 Feedback
|
Table Of Contents
Cisco Nexus 7000 Series NX-OS Release Notes, Release 6.1
Integrating F2 Series Modules Into a Cisco Nexus 7000 Series System
Migrating to M2 Series Modules
Upgrade/Downgrade Paths and Caveats
Supported Upgrade and Downgrade Paths
New Hardware in Cisco NX-OS Release 6.1(1)
New Hardware in Cisco NX-OS Release 6.1(2)
New Hardware in Cisco NX-OS Release 6.1(3)
New Hardware in Cisco NX-OS Release 6.1(4)
Cisco NX-OS Release 6.1(1) Software Features
Cisco NX-OS Release 6.1(2) Software Features
DCSP-to-Queue on the Enhanced F2 Series Modules
vPC+ For Cisco Nexus 2000 Fabric Extender Server Ports
FabricPath on F2 Series Modules
Cisco NX-OS Release 6.1(3) Software Features
Four Queue Support for F2 Series Modules
Improved Load Balancing and Traffic Distribution Across Port-Channel Member Links
Deny ACE Support for VACL, PBR, and QoS
Minimum Links on the FEX Fabric Port Channel
PowerOn Auto Provisioning Template Script
New Cisco MAC Address for BPDUs Sent on vPCs
FabricPath Port-Channel Limit Command for vPC+
Cisco NX-OS Release 6.1(4) Software Features
Fabric Module Migration Errors
Proxy Limitation for the N7K-F132XP-15 Module
SVI Statistics on an F2 Series Module
Standby Supervisor Can Reset with Feature-Set Operation
Unfair Traffic Distribution for Flood Traffic
BFD Not Supported on the MTI Interface
Open Caveats—Cisco NX-OS Release 6.1
Resolved Caveats—Cisco NX-OS Release 6.1(4)
Resolved Caveats—Cisco NX-OS Release 6.1(3)
Resolved Caveats—Cisco NX-OS Release 6.1(2)
Resolved Caveats—Cisco NX-OS Release 6.1(1)
Obtaining Documentation and Submitting a Service Request
Cisco Nexus 7000 Series NX-OS Release Notes, Release 6.1
Date: May 17, 2013Part Number: OL-26854-04
Current Release: 6.1(4)
This document describes the features, caveats, and limitations for Cisco NX-OS software for use on the Cisco Nexus 7000 Series devices. Use this document in combination with documents listed in the "Related Documentation" section.
Note
Release notes are sometimes updated with new information about restrictions and caveats. See the following website for the most recent version of the Cisco Nexus 7000 Series NX-OS Release Notes, Release 6.x Release Notes:
http://www.cisco.com/en/US/products/ps9402/prod_release_notes_list.html
Table 1 shows the online change history for this document.
Table 1 Online History Change
OL-26854-01
A0
August 10, 2012
Created release notes for Release 6.1(1).
B0
September 21, 2012
Updated Table 6, Supported ISSU and ISSD Paths.
OL-26854-02
A0
October 26, 2012
Created release notes for Release 6.1(2).
B0
October 31, 2012
Moved CSCub96561 to the "Open Caveats—Cisco NX-OS Release 6.1" section.
C0
November 5, 2012
Added information about the Enhanced F2 Series modules.
D0
November 19, 2012
Added a footnote to Table 6 and Table 7 about an IPFIB errors caveat in the "Upgrade or Downgrade Caveats" section.
E0
November 20, 2012
Removed caveat CSCuc63099.
OL-26854-03
A0
February 23, 2013
Created release notes for Release 6.1(3).
B0
February 25, 2012
Added CSCuc86223 to the "Resolved Caveats—Cisco NX-OS Release 6.1(3)" section.
C0
February 28, 2013
Updated the description of the Result Bundle Hash Load Balancing and Distribution feature in the "Cisco NX-OS Release 6.1(3) Software Features" section.
D0
March 12, 2013
Added CSCud48236 to the "Resolved Caveats—Cisco NX-OS Release 6.1(3)" section.
E0
March 28, 2013
•
•
•
F0
April 11, 2013
•
OL-26854-04
A0
May 17, 2013
Created release notes for Release 6.1(4).
Contents
This document includes the following sections:
•
•
•
Introduction
The Cisco NX-OS software for the Cisco Nexus 7000 Series devices fulfills the routing, switching, and storage networking requirements of data centers and provides an Extensible Markup Language (XML) interface and a command-line interface (CLI) similar to Cisco IOS software.
System Requirements
This section includes the following topics:
•
Memory Requirements
Note
Cisco NX-OS software may require 8 GB of memory, depending on the software version you use and the software features you enable.
An 8 GB supervisor memory upgrade kit, N7K-SUP1-8GBUPG=, allows for growth in the features and capabilities that can be delivered in existing Cisco Nexus 7000 Series Supervisor 1 modules. The memory upgrade kit is supported on Cisco Nexus 7000 Series systems running Cisco NX-OS Release 5.1 or later releases. Instructions for upgrading to the new memory are available in the "Upgrading Memory for Supervisor Modules" section of the Cisco Nexus 7000 Series Hardware Installation and Reference Guide.
The following guidelines can help you determine whether or not to upgrade an existing supervisor module:
•
Nexus-7000# show system resourcesLoad average: 1 minute: 0.47 5 minutes: 0.24 15 minutes: 0.15Processes : 959 total, 1 runningCPU states : 3.0% user, 3.5% kernel, 93.5% idleMemory usage: 4115776K total, 2793428K used, 1322348K free <-------------•
For additional guidance about whether or not to upgrade a supervisor module to 8 GB of memory, see Figure 1.
Figure 1 Supervisor Memory Upgrade Decision Flowchart
When you insert a supervisor module into a Cisco Nexus 7000 Series switch running Cisco NX-OS Release 5.1(x) or a later release, be aware that one of the following syslog messages will display, depending on the software version and the amount of memory for the supervisor module:
•
2010 Dec 3 00:05:37 switch %$ VDC-1 %$ %SYSMGR-2-SUP_POWERDOWN: Supervisor in slot 10 is running with less memory than active supervisor in slot 9In this situation, you have the option to upgrade the memory in the 4-GB supervisor or shut down the system and remove the extra memory from the 8-GB supervisor.•
2010 Dec 1 23:32:08 switch %SYSMGR-4-ACTIVE_LOWER_MEM_THAN_STANDBY: Active supervisor in slot 5 is running with less memory than standby supervisor in slot 6.In this situation, you have the option to remove the extra memory or do a switchover and upgrade the memory in the 4-GB supervisor.
Supported Device Hardware
The Cisco NX-OS software supports the Cisco Nexus 7000 Series chassis. You can find detailed information about supported hardware in the Cisco Nexus 7000 Series Hardware Installation and Reference Guide.
Table 2 shows the hardware supported by Cisco NX-OS Release, 6 x, Release 5.x and Release 4.x software.
Table 3 shows the FEX modules supported by Cisco Nexus 7000 Series I/O modules.
Table 4 shows the transceiver devices supported by each release.
For a list of minimum recommended Cisco NX-OS software releases for use with Cisco Nexus 7000 Series devices, see the document Minimum Recommended Cisco NX-OS Releases for Cisco Nexus 7000 Series Switches.
Table 2 Hardware Supported by Cisco NX-OS Software Releases
N7K-C7004
Cisco Nexus 7004 chassis
6.1(2)
N7K-C7009
Cisco Nexus 7009 chassis
5.2(1)
N7K-C7010
Cisco Nexus 7010 chassis
4.0(1)
N7K-C7018
Cisco Nexus 7018 chassis
4.1(2)
N7K-C7004-FAN=
Replacement fan for the Cisco Nexus 7004 chassis
6.1(2)
N7K-C7009-FAN=
Replacement fan for the Cisco Nexus 7009 chassis
5.2(1)
N7K-C7010-FAN-S
System fan tray for the Cisco Nexus 7010 chassis
4.0(1)
N7K-C7010-FAN-F
Fabric fan tray for the Cisco Nexus 7010 chassis
4.0(1)
N7K-C7018-FAN
Fan tray for the Cisco Nexus 7018 chassis
4.1(2)
N7K-AC-3KW
3.0-kW AC power supply unit
6.1(2)
N7K-DC-3KW
3.0-kW DC power supply unit
6.1(2)
N7K-AC-6.0KW
6.0-kW AC power supply unit
4.0(1)
N7K-AC-7.5KW-INT
N7K-AC-7.5KW-US7.5-kW AC power supply unit
4.1(2)
4.1(2)N7K-DC-6.0KW
N7K-DC-PIU
N7K-DC-CAB=6.0-kW DC power supply unit (cable included)
DC power interface unit
DC 48 V-48 V cable (spare)5.0(2)
5.0(2)
5.0(2)N7K-SUP2E
Supervisor 2 Enhanced module
6.1(1)
N7K-SUP2
Supervisor 2 module
6.1(1)
N7K-SUP1
Supervisor 1 module
4.0(1)
N7K-SUP1-8GBUPG
Supervisor module memory kit upgrade
5.1(1)
N7K-C7009-FAB-2
Fabric module, Cisco Nexus 7000 Series 9-slot
5.2(1)
N7K-C7010-FAB-2
Fabric module, Cisco Nexus 7000 Series 10-slot
6.0(1)
N7K-C7010-FAB-1
Fabric module, Cisco Nexus 7000 Series 10-slot
4.0(1)
N7K-C7018-FAB-2
Fabric module, Cisco Nexus 7000 Series 18-slot
6.0(1)
N7K-C7018-FAB-1
Fabric module, Cisco Nexus 7000 Series 18-slot
4.1(2)
N7K-F248XT-25E
Enhanced 48-port 1/10 GBase-T RJ45 module (F2 Series)
6.1(2)
N7K-F248XP-25E
Enhanced 48-port 1/10 Gigabit Ethernet SFP+ I/O module (F2 Series)
6.1(2)
N7K-F248XP-25
48-port 1/10 Gigabit Ethernet SFP+ I/O module (F2 Series)
6.0(1)
N7K-F132XP-15
32-port 1/10 Gigabit Ethernet module (F1 Series)
5.1(1)
N7K-M202CF-22L
2-port 100-Gigabit Ethernet I/O module XL (M2 Series)
6.1(1)
N7K-M206FQ-23L
6-port 40-Gigabit Ethernet I/O module XL (M2 Series)
6.1(1)
N7K-M224XP-23L
24-port 10-Gigabit Ethernet I/O module XL (M2 Series)
6.1(1)
N7K-M108X2-12L
8-port 10-Gigabit Ethernet I/O module XL1
5.0(2)
N7K-M132XP-12
32-port 10-Gigabit Ethernet SFP+ I/O module
4.0(1)
N7K-M132XP-12L
32-port 10-Gigabit Ethernet SFP+ I/O module XL1
5.1(1)
N7K-M148GS-11
48-port 1-Gigabit Ethernet SFP I/O module
4.1(2)
N7K-M148GS-11L
48-port 1-Gigabit Ethernet I/O module XL1
5.0(2)
N7K-M148GT-11
48-port 10/100/1000 Ethernet I/O module
4.0(1)
N7K-M148GT-11L
48-port 10/100/1000 Ethernet I/O module XL1
5.1(2)
N2K-C2248TP-1GE
Cisco Nexus 2248TP Fabric Extender
5.1(1)
N2K-C2224TP-1GE
Cisco Nexus 2224TP Fabric Extender
5.2(1)
N2K-C2232PP-10GE
Cisco Nexus 2232PP Fabric Extender
5.2(1)
N2K-C2232TM
Cisco Nexus 2232TM Fabric Extender
6.1(1)
N2K-C2248TP-E
Cisco Nexus 2248TP-E Fabric Extender
6.1(1)
1 Requires the Cisco Nexus 7010 Scalable Feature Package license (N7K-C7010-XL) or the Cisco Nexus 7018 Scalable Feature Package license (N7K-C7018-XL), depending on the chassis, to enable all XL-capable I/O modules to operate in XL mode.
Note
Table 4 Transceivers Supported by Cisco NX-OS Software Releases
N7K-F248XP-25
FET-10G
Cisco Fabric Extender Transceiver (FET)
6.0(1)
SFP-10G-SR
10GBASE-SR SFP+
6.0(1)
SFP-10G-LR
10GBASE-LR SFP+
6.0(1)
SFP-10G-ER
10GBASE-ERMSFP+
6.0(1)
SFP-10G-LRM
10GBASE-LRM SFP+
6.0(1)
SFP-10G-ZR3
10GBASE-ZR SFP+
6.1(1)
SFP-H10GB-CUxM
SFP-H10GB-CUxM Twinax Cable Passive (1m, 3m, 5m)
6.0(1)
SFP-H10GB-ACUxM
SFP-H10GB-ACUxM Twinax Cable Active (7m, 10m)
6.0(1)
SFP-GE-T
1000BASE-T SFP
6.0(1)
SFP-GE-S
1000BASE-SX SFP (DOM)
6.0(1)
SFP-GE-L
1000BASE-LX/LH SFP (DOM)
6.0(1)
SFP-GE-Z
1000BASE-ZX SFP (DOM)
6.0(1)
GLC-LH-SM
1000BASE-LX/LH SFP
6.0(1)
GLC-LH-SMD
1000BASE-LX/LH SFP
6.0(1)
GLC-SX-MM
1000BASE-SX SFP
6.0(1)
GLC-SX-MMD
1000BASE-SX SFP
6.0(1)
GLC-ZX-SM
1000BASE-ZX SFP
6.0(1)
GLC-T
1000BASE-T SFP
6.0(1)
GLC-BX-D
1000BASE-BX10-D
6.0(1)
GLC-BX-U
1000BASE-BX10-U
6.0(1)
GLC-EX-SMD
1000BASE-EX SFP
6.1(1)
CWDM-SFP-xxxx1
1000BASE-CWDM
6.0(1)
DWDM-SFP10G-xx.xx1
6.1(1)
DWDM-SFP-xxxx1
1000BASE-DWDM
6.0(1)
N7K-F248XP-25E
FET-10G
Cisco Fabric Extender Transceiver (FET)
6.1(2)
SFP-10G-SR
10GBASE-SR SFP+
6.1(2)
SFP-10G-LR
10GBASE-LR SFP+
6.1(2)
SFP-10G-ER
10GBASE-ERMSFP+
6.1(2)
SFP-10G-LRM
10GBASE-LRM SFP+
6.1(2)
SFP-10G-ZR3
10GBASE-ZR SFP+
6.1(2)
SFP-H10GB-CUxM
SFP-H10GB-CUxM Twinax Cable Passive (1m, 3m, 5m)
6.1(2)
SFP-H10GB-ACUxM
SFP-H10GB-ACUxM Twinax Cable Active (7m, 10m)
6.1(2)
SFP-GE-T
1000BASE-T SFP
6.1(2)
SFP-GE-S
1000BASE-SX SFP (DOM)
6.1(2)
SFP-GE-L
1000BASE-LX/LH SFP (DOM)
6.1(2)
SFP-GE-Z
1000BASE-ZX SFP (DOM)
6.1(2)
GLC-LH-SM
1000BASE-LX/LH SFP
6.1(2)
GLC-LH-SMD
1000BASE-LX/LH SFP
6.1(2)
GLC-SX-MM
1000BASE-SX SFP
6.1(2)
GLC-SX-MMD
1000BASE-SX SFP
6.1(2)
GLC-ZX-SM
1000BASE-ZX SFP
6.1(2)
GLC-T
1000BASE-T SFP
6.1(2)
GLC-BX-D
1000BASE-BX10-D
6.1(2)
GLC-BX-U
1000BASE-BX10-U
6.1(2)
GLC-EX-SMD
1000BASE-EX SFP
6.1(2)
CWDM-SFP-xxxx2
1000BASE-CWDM
6.1(2)
DWDM-SFP10G-xx.xx1
6.1(2)
DWDM-SFP-xxxx1
1000BASE-DWDM
6.1(2)
N7K-F132XP-15
SFP-10G-SR
10GBASE-SR SFP+
5.2(1)
SFP-10G-LR
10GBASE-LR SFP+
5.1(1)
SFP-10G-ER3
10GBASE-ER SFP+
5.1(1)
SFP-10G-LRM
10GBASE-LRM SFP+
5.1(1)
SFP-10G-ZR3
10GBASE-ZR SFP+
6.1(1)
SFP-H10GB-CUxM
SFP-H10GB-CUxM Twinax Cable Passive (1m, 3m, 5m)
5.1(1)
SFP-H10GB-ACUxM
SFP-H10GB-ACUxM Twinax Cable Active (7m, 10m)
5.1(1)
SFP-GE-T
1000BASE-T SFP
5.1(1)
SFP-GE-S
1000BASE-SX SFP (DOM)
5.1(1)
SFP-GE-L
1000BASE-LX/LH SFP (DOM)
5.1(1)
SFP-GE-Z
1000BASE-ZX SFP (DOM)
5.1(1)
GLC-LH-SM
1000BASE-LX/LH SFP
5.1(1)
GLC-SX-MM
1000BASE-SX SFP
5.1(1)
GLC-ZX-SM
1000BASE-ZX SFP
5.1(1)
GLC-T
1000BASE-T SFP
5.1(1)
GLC-LH-SMD
1000BASE-LX/LH SFP
5.2(1)
GLC-SX-MMD
1000BASE-SX SFP
5.2(1)
GLC-EX-SMD
1000BASE-EX-SFP
6.1(1)
DWDM-SFP10G-xx.xx1
6.1(1)
N7K-M108X2-12L
SFP-10G-SR4
10GBASE-SR SFP+
5.2(3a)
SFP-10G-LR4
10GBASE-LR SFP+
5.2(3a)
SFP-10G-LRM4
10GBASE-LRM SFP+
5.2(1)
SFP-H10GB-CUxM4
SFP-H10GB-CUxM Twinax Cable Passive (1m, 3m, 5m)
5.2(1)
CVR-X2-SFP10G
OneX Converter Module - X2 to SFP+ Adapter
5.2(1)
X2-10GB-CX4
10GBASE-CX4 X2
5.1(1)
X2-10GB-ZR
10GBASE-ZR X2
5.1(1)
X2-10GB-LX4
10GBASE-LX4 X2
5.1(1)
X2-10GB-SR
10GBASE-SR X2
5.0(2a)
X2-10GB-LR
10GBASE-LRX2
5.0(2a)
X2-10GB-LRM
10GBASE-LRM X2
5.0(2a)
X2-10GB-ER
10GBASE-ERX2
5.0(2a)
DWDM-X2-xx.xx=1
10GBASE-DWDM X2
5.0(2a)
N7K-M148GS-11
SFP-GE-S
1000BASE-SX
4.1(2)
GLC-SX-MM
4.1(2)
SFP-GE-L
1000BASE-LX
4.1(2)
GLC-LH-SM
4.1(2)
SFP-GE-Z
1000BASE-ZX
4.1(2)
GLC-ZX-SM
4.1(2)
GLC-T
1000BASE-T
4.2(1)
SFP-GE-T
4.2(1)
GLC-BX-D
1000BASE-BX10-D
5.2(1)
GLC-BX-U
1000BASE-BX10-U
5.2(1)
GLC-SX-MMD
1000BASE-SX
5.2(1)
GLC-LH-SMD
1000BASE-LX
5.2(1)
CWDM-SFP-xxxx1
1000BASE-CWDM
4.2(1)
DWDM-SFP-xxxx1
1000BASE-DWDM
4.2(1)
N7K-M148GS-11L
SFP-GE-S
1000BASE-SX
5.0(2a)
GLC-SX-MM
5.0(2a)
SFP-GE-L
1000BASE-LX
5.0(2a)
GLC-LH-SM
5.0(2a)
SFP-GE-Z
1000BASE-ZX
5.0(2a)
GLC-ZX-SM
5.0(2a)
GLC-T
1000BASE-T
5.0(2a)
SFP-GE-T
5.0(2a)
GLC-BX-D
1000BASE-BX10-D
5.2(1)
GLC-BX-U
1000BASE-BX10-U
5.2(1)
GLC-SX-MMD
1000BASE-SX
5.2(1)
GLC-LH-SMD
1000BASE-LX
5.2(1)
DWDM-SFP-xxxx1
1000BASE-DWDM
5.0(2a)
CWDM-SFP-xxxx1
1000BASE-CWDM
5.0(2a)
N7K-M132XP-12
FET-10G
Cisco Fabric Extender Transceiver (FET)
5.1(1)
SFP-10G-SR
10GBASE-SR SFP+
4.2(6)
SFP-10G-LR
10GBASE-LR SFP+
4.0(3)
SFP-10G-ER
10GBASE-ER SFP+
4.0(1)
SFP-H10GB-ACUxM3
SFP-H10GB-ACUxM Twinax Cable Active (7m, 10m)
5.1(2)
N7K-M132XP-12L
FET-10G
Cisco Fabric Extender Transceiver (FET)
5.1(1)
SFP-10G-SR
10GBASE-SR SFP+
5.1(1)
SFP-10G-LR
10GBASE-LR SFP+
5.1(1)
SFP-10G-ER
10GBASE-ER SFP+
5.1(1)
SFP-10G-LRM
10GBASE-LRM SFP+
5.1(1)
SFP-10G-ZR3
10GBASE-ZR SFP+
6.1(1)
SFP-H10GB-ACUxM
SFP-H10GB-ACUxM Twinax Cable Active (7m, 10m)
5.1(1)
SFP-H10GB-CUxM3
SFP-H10GB-CUxM Twinax Cable Passive (1m, 3m, 5m)
5.1(2)
DWDM-SFP10G-xx.xx
6.1(1)
N7K-M224XP-23L
FET-10G
Cisco Fabric Extender Transceiver (FET)
6.1(1)
SFP-10G-SR
10GBASE-SR SFP+
6.1(1)
SFP-10G-LR
10GBASE-LR SFP+
6.1(1)
SFP-10G-ER
10GBASE-ER SFP+
6.1(1)
SFP-10G-ZR3
10GBASE-ZR SFP+
6.1(1)
SFP-10G-LRM
10GBASE-LRM SFP+
6.1(1)
SFP-H10GB-ACUxM
SFP-H10GB-ACUxM Twinax Cable Active (7m, 10m)
6.1(1)
SFP-H10GB-CUxM3
SFP-H10GB-CUxM Twinax Cable Passive (1m, 3m, 5m)
6.1(1)
DWDM-SFP10G-xx.xx1
6.1(1)
N7K-M206FQ-23L
QSFP-40GE-LR4
6.1(4)
QSFP-40G-SR4
6.1(1)
N7K-M202CF-22L
CFP-100G-LR4
6.1(1)
CFP-40G-SR4
6.1(2)
CFP-40G-LR4
6.1(2)
CFP-100G-SR10
6.1(3)
1 For a complete list of supported optical transceivers of this type, go to the Cisco Transceiver Module Compatibility Information page.
