configure for IOA checks out a license from the pool managed at the chassis level. SSN-16 IOA licenses are available as single licenses.
The Cisco Extended Remote Copy (XRC) acceleration license activates FICON XRC acceleration on the Cisco MDS 9222i switch and on the MSM-18/4 in the Cisco MDS 9500 Series directors. One license per chassis is required. You must install the Mainframe Package and the SAN Extension over FCIP Package before you install the XRC acceleration license. The Mainframe Package enables the underlying FICON support, and the FCIP license or licenses enable the underlying FCIP support.
LUN zoning, read-only zones, and broadcast zones are no longer supported. These features affect the following hardware:
You cannot bring up these modules if these features are already configured. You should completely remove all configurations that include these features before you attempt to bring up these modules. In addition, you cannot configure these features after you bring up these modules.
In addition, the following software features are not supported or are changed in Cisco MDS NX-OS Release 6.2(5a):
The following software features are not supported or are changed in Cisco MDS NX-OS Release 6.2(5):
Note OHMS is supported on Cisco MDS 9500 Series directors, Cisco MDS 9250i Multiservice Fabric Switch, and Cisco MDS 9148 Multilayer Fabric Switch.
Cisco NX-OS Release 6.2(5) does not support the following hardware:
This section lists the limitations and restrictions. The following limitations are described:
The Cisco MDS 9710 Director does not support FCoE. However, the following command-line interface (CLI) commands display information about FCoE, even though the FCoE functionality does not work on the Cisco MDS 9710 switch:
The copy bootflash:runnig-config.ascii startup-config command that was deprecated in an earlier Cisco NX-OS release is enabled from Cisco NX-OS Release 6.2(1).
Cisco NX-OS Release 6.2(1) does not support the Fibre Channel Security Protocol (FC-SP) feature only on the Cisco MDS 9710 Director.
The install module module-number bios command is not supported on the Cisco MDS 9710 switch in Cisco NX-OS Release 6.2(1) and later releases. Use the install all command to upgrade the BIOS during a software upgrade.
The install module module-number bios command continues to be supported in Cisco NX-OS Release 6.2(1) on Cisco MDS 9500 Series switches.
This section lists the open and resolved caveats for this release. Use Table 21 to determine the status of a particular caveat. In the table, “O” indicates an open caveat and “R” indicates a resolved caveat.
Symptom: The zone server crashes with the following error:
Condition: This situation occurs during a normal operation.
Workaround: This issue is resolved.
Symptom: When a leap second adjustment occurs on the Network Time Protocol (NTP) server, multiple symmetrix ports that run Symmetrix Remote Data Facility (SRDF) connected to the Storage Services Module (SSM) modules experience traffic disruption with the following error:
Condition: This issue occurs during a normal operation.
Workaround: This issue is resolved.
More Information: The show logging onboard command does not display information about this error.
Symptom: When Cisco MDS switches are upgraded to or running Cisco MDS NX-OS Software Release 6.2(1) or 6.2(3), the Fibre Channel over IP (FCIP) tunnel throughput is reduced considerably. Devices that use these FCIP tunnels might experience latency issues and application outages.
Condition: This issue applies to FCIP tunnels on 16-Port Storage Services Node (SSN16) (DS-X9316-SSNK9) modules only.
Workaround: This issue is resolved.
Symptom : The full zoneset database in one or more VSANs may be empty after a supervisor switchover.
Conditions : This issue only occurs after the supervisors fail over or a user-initiated switch over occurs (but not an in service switchover situation, ie ISSU/ISSD). The precondition is created before the switchover by activating zone changes (such as adding or removing zones from a zoneset) and is more likely to occur on systems with very large zone configurations.
The symptom described here can occur if zones are modified while a switch is running any NX-OS release 5.2(2) to 5.2(8c) (inclusive), and 6.2(1) to 6.2(5) (inclusive).
Workaround : To recover from this condition follow these steps:
[i] If the full zoneset db for the affected VSAN contains multiple zonesets (ie, inactive zonesets) follow these steps:
a. add dummy zone to any zoneset in the full zoneset db for the vsan on a *neighbouring* switch, and then
b. if zoning mode is basic distribute the change or if the zoning mode is enhanced commit the change, and then
c. the dummy zone may be removed now and the zoneset redistributed/recommitted.
