Guest

Cisco Catalyst 3500 XL Series Switches

Release Notes for the Catalyst 2900 XL and Catalyst 3500 XL Switches, Cisco IOS Release 12.0(5)WC14

 Feedback

Table Of Contents

Release Notes for the Catalyst 2900 XL and Catalyst 3500 XL Switches, Cisco IOS Release 12.0(5)WC14

Contents

Hardware Requirements

Software Requirements

System Requirements

Browser and Java Plug-In Requirements

Cluster Requirements and Guidelines

New Features

Minimum Cisco IOS Release for Major Features

Initial Switch Configuration

Using the Setup Program

Installing the Required Plug-In

Displaying the CMS Access Page

Downloading Software

Guidelines for Upgrading Switch Software

Overview of the Switch Upgrade Process

Determining the Switch Software Version

Which Software Files to Download from Cisco.com

Downloading the New Software

Copying the Current Startup Configuration from the Switch to a PC or Server

Archiving Software Images

Upgrading the Switch

Using CMS to Upgrade One or More Switches

Recovering from an Incomplete CMS Software Upgrade

Using the CLI to Upgrade a Catalyst 2900 LRE XL Switch

Upgrading LRE Firmware

Configuring for an LRE Upgrade

Performing an LRE Upgrade

Global Configuration of LRE Upgrades

Controller Configuration of LRE Upgrades

LRE Upgrade Behavior Details

LRE Upgrade Example

Using the CLI to Upgrade an 8-MB Catalyst 2900 XL Switch

Using the CLI to Upgrade a Catalyst 3500 XL Switch

Upgrading Member Switches

Limitations and Restrictions

Cisco IOS Limitations and Restrictions

CMS Limitations and Restrictions

LRE Limitations and Restrictions

Important Notes

Resolved Caveats

Resolved Caveats in Cisco IOS Release 12.0(5)WC14

Resolved Caveats in Cisco IOS Release 12.0(5)WC13

Resolved Caveats in Cisco IOS Release 12.0(5)WC12

Documentation Updates

Corrections to Software Configuration Guide

Correction to Command Reference

Corrections to Catalyst 2900 XL Hardware Installation Guide

Catalyst 2900 XL Hardware Installation Guide Corrections and Updates

Attaching the Cisco RPS (model PWR300-AC-RPS-N1)

Overtemperature Warning

Chassis Power Connection

Related Documentation

Obtaining Documentation

Cisco.com

Product Documentation DVD

Ordering Documentation

Documentation Feedback

Cisco Product Security Overview

Reporting Security Problems in Cisco Products

Obtaining Technical Assistance

Cisco Technical Support & Documentation Website

Submitting a Service Request

Definitions of Service Request Severity

Obtaining Additional Publications and Information


Release Notes for the Catalyst 2900 XL and Catalyst 3500 XL Switches, Cisco IOS Release 12.0(5)WC14


September 7, 2006

Cisco IOS Release 12.0(5)WC14 runs on Catalyst 2900 series XL and Catalyst 3500 series XL switches with 8-MB CPU DRAM. This release also runs on Catalyst 2900 series Long-Reach Ethernet (LRE) XL switches with 16-MB CPU DRAM. This release does not run on Catalyst 2900 series XL switches with 4-MB CPU DRAM.


Note Throughout this document, Catalyst 2900 XL switch refers to both the Catalyst 2900 XL switches and the Catalyst 2900 LRE XL switches, unless otherwise noted.


These release notes include important information about this Cisco IOS release and any limitations, restrictions, and caveats that apply to it. See the "Related Documentation" section for the complete list of Catalyst 2900 XL and Catalyst 3500 XL documentation.


Note This release is not for the Catalyst 2900 XL switches with 4-MB CPU DRAM. For information about these switches, refer to Cisco IOS Release 11.2(8.x)SA6 or earlier.


These release notes include important information about this release and any limitations, restrictions, and caveats that apply to it. To verify that these are the correct release notes for your switch:

If you are installing a new switch, refer to the Cisco IOS release label on the rear panel of your switch.

If your switch is on and running, use the show version user EXEC command. See the "Determining the Switch Software Version" section.

If you are upgrading to a new release, refer to the software upgrade filename for the Cisco IOS version. Before upgrading your switch to this release, read the "Downloading Software" section.

You can download the switch software from this site:

http://www.cisco.com/public/sw-center/sw-lan.shtml
(for registered Cisco.com users with a login password)

This release is part of a special release of Cisco IOS software that is not released on the same 8-week maintenance cycle that is used for other platforms. As maintenance releases and future releases become available, they will be posted to Cisco.com in the Cisco IOS software area.

Contents

This document has the following sections:

"Hardware Requirements" section

"Software Requirements" section

"Cluster Requirements and Guidelines" section

"Minimum Cisco IOS Release for Major Features" section

"Initial Switch Configuration" section

"Downloading Software" section

"Limitations and Restrictions" section

"Important Notes" section

"Resolved Caveats" section

"Documentation Updates" section

"Related Documentation" section

"Obtaining Documentation" section

"Documentation Feedback" section

"Cisco Product Security Overview" section

"Obtaining Technical Assistance" section

"Obtaining Additional Publications and Information" section

Hardware Requirements

This release supports the 8-MB Catalyst 2900 XL switches (see Table 1), 16-MB Catalyst 2900 LRE XL switches, (see Table 2) and Catalyst 3500 XL switches (see Table 3).


Note Catalyst 2900 XL 4-MB switches run original edition software and do not support this release. The 4-MB models are WS-C2908-XL, WS-C2916M-XL, WS-C2924C-XL, and WS-C2924-XL. These switches can only be upgraded up to Cisco IOS Release 11.2(8.10)SA6. To be cluster members, these switches must run Cisco IOS Release 11.2(8.x)SA6 original edition software. To determine the switch DRAM size, enter the show version user EXEC command.


Table 1 Catalyst 2900 XL Switches with 8-MB CPU DRAM  

Switch
Description

Catalyst 2912MF XL

12 100BASE-FX ports and 2 high-speed expansion slots

Catalyst 2912 XL

12 autosensing 10/100 ports

Catalyst 2924M XL

24 autosensing 10/100 ports and 2 high-speed expansion slots

Catalyst 2924M DC XL

24 autosensing 10/100 ports and 2 high-speed expansion slots (DC power)

Catalyst 2924 XL

24 autosensing 10/100 ports

Catalyst 2924C XL

22 autosensing 10/100 ports and 2 100BASE-FX ports


Table 2 Catalyst 2900 LRE XL Switches with 16-MB CPU DRAM

Switch
Description

Catalyst 2912 LRE XL

4 autosensing 10/100 ports and 12 Long-Reach Ethernet (LRE) ports

Catalyst 2924 LRE XL

4 autosensing 10/100 ports and 24 LRE ports


Table 3 Catalyst 3500 XL Switches

Switch
Description

Catalyst 3508G XL

8 Gigabit module slots

Catalyst 3512 XL

12 autosensing 10/100 ports and 2 Gigabit module slots

Catalyst 3524 XL

24 autosensing 10/100 ports and 2 Gigabit module slots

Catalyst 3524-PWR XL

24 autosensing 10/100 inline-power ports and 2 Gigabit module slots

Catalyst 3548 XL

48 autosensing 10/100 ports and 2 Gigabit module slots


Software Requirements

This section describes the requirements for the system and for the Cluster Management Suite (CMS) software.

System Requirements

These operating systems are supported for CMS management:

Microsoft Windows 95 (Service Pack 1 required)

Microsoft Windows 98, second edition

Microsoft Windows NT 4.0 (Service Pack 3 or higher required)

Microsoft Windows 2000

Solaris 2.5.1 or higher, with the Sun-recommended patch cluster for that operating system and Motif library patch 103461-24

The minimum PC requirement is a Pentium processor running at 233 MHz with 64 MB of DRAM. The minimum UNIX workstation requirement is a Sun Ultra 1 running at 143 MHz with 64 MB of DRAM. Table 4 lists the recommended platforms for using CMS.

Table 4 Recommended Minimum Platform Configuration for Web-Based Management

OS
Processor Speed
DRAM
Number of Colors
Resolution
Font Size

Windows NT 4.01

Pentium 300 MHz

128 MB

65,536

1024 x 768

Small

Solaris 2.5.1

SPARC 333 MHz

128 MB

Most colors for applications

-

Small (3)

1 Service Pack 3 or higher required


Browser and Java Plug-In Requirements

When starting a CMS session, the switch verifies the browser version to ensure that the browser is supported. If the browser is not supported, an error message appears, and the session does not start. Table 5 lists the browsers supported by CMS.

CMS requires the Java plug-ins described in the "Installing the Required Plug-In" section.

Table 5 Browser Requirements

Operating System
Netscape Communicator1
Microsoft Internet Explorer

Windows 95

4.61, 4.7

5.0, or 5.5

Windows 98

-2

5.0, or 5.5

Windows NT 4.0

4.61, 4.7

5.0, or 5.5

Windows 2000

4.61, 4.7

5.0, or 5.5

Solaris 2.5.1 or higher

4.61, 4.7

-3

1 Netscape Communicator version 4.60 and 6.0 are not supported. (CSCdx34982)

2 CMS is not supported on machines running Windows 98 and Netscape Navigator. The workaround is to use Microsoft Internet Explorer if your operating system is Windows 98.

3 Microsoft Internet Explorer is not supported on Solaris 2.5.1 or higher.



Note If you receive an Internet Explorer error message that the page might not display correctly because your security settings prohibit the ActiveX controls, your security settings are set too high. To lower security settings, go to Tools > Internet Options, and select the Security tab. Select the indicated Zone, and move the Security Level for this Zone slider from High to Medium (the default).


To access CMS, follow the procedures in the "Initial Switch Configuration" section.

Cluster Requirements and Guidelines

When creating a switch cluster, we recommend that the highest-end, command-capable switch in the cluster be the command switch and that the command switch has the latest software version installed. If there are switches in the cluster with older software versions, they should all be upgraded to the latest software version. All switches in the same platform should be upgraded to the latest software version.

Table 6 lists the cluster capabilities and minimum software versions for the switches. The switches are listed in the order of highest- to lowest-end switch. A lower-end switch cannot be the command switch of a switch listed above it in the table (for example, a Catalyst 2900 XL switch cannot be the command switch of a cluster that has Catalyst 3550 switches.)

Table 6 Switch Software and Cluster Capability 

Switch
Cisco IOS Release
Cluster Capability

Catalyst 3750

Cisco IOS Release 12.1(11)AX

Member or command switch

Catalyst 3550

Cisco IOS Release 12.1(4)EA1 or later

Member or command switch

Catalyst 2970

Cisco IOS Release 12.1(11)AX

Member or command switch

Catalyst 2950

Cisco IOS Release 12.0(5.2)WC(1) or later

Member or command switch

Catalyst 2955

Cisco IOS Release 12.1(12c)EA1 or later

Member or command switch

Catalyst 2950-LRE

Cisco IOS Release 12.1(11)YJ

Member or command switch

Catalyst 2940

Cisco IOS Release 12.1(13)AY

Member or command switch

Catalyst 3500 XL

Cisco IOS Release 12.0(5.1)XU or later

Member or command switch

Catalyst 2900 LRE XL (16-MB switches)

Cisco IOS Release 12.0(5.1)WC1 or later

Member or command switch

Catalyst 2900 XL (8-MB switches)

Cisco IOS Release 12.0(5.1)XU or later

Member or command switch

Catalyst 2900 XL (4-MB switches)

Cisco IOS Release 11.2(8.5)SA6 (recommended)

Member switch only1

Catalyst 1900 and 2820

Cisco IOS Release 9.00(-A or -EN)

Member switch only

1 Catalyst 2900 XL (4-MB) switches appear in the front-panel and topology views of CMS. However, CMS does not support configuration or monitoring of these switches.


Some versions of the Catalyst 2900 XL software do not support clustering, and if you have a cluster with switches that are running different versions of Cisco IOS software, software features added on the latest release might not be reflected on switches running the older versions. For example, if you start Visual Switch Manager (VSM) on a Catalyst 2900 XL switch running Cisco IOS Release 11.2(8)SA6, the windows and functionality can be different from a switch running Cisco IOS Release 12.0(5)WC(1) or later.


Note The Cluster Management Suite (CMS) is not forward-compatible, which means that if a member switch is running a software version that is newer than the release running on the command switch, the new features are not available on the member switch. If the member switch is a new device supported by a software release that is later than the software release on the command switch, the command switch cannot recognize the member switch and it is displayed as an unknown device in the Front Panel view. You cannot configure any parameters or generate a report through CMS for that member; instead, you must launch the Device Manager application to perform configuration and obtain reports for that member.


New Features

There are no new hardware or software features for this release.

Minimum Cisco IOS Release for Major Features

Table 7 lists the minimum software release required to support the major features of the Catalyst 2900 XL and Catalyst 3500 XL switches.