2 For a complete list of supported optical transceivers of this type, go to the Cisco Transceiver Module Compatibility Information page.
3 Only version -02 is supported.
4 Requires CVR-X2-SFP10G, OneX Converter Module (X2 to SFP+ Adapter).
Integrating F2 Series Modules Into a Cisco Nexus 7000 Series System
The Cisco Nexus 7000 48-port 1/10 Gigabit Ethernet SFP+ I/O module (F2 Series) module is a low-latency, high-performance, high-density module that offers most Layer 2 and Layer 3 functions of Cisco NX-OS software. When integrating the F2 Series module into a Cisco Nexus 7000 Series system, observe the following guidelines:
•
•
•
The preceding considerations also apply to the Enhanced F2-Series modules: Cisco Nexus 7000 Enhanced F2 Series 48-port 1/10 Gigabit Ethernet SFP+ I/O module (N7K-F248XP-25E) and Cisco Nexus 7000 Enhanced F2 Series 48-port 1/10 GBase-T RJ45 module (N7K-F248XT-25E).
Some software features are not available on the F2 Series modules in Cisco NX-OS Release 6.x. See Table 5 for a list of features that have hardware and software support on the F2 Series and Enhanced F2 Series modules.
Migrating to M2 Series Modules
When preparing to migrate from an M1 Series module or an F2 Series to an M2 Series module, observe these guidelines:
•
•
•
To ensure an error-free migration, we recommend that you follow these steps to install an M2 Series module:
1.
2.
3.
4.
Note
Upgrade/Downgrade Paths and Caveats
This section includes information about upgrading or downgrading Cisco NX-OS software on Cisco Nexus 7000 Series devices. It includes the following sections:
•
Supported Upgrade and Downgrade Paths
Note
Do not change any configuration settings or network settings during a software upgrade. Any changes in the network settings may cause a disruptive upgrade.
Refer to Table 6 for the nondisruptive upgrade (ISSU) path to, and nondisruptive downgrade (ISSD) path from Cisco NX-OS Release 6.1(x). Releases that are not listed for a particular release train do not support a direct ISSU or ISSD to the current release.
Table 6 Supported ISSU and ISSD Paths
NX-OS Release 6.1(4)
6.1
6.1(1), 6.1(2), 6.1(3)
6.1(1), 6.1(2), 6.1(3)
6.0
6.0(3), 6.0(4)
6.0(3), 6.0(4)
5.2
5.2(4), 5.2(5), 5.2(7)1 , 5.2(9)
5.2(4), 5.2(5), 5.2(7), 5.2(9)
NX-OS Release 6.1(3)
6.1
6.1(1), 6.1(2)
6.1(1), 6.1(2)
6.0
6.0(2), 6.0(3), 6.0(4)
6.0(2), 6.0(3), 6.0(4)
5.2
5.2(1), 5.2(3a), 5.2(4), 5.2(5), 5.2(7)1, 5.2(9)
5.2(1), 5.2(3a), 5.2(4), 5.2(5), 5.2(7), 5.2(9)
NX-OS Release 6.1(2)
6.1
6.1(1)
6.1(1)
6.0
6.0(2), 6.0(3), 6.0(4)
6.0(2), 6.0(3), 6.0(4)
5.2
5.2(3a), 5.2(4), 5.2(5), 5.2(7)1, 5.2(9)
5.2(3a), 5.2(4), 5.2(5), 5.2(7), 5.2(9)
NX-OS Release 6.1(1)
6.1
N/A
N/A
6.0
6.0(2), 6.0(3), 6.0(4)
6.0(2), 6.0(3), 6.0(4)
5.2
5.2(3a), 5.2(4), 5.2(5)
5.2(3a), 5.2(4), 5.2(5)
1 Before performing an ISSU to NX-OS Release 6.1(x), see the IPFIB Errors caveat in this section.
Unless otherwise noted, all releases within the same release train are ISSU and ISSD compatible to releases within the same train. In addition, all releases of Cisco NX-OS Release 6.1(x) software are ISSU and ISSD compatible will all releases of Cisco NX-OS Release 6.0(x).
If you are running a Cisco NX-OS release earlier than Release 5.2, you can perform an ISSU in multiple steps. Table 7 lists the supported multistep ISSU paths.
Table 7 Multistep ISSU Paths to the Current Release
4.2(6), 5.0(3), 5.1(3), or 5.1(5)
5.2(7)1
6.1(4)
1 Before performing an ISSU to NX-OS Release 5.2(7), see the IPFIB Errors caveat in this section.
Upgrade or Downgrade Caveats
A software upgrade or downgrade can be impacted by the following features or hardware:
•
Before performing an ISSU to Cisco NX-OS Release 6.1(3), disable IPv6 Policy Based Routing (PBR). Failure to disable IPv6 PBR prior to the upgrade might result in a failure of the ACLQOS process when an IP route is cleared following the ISSU.
•
When a specific sequence of events occur prior to an ISSU from Cisco NX-OS Release 6.1(1) to Release 6.1(2), on a Cisco Nexus 7000 Series device with both F1 Series and M2 Series modules installed, the M2 Series module fails when it reloads after the upgrade. The following ordered sequence of events lead to the failure of the M2 Series module:
1.
2.
3.
If this problem occurs, reload the F1 Series module following the upgrade to Cisco NX-OS Release 6.1(2). The M2 Series will then come online.
•
ISSD is not supported when vPC+ for FEX server facing ports is enabled. If you are using this feature, you should disable it prior to an ISSD from Cisco NX-OS Release 6.1(2) by removing vPC+ from FEX server facing ports.
•
When downgrading from Cisco NX-OS Release 6.1(2) to an earlier release, first power down all modules that are unsupported in the downgrade image. Then purge the configuration of the unsupported modules using the purge module module_number running-config command.
•
Cisco NX-OS Release 6.1(1) supports an increased number of OSPF process instances per VDC. See the Cisco Nexus 7000 Series NX-OS Verified Scalability Guide for the latest verified number.
If you have more than four OSPF v2 or more than four OSPF v3 process instances configured and you downgrade to an earlier release, you must remove instances 5 and higher. Use the following command to match an OSPF v2 process tag with an OSPF process instance:
switch# show system internal sysmgr service name ospfService "__inst_005__ospf" ("ospf", 13): <= OSPF process instanceUUID = 0x41000119, PID = 3402, SAP = 320State: SRV_STATE_HANDSHAKED (entered at time Mon Jul 23 05:11:33 2012).Restart count: 1Time of last restart: Mon Jul 23 05:11:33 2012.The service never crashed since the last reboot.Tag = 1 <= configured process tagPlugin ID: 1Use the show system internal sysmgr service name ospfv3 command to match an OSPF v3 process tag with an OSPF v3 process instance.
•
Before you perform an ISSU or an ISSD between specific releases, you must first remove QoS policies and ACLs from interfaces that are in the down state. See Table 8 to determine which release combinations are impacted.
If you do not remove the QoS policies and ACLs, the installer process aborts the upgrade or downgrade process, and a message similar to the following is displayed:
Service "ipqosmgr" : Please remove inactive policies using the command "clear inactive-config qos" Pre-upgrade check failed. Return code 0x415E0055 (Need to clear inactive-if-config from qos manager using the command "conf;clear inactive-config qos" or can manually clear the config shown by the command: "show running-config ipqos inactive-if-config").
Note
Guidelines for manual policy removal: during a manual removal, when the interface is part of a port channel, remove the policy map or access list from the port channel or remove the interface from the port channel before performing the ISSU or ISSD. For all other interface types, remove the policy map or access list from the interface.
•
The default Control Plane Policing (CoPP) policy does not change when you upgrade the Cisco NX-OS software.
If you downgrade from Cisco NX-OS Release 6.0(1) without using ISSD to a release earlier than NX-OS Release 5.2(1), the CoPP configuration is lost, and a CoPP policy is no longer attached to the control plane.
•
Any features introduced in a release must be disabled before downgrading to a release that does not support those features.
•
If you enable the AES password encryption feature and a master encryption key in Cisco NX-OS Release 6.0(1), you must decrypt all type-6 passwords, disable the AES password encryption feature, and delete the master key before downgrading.
•
ISSU, stateful switchover (SSO), and graceful restart are not supported when aggressive failure detection timers are used for any Layer 3 protocols. Starting in Cisco NX-OS Release 5.2(3a), the First Hop Redundancy Protocol (FHRP) with aggressive timers has been validated for SSO or ISSU using the extended hold timer feature. Other protocols such as OSPF have been validated with aggressive timers without SSO or ISSU support. For additional information on aggressive timer support and extended hold timers for FHRP, see the Cisco Nexus 7000 Series NX-OS Unicast Routing Configuration Guide.
•
BFD for static routes does not support a stateful switchover (SSO) or an ISSU. When you perform an ISSU or an SSO, a small amount of packet loss can result in flows that follow static routes protected by BFD.
•
If you perform an ISSU from Cisco NX-OS Release 5.2(3a) or Release 5.2(4) to Release 6.1(2), and LISP was enabled prior to the upgrade, you must enter the clear ip route command and clear the LISP map cache following the upgrade to allow LISP to work in Release 6.1(2).
•
During an upgrade to Cisco NX-OS Release 5.2(7) or a later release, the following error messages might appear:
%IPFIB-SLOT2-2-FIB_TCAM_HA_ERROR: FIB recovery errors, please capture 'showtech forwarding l3 unicast' and 'show tech forwarding l3 multicast'In addition, the ipfib process might fail.
This issue can be triggered when the following sequence of events occur:
–
–
–
To work around this issue, follow these steps:
1.
a.
b.
c.
2.
Note
You should perform these steps even if you are not using LISP because the issue can occur even if LISP is not running.
CMP Images
Cisco NX-OS Release 6.1(1) includes a new image for the connectivity management processor (CMP) on the Supervisor 1 module. The CMP is upgraded to Release 6.1(1) on successful ISSU to Cisco NX-OS to Release 6.1(1). When the ISSU completes, you should reload the CMP image on the active and standby Supervisor 1 modules.
The Supervisor 2 and Supervisor 2 Enhanced modules do not have a CMP. Therefore, Cisco NX-OS Release 6.1(1) does not include a CMP image for the Supervisor 2 or Supervisor 2 Enhanced module.
For additional information about the CMP, see the Cisco Nexus 7000 Series Connectivity Management Processor Configuration Guide.
EPLD Images
Cisco NX-OS Release 6.1(4) includes new EPLD images, but it is not necessary to upgrade existing EPLD images to use Cisco NX-OS Release 6.1(4).
Cisco NX-OS Release 6.1(3) includes an EPLD image for M2 Series modules that have XL tables. For instructions about upgrading to this EPLD image, see the Cisco Nexus 7000 Series FPGA/EPLD Upgrade Release Notes, Release 6.1.
The new hardware introduced in Cisco NX-OS Release 6.1(1) and Release 6.1(2) includes new EPLD images. It is not necessary to upgrade existing EPLD images to use Cisco NX-OS Release 6.1(1) or Release 6.1(2). However, if you plan to migrate from a Supervisor 1 to a Supervisor 2 or Supervisor 2E module, and you have a Fabric 2 module in your system, you must upgrade the EPLD image on the Fabric 2 module. For instructions about upgrading EPLD images, see the Cisco Nexus 7000 Series FPGA/EPLD Upgrade Release Notes, Release 6.1.
For additional information about migrating from a Supervisor 1 module to a Supervisor 2 or Supervisor 2E module, see the Cisco Nexus 7000 Series Hardware Installation and Reference Guide.
New Hardware
This section briefly describes the new hardware introduced in Cisco NX-OS Release 6.1. For detailed information about the new hardware, see the Cisco Nexus 7000 Series Hardware Installation and Reference Guide.
This section includes the following topics:
•
•
•
•
New Hardware in Cisco NX-OS Release 6.1(1)
Cisco NX-OS Release 6.1(1) introduces new hardware that is described in the following sections:
M2 Series Modules
The Cisco Nexus 7000 M2 Series Modules are the next generation of highly scalable, high-performance modules that offer up to 240 G bandwidth per slot. There are three Cisco Nexus 7000 M2 Series modules in the M series module family:
•
•
•
The M2 Series modules work with Fabric 1 and Fabric 2 modules and they work with both Supervisor 1 and Supervisor 2 modules. The M2 Series modules interoperate with M1 Series and F1 Series modules in the same VDC.
With the exception of LISP, the M2 Series modules support all the features of the M1 Series modules.
For additional information about the M2 Series modules, see the Cisco Nexus 7000 Series Hardware Installation and Reference Guide.
Supervisor 2 Modules
Cisco NX-OS Release 6.1 introduces a new generation of supervisor modules that offer increased scalability and an enhanced user experience.
•
•
Note
The Supervisor 2 or Supervisor 2E is required to deploy FCoE on the 48-port 1/10-Gigabit Ethernet SFP+ F2 series I/O module (N7K-F248XP-25).
All Cisco Nexus 7000 Series I/O modules are compatible with the Supervisor 2 and Supervisor 2E modules and both the Fabric 1 and Fabric 2 modules support the Supervisor 2 module.