[ii] If the full zoneset db for the affected VSAN contains only a single zoneset (ie, no inactive zonesets) follow these steps:
a. copy the active zoneset db to the full zoneset db on the *affected* switch (it is only necessary to copy zonesets for VSANs that have empty databases), For example:
2. In both cases, save the config on the *affected* switch after step 1, For example:
To recover from condition 2 (isolated ISL) contact Cisco TAC for assistance.
Symptom : After a supervisor switchover, a subsequent ISL flap results in one or more VSAN becoming isolated on the ISL.
Conditions : These issues only occur in situations after the supervisors fail over or a user-initiated switch over ocuurs (but not an in service switchover situation, ie ISSU/ISSD). The preconditions are created before the switchover by activating zone changes (such as adding or removing zones from a zoneset) and is more likely to occur on systems with very large zone configurations.
The symptoms described here can occur if zones are modified while a switch is running any NX-OS release 5.2(2) to 5.2(8c) (inclusive), and 6.2(1) to 6.2(5) (inclusive).
Symptom : When an ISSU occurs from Cisco NX-OS Release 5.2(6b) to Release 6.2(1), LLDP command-line interface (CLI) commands are not available. In this situation, LLDP is running and traffic is flowing normally even after the ISSU, but the CLI commands are not available.
This symptom might be seen when feature-set fcoe was enabled on the original image, and feature lldps commands were working in the original image. Following the ISSU to Cisco NX-OS Release 6.2.1 image, the commands are not available.
Workaround : Following the ISSU, enter the feature lldp command on the switch to make the LLDP commands available on the switch.
Symptom : On the MDS 9513 switch, when an MSM-18/4 module boots up, it sends a request to the supervisor module to mount the modflash on the MSM-18/4 module. If there is a timeout or error in response, the following syslog message displayed:
2011 Jul 14 01:18:13 sw-dc5-br2-12 %LC_MNT_MGR-SLOT3-2-LC_MNT_MGR_ERROR: SUP mount failed. MTS receive timedout
2011 Jul 14 01:19:06 sw-dc5-br2-12 %PROC_MGR-SLOT3-2-ERR_MSG: ERROR: PID 1144 (lc_mnt_mgr) exited abnormally, exit status (0xa)
2011 Jul 14 01:19:06 sw-dc5-br2-12 %MODULE-2-MOD_MINORSWFAIL: Module 3 (serial: JAE1141ZB43) reported a failure in service lc_mnt_mgr
This issue might be seen when the supervisor module is unusually busy and cannot process the mount request from the MSM-18/4 module, or the actual mount command on the supervisor takes a long time.
Workaround : Reload the MSM-18/4 module in the same slot/module where the modflash mount failed. A request will be sent to the supervisor to mount the modflash.
Symptom : If beaconing is configured on some ports, they might stop blinking after a supervisor switchover or module reload.
Condition: This might be seen following a supervisor switchover or module reload.
Symptom: After an In Service Software Upgrade (ISSU), In Service Software Downgrade (ISSD), or supervisor switchover, devices fail to FLOGI into the switch, and the following error is logged in the syslog:
%FLOGI-1-MSG_FLOGI_REJECT_FCID_ERROR after upgrade/switchover
Condition: This situation occurs if one or all of the following occur:
1. The Max flogi key is greater than 65535. The key can get this high if there are repeated FLOGIs on an interface. After the key exceeds 65535, this issue occurs. However, this situation does not impact end devices.
2. If a supervisor switchover, such as ISSU, ISSD, or system switchover occurs when the key is greater than 65535, Fibre Channel Identifiers (FC IDs) can be dropped from the FLOGI table. The end devices continue to function normally until they are logged out and then attempt to relogin.
3. If after both 1 and 2 above have occurred and then an end device is rebooted on the affected interface, that end device might not be able to log back in.
Workaround: You must first resolve the issue with the device on the interface with the Max flogi key over 65535, such as FLOGI rejects or port security, to prevent the FLOGI key from incrementing.
If the Max flogi key value is greater than 65535 before any supervisor switchover, ISSU, or ISSD, use the shutdown and then no shutdown command on the interface. Consequently, the Max flogi key value must be checked before any supervisor switchover. However, if the supervisor switchover has already occurred and logging in are failing, you must follow either of these steps:
– Contact Cisco TAC to implement a nondisruptive recovery. This requires special files not accessible to customers.
– Suspend the VSAN and wait for 5 minutes and then unsuspend the VSAN of the affected devices on the switch. This action is disruptive to all devices in that VSAN connected to this switch.
More Information: For detailed information about this issue, see the General Upgrading Guidelines.
