Cisco Nexus 1000V Switch for VMware vSphere

Table Of Contents

Cisco Nexus 1000V Release Notes, Release 4.2(1)SV2(1.1)

Contents

Introduction

Software Compatibility

Software Compatibility with VMware

Software Compatibility with Cisco Nexus 1000V

ISSU Upgrades

New and Changed Information

Changed Software Features

Installer Enhancements

New Software Features

Release Support

Cross Data Center High-availability

DHCP Enhancements

Enhanced Installer App

Enhanced Upgrade Process

Enhancement about the Headless Mode

Licensing Changes

Split-Brain Enhancements

Support for Cisco TrustSec

vCenter Plug-in

vTracker

Limitations and Restrictions

Configuration Limits

Single VMware Data Center Support

VMotion of VSM

Access Lists

NetFlow

Port Security

Port Profiles

Telnet Enabled by Default

SSH Support

Cisco NX-OS Commands Might Differ from Cisco IOS

Layer 2 Switching

No Spanning Tree Protocol

Cisco Discovery Protocol

DHCP Not Supported for the Management IP

LACP

DNS Resolution

Interfaces

Layer 3 VSG

VM Name Display Length Limitation

ISSU Upgrades

Copy Running-Config Startup-Config Command

Error Messages Appear During ESX 4.1.0 Server Bootup

Dynamic Entries Are Not Deleted For A Linux VM

Source Filter TX VLANs Are Missing After the VSM Restarts

Default SSH Inactive Session Timeout

Queueing Policy Cannot Be Changed In Flexible Upgrade Setup

Clear QoS Statistics Fails on the VSM

Caveats

Open Caveats

Platform, Infrastructure, Ports, Port Channel, and Port Profiles

Quality of Service

Features

VMware

Resolved Caveats

MIB Support

Related Documentation

Obtaining Documentation and Submitting a Service Request

Cisco Nexus 1000V Release Notes, Release 4.2(1)SV2(1.1)

---

Release Date: December 14, 2012

Part Number: OL-27749-01 CO
Current Release: NX-OS Release 4.2(1)SV2(1.1)

This document describes the features, limitations, and caveats for the Cisco Nexus 1000V Release 4.2(1)SV2(1.1) software. Use this document in combination with documents listed in the "Related Documentation" section. The following is the change history for this document.

Part Number	Revision	Date	Description
OL-27749-01	A0	October 02, 2012	Created release notes for Release 4.2(1)SV2(1.1). Added vCD 5.1 support.
OL-27749-01	B0	December 06, 2012	Added a note about a VEM upgrade when LACP is configured to the "Software Compatibility with VMware" section.
OL-27749-01	C0	December 14, 2012	Updated support limit for "Distributed Virtual Switches (DVS) per vCenter with VMware vCloud Director (vCD)" in Table 1 Configuration Limits for Cisco Nexus 1000V .

Contents

This document includes the following sections:

•Introduction

•Software Compatibility

•New and Changed Information

•Limitations and Restrictions

•Caveats

•MIB Support

•Related Documentation

•Obtaining Documentation and Submitting a Service Request, page 20

Introduction

The Cisco Nexus 1000V provides a distributed, Layer 2 virtual switch that extends across many virtualized hosts. The Cisco Nexus 1000V manages a data center defined by the vCenter Server. Each server in the data center is represented as a line card in the Cisco Nexus 1000V and can be managed as if it were a line card in a physical Cisco switch.

The Cisco Nexus 1000V consists of the following components:

•Virtual Supervisor Module (VSM), which contains the Cisco CLI, configuration, and high-level features.

•Virtual Ethernet Module (VEM), which acts as a line card and runs in each virtualized server to handle packet forwarding and other localized functions.

Software Compatibility

This section includes the following topics:

•Software Compatibility with VMware

•Software Compatibility with Cisco Nexus 1000V

Software Compatibility with VMware

The servers that run the Cisco Nexus 1000V VSM and VEM must be in the VMware Hardware Compatibility list. This release of the Cisco Nexus 1000V supports vSphere 4.1.0, 5.0.0, and 5.1.0 release trains. For additional compatibility information, see the Cisco Nexus 1000V Compatibility Information, Release 4.2(1)SV2(1.1).

---

Note When LACP is configured on the Cisco Nexus 1000V and the ESXi version is 4.1.0 or 5.1.0, a VEM upgrade to Cisco NX-OS Release 4.2(1)SV2.1(1) from any earlier release is not supported.

---

---

Note All virtual machine network adapter types that VMware vSphere supports are supported with the Cisco Nexus 1000V. Refer to the VMware documentation when choosing a network adapter. For more information, see the VMware Knowledge Base article #1001805.