The Supervisor 2 and Supervisor 2 Enhanced modules do not have a connectivity management processor (CMP).
Note
For more information about the Supervisor 2 and Supervisor 2E modules, including instructions on how to migrate from a Supervisor 1 module to a Supervisor 2 or Supervisor 2E module, see the Cisco Nexus 7000 Series Hardware Installation and Reference Guide.
FEX Modules
Cisco NX-OS Release 6.1(1) supports the following Fabric Extender (FEX) modules on Cisco Nexus 7000 Series systems with the Supervisor 1, Supervisor 2, or Supervisor 2E modules:
•
•
Cisco NX-OS Release 6.1(1) also supports the following reverse airflow fans and power supplies for fabric extender modules:
•
•
•
•
For additional information, see the Cisco Nexus 2000 Series Hardware Installation Guide.
New Hardware in Cisco NX-OS Release 6.1(2)
Cisco NX-OS Release 6.1(2) introduces new hardware that is described in the following section:
Cisco Nexus 7004 Switch
The Cisco Nexus 7004 switch (N7K-C7004) is a four-slot chassis that holds two supervisor modules and two I/O modules. Unlike other Cisco Nexus 7000 Series devices, the Cisco Nexus 7004 does not have fabric modules.
The Cisco Nexus 7004 switch supports the following modules: all XL versions of M1series modules, M2 series modules, and F2 series modules. It does not support the F1 series module or non-XL M1 series modules. In addition, the Cisco Nexus 7004 switch supports both the Supervisor 2 and 2E modules. It does not support the Supervisor 1 module.
The Cisco Nexus 7004 switch supports the same features as all Cisco Nexus 7000 Series switch chassis, including but not limited to FEX, ISSU, vPC, FabricPath, OTV, LISP, VDC, CoPP, NetFlow, and MPLS.
Energy efficiency can be achieved with the Cisco Nexus 7004 switch through its 3KW AC power supplies, the independent variable-speed fan system, and the lack of fabric modules.
For additional information, see the Cisco Nexus 7000 Series Hardware Installation and Reference Guide.
Enhanced F2 Series Modules
Two enhanced F2 Series modules are available:
•
•
These modules support all of the features of the standard F2-series modules, and they function like an F2-series module with Layer 2 and Layer 3 enabled. The enhanced F2-series module hardware is capable of interoperability with M2-series modules and the XL versions of M1 series modules. This capability will be enabled in a later software release. The enhanced F2-series modules also support IPv6 DSCP-to-Queue mapping. In addition, the enhanced F2-Series modules interoperate with standard F2-Series modules in the same system or VDC.
In addition, the Cisco Nexus 7000 Enhanced F2-Series 48 Port 1/10 GBase-T RJ45 Module supports 10 GBase-T, which is a standard that provides 10 Gbps connections over unshielded or shielded twisted-pair cables over distances of up to 330 feet (110 meters). This module offers low power consumption, low latency, full Layer 2 and Layer 3 support, and Energy Efficient Ethernet (EEE) to help save power.
For additional information about the Cisco Nexus 7000 Series Hardware Installation and Reference Guide.
New Hardware in Cisco NX-OS Release 6.1(3)
Cisco NX-OS Release 6.1(3) does not include new hardware.
New Hardware in Cisco NX-OS Release 6.1(4)
Cisco NX-OS Release 6.1(4) does not include new hardware.
New Software Features
This section briefly describes the new features introduced in Cisco NX-OS Release 6.1 software. For detailed information about the features listed, see the documents listed in the "Related Documentation" section. The "New and Changed Information" section in each of these books provides a detailed list of all new features and includes links to the feature description or new command.
This section includes the following topics:
•
•
•
•
Cisco NX-OS Release 6.1(1) Software Features
Cisco NX-OS Release 6.1(1) includes the features described in the following sections:
Virtual Device Context
•
Cisco NX-OS Release 6.1 introduces a new type of VDC that provides fault isolation for switch-wide administrative functions. The new VDC is called the admin VDC. You can enable the admin VDC at initial system bootup through a setup script. However, creation of the admin VDC is optional; it is not required. The admin VDC is used for administrative functions only.
The admin VDC is supported on Supervisor 2 and Supervisor 2E modules only. When an admin VDC is enabled, only the mgmt0 port is allocated to the admin VDC. A license is not required to enable the admin VDC.
For detailed information about creating the admin VDC and guidelines for using it, see the Cisco Nexus 7000 Series Virtual Device Context Configuration Guide.
•
In Cisco NX-OS Release 6.1(1), you can configure CPU shares per VDC. This features requires the Supervisor 2 or Supervisor 2E module.
•
The Supervisor 2E module increments the number of supported VDCs to eight, plus the admin VDC. This feature requires the N7K-VDC1K9 license.
IP Service Level Agreement
IP Service Level Agreement (SLA) is network performance-monitoring software that allows users to do service level monitoring, troubleshooting, and resource planning. In Cisco NX-OS Release 6.1(1), the IP SLA sender or responder support the following features: UDP jitter, UDP echo, TCP connect, SNMP, and reaction threshold traps. IP SLA does not require a license.
For additional information about the IP SLA feature, see the Cisco Nexus 7000 Series IP SLA Configuration Guide.
FCoE Support
The 48-port 1/10-Gigabit Ethernet SFP+ F2 series I/O module (N7K-F248XP-25) supports FCoE, and requires either the Supervisor 2 or Supervisor 2E module, and the N7K-FCOEF248XP license.
FEX Scalability
With the Supervisor 2E module, Cisco NX-OS Release 6.1(1) supports an increased number of FEX modules. See the Cisco Nexus 7000 Series Verified Scalability Guide.
Additional New Functionality
Cisco NX-OS Release 6.1(1) adds support for the following features:
•
•
•
•
•
•
•
•
•
•
For additional information about these features, see the Cisco Nexus 7000 Series Switches Configuration Guides.
Cisco NX-OS Release 6.1(2) Software Features
Cisco NX-OS Release 6.1(2) includes the features described in the following topics:
•
•
•
Power on Auto Provisioning
Power on Auto Provisioning (PoAP) makes possible automatic provisioning and self deployment of switches. PoAP simplifies switch configuration and helps to minimize operational costs.
For additional information about the PoAP feature, see the Cisco Nexus 7000 Series Fundamentals Configuration Guide.
Python Scripting
Python scripting provides programmatic access to Cisco NX-OS and allows you to gather network intelligence. Python is a very powerful programming language that includes standard libraries and it is highly scalable. Python is integrated with PoAP.
For additional information about Python scripting, see the Cisco Nexus 7000 Series Fundamentals Configuration Guide.
DCSP-to-Queue on the Enhanced F2 Series Modules
The new enhanced F2 series modules support IPv4 and IPv6 packets for DSCP-to-queue on ingress ports. With this feature, you can match traffic that is received on Layer 3 and access ports.
For additional information about DSCP-to-queue for IPv6, see the Cisco Nexus 7000 Series QoS Configuration Guide.
vPC+ For Cisco Nexus 2000 Fabric Extender Server Ports
vPC+ is now supported on FEX server ports. This capability enables an active-active host port vPC to a FabricPath cloud.
For additional information about vPC+ on FEX, see the Cisco Nexus 7000 Series FabricPath Configuration Guide.
FabricPath on F2 Series Modules
Cisco NX-OS Release 6.1(2) includes a new command that makes it possible for FabricPath core ports on specified modules or port groups to no longer learn MAC addressees in VLANs where no switch virtual interface (SVI) exists.
The no hardware fabricpath mac-learning module module [port-group port-group-list] command can be entered only on the default VDC or admin VDC. It affects the specified modules or port groups regardless of VDC membership.
Use this command for modules or port groups that have only FabricPath core ports (or unused or shutdown ports). Do not use the command on port groups that have CE edge ports or any other type of port.
For VLANs with SVIs configured (even on port groups where the command is applied), and for port groups where the command has not been applied, the F2 Series module still learns source MAC (SMAC) addresses from broadcast frames.
Using this command on port groups that have only FabricPath core ports does not affect forwarding behavior because FabricPath core ports do not use the MAC address table to perform forwarding.
For additional information on using FabricPath on F2 Series modules, see the Cisco Nexus 7000 Series FabricPath Configuration Guide.
Sampled NetFlow
Sampled NetFlow is available on F2 Series modules. Sampling is available on ingress ports only.
For additional information about NetFlow sampling, see the Cisco Nexus 7000 Series System Management Configuration Guide.
Cisco NX-OS Release 6.1(3) Software Features
Cisco NX-OS Release 6.1(3) includes the features described in the following topics:
•
•
•
•
•
•
•
Four Queue Support for F2 Series Modules
Cisco NX-OS Release 6.1(3) increases ingress buffer support from two queues to four queues on F2 Series modules. For more information, see the Cisco Nexus 7000 Series NX-OS QoS Configuration Guide.
Improved Load Balancing and Traffic Distribution Across Port-Channel Member Links
Improved load balancing for port channels is available on Cisco Nexus 7000 M2 and M1 Series I/O XL modules, and on F2 Series modules through the new modulo mode. If you plan to use modulo mode on an M2 Series module, see CSCue43842.
For more information, see the Cisco Nexus 7000 Series NX-OS Interfaces Configuration Guide.
Deny ACE Support for VACL, PBR, and QoS
Beginning with Cisco NX-OS Release 6.1(3), you can configure the device to support deny access control entries (ACEs) in a sequence for the following sequence-based features: VLAN ACL (VACL), policy-based routing (PBR), and QoS. For more information, see the Cisco Nexus 7000 Series NX-OS Security Configuration Guide.
QoS MIB Support
QoS MIB support for F2 Series modules is available in Cisco NX-OS Release 6.1(3). For more information, see the Cisco Nexus 7000 Series NX-OS MIB Quick Reference.
Minimum Links on the FEX Fabric Port Channel
Beginning with Cisco NX-OS Release 6.1(3), you can configure a minimum number of links for the FEX fabric port channel so that when a certain number of FEX fabric port-channel member ports go down, the host-facing interfaces of the FEX are suspended. For more information, see the Cisco Nexus 2000 NX-OS Fabric Extender Software Configuration Guide.
Smart Zoning
Smart zoning supports zoning among more devices by reducing the number of zoning entries that needs to be programmed by considering device type information without increasing the size of the zone set. Smart zoning enables you to select the host, target, or both as the end device type. For more information, see the Cisco Nexus 7000 Series NX-OS SAN Switching Configuration Guide.
100G-SR10 Optics Support
Cisco NX-OS Release 6.1(3) adds 100G-SR10 optics support for the M2 Series 2-port 100-Gigabit Ethernet I/O module (N7K-M202CF-22L).
PowerOn Auto Provisioning Template Script
A new template configuration script is available for PowerOn Auto Provisioning (PoAP). For more information, see the Cisco Nexus 7000 Series NX-OS Fundamentals Configuration Guide.
New Cisco MAC Address for BPDUs Sent on vPCs
Cisco NX-OS Release 6.1(3) enables STP to use the new Cisco MAC address 00:26:0b:xx:xx:xx as the source address of BPDUs generated on vPC ports. For more information, see the Cisco Nexus 7000 Series NX-OS Layer 2 Switching Configuration Guide.
FabricPath Port-Channel Limit Command for vPC+
Cisco NX-OS Release 6.1(3) provides support for more than 244 vPC+ port channels for VDCs that have an F2 Series module. For more information, see the Cisco Nexus 7000 Series NX-OS FabricPath Configuration Guide.
Cisco NX-OS Release 6.1(4) Software Features
Cisco NX-OS Release 6.1(4) includes bug fixes and the following enhancements:
•
•
–
–
–
Licensing
Cisco NX-OS Release 6.1(1) includes the following changes to Cisco NX-OS software licenses:
•
–
–
•
•
Cisco NX-OS Release 6.1(2) includes the following new license:
•
For additional information, see the Cisco NX-OS Licensing Guide.
MIBs
Cisco NX-OS Release 6.1(1) supports a subset of the following MIBs:
•
•
Cisco NX-OS Release 6.1(3) supports the QoS MIB on F2 Series modules.
Limitations
This section describes the limitations in Cisco NX-OS Release 6.1 for the Cisco Nexus 7000 Series devices. It includes the following sections:
•
•
•
•
•
•
DHCP Snooping with vPC+ FEX
DHCP snooping is not supported when the vPC+ FEX feature is enabled.
Fabric Module Migration Errors
When you remove a Fabric 1 module and replace it with a Fabric 2 module, errors might occur. On rare occasions, 1 to 10 packets can drop during the fabric module migration process.
To avoid this situation, enter the out-of-service xbar command before you remove each Fabric1 module.
Once the Fabric 1 module is out of service, remove it and insert the Fabric 2 module.
Proxy Limitation for the N7K-F132XP-15 Module
When the 6-port 40-Gigabit Ethernet I/O module XL (M2 Series) (N7K-M206FQ-23L) acts as a proxy for more than 90 G traffic from the 32-port 10-Gigabit Ethernet I/O module XL (N7K-F132XP-15), packet drops can occur. You might experience this issue if ports are over-subscribed on the N7K-F132XP-15 F1 Series module.
Storage VDC Interfaces
In Cisco NX-OS Release 6.1(1), a Cisco Nexus 7000 Series device with the Supervisor 2 or Supervisor 2E module supports interfaces from the same module series, either F1 or F2, in the storage VDC for FCoE. A combination of interfaces from an F1 Series module and an F2 Series module is not supported in the storage VDC.
PONG in a vPC Environment
There are two situations where PONG is not supported in a vPC environment:
–
–
SVI Statistics on an F2 Series Module
F2 Series I/O modules do not support per-VLAN statistics. Therefore, the show interface command will not display per-VLAN Rx/Tx counters or statistics for switch virtual interfaces (SVIs).
LISP Traffic
A Layer 3 link is required between aggregation switches when deploying LISP host mobility on redundant xTRs that are part of a vPC. In rare (but possible) scenarios, failure to deploy this Layer 3 link might result in traffic being moved to the CPU and potentially dropped by the CoPP rate limiters.
Role-Based Access Control
•
•
•
Standby Supervisor Can Reset with Feature-Set Operation
The standby supervisor might reload when a feature-set operation (install, uninstall, enable, or disable) is performed, if the HA state of the standby supervisor is not "HA standby" at the time of the feature-set operation. To prevent the reload, ensure that the state of the standby supervisor is "HA standby." To check the HA state for the specific VDC where the feature-set operation is performed, enter the show system redundancy ha status command on the active supervisor.
A reload of the standby supervisor has no operational impact because the active supervisor is not affected.
In addition, if you perform a feature-set operation while modules are in the process of coming up, then those modules will be power cycled. Modules that are up and in the "ok" state are not power cycled when you perform a feature set operation.
Unfair Traffic Distribution for Flood Traffic
Uneven load balancing of flood traffic occurs when you have a seven-member port channel. This behavior is expected and it occurs on all M Series and F Series modules. In addition, M Series modules do not support Result Bundle Hash (RBH) distribution for multicast traffic.
BFD Not Supported on the MTI Interface
If bidirectional forwarding detection (BFD) on protocol independent multicast (PIM) is configured together with MPLS multicast VPN (MVPN), the following error might appear:
2012 Jan 3 15:16:35 dc3_sw2-dc3_sw2-2 %PIM-3-BFD_REMOVE_FAIL: pim [22512] Session remove request for neighbor 11.0.3.1 on interface Ethernet2/17 failed (not enough memory)This error is benign. To avoid the error, disable BFD on the multicast tunnel interface (MTI) interface.
Caveats
This section includes the following topics:
•
•
•
•
•
Note
Open Caveats—Cisco NX-OS Release 6.1
•
Symptom: A Web Cache Control Protocol (WCCP) redirect configuration on an interface is not removed when TCAM programming fails due to an unsupported combination of features.
Conditions: This symptom might be seen when Bank Chaining (Hardware Resource Pooling) is enabled and a WCCP configuration is applied after a RACL configuration. This issue might result in a SBADDFAIL syslog that indicates an unsupported feature combination. The WCCP configuration on the interface is not removed when the error occurs and the WCCP redirect is not programmed in the TCAM.
Workaround: Remove the WCCP redirect from the interface. When this operation is done, the SBDELFAIL syslog will appear. Ignore the syslog message and remove the RACL configuration from the interface and reapply the WCCP redirect on the interface. TCAM programming should work.
•
Symptom: If the netstack process fails, existing BGP sessions might flap and routes might be relearned, which could cause traffic loss.
Conditions: This symptom might be seen only when the netstack process fails or terminates ungracefully.
Workaround: None.
•
Symptom: Applying a large egress ACL to an interface might cause BFD flaps.
Conditions: This symptom might be seen when a large egress ACL is applied to, or removed from an unrelated Layer 3 physical interface or SVI.
Workaround: None.
•
Symptom: SNMP fails when cfcRequestEntryStatus is set to active.
Condition: This symptom might be seen when the cfcRequestEntryStatus field in a table in the CISCO-FTP-CLIENT-MIB is set to a value of one.
Workaround: None.
•
Symptom: Reloading a switch with many BFD sessions can leave a few port-channel member ports in an error-disabled state on the connected switches.
Conditions: This symptom might be seen when there is a heavy BFD and ACL Manager interaction, with many sessions going up or down, and the ACL manager process on the supervisor module can get busy processing BFD-related ACL requests. At the same time, if one or more port-channel members are trying to come up, they fail to be part of that port channel and potentially leave them in a suspended state on the local and remote end.
Workaround: Enter the shut and no shut commands on the member ports of the suspended port-channel members to bring them back up.
•
Symptom: OSPFv3 advertises the local prefix even though the address is a duplicate in the network.
Conditions: This symptom might be seen when OSPFv3 forms an IPv6 neighbor, even though the local address is a duplicate in the network. This can result in a black hole of traffic to the local IPv6 address.
Workaround: Reconfigure the local address with a unique IPv6 address.