Table 7 Catalyst 2900 XL (including 2900 LRE XL) and Catalyst 3500 XL Features and the Minimum Cisco IOS Release Required  

Feature
Minimum Cisco IOS Release Required

Bridge protocol data unit (BPDU) filtering

Cisco IOS Release 12.0(5)WC7

Port security MAC address aging

Cisco IOS Release 12.0(5)WC5

Bridge protocol data unit (BPDU) guard

Cisco IOS Release 12.0(5)WC5

Remote Authentication Dial-In User Service (RADIUS)

Cisco IOS Release 12.0(5)WC5

UniDirectional Link Detection (UDLD) recovery

Cisco IOS Release 12.0(5)WC5

Support for the Cisco Coarse Wave Division Multiplexing (CWDM) Gigabit Interface Converter (GBIC) modules

Cisco IOS Release 12.0(5)WC5

Enhanced web-based switch management (CMS)

Cisco IOS Release 12.0(5)WC3

MAC address notification

Cisco IOS Release 12.0(5)WC3

Internet Group Management Protocol (IGMP) filtering

Cisco IOS Release 12.0(5)WC3

Support for the Cisco 585 LRE CPE device

Release 12.0(5)WC4

Enhanced web-based switch management (CMS)

Release 12.0(5)WC4

MAC Address Notification

Release 12.0(5)WC4

Internet Group Management Protocol (IGMP) Filtering

Release 12.0(5)WC4

WS-C2912-LRE XL and WS-C2912-LRE XL switches with LRE ports and support for the Cisco 575 LRE CPE device

Release 12.0(5.1)WC(1)

Extended cluster member compatibility with the Catalyst 2950 and Catalyst 3550 switches

Cisco IOS Release 12.0(5)WC(1)

Multicast VLAN Registration (MVR)

Cisco IOS Release 12.0(5)WC(1)

Cross-stack UplinkFast

Cisco IOS Release 12.0(5)XW

Dynamic Host Configuration Protocol (DHCP)-based autoconfiguration

Cisco IOS Release 12.0(5)XW

Support for the single-port 1000BASE-T GBIC module (WS-G5482)

Cisco IOS Release 12.0(5)XW

WS-C3524-PWR XL switch with 10/100 inline-power ports

Cisco IOS Release 12.0(5)XU

WS-C2924M-XL-EN-DC switch with DC power connector

Cisco IOS Release 12.0(5)XU

WS-X2932-XL Catalyst 2900 XL 1-port 1000BASE-T module

Cisco IOS Release 12.0(5)XU

Hot Standby Router Protocol (HSRP) for clustering

Cisco IOS Release 12.0(5)XU

Extended discovery of cluster candidates up to 7 hops from the command switch

Cisco IOS Release 12.0(5)XU

Support for up to 16 switches in a cluster

Cisco IOS Release 12.0(5)XU

VLAN Trunking Protocol (VTP) pruning

Cisco IOS Release 12.0(5)XU

Change management Virtual LAN (VLAN) for a cluster

Cisco IOS Release 12.0(5)XU

Private VLAN edge support

Cisco IOS Release 12.0(5)XU

UDLD for detecting unidirectional links

Cisco IOS Release 12.0(5)XU

Extended cluster member functionality for Catalyst 1900 and 2820 switches

Cisco IOS Release 12.0(5)XP

Remote monitoring (RMON) support through the command-line interface (CLI) or Simple Network Management Protocol (SNMP)

Cisco IOS Release Cisco IOS Release 12.0(5)XP

Change management VLAN

Cisco IOS Release 12.0(5)XP

Quality of service (QoS) based on IEEE 802.1P class of service (CoS) values

Cisco IOS Release 12.0(5)XP

WS-C3548-XL switch with 48 10/100 ports

Cisco IOS Release 12.0(5)XP

WS-X2931-XL Catalyst GigaStack GBIC module

Cisco IOS Release 12.0(5)XP

Catalyst 3500 series XL switches (except WS-C3548-XL)

Cisco IOS Release 11.2(8)SA6

Cluster management

Cisco IOS Release 11.2(8)SA6

Terminal Access Control Access System Plus (TACACS+)

Cisco IOS Release 11.2(8)SA6 (Enterprise Edition Software)

Network Time Protocol (NTP)

Cisco IOS Release 11.2(8)SA6

Spanning Tree Protocol (STP) UplinkFast

Cisco IOS Release 11.2(8)SA6
(Enterprise Edition Software)

250 VLANs (some models: see the "Limitations and Restrictions" section)

Cisco IOS Release 11.2(8)SA6

Catalyst 2900 series XL 1000BASE-X modules

Cisco IOS Release 11.2(8)SA5

Catalyst 2900 series XL asynchronous transmission mode (ATM) modules

Cisco IOS Release 11.2(8)SA5

IEEE 802.1Q trunking

Cisco IOS Release 11.2(8)SA5
(Enterprise Edition Software)

Inter-Switch Link (ISL) trunking

Cisco IOS Release 11.2(8)SA4
(Enterprise Edition Software)

VLAN Membership Policy Server (VMPS)

Cisco IOS Release 11.2(8)SA4 (Enterprise Edition Software)

8192 media access control (MAC) addresses on modular switches

Cisco IOS Release 11.2(8)SA4

Switch Network View stack management

Cisco IOS Release 11.2(8)SA3

Web-based switch management

Cisco IOS Release 11.2(8)SA

Fast EtherChannel port groups

Cisco IOS Release 11.2(8)SA


Initial Switch Configuration

This section provides these procedures:

"Using the Setup Program" section

"Installing the Required Plug-In" section

"Displaying the CMS Access Page" section

This section assumes that you have already installed the switch and connected devices to it, as described in the switch hardware installation guide.

Using the Setup Program

You can use an automatic setup program to assign switch IP information, host and cluster names, and passwords and to create a default configuration for continued operation. Later, you can use CMS or the command-line interface (CLI) to customize your configuration. To run the setup program, access the switch from the PC terminal that you connected to the console port. For information about connecting a PC or terminal to the switch console port, refer to the switch hardware installation guide.


Note If the switch will be a cluster member, you do not always need to assign IP information or a password, as the switch will be managed through the IP address of the command switch. If you are configuring a command switch or standalone switch, you need to assign IP information. Refer to the switch software configuration guide for more information.


The first time that you access the switch, it runs a setup program that prompts you for IP and other configuration information necessary for the switch to communicate with local routers and the Internet. This information is also required if you plan to use CMS to configure and manage the switch.

You will need the following information from your system administrator:

Switch IP address

___________.___________.___________._________

Subnet mask (netmask)

___________.___________.___________._________

Default gateway (router)

___________.___________.___________._________

Enable secret password

___________________________________________


Use this procedure to create an initial configuration for the switch:


Note Be sure that the rollover cable is connecting a PC serial port to the switch console port. The data characteristics are 9600 baud, 8 data bits, 1 stop bit, and no parity. Use the supplied rollover cable and DB-9 adapter to connect a PC to the switch console port. You need to provide a RJ-45-to-DB-25 female DTE adapter if you want to connect the switch console port to a terminal. You can order a kit (part number ACS-DSBUASYN=) containing that adapter from Cisco. For console port and adapter pinout information, refer to the "Cable and Connector Specifications" appendix in the switch hardware installation guide.


At any point you can enter a question mark for help. Use Ctrl-C to stop the configuration dialog at any prompt. The default settings are in square brackets.


Step 1 Enter Y at the first prompt.

Continue with configuration dialog? [yes/no]: y

Step 2 Enter the switch IP address, and press Return:

Enter IP address: ip_address

Step 3 Enter the subnet mask, and press Return:

Enter IP netmask: ip_netmask

Step 4 Enter Y at the next prompt to specify a default gateway (router):

Would you like to enter a default gateway address? [yes]: y 

Step 5 Enter the IP address of the default gateway, and press Return.

IP address of the default gateway: ip_address


Note Enter a host name for the switch, and press Return.



Note On a command switch, the host name is limited to 28 characters; on a member switch to 31 characters. Do not use -n, where n is a number, as the last character in a host name for any switch.


Step 6 Enter a secret password, and press Return.


Note The password can be from 1 to 25 alphanumeric characters, can start with a number, is case sensitive, allows spaces, but ignores leading spaces.


Enter enable secret: secret_password

Step 7 Enter Y to enter a Telnet password:

Would you like to configure a Telnet password? [yes] y


Note The password can be from 1 to 25 alphanumeric characters, is case sensitive, allows spaces, but ignores leading spaces.


Step 8 Enter the Telnet password, and press Return:

Enter Telnet password: telnet_password

Step 9 Enter Y to configure the switch as the cluster command switch. Enter N to configure it as a member switch or as a standalone switch.


Note If you enter N, the switch appears as a candidate switch in Cluster Builder. In this case, the message in Step 10 is not displayed.


Would you like to enable as a cluster command switch? y

Step 10 Assign a name to the cluster, and press Return.

Enter cluster name: cls_name


Note The cluster name can be 1 to 31 alphanumeric characters, dashes, or underscores.


Step 11 The initial configuration is displayed:

The following configuration command script was created: 
 
ip subnet-zero 
interface VLAN1 
ip address 172.20.153.36 255.255.255.0 
ip default-gateway 172.20.153.01 
hostname host_name 
enable secret 5 $1$M3pS$cXtAlkyR3/6Cn8/ 
line vty 0 15 
password telnet_password 
snmp community private rw 
snmp community public ro 
cluster enable cls_name 
 
end 

Step 12 Verify that the information is correct.

If the information is correct, enter Y at the prompt, and press Return.

If the information is not correct, enter N at the prompt, press Return, and begin again at Step 1.

Use this configuration? [yes/no]: y 


After you complete the setup program, the switch can use the created default configuration. If you want to change this configuration or want to perform other management tasks, use one of these tools:

CMS from your browser (See the "Installing the Required Plug-In" section and the "Displaying the CMS Access Page" section.)

Command-line interface (CLI) (Refer to the switch software configuration guide.)

The switch software configuration guide provides more information about how to set a password to protect the switch against unauthorized Telnet access and how to access the switch if you forget the password.

Installing the Required Plug-In

A Java plug-in is required for the browser to access CMS. Download and install the plug-in before you start CMS. For information on the supported plug-ins, see the "Windows 95, Windows 98, and Windows NT 4.0, and Windows 2000 Users" section and the "Solaris Platforms" section.

You can download the recommended plug-ins from this URL:

http://www.cisco.com/pcgi-bin/tablebuild.pl/java


Note Uninstall older versions of Java plug-ins before installing the Java plug-in.


If the Java applet does not initialize after you have installed the plug-in, open the Java Plug-in Control Panel (Start > Programs > Java Plug-in Control Panel), and verify these settings:

In the Proxies tab, verify that the Use browser settings is checked and that no proxies are enabled.


Note If you are running McAfee VirusScan on Windows 2000 and the plug-in takes a long time to load, you can speed up CMS operation by disabling the VirusScan Internet Filter option, the Download Scan option, or both.

From the Start menu, disable the options by selecting Start > Programs > Network Associates > Virus Scan Console > Configure.

or

From the task bar, right-click the Virus Shield icon, and in the Quick Enable menu, disable the options by deselecting Internet Filter or Download Scan.


Windows 95, Windows 98, and Windows NT 4.0, and Windows 2000 Users

You must have Java plug-in 1.0.4 installed in order to run CMS. If you start CMS without having installed the required Java plug-in, CMS halts and displays this error message:

CMS will start momentarily. If it does not, please verify that JavaScript is enabled and the Java Plug-in is installed.

You will need to shut down CMS and download Java plug-in 1.0.4 from this URL:

http://www.cisco.com/pcgi-bin/tablebuild.pl/java

Solaris Platforms

These Java plug-ins are supported on the Solaris platform:


Caution To avoid performance and compatibility issues, do not use Java plug-ins later than Java plug-in 1.3.1.

Java plug-in 1.3.1

Java plug-in 1.3.0

Java plug-in 1.2.2_07

If you have a SmartNet contract, you can download these plug-ins and instructions from this URL:

http://www.cisco.com/pcgi-bin/tablebuild.pl/java

To install the Java plug-in, follow the instructions in the README_FIRST.txt file.

If you do not have a SmartNet contract, download the plug-in from this URL:

http://www.cisco.com/pcgi-bin/tablebuild.pl/java


Note Uninstall older versions of the Java plug-in before installing Java plug-in JRE 1.3.1.


Displaying the CMS Access Page

After the browser is configured, display the CMS access page:


Step 1 Enter the switch IP address and your privilege level in the browser Location field (Netscape Communicator) or Address field (Microsoft Internet Explorer). For example:

http://10.1.126.45:184/level/14/

where 10.1.126.45 is the switch IP address, 184 is the HTTP port, and level/14 is the privilege level. You do not need to enter the HTTP port if the switch is using HTTP port 80 (the default) or enter the privilege level if you have read-write access to the switch (privilege level is 15).

For information about the HTTP port and privilege levels, refer to the switch software configuration guide.

Step 2 When prompted for a username and password, enter only the switch enable password. CMS prompts you a second time for a username and password. Enter only the enable password again.

If you configure a local username and password, make sure you enable it by using the ip http authentication global configuration command. Enter your username and password when prompted.

Step 3 Click Cluster Management Suite.

If you access CMS from a standalone or member switch, Device Manager appears. If you access CMS from a command switch, you can display the Front Panel and Topology views.


For complete information about CMS, refer to the switch software configuration guide.

Downloading Software

This section provides these topics about downloading the switch software:

"Guidelines for Upgrading Switch Software" section

"Overview of the Switch Upgrade Process" section

"Determining the Switch Software Version" section

"Which Software Files to Download from Cisco.com" section

"Copying the Current Startup Configuration from the Switch to a PC or Server" section

"Archiving Software Images" section

"Using CMS to Upgrade One or More Switches" section

"Using the CLI to Upgrade a Catalyst 2900 LRE XL Switch" section

"Using the CLI to Upgrade an 8-MB Catalyst 2900 XL Switch" section

"Using the CLI to Upgrade a Catalyst 3500 XL Switch" section


Note Before upgrading your switch to Cisco IOS Release 12.0(5)WC10, read the "Guidelines for Upgrading Switch Software" section for important information.


Guidelines for Upgrading Switch Software

When upgrading the LRE switch software, follow these rules:

The minimum software version required on the LRE switches is Cisco IOS Release 12.0(5.3)WC(1).

To upgrade the LRE switch software, use the CMS procedure described in the "Using CMS to Upgrade One or More Switches" section or use the CLI procedures described in the "Recovering from an Incomplete CMS Software Upgrade" section, or the "Upgrading Member Switches" section.

If your switch is running Cisco IOS Release 11.2(8)SA3, SA4, or SA5 (Catalyst 2900 XL only), we recommend that you upgrade the switch software by using VSM. If you are upgrading a switch running Cisco IOS Release 11.2(8)SA6 or later to this release, we recommend that you use Cluster Manager. For CMS instructions for upgrading switch software, refer to the switch software configuration guide or the online help for that release.

When using CMS, you cannot upgrade Catalyst 2900 XL, Catalyst 2900 LRE XL, and Catalyst 3500 XL switches at the same time. However, you can group together and upgrade Catalyst 1900 and Catalyst 2820 switches at the same time.

For Catalyst 2900 XL and Catalyst 3500 XL switches, enter the image_name.tar filename in the New File Name field. The tar file contains both the Cisco IOS image and the web-management code.

For Catalyst 1900 and Catalyst 2820 switches, enter the image_name.bin filename in the New File Name field. The bin file contains the software image and the web-management code.