---

Software Compatibility with Cisco Nexus 1000V

This release supports hitless upgrades from Release 4.0(4)SV1(3a) and later releases. Upgrades are supported from 4.0(4)SV1(3) and earlier releases. For additional information, see the Cisco Nexus 1000V Software Upgrade Guide, Release 4.2(1)SV2(1.1).

ISSU Upgrades

Performing an ISSU from Cisco Nexus 1000V Release 4.2(1)SV1(4a) or Release 4.2(1)SV1(4b) to Cisco Nexus 1000V Release 4.2(1)SV2(1.1) using ISO files is not supported. You must use kickstart and system files to perform an ISSU upgrade to Cisco Nexus 1000V Release 4.2(1)SV2(1.1).

New and Changed Information

This section provides the following information about Cisco Nexus 1000V Release 4.2(1)SV2(1.1):

•Changed Software Features

•New Software Features

Changed Software Features

The following software features were changed in Cisco Nexus 1000V Release 4.2(1)SV2(1.1):

•Installer Enhancements

Installer Enhancements

The Cisco Nexus 1000V Installer App is now a standalone Java application that can install the Cisco Nexus1000V VSM or VEM.

The Cisco Nexus 1000V Installer App supports a single pane for invoking the Cisco Nexus1000V VSM installer and VEM installer.

For more information, see the Cisco Nexus 1000V Installation and Upgrade Guide.

New Software Features

The following software features were added in Cisco Nexus 1000V Release 4.2(1)SV2(1.1):

•Release Support

•Cross Data Center High-availability

•DHCP Enhancements

•Enhanced Installer App

•Enhancement about the Headless Mode

•Licensing Changes

•Split-Brain Enhancements

•Support for Cisco TrustSec

•vCenter Plug-in

•vTracker

Release Support

This release supports VMware Release 5.1 and VMware vCloud Director 5.1.

Cross Data Center High-availability

This feature supports split Active and Standby Nexus 1000V Virtual Supervisor Modules (VSMs) across two data centers to implement cross-DC clusters and VM mobility while ensuring high availability.

DHCP Enhancements

Starting with Release 4.2(1)SV2(1.1), you can filter the traffic based on the source IP address only as opposed to filtering the traffic based on the IP-MAC Address pair. The Cisco Nexus 1000V ignores the MAC Address and validates only the source IP address of the traffic from the VMs. The new functionality is applicable to static bindings only, as in the case of dynamic bindings, a new MAC Address results in updating the dynamic binding on the Cisco Nexus 1000V.

To enable source IP based filtering on the Cisco Nexus 1000V switch, set the filter mode to ip filtering. The default filtering mode is ip-mac filtering.

Enhanced Installer App

This feature simplifies the entire installation process via a single pane of glass.

Enhanced Upgrade Process

Starting with Release 4.2(1)SV2(1.1), the upgrade process is simplified and flexible. You can schedule the upgrades on a per-host basis, enabling an incremental upgrade even during a short maintenance window.

Enhancement about the Headless Mode

If a VEM loses the connection to its VSM, the Vmotions to that particular VEM are blocked. The VEM shows up in the VCenter Server as having a degraded (yellow) status.

Licensing Changes

Starting with Release 4.2(1)SV2(1.1), a tier-based Licensing approach is adopted for the Cisco Nexus 1000V. The Cisco Nexus 1000V is shipped in two editions: Essential and Advanced. A new CLI command is provided to display the current switch edition and the other licensing information. In the two tier licensing model supported with Release 4.2(1)SV2(1.1), the software image is the same for both the editions. You can switch between the two editions at any time. The switch edition configuration is global. The entire switch (supervisor and all modules) is either in the Essential edition or the Advanced edition.

Essential Edition

When the Release 4.2(1)SV2(1.1) software is installed, the Essential edition is the default edition. When the switch is configured in the Essential edition, all the features (other than the advanced features) are available for free for unlimited time. No licenses are required to operate the Essential edition. The switch edition configuration is global and not per module. In Essential edition, all the modules are automatically licensed. Use the svs switch edition command to move the switch from the Essential edition to the Advanced edition and vice versa.

Advanced Edition

The switch will come up in the Advanced Edition when it is upgraded from a pre-4.2(1)SV2(1.1 release. When the license expires, the switch will not move from the Advanced edition to the Essential Edition automatically. You must use svs switch editon CLI command to downgrade to the Essential edition.The licenses are required only when the switch edition is configured as the Advanced edition.

The following features are available as advanced features that require licenses:

•Cisco TrustSec feature

•DHCP Snooping

•Dynamic ARP Inspection

•IP Source Guard

Use the feature cts command to configure the TrustSec feature on the Cisco Nexus 1000V switch. Enable DHCP Snooping, Dynamic ARP Inspection, and IP Source Guard features on the Cisco Nexus 1000V switch using the feature dhcp command. Refer to the Cisco Nexus 1000V License Configuration Guide for more information on licensing.