•
Symptom: A vulnerability exists in the ARP code of the Cisco Nexus 7000 Series device that might allow an unauthenticated adjacent attacker to trigger the restart of the adjmgr process. This problem might lead to packet drops and potentially trigger the reload of the affected device.
An attacker might be able to trigger this behavior by flooding the affected device with ARP packets. The attacker might need to be in the same subnet in order to execute the attack
Conditions: This symptom could be triggered by a flood executed in an adjacent network (such as in the same layer).
Workaround: There is no workaround for this issue. However, we recommend that you implement hardening measures as per
http://www.cisco.com/en/US/prod/collateral/switches/ps9441/ps9402/guide_c07-665160.html
•
Symptom: When bundled CTS links into a Layer 3 port channel with a Cisco Catalyst 3000 Series switch, the interface(s) reauthenticate every 30 seconds which causes the port channel to bounce and eventually go into suspend state. If the port channel is removed, the CTS links stay up.
Conditions: The symptom might be seen when bundled CTS links into a Layer 3 port channel with a Cisco Catalyst 3000 Series switch.
Workaround: None.
•
Symptom: Some of the dynamically learned MAC addresses might point to the wrong interface.
Conditions: This symptom might be seen in an unstable Layer 2 topology that could be caused by a Layer 2 loop or any event where a peer link can drop traffic which results in a mac-sync across a vPC peer to be out of sync.
Workaround: Enter the clear mac address dynamic command for a specific MAC address or VLAN where the issue is seen. This command clears the MAC address and correctly relearns the MAC address across peers.
•
Symptom: Flooded traffic may not reach all FabricPath switches in a network where FabricPath is deployed.
Conditions: This symptom might be seen if FabricPath is included in the flood outgoing interfaces list and it is moved to a port channel.
Workaround: Enter the shut command on the FabricPath member port and ensure that it is not a member of an outgoing flood list before adding it to a port channel. Enter the show l2 mroute flood vlan vlan-id command to verify that the member port is not a part of the flood outgoing interface list.
•
Symptom: Flow control cannot be configured on a port-channel interface after an ISSU. The following error is displayed:
switch(config)#interface port-channel 5
switch(config-if)#flowcontrol receive on
ERROR: port-channel5: no such pss keyConditions: This symptom might be seen following an ISSU from Cisco NX-OS Release 6.0(1) to Release 6.0(2).
Workaround: Remove the port channel and create it again.
•
Symptom: A Cisco Nexus 2000 Series FEX does not copy the core files to the Cisco Nexus 7000 Series device following a failure, but continues to try to copy the files.
N7k-2 SYSMGR-FEX101-3-CORE_OP_FAILED Core operation failed: send_msg_to_ccdmon: Could not send to CORE_DMON return -1 errno 32N7k-2 SYSMGR-FEX101-5-SUBPROC_TERMINATED "System Manager (core-client)" (PID 1903) has finished with error code SYSMGR_EXITCODE_CORE_CLIENT_ERR (11).Conditions: This symptom might be seen when a Cisco Nexus 2000 Series FEX is connected to a nondefault VDC that fails.
Workaround: Contact Cisco TAC to manually copy the core files.
•
Symptom: A port becomes error-disabled during an ISSU, but is not reinitialized after the ISSU.
Conditions: This symptom might be seen when a port tries to come up at about the same time as the module is completing the upgrade.
Workaround: Enter the shut command followed by the no shut command on the port.
•
Symptom: A Label Distribution Protocol (LDP) session periodically goes down after the clear ip route command is entered.
Conditions: This symptom might be seen after entering the clear ip route command on a Cisco Nexus 7000 Series VDC.
Workaround: None
•
Symptom: After an upgrade from the 32-port 10-Gigabit Ethernet SFP+ I/O module (N7K-M132XP-12) to the 48-port 1/10 Gigabit Ethernet SFP+ I/O F2 Series module (N7K-F248XP-25), ports cannot be bundled into port channels because they incorrectly show up as rate mode shared. F2 Series modules do not support rate-mode shared. The following message appears in the switch log:
%ETH_PORT_CHANNEL-3-COMPAT_CHECK_FAILURE: rate mode is not compatibleConditions: The symptom might be seen when the upgrade procedure follows these steps:
1.
2.
3.
Workaround: If there is an error, follow these steps to restore service:
1.
2.
3.
4.
•
Symptom: The NPACL process fails after 128,000 ACLs are configured on the egress of an interface.
Conditions: This symptom might be seen when a very large number of ACLs are configured.
Workaround: None. To avoid this issue, keep the ACL configuration to 64,000 ACLs or less.
•
Symptom: An entry cannot be added to an existing route map. The following error displays:
% Internal error encountered - please check syslog for error detailsIn the logs:%RPM-3-INFRA_SYSERR: rpm [3864] ppf_node_link failed with error - Object doesn't exist (0x41170006) - in rpm_ppf_proc_ifelse_action()Conditions: This symptom might be seen on a Cisco Nexus 7000 Series device running Cisco NX-OS Release 5.2(3a).
Workaround: None.
•
Symptom: An SNMP walk on ciscoCBQosMIB 64-bit counter objects can be very slow.
Conditions: This symptom is mostly seen when QoS values are read from CISCO-CLASS-BASED-QOS-MIB or when a full SNMP walk is performed.
Workaround: Retrieve OIDs with option -t 20 and the MIB walk can take approximately10 minutes. In addition, use SNMP version 2.
•
Symptom: After migrating to the admin VDC, a line card port that was configured with the snmp-server source-interface command is still present.
Conditions: This symptom might be seen when an snmp-server source interface was configured on a line card port before the migration to the admin VDC.
Workaround: Remove the configuration by entering the no snmp-server source-interface command and reconfigure the source interface if needed.
•
Symptom: A VTP type-2 consistency status failure occurs.
Conditions: This symptom might be seen when VTP type-2 parameters are received by MCECM when the MCT comes up. The MCECM may not sync VTP parameters to the peer switch, which causes a VTP type-2 consistency status failure.
Workaround: To work around this issue, follow these steps:
1.
2.
•
Symptom: After a reload of a Cisco Nexus 7000 Series device with MPLS enabled, an LDP neighbor might be missing.
Conditions: This symptom might be seen when a Cisco Nexus 7000 Series device has MPLS enabled and has port-channel interfaces in the MPLS core to devices other than Cisco Nexus 7000 Series devices.
Workaround: None.
•
Symptom: When the MPLS traffic engineering feature is enabled in more than 6 VDCs, the mpls_te process fails, which causes a supervisor switchover and reload.
Conditions: This symptom might be seen in a single supervisor setup with a Supervisor 2 module.
Workaround: None.
•
Symptom: Some FEX vPC+s do not come up after a switch reload in a scale setup.
Conditions: This symptom might be seen in a scale setup with approximately1000 VLANs when a switch reload is performed with a saved configuration and the configuration has port channels in access mode (but not in trunk mode). As a result, some of the VLANs might fail to come up on set of interfaces.
Workaround: Flap the port channel. In addition, configure port channels in trunk mode.
•
Symptom: When there are two switches (switch 1 and switch 2) connected back-to-back and FabricPath is enabled, PONG works correctly when using the destination switch ID. However, PONG fails if PONG messages are sent from switch 1 to switch 2 using a static MAC address as the source and destination. PONG works correctly if PONG messages are sent from switch 2 to switch 1 using a static MAC address.
Conditions: This symptom might be seen only on an F1 Series module with FabricPath enabled. It occurs only when a static MAC address is used and the PONG message is sent from switch1 to switch 2.
Workaround: Send the PONG message first from switch 2 to switch 1 and then send the PONG message from switch 1 to switch 2.
•
Symptom: A vPC peer link failure causes traffic to silently drop.
Conditions: This symptom might be seen when a failure of the vPC peer link leads to an xTR not having any connectivity to the site, yet the xTR continues to be reachable in the core. ITRs will continue to encapsulate traffic to the isolated ETR and this traffic will be dropped.
Workaround Scripts can be written to track the state of the peer link and remove the RLOC address from the routing process so that traffic is no longer sent to the isolated ETR.
•
Symptom: When a F2 Series module is removed and reinserted on a Cisco Nexus 7000 Series device that is running Cisco NX-OS 6.1(1) and has a Supervisor 1 module, for 5 to 20 seconds the HSRP virtual MAC of the local SVI is programmed with an unknown LTL index of 0x0ffff, which could cause a brief packet loss.
Conditions: This symptom might be seen when the F2 Series module has FabricPath and vPC+ configured on it.
Workaround: None.
•
Symptom: The status management bus (SMB) gold test fails 20 times and stops running after writing a syslog message. After fixing the fan and replacing it, the SMB gold test does not restart on it own, and it needs to be started manually.
Conditions: This symptom might be seen when the fan fails in a Cisco Nexus 7004 switch.
Workaround: After fixing and replacing the fan, enter the diagnostic monitor module supervisor test SystemMgmtBus command to restart the gold monitor test for the fan.
•
Symptom: A vPC peer switch in a hybrid topology blocks the non-vPC MST instances in the non- vPC trunk link between the vPC peers.
Conditions: This symptom might be seen when there are two port channels between a Cisco Nexus 7000 Series device. One is a vPC peer link that allows only the vPC VLANs and the second port channel allows only non-vPC VLANs.
Workaround: None.
•
Symptom: All virtual Fibre Channel interfaces (VFCs) go down at the same time due to missing FIP keepalive messages.
Conditions: This symptom might be seen when a FIP keepalive message is sent but not processed.
Workaround: Change the FIP keepalive period to 60 seconds, as shown in the following example:
switch(config)# fcoe fka-adv-period 60•
Symptom: A port on a 6-port 40-Gigabit Ethernet M2 Series I/O module XL (N7K-M206FQ-23L) comes up in a port channel with the speed configured at 100,000.
Conditions: This symptom might be seen in a port channel that has the speed configured at 100,000 and that has one port with a 2-port 100-Gigabit Ethernet M2 Series I/O module XL (N7K-M202CF-22L) inserted and another one with a 6-port 40-Gigabit Ethernet M2 Series I/O module XL (N7K-M206FQ-23L) inserted. The port with N7K-M206FQ-23L inserted comes up and the port with the N7K-M202CF-22L inserted stays down.
Workaround: Do not bundle ports on the 2-port 100-Gigabit Ethernet M2 Series I/O module XL (N7K-M202CF-22L) with different types of transceivers in the same port channel.
•
Symptom: On two Cisco Nexus 7000 Series devices in a vPC with two FEXs in a FEX Straight-Through topology, a vPC host or server that connects to two FEXs might lose its MAC address entry on one of the switches. The output from the show mac address-table address command shows the correct entry on one switch, but it will be missing on the other.
Conditions: This symptom might be seen in a topology setup as described, and the affected host has to be in a vPC toward two separate FEXs.
Workaround: Clear the affected MAC entry on the device with the correct entry. This action clears the issue for some time.
•
Symptom: DHCP packets are dropped on a Cisco Nexus 7000 Series device with DHCP snooping enabled when clients and servers are connected on an F2 Series module, a FEX vPC+ is enabled, or an enhanced vPC+ setup.
Conditions: This symptom might be seen when the following conditions exist:
–
–
Workaround: None.
•
Symptom: Following a system switchover, copying to bootflash on the supervisor module does not work.
Conditions: This symptom might be seen under normal operating conditions for a Cisco Nexus 7000 Series device.
Workaround: None.
•
Symptom: A packet loss might exceed 4 seconds.
Conditions: This symptom might be seen when a port channel is split between two M2 Series modules and one of the modules is reloaded or powered off.
Workaround: None.
•
Symptom: The ipqosmgr process crashes if any F Series modules reload after you enter the clear qos policies 8e-4q4q command.
Conditions: This symptom might be seen when you enter the clear qos policies 8e-4q4q command and create user-defined 8e-4q4q network-qos policy maps without using the qos copy command. The user-defined 8e-4q4q network-qos policy maps might have been created before or after you entered the clear qos policies 8e-4q4q command.
Workaround: Clear all user-defined 8e-4q4q network-qos policy maps before entering the clear qos policies 8e-4q4q command. After you enter the clear qos policies 8e-4q4q command, do not create or attach user-defined 8e-4q4q network-qos policy maps to the system QoS.
•
Symptom: Supervisor-bound traffic from multiple F2e Series module forwarding engines can be dropped.
Conditions: A heavy load of supervisor-bound traffic and cumulative traffic from multiple F2e forwarding engines destined to the supervisor can contribute to drops.
Workaround: Protocol configuration and topology changes might improve or eliminate the condition. For example, tune CoPP policies to drop noncontrol-plane supervisor-bound traffic more aggressively to prevent drops.
•
Symptom: IPv6 pings do not work on a Cisco Nexus 7000 Series device with F2 Series modules that is running Cisco NX-OS Release 6.0(2).
Conditions: This symptom might be seen when optimized multicast flooding is configured on a few VLANs. The problem starts after the forced deletion of a neighbor.
Workaround: Initiate a IPv6 ping towards the Cisco Nexus 7000 Series device.
•
Symptom: On a Cisco Nexus 7000 Series device, deleting the route in the prefix list that is called in the import map for VRF also deletes the route on another VRF.
Conditions: This symptom might be seen in a topology with two routers configured for VRF.
Workaround: None.
•
Symptom: A hardware failure on the supervisor module did not trigger a switchover.
Conditions: This symptom might be seen when the supervisor experiences a hardware issue, and there might be multiple symptoms such as traffic silently disappearing or a failure of routing protocols.
Workaround: Enter the system switchover command to manually switch over to the standby supervisor.
•
Symptom: The standby supervisor remains in the power-up state after a switchover.
Conditions: This symptom might be seen under the following conditions:
–
–
–
Workaround: None.
•
Symptom: Reloading a Cisco Nexus 7000 Series device that is the HSRP active caused the private-VLAN host communication to stop. Even after the Cisco Nexus 7000 Series device comes back online, the communication does not begin.
Conditions: This symptom might be seen when two Cisco Nexus 7000 Series devices are in a vPC and other connected devices are also in the vPC. One of the Cisco Nexus 7000 Series devices is the root of STP and HSRP active.
Workaround: Enter the ip redirect command on the SVI interface of the second Cisco Nexus 7000 Series device that became the current HSRP active.
•
Symptom: Proxy-arp may respond to an ARP request from a source network that differs from the receiving interface network.
Conditions: This symptom might be seen when the proxy-arp feature is enabled on an interface, and an ARP request arrives with a different IP source network. A /32 route is installed for this network on the interface and that creates a routing issue.
Workaround: Configure a /32 static route for the hosts to outweigh the AD of 250 that the Adjacency Manager uses on its /32 routes.
•
Symptom: The adjacency manager (AM) and the Layer 2 feature manager (L2FM) become overloaded due to Generic Attribute Registration Protocol (GARP) storm messages.
Conditions: This symptom might be seen when there are continuous host movements that cause MAC address changes and GARP storms.
Workaround: None.
•
Symptom: A port does not forward FabricPath traffic as expected if the switchport trunk allowed vlan none command is configured on the interface.
Conditions: This symptom might be seen when a port is configured for FabricPath and the switchport trunk allowed vlan none command is also present in the configuration.
Workaround: Remove the switchport trunk allowed vlan none command from the configuration.
•
Symptom: Enhanced Interior Gateway Routing Protocol (EIGRP) neighbor flapping occurs due to EIGRP stuck-in-active.
Conditions: This symptom might be seen in a topology of three triangles that share the same link between Cisco Nexus 7000 Series devices that are running Cisco NS-OS Release 6.1(2).
Workaround: Limit the range of EIGRP queries through manual summarization, autonomous system borders, or distribution lists.
•
Symptom: Unfair load balancing occurs with M2 Series modules under certain conditions.
Conditions: This symptom might be seen if the m1xl module type has not been enabled.
Workaround: Enable the m1xl module type with the system module-type command and reenable the hash module scheme as follows:
1.
2.
3.
•
Symptom: If a port flaps during an ISSU, the port is error disabled and it stays error disabled even after the ISSU completes.
Conditions: This symptom might be seen only if a port flaps while an ISSU is in progress.
Workaround: Enter the shut command followed by the no shut command to bring up the error-disabled port.
•
Symptom: Memory that leaks is tagged as follows:
switch# show system internal aclmgr memstat details | i libaclmgr7 [r-xp]/isan/plugin/0/isan/lib/libaclmgr 82 89 4052 4500Conditions: This symptom might be seen when adding and removing object-group entries.
switch(config)# object-group ip address o1switch(config-ipaddr-ogroup)# show system internal aclmgr memstat details | i \libaclmgr7 [r-xp]/isan/plugin/0/isan/lib/libaclmgr 82 89 4052 4500switch(config-ipaddr-ogroup)# 192.168.2.4/32switch(config-ipaddr-ogroup)# show system internal aclmgr memstat details | i \libaclmgr7 [r-xp]/isan/plugin/0/isan/lib/libaclmgr 84 89 4444 4500switch(config-ipaddr-ogroup)# no 192.168.2.4/32switch(config-ipaddr-ogroup)# show system internal aclmgr memstat details | i \libaclmgr7 [r-xp]/isan/plugin/0/isan/lib/libaclmgr 86 89 4836 4836Workaround: The only workaround is to not use object groups. For example, the following configuration can change as follows:
Before:
object-group ip address o110 host 192.168.1.120 172.23.56.34/24ip access-list foo10 permit tcp addrgroup o1 any dscp af41After:
ip access-list foo10 permit tcp 192.168.1.1/32 any dscp af4120 permit tcp 172.23.56.34/24 any dscp af41•
Symptom: A non-vPC VLAN on a dedicated Layer 2 trunk across vPC peers goes into an STP blocking state when the peer switch is enabled.
Conditions: This symptom might be seen when the peer switch is enabled.
The STP priority is the same for the non-vPC VLANs as required by the peer switch recommendation.