Upgrade Catalyst 1900 and Catalyst 2820 switches last. To function efficiently, these switches need to be rebooted shortly after the upgrade occurs. If you do not click Reboot Cluster in 30 seconds after the upgrade, the Catalyst 1900 and Catalyst 2820 switches automatically reboot.

When using CMS to upgrade multiple switches from the Cisco TFTP server, the Cisco TFTP server application can process multiple requests and sessions. When using CMS to upgrade multiple switches from the Cisco TFTP server, you must first disable the TFTP Show File Transfer Progress and the Enable Logging options to avoid TFTP server failures. If you are performing multiple-switch upgrades with a different TFTP server, it must be capable of managing multiple requests and sessions at the same time.

If you are using VSM to upgrade a specific switch, follow the steps in the "Using CMS to Upgrade One or More Switches" section.

If you are using Cluster Manager to upgrade a switch or switch cluster running Release 11.2(8)SA6 or later, follow the steps in the "Using CMS to Upgrade One or More Switches" section.

When you upgrade a switch, the switch continues to operate while the new software is copied to Flash memory. Features provided by the new software are not available until you reboot the switch.

When using XMODEM, if there is enough space on the switch Flash memory, the new image is copied to the switch but does not replace the existing image until you reboot the switch. If a failure occurs while you are copying the new image to the switch, you can use the existing image to reboot the switch.

If there is not enough space for two images on the switch Flash memory, the new image is copied over the existing one. If a failure occurs while you are copying the new image to the switch, or if the new startup configuration fails, you must use the XMODEM Protocol to reinstall a previous or new image to the switch Flash memory. For more information, refer to the "Recovering from Corrupted Software" section in the "Troubleshooting" chapter of the Catalyst 2900 Series XL and Catalyst 3500 Series XL Software Configuration Guide.

Overview of the Switch Upgrade Process

The software upgrade procedure has these major steps:

Deciding which software files to download from Cisco.com, as described in the "Which Software Files to Download from Cisco.com" section.

Downloading the tar file from Cisco.com, as described in the "Downloading the New Software" section. This file contains the Cisco IOS image file and the CMS files. From Cisco.com, you can also download a TFTP server application to copy the switch software from your PC to the switch, if necessary.

The tar command extracts the Cisco IOS image, the e2rb.bin LRE firmware file, and the CMS files from the tar file during the TFTP copy to the switch.

Copying the current startup configuration file, as described in the "Copying the Current Startup Configuration from the Switch to a PC or Server" section.

When you upgrade a switch, the switch continues to operate while the new software is copied to flash memory. If flash memory has enough space, the new image is copied to the selected switch but does not replace the running image until you reboot the switch.


Note If a failure occurs during the copy process, you can still reboot your switch by using the old image that is still on the switch.


If flash memory does not have enough space for two images, your new image is copied over the existing one.


Note If a failure occurs while copying a new image to the switch, and the old image has already been deleted, you will need to use the XMODEM protocol to recover an image for the switch. For more information, refer to the "Recovering from Corrupted Software" section in the "Troubleshooting" chapter of the switch software configuration guide.


Using CMS or the CLI to upgrade the software on your switch or switch cluster:

If you are using CMS to upgrade a switch, follow the steps in the "Using CMS to Upgrade One or More Switches" section.

If you are using the CLI to upgrade a switch, follow the steps in the "Using the CLI to Upgrade a Catalyst 2900 LRE XL Switch" section, the "Recovering from an Incomplete CMS Software Upgrade" section, the "Recovering from an Incomplete CMS Software Upgrade" section, or the "Upgrading Member Switches" section.

Features provided by the new software are not available until you reload the switch.

Determining the Switch Software Version

The Cisco IOS image is stored as a bin file in a directory that is named with the Cisco IOS release. A subdirectory contains the CMS files needed for web management. The image is stored on the system board flash device (flash:).

You can use the show version user EXEC command to see the software version that is running on your switch. For example:

Switch> show version
Cisco Internetwork Operating System Software 
IOS (tm) C3500xl Software (C3500xl-C3H2S-M), Version 12.0(0.0.2)WC5, RELEASE SOFT)
Copyright (c) 1986-2002 by cisco Systems, Inc.
Compiled Tue 14-May-02 12:57 by username
Image text-base: 0x00003000, data-base: 0x0034A3B8

You can also use the dir filesystem: privileged EXEC command to see the directory names of other software images that might be stored in flash memory.


Note You can use CMS to see the software versions that are running on all the switches in a cluster. Launch CMS, and select Reports > Inventory. CMS displays a window that shows the software versions for all the switches in the cluster.


Which Software Files to Download from Cisco.com

New software releases are posted on Cisco.com and are also available through authorized resellers. From Cisco.com, you can also download a TFTP server application to copy the switch software from your PC to the switch.

Table 8 describes the file extensions and what they mean for the upgrade procedure. Table 9 and Table 10 list the software files that you need from Cisco.com.

Table 8 Possible Extensions for Cisco IOS Software Files 

Extension
Description

.bin

The IOS image file and the e2rb.bin LRE firmware file that you can copy to the switch through TFTP.

.tar

A compacted file from which you can extract files by using the tar privileged EXEC command. The tar file that you download from Cisco.com contains both the image bin, the LRE firmware (LRE switches only), and the CMS files.

Note The CMS files are only available in the tar file.


Table 9 Catalyst 2900 LRE XL Switch Software Files

Filename
Description

e2rb.bin

LRE firmware file

c2900xl-c3h219s-mz.120-5.WC14.bin

IOS image-only file

c2900xl-c3h219s-tar.120-5.WC14.tar

LRE firmware file, IOS image file, and HTML (CMS) files

Note The CMS files are only available in the tar file.


Table 10 Catalyst 2900 XL and 3500 XL Switch Software Files 

Switch
Filename
Description

Catalyst 2900 XL

c2900xl-c3h2s-tar.120-5.WC14.tar

Cisco IOS image file and CMS files

Catalyst 3500 XL

c3500xl-c3h2s-tar.120-5.WC14.tar

Cisco IOS image file and CMS files


Downloading the New Software

This procedure is for copying the combined tar file to the Catalyst 2900 XL or Catalyst 3500 XL switch. You copy the file to the switch from a TFTP server and extract the files. You can download an image file and replace or keep the current image.


Note For information about downloading a TFTP server, refer to the URLs in Step 2.


Before downloading the new image, use the dir user EXEC command to confirm that you have enough space on the flash. The new image and HTML files will be slightly larger than the size of the tar file.

If you do not have enough space on the flash for the tar file, delete any old unused IOS images. If that does not free up enough flash space, delete the HTML files.


Caution Do not delete the image that you are currently running on the switch. If the switch fails while downloading the new image, you will need to use this.

Follow these steps to download the software and, if necessary, the TFTP server application, from Cisco.com to your management station:


Step 1 Use Table 9 and Table 10 to identify the files that you want to download.

Step 2 Download the files from one of these locations:

If you have a SmartNet support contract, go to this URL, and log in to download the appropriate files:

http://www.cisco.com/public/sw-center/sw-lan.shtml

To download the files, select Catalyst 2900XL Software, Catalyst 2900 LRE XL Software, or Catalyst 3500XL Software.

Step 3 Use the CLI or web-based interface to perform a TFTP transfer of the file or files to the switch after you have downloaded them to your PC or workstation.

The readme.txt file describes how to download the TFTP server application. New features provided by the software are not available until you reload the software.


Copying the Current Startup Configuration from the Switch to a PC or Server

When you make changes to a switch configuration, your changes become part of the running configuration. When you enter the command to save those changes to the startup configuration, the switch copies the configuration to the config.text file in flash memory. To ensure that you can recreate the configuration if a switch fails, you might want to copy the config.text file from the switch to a PC or server.

The following procedure requires a configured TFTP server such as the Cisco TFTP server available on Cisco.com.

Beginning in privileged EXEC mode, follow these steps to copy a switch configuration file to the PC or server that has the TFTP server application:


Step 1 Copy the file in flash memory to the root directory of the TFTP server:

switch# copy flash:config.text tftp

Step 2 Enter the IP address of the device where the TFTP server resides:

Address or name of remote host []? ip_address

Step 3 Enter the name of the destination file (for example, config.text):

Destination filename [config.text]? yes/no

Step 4 Verify the copy by displaying the contents of the root directory on the PC or server.


Archiving Software Images

Before upgrading your switch software, make sure that you have archived copies of the current Cisco IOS release and the Cisco IOS release to which you are upgrading. You should keep these copies of the archived images until you have upgraded all devices in the network to the new Cisco IOS image and until you have verified that the new IOS image works properly in your network.

Cisco routinely removes old Cisco IOS versions from Cisco.com. For more information, see Product Bulletin 2863 at this URL:

http://www.cisco.com/en/US/partner/products/sw/iosswrel/ps5187/prod_bulletin0900aecd80281c0e.html

You can copy the bin software image file on the flash memory to the appropriate TFTP directory on a host by using the copy flash: tftp: privileged EXEC command.


Note Although you can copy any file in the flash memory to the TFTP server, it is time-consuming to copy all of the html files in the tar file. We recommend that you download the tar file from Cisco.com and archive it on an internal host in your network.


Upgrading the Switch

This section provides these topics about upgrading the switch:

"Using CMS to Upgrade One or More Switches" section

"Using the CLI to Upgrade a Catalyst 2900 LRE XL Switch" section

"Using the CLI to Upgrade an 8-MB Catalyst 2900 XL Switch" section

"Using the CLI to Upgrade a Catalyst 3500 XL Switch" section

"Upgrading Member Switches" section

Using CMS to Upgrade One or More Switches

You can use the Software Upgrade window in Cluster Manager to upgrade all or some of the switches in a cluster at once. Consider these conditions when doing an upgrade:

When using CMS, you cannot upgrade Catalyst 2900 XL, Catalyst 2900 LRE XL, or Catalyst 3500 XL switches at the same time. However, you can group together and upgrade Catalyst 1900 and Catalyst 2820 switches at the same time.

For Catalyst 2900 LRE XL switches, enter the enter the image_name.tar filename in the New File Name field. The tar file contains both the IOS image and the web-management code.

For Catalyst 2900 XL and Catalyst 3500 XL switches, enter the image_name.tar filename in the New File Name field. The tar file contains both the Cisco IOS image and the web-management code.

For Catalyst 1900 and Catalyst 2820 switches, enter the image_name.bin filename in the New File Name field. The bin file contains the switch software image and the web-management code.

Upgrade Catalyst 1900 and Catalyst 2820 switches last. To function efficiently, these switches need to be rebooted shortly after the upgrade occurs. If you do not click Reboot Cluster in 30 seconds after the upgrade, the Catalyst 1900 and Catalyst 2820 switches automatically reboot.

Follow these steps to use CMS to upgrade switch software. Refer to the online help for more details.


Step 1 In Cluster Manager, select System > Software Upgrade to display the Software Upgrade window.

Step 2 Enter the tar filename (for Catalyst 2900 XL and Catalyst 3500 XL switches) or the bin filename (for Catalyst 1900 and Catalyst 2820 switches) that contains the Cisco IOS image and the web-management code.

You can enter just the filename or a pathname into the New Image File Names field. You do not need to enter a pathname if the image file is in the directory that you have defined as the TFTP root directory.



Note You can also use Cluster Manager to upgrade a single switch by following the same upgrade procedure.



Note Close your browser after the upgrade process is complete.


On the Catalyst 2900 XL and Catalyst 3500 XL switches, new images are copied to flash memory and do not affect operation. The switch checks flash memory to ensure that there is sufficient space before the upgrade takes place. If there is enough space, the new image is copied to the switch without replacing the old image, and after the new image is completely downloaded, the old one is erased. In this case, you can still reboot your switch by using the old image if a failure occurs during the copy process.

If there is not enough space in flash memory for the new and old images, the old image is deleted, and the new image is downloaded.

On the Catalyst 1900 and Catalyst 2820 switches, the new image overwrites the current image during the upgrade.


Note If a failure occurs while copying a new image to the switch, and the old image has already been deleted, you need to use the XMODEM protocol to recover an image for the switch. For more information, refer to the "Recovering from Corrupted Software" section in the "Troubleshooting" chapter of the switch software configuration guide.


Recovering from an Incomplete CMS Software Upgrade

An upgrade failure can create multiple copies of Cisco IOS images and other files in flash memory. This would not leave enough space for the CMS files to also be copied to flash memory; thus, you will not be able to access the switch through CMS.

If a failure occurs, ensure that the image file in flash memory has the same name as the contents of the boot variable:

See Step 5 and Step 8 in the "Using the CLI to Upgrade an 8-MB Catalyst 2900 XL Switch" section

See Step 4 and Step 10 in the "Upgrading Member Switches" section

If the contents of the boot variable and the image file name are the same, the switch can reset successfully. If they are different, rename the image file, or reset the boot variable by entering the system boot name global configuration command. The boot variable and the image file name should be the same.

To recover from the incomplete download of the CMS files, log in to the switch, and upgrade the software as described in the "Upgrading Member Switches" section.

Using the CLI to Upgrade a Catalyst 2900 LRE XL Switch

If you are upgrading a Catalyst 2900 XL switch that is not an LRE switch, see the "Recovering from an Incomplete CMS Software Upgrade" section.

Follow these steps to upgrade the LRE switch software:


Step 1 If your PC or workstation cannot act as a TFTP server, copy the file to a TFTP server to which you have access.

Step 2 Access the CLI by starting a Telnet session or by connecting to the switch console port through the RS-232 connector.

To start a Telnet session on your PC or workstation, enter this command:

server% telnet switch_ip_address

Enter the Telnet password if you are prompted to do so.

Step 3 Enter privileged EXEC mode:

switch> enable
switch#

Enter a password if you are prompted to do so.