Split-Brain Enhancements

The high availability mechanism on Cisco Nexus 1000V is enhanced to select the VSM to be rebooted during the split-brain resolution. The following parameters are used to select the VSM in order of their precedence:

•Module count: The number of modules attached to the VSM.

•vCenter status: The vCenter connectivity status.

•Last configuration time: The time when the last configuration is done on the VSM.

•Last active time: The time when the VSM becomes active.

When a VSM is rebooted, the accounting logs that are stored on the VSM are lost. Starting with Release 4.2(1)SV2(1.1), new CLI commands are supported to display the accounting logs that were backed up during the split-brain resolution. You can also check the redundancy traces that are stored on the local and remote VSMs. Refer to the Cisco Nexus 1000V High Availability Configuration Guide for more information.

Support for Cisco TrustSec

The Cisco TrustSec security architecture builds secure networks by establishing clouds of trusted network devices. Each device in the cloud is authenticated by its neighbors. Communication on the links between devices in the cloud is secured with a combination of encryption, message integrity checks, and data-path replay protection mechanisms. Cisco TrustSec also uses the device and user identification information acquired during authentication for classifying, or coloring, the packets as they enter the network. This packet classification is maintained by tagging packets on ingress to the Cisco TrustSec network so that they can be properly identified for the purpose of applying security and other policy criteria along the data path. The tag, also called the Security Group Tag (SGT), allows the network to enforce the access control policy by enabling the endpoint device to act upon the SGT to filter traffic.

vCenter Plug-in

This feature provides a networking view to the server administrators of the virtual network from within VMware vCenter.

vTracker

This feature offers the VM-level and the host-level visibility to the network administrators into the virtual and the physical networks, for example, VM name and vMotion events.

Limitations and Restrictions

The Cisco Nexus 1000V has the following limitations and restrictions:

•Configuration Limits

•Single VMware Data Center Support

•VMotion of VSM

•Access Lists

•NetFlow

•Port Security

•Port Profiles

•Telnet Enabled by Default

•SSH Support

•Cisco NX-OS Commands Might Differ from Cisco IOS

•Layer 2 Switching

•Cisco Discovery Protocol

•DHCP Not Supported for the Management IP

•LACP

•DNS Resolution

•Interfaces

•Layer 3 VSG

•VM Name Display Length Limitation

•ISSU Upgrades

•Copy Running-Config Startup-Config Command

•Error Messages Appear During ESX 4.1.0 Server Bootup

•Dynamic Entries Are Not Deleted For A Linux VM

•Source Filter TX VLANs Are Missing After the VSM Restarts

•Default SSH Inactive Session Timeout

•Queueing Policy Cannot Be Changed In Flexible Upgrade Setup

•Clear QoS Statistics Fails on the VSM

Configuration Limits

Table 1 shows the Cisco Nexus 1000V configuration limits:

Table 1 Configuration Limits for Cisco Nexus 1000V  

Component	Supported Limits for a Single Cisco Nexus 1000V Deployment Spanning up to 2 Physical Data Centers
Maximum Modules	66
Virtual Ethernet Module (VEM)	64
Virtual Supervisor Module (VSM)	The VSMs can be placed in different physical data centers. Note that the previous restrictions requiring the active-standby VSMs in a single physical data center do not apply anymore.
Hosts	64
Active VLANs or VXLANs across all VEMs	2048 (any combination of VLANs and VXLANs)
MACs per VEM	32000
MACs per VLAN per VEM	4000
vEthernet interfaces per port profile	1024
PVLAN	512
Distributed Virtual Switches (DVS) per vCenter with VMware vCloud Director (vCD)	32
Distributed Virtual Switches (DVS) per vCenter without VMware vCloud Director (vCD)	32
vCenter Server connections	1 per VSM HA Pair1
Maximum latency between VSMs and VEMs	100ms
	Per DVS	Per Host
Virtual Service Domains (VSDs)	64	6
VSD interfaces	2048	216
vEthernet interfaces	2048	216
Port profiles	2048	—
System port profiles	32	32
Port channel	256	8
Physical trunks	512	—
Physical NICs	—	32
vEthernet trunks	256	8
ACL	128	162
ACEs per ACL	128	1282
ACL instances	2048	256
NetFlow policies	32	8
NetFlow instances	256	32
SPAN/ERSPAN sessions	64	64
QoS policy map	128	128
QoS class map	1024	1024
QoS instances	2048	256
Port security	2048	216
MultiCast groups	512	512

1 Only one connection to vCenter server is permitted at a time. 2 This number can be exceeded if VEM has available memory.

Single VMware Data Center Support

The Cisco Nexus 1000V can be connected to a single VMware vCenter Server datacenter object. Note that this virtual datacenter can span across multiple physical data centers.