Symptom: One of the symptoms are observed:
– A Registered State Change Notification (RSCN) is not sent to zone members.
– The device-mapping entry, port world wide name (pWWN) associated to a device alias is not displayed in the Dynamic Port VSAN Membership (DPVM) database
– The show running-configuration ivr command does not display the changes when a device alias member in an Inter-VSAN routing zone (IVR zone) is renamed.
– The port world wide name (pWWN) associated with the device alias is found dissociated in the port security database.
– A device alias member is not found in the port security database.
Condition: This situation occurs when all or one of the conditions is met:
– A user attempts to perform a device-alias operation in batch, such as renaming an offline device alias to an existing online device alias or vice versa.
– A device alias was deleted and an existing device alias is renamed to the deleted device alias in the same commit.
– A device alias, which is not configured, resides in the DPVM database and an online device is renamed to the former.
– The IVR distribute option is enabled and the device alias is in enhanced mode, and the changes in a device alias is not updated to the IVR running configuration.
Workaround: Add the offline member to the device alias database, revert to the previous name if you have renamed a device alias, and flap the ports that are connected to the affected zone member.
Symptom: Although the http-server feature is enabled by default, Element Manager cannot be downloaded.
Condition: This situation occurs on the Cisco MDS 9710 Director running MDS NX-OS Release 6.2(3) software.
Workaround: You must enable the HTTP server by using the feature http-server command.
Symptom : In a virtual SAN (VSAN), the inter-switch link (ISL) might fail after entering the suspend command, followed by the no suspend command.
Condition: This situation occurs if the no suspend command is entered after a VSAN suspend operation.
Workaround: After entering the suspend command, wait at least from 5 to 15 minutes and then use the no suspend command.
Symptom: Traffic between two Cisco MDS 9250i switches might stop when write acceleration is enabled during a traffic flow.
Condition: This situation occurs if there are more than 11 tunnels.
Workaround: Disable the write acceleration feature on all of the tunnels or move all tunnels in a port channel.
Symptom: Several control protocols are impacted because of the FCoE data traffic congestion in the traffic flows passing through or originating or terminating on a Cisco MDS 9250i switch that runs the default 7e network-qos policy.
Condition: This is a known limitation with 7e policy. With the 7e template, all control and data FCoE traffic is sent to a single queue. When congestion in the network is present, in addition to data packets, control packets also are impacted, which results in timeouts and drops for several control protocols. Control protocols might display errors.
Workaround: Use the 6e template throughout fabric so that control and data traffic are placed in different queues and do not impact each other.
Symptom: After a switch upgrade to NX-OS 6.2(1) or later, a previously working AAA authenticated user who is configured for non network-operator privileges (such as network-admin) only receives network-operator privileges. This user is no longer able to configure the switch via CLI or SNMP.
The CLI user will show as having 'network-operator' role:
If the SNMP user exists, it will show as having 'network-operator' role:
Condition: This issue only affects logins that meet all of the following conditions:
2) are authenticated remotely via RADIUS
3) have multiple vendor-specific attributes (VSAs) defined as a single Cisco-AV Pair, for example, shell and SNMP version 3 settings:
This issue does not occur if the 'shell:roles' VSA is defined alone (even with multiple roles assigned).
Workaround: On the AAA server, create a separate RADIUS policy for NX-OS 6.2(x) users that splits Cisco-AV Pairs into true attribute pairs. For example:
Assign this policy conditionally on the requesting RADIUS client IP address (that is, a Cisco MDS switch mgmt0 IP address). Continue to use the original policy with the old format for RADIUS authentication requests from switches running NX-OS earlier than 6.2(1).
If the RADIUS server does not support conditional assignment of policies by RADIUS client IP address then an alternate method is possible. Create a local user on the switch with local role assignment which will override the remotely supplied role using the following commands:
Further Problem Description: This issue was introduced in NX-OS release 6.2(1) due to changes to make RADIUS VSA handling consistent across NX-OS platforms.
Symptom: On the Cisco MDS 9250i switch, if the Transmission Control Protocol (TCP) connections are set to 5, tape acceleration cannot be enabled.
Condition: The tcp-connections command is used to set the TCP connection to 5.
Workaround: Set TCP connections to 2.
Symptom: Inserting and removing an SFP in quick succession might cause the read operation to fail before completion with NACK errors, and the searching for supported speeds fails. This situation might prevent a port from coming up and the following error appears:
Condition: This situation occurs with specific SFPs during removal and reinsertion.