Step 4 Display the name of the running (default) image file (BOOT path-list). This example shows the name in italic:

switch# show boot
BOOT path-list:    flash:current_image
Config file:       flash:config.text
Enable Break:      1
Manual Boot:       no
HELPER path-list: 
NVRAM/Config file
buffer size: 32768

If there is no file defined in the BOOT path-list, enter the dir flash: privileged EXEC command to display the contents of flash memory. The file named c2900XL-c3h2-mz-120-5.1.WC.1.bin is your previous image file.

switch# dir flash:
Directory of flash:/

175  -rwx         111   May 17 2001 13:25:53  info.ver
165  -rwx        8192   May 17 2001 13:22:13  e2rb.bin
  4  drwx       10240   May 17 2001 13:25:52  html
167  -rwx        1496   May 17 2001 13:21:46  config.text
  6  -rwx         111   May 17 2001 13:23:41  info
176  -rwx        1422   Jan 01 1970 00:14:43  env_vars
  7  -rwx     1750311   May 17 2001 13:24:58  c2900XL-c3h2s-mz.120-5.1.WC.1.bin

7741440 bytes total (4692992 bytes free)

Step 5 Enter global configuration mode:

switch# config terminal

Step 6 Disable access to the switch HTML pages:

switch(config)# no IP http server

Step 7 If you entered the boot global configuration command with the name of the image file, enter this command to change it to the new name:


Note You do not need to perform this step if the show boot privileged EXEC command entered in Step 4 displays no image name; the switch automatically finds the correct file to use when it resets.


switch(config)# boot system flash:new_image

For example:

switch(config)# boot system flash:c2900XL-c3h2s-mz-120-5.3.WC.1.bin

Step 8 Return to privileged EXEC mode:

switch(config)# end

Step 9 Remove the HTML files:

switch# delete flash:html/*

Step 10 Press Enter to confirm the deletion of each file. Do not press any other keys during this process.

Step 11 If upgrading from Cisco IOS Release 11.2(8)SA5 or earlier, remove the files in the Snmp directory:

switch# delete flash:html/Snmp/*

Note Make sure the S in Snmp is uppercase.


Step 12 Press Enter to confirm the deletion of each file. Do not press any other keys during this process.

Step 13 Enter the following command to copy the new image and HTML files to the switch flash memory:


Caution In this step, the tar privileged EXEC command copies the combined tar file that contains the Cisco IOS image file and the HTML files. You do not need to copy an HTML tar file in this procedure.

switch# tar /x tftp://server_ip_address/path/filename.tar flash:    
Loading /path/filename.tar from server_ip_address (via VLAN1): !
extracting info (111 bytes)
extracting c2900XL-c3h2s-mz.120-5.3.WC.1.bin (1750311 
bytes)!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
html/ (directory)
extracting html/ClusterBuilder.html.gz (670 bytes)
extracting html/ClusterManager.html.gz (624 bytes)
extracting html/back.html.gz (211 bytes)!
. . .

Depending on the TFTP server being used, you might need to enter only one slash (/) after the server_ip_address in the tar privileged EXEC command. The tar privileged EXEC command extracts the Cisco IOS image and the HTML files from the combined tar file during the TFTP copy to the switch.


Step 14 Enter global configuration mode:

switch# configure terminal
Enter configuration commands, one per line. End with CNTL/Z.

Step 15 Re-enable access to the switch HTTP pages:

switch(config)# IP http server

Step 16 Return to privileged EXEC mode:

switch(config)# end

Step 17 Reload the new software with this command:

switch# reload
System configuration has been modified. Save? [yes/no]: y
Proceed with reload? [confirm]

Step 18 Press Return to confirm the reload.

Your Telnet session ends when the switch resets.

Step 19 After the switch reboots, use Telnet to return to the switch, and enter the privileged EXEC show version command to verify the upgrade procedure.

If you have a previously opened browser session to the upgraded switch, close the browser, and restart it to ensure that you are using the latest HTML files.


Upgrading LRE Firmware

The 2900 LRE XL switch can store and properly apply LRE binaries if there are updates required to the firmware on the switch local LRE controllers or connected CPE devices.

Other upgrade-related features include:

Access to an earlier version of the LRE software if required.

Simplifying the upgrade process as much as possible, especially in cases where you want to upgrade multiple CPE devices by entering a single command.


Note Whether upgrading a single CPE device or all CPE devices connected to an LRE switch, the expected duration of an LRE upgrade is 3 to 6 minutes (CPE devices connected to marginal links might take longer than this to upgrade).


You perform an upgrade with this command:

hw-module slot x upgrade lre [force][local lo n | remote lo x/y]

Automatic upgrading is not supported. You can upgrade in one of these ways:

Upgrade a single remote CPE device.

Upgrade a single local LRE controller (local LRE chipset).

Upgrade all CPE devices and local chipsets that require an upgrade (a system-wide upgrade, which is the default)


Note There are no LRE firmware upgrade patch files available with this release.


Configuring for an LRE Upgrade

In the absence of any LRE Upgrade configurations, the LRE upgrade attempts to upgrade all local LRE controllers and CPE devices to the most recent compatible versions of the LRE binaries required for each LRE target device. LRE upgrade configurations should rarely be required. The primary purpose of LRE upgrade configuration commands is to provide for downgrades of LRE binaries.

If you wish to override the switch automatic selection of LRE binaries, you have two methods available:

Global LRE upgrade configuration commands

LRE Controller configuration commands

You can use config global commands to specify the LRE binary or binaries for a specified target type. (A target type is the family [and optionally the model or model revision] of a device containing one or more upgradable hardware elements.) A target can be a local LRE controller on the switch or a remote CPE device.

You can perform global LRE upgrade configurations by entering LRE upgrade controller configuration commands from the controller configuration submode. Use the upgrade configuration command in the controller submode to override the system default selection of an LRE binary to be applied on a particular remote CPE device or local LRE controller. Controller configurations take precedence over global upgrade configurations.

The preserve keyword causes the LRE upgrade mechanism to not upgrade the local controller on which preserve is configured or any of the CPE devices connected to that controller. If you want to preserve (in other words, not upgrade) some of the CPE devices connected to a particular controller but allow upgrades to others, you can enter controller upgrade configuration commands for the links that you want to upgrade.

The no form of the upgrade command removes the command for applying a particular LRE binary. To resume default upgrade behavior for a given controller, configure the no upgrade commands on that controller.


Note You also need to remove global configurations that might also affect the controller and devices connected to it.



Note When a config global command and a config controller command conflict, the config controller command has precedence.


See the reference pages for the upgrade commands in the Catalyst 2900 XL and Catalyst 3500 XL Command Reference for further details.

Performing an LRE Upgrade

You can upgrade either on a system-wide basis (in other words, upgrading the software on all connected CPE devices and local LRE chipsets) or on individual CPE device or LRE controllers. By default, a system-wide upgrade applies the most recent versions of LRE binaries that are most compatible with each upgradable hardware module. The system-wide upgrade method is the one that you use in almost all situations.

When executing upgrades, you can elect to upgrade a single CPE device or local controller by using this command hw-module slot <x> upgrade lre [local lo n | remote lo x/y]. If no local or remote option is given, a system-wide upgrade is performed.

Global Configuration of LRE Upgrades

Beginning in privileged EXEC mode, follow these steps to perform a system-wide upgrade to configure the LRE binary to apply to a target device and upgradable hardware element combination:

 
Command
Purpose

Step 1 

configure terminal

Enter global configuration mode.

Step 2 

lre binary default target_device LRE_binary

Enter the device to which the LRE binary should be applied; and the LRE binary to be applied.

Step 3 

end

Return to privileged EXEC mode.

Step 4 

show lre upgrade version

Verify the change.


Note The lre upgrade default mode command essentially overrides the system default selection of an LRE binary for a specified family of CPE devices (target device).


Controller Configuration of LRE Upgrades

Beginning in privileged EXEC mode, follow these steps to explicitly direct the LRE binaries to be applied to either the local controller or a specific VDSL link:

 
Command
Purpose

Step 1 

configure terminal

Enter global configuration mode.

Step 2 

controller lre chipset_number

Enter the particular LRE local chipset on the switch to be applied.

Step 3 

upgrade <[remote lo x/y] LRE_Binary | preserve>

Enter the LRE binary to be applied, or set preserve, which prevents the upgrade of any CPE devices connected to a controller or local chipset.

Step 4 

end

Return to privileged EXEC mode.

Step 5 

show lre upgrade version

Verify the change.

You can use the upgrade configuration command in the controller submode to override the system default selection of an LRE binary that will be applied on either end of a particular LRE link. Controller configurations take precedence over global upgrade configurations.

The preserve keyword causes the LRE upgrade mechanism to not upgrade the local controller on which preserve is configured or any of the CPE devices connected to that controller. If you want to preserve (in other words, not upgrade) some of the CPE devices connected to a particular controller but allow upgrades to others, you can enter controller upgrade configuration commands for the links you want to upgrade.

The no form of the command removes the command for applying a particular LRE binary. To resume default upgrade behavior for a given controller, do not configure the custom upgrade commands on that controller.

LRE Upgrade Behavior Details

You see on the console screen when you start an upgrade:

Switch> en
Switch# hw-module slot 0 upgrade lre
You are about to start an LRE upgrade on all LRE interfaces.
Users on LRE links being upgraded will experience a temporary disruption of Ethernet 
connectivity.
Start LRE upgrade ? [yes]:

If you answer yes or press the Enter key, the upgrade starts. If you answer no, you get the EXEC prompt.

You can expect this link behavior of the CPE device during an upgrade:

When the upgrade starts, the link is probably in the link-up state, the state of the link that is useful to you.

When the upgrade starts, the remote CPE device resets. Ethernet connectivity is temporarily lost at this point.

The CPE device comes up, with the link slower (about 1 Mbps upstream and 4 Mbps downstream) but more reliable. The increased reliability is required for a successful LRE binary transfer. The LRE link stays at a slower speed for the duration of the upgrade. Ethernet connectivity is available.

When the upgrade is complete, the CPE device is again reset so that the upgraded LRE binaries are loaded and executed on the target CPE device(s) and local LRE chipsets. Ethernet connectivity is again disrupted until the CPE device comes out of reset.

The link comes up when the CPE device comes back up, and then progresses to where it resumes full operation at its intended data rate.

LRE Upgrade Example

The following is an example of how an LRE upgrade can proceed:

Switch# hw-module slot 0 upgrade lre force remote lo 1/1
You are about to start an LRE upgrade on CPE Lo0/1.
Users on LRE links being upgraded will experience a temporary
disruption of Ethernet connectivity.

Start LRE upgrade ? [yes]:

Starting remote upgrade on CPE Lo0/1
00:21:51: %LINEPROTO-5-UPDOWN: Line protocol on Interface
LongReachEthernet0/1, changed state to down

The CPE device is reset and the link is down. Ethernet connectivity is unavailable at this point.

00:22:37: %LINK-3-UPDOWN: Interface LongReachEthernet0/1, changed state to up
00:22:39: %LINEPROTO-5-UPDOWN: Line protocol on Interface
LongReachEthernet0/1, changed state to up

The CPE device comes out of reset. Ethernet connectivity is available but at low speeds. Upgrade data transfer begins.

00:23:55: %LINEPROTO-5-UPDOWN: Line protocol on Interface
LongReachEthernet0/1, changed state to down

Upgrade data transfer is complete. Reset the CPE device.

00:23:56: %LINK-3-UPDOWN: Interface LongReachEthernet0/1, changed state to up

The CPE device has come out of reset. The desired profile is applied.

00:23:58: %LRE_LINK-3-UPDOWN: Interface Lo0/1, changed state to UP
00:23:59: %LINK-3-UPDOWN: Interface LongReachEthernet0/1, changed state to up
00:24:02: %LINEPROTO-5-UPDOWN: Line protocol on Interface
LongReachEthernet0/1, changed state to up

Operation resumes in the profile link up state.

Switch#

Using the CLI to Upgrade an 8-MB Catalyst 2900 XL Switch


Caution The 4-MB Catalyst 2900 XL switches do not have sufficient memory to be upgraded to this release. The 4-MB models are WS-C2908-XL, WS-C2916M-XL, WS-C2924C-XL, and WS-C2924-XL. These switches must run Cisco IOS Release 11.2(8.x)SA6 to be cluster members.

This procedure is for upgrading Catalyst 2900 XL switches with 8 MB of DRAM. You upgrade a switch by extracting the Cisco IOS image file and the HTML files from a combined tar file. You copy the files to the switch from a TFTP server and extract the files by entering the tar privileged EXEC command with these results:

Changes the name of the current image file to the name of the new file that you are copying and replaces the old image file with the new one by using the tar privileged EXEC command.

Disables access to the HTML pages and deletes the existing HTML files before you upgrade the software to avoid a conflict with users accessing the web pages during the software upgrade.

Re-enables access to the HTML pages after the upgrade is complete.

If you are unsure whether your switch has 4 MB or 8 MB of memory, you can verify memory capacity at Step 4.

Follow these steps to upgrade the switch software by using the tar privileged EXEC command to start a TFTP transfer:


Step 1 If your PC or workstation cannot act as a TFTP server, copy the file to a TFTP server to which you have access.

Step 2 Access the CLI by starting a Telnet session or by connecting to the switch console port through the RS-232 connector.

To start a Telnet session on your PC or workstation, enter this command:

server% telnet switch_ip_address

Enter the Telnet password if you are prompted to do so.

Step 3 Enter privileged EXEC mode:

switch> enable 
switch#

Enter a password if you are prompted to do so.

Step 4 Confirm that you have an 8-MB switch:

switch# show version
Cisco Internetwork Operating System Software IOS (tm) 
C2900XL Software (C2900XL-HS-M), Version 11.2(8.2)SA6, RELEASE SOFTWARE (fc1)
Copyright (c) 1986-1998 by cisco Systems, Inc.
Compiled Mon 23-Nov-98 20:59 by paulines
Image text-base: 0x00003000, data-base: 0x00202144

ROM: Bootstrap program is C2900XL boot loader

2900XL-EN-84.3 uptime is 1 day, 22 hours, 23 minutes
System restarted by power-on
Running default software

cisco WS-C2924-XL (PowerPC403GA) processor (revision 0x11) 
with 8192K/1024K bytes of memory.
Processor board ID 0x0E, with hardware revision 0x01
Last reset from power-on

Processor is running Enterprise Edition Software
24 Ethernet/IEEE 802.3 interface(s)

32K bytes of flash-simulated non-volatile configuration memory.
Base ethernet MAC Address: 00:50:80:39:EC:40
Motherboard assembly number: 73-3382-04
Power supply part number: 34-0834-01
Motherboard serial number: FAA02499G7X
Model number: WS-C2924-XL-EN
System serial number: FAA0250U03P
Configuration register is 0xF

Step 5 Display the name of the running (default) image file (BOOT path-list). This example shows the name in italic:

switch# show boot 
BOOT path-list:    flash:current_image 
Config file:       flash:config.text 
Enable Break:      1 
Manual Boot:       no 
HELPER path-list:  
NVRAM/Config file 
buffer size: 32768

If there is no file defined in the BOOT path-list, enter the dir flash: privileged EXEC command to display the contents of flash memory. For example, the file named c2900XL-c3h2-mz-120-5.3.WC.1.bin is the image file.

c2900XL-c3h2-mz-120-5.3.WC.1.bin
switch# dir flash:
Directory of flash:/

 2   ---x     1644046   Apr 04 1993 15:22:13  c2900XL-c3h2s-mz-120-5.3.WC.1.bin
  4  d--x        6848   Apr 04 1993 15:23:11  html
  6  -rwx          79   Apr 04 1993 15:20:34  env_vars
  5  ---x         106   Apr 04 1993 15:20:36  info
 68  -rwx        1399   May 16 2000 14:43:42  config.text
259  ---x         106   Apr 04 1993 15:23:12  info.ver

3612672 bytes total (940032 bytes free) 

Step 6 Enter global configuration mode:

switch# config terminal 
Enter configuration commands, one per line. End with CNTL/Z.