VMotion of VSM

VMotion of the VSM has the following limitations and restrictions:

•VMotion of a VSM is supported for both the active and standby VSM VMs. For high availability, we recommend that the active VSM and standby VSM reside on separate hosts.

•If you enable Distributed Resource Scheduler (DRS), you must use the VMware anti-affinity rules to ensure that the two virtual machines are never on the same host, and that a host failure cannot result in the loss of both the active and standby VSM.

•VMware VMotion does not complete when using an open virtual appliance (OVA) VSM deployment if the CD image is still mounted. To complete the VMotion, either click Edit Settings on the VM to disconnect the mounted CD image, or power off the VM. No functional impact results from this limitation.

•If you are adding one host in a DRS cluster that is using vSwitch to a VSM, you must move the remaining hosts in the DRS cluster to the VSM. Otherwise, the DRS logic does not work, the VMs that are deployed on the VEM could be moved to a host in the cluster that does not have a VEM, and the VMs lose network connectivity.

For more information about VMotion of VSM, see the Cisco Nexus 1000V Software Installation Guide, Release 4.2(1)SV2(1.1).

Access Lists

ACLs have the following limitations and restrictions:

Limitations:

•IPV6 ACL rules are not supported.

•VLAN-based ACLs (VACLs) are not supported.

•ACLs are not supported on port channels.

Restrictions:

•IP ACL rules do not support the following:

–fragments option

–addressgroup option

–portgroup option

–interface ranges

•Control VLAN traffic between the VSM and VEM does not go through ACL processing.

NetFlow

The NetFlow configuration has the following support, limitations, and restrictions:

•Layer 2 match fields are not supported.

•NetFlow Sampler is not supported.

•NetFlow Exporter format V9 is supported

•NetFlow Exporter format V5 is not supported.

•The multicast traffic type is not supported. Cache entries are created for multicast packets, but the packet/byte count does not reflect replicated packets.

•NetFlow is not supported on port channels.

The NetFlow cache table has the following limitation:

•Immediate and permanent cache types are not supported.

---

Note The cache size that is configured using the CLI defines the number of entries, not the size in bytes. The configured entries are allocated for each processor in the ESX host and the total memory allocated depends on the number of processors.

---

Port Security

Port security has the following support, limitations, and restrictions:

•Port security is enabled globally by default.
The feature/no feature port-security command is not supported.

•In response to a security violation, you can shut down the port.

•The port security violation actions that are supported on a secure port are Shutdown and Protect. The Restrict violation action is not supported.

•Port security is not supported on the PVLAN promiscuous ports.

Port Profiles

Port profiles have the following restrictions or limitations:

•There is a limit of 255 characters in a port-profile command attribute.

•We recommend that you save the configuration across reboots, which will shorten the VSM bringup time.

•We recommend that if you are altering or removing a port channel, you should migrate the interfaces that inherit the port channel port profile to a port profile with the desired configuration, rather than editing the original port channel port profile directly.

•If you attempt to remove a port profile that is in use, that is, one that has already been auto-assigned to an interface, the Cisco Nexus 1000V generates an error message and does not allow the removal.

•When you remove a port profile that is mapped to a VMware port group, the associated port group and settings within the vCenter Server are also removed.

•Policy names are not checked against the policy database when ACL/NetFlow policies are applied through the port profile. It is possible to apply a nonexistent policy.

Telnet Enabled by Default

The Telnet server is enabled by default.

For more information about Telnet, see the Cisco Nexus 1000V Security Configuration Guide, Release 4.2(1)SV2(1.1).

SSH Support

Only SSH version 2 (SSHv2) is supported.

For more information, see the Cisco Nexus 1000V Security Configuration Guide, Release 4.2(1)SV2(1.1).

Cisco NX-OS Commands Might Differ from Cisco IOS

Be aware that the Cisco NX-OS CLI commands and modes might differ from those commands and modes used in the Cisco IOS software.

For information about CLI commands, see the Cisco Nexus 1000V Command Reference, Release 4.2(1)SV2(1.1).

Layer 2 Switching

This section lists the Layer 2 switching limitations and restrictions and includes the following topics:

•No Spanning Tree Protocol

For more information about Layer 2 switching, see the Cisco Nexus 1000V Layer 2 Switching Configuration Guide, Release 4.2(1)SV2(1.1).

No Spanning Tree Protocol

The Cisco Nexus 1000V forwarding logic is designed to prevent network loops so it does not need to use the Spanning Tree Protocol. Packets that are received from the network on any link connecting the host to the network are not forwarded back to the network by the Cisco Nexus 1000V.

Cisco Discovery Protocol

The Cisco Discovery Protocol (CDP) is enabled globally by default.

CDP runs on all Cisco-manufactured equipment over the data link layer and does the following:

•Advertises information to all attached Cisco devices.

•Discovers and views information about those Cisco devices.