Workaround: Avoid quickly removing and inserting an SFP. After removing an SFP, wait for few seconds before reinserting it.
Symptom: The Switched Port Analyzer (SPAN) feature does not work after a member of a port channel is removed.
Condition: This situation occurs only when the monitor session source is a port channel.
Workaround: Restore the member in the port channel and then create a monitor session and add the port channel.
Symptom: The In-Service Software Upgrade (ISSU) or In-Service Software Downgrade (ISSD) of more than one Cisco MDS 9250i switch that are connected to one another might cause the VE/E links between them to go down.
Condition: This situation occurs if an ISSU or ISSD is simultaneously performed on Cisco MDS 9250i switches that are interconnected.
Workaround: Perform an ISSU or ISSD in a progressive method. For example, after the upgrade or downgrade completes on one switch, move on to another.
Symptom: On the Cisco MDS 9250i switch that is connected to a Cisco Nexus 5000 switch for virtual Fibre Channel links, an In-Service Software Upgrade (ISSU) operation becomes a disruptive process.
Condition: This situation occurs if the Cisco Nexus 5000 switch in Nport virtualization (NPV) mode is connected to the Cisco MDS 9250i switch and the host and or target is connected to the Cisco Nexus 5000 switch.
Workaround: Before an ISSU, set the FCoE fka-adv-period on the MDS 9250i switch to the maximum.
Symptom: If there is a Switched Port Analyzer (SPAN) session to inband and the switch is reloaded, the SPAN session becomes inactive, and packets are not spanned to the SPAN destination.
Condition: A Cisco MDS switch is reloaded when a SPAN session exists from an inband port.
Workaround: Delete the SPAN session and add the session again.
Symptom: During an In-Service Software Upgrade (ISSU) the Cisco MDS 9250i switch displays the following errors:
Condition: The Cisco MDS 9250i switch has 200 I/O Accelerator (IOA) disk flows.
More information: The Cisco MDS 9250i switch supports up to 180 disk flows.
Symptom: The Cisco MDS 9250i switch displays a powered-off power supply module as redundant.
Condition: Two supply modules are operational and one is in powered off.
Workaround: Ensure that all three supply modules are operational.
Symptom: For a Cisco MDS 9250i switch, an FCoE Ethernet Interface Monitor window displays Rx and Tx as 0.
Condition: This situation occurs when the interval for monitoring the Ethernet interface is set to 5 seconds in Data Center Network Manager (DCNM).
Workaround: Set the interval for monitoring an Ethernet interface to 10 or higher.
Symptom: On a Cisco MDS 9000 switch, when a fan fails, the board LED and fan LED turn red.
Condition: This situation occurs when one of the fans fails.
More information: If a fan LED and the board LED are red, it is a fan failure. If only the board LED is red, it indicates that shutdown is in progress because of an over temperature condition.
Symptom: An operational FCIP tunnel resets randomly. The following type of syslog messages are seen:
Condition: This issue occurs only on the Cisco MDS 9250i switch if IP compression is enabled on an FCIP tunnel and data is being sent from the port. All IP compression modes are affected.
Workaround: Disable IP compression on both ends of the affected FCIP link.
Symptom : A Bad IPv6 host address error appears when the snmp-server hostname is configured instead of the IP address. This issue occurs when the domain name and the nameserver IP address are configured.
Workaround : Configure the IP addresses instead of the hostname.
Symptom The Cisco MDS 9710 Director does not allow a copy running saving configuration and a switch reload operation.
Condition: Active Fibre Channel Redirect (FC-Redirect) configurations are present in Cisco MDS 9710 Director.
Workaround : Remove the Cisco MDS 9710 Director from the fabric.
Symptom: The Cisco MDS 9250i switch incorrectly displays that the Ternary Content Addressable Memory (TCAM) is full even if enough memory is available.
Condition: This situation occurs when the IOA flows go into the security region and some TCAM entries are deleted and added.
Symptom : The security service crashes when configuring an SSH authentication key.
Configuring SSH keys multiple times within 10 minutes results in a HAP reset that resets the active supervisor.
Condition : This issue intermittently occurs when configuring an SSH authentication key.
Workaround : To avoid the supervisor reset, do not configure more than 2 SSH keys per 10 minutes.
Symptom : An egress FCoE interface log output discards during congestion even though pause frames are sent upstream on the ingress interface. Pause frames received on the egress interface do not prevent the output discards.