Workaround: Use a different global root priority for the non-vPC VLAN, assuming a pseudo-configuration is not in use for the non-vPC VLAN. If a pseudo-configuration is in use, use a different root priority under the pseudo-configuration for the non-vPC VLAN.
•
Symptom: An F2 Series module fails because of the "clp_mac" process. The error message "CLM_CFG_PARITY_ERR" can be seen in the core file.
Conditions: This symptom might be seen following a port configuration register parity error.
Workaround: None.
•
Symptom: Multicast or broadcast messages such as ARP or HSRP hello, cannot be flooded through a private VLAN.
Conditions: This symptom might be seen if you execute one of the following operations:
–
–
Workaround: Reconfigure the removed secondary VLANs as a trunk again, or reconfigure the deleted secondary VLANs again.
•
Symptom: Traffic flowing to an end host fails when a member link in a fabric port channel goes down.
Conditions: This symptom might be seen only when a fabric port channel uses ports from the same ASIC.
Workaround: Bring up the down link in the fabric port channel, or enter the shut command followed by the no shut command on the fabric port channel while the link is still down.
•
Symptom: An OSPF ADJ stuck in LOADING message appears on a Cisco Nexus 7000 Series device.
Conditions: This symptom might be seen when the Cisco Nexus 7000 Series device receives a Type-10 LSA with an unsupported link type of Sub TLV.
Workaround: Stop the Type-10 LSA with the unsupported Sub TLV in the OSPF domain.
•
Symptom: A next-hop filter is set to block BGP using the default route as the next hop, but when the specific route is gone, 0/0 is used as the next hop after the second hop, which causes traffic to silently disappear.
Conditions: This symptom might be seen on a Cisco Nexus 7000 Series device that is running Cisco NX-OS Release 6.1(4).
Workaround: None.
Resolved Caveats—Cisco NX-OS Release 6.1(4)
•
Symptom: FCS/CRC exceptions should be logged in log file. Currently they are displayed in the exception log.
Workaround: This issue is resolved.
•
Symptom: When BGP aggregation is configured, after all individual routes withdraw, it takes 10 to 20 seconds for Cisco NX-OS software to withdraw the aggregation routes, which causes a long convergence time.
Conditions: This symptom might be seen because of the fixed 20-second periodic cleanup processing time.
Workaround: This enhancement request to accelerate the cleanup process to improve the convergence time is resolved.
•
Symptom: Unicast traffic silently disappears when one of the switches in the aggregation layer is brought up after a reload.
Conditions: This symptom might be seen under the following conditions:
–
–
–
Workaround: This issue is resolved.
•
Symptom: A BGP neighbor password gets enforced or disabled only after a BGP process restart.
Conditions: This symptom might be seen when you assign a BGP neighbor password to an established connection and do a reset with the clear ip bgp * command. The password is not enforced.
Workaround: This issue is resolved.
•
Symptom: A BGP path is multipath-enabled even though it has a higher or lower IGP metric than the current best path.
Conditions: This symptom might be seen when double recursion is used. For example, the prefix points to a next hop that is also learned through BGP, which requires another recursive lookup to resolve the outgoing interface.
Workaround: This issue is resolved.
•
Symptom: The following message might appear on a Cisco Nexus 7000 Series device with F2 Series modules:
2012 Nov 30 16:38:31 switch %IPFIB-SLOT3-4-CLP_FIB_TCAM_PF_INSERT_FAIL: FIB TCAM prefix insertion failed for IPV6 unicast on instance 42012 Nov 30 16:38:31 switch %IPFIB-SLOT2-4-CLP_FIB_TCAM_PF_INSERT_FAIL: FIB TCAM prefix insertion failed for IPV6 unicast on instance 52012 Nov 30 16:38:31 switch %IPFIB-SLOT3-4-CLP_FIB_TCAM_PF_INSERT_FAIL: FIB TCAM prefix insertion failed for IPV6 unicast on instance 52012 Nov 30 16:38:31 switch %IPFIB-SLOT2-4-CLP_FIB_TCAM_PF_INSERT_FAIL: FIB TCAM prefix insertion failed for IPV6 unicast on instance 72012 Nov 30 16:38:31 switch %IPFIB-SLOT3-4-CLP_FIB_TCAM_PF_INSERT_FAIL: FIB TCAM prefix insertion failed for IPV6 unicast on instance 72012 Nov 30 16:38:31 switch %IPFIB-SLOT2-4-CLP_FIB_TCAM_PF_INSERT_FAIL: FIB TCAM prefix insertion failed for IPV6 unicast on instance 82012 Nov 30 16:38:31 switch %IPFIB-SLOT2-4-CLP_FIB_TCAM_PF_INSERT_FAIL: FIB TCAM prefix insertion failed for IPV6 unicast on instance 102012 Nov 30 16:38:31 switch %IPFIB-SLOT3-4-CLP_FIB_TCAM_PF_INSERT_FAIL: FIB TCAM prefix insertion failed for IPV6 unicast on instance 82012 Nov 30 16:38:31 switch %IPFIB-SLOT2-4-CLP_FIB_TCAM_PF_INSERT_FAIL: FIB TCAM prefix insertion failed for IPV6 unicast on instance 112012 Nov 30 16:38:31 switch %IPFIB-SLOT3-4-CLP_FIB_TCAM_PF_INSERT_FAIL: FIB TCAM prefix insertion failed for IPV6 unicast on instance 10After this log appears, it is possible that the FIB TCAM might freeze, and no new prefixes can be inserted.
Conditions: This symptom might be seen when the FIB capacity is near the upper advertised limit of the F2 Series module, even if only for a brief period of time
Workaround: This issue is resolved.
•
Symptom: Cisco NX-OS software resets a line card due to an error in handling a parity interrupt.
Conditions: This symptom might be seen when all of the following errors appear:
–
SYSMGR-SLOT8-2-SERVICE_CRASHED: Service "lamira_usd" (PID 1944) hasn't caught signal 6 (core will be saved)–
----------------------------Module: 2----------------------------Exception Log Record : Mon Mar 4 11:25:32 2013 (602696 us)Device Id : 81Device Name : LamiraDevice Error Code : c5101210(H)Device Error Type : ERR_TYPE_HWDevice Error Name : NULLDevice Instance : 1 <----- this should be 1Sys Error : Generic failureErrtype : INFORMATIONALPhyPortLayer : EthernetPort(s) Affected :Error Description : LM_INT_CL1_TCAM_B_PARITY_ERR <---------!DSAP : 211UUID : 382Time : Mon Mar 4 11:25:32 2013(602696 usecs 513484AC(H) jiffies)Or the command shows this output:
----------------------------Module: 2----------------------------Exception Log Record : Mon Mar 4 11:25:32 2013 (602696 us)Device Id : 81Device Name : LamiraDevice Error Code : c5101210(H)Device Error Type : ERR_TYPE_HWDevice Error Name : NULLDevice Instance : 1 <---------- this should be '1'Sys Error : Generic failureErrtype : INFORMATIONALPhyPortLayer : EthernetPort(s) Affected :Error Description :LM_INT_L3_TCAM_PARITY <---------!DSAP : 211UUID : 382Time : Mon Mar 4 11:25:32 2013(602696 usecs 513484AC(H) jiffies)–
ACLQOS: STAT Register Scan - No Correctable Error FoundIPFIB: STAT Register Scan - No Correctable Error FoundWorkaround: This issue is resolved.
•
Symptom: All I/O modules fail to synchronize to a single fabric module, which causes the modules to reset instead of the fabric module being powered down.
Conditions: This symptom might be seen under normal operating conditions for a Cisco Nexus 7000 Series device.
Workaround: This issue is resolved.
•
Symptom: Intermittent MAC address flaps occur, but there is no impact to production.
Conditions: This symptom might be seen following an upgrade to Cisco NX-OS Release 6.1(2) and is triggered by DHCP offer packets.
Workaround: This issue is resolved.
•
Symptom: When you enter any of the following commands, the IFTMC process on an F2 Series module goes into an infinite loop.
–
–
–
–
You can verify the problem by entering the following commands:
switch#attach module x
switch#show process | grep IFTMCAn R state in the output indicates the existence of the problem.
Conditions: This symptom might be seen when any port flap causes a timeout.
Workaround: This issue is resolved.
•
Symptom: An SNMP response can be slow on a Cisco Nexus 7000 Series device, but it is especially slow for ciscoCBQosMIB.
Conditions: This symptom might be seen with the CISCO-CLASS-BASED-QOS-MIB.
Workaround: This issue is resolved.
•
Symptom: The BGP process fails because of constant "Socket (43/-1) accept: Bad file descriptor" errors.
BGP-3-SOCKCREATE bgp-6000 [4524] Cannot create socket for peer 1.1.1.1.: Bad file descriptor, stats: 60029780/880562/60910228/8747920/8462770Conditions: This symptom might be seen under normal operating conditions for a Cisco Nexus 7000 Series device.
Workaround: This issue is resolved.
•
Symptom: The jumbo MTU size on a Cisco Nexus 7000 Series device cannot be changed.
Conditions: This symptom might be seen in a configuration that includes a Supervisor 2 module, an M2 Series module, and an M1 Series module. There are no F1 Series or F2 Series modules. You might see the issue when you do either of the following:
–
–
Workaround: This issue is resolved.
•
Symptom: Setting vlanTrunkPortVlansEnabled for ports that are a member of a trunk port channel does not return an error in SNMP.
Conditions: This symptom might be seen in SNMP when you set vlanTrunkPortVlansEnabled for ports that are member of a trunk port channel.
Workaround: This issue is resolved.
Resolved Caveats—Cisco NX-OS Release 6.1(3)
•
Symptom: A Cisco Nexus 7000 Series device that is running NX-OS Release 5.2(5) might fail because of the TACACS+ process.
Conditions: This symptom might be seen when TACACS+ is used for AAA.
Workaround: This issue is resolved.
•
Symptom: Counters show incorrect values for "service group clients and service group routers" in the output of the show ip wccp command.
Conditions: This symptom might be seen when the cache engine connected interface was shut and the show ip wccp command does not clear the count for the cache engine that is down.
Workaround: This issue is resolved.
•
Symptom: While configuring a jumbo MTU, the following error message appears:
%ETHPORT-2-IF_CRITICAL_FAILURE: (Debug syslog)Critical failure:qosmgr_dce_gldb_get_all_vl_params returned error: , no such pss keyConditions: This symptom might be seen under the following conditions:
–
–
–
Workaround: This issue is resolved.
•
Symptom: A Cisco Nexus 7000 Series device might report memory allocation failure errors such as the following:
%PIM-3-ATIMERS_ERROR: malloc failed in heap_create%PIM-3-ERROR: -Traceback: <traceback>Conditions: This symptom might be seen on a Cisco Nexus 7000 Series device running Cisco NX-OS Release 5.2(x) or Release 6.0(x) software, and the Cisco Nexus 7000 Series device is the PIM RP device.
Workaround: This issue is resolved.
•
Symptom: Input/CRC errors appear on the host interface on a Cisco Nexus 2232TM FEX. A RCV error appears in the output of the show interface counter error command.
Conditions: This symptom might be seen on a Cisco Nexus 2232TM Fabric Extender.
Workaround: This issue is resolved.
•
Symptom: The errdisable recovery feature does not recover port-channel member ports in a Cisco Nexus 7000 Series device.
Conditions: This symptom might be seen on a Cisco Nexus 7000 Series device running Cisco NX-OS Release 5.2(5) on a port-channel interface.
Workaround: This issue is resolved.
•
Symptom: The default-information originate configuration in the OSPF process is inconsistent with the actual OSPF behavior.
Conditions: This symptom might be seen under normal operating conditions for a Cisco Nexus 7000 Series device.
Workaround: This issue is resolved.
•
Symptom: The links and port channel on the 8-port 10-Gigabit Ethernet I/O module XL (N7K-M108X2-12L) are affected by input errors caused by short frames received on the module.
Conditions: This symptom might be seen when Cisco TrustSec (CTS), either cts manual or cts dot1x, is configured on the interface.
Workaround: This issue is resolved.
Note
•
Symptom: After an ISSU or a supervisor switchover, a Cisco Nexus 7000 Series device might send back a VTP packet on the same vPC from which it ingressed. In a Data Center Interconnect (DCI) topology, this packet return can cause a storm of VTP packets between the Cisco Nexus 7000 Series devices.
Conditions: This symptom might be seen when Cisco Nexus 7000 Series devices are configured in VTP transparent mode.
Workaround: This issue is resolved.
•
Symptom: A Cisco Nexus 7000 Series device fails when a Cisco Nexus 2000 FEX module is connected to it.
Conditions: This symptom might be seen when the switch is running Cisco NX-OS Release 5.2(5) and a community VLAN is present in the configuration.
Workaround: This issue is resolved.
•
Symptom: Configuration information is missing after a software upgrade.
Conditions: This symptom might be seen following a Cisco NX-OS software upgrade, either nondisruptive (ISSU) or disruptive.
Workaround: This issue is resolved.
•
Symptom: A CoPP service has a memory leak that relates to the drop threshold logs. When the leak occurs, the following output is observed:
switch# show system internal copp mem-stats detail | include drop_log_t58 COPP_MEM_drop_log_t 17172 17172 343440 343440The numbers keep rising every 5 minutes and also every time a show running-config command is entered, but not every time a syslog message is generated.
Conditions: This symptom might be seen on a Cisco Nexus 7000 Series device that is running Cisco NX-OS Release 5.2(3a) where the CoPP policy has been modified by adding drop threshold logs.
Workaround: This issue is resolved.
•
Symptom: A supervisor module in a Cisco Nexus 7000 Series device with dual supervisors might exhibit a error due to a inband driver link failure that can take up to 60 seconds to fail over and might cause interruption to service, disruption to the network, or links to fail. After the supervisor recovers, the following information can be seen in the onboard logs:
switch(standby)# show logging onboard module 5 internal reset-reasonModule: 5Last log in OBFL was written at time Sat Sep 22 21:50:57 2012 Reset Reason for this card:Image Version : 5.1(4)Reset Reason (LCM): Unknown (0) at time Sat Sep 22 14:50:48 2012Reset Reason (SW): Reset triggered due to Hardware Error (21) at time Sat Sep 22 14:44:56 2012Service (Additional Info): InbandFPGA SGMII RX link downReset Reason (HW): Watchdog Timeout (2) at time Sat Sep 22 14:50:48 2012
Conditions: This symptom might be seen when the interrupt handler is not correctly resetting the supervisor after the fatal error is detected.
Workaround: This issue is resolved.
•
Symptom: A storm-control violation system does not generate log messages:
%ETHPORT-5-STORM_CONTROL_ABOVE_THRESHOLD%ETHPORT-5-STORM_CONTROL_BELOW_THRESHOLDConditions: This symptom might be seen when storm-control occurs on a Cisco Nexus 48-port 1/10 Gigabit Ethernet SFP+ I/O F2 Series module (N7K-F248XP-25). Other modules do have this issue.
Workaround: This issue is resolved.
•
Symptom: A BGP keepalive packet is not generated at the configured interval once it starts retransmission.
Conditions: This symptom might be seen when the packet starts retransmission.
Workaround: This issue is resolved.
•
Symptom: During an ISSU, some modules fail to upgrade due to an SPM timeout in the UPGRADE_DONE_SEQ sequence.
Conditions: This symptom might be seen when there are a large numbers of VLANs or port channels (especially VLANs over port channels) and many line cards or FEX modules.
Workaround: This issue is resolved.
•
Symptom: On a Cisco Nexus 7000 Series device that is running Cisco NX-OS Release 6.1(2), you might see the following error messages:
%ELTM-2-INTERFACE_INTERNAL_ERROR: Internal error: port-channel2:LIF not allocated to add or delete member port , collect output of show tech-support eltm%ETHPORT-5-IF_SEQ_ERROR: Error ("invalid argument to function call") communicating with MTS_SAP_ELTM for opcode MTS_OPC_ETHPM_PORT_PRE_CFG (RID_PORT: Ethernet [your port])%ETHPORT-5-IF_DOWN_ERROR_DISABLED: Interface Ethernet[your port] is down (Error disabled. Reason:invalid argument to function call)Conditions: This symptom might be seen when you create a new port channel.
Workaround: This issue is resolved.
•
Symptom: ERSPAN packets are lost one way when traffic arrives through a vPC peer link.
Conditions: This symptom might be seen when Cisco Nexus 7000 Series devices are in a vPC and traffic that needs to be spanned should go over the peer link. In addition, the ERSPAN destination should be reachable through any vPC that is present in the switch.
Workaround: This issue is resolved.
•
Symptom: When a Cisco Nexus 7000 Series device is configured as a DHCP relay agent, the DHCP ACK packet for the DHCP inform packet is directed to IP 0.0.0.0, even though it should be directed to the client IP address.
Conditions: This symptom might be seen on a Cisco Nexus 7000 Series device that is configured as a DHCP relay agent. The switch is running Cisco NX-OS Release 6.1(1).
Workaround: This issue is resolved.
•
Symptom: A VLAN is not present in hardware on an F2 Series module.
–
–
Conditions: This symptom might be seen only on F2 Series modules following an ISSU from Cisco NX-OS Release 6.0(x) to Release 6.1(1) or Release 6.1(2).
Workaround: This issue is resolved.
•
Symptom: When several peer templates have a common peer session, and the peer session is modified, the BGP adjacencies using the peer templates will shut down and remain in this state.
Conditions: This symptom might be seen when BGP neighbors are configured with peer templates that have a common peer session. When the peer session is deleted, all BGP adjacencies that use peer templates with the common peer session go to a shutdown (Admin) state. Once a peer template is modified to remove the peer session, the BGP adjacency will remain in an idle state.
Workaround: This issue is resolved.
•
Symptom: The BGP process fails on a Cisco Nexus 7000 Series device after configuring default-originate in the peer-template.
Conditions: This symptom might be seen under normal operating conditions for a Cisco Nexus 7000 Series device.
Workaround: This issue is resolved.