–CDP can discover up to 256 neighbors per port if the port is connected to a hub with 256 connections.

If you disable CDP globally, CDP is also disabled for all interfaces.

For more information about CDP, see the Cisco Nexus 1000V System Management Configuration Guide, Release 4.2(1)SV2(1.1).

DHCP Not Supported for the Management IP

DHCP is not supported for the management IP. The management IP must be configured statically.

LACP

The Link Aggregation Control Protocol (LACP) is an IEEE standard protocol that aggregates Ethernet links into an EtherChannel.

The Cisco Nexus 1000V has the following restrictions for enabling LACP on ports carrying the control and packet VLANs:

---

Note These restrictions do not apply to other data ports using LACP.

---

•If LACP offload is disabled, at least two ports must be configured as part of LACP channel.

---

Note This restriction is not applicable if LACP offload is enabled. You can check the LACP offload status by using the show lacp offload status command.

---

•The upstream switch ports must be configured in spanning-tree port type edge trunk mode.

Without spanning-tree PortFast on upstream switch ports, it takes approximately 30 seconds to recover these ports on the upstream switch. Because these ports are carrying control and packet VLANs, the VSM loses connectivity to the VEM.

The following commands are available to use on Cisco upstream switch ports in interface configuration mode:

–spanning-tree portfast

–spanning-tree portfast trunk

–spanning-tree portfast edge trunk

DNS Resolution

The Cisco Nexus 1010 (1000V) cannot resolve a domain name or hostname to an IP address.

Interfaces

When the maximum transmission unit (MTU) is configured on an operationally up interface, the interface goes down and comes back up.

Layer 3 VSG

When a VEM communicates with Cisco VSG in Layer 3 mode, an additional header with 94 bytes is added to the original packet. You must set the MTU to a minimum of 1594 bytes to accommodate this extra header for any network interface through which the traffic passes between the Cisco Nexus 1000V and the Cisco VSG. These interfaces can include the uplink port profile, the proxy ARP router, or a virtual switch.

VM Name Display Length Limitation

VM names for VMs on ESX 4.1 hosts that exceed 21 characters are not displayed properly on the VSM. When you use a show vservice command that displays the port profile name, for example, the show vservice port brief port-profile port-profile-name command, only VMs with names that are 21 characters or less are displayed correctly. Longer VM names may cause the VM name to be truncated, or extra characters to be appended to the VM name. Depending on the network adapter, the name length limitation may vary. For example:

•The E1000 or VMXNET 2 network adapters allow 26-character names. At 27 characters, the word `.eth' is appended to the VM name. With each addition to the VM name, a character is truncated from the word `.eth'. After 31 characters, the VM name is truncated.

•The VMXNET 3 network adapters allow 21-character names. At 22 characters, the word `  ethernet' is appended to the VM name. With each addition to the VM name, a character is truncated from the word `  ethernet'. After 30 characters, the VM name is truncated.

Workaround: This is a display issue with ESX Release 4.1 only. Use VM names of 21 characters or less to avoid this issue.

ISSU Upgrades

Performing an ISSU from Cisco Nexus 1000V Release 4.2(1)SV1(4) or Release 4.2(1)SV1(4a) to Cisco Nexus 1000V Release 4.2(1)SV2(1.1) using the ISO files is not supported. You must use the kickstart and the system files to perform an ISSU upgrade to Cisco Nexus 1000V Release 4.2(1)SV2(1.1).

Copy Running-Config Startup-Config Command

When running the copy running-config startup-config command, do not press the PrtScn key. If you do, the command will abort.

Error Messages Appear During ESX 4.1.0 Server Bootup

Vssnet-load error messages can occur during a classic ESX 4.1.0 server bootup or restart when the VEM is already installed. The issue occurs while booting up because the path environment variable is not set up properly, and the system is not able to identify the VMware command. After the system boots up, it is set up correctly and so is the ESX 4.10 system. There is no functional impact of the error messages and they can be ignored.

Dynamic Entries Are Not Deleted For A Linux VM

On a Linux VM that has multiple adapters, a DHCP release packet is sent from an incorrect interface (because of OS functionality) and the DHCP release packet is dropped. As a result, the binding entry is not deleted. This issue is a Linux issue where the packets from all interfaces go out of one interface (which is the default interface). To avoid this issue, put the interfaces in different subnets and make sure that the default gateways for each interface is set.

Source Filter TX VLANs Are Missing After the VSM Restarts

When a SPAN (erspan-source) session is created and the source interface is configured as a port channel and PVLAN Promiscuous access is programmed, the filter RX is not configured and the configured programmed filter TX is not persistent on VSM reload.

To work around this issue, configure all the primary and secondary VLANs as filter VLANs while using the port channel with PVLAN Promiscuous access as the source interface.