Affected ingress interfaces can be identified when the 'ENABLED' field is 1 in the output of the following module-level command:
show hardware internal qengine inst inst-num table vq_voq_td
where inst-num = quotient of ((the port number - 1) / 4. For example, to verify Ethernet1/1 is affected using “slot 1” and “inst 0” as arguments to the above command:
Condition : This issue only applies to interfaces with a “no drop” CoS, that is, FCoE interfaces. An interface will be affected by this issue only after a supervisor switchover (this includes ISSU/ISSD switchovers) and then the interface flaps for any reason (this includes moving the interface into a port channel).
For Nexus 7000/7700 switches, the first affected release is Cisco NX-OS Release 6.2(2).
For MDS 9500/9700 switches, the first affected release is Cisco MDS NX-OS release 6.2(7).
Workaround : To nondisruptively restore the “no drop” functionality, set the priority flow control to “on” and back to “auto” for each affected ingress interface. If the interface is a member of a port channel then the change should be done at the port channel interface level. For example:
The above workaround can only be applied to interfaces which are up. This will restore the potency of pause frames on the Ethernet interfaces. However, further port flaps will cause the issue to recur on the interface.
Further Problem Description: By default, FCoE traffic is no-drop class and can be affected by this issue. Also, congestion is usually found in network designed to be oversubscribed or when slow drain devices are present in a network. To recover permanently and nondisruptively, follow these steps:
1. Apply the priority-flow-control mode on to all affected interfaces
2. Upgrade the system to a fixed version of NX-OS
3. Apply the priority-flow-control mode auto to all the previously affected interfaces.
Symptom : Users remotely authenticated by RADIUS or TACACS+ cannot login to the system after ISSU. Also, the aaa group configuration has a deadtime greater than the maximum of 1440 minutes, for example:
Conditions : This issue only occurs for RADIUS or TACACS+ server groups.
Workaround : To recover after this issue has occurred:
1. Use a local account to login then reestablish a connection to the aaa servers with the one of the following commands:
This must be done for all server addresses in the affected group.
2. Reconfigure the deadtime of the server group to a value within the range of 0 to 1440. After the deadtime is within range, it can be removed with the no deadtime command.
To prevent this issue before an upgrade, initialise the deadtime and save the config, then remove it and save the config again. For example, for TACACS+:
Symptom : Maximum FCIP throughput on the MDS 9250i is limited to less than line rate for 10 Gbps interfaces.
Condition : This issue only applies to 10 Gbps FCIP interfaces on the MDS 9250i platform.
Workaround : There is no workaround.
Symptom : The RSCN or ZONE service crashes with the following syslog message:
A Cisco MDS 9700 switch can incur a switchover, however in most cases, the crash occurs again before the standby is available and the dual supervisor switch will reload.
Condition : This issue occurs only when "port" format RSCNs are configured and an RSCN is sent on the relevant VSAN. RSCNs are sent, for example, after activating zoneset changes or a link changing state. Further, only the following platforms are affected:
This issue does not occur when RSCNs are sent with "fabric" format.
Workaround : Use the default RSCN address format by removing the following lines from the switch configuration:
no zone rscn address-format port vsan
Note that some end devices may not support receiving RSCNs in this format.
Further Problem Description: This wrong data is constructed by the zone server. It can corrupt its own heap while creating the payload to put into MTS.
The crash can be either in the zone server or RSCN. It is just which module runs into the issue first. The fix that went in is to prevent both.
Symptom : An FCSP-ESP enabled (encrypted) port that was working fails to come up after ISSU/ISSD followed by link flap.
Condition : This issue only affects FCSP encrypted ports on MDS 9700 DS-X9448-768K9 and MDS 9500 DS-X9248-256K9 and DS-X9232-256K9 switching modules after an ISSU or ISSD to an affected version of NX-OS.
Workaround : Only a switch reload will recover from this situation. The switch must be running a fixed release of NX-OS (NX-OS 6.2(11) or above) before the reload to prevent the issue from recurring after recovery.
None of the following steps alone will not recover the port functionality:
– Shut/no-shut the affected port.
– Reloading the affected linecard.
– Removing the FCSP configuration and re-configuring FCSP.
– Upgrading to NX-OS 6.2(11) or above.
Further Problem Description : The issue arises on affected version of NX-OS since these versions do not push the FCSP-ESP configuration to hardware. This results in a permanent FCSP-ESP configuration mismatch with the peer port. Hence the port will not come up.