Step 7 Disable access to the switch HTML pages:

switch(config)# no IP http server

Step 8 If you entered the boot global configuration command with the name of the image file, enter this command to change the image filename to the new name.

switch(config)# boot system flash:new_image

For example:

switch(config)# boot system flash:c2900XL-c3h2s-mz-120-5.3.WC.1.bin

Note If the show boot privileged EXEC command that you entered in Step 5 displays no image name, you do not need to enter this command; the switch automatically finds the correct file to use when it resets.


Step 9 Return to privileged EXEC mode:

switch(config)# end

Step 10 Remove the HTML files:

switch# delete flash:html/* 

Step 11 Press Enter to confirm the deletion of each file. Do not press any other keys during this process.

Step 12 If upgrading from Cisco IOS Release 11.2(8)SA5 or earlier, remove the files in the Snmp directory:

switch# delete flash:html/Snmp/*

Make sure the S in Snmp is uppercase.

Press Enter to confirm the deletion of each file. Do not press any other keys during this process.


Caution In the following step, the tar privileged EXEC command copies the combined tar file that contains both the image and the HTML files. You do not need to copy an HTML.tar file in this procedure.

Step 13 Enter this command to copy the new image and HTML files to the switch flash memory:

switch# tar /x tftp://server_ip_address/path/filename.tar flash: 
Loading /path/filename.tar from server_ip_address (via VLAN1):!) 
extracting info (111 bytes)
extracting c2900XL-c3h2s-mz-120-5.3.WC.1.bin (1557286 bytes)!!!!!!!!!!!!!!!!!!!!
html/ (directory)
extracting html/Detective.html.gz (1139 bytes)!
extracting html/ieGraph.html.gz (553 bytes)
extracting html/DrawGraph.html.gz (787 bytes)!
. . . 

Depending on the TFTP server being used, you might need to enter only one slash (/) after the server_ip_address in the tar privileged command.

Step 14 Enter global configuration mode:

switch# configure terminal 
Enter configuration commands, one per line. End with CNTL/Z. 

Step 15 Re-enable access to the switch HTTP pages:

switch(config)# IP http server

Step 16 Return to privileged EXEC mode:

switch(config)# end

Step 17 Reload the new software with this command:

switch# reload 
System configuration has been modified. Save? [yes/no]:y 
Proceed with reload? [confirm] 

Step 18 Press Return to confirm the reload.

Your Telnet session ends when the switch resets.

Step 19 After the switch reboots, use Telnet to return to the switch, and enter the show version privileged EXEC command to verify the upgrade procedure. If you have a previously opened browser session to the upgraded switch, close the browser, and restart it to ensure that you are using the latest HTML files.


Using the CLI to Upgrade a Catalyst 3500 XL Switch

This procedure is for upgrading Catalyst 3500 XL switches by copying the combined tar file to the switch. You copy the files to the switch from a TFTP server and extract the files by entering the tar privileged EXEC command, with these results:

Changes the name of the current image file to the name of the new file that you are copying and replaces the old image file with the new one.

Disables access to the HTML pages and deletes the existing HTML files before the software upgrade to avoid a conflict if users access the web pages during the software upgrade.

Re-enables access to the HTML pages after the upgrade is complete.

Follow these steps to upgrade the switch software by using a TFTP transfer:


Step 1 If your PC or workstation cannot act as a TFTP server, copy the file to a TFTP server to which you have access.

Step 2 Access the CLI by starting a Telnet session or by connecting to the switch console port through the RS-232 connector.

To start a Telnet session on your PC or workstation, enter this command:

server% telnet switch_ip_address

Enter the Telnet password if you are prompted to do so.

Step 3 Enter privileged EXEC mode:

switch> enable 
switch#

Enter the password if you are prompted to do so.

Step 4 Display the name of the running (default) image file (BOOT path-list). This example shows the name in italic:

switch# show boot 
BOOT path-list:    flash:current_image 
Config file:       flash:config.text 
Enable Break:      1 
Manual Boot:       no 
HELPER path-list:  
NVRAM/Config file 
buffer size: 32768

Step 5 If there is no software image defined in the BOOT path-list, enter the dir flash: privileged EXEC command to display the contents of flash memory.

Step 6 Using the exact, case-sensitive name of the combined tar file that you downloaded, rename the running image file to that name, and replace the tar extension with bin. The image filename is then the same as the downloaded filename but with a bin extension. This step does not affect the operation of the switch.

switch# rename flash:current_image flash:new_image 
Source filename [current_image]?  
Destination filename [new_image]? 

For example:

switch# rename flash:c3500XL-c3h2-mz-112.8.2-SA6.bin 
flash:c3500XL-c3h2s-mz-120-5.3.WC.1.bin 

Step 7 Display the contents of flash memory to verify the renaming of the file:

switch# dir flash: 
Directory of flash:/

  2  ---x     1644045   Apr 04 1993 15:17:15  c3500XL-c3h2s-mz-120-5.3.WC.1.bin
  3  -rwx         415   Jun 13 1993 05:15:37  placement.txt
  4  d--x        6848   May 03 2000 10:47:58  html
 70  -rwx          20   Mar 21 1993 09:17:03  prefs.text
  6  ---x         106   Mar 01 1993 21:56:52  info
228  ---x         106   Apr 04 1993 15:17:54  info.ver
 69  -rwx        2188   Mar 13 1993 03:38:28  config.text
230  -rwx         744   Mar 25 1993 19:16:46  vlan.dat
115  -rwx         354   Mar 13 1993 04:17:15  env_vars

3612672 bytes total (936960 bytes free) 

Step 8 Enter global configuration mode:

switch# configure terminal 
Enter configuration commands, one per line. End with CNTL/Z. 

Step 9 Disable access to the switch HTML pages:

switch(config)# no IP http server

Step 10 Enter the boot global configuration command with the name of the new image filename:

switch(config)# boot system flash:new_image

For example:

switch(config)# boot system flash:c3500XL-c3h2s-mz-120-5.3.WC.1.bin


Note If the show boot privileged EXEC command in Step 4 displays no image name, you do not need to enter this command; the switch automatically finds the correct file to use when it resets.


Step 11 Return to privileged EXEC mode:

switch(config)# end

Step 12 Remove the HTML files:

switch# delete flash:html/* 

Press Enter to confirm the deletion of each file. Do not press any other keys during this process.


Caution In the following step, the tar privileged EXEC command copies the combined tar file that contains both the image and the HTML files. You do not need to copy an HTML tar file in this procedure.

Step 13 Enter this command to copy the new image and HTML files to flash memory:

switch# tar /x tftp://server_ip_address/path/filename.tar flash: 
Loading /path/filename.tar from server_ip_address (via VLAN1):!) 
extracting info (110 bytes)
extracting c3500XL-c3h2s-mz-120-5.3.WC.1.bin (1271095 bytes)!!!!!!!!!!!!!!!!!!!!
html/ (directory)
extracting html/Detective.html.gz (1139 bytes)!
extracting html/ieGraph.html.gz (553 bytes)
extracting html/DrawGraph.html.gz (787 bytes)
extracting html/GraphFrame.html.gz (802 bytes)!
... 

Depending on the TFTP server being used, you might need to enter only one slash (/) after the server_ip_address in the tar privileged EXEC command.

Step 14 Enter global configuration mode:

switch# config terminal 
Enter configuration commands, one per line. End with CNTL/Z. 

Step 15 Re-enable access to the switch HTTP pages:

switch(config)# IP http server

Step 16 Return to privileged EXEC mode:

switch(config)# end

Step 17 Reload the new software with this command:

switch# reload 
System configuration has been modified. Save? [yes/no]:y 
Proceed with reload? [confirm] 

Step 18 Press Return to confirm the reload.

Your Telnet session ends when the switch resets.

Step 19 After the switch reboots, use Telnet to return to the switch, and enter the show version privileged EXEC command to verify the upgrade procedure. If you have a previously opened browser session to the upgraded switch, close the browser, and restart it to ensure that you are using the latest HTML files.


Upgrading Member Switches

Follow these steps to upgrade the software on a Catalyst 2900 XL or Catalyst 3500 XL member switch:


Step 1 In privileged EXEC mode on the command switch, display information about the cluster members:

switch# show cluster members

From the display, select the number of the member switch that you want to upgrade. The member number is in the SN column of the display. You need this member number for Step 2.

Step 2 Log in to the member switch (for example, member number 1):

switch# rcommand 1

Step 3 Start the TFTP copy function as if you were initiating it from the command switch.

switch-1# tar /x tftp://server_ip_address/path/filename.tar flash:
Source IP address or hostname [server_ip_address]?  
Source filename [path/filename]?  
Destination filename [flash:new_image]?  
Loading /path/filename.bin from server_ip_address (via!) 
[OK - 843975 bytes]

Step 4 Reload the new software with the following command:

switch-1# reload 
System configuration has been modified. Save? [yes/no]:y 
Proceed with reload? [confirm]

Press Enter to start the download.


You lose contact with the switch while it reloads the software. For more information on the rcommand privileged EXEC command, refer to the switch command reference.

Limitations and Restrictions

You should review this section before you begin working with the switches. Some features might not work as documented, and some features could be affected by recent changes to the switch hardware or software.

Cisco IOS Limitations and Restrictions

These are the Cisco IOS restrictions for this release.

When trying to find the cam table (show mac) through SNMP, you have to query dot1dTpFdbPort (.1.3.6.1.2.1.17.4.3.1.2), and then based on the results poll dot1dBasePortIfIndex (.1.3.6.1.2.1.17.1.4.1.2). When you issue an snmpwalk dot1dTpFdbPort all interfaces are returned. However, the snmpwalk dot1dBasePortIfIndex displays the physical interfaces only.

The workaround is to do an snmpget dot1dBasePortIfIndex by using the index found from the snmpwalk dot1dTpFdbPort query. (CSCdz55568)

A switch that is running in VTP server mode unexpectedly removes VLANs when there is a topology change on another device.

There is no workaround. (CSCdz73429)

The switch does not have a SNMP MIB object that identifies the type of an installed CWDM GBIC module.

The workaround is to use the command show interface status privileged EXEC command to find out the type of CWDM GBIC module that is installed in the switch. (CSCin29895)

A configuration conflict occurs if a switch cluster has Catalyst 2900 LRE XL switches using both private and public profiles. If one LRE switch in a cluster is assigned a public profile, all LRE switches in that cluster must have that same public profile. Before you add an LRE switch to a cluster, make sure that you assign it the same public profile used by other LRE switches in the cluster.

Catalyst 2900 LRE XL switches support 250 VLANs and 64 spanning-tree instances.

If a port group is set up between the LRE port of a Catalyst 2900 LRE XL switch and the Fast EtherChannel (FEC) ports of another switch through the LRE CPE devices, and the LRE link on an LRE port drops, the LRE switch no longer uses the LRE port for data transmission. However, the other switch might continue sending data through the FEC port. The packets being sent to the LRE port of the LRE switch are lost.

Data transmission continues normally if the LRE link is restored. (CSCdt22573)

All Catalyst 3500 series XL and most Catalyst 2900 series XL switches support a total of 250 VLANs and 64 spanning-tree instances. The Catalyst 2912 XL, 2924 XL, and 2924C XL switches support a total of 64 VLANs and 64 spanning-tree instances. Regardless of the switch model, only 64 spanning-tree instances are supported.

You cannot configure a connected Cisco 585 LRE CPE device. You cannot monitor a Cisco 585 LRE CPE device from the switch LEDs or from CMS. Use the cluster setup privileged EXEC command to monitor a Cisco 585 LRE CPE device. You can still monitor a Cisco 575 LRE CPE device from the switch LEDs, the CLI, and from CMS.

When packets from multiple VLANS that have the same source MAC address are received on different Ethernet ports of a Cisco 585 LRE CPE device, the LRE CPE creates a single ingress port entry in the packets. The packets are not correctly switched back to the VLANs if the network was designed with the assumption that MAC address and ingress port entries are maintained for each specific VLAN.

There is no workaround. This is a limitation of the Ethernet switch on the Cisco 585 LRE CPE. (CSCdx03708)

Incoming Inter-Switch Link (ISL) frames are discarded by Cisco LRE CPE devices. ISL frames are not supported on the Cisco LRE CPE devices.

There is no workaround. (CSCdx25940)

Secure MAC address aging does not time out the address learned on a secure port if the address is then learned on another port (which could be either a secure or a non-secure port) and traffic from the source MAC address continues to come into that port.

When this occurs, the locked MAC address does not appear in the output of the show mac dynamic USER exec command, but it is still reachable because it is in the Content-Addressable Memory (CAM) table of the switch.

The workaround is to enter the clear mac-address-table secure interface interface-id privileged EXEC command on the secure port. (CSCdy88929)

A Catalyst 3524-PWR XL switch does not work correctly with some Intel Pro/1000 MT network interface cards (NICs). This is an Intel product defect. There is no workaround. (CSCec00968)

UDLD aggressive mode is not supported on the switch, and the udld aggressive interface configuration and global configuration commands are no longer available in the CLI. (CSCee84438)

When a Catalyst 2900 XL switch is configured with TACACS timeouts and retries, the timeouts and retries have no effect. Instead, the switch uses 14 seconds per server no matter what is configured.