Default SSH Inactive Session Timeout

The default SSH inactive session timeout is 30 minutes, but the timeout setting is disabled by default, so the connection remains active. The exec-timeout command can be used to explicitly configure the inactive session timeout limit.

Queueing Policy Cannot Be Changed In Flexible Upgrade Setup

Queuing is valid starting from Cisco NX-OS Release 4.2(1)SV1(51). Any queueing configuration that exists on the VSM in an earlier release will stop working. All port profiles that have a queueing configuration cannot be used. If a port is down, it should be moved to a profile without QoS queueing.

Clear QoS Statistics Fails on the VSM

When a policy-map, of type queuing, having a class-map of type "match-any" without any match criteria, is applied on an interface, a resource pool is not created for that specific class ID. As a result, the collection of statistics fails and no data is sent back to the VSM. To work around this issue, add a match criteria on the empty class map.

Caveats

This section includes the following topics:

•Open Caveats

•Resolved Caveats

Open Caveats

The following are descriptions of the caveats in Cisco Nexus 1000V Release 4.2(1)SV2(1.1). The ID links you into the Cisco Bug Toolkit.

The caveats are listed in the following categories:

•Platform, Infrastructure, Ports, Port Channel, and Port Profiles

•Quality of Service

•Features

•VMware

Platform, Infrastructure, Ports, Port Channel, and Port Profiles

	ID	Open Caveat Headline
1.	CSCti39155	Need to send traffic from the destination VM to learn the vns-binding.
2.	CSCti85986	The Cisco Nexus 1000V cannot support more than 245 ports (physical and virtual) per VEM.
3.	CSCti98977	Not able to migrate VC/VSM and normal VM when adding host to DVS.
4.	CSCtj70071	SNMP V3 traps are not getting generated.
5.	CSCtn62514	LACP offload configuration is not persisting in stateless mode.
6.	CSCtq04886	Eth_port_sec crash occurs during migration in VC with interface override in VSM.
7.	CSCtq92519	CDP does not work for certain NIC cards without VLAN 1 allowed.
8.	CSCtr34519	Continuous SNMP polling causes high CPU usage.
9.	CSCtr36181	Integrate Apache with netstack.
10.	CSCtr55311	Legacy LACP takes 30 minutes to come up after a link flap.
11.	CSCts24105	The load-interval counter command configuration is not working.
12.	CSCts50066	Post module flap violated port is secured and the secured port is violated.
13.	CSCtt07479	A port profile configured with the port-binding static auto command reserves more than the default ports.
14.	CSCtt17073	A port profile via VCD fails when done immediately after a switchover.
15.	CSCtt24735	Editing a port profile fails with the error message "ERROR: unknown error."
16.	CSCtt40944	In a PVLAN, all mappings are removed when a single mapping is removed.
17.	CSCtz04587	Reloading the VSM takes 12 minutes for modules to come online and vEthernet interfaces to come up
18.	CSCtu10144	A virtual Ethernet interface as trunk has pinning issue in MN ESX hosts.
19.	CSCtu17512	The Cisco Nexus 1000V to vShield Manager connection is down after release of VCD, DB, VSM. Note Only applicable with VMware vCloud Director 1.5.1 and vShield Manager 5.0.1.
20.	CSCtw93579	Active VSMs CPU utilization is more than 50% when there are 512 groups.
21.	CSCtw96064	The show tech-support dvs command does not have output related to DHCP snooping.
22.	CSCtx06864	A native VLAN configured on the interface port channel is not programmed on the VEM.
23.	CSCtx30435	After upgrading the VEM to Cisco NX-OS Release 4.2(1)SV1(5.1), two Cisco VIBs are installed.
24.	CSCty59712	If you add a primary PVLAN as the SPAN/ERSPAN source, its promiscuous trunk members are not added to the SPAN session.
25.	CSCua00940	PPM does not perform configuration checks when you configure a PVLAN in an offline port-profile mode.
26.	CSCua02145	"SYSMGR_EXITCODE_FAILURE_NOCALLHOME" error message received while upgrading with ISO images from Release 4.2(1)SV1(4) or 4.2(1)SV1(4a) to Release 4.2(1)SV1(5.2).
27.	CSCua06287	Incorrect mapping for ethernet port profile with PVLAN configuration is displayed in the running configuration.
28.	CSCua11227	Cannot copy the running configuration from the TFTP server to the current running configuration.
29.	CSCua12342	A Link Aggregation Control Protocol (LACP) port channel member port goes to the suspended state when the port is newly added to the LACP port channel, or the port is removed and re-added to the LACP port channel.
30.	CSCua12592	Password validity is not checked when installing a VSM using an OVA installation.
31.	CSCua16092	If you add a PVLAN promiscuous trunk port channel or Ethernet interface as the SPAN/ERSPAN source, some of the VLANs allowed on the port might not be spanned.
32.	CSCua30287	An error occurs while trying to override the PVLAN mapping in the child port profile.
33.	CSCua59482	Traffic is being redirected to the incorrect VSG.
34.	CSCua73549	Modules are not reattached after a VMKnic MAC address change in Layer 3 mode.
35.	CSCub23161	VCD does not display relevant error descriptions for error codes.
36.	CSCub25986	NSM should fix the Cisco Nexus 1000V feature limitation issue.
37.	CSCub33444	Powering up a single VM configures all vApp networks.
38.	CSCub69289	Veths mapped to the port profiles are not counted in the show resource-availability monitor command.
39.	CSCub79332	The server IP address becomes 0.0.0.0 for a MN stateless host.
40.	CSCub90212	SPAN sources are deleted on the VEM output while adding the source interfaces. Duplicated by CSCtz82836.
41.	CSCuc58678	The installer displays an error when a host with multiple VMKnics in the same VLAN is migrated.
42.	CSCuc49513	The show processes cpu history command output has the graphing backwards.
43.	CSCuc63801	Traffic loss occurs after the VSM reloads if PSEC is restricted and the DSM bit is set.