Symptom : FCIP tunnels don't fully utilise the available TCP window size. This leads to underperforming FCIP tunnels that never achieve their configured bandwidth on higher latency links.When TCP send queue hits 2MB threshold, the FCIP tunnel is exerting flow control back to the FC ports utilizing the tunnel. This leads to Rx B2B credit depletion. You can see the current size of the send queue via the following command:
Condition : This issue applies when:
– NX-OS versions from 6.2(5) to 6.2(9c) inclusive, and
– the platform is an MDS 9500 or MDS 9222i, and
– latency on FCIP tunnel is high enough that a TCP window size greater than 2 MB is required
Workaround : Increase the number of FCIP tunnels.
Further Problem Description : The current TCP window size is displayed in the "Peer receive window" field of the show interface fcip command:
Symptom : An ISL connected over a DWDM path does not reach link up state.
Condition : This issue only applies to MDS 9700 DS-X9448-768K9 modules used with some DWDM vendors.
Symptom : An ISL does not initialize quickly across a DWDM connection. The link can take minutes, hours or even days to connect. Once connected, it is stable.
Condition : This issue only applies to DS-X9248-256K9 and DS-X9232-256K9 modules when connecting an ISL over a Tellabs 7100 DWDM path.
Symptom : Whenever we give the command to max-bandwidth-mbps in m9250i, although the maximum supported speed is 10Gig, it shows 1Gig as the maximum configurable bandwidth.
Condition : There is one condition when we have IPS port speed for m9250i speed set as 1Gig, then as of now, the user has to make sure he doesn't give the speed as 10Gig. Reason being it will show the 10Gig as max-bandwidth allowed even for 1Gig speed in m9250i. As of now, we don't have the intelligence in the cli to check for what speed the port speed is set to.
Hence when Port speed = 1Gig, we should give the value of max-bandwidth-mbps = 1Gig and not as 10Gig.
Workaround : There is no workaround.
Symptom : Callhome stops working and callhome tests fail.
Condition : Only destination profiles of full_txt are configured.
Workaround : To prevent from hitting this defect, configure an additional destination profile that is either short_txt or XML.
Symptom : MDS fabric switch running in NPV mode fails to generate port-monitor alerts.
Condition : Applies to all MDS fabric switches running in NPV mode using port-monitor.
Applies to all versions prior to NX-OS 6.2(13).
Will occur only in the following conditions:
- After one or more upstream NP or TNP ports goes down and then back up.
- For each (T)NP port that flaps, one F port at the end of the range of ports
will no longer be scanned for port-monitor counter events. For example, if the
(T)NP port fc1/1 flaps then the last F port being used(ex. fc1/48) will no
longer be scanned for port-monitor counter events.
Workaround : There are two workarounds, one temporary and one permanent:
1 - Contact the TAC and they can assist with killing the port-monitor process. Once the port-monitor process restarts, all ports will be once again scanned.
This is only temporary in the sense that if an upstream (T)NP port flaps again the problem will recur.
2 - Move the (T)NP ports to the end of the ports on the switch. For example, if there are four (T)NP uplinks on a MDS 9148 or MDS 9148S, then move them to fc1/45-fc1/48. Once this has been done the problem will not recur.
Symptom : This issue was originally seen on a FICON enabled 9513, while attempting an ISSU from 6.2(11c) to 6.2(11e). The fcd process experienced a hap reset due to heartbeat loss, and that resulted in the ISSU being aborted.
Condition : ISSU w/ FICON enabled. Specific triggers not known at the moment.
Workaround : We have created debug plugins to clear this problem. As of now the debug plugins are available for the following.
The documentation set for the Cisco MDS 9000 Series includes the documents listed in this section. To find a document online, access the following URL:
http://www.cisco.com/en/US/products/ps5989/tsd_products_support_series_home.html
The documentation set for Cisco Prime Data Center Network Manager is available from the following URL:
http://www.cisco.com/en/US/products/ps9369/tsd_products_support_series_home.html
For information on obtaining documentation, submitting a service request, and gathering additional information, see the monthly What’s New in Cisco Product Documentation, which also lists all new and revised Cisco technical documentation, at:
http://www.cisco.com/en/US/docs/general/whatsnew/whatsnew.html
Subscribe to the What’s New in Cisco Product Documentation as a Really Simple Syndication (RSS) feed and set content to be delivered directly to your desktop using a reader application. The RSS feeds are a free service and Cisco currently supports RSS version 2.0.