•
Symptom: Cisco NX-OS software is not marking community redistributing when connected to BGP under VRF
Conditions: This symptom might be seen when BGP community or extended community is set on redistribution (direct to BGP) for VRF.
Workaround: This issue is resolved.
•
Symptom: A rollback on a Cisco FEX fabric port fails after the default interface command is entered for the interface
Conditions: This symptom might be seen when you checkpoint the configuration and enter the default interface command on the Cisco FEX fabric ports. The command does not clean up all the commands. When a rollback to the checkpoint occurs, the rollback fails as the cleanup was not complete during default interface command.
Workaround: This issue is resolved.
•
Symptom: In a mixed ASM (PIM Sparse Mode) and PIM-Bidir environment, ASM (S,G) entries fail to be created.
Conditions: This symptom might be seen when a static BiDir RP mapping is a supernet of the ASM RP configuration. If the ASM group is not a subnet of the Bidir group, this issue cannot occur.
Workaround: This issue is resolved.
•
Symptom: TACACS+ services can hang when a child process hangs.
Conditions: This symptom might be seen with TACACS+ authentication when internal DNS requests are done. The default limit for these processes is 13. If the child process hangs, then no more child processes can be created which results in TACACS+ authentication failures.
Workaround: This issue is resolved.
•
Symptom: A Cisco Nexus 7000 Series device might unexpectedly reload. The logs on the switch show several cores for the res_mgr process prior to the hap reset:
%SYSMGR-2-SERVICE_CRASHED: Service "res_mgr" (PID 4055) hasn't caught signal 11 (core will be saved).Conditions: This symptom might be seen if you have a large number of VLAN or VRF ranges and their representation in a string takes more than 512 characters.
Workaround: This issue is resolved.
•
Symptom: The MTS queue gets stuck with Netstack and syslogd processes.
Conditions: This symptom might be seen on a switch running Cisco NX-OS Release 5.2(3a).
Workaround: This issue is resolved.
•
Symptom: A Cisco Nexus 7000 Series device might fail during configuration.
Conditions: This symptom might be seen when configuring default-information originate for OSPF.
Workaround: This issue is resolved.
•
Symptom: There is a delay of 7 seconds from the time that BFD goes down and an IS-IS session ends.
Conditions: This symptom might be seen when the shutdown command is entered on the remote switch interface.
Workaround: This issue is resolved.
•
Symptom: An OSPF dead timer not maintained across a reload.
Conditions: This symptom might be seen for the following reason. The default timers for Ethernet interfaces on a Cisco Nexus 7000 Series device are hello of 10 seconds and dead-timer of 4x10 = 40 seconds. When configuring a hello timer other than 10 seconds, the dead-timer automatically adjusts to 4 times the newly configured hello timer. If a user needs to combine a nondefault hello timer with the default 40-second dead timer, this new value does not show up in the running configuration. The dead timer of 40 seconds is applied within the OSPF process. On a reload, this value is removed from the OSPF process which will prevent adjacencies from coming up.
Workaround: This issue is resolved.
•
Symptom: Traffic loss can occur when a Cisco Nexus 7000 Series device is not able to advertise IS-IS routes to its IS-IS neighbors.
Conditions: This symptom might be seen after any of the following events:
–
–
–
Workaround: This issue is resolved.
•
Symptom: The SPM process failed with 16 neighbors in a FabricPath environment.
Conditions: This symptom might be seen when 16 Cisco Nexus 5548 switches are connected to a Cisco Nexus 7000 Series device. The following messages appear after the SPM process failure:
2012 Nov 20 15:39:28 csw299cmr %$ VDC-5 %$ %SYSMGR-2-SERVICE_CRASHED: Service "spm" (PID 11473) hasn't caught signal 6 (core will be saved).2012 Nov 20 15:40:37 csw299cmr %$ VDC-5 %$ %SYSMGR-2-SERVICE_CRASHED: Service "spm" (PID 15503) hasn't caught signal 6 (core will be saved).2012 Nov 20 15:41:45 csw299cmr %$ VDC-5 %$ %SYSMGR-2-SERVICE_CRASHED: Service "spm" (PID 15692) hasn't caught signal 6 (core will be saved).Following the SPM process failure, there is a supervisor switchover and the interface configuration is removed.
Workaround: This issue is resolved.
•
Symptom: On a Cisco Nexus 7000 Series device, if an interface index is queried that is higher than the number of ports on the specific line card, there is a chance that MTS memory can be held indefinitely by SNMPD and eventually exhaust MTS resources. In a dual supervisor environment, SNMPD will core and a HAP reset will occur. In a single supervisor environment, a core should be saved and the system will fail or reboot.
Conditions: This symptom might be seen if a high-density line card is replaced in the same slot with a lower-density line card, and the management station continues to try and poll the nonexistent higher ports.
Workaround: This issue is resolved.
•
Symptom: On a Cisco Nexus 7000 Series device, if an interface index is queried that is higher than the number of ports on the specific line card, there is a chance that MTS memory can be held indefinitely by SNMPD and eventually exhaust MTS resources. In a dual supervisor environment, SNMPD will core and a HAP reset will occur. In a single supervisor environment, a core should be saved and the system will fail or reboot.
Conditions: This symptom might be seen if a high-density line card is replaced in the same slot with a lower-density line card, and the management station continues to try and poll the nonexistent higher ports.
Workaround: This issue is resolved.
•
Symptom: The ipqosmgr process might fail and cause a supervisor switchover. In a switch with a single supervisor, the switch might reload if the network QoS template is applied and the Link Layer Discovery Protocol (LLDP) service is used.
Conditions: This symptom might be seen on a switch running Cisco NX-OS Release 6.1(1) or 6.1(2) if the user template includes "match protocol iscsi" in the no-drop class and it is used in combination with the LLDP service and at least one of the interface is up, which activates the LLDP service.
Workaround: This issue is resolved.
•
Symptom: IEEE 802.3 frames (like LLC2 /SNA) are dropped by the end host because of out-of-order delivery.
Conditions: This symptom might be seen when the IEEE 802.3 traffic is received on an F2 or F2e Series module (N7K-F248XP-25 and N7K-F248XP-25E respectively) and must be transmitted to an egress interface that is a port channel.
IEEE 802.3 frames (that are still used by some legacy software applications) differ from Ethernet II frames in the meaning of the Ethertype field, which for an IEEE 802.3 frame is interpreted as the frame's length. IEEE 802.3 frames with different lengths are hashed into different member links in a port channel, which might occasionally result in packets reaching the destination out of order.
Further Problem Description: When LLC2 /SNA packets arrive out of order, frame rejects (FRMR), disconnects (DISC), and the loss of the session can result.
Workaround: This issue is resolved by adding a vlan-only option to the load-balancing command.
•
Symptom: An Intra-Area summary route is not readvertised if a summary route exists.
Conditions: This symptom might be seen for the following reason. A Cisco Nexus 7000 Series device has an OSPF Intra-Area for prefix X/24 and receives an Inter-Area prefix for X/16. When the switch loses the Intra-Area for subnet X/24, it returns to service, but it does not send an LSA update for the X/24 prefix. As a result, the rest of the network never reinstalls the X/24 prefix.
Workaround: This issue is resolved.
•
Symptom: On a Cisco Nexus 7000 Series device, MPLS assigns the same label for multiple prefixes (IPv4 and IPv6).
Conditions: This symptom might be seen on a Cisco Nexus 7000 Series device with multiple MPLS virtual routing and forwarding (VRF) instances.
Workaround: This issue is resolved.
•
Symptom: A FEX interface continues to send and receive traffic even when it is suspended by LACP.
Conditions: This symptom might be seen when a FEX is connected to a Cisco Nexus 7000 Series device on an F2 Series module.
Workaround: This issue is resolved.
•
Symptom: A Cisco Nexus 7000 Series device that has two F2 Series modules will delete the MAC address of the end hosts or servers that it is learning from its Cisco Nexus 7000 Series peer switch.
Conditions: The Cisco Nexus 7000 Series peer switch should learn the MAC address through an orphan port.
Workaround: This issue is resolved.
•
Symptom: AAA accounting does not send a stop record and the external AAA server does not reflect a stop record when a TELNET or SSH session times out due to inactivity. If the session is manually closed by the user, the stop record is correctly displayed.
Conditions: This symptom might be seen when the Cisco Nexus 7000 Series device is configured for AAA accounting.
Workaround: This issue is resolved.
Resolved Caveats—Cisco NX-OS Release 6.1(2)
•
Symptom: Unicast MAC addresses are learned in FabricPath core switches during a broadcast ARP on a setup with an F2 Series module.
Conditions: This symptom might be seen on an F2 Series module when unicast MAC addresses are learned from a broadcast ARP that results in MAC addresses being learned suboptimally in the MAC address table. Further unicast re-ARP messages should take care of MAC addresses being removed on FabricPath core switches. This issue only occurs in switches with F2 Series modules.
Workaround: This issue is resolved.
•
Symptom: A long VLAN name and VTP server mode can coexist.
Conditions: This symptom might be seen when you copy a backup vlan.dat file and then enter the copy running-config startup-config command and do a restart.
Workaround: This issue is resolved.
•
Symptom: An snmp walk starting at OID tcp.16 fails.
Conditions: This symptom might be seen under normal operating conditions for a Cisco Nexus 7000 Series device.
Workaround: This issue is resolved.
•
Symptom: In a vPC+ setup, if the switch ID on one of the peer switches is changed, the adjacency of the other peer points to null instead of a valid GPC.
Conditions: This symptom might be seen because of a race condition that occurs when the Layer 2 process sends a GPC update (about the changed switch ID) over the peer before getting a GPC up message.
Workaround: This issue is resolved.
•
Symptom: A BGP process fails due to constant BGP socket open and close state changes.
Conditions: This symptom might be seen if there are several idle peers over a period of time due to excessive churn of the Netstack client for BGP sockets. Newly provisioned BGP sessions fail to come up and display the following error:
BGP-3-SOCKCREATE: bgp-XXXX [24958] Cannot create socket for peer X.X.X.X: Bad file descriptor, stats: 28391553/496156/28887500/14303942/14143771Workaround: This issue is resolved.
•
Symptom: When the copy startup-config running-config command completes, some of the configurations, including the fex associate configuration do not get applied to the running configuration. As a result, FEX modules do not come online.
Conditions: This symptom might be seen in the following scenario:
–
–
–
–
–
Workaround: This issue is resolved.
•
Symptom: An EPLD upgrade on the 32-port 10-Gigabit Ethernet SFP+ I/O module XL (N7K-M132XP-12L) might fail when the module has the forwarding engine with the part number 73-12326-06. In a parallel EPLD upgrade, the EPLD upgrade on other modules is not affected; however, in a serial EPLD upgrade, other modules are affected as a result of this failure.
Conditions: This symptom might be seen on the 32-port 10-Gigabit Ethernet SFP+ I/O module XL (N7K-M132XP-12L) with the forwarding engine that has the part number 73-12326-06.
Workaround: This issue is resolved.
•
Symptom: The MFDM process on a FEX fails and restarts. In addition, a destination virtual interface (DVIF) that does not belong to any FEX interface might not be cleaned up properly.
Conditions: This symptom might be seen if the number of DVIFs exceeds the resource limit.
Workaround: This issue is resolved.
•
Symptom: A memory leak occurs whenever a port is error-disabled and flapped.
Conditions: This symptom might be seen when a port goes into error-disabled mode and is recovered by flapping.
Workaround: This issue is resolved.
•
Symptom: During a VDC reload, the mcastfwd process might fail.
Conditions: This symptom might be seen when a VDC reloads.
Workaround: This issue is resolved.
•
Symptom: FCoE traffic might be disrupted after an I/O module reloads. This disruption is caused by zone or IVR entries not being programmed on the Ethernet member ports that are in the up state on the recently reloaded modules.
Conditions: The symptom might be seen when the following steps are executed on the zone server:
1.
2.
3.
4.
5.
6.
The same conditions can trigger IVR rewrite information to disappear from the E/F ports depending on the configuration, which can cause possible FCoE traffic disruption with IVR.
Workaround: This issue is resolved.
•
Symptom: After configuring the fabricpath multicast load-balance command in a vPC+ setup, ingress multicast packets on M1 Series and M2 Series modules and egress packets on F1 Series modules can be silently dropped.
Conditions: This symptom might be seen after the fabricpath multicast load-balance command is applied.
Workaround: This issue is resolved.
•
Symptom: The ACLQoS process fails during ISSU or switchover on a switch that is running Cisco NX-OS Release 6.1(x).
Conditions: This symptom might be seen when the ACLQoS process continuously does polling of ACL statistics to avoid wraparound of 32-bit statistics counters. As soon as an ISSU or switchover is triggered, the polling is supposed to stop, but the ACLQoS process is stopping later. If the ACLQoS process still tries to read statistics, the software failure can occur.
Workaround: This issue is resolved.
•
Symptom: Ingress traffic to FabricPath core ports and the peer link silently disappear.
Conditions: This symptom might be seen in a setup with M1 Series modules and F1 Series modules following a reboot on one of the vPC pair.
Workaround; This issue is resolved.
•
Symptom: An Embedded Event Manager (EEM) policy that is configured based on an SNMP OID is not triggered. This behavior can be checked with the show event manager history events command.
Conditions: This symptom might be seen after an ISSU to Cisco NX-OS Release 6.1(1) from an earlier release where SNMP OID-based EEM applets are configured. The issue can also occur rarely with a newly configured SNMP-based EEM applet in Cisco NX-OS Release 6.1(1).
Workaround: This issue is resolved.
•
Symptom: When an ISSU to Cisco NX-OS Release 6.1(2) is performed from any earlier release on F2 Series modules, the VLAN number is not programmed because the VLAN number was never programmed in the hardware in releases earlier than Cisco NX-OS Release 6.1(2).
Conditions: This symptom might be seen when a MAC address access list is configured and an ISSU to Cisco NX-OS Release 6.1(2) occurs.
Workaround: This issue is resolved.
•
Symptom: A Cisco Nexus 7000 Series device does not redirect traffic if a new VLAN is added to a WCCP policy on an XL module.
Conditions: This symptom might be seen when new ports, VLANs, or a port channel are added to the existing running WCCP policy on an interface. New VLANs or ports do not have the WCCP policy applied for new members that were added.
Workaround: This issue is resolved.
•
Symptom: An incorrect Layer 3 forwarding entry exists when using PVLANs on F2 Series modules.
Conditions: This symptom might be seen when a primary VLAN has a SVI and both the primary VLAN and the secondary VLAN are the allowed VLAN in a port channel. The SVI egress LIF is incorrectly programmed with the secondary VLAN. As a result, routed packets are tagged with the secondary VLAN instead of the primary VLAN.
Workaround: This issue is resolved.
•
Symptom: When the show lldp entry command is entered, the following inconsistencies are seen:
–
–
Conditions: This symptom might be seen when some or all of the following conditions exist:
–
–
–
Workaround: This issue is resolved.
•
Symptom: MAC address move messages appear for FEX vPC+ legs on the vPC secondary device.
Conditions: This symptom might be seen in a vPC+ setup with two F2 Series VDCs. This setup has both non-FEX and FEX vPCs. When all the vPC legs are up, the no port-channel limit command is entered on both peers.
Workaround: This issue is resolved.
Resolved Caveats—Cisco NX-OS Release 6.1(1)
•
Symptom: After a supervisor failover on a Cisco Nexus 7000 Series device, the switch fails to recognize power supply 4. The show environment power command does not show the module 4 power supply, but does show an actual output value:
switch# sh environment powerPower Supply:Voltage: 50 VoltsPower Actual TotalSupply Model Output Capacity Status(Watts ) (Watts )------- ------------------- ----------- ----------- --------------1 N7K-AC-7.5KW-US 853 W 7500 W Ok2 N7K-AC-7.5KW-US 835 W 7500 W Ok3 N7K-AC-7.5KW-US 860 W 7500 W Ok4 840 W 0 W OkConditions: This symptom might be seen following a supervisor switchover.
Workaround: This issue is resolved.
•
Symptom: On a Cisco Nexus 7000 Series device running vPC, the HSRP gateway MAC address might be removed from the peer link after a peer-link flap.
Conditions: The issue might be seen during the recovery phase of the vPC peer link and can be triggered by a loop condition that results in excessive traffic on the peer link. Under rare conditions, if the HSRP hellos are looped, it can result in the HSRP MAC address getting installed on the wrong port and remaining there after the loop is broken and the peer link is restored.
Workaround: This issue is resolved.
•
Symptom: The internal queue overflowed after the copy running-config startup-config command was entered. A syslog can be seen in the output of the show logging command on the supervisor module.
%KERN-2-SYSTEM_MSG: Utaker overflowed. Size -40/5242880 - kernelConditions: This symptom might be seen when a large number of processes exit or fail.
Workaround: This issue is resolved.
•
Symptom: Policies such as ACL, QoS, and PBR for FEX interfaces are not cleaned from connecting modules when the FEX fabric ports are moved to another VDC. If those ports are moved back later to the same VDC and configured as a fabric port, or some other ports in same module are configured to be fabric ports, the FEX module might not come online (using those ports), or the relevant policies might not be enforced.
Conditions: This symptom might be seen when FEX fabric ports are moved to any other VDC.
Workaround: This issue is resolved.
•
Symptom: A Cisco Fabric Services (CFS) sessionless commit can cause TACACS to fail.
Conditions: This symptom might be seen on a Cisco Nexus 7000 Series device that is running Cisco NX-OS Release 5.1(4) or an earlier release, if TACACS or RADIUS CFS is enabled and a CFS sessionless commit occurs.
Workaround: This issue is resolved.
•
Symptom: VSH failed when collecting the output of the show tech command.
Conditions: This symptom might be seen when OBFL logging for stats is enabled in Cisco NX-OS Release 4.2(8) and Release 5.2(x) releases. An ISSU or ISSD to an image without OBFL logging enabled can cause OBFL to display a CLI to query the driver with an out-of-range, undefined counter ID, which can cause VSH to fail.