Quality of Service

	ID	Open Caveat Headline
1.	CSCtl00949	Configuring child with no service policy command is causing inherit to fail.
2.	CSCtq34938	Applying policy fails sharing ACL between two class-maps of same policy.
3.	CSCtu36119	QoS marking limitation in VCD environment.

Features

	ID	Open Caveat Headline
1.	CSCtk65252	PSEC with multiple MAC addresses and PVLAN not supported.
2.	CSCtl04632	Port migration with switchover causing ports to go to "No port-profile."
3.	CSCtq89961	Snooping does not get applied on sec VLANs if executed in different order
4.	CSCtr06833	Split brain causes pending ACL/QoS transactions into err-disabled.
5.	CSCtr09746	Interface configuration fails when veths are nonparticipating due to unreachable module.
6.	CSCub44964	A RADIUS AAA error occurs when feature CTS is enabled and there is a switchover.

VMware

	ID	Open Caveat Headline
1.	CSCti34737	Removing host with Intel Oplin from DVS causes all ports to reset.
2.	CSCtk02322	After an ESX host exception, the port group configuration on PNIC is changed.
3.	CSCtk07337	Fully qualified domain name/user with port-profile visibility fails.
4.	CSCtk10837	Port-profile visibility feature is not able to update permissions.
5.	CSCtk53802	Improper sync with vCenter when port-profile names have special characters.
6.	CSCts80394	A VEM upgrade fails when the scratch space is a network file system.
7.	CSCtt00444	After unregistering Cisco Nexus 1000V on Vshield, the alert timer runs.
8.	CSCty78076	VEM upgrade error occurs when using VMware Update Manager.
9.	CSCua30356	An existing vAPP cannot be powered down, and a new vAPP cannot be deployed.
10.	CSCua40492	When the VEM is disconnected from the VSM (headless mode), the maximum number of vEthernet interfaces limit cannot be connected.
11.	CSCua48997	When VIBs are removed from ESX 4.1 hosts in maintenance mode, the hosts return to maintenance mode after reboot.
12.	CSCua78262	The incorrect release description name and release note URL is displayed with the ESX/ESXi 4.1.0 offline bundle.
13.	CSCub56123	Wrong message for VC user id and Password.
14.	CSCub90212	Span sources gets deleted on VEM output while adding source intfs.
15.	CSCuc71793	Ports go to error disabled state during ACL or QoS Commit Errors.
16.	CSCuc75398	App fail power on with insufficient resource error.
17.	CSCuc80063	IGMP process failing to read PVLAN association.

Resolved Caveats

The following are descriptions of caveats that were resolved in Cisco Nexus 1000V Release 4.2(1)SV2(1.1). The ID links you into the Cisco Bug Toolkit.

	ID	Resolved Caveat Headline
1.	CSCtq34432	The service-policy command leaks to veth-no service-policy command with the wrong policy name.
2.	CSCtq34977	Interface in "NoPortProfile" state on mode changes from LACP to MAC pinning.
3.	CSCtw50899	Nsmgr pss state and port profiles state after the write erase command.
4.	CSCtw56889	Cisco Nexus 1000V does not recompute the UDP checksum when option 82 is inserted.
5.	CSCtw69713	A module does not come up if the lowest numbered vmnic on Cisco Nexus 1000V is down.
6.	CSCtw72196	Queues are not created when adding a class map in a policy map that has no cl.
7.	CSCtx02138	ERSPAN supports an MTU larger than 1500 bytes.
8.	CSCtx03892	A migration to Cisco Nexus 1000V multicast with 224.0.0.1 address stopped working.
9.	CSCtx32992	Multicast drops count as vEth output drops.
10.	CSCtx39449	Module flaps and disconnection of svs connection observed.
11.	CSCtx41516	Disable the snmp trap link-status command on a vEthernet interface.
12.	CSCtz12186	The show http-server command does not show the status of http and https.
13.	CSCtz57199	N1K port-channel loadbalance is not consistent on VEM.
14.	CSCua92452	A VMware critical failure is seen when unloading VEM modules during VEM Upgrade with VEM having L3 vmknic Control Interface with QoS and ACL configurations.
15.	CSCua95040	There is an issue with PVLAN Promiscuous (access) PC and SPAN.
16.	CSCub22714	NSMGR-network create failed with error.
17.	CSCub36957	The VEM does not send a heartbeat when processing a large amount of Layer 2 broadcasts.