The workaround is to make sure that the switch is able to make the initial contact with the TACACS+ server. Then, the configured timeouts and retries take effect. If the switch is reloaded, the timeout returns to 14 seconds until the TACACS server is reached. (CSCeg25894)

Beginning with Cisco IOS Release 12.0(5)WC14, the interface listed in the logging source-interface interface configuration command is now administratively shut down after the device is reloaded or power cycled. (CSCsc00319)


Note If you already have the logging source-interface interface configuration command configured on your switch and you upgrade to Cisco IOS Release 12.0(5)WC14, you must reload the switch after upgrading for this caveat to be fixed


The Cisco RPS 300 Redundant Power System (RPS) supports the Catalyst 3524-PWR XL switch. When the RPS LED on the switch is amber, the RPS is connected but down. However, this might merely mean that the RPS is in standby mode. Press Standby/Active on the RPS to put it into active mode. Refer to the RPS 300 Hardware Installation Guide for more information. You can view the RPS status by using the show rps privileged EXEC command.

When connecting to the Catalyst 3524-PWR XL 10/100 inline-power ports, observe this caution:


Caution A Catalyst 3524-PWR XL 10/100 port needs up to 10 seconds to initially detect, power, and link to a Cisco IP Phone. If you disconnect the Cisco IP Phone before link has been established, you must wait 10 seconds before connecting another network device (other than another Cisco IP phone) to that switch port. Failing to do so can damage that network device.

You can connect the switch to a PC by using the switch console port and the supplied rollover cable and the DB-9 adapter. You need to provide a RJ-45-to-DB-25 female DTE adapter if you want to connect the switch console port to a terminal. You can order a kit (part number ACS-DSBUASYN=) with this RJ-45-to-DB-25 female DTE adapter from Cisco.

Certain combinations of port features create configuration conflicts. Refer to the "Avoiding Configuration Conflicts" section in the "Troubleshooting" chapter of the switch software configuration guide for a table that defines these conflicts.

When you add a VTP client, follow this caution and procedure:


Caution Before adding a VTP client to a VTP domain, always verify that its VTP configuration revision number is lower than the configuration revision number of the other switches in the VTP domain. If necessary, reset the switch configuration revision number to 0. Switches in a VTP domain always use the VLAN configuration of the switch with the highest VTP configuration revision number. If you add a switch that has a revision number higher than the revision number in the VTP domain, it can erase all VLAN information from the VTP server and VTP domain.

Beginning in user EXEC mode, follow these steps to verify and reset the VTP configuration revision number on a switch before adding it to a VTP domain.

 
Command
Purpose

Step 1 

show vtp status

Check the VTP configuration revision number.

If the number is 0, add the switch to the VTP domain.

If the number is greater than 0, follow these steps:

a. Write down the domain name.

b. Write down the configuration revision number.

c. Continue with the next steps to reset the configuration revision number on the switch.

Step 2 

enable

Enter privileged EXEC mode.

Step 3 

vlan database

Enter VLAN database mode.

Step 4 

vtp domain domain-name

Change the domain name from the original one displayed in Step 1 to a new name.

Step 5 

exit

The VLAN information on the switch is updated and the configuration revision number is reset to 0. You return to privileged EXEC mode.

Step 6 

show vtp status

Verify that the configuration revision number has been reset to 0.

Step 7 

vlan database

Enter VLAN database mode.

Step 8 

vtp domain domain-name

Enter the original domain name on the switch.

Step 9 

exit

The VLAN information on the switch is updated, and you return to privileged EXEC mode.

Step 10 

show vtp status

(Optional) Verify that the domain name is the same as in Step 1 and that the configuration revision number is 0.

After resetting the configuration revision number, add the switch to the VTP domain.


Note You can use the vtp transparent vlan database command to disable VTP on the switch and then change its VLAN information without affecting the other switches in the VTP domain. For more information about using vtp transparent mode, refer to the switch software configuration guide.


Host names and Domain Name System (DNS) server names that contain commas on a cluster command switch, member switch, or candidate switch can cause CMS to behave unexpectedly. You can avoid this instability in the interface by not using commas in host names or DNS names. Do not use commas when also entering multiple DNS names in the Device Configuration tab (Administration > IP Addresses) in CMS.

The range of seconds for the span-tree max-age global configuration command is now 6 to 200 seconds. If you had used this command in Cisco IOS Release 11.2(8)SA6 or earlier to set a value greater than this range and now upgrade your software to Cisco IOS Release 11.2(8.1)SA6 or later, the switch sets this value to the default: 20 seconds for IEEE STP and 10 seconds for IBM STP.

When using the SPAN feature, the monitoring port receives copies of sent and received traffic for all monitored ports. If the monitoring port is 50 percent oversubscribed for a sustained period of time, it will probably become congested. One or more of the ports being monitored might also experience a slowdown.

When using the Software Image Management (SWIM) application in the Resource Manager Essentials (RME) suite of the CiscoWorks2000 product family to perform automated system software and boot loader upgrades, you should note the following:

Catalyst 2900 series XL switches require Cisco IOS Release 11.2(8)SA4 or later and RME version 2.1 or 2.2.

Catalyst 3500 series XL switches require Cisco IOS Release 11.2(8.1)SA6 or later and RME version 2.2.

CMS Limitations and Restrictions

These are the Cluster Management Suite (CMS) restrictions for this release:

CMS does not support Netscape Navigator 6.0. The workaround is to use a supported version of Netscape Navigator. (CSCdx34982)

CMS does not work reliably on machines running Windows 98 and Netscape Navigator. The workaround is to use Microsoft Internet Explorer. (CSCdx49978)

If you have a proxy server configured on your web browser, CMS can run slowly and take 2 to 3 minutes to process each command that is entered.

The workaround, if you do not want to disable the proxy server settings on the browser, is to download a browser from a different vendor and use it without the proxy server settings configured to access the CMS.

LRE Limitations and Restrictions

These are the LRE restrictions for this release:

If a port group is set up between the LRE port of a Catalyst 2900 LRE XL switch and the Fast EtherChannel (FEC) ports of another switch through the LRE CPE devices, and the LRE link on an LRE port drops, the LRE switch no longer uses the LRE port for data transmission. However, the other switch might continue sending data through the FEC port. The packets sent to the LRE port of the LRE switch are lost.

Data transmission continues normally if the LRE link is restored. (CSCdt22573)

A high number of collisions can occur for FTP transfers when a large number of packets are sent in a burst from a high-speed interface (such as Fa0/1) to a low-speed interface (such as Lo0/2), which can cause lower than expected transmission speeds.


Note Not all environments support the LRE-10 profile.


The workaround is to set the LRE interface to the LRE-10 or the LRE-10LL profile. (CSCdv01167)

The help that is displayed by the config interface interface configuration command on a Catalyst 2900 LRE XL switch incorrectly states that 28 LRE ports are available:

switch(config)# interface longReachEthernet 0/?
<1-28>  LongReachEthernet interface number

The correct range is:

<1-24>  LongReachEthernet interface number

The workaround is to only use ports 1 through 24. (CSCdz78081)

CSCdw72136

A Catalyst 2900 LRE command switch command switch no longer fails when it receives SNMP packets with invalid variable bindings.

Important Notes

This section describes important information related to this release.

The cluster setup privileged EXEC command was removed in Cisco IOS Release 12.0(5)WC5.

The e2rb.bin LRE firmware file is required for the LRE switch operation. This file is deleted and then replaced with the most current version when you upgrade the LRE switch software. Do not delete this file after upgrading your LRE switch.


Note If you accidentally delete the e2rb.bin file after upgrading your switch, the file is available at this site:
http://www.cisco.com/pcgi-bin/tablebuild.pl/cat2900LRE


When you are configuring a cascaded stack of Catalyst 3500 XL switches by using a GigaStack Gigabit Interface Converter (GBIC) module and want to include more than one VLAN in the stack, be sure to configure all the GigaStack GBIC interfaces as trunk ports by using the switchport mode trunk interface configuration command and to use the same encapsulation method by using the switchport encapsulation {isl | dot1q} interface configuration command. For more information about these commands, refer to the switch command reference.

The MVR threshold feature was removed in Cisco IOS Release 12.0(5.3)WC(1). To limit rates, use the port multicast storm control feature instead of the MVR threshold feature.

The e2rb.bin LRE firmware file is required for the LRE switch operation. This file is deleted and then replaced with the most current version when you upgrade the LRE switch software. Do not delete this file after upgrading your LRE switch.


Note The LRE firmware file resides in the lre-bin directory on the switch. We strongly recommend that you do not delete this directory. The lre-bin directory can be obtained from the IOS tar file. If you delete the lre-bin directory, extract the IOS from the tar file, and copy the lre-bin directory to flash memory.


Resolved Caveats

These caveats were resolved in these releases:

"Resolved Caveats in Cisco IOS Release 12.0(5)WC14" section

"Resolved Caveats in Cisco IOS Release 12.0(5)WC13" section

"Resolved Caveats in Cisco IOS Release 12.0(5)WC12" section

Resolved Caveats in Cisco IOS Release 12.0(5)WC14

These caveats were resolved in Cisco IOS Release 12.0(5)WC14:

CSCdu32036

An SNMP access list is now correctly applied when you enter the snmp-server tftp-server-list global configuration command.

CSCei62762

Symptoms: Router may generate and/or forward crafted IP packets with the source IP address being the routers tunnel interface for GRE or mGRE tunnels. Incorrect packet decoding may be seen with "debug tunnel."

Conditions: The router needs to receive a specially crafted GRE packet sent to the tunnel end-point. The outer IP packet must come from the configured tunnel source and be sent to the configured tunnel destination IP address Present Routed bit must be set to 1.

Workaround: Upgrade Cisco IOS to a version containing fixes for: CSCuk27655 or CSCea22552 or CSCei62762.

Further information: On the 6th September 2006, Phenoelit Group posted an advisory:

* Cisco Systems IOS GRE decapsulation fault

Cisco's statement and further information are available on the Cisco public website at:

http://www.cisco.com/warp/public/707/cisco-sr-20060906-gre.shtml

CSCsb11124

The Cisco IOS Stack Group Bidding Protocol (SGBP) feature in certain versions of Cisco IOS software is vulnerable to a remotely-exploitable denial of service condition. Devices that do not support or have not enabled the SGBP protocol are not affected by this vulnerability. Cisco has made free software available to address this vulnerability for affected customers. There are workarounds available to mitigate the effects of the vulnerability.

Cisco has published a Security Advisory on this issue; it is available at http://www.cisco.com/warp/public/707/cisco-sa-20060118-sgbp.shtml

CSCsb87333

An interface no longer shuts down when 500 or more broadcasts are received on the interface before the port storm-control broadcast action shutdown interface configuration command is entered.

CSCsb97700

The assert message CEST: Assert failure in ../src-l2-les-common/stp_les_shim.c line 1340 has been replaced with this error message:

%MULTI_VLAN_PORT-2-PORT_FAULTY_CONNECT: Ensure that the multi-VLAN port is connected to the router/server port. System memory limit reached. Unexpected multi VLAN-port behavior.

The message appears when a large number of Spanning Tree Protocol (STP) topology-change notices are received on a multi-VLAN port due to a large number of VLANs assigned on the port.


Note This is a limitation with multi-VLAN ports. To avoid this error message, do not connect multi-VLAN ports to hubs or switches and reduce the number of VLANs configured on the multi-VLAN ports. For more information, see the "Configuring VLANs" chapter in the software configuration guide.


CSCsc00319

The interface listed in the logging source-interface interface configuration command is no longer administratively shut down after the device is reloaded or power cycled.

After you upgrade the switch to Cisco IOS Release 12.0(5)WC14, the interface might still be shut down. If this occurs, follow these steps:

a. Enter the shutdown and no shutdown interface configuration commands.

b. Save the running configuration.

c. Reload the switch.

CSCsc24120

SNMP v2 traps now correctly send the internal SNMP variable sysUpTime as a TIMETICKS SNMP data type (in hundredths of a second). In previous releases, the SNMP v2 traps sent the sysUpTime variable as an INTEGER data type, and it was not read as a time value.

CSCsc69476

A vulnerability exists in the IOS HTTP server in which HTML code inserted into dynamically generated output, such as the output from a show buffers command, will be passed to the browser requesting the page. This HTML code could be interpreted by the client browser and potentially execute malicious commands against the device or other possible cross-site scripting attacks. Successful exploitation of this vulnerability requires that a user browse a page containing dynamic content in which HTML commands have been injected. Cisco will be making free software available to address this vulnerability for affected customers. There are workarounds available to mitigate the effects of the vulnerability.

This advisory is posted at http://www.cisco.com/warp/public/707/cisco-sa-20051201-http.shtml.

Resolved Caveats in Cisco IOS Release 12.0(5)WC13

These caveats were resolved in Cisco IOS Release 12.0(5)WC13:

CSCei61732

Cisco IOS may permit arbitrary code execution after exploitation of a heap-based buffer overflow vulnerability. Cisco has included additional integrity checks in its software, as further described below, that are intended to reduce the likelihood of arbitrary code execution.

Cisco has made free software available that includes the additional integrity checks for affected customers.

This advisory is posted at http://www.cisco.com/warp/public/707/cisco-sa-20051102-timers.shtml

CSCei76358

Through normal software maintenance processes, Cisco is removing deprecated functionality. These changes have no impact on system operation or feature availability.

Resolved Caveats in Cisco IOS Release 12.0(5)WC12

These Cisco IOS caveats were resolved in Cisco IOS Release 12.0(5)WC12:

CSCee12116

A memory leak no longer occurs when a switch is configured with the logging synchronous global configuration command.

CSCee83316

FCS errors, frame errors, alignment errors, and collision fragments no longer occur when you reload a Catalyst 2924 XL switch that has a 2914-XL-V (4-port FastEthernet [FE]) module installed.

CSCef60659

A document that describes how the Internet Control Message Protocol (ICMP) could be used to perform a number of Denial of Service (DoS) attacks against the Transmission Control Protocol (TCP) is publicly available. This document has been published through the Internet Engineering Task Force (IETF) Internet Draft process and is entitled "ICMP Attacks Against TCP" (draft-gont-tcpm-icmp-attacks-03.txt).