Workaround: This issue is resolved.
•
Symptom: The copy running-config startup-config command is supposed to display an error if a VDC global configuration change is pending.
Conditions: This symptom might be seen under normal operating conditions for a Cisco Nexus 7000 Series device.
Workaround: This issue is resolved.
•
Symptom: Memory usage of the system manager goes up by approximately 100 KB upon a VDC reload.
Conditions: The symptom is not seen with every VDC reload and the triggers for it are unknown.
Workaround: This issue is resolved.
•
Symptom: The SNMPD process dumps core if you set the managementDomainName with a zero-length string in the CISCO-VTP-MIB.
Conditions: This symptom might be seen because the value in the SNMP SET operation is set to a zero-length string.
Workaround: This issue is resolved.
•
Symptom: Configuring a Cisco IOS device connected to a Cisco Nexus 7000 Series device using unsupported ISL encapsulation causes the ISL frames to flood to a VLAN.
Conditions: This symptom might be seen when this misconfiguration occurs.
Workaround: This issue is resolved.
•
Symptom: The PPM process fails on command updates or other port-profile operations.
Conditions: This symptom might be seen when there is a startup configuration of port profiles where the interfaces have some override commands in the database.
Workaround: This issue is resolved.
•
Symptom: Memory leaks occur when port-security dynamic MAC addresses are aged out and then relearned.
Conditions: This symptom might be seen only for port-security dynamic MAC addresses. (It is not seen with static and sticky MAC addresses.) There are two types of aging: absolute and inactive. For the absolute timer, the MAC addresses are aged out after the specified number of minutes (aging time). For the inactivity timer, the MAC addresses are aged out if they are inactive for the specified aging time. If there is still traffic after the MAC addresses are aged out, then they are relearned. In this case, memory leaks occur.
Workaround: This issue is resolved.
•
Symptom: The output of the show fex transceiver command or the show interface ethernet transceiver fex-fabric command has incorrect information. It shows an SFP is present but not supported.
Conditions: This symptom might be seen in Cisco NX-OS Release 5.2(3a) and Release 6.0(1).
Workaround: This issue is resolved.
•
Symptom: An OSPFv3 instance has some interfaces that remain in the down state after the copy file running-configuration command is executed.
Conditions: This symptom might be seen when there are no IPv4 addresses configured on the switch. As a result, OSPFv3 cannot choose a router ID from the system.
Workaround: This issue is resolved.
•
Symptom: All channels are in the suspended state after a reload and the vPC delay restore expired.
Conditions: This symptom might be seen when there is fast continuous flapping of some interfaces and only after a reload of the vPC or the vPC is configured for the first time.
Workaround: This issue is resolved.
•
Symptom: If Unicast Reverse Path Forwarding (uPRF) is enabled on a Layer 3 interface and the mode of the port is changed to switchport and then changed back to Layer 3 interface, then the uRPF configuration is still present on the interface. On configuring Layer 3 again on the port, there is no uRPF configuration on the port and no configuration should be there also in the hardware.
Condition: This symptom might be seen when the stale configuration is present in the hardware only when the transition of the ports is as described in the Symptom.
Workaround: This issue is resolved.
•
Symptom: VRRP is stuck in INIT state. VMAC is not allocated.
Conditions: This symptom might be seen after a switch reload.
Workaround: This issue is resolved.
•
Symptom: If medium p2p is configured on a Layer 3 port channel, you cannot enter into configuration mode for individual interfaces in the port channel. As a result, you cannot apply interface descriptions, shut down interfaces, or remove interfaces from the bundle.
Conditions: This symptom might be seen for an interface that is part of a port channel that is configured with medium p2p.
Workaround: This issue is resolved.
•
Symptom: When a peer link is brought up, VLANs 2047 to 4094 are suspended because they are not allowed in the vPC peer, even though those VLANs are allowed and correctly configured on the vPC peer device. As a result, 6- to10-second packet drops can occur in VLANs 2047 to 4094.
Conditions: This symptom might be seen if there are more than 2049 VLANs created and allowed on the vPC peer link. It is not necessary to have those VLANs in one range or started from number one. This symptom can occur when the total count of VLANs is more than 2049.
Workaround: This issue is resolved.
•
Symptom: When an F2 Series module port is configured to operate at 1-G port rate, changing the CoS to queue mapping on an oversubscribed port might cause the ports to go to a hardware failure state.
Conditions: This symptom might be seen when the CoS to queue mapping on an oversubscribed port with both credited (known unicast traffic) and uncredited traffic (multicast, broadcast, or unknown unicast traffic) is changed. The result can be a fatal exception and ports are marked as a hardware failure.
Workaround: This issue is resolved.
•
Symptom: When polling at a sustained rate on a Cisco Nexus 7000 Series device, certain objects from the BRIDGE-MIB might cause a relatively high CPU usage for SNMPD for some time after polling and might cause new requests to time out. On releases earlier than Cisco NX-OS Release 5.2, this polling might cause internal messages for interprocess communications to be queued and might affect other services.
Conditions: This symptom might be seen when there is a large amount of SNMP access to the device against the BRIDGE-MIB.
Workaround: This issue is resolved.
•
Symptom: OSPF does not automatically recalculate redistributed routes for database selection when route changes occur manually (such as removing static routes), or when routes are removed on neighboring devices into dynamic routing protocols (such as EIGRP). As a result, an outage could occur due to lack of a route.
Conditions: This symptom might be seen when identical routes exist.
OSPF requires unique link state IDs when inserting routes into the OSPF database. When OSPF chooses between two routes with different masks (such as 192.168.1.0/24 and 192.168.1.0/32) with identical link state IDs (that is,192.168.1.0) before inserting the routes into the database with identical parameters (such as Advertising Router), the Cisco NX-OS software selects the route with the longest match (/32). In this scenario when the /32 route is removed, OSPF will not automatically recalculate the routes and insert the /24 into the OSPF database and advertise it to neighboring routers.
Workaround: This issue is resolved.
•
Symptom: There are insufficient TCAM entries in a bank.
Conditions: This symptom might be seen only when bank chaining is enabled. When very large policies that belong to multiple classes (such as IPv4, IPv6, and so on) are applied on the same interface, they fill up the entire TCAM part of a single session, which exposes this issue.
Workaround: This issue is resolved.
•
Symptom: A vPC fails and comes back up.
Conditions: This symptom might be seen in a rare race condition when a role priority is changed and the peer link is flapped. There is no functional impact, however, because the running configuration is restored and traffic flow continues as expected.
Workaround: This issue is resolved.
•
Symptom: A Cisco Nexus 7000 Series device that is running NX-OS Release 4.2(6) with an access-list deny setting with the log option might report the egress interface in the log entry instead of the ingress interface.
Conditions: This symptom might be seen under normal operating conditions for a Cisco Nexus 7000 Series device.
Workaround: This issue is resolved.
•
Symptom: After a supervisor switchover, OSPF neighbors are down on the Cisco Nexus 7000 Series device.
Conditions: This symptom might be seen if the OSPF neighbor uses an MD5 password with 16 characters. (The length for an unencrypted password is 16 characters.)
Workaround: This issue is resolved.
•
Symptom: The NTP process fails on a Cisco Nexus 7000 Series device that is running a release earlier than Cisco NX-OS Release 5.2(5).
Conditions: This symptom occurs very rarely. It is a memory corruption issue that occurs when there is a change in the system clock.
Workaround: This issue is resolved.
•
Symptom: The Telnet server might stop accepting connections.
Conditions: This symptom might be seen if scripts are run on a regular basis that connect to the Cisco Nexus 7000 Series device using Telnet.
Workaround: This issue is resolved.
•
Symptom: The LDP process may fail on a device running NX-OS.
Conditions: This symptom might be seen when the MPLS feature is enabled, and hold time is configured in the MPLS LDP configuration.
Workaround: This issue is resolved.
•
Symptom: All control packets are not being processed with one of the vPC peers. As a result, the following symptoms occur:
–
–
–
Conditions: This symptom might be seen in a vPC setup that consists of nondefault VDCs.
Workaround: This issue is resolved.
•
Symptom: The show tech detail command never completes and has to be terminated by pressing CTRL-C.
Conditions: This symptom might be seen when a VRRP configuration is present and active when the show tech detail command is entered.
Workaround: This issue is resolved.
•
Symptom: Queries are sent to the EIGRP stub router when they should not be sent.
Conditions: This symptom might be seen when a router is configured as the stub router, and the partner router is told that the router is now the stub, and should therefore not send queries for failed routes to the router. However, even with the stub configured, the EIGRP neighbor still sends the query.
–
–
Workaround: This issue is resolved.
•
Symptom: Following a failover to the standby RP, the configured bgp remote-as for some peers goes bad. (It reverts to a previous configuration.)
Conditions: This symptom might be seen when the remote-as is changed, and the neighbor ip_address remote as_remote command has children.
Workaround; This issue is resolved.
•
Symptom: Traffic sourced from the CPU out of the inband may stop forwarding if a virtual queue index (VQI) on the active supervisor is locked.
Conditions: This symptom might be seen following an upgrade from Cisco NX-OS Release 6.0(1) to Release 6.0(4) on an F2 Series module.
Workaround: This issue is resolved.
•
Symptom: Messages and Transactional Services (MTS) buffers fill up and the ETHPM process takes a long time to drain its MTS queue.
Conditions: This symptom might be seen when VLANs are created one at a time.
Workaround: This issue is resolved.
•
Symptom: On a Cisco Nexus 7000 Series device that is running NX-OS Release 5.2(3a), a FEX port might stop learning MAC addresses after port security with static secure MAC address configurations is removed.
Conditions: This symptom might be seen on a FEX managed by a Cisco Nexus 7000 Series device with port security enabled and static secure MAC addresses are configured.
Workaround: This issue is resolved.
•
Symptom: The VLAN Manager service fails due to conflicting configurations in the VTP dat file and startup configuration file.
Conditions: This symptom might be seen on a Cisco Nexus 7000 Series device running Cisco NX-OS Release 6.0(2).
Workaround: This issue is resolved.
•
Symptom: An MST boundary port that previously was in Altn BLK state moves to Desg FWD state after a supervisor switchover that results in a spanning-tree loop.
Conditions: This symptom might be seen on a Cisco Nexus 7000 Series device that is running Cisco NX-OS Release 6.0(2).
Workaround: This issue is resolved.
•
Symptom: Connected routes are incorrectly installed in a topology table.
Conditions: This symptom might be seen following this sequence of steps:
1.
2.
3.
4.
At this point, the topology table will have the connected route even though it is not in the RIB.
Workaround: This issue is resolved.
•
Symptom: The diag_port_lb service fails during an ISSU or system switchover.
Conditions: This symptom might be seen in rare situations during a switchover or ISSU.
Workaround: This issue is resolved.
•
Symptom: A memory leak occurs in the VHS library.
Conditions: This symptom might be seen when you open multiple SSH sessions and log in to the device through TACACS.
Workaround: This issue is resolved.
•
Symptom: Layer 2 multicast traffic can be sent to ports that are not in the IP IGMP snooping table.
Conditions: This symptom might be seen after multiple IGMP join or leave statements on the 32-port 10-Gigabit Ethernet SFP+ I/O module XL (N7K-M132XP-12L) when ports are used in shared mode.
Workaround: This issue is resolved.
•
Symptom: In Cisco NX-OS Release 5.2(x) and Release 6.0(x), the maximum label value in the mpls label range command was incorrect. The maximum label is 471804. During an ISSU to Cisco NX-OS Release 6.1(1) or a later release, the mpls label range command will change any values that are higher than 471804. If the whole range for dynamic or static labels is completely out of range, mpls label range will be reset to the default values.
Conditions: This symptom might be seen when the mpls label range command is configured with a value higher than 471805. During ISSU, the maximum values will be capped at 471805. If the range is completely out of range, the label range will be reset to default values.
Workaround: This issue is resolved.
•
Symptom: IDS check counters increment for Layer 2 forwarded frames. Although the counters increment, those frames actually get forwarded and transmitted out from the egress port.
Conditions: This symptom might be seen with Layer 2 forwarded frames that hit one of the IDS checks. For example, a Layer 2 forwarded frame with an IP address that is all zeroes is forwarded but is counted as if it was dropped by the IDS check.
Workaround: This issue is resolved.
•
Symptom: A Cisco Nexus 7000 Series device with M1 or F2 Series I/O modules might experience ports stuck in the initializing state following a switch reload. After some time, the port may become error-disabled due to a sequence timeout. The following errors are displayed for the affected interfaces:
%ETHPORT-5-IF_SEQ_ERROR: Error ("sequence timeout") communicating with <None:Internal Error> for opcode <None> (RID_PORT: Ethernet2/48)%ETHPORT-5-IF_DOWN_ERROR_DISABLED: Interface Ethernet2/48 is down (Error disabled. Reason:sequence timeout)If the peer keep alive is affected, the peer link and vPCs will remain down.
Conditions: This symptom might be seen following a switch reload.
Workaround: This issue is resolved.
•
Symptom: Occasionally, users are unable to authenticate and logs report that all servers are unreachable:
%TACACS-3-TACACS_ERROR_MESSAGE: All servers failed to respondConditions: This symptom might be seen on a Cisco Nexus 7000 Series device running Cisco NX-OS Release 5.2(3a). The servers can be pinged, but the switch is unable to authenticate with the AAA servers. This is not a connectivity issue with the AAA servers.
Workaround: This issue is resolved.
•
Symptom: A device that is running Cisco NX-OS Release 5.2(3) might experience a reset in the ipqosmgr process.
Conditions: This symptom might be seen when the ipqosmgr process resets on its own.
Workaround: This issue is resolved.
•
Symptom: An ISSU from Cisco NX-OS Release 4.2(4) to Cisco NX-OS Release 4.2(8) failed. As a result, some modules were running Release 4.2(4) and others were running Release 4.2(8), which caused packets to be software switched.
Conditions: This symptom was seen because an interface configured for CTS did not have a valid neighbor at the other end, which caused the ISSU to fail.
Before starting the ISSU upgrade one of the interfaces had the following configuration:
interface EthernetX/Xcts manualsap pmkxxxxx9871329874000000000000000000000000000000000000000000000000000000switchportswitchport mode trunkswitchport trunk allowed vlan 999no shutdownBecause the other CTS peer was not configured properly, CTS was not working, which caused ISSU to abort the upgrade.
Workaround: This issue is resolved.
•
Symptom: During a message storm, the Messages and Transactional Services (MTS) buffer memory is depleted, which can lead to process failures on a Cisco Nexus 7000 Series device.
Conditions: This symptom might be seen when an MTS process is unable to keep up with the amount of messages required to sync between modules in the switch. The buffer queue fills up which depletes the memory.
Workaround: This issue is resolved.
•
Symptom: After an F1 Series module is powered down and replaced by a different module and a port channel is brought down, the following message appears:
%SYSMGR-2-SERVICE_CRASHED: Service "l2fm"Conditions: This symptom might be seen when there are port channel sharing members between modules, and the target set is not cleaned up when the module is powered off and then replaced.
Workaround: This issue is resolved.
•
Symptom: Packets are destined for the router MAC address of one node of two Cisco Nexus 7000 Series devices that are set up for vPC. The peer link is on a F1 module. M1 modules are in the system. The peer gateway that arrives on the peer may be policed heavily by control-plane policing after it is received from the peer link. This situation may lead to random connectivity being issued to any number of hosts when an ARP refresh occurs, which causes some replies to be dropped and the ARP entry to be flushed.
Conditions: This symptom might be seen in the following scenario. There are two Cisco Nexus 7000 Series devices: switch1 and switch2. They are configured for vPC and the peer link is on the F1 Series module, M1 Series modules are present in both switches, and the peer-gateway configured.
When switch2 sends an ARP request for a host and the reply packet hashes to switch1 on a vPC port channel, the destination MAC address of switch2 on switch1 has a gateway bit set because of the peer gateway. The gateway bit is sent to software for encapsulation and forwarded across the peer link to switch2. Because the encapsulated packet uses the same destination MAC address as the original destination, when the packet arrives at switch2, it is sent to an M1 Series module because the MAC address has the gateway bit set and is subject to CoPP. These packets are classified under the Layer 2 default class and may be dropped if there is other unwanted Layer 2 traffic in the network.
Workaround: This issue is resolved.
•
Symptom: A redistributed static default route is stuck in the EIGRP topology table after removal.
Condition: This symptom was seen when a static default route was misconfigured as follows:
ip route 172.16.1.0/0 10.1.1.1Workaround: This issue is resolved.
•
Symptom: The test cable-diagnostics tdr interface command on an interface might cause a failure. An error message like the following might appear:
%VSHD-2-VSHD_SYSLOG_EOL_ERR: EOL functionpm_cli_ethpm_test_port_tdr from library libpmcli_eth.so exited due to Signal 11The output of the show cores command might have a vsh process-name core file.
Conditions: This symptom might be seen under normal operating conditions for a Cisco Nexus 7000 Series device.
Workaround: This issue is resolved.
•
Symptom: ARP requests and other Layer 2 traffic with a broadcast destination address are not flooded to all ports on the same VLAN. The following message appears in the device logs:
%MTM-SLOT3-2-MULTICAST_SOURCE_MAC_LEARNT: Inserted dynamically learnt multicast source mac ff:ff:ff:ff:ff:ff!Conditions: This symptom might be seen upon receipt of a Layer 2 frame with a broadcast source address (FFFF.FFFF.FFFF). The F2 Series module learns this address and adds it to its hardware table. Having this entry in the hardware table, Layer 2 traffic with a broadcast destination address (such as ARP requests) is dropped on the Cisco Nexus 7000 Series device because the ingress controller fails to flood it to the broadcast domain.
Workaround: This issue is resolved.
•
Symptom: The syslog message resulting from a MAC address full condition did not appear in the syslog logfile.
Conditions: This symptom might be seen when a lot of group entries are inserted in the MAC address table. There might be MAC address table collisions, at which point the insertion fails. In such a condition, a syslog message is expected to be recorded in the logfile, but it was not because the severity level of the syslog message was previously set at two.