MIB Support

The Cisco Management Information Base (MIB) list includes Cisco proprietary MIBs and many other Internet Engineering Task Force (IETF) standard MIBs. These standard MIBs are defined in Requests for Comments (RFCs). To find specific MIB information, you must examine the Cisco proprietary MIB structure and related IETF-standard MIBs supported by the Cisco Nexus 1000V Series switch.

The MIB Support List is available at the following FTP site:

ftp://ftp.cisco.com/pub/mibs/supportlists/nexus1000v/Nexus1000VMIBSupportList.html

Related Documentation

This section lists the documents used with the Cisco Nexus 1000V and available on Cisco.com at the following URL:

http://www.cisco.com/en/US/products/ps9902/tsd_products_support_series_home.html

General Information

Cisco Nexus 1000V Documentation Roadmap

Cisco Nexus 1000V Release Notes

Cisco Nexus 1000V Compatibility Information

Install and Upgrade

Cisco Nexus 1000V Installation and Upgrade Guide

Configuration Guides

Cisco Nexus 1000V High Availability and Redundancy Configuration Guide

Cisco Nexus 1000V Interface Configuration Guide

Cisco Nexus 1000V Layer 2 Switching Configuration Guide

Cisco Nexus 1000V License Configuration Guide

Cisco Nexus 1000V Network Segmentation Manager Configuration Guide

Cisco Nexus 1000V Port Profile Configuration Guide

Cisco Nexus 1000V Quality of Service Configuration Guide

Cisco Nexus 1000V Security Configuration Guide

Cisco Nexus 1000V System Management Configuration Guide

Cisco Nexus 1000V vCenter Plugin Configuration Guide

Cisco Nexus 1000V VXLAN Configuration Guide

Cisco Nexus 1000V vCenter Plugin Configuration Guide

Programming Guide

Cisco Nexus 1000V XML API User Guide

Reference Guides

Cisco Nexus 1000V Command Reference

Cisco Nexus 1000V MIB Quick Reference

Cisco Nexus 1000V Resource Availability Reference

Troubleshooting and

Cisco Nexus 1000V Troubleshooting Guide

Cisco Nexus 1000V Password Recovery Guide

Cisco NX-OS System Messages Reference

Virtual Services Appliance Documentation

The Cisco Nexus Virtual Services Appliance (VSA) documentation is available at

http://www.cisco.com/en/US/products/ps9902/tsd_products_support_series_home.html

Virtual Security Gateway Documentation

The Cisco Virtual Security Gateway documentation is available at http://www.cisco.com/en/US/products/ps11208/tsd_products_support_model_home.html

Virtual Network Management Center

The Cisco Virtual Network Management Center documentation is available at

http://www.cisco.com/en/US/products/ps11213/tsd_products_support_series_home.html

Virtual Wide Area Application Services (vWAAS)

The Virtual Wide Area Application Services documentation is available at

http://www.cisco.com/en/US/products/ps6870/tsd_products_support_series_home.html

ASA 1000V Cloud Firewall

The ASA 1000V Cloud Firewall documentation is available at

http://www.cisco.com/en/US/products/ps12233/tsd_products_support_series_home.html

Obtaining Documentation and Submitting a Service Request

For information on obtaining documentation, submitting a service request, and gathering additional information, see the monthly What's New in Cisco Product Documentation, which also lists all new and revised Cisco technical documentation, at:

http://www.cisco.com/en/US/docs/general/whatsnew/whatsnew.html

Subscribe to the What's New in Cisco Product Documentation as a Really Simple Syndication (RSS) feed and set content to be delivered directly to your desktop using a reader application. The RSS feeds are a free service and Cisco currently supports RSS Version 2.0.

This document is to be used in conjunction with the documents listed in the "Related Documentation" section.

Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this URL: www.cisco.com/go/trademarks. Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1110R)

Internet Protocol (IP) addresses used in this document are for illustration only. Examples, command display output, and figures are for illustration only. If an actual IP address appears in this document, it is coincidental.

© 2012 Cisco Systems, Inc. All rights reserved.