These attacks, which only affect sessions terminating or originating on a device itself, can be of three types:

d. Attacks that use ICMP hard error messages

e. Attacks that use ICMP fragmentation needed and Don't Fragment (DF) bit set messages, also known as Path Maximum Transmission Unit Discovery (PMTUD) attacks

f. Attacks that use ICMP source quench messages

Successful attacks can cause connection resets or reduction of throughput in existing connections, depending on the attack type.

Multiple Cisco products are affected by the attacks described in this Internet draft.

Cisco has made free software available to address these vulnerabilities. In some cases, there are workarounds available to reduce the effects of the vulnerability.

This advisory is posted at http://www.cisco.com/warp/public/707/cisco-sa-20050412-icmp.shtml

The disclosure of these vulnerabilities is being coordinated by the National Infrastructure Security Coordination Centre (NISCC), based in the United Kingdom. NISCC is working with multiple vendors whose products are potentially affected. Its posting is at this URL:

http://www.niscc.gov.uk/niscc/docs/re-20050412-00303.pdf?lang=en

CSCeg60496

A memory leak no longer occurs on a Catalyst 3500 XL switch that has authentication, authorization, and accounting (AAA) configured with the aaa accounting exec default [start-stop | stop-only | wait-start] global configuration command.

CSCeh34469

When a Catalyst 3500 XL switch port and any other switch port are connected by an IEEE 802.1q trunk link, the port on the Catalyst 3500 XL switch no change to the PVID-inconsistent state if the native VLAN is changed from VLAN 1 to any other VLAN on both switches.

CSCeh40499

The logging source-interface vlan vlan-id global configuration command is now supported on a Catalyst 3500 XL switch.

CSCeg87016

A Catalyst 3500XL switch no longer fails or reloads when it is configured with these AAA commands:

aaa authorization commands 15 no_tacacs none 
aaa authentication login default group list-name line 
aaa accounting send stop-record authentication failure 

CSCsa67294

A switch no reloads under these conditions:

A malformed VTP packet is received on a port that is configured for ISL or IEEE 802.1q trunking.

The packet correctly matches the VTP domain name.

CSCei19043

This error message no longer appears on a Catalyst 3500 XL switch when a default port is removed and the switch cannot use STP:

set_group_bandwidth: Group has no default port

Documentation Updates

These are the updates to the product documentation:

"Corrections to Software Configuration Guide" section

"Correction to Command Reference" section

"Catalyst 2900 XL Hardware Installation Guide Corrections and Updates" section

Corrections to Software Configuration Guide

These are corrections for the software configuration guide:

The procedure to assign static-access ports to a VLAN in the "Configuring VLANs" chapter of the Catalyst 3500 Series XL and Catalyst 3500 Series XL Software Configuration Guide, Cisco IOS Release 12.0(5)WC5 and Cisco IOS Release 12.0(5)WC6, is incorrect.

This is the correct procedure:

Beginning in privileged EXEC mode, follow these steps to assign a port for static-access VLAN membership:

 
Command
Purpose

Step 1 

configure terminal

Enter global configuration mode.

Step 2 

interface interface

Enter interface configuration mode, and enter the port to be added to the VLAN.

Step 3 

switchport mode access

Enter the VLAN membership mode for static-access ports.

Step 4 

switchport access vlan vlan

Assign the port to a VLAN.

Step 5 

end

Return to privileged EXEC mode.

Step 6 

show interface interface-id switchport

Verify your entries.

The LRE Upgrade Details section of the "Configuring LRE" chapter in the Catalyst 2900 XL and Catalyst 3500 XL Software Configuration Guide does not include this information:

After an upgrade is complete, the switch configuration shows this information about the LRE interfaces, which does not affect the switch functionality:

<output truncated>
!
controller LongReachEthernet 0
!
controller LongReachEthernet 1
!
controller LongReachEthernet 2
!
controller LongReachEthernet 3
!
controller LongReachEthernet 4
!
controller LongReachEthernet 5
!
controller LongReachEthernet 6
!
!<output truncated>

The Catalyst 2900 XL and Catalyst 3500 XL Software Configuration Guide does not describe how to create access-lists. For information about creating access-lists, see the "Configuring IP Services" chapter of the Cisco IOS Release 12.0 Network Protocols Configuration Guide, located at this URL:

/en/US/docs/ios/12_0/np1/configuration/guide/1cip.html#wp7406

The "Configuring VLANs" chapter of the Catalyst 2900 XL and Catalyst 3500 XL Software Configuration Guide does not show how to use the switchport trunk allowed vlan add command.

By default, a trunk port sends to and receives traffic from all VLANs in the VLAN database. If the switch is configured with a number of VLANs and it is connected to Cisco IP Phones through IEEE 802.1Q trunk ports, the switch sends spanning-tree BPDUs for all VLANs to all of the phones. This can flood the phones with traffic.

Beginning in privileged EXEC mode, follow these steps to configure a VLAN list that allows only voice and data VLANs on the trunk port:

Command
Purpose

configure terminal

Enter global configuration mode.

interface interface-id

Enter interface configuration mode and the port to be added to the VLAN.

switchport mode trunk

Configure VLAN membership mode for trunks.

switchport trunk allowed vlan add vlan-list

Define the voice and data VLANs that are allowed to send and receive on the port.

The vlan-list parameter is a range of VLAN IDs. Separate nonconsecutive VLAN IDs with a comma and no spaces; use a hyphen to designate a range of IDs. Valid IDs are from 2 to 1001.

end

Return to privileged EXEC mode.

show interface interface-id switchport allowed-vlan

Verify your entries.

copy running-config startup-config

Save the configuration.


l

For more information about these commands, refer to the switch command reference.

The "Configuring the System" chapter of the Catalyst 2900 XL and Catalyst 3500 XL Software Configuration Guide does not show how disable SNMP. SNMP is enabled by default. To disable SNMP, follow these steps, beginning in privileged EXEC mode:

 
Command
Purpose

Step 1 

configure terminal

Enter global configuration mode.

Step 2 

no snmp-server

Disable the SNMP agent operation.

Step 3 

end

Return to privileged EXEC mode.

Step 4 

show running-config

Verify your entries.

Step 5 

copy running-config startup-config

(Optional) Save your entries in the configuration file.

The no snmp-server global configuration command disables all running versions on the device. No specific Cisco IOS command exists to enable SNMP. The first snmp-server global configuration command that you enter enables all versions of SNMP.

For more information about disabling and enabling SNMP, refer to the command reference for this release.

When RADIUS or TACACS+ is used for authentication, all cluster members must use the same type of authentication. Mixing the authentication types causes CMS to continuously prompt for the username and password.

This is a correction to the "Controlling Switch Access with RADIUS" section in the "Configuring the System" chapter:


Note This feature available on the Catalyst 2900 XL and Catalyst 3500 XL switches running Cisco IOS Release 12.0(5)WC5 or later. It is also available on Catalyst 2900 LRE XL switches running Cisco IOS Release 12.0(5)WC6.


The "Profile Locking" section in the Catalyst 2900 Series XL and Catalyst 3500 Series XL Software Configuration Guide inaccurately refers to the profile lock command name. The correct name is the rate selection profile lock interface configuration command.

DHCP autoconfiguration does not occur as described in Catalyst 2900 XL and Catalyst 3500 XL Software Configuration Guide.

When you start the switch, the switch automatically requests configuration information from a DHCP server only if a configuration file is not present on the switch.

DHCP autoconfiguration does not occur under these conditions:

When a configuration file is present and the service config global configuration command is disabled on the switch.

When a configuration file is present and the service config global configuration command is enabled on the switch. In this case, the switch broadcasts TFTP requests for the configuration file.

The software configuration guide incorrectly states that flow control is supported on ports running at 100 Mbps in full-duplex mode. Flow control is supported only on, 1000-Mbps module ports.

The Catalyst 2900 XL and Catalyst 3500 XL documentation does not specify that the Enterprise edition (which requires 8-MB of flash memory) is required to configure TACACS+.

These system messages are not included in the "System Messages" chapter of the software configuration guide for this release:

This is a correction to the "Controlling Switch Access with RADIUS" section in the "Configuring the System" chapter:


Note This feature available on the Catalyst 2900 XL and Catalyst 3500 XL switches running Cisco IOS Release 12.0(5)WC5 or later. It is also available on Catalyst 2900 LRE XL switches running Cisco IOS Release 12.0(5)WC6.


These system messages were not included in the "System Messages" chapter:

Error Message    AAAA-CLUSTER_MEMBER_1-3-INVSTATE:[chars]AUTHOR/[chars]:Internal state 
is invalid:astruct 0x[addr] ustruct 0x[addr]

Explanation    The data structures for the AAA feature are not initialized properly. This is an internal software error.

Recommended Action    Find out more about the error by using the show tech-support privileged EXEC command and by copying the error message exactly as it appears on the console or system log and entering it in the Output Interpreter tool at this URL: https://www.cisco.com/cgi-bin/Support/OutputInterpreter/home.pl.

Use the Bug Toolkit to look for similar reported problems at this URL: http://www.cisco.com/pcgi-bin/Support/Bugtool/home.pl.

For information about contacting TAC, refer to the "Obtaining Technical Assistance" section in the preface of the software configuration guide.

Error Message    LRE_UPGRADE-4-INIT_RESOURCE: cannot locate lre firmware files

Explanation    This message means that the LRE upgrade module cannot locate a required resource. The Long-Reach Ethernet (LRE) upgrade module requires a directory in flash memory named flash:/lre-bin. This directory stores the LRE-related firmware files for the LRE switch and the LRE CPE devices. The upgrade module cannot initialize unless a directory already exists in flash memory.

Recommended Action    Verify that the flash:/lre-bin directory exists. If the directory is missing, create an empty directory named flash:/lre-bin. If the directory already exists, report this message to your Cisco technical support representative.

For more information about system messages, refer to the "System Messages" chapter of the Catalyst 2900 XL and Catalyst 3500 XL Software Configuration Guide.

Error Message    REDUNDANT POWER SYSTEM IS FAULTY

Explanation    This message means that the redundant power system (RPS) is not operating properly.

Recommended Action    The RPS is not providing power to the switch. Verify that the AC power to the RPS is properly connected. If the RPS is correctly connected to AC power, verify that the cable between the RPS and the switch is properly connected. If that does not resolve the problem, contact your Cisco representative for a replacement.

Error Message    VQPCLIENT-2-CHUNKFAIL Could not allocate memory for VQP   

Explanation    This message means that the VQP Client process cannot allocate the required memory for its internal data structures.

Recommended Action    There might be a memory shortage in the switch. Check the configuration and the number of features that are configured. If the problem persists, copy the error message exactly as it appears on the console or in the system log. Enter the show tech-support privileged EXEC command to gather data that might provide information to determine the nature of the error. If you cannot determine the nature of the error from the error message text or from the show tech-support output, contact your Cisco technical support representative, and provide the representative with the gathered information.

Error Message    VQPCLIENT-2-DENY Host <mac addr> denied on interface <intf> 

Explanation    This message means that the access for the host with the MAC address shown is denied by the VQP server on the interface. <mac addr> is the MAC address of the interface. <inft> is the interface number.

Recommended Action    Verify the VMPS database file, or remove the host from the interface. This error message appears when either the wrong host is connected to the dynamic access port, on when the VMPS database does not contain the required host entry.

Error Message    VQPCLIENT-2-INITFAIL Platform-specific VQP initialization failed. 
Quitting 

Explanation    This message means that the VQP client process is not able to initialize the platform-specific software or hardware.

Recommended Action    Find out more about the error by using the show tech-support privileged EXEC command and by copying the error message exactly as it appears on the console or system log and entering it in the Output Interpreter tool at this URL: https://www.cisco.com/cgi-bin/Support/OutputInterpreter/home.pl.

Use the Bug Toolkit to look for similar reported problems at this URL: http://www.cisco.com/pcgi-bin/Support/Bugtool/home.pl.

For information about contacting TAC, see the "Obtaining Technical Assistance" section in the preface of the software configuration guide.

Error Message    VQPCLIENT-2-IPSOCK Could not obtain IP socket.

Explanation    This message means that the VQP client process cannot open the IP socket to communicate to the VQP server.

Recommended Action    Check the IP configuration for the management VLAN interface. Follow the IP address configuration and VQP client configuration steps listed in the configuration manual. If the problem persists, contact your Cisco technical support representative and provide the representative with the gathered information.

Error Message    VQPCLIENT-2-PROCFAIL Could not create process for VQP. Quitting.

Explanation    This message means that the VQP client process is not starting on the switch. This process is required to configure the dynamic access ports with proper VLANs.

Recommended Action    Find out more about the error by using the show tech-support privileged EXEC command and by copying the error message exactly as it appears on the console or system log and entering it in the Output Interpreter tool at this URL: https://www.cisco.com/cgi-bin/Support/OutputInterpreter/home.pl.

Use the Bug Toolkit to look for similar reported problems at this URL: http://www.cisco.com/pcgi-bin/Support/Bugtool/home.pl.

For information about contacting TAC, see the "Obtaining Technical Assistance" section in the preface of the software configuration guide.

Error Message    VQPCLIENT-2-SHUTDOWN Interface <intf> shutdown by VMPS

Explanation    This message means that the interface is shut down as requested by the VMPS configuration. <intf> is the interface number.

Recommended Action    No action is required. This is only an informational message that means that the necessary action has been taken when the VQP Server provides the port status to the client process.

Error Message    VQPCLIENT-2-TOOMANY Interface <intf> shutdown by active host limit

Recommended Action    This message means that the number of active hosts on the interface has reached the maximum limit of 20. <intf> is the interface number.

Recommended Action    Reduce the number of hosts on the dynamic access port.

Error Message    VQPCLIENT-3-IFNAME Invalid interface <intf> in response

Recommended Action    This message means that the response from the VQP server does not contain the correct interface name. <intf> is the interface number.

Recommended Action    Verify the VLAN Membership Policy Server (VMPS) configuration. If the problem persists, copy the error message exactly as it appears on the console or in the system log. Contact your Cisco technical support representative and provide the representative with the gathered information.

Error Message    VQPCLIENT-3-THROTTLE Throttling VLAN change on <intf>

Explanation    This message means that the VLAN assignment for the interface changed too frequently in a short time. <inft> is the interface number.