Workaround: This issue is resolved.
•
Symptom: On a Cisco Nexus 7000 Series device running NX-OS Release 6.0(3), IP PIM join packets are dropped on an F2 Series module VDC after being moved to the CPU.
Conditions: This symptom might be seen on an F2 Series VDC.
Workaround: This issue is resolved.
•
Symptom: The show policy-map type control-plane expand command does not show additional class-map information.
Conditions: This symptom might be seen when CoPP is configured.
Workaround: This issue is resolved.
•
Symptom: A Cisco Nexus 7000 Series device stops including IP TLVs in an ISIS LSP after an upgrade and switchover.
Conditions: This symptom might be seen after an upgrade and switchover on the switch. The redistribute direct route-map command for IPV4 or IPV6 AFs or both is added and removed. There are no match statements with match interface conditions.
Workaround: This issue is resolved.
•
Symptom: The values for the INPUT_SNMP and OUTPUT_SNMP fields are incorrect.
Conditions: This might be seen when NetFlow version 5 is configured for NetFlow data export.
Workaround: This issue is resolved.
•
Symptom: The TACACS service fails.
Conditions: This symptom might be seen on a Cisco Nexus 7009 switch that is running NX-OS Release 6.0.2
Workaround: This issue is resolved.
•
Symptom: If you change the logging level of the ELTM component, it does not appear in the output of the show running-configuration command and the configuration is not saved after a switch reload.
Conditions: This symptom might be seen under normal operating conditions for a Cisco Nexus 7000 Series device.
Workaround: This issue is resolved.
•
Symptom: OSPF neighbors are not brought down even when there is a mismatch of hello intervals.
Conditions: This symptom might be seen when an OSPF neighbor sends hello packets with a mismatched hello interval.
Workaround: This issue is resolved.
•
Symptom: Static routes that are redistributed on the Cisco Nexus 7000 Series device into OSPF might not appear in the routing tables of OSPF neighbors because the forwarding address is not updated after route changes have occurred within the network.
Conditions: This symptom might be seen if the source Cisco Nexus 7000 Series device is redistributing static routes that have available paths through SVI interfaces and other Layer 3 interfaces. There is a timing issue where OSPF learns of the reachability through the Layer 3 interfaces, however, the preferred path to the network destination is through an SVI interface. After a reload of the source Cisco Nexus 7000 Series device, OSPF installs the forwarding address of valid Layer 3 interfaces while the SVI is still initializing. After the SVI is fully operational, OSPF is not updated of this change in state.
Workaround: This issue is resolved.
•
Symptom: In a PIM register-policy configuration, the following error message appears:
PIM-3-RPM_LIB_INT_ERROR: Invalid arguments passed in rpm_eval_policy_match()Conditions: This symptom might be seen when a switch reloads.
The switch is configured for VRF. With VRF for PIM, the ip pim register-policy command points to a route map.
Vrf context xyzip pim rp-add xxx.xxx.xxx.xxx group-list xxx.xxx.xxx.xxx/xip pim register-policy poly1Workaround: This issue is resolved.
•
Symptom: The output of the show fex detail command is missing the serial number of the FEX.
Conditions: This symptom might be seen after an ISSU to Cisco NX-OS Release 6.1(1).
Workaround: This issue is resolved.
•
Symptom: An ISSU might fail after the image download to the FEX. This symptom applies to a FEX running Cisco NX-OS Release 5.2(4) and earlier releases. Cisco NX-OS Release 6.0 and later releases do not have this symptom.
Conditions: This symptom might be seen when there more FEX modules in a VDC.
Workaround: This issue is resolved.
•
Symptom: Following an ISSU from Cisco NX-OS Release 5.2(x) to Release 6.0(x), configuration corruption occurred. The following messages appeared in the output of the show startup-configuration command:
tlvu_table_convert_tlv_to_indv_field: elem sz [0xa2] differs from tlv_sz[0x9e]Conditions: This symptom might be seen on a Cisco Nexus 7000 Series device following an ISSU.
Workaround: This issue is resolved.
•
Symptom: In a vPC+ setup, a vPC process might fail after vPC VLANs are changed to FabricPath mode. The failure does not occur in a vPC only setup.
Conditions: This symptom might be triggered by the following events:
–
–
–
Workaround: This issue is resolved.
•
Symptom: A Cisco Nexus 7000 Series device might not copy *,G outgoing interfaces to S,G. As a result, traffic can be silently dropped for the affected routes.
Conditions: This symptom might be seen under normal operating conditions for a Cisco Nexus 7000 Series device.
Workaround: This issue is resolved.
•
Symptom: A Cisco Nexus 2000 Series FEX module might fail when it receives a PDU larger than it expects.
Conditions: This symptom might be seen when on a Cisco Nexus 2000 Series FEX is connected to a Cisco Nexus 7000 Series device. It is not seen when a Cisco Nexus 2000 Series FEX is connected to Cisco Nexus 5000 Series switch.
Workaround: This issue is resolved.
•
Symptom: A Cisco Nexus 7000 Series device might not copy *,G outgoing interfaces to S,G. As a result, traffic can be silently dropped for the affected routes.
Conditions: This symptom might be seen under normal operating conditions for a Cisco Nexus 7000 Series device.
Workaround: This issue is resolved.
•
Symptom: After an ISSU or supervisor switchover, the following error might appear:
"OTV:%ISIS_OTV-3-TX_TXLIST_ERROR: Node does not exist in the queue"Conditions: This symptom might be seen following an ISSU or supervisor switchover.
Workaround: This issue resolved.
•
Symptom: OTV fails to advertise the MAC address after that particular MAC address has been moved to another site.
Conditions: This symptom might be seen in the following situation. A MAC address was local to site A. Now the MAC address has been moved to site B. The OTV VDC at site B correctly learns the MAC address on a local port channel or local interface; however, it again points to the overlay interface. Site A never learns this MAC address on the overlay interface.
Workaround: This issue is resolved.
•
Symptom: Stale static route information may remain in the RIB when BFD to the static route goes into a down state.
Conditions: This symptom might be seen after a Cisco Nexus 7000 Series device reloads. BFD does not work correctly.
Workaround: This issue is resolved.
•
Symptom: When using VRF other than the management VRF to send SNMP traps, if the management port is down but not administratively down, all trap packets will be queued forever if the alarm for turning the mgmt port on failed to run.
Conditions: This symptom might be seen an SNMP trap uses nonmanagement port or VRF.
Workaround: This issue is resolved.
•
Symptom: Hardware resources are not freed when the default VDC is migrated to the Ethernet VDC, which results in the default VDC being converted to the admin VDC.
Conditions: The VLAN manager is not involved during VDC migration and therefore does not get an opportunity to free hardware resources.
Workaround: This issue is resolved.
•
Symptom: On a Cisco Nexus 7000 Series device (PE), a VRF route that points to next-hop is on a remote PE under VRF blue, loopback 10. When it is pinged from a Cisco Nexus 7000 Series device, it works, but when the traffic goes through the Cisco Nexus 7000 Series device, it fails. On the packet capture, the Cisco Nexus 7000 Series device puts two labels, 3 and 18 (VPN), for the failing one. But when pinged from a Cisco Nexus 7000 Series device, 18 (vpn), is the only label that is correct because both PEs are directly connected.
Conditions: This symptom might be seen in the following setup:
---vrf blueâ??N7Kâ??e3/1------------- Cat6kâ??vrf-blue---Lo10 (2.2.2.2)On the Cisco Nexus 7000 Series device for VRF blue:
ip route 0.0.0.0/0 2.2.2.2The output of the show for vrf blue ipv4 route 0.0.0.0/0 command, displays PUSH2 18.
switch# sh for vrf blue ipv4 route 0.0.0.0/0------------------+------------------+----------------------+-----------------Prefix | Next-hop | Interface | Labels------------------+------------------+----------------------+-----------------*0.0.0.0/0 1.1.1.1 Ethernet3/1 PUSH2 18switch# sh sys inte for mpl adjacency 0x4301dDevice: 1 Index: 0x4301d dmac: 0018.7494.3800 smac: 6c9c.ed44.dac1PUSH TWO Label0 3 Label1 18Workaround: This issue is resolved.
•
Symptom: The PortLoopback test fails after a monitor port is reset to the default configuration.
Conditions: This symptom might be seen after a port is configured as a monitor port and uses the default interface to reset.
Workaround: This issue is resolved.
•
Symptom: In vPC+ configuration with multiple 48-port 1/10 Gigabit Ethernet SFP+ I/O F2 Series modules (N7K-F248XP-25) in the chassis, when one of the F2 Series modules is reloaded, hardware programming on the reloaded module might be corrupted, which can cause incoming traffic to the module to be incorrectly forwarded.
Conditions: This symptom might be seen in a vPC+ setup using multiple N7K-F248XP-25 I/O modules when one of them is reloaded.
Workaround: This issue is resolved.
•
Symptom: The PIM process might fail if a Layer 2 loop exists.
Conditions: This symptom might be seen is a Layer 2 loop is introduced.
Workaround: This issue is resolved.
•
Symptom: After a PIM process failure, an mroute is stuck in a pending state with traffic loss.
Conditions: This symptom might be seen after a PIM process failure.
Workaround: This issue is resolved.
•
Symptom: An MPLS traffic engineering configuration never comes back after a rollback of the no feature mpls traffic-eng command.
Conditions; This symptom might be seen under normal operating conditions of a Cisco Nexus 7000 Series device.
Workaround: This issue is resolved.
•
Symptom: A 20- to 60-second packet loss is seen in an MVPN scenario when switching from the default to data MDT.
Conditions: This symptom might be seen when the data MDT is configured on the PE router.
Workaround: This issue is resolved.
•
Symptom: While upgrading from Cisco NX-OS Release 5.2(1) to Release 5.2(5), the modules started failing when the switch was being upgraded.
Conditions: This symptom might be seen during a Cisco NX-OS software upgrade when a LISP configuration is present.
Workaround: This issue is resolved.
•
Symptom: On the 8-port 10-Gigabit Ethernet I/O module XL (N7K-M108X2-12L), when an interface is configured to carry the VLAN tag as well as the CMD header for SGT propagation, the CMD header appears ahead of the VLAN tag in every packet sent. Similarly, for every packet received, the CMD header is expected to be ahead of the VLAN tag. This behavior means that the N7K-M108X2-12L module will not be able to pass traffic with other modules that place the VLAN tag ahead of the CMD header in their packets.
Conditions: This symptom might be seen when the interface is configured such that packets are VLAN tagged and carry the CMD header, such as when cts manual is configured for a Layer 2 trunk port or for an Layer 3 subinterface.
Workaround: This issue is resolved.
•
Symptom: Under rare conditions, the SNMPD process might cause high CPU utilization even without SNMP polling.
Conditions: This symptom might be seen when the SNMPD process consumes the maximum allowed amount of memory and no more memory can be allocated for received packet processing.
Workaround: This issue is resolved.
•
Symptom: During an ISSU or ISSD, due to potential differences in the SAPs used by services in either release of Cisco NX-OS, the System Manager might fail in rare circumstances due to a broken pipe. The behavior should be to ignore any SAPs on the active supervisor that are not valid in the release of Cisco NX-OS running on the standby supervisor.
switch# show system internal log sysmgr sup-resetfsm_action_hot_switchover_part2: unable to move MTS to MTS_STATE_SWITCHOVER: Broken pipe (error-id 0x801E0020).Conditions: This symptom might be seen when an ISSU or SSD is performed between releases that have differences in SAP mappings used by MTS to allow intercommunication between services.
Workaround: This issue is resolved.
•
Symptom: When an ERSPAN enabled interface is flapping, there is a memory leak of around 1000 bytes for each flap. The ELTM process in the supervisor module will generate a core file and then come back online.
Conditions: This symptom might be seen when an ERSPAN enabled interface is flapping.
Workaround: This issue is resolved.
•
Symptom: This SA message with encapsulated data is sent with a wrong checksum, which causes the receiver MSDP peer to drop it. This packet will never be processed (decapsulated) and sent across to the downstream neighbors by the receiving MSDP peer.
Conditions: This symptom might be seen in Cisco NX-OS Release 6.0(2).
Workaround: This issue is resolved.
•
Symptom: After a module is removed or inserted, all port-channel members may no longer have a BFD session.
switch# sh port-channel summaryFlags: D - Down P - Up in port-channel (members)I - Individual H - Hot-standby (LACP only)s - Suspended r - Module-removedS - Switched R - RoutedU - Up (port-channel)M - Not in use. Min-links not met--------------------------------------------------------------------------------Group Port- Type Protocol Member Ports Channel--------------------------------------------------------------------------------21 Po21(RU) Eth LACP Eth10/31(P) Eth10/32(P)switch# sh bfd neighborsOurAddr NeighAddr LD/RD RH/RS Holdown(mult) State Int Vrf10.1.28.98 10.1.28.97 1124073476/0 Up N/A(3) Up Po21 default10.1.28.98 10.1.28.97 1124073478/1090519076 Up 148(3) Up Eth10/32 defaultConditions: This symptom might be seen when a Layer 3 port channel is configured with BFD per link.
Workaround: This issue is resolved.
Related Documentation
Cisco NX-OS documentation is available at the following URL:
http://www.cisco.com/en/US/products/ps9372/tsd_products_support_series_home.html
The Release Notes for upgrading the FPGA/EPLD is available at the following URL:
http://www.cisco.com/en/US/docs/switches/datacenter/sw/4_1/epld/epld_rn.html
Cisco NX-OS includes the following documents:
Release Notes
Cisco Nexus 7000 Series NX-OS Release Notes, Release 6.x
NX-OS Configuration Guides
Cisco Nexus 2000 Series Fabric Extender Software Configuration Guide
Cisco Nexus 7000 Series NX-OS Configuration Examples
Cisco Nexus 7000 Series NX-OS FabricPath Configuration Guide
Configuring Feature Set for FabricPath
Cisco Nexus 7000 Series NX-OS Fundamentals Configuration Guide
Cisco Nexus 7000 Series NX-OS High Availability and Redundancy Guide
Cisco Nexus 7000 Series NX-OS Interfaces Configuration Guide
Cisco Nexus 7000 Series NX-OS IP SLAs Configuration Guide
Cisco Nexus 7000 Series NX-OS Layer 2 Switching Configuration Guide
Cisco Nexus 7000 Series NX-OS LISP Configuration Guide
Cisco Nexus 7000 Series NX-OS MPLS Configuration Guide
Cisco Nexus 7000 Series NX-OS Multicast Routing Configuration Guide
Cisco Nexus 7000 Series NX-OS OTV Configuration Guide
Cisco Nexus 7000 Series OTV Quick Start Guide
Cisco Nexus 7000 Series NX-OS Quality of Service Configuration Guide
Cisco Nexus 7000 Series NX-OS SAN Switching Configuration Guide
Cisco Nexus 7000 Series NX-OS Security Configuration Guide
Cisco Nexus 7000 Series NX-OS System Management Configuration Guide
Cisco Nexus 7000 Series NX-OS Unicast Routing Configuration Guide
Cisco Nexus 7000 Series NX-OS Verified Scalability Guide
Cisco Nexus 7000 Series NX-OS Virtual Device Context Configuration Guide
Cisco Nexus 7000 Series NX-OS Virtual Device Context Quick Start
Cisco NX-OS FCoE Configuration Guide for Cisco Nexus 7000 and Cisco MDS 9500
NX-OS Command References
Cisco Nexus 7000 Series NX-OS Command Reference Master Index
Cisco Nexus 7000 Series NX-OS FabricPath Command Reference
Cisco Nexus 7000 Series NX-OS Fundamentals Command Reference
Cisco Nexus 7000 Series NX-OS High Availability Command Reference
Cisco Nexus 7000 Series NX-OS Interfaces Command Reference
Cisco Nexus 7000 Series NX-OS IP SLAs Command Reference
Cisco Nexus 7000 Series NX-OS Layer 2 Switching Command Reference
Cisco Nexus 7000 Series NX-OS LISP Command Reference
Cisco Nexus 7000 Series NX-OS MPLS Command Reference
Cisco Nexus 7000 Series NX-OS Multicast Routing Command Reference
Cisco Nexus 7000 Series NX-OS OTV Command Reference
Cisco Nexus 7000 Series NX-OS Quality of Service Command Reference
Cisco Nexus 7000 Series NX-OS SAN Switching Command Reference
Cisco Nexus 7000 Series NX-OS Security Command Reference
Cisco Nexus 7000 Series NX-OS System Management Command Reference
Cisco Nexus 7000 Series NX-OS Unicast Routing Command Reference
Cisco Nexus 7000 Series NX-OS Virtual Device Context Command Reference
Cisco NX-OS FCoE Command Reference for Cisco Nexus 7000 and Cisco MDS 9500
Other Software Document
Cisco NX-OS Licensing Guide
Cisco Nexus 7000 Series NX-OS MIB Quick Reference
Cisco Nexus 7000 Series NX-OS Software Upgrade and Downgrade Guide
Cisco NX-OS System Messages Reference
Cisco Nexus 7000 Series NX-OS Troubleshooting Guide
Cisco NX-OS XML Interface User Guide
Obtaining Documentation and Submitting a Service Request
For information on obtaining documentation, submitting a service request, and gathering additional information, see the monthly What's New in Cisco Product Documentation, which also lists all new and revised Cisco technical documentation, at:
http://www.cisco.com/en/US/docs/general/whatsnew/whatsnew.html
Subscribe to the What's New in Cisco Product Documentation as a Really Simple Syndication (RSS) feed and set content to be delivered directly to your desktop using a reader application. The RSS feeds are a free service and Cisco currently supports RSS version 2.0.
Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this URL: www.cisco.com/go/trademarks. Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1110R)
Cisco Nexus 7000 Series NX-OS Release Notes, Release 6.1
© 2013 Cisco Systems, Inc. All rights reserved.