Recommended Action    Check the VMPS configuration. Limit the number of hosts on the dynamic access port. If the problem persists, copy the error message exactly as it appears on the console or in the system log. Contact your Cisco technical support representative and provide the representative with the gathered information.

Error Message    VQPCLIENT-3-VLANNAME Invalid VLAN <intf> in response

Explanation    This message means that the interface cannot be assigned to the VLAN specified by the server because either the VLAN name is wrong or a configuration error occurred. <inft> is the interface number.

Recommended Action    Verify the VMPS configuration. Check the VLAN database configuration for the specified VLAN. If the problem persists, copy the error message exactly as it appears on the console or in the system log. Contact your Cisco technical support representative and provide the representative with the gathered information.

Error Message    VQPCLIENT-7-NEXTSERV Trying next VMPS 

Explanation    This message means that the VQP client process is trying to contact the next VMPS server that is configured to get the response.

Recommended Action    No action is required This is only an informational and debug message.

Error Message    VQPCLIENT-7-PROBE Probing primary server <ipaddr> 

Explanation    This message means that the VQP client process is trying to contact the primary VMPS server that is configured to check the connectivity. <ipaddr> is the server IP.

Recommended Action    No action is required This is only an informational and debug message.

Error Message    VQPCLIENT-7-RECONF Reconfirming VMPS responses

Explanation    This message means that the VQP client process is trying to reconfirm the VLAN assignment for the dynamic access ports.

Recommended Action    No action is required This is only an informational and debug message.

Correction to Command Reference

The lre rate selection sequence global configuration command was introduced in 12.0(5)WC6. The switch command reference incorrectly states that this command was introduced in 12.0(6)WC6.

Corrections to Catalyst 2900 XL Hardware Installation Guide

This information was not included in the "Overview" chapter of the Catalyst 2900 Series XL Hardware Installation Guide:


Note For information about determining power budgets and margins for fiber-optic connections, refer to the "PA-A3 Overview" in the "PA-A3 Enhanced ATM Port Adapter Hardware and Configuration Guide" at this URL:
http://www.cisco.com/univercd/cc/td/doc/product/core/cis7505/portadpt/atm_port/pa_a3/
5117ovr.htm#1038789


These corrections apply to the "Technical Specifications" chapter of the Catalyst 2900 Series XL Hardware Installation Guide:

Catalyst 2900 XL Hardware Installation Guide Corrections and Updates

This is a correction to fiber-optic power specifications in Table A-2 in the "Technical Specifications" chapter:

Table 11 Technical Specifications for the Catalyst 2924C XL Switches

Fiber-Port Power Levels
Catalyst 2924C XL
 

Optical transmitter wavelength

1300 nm1

 

Optical receiver sensitivity

-19 to -14 dBm2

 

Optical transmitter power

-19 to -14 dBm

1 nm = nanometers

2 dBm = decibel milliwatt


Table A-4 shows an incorrect figure for the power consumption. The actual power consumption is 70 W rather than 150 W.

Table A-4 should also include this information:

2912 LRE XL and 2924 LRE XL KVA rating: 0.07 KVA

2950 ST LRE KVA rating: - 0.030 KVA

These updated warnings apply to the "Translated Warnings Chapter" of the Catalyst 2900 Series XL Hardware Installation Guide:

Attaching the Cisco RPS (model PWR300-AC-RPS-N1)

Warning


Attach only the Cisco RPS (model PWR300-AC-RPS-N1) to the RPS receptacle.

Waarschuwing

Slechts de Cisco RPS (model PWR300-AC-RPS-N1) aan de RPS contactdoos verbinden.

Varoitus

Kiinnitä RPS-vastakappaleeseen vain Cisco RPS (malli PWR300-AC-RPS-N1).

Avertissement

Raccordez le bloc d'alimentation Cisco RPS (modèle PWR300-AC-RPS-N1) uniquement au connecteur RPS.

Warnung

An die RPS-Steckhülse darf nur das Cisco RPS (Modell PWR300-AC-RPS-N1) angeschlossen werden.

Figyelem!

Az RPS csatlakozóhoz csak Cisco RPS (PWR300-AC-RPS-N1 modell) aljzatot csatlakoztasson.

Avvertenza

Collegare soltanto il Cisco RPS (modello PWR300-AC-RPS-N1) alla presa RPS.

Advarsel!

Koble bare Cisco RPS (modell PWR300-AC-RPS-N1) til RPS-stikkontakten.

Aviso

Anexe o RPS Cisco (modelo PWR300-AC-RPS-N1) apenas ao receptáculo RPS.

¡Advertencia!

Sólo conecte el Cisco RPS (modelo PWR300-AC-RPS-N1) al receptáculo RPS.

Varning!

Koppla endast Ciscos RPS (modell PWR300-AC-RPS-N1) till RPS-uttaget.


Overtemperature Warning

Warning


To prevent the switch from overheating, do not operate it in an area that exceeds the maximum recommended ambient temperature of 113°F (45°C). To prevent airflow restriction, allow at least 3 inches (7.6 cm) of clearance around the ventilation openings.

Waarschuwing

Om oververhitting van de schakelaar te voorkomen, mag u die niet bedienen in een ruimte die de maximale aanbevolen omgevingstemperatuur van 113°F (45°C) overschrijdt. Om beperking van de luchtstroom te voorkomen, dient u ten minste 3 inch (7,6 cm) speling te laten rondom de ventilatie-openingen.

Varoitus

Estääksesi kytkimen ylikuumenemisen älä käytä sitä sellaisissa paikoissa, joiden lämpötila ylittää ympäristön enimmäislämpötilaksi suositellun 45°C. Jätä vähintään 7,6 cm:n vapaa tila tuuletusaukkojen ympärille, jotta ilma pääsee vapaasti virtaamaan.

Attention

Pour éviter une surchauffe du commutateur, ne pas le faire fonctionner dans un local dont la température ambiante dépasse le maximum recommandé de 45°C (113°F). Pour faciliter la circulation d'air, aménager un dégagement d'au moins 7,6 cm (3 pouces) autour des bouches d'aération.

Warnung

Um eine Überhitzung des Schalters zu vermeiden, ist das System nicht in einem Bereich zu betreiben, in dem die empfohlene Höchsttemperatur von 45°C überschritten wird. Damit der Luftfluß nicht behindert wird, ist ein Freiraum von mindestens 7,6 cm um die Belüftungsöffnungen herum einzuhalten.

Figyelem!

A túlmelegedés megelõzése végett ne üzemeltesse a kapcsolót olyan területen, ahol a hõmérséklet meghaladja a 45°C maximális ajánlott környezeti hõmérsékletet. A megfelelõ légáramlás biztosítása érdekében a szellõzõnyílások körül hagyjon szabadon legalább 7,6 cm helyet.

Avvertenza

Per evitare il surriscaldamento dell'interruttore, non usare l'apparecchiatura in un'area che supera la temperatura ambientale minima consigliata di 45°C. Per evitare una limitazione del flusso dell'aria, lasciare come minimo uno spazio libero di 7,6 cm intorno alle aperture di ventilazione.

Advarsel

For å unngå at bryteren overopphetes skal utstyret ikke brukes på steder hvor anbefalt maks omgivelsestemperatur overstiger 113 grader Farenheit (45°C). La det være minst 3 tommer (7,6 cm) klaring rundt ventilasjonsåpningene for at luftsirkulasjonen skal være uhindret.

Aviso

Para evitar sobreaquecimento do interruptor, não utilize o equipamento numa àrea que exceda uma temperatura máxima de 45°C. Para evitar o bloqueamento da circulação de ar, deixe pelo menos um espaço de 7.6 cm em volta das aberturas de ventilação.

¡Advertencia!

Para evitar que el interruptor se recaliente, no se debe usar en áreas cuya temperatura ambiente exceda la máxima recomendada, esto es, 45°C (113°F). Para no entorpecer la corriente de aire, dejar por lo menos 7,6 cm (3 pulgadas) de espacio muerto alrededor de la rejilla de ventilación.

Varning!

För att undvika överhettning av strömbrytaren skall den inte användas i utrymme vars temperatur överskrider den maximalt rekommenderade omgivningstemperaturen 45°C. Kontrollera att det finns minst 7,6 cm fritt utrymme runt ventilationsöppningarna så att luftflödet inte begränsas.


Chassis Power Connection

Warning


Before connecting or disconnecting ground or power wires to the chassis, ensure that power is removed from the DC circuit. To ensure that all power is OFF, locate the circuit breaker on the panel board that services the DC circuit, switch the circuit breaker to the OFF position, and tape the switch handle of the circuit breaker in the OFF position.

Waarschuwing

Voordat u aarddraden of elektriciteitsdraden op het frame aansluit of van het frame neemt, dient u te controleren of de stroom naar het gelijkstroomcircuit uitgeschakeld is. Om u ervan te verzekeren dat alle stroom UIT is geschakeld, kiest u op het schakelbord de stroomverbreker die het gelijkstroomcircuit bedient, draait de stroomverbreker naar de UIT positie en plakt de schakelaarhendel van de stroomverbreker met plakband in de UIT positie vast.

Varoitus

Varmista, että tasavirtapiirissä ei ole virtaa ennen maadoitus- tai virtajohtojen kytkemistä asennuspohjaan tai ennen niiden irrottamista. Varmistaaksesi, että virta on KATKAISTU täysin, paikanna tasavirrasta huolehtivassa kojetaulussa sijaitseva suojakytkin, käännä suojakytkin KATKAISTU-asentoon ja teippaa suojakytkimen varsi niin, että se pysyy KATKAISTU-asennossa.

Attention

Avant de connecter ou de déconnecter les câbles d'alimentation (pôles et terre) du châssis, vérifiez que le circuit de courant continu est hors tension : localisez le disjoncteur sur le panneau de commande du circuit de courant continu, poussez-le sur la position fermée (OFF) et, à l'aide d'un ruban adhésif, bloquez sa poignée sur cette position.

Warnung

Gleichstrom-Unterbrechung Bevor Sie Erdungs- oder Stromkabel an das Chassis anschließen oder von ihm abtrennen, ist sicherzustellen, daß der Gleichstrom-Stromkreis unterbrochen ist. Um sicherzustellen, daß sämtlicher Strom AUS ist, machen Sie auf der Schalttafel den Unterbrecher für die Gleichstromschaltung ausfindig, stellen Sie den Unterbrecher auf OFF, und kleben Sie den Schaltergriff des Unterbrechers mit Klebeband in der AUS-Stellung fest.

Figyelem!

Mielõtt a föld- vagy a fázisvezetéket a házhoz csatlakoztatja, feltétlenül szakítsa meg az egyenáramú áramkör tápellátását. Úgy gondoskodhat arról, hogy mindenféle tápellátás meg legyen szakítva, hogy megkeresi az árammegszakítót az egyenáramú áramkört kiszolgáló kártyán, az árammegszakítót OFF (KI) helyzetbe állítja, és árammegszakító kapcsolóját az OFF (KI) helyzetben leragasztja.

Avvertenza

Prima di collegare o distaccare i cavi elettrici o di messa a terra dallo chassis, assicuratevi che il circuito DC non sia alimentato. Per verificare che tutta l'alimentazione sia scollegata (OFF), individuare l'interruttore automatico sul quadro strumenti che alimenta il circuito CC, mettere l'interruttore in posizione OFF e fissarlo con nastro adesivo in tale posizione.

Advarsel

Før til- eller frakobling av jord- og strømledninger til kabinettet, kontroller at strømmen er frakoblet likestrømkretsen. Sørg for at all strøm er slått AV. Dette gjøres ved å lokalisere strømbryteren på brytertavlen som betjener likestrømkretsen, slå strømbryteren AV og teipe bryterhåndtaket på strømbryteren i AV-stilling.

Aviso

Antes de conectar ou desconectar a ligação à terra ou a alimentação do chassis, certifique-se de que desligou a fonte de alimentação de energia do circuito de corrente contínua. Para se assegurar que toda a corrente foi DESLIGADA, localize o disjuntor no painel que serve o circuito de corrente contínua e coloque-o na posição OFF (Desligado), segurando nessa posição a manivela do interruptor do disjuntor com fita isoladora.

¡Advertencia!

Antes de conectar o desconectar el circuito de tierra o de alimentación del chasis, asegúrese que la alimentación del circuito CC esté cortada (OFF). Para asegurarse de que toda la alimentación esté cortada (OFF), localice el interruptor automático en el panel que alimenta el circuito de corriente continua, cambie el interruptor automático a la posición de apagado (OFF) y sujete con cinta la palanca del interruptor automático en posición de apagado (OFF).

Varning!

Innan du kopplar jord- eller elledningar till eller från chassit måste du kontrollera att strömförsörjningen till likströmskretsen är bruten. Kontrollera att all strömförsörjning är BRUTEN genom att slå AV det överspänningsskydd som skyddar likströmskretsen och tejpa fast överspänningsskyddets omkopplare i FRÅN-läget.


Related Documentation

You can order printed copies of documents with a DOC-xxxxxx= number from the Cisco.com sites and from the telephone numbers listed in the "Obtaining Documentation" section.

These publications provide more information about the switches and the switch software:

Catalyst 2900 Series XL and Catalyst 3500 Series XL Software Configuration Guide (order number DOC-786511=)

Catalyst 2900 Series XL and Catalyst 3500 Series XL Command Reference (order number DOC-7812155=)

Cluster Management Suite (CMS) online help (available only from the switch CMS software)

Catalyst 2900 Series XL Hardware Installation Guide (order number DOC-786461=)

Catalyst 3500 Series XL Hardware Installation Guide (order number DOC-786456=)

Catalyst 2900 Series XL Modules Installation Guide (order number DOC-CAT2900-IG=)

Catalyst 2900 Series XL ATM Modules Installation and Configuration Guide (order number DOC-785472=)

1000BASE-T Gigabit Interface Converter Installation Note (not orderable but is available on Cisco.com)

Catalyst GigaStack Gigabit Interface Converter Hardware Installation Guide (order number DOC-786460=)

Installation Note for the CWDM Passive Optical System (not orderable but available on Cisco.com)

Cisco LRE CPE Hardware Installation Guide (order number DOC-7811469=)

Release Notes for the Cisco LRE CPE (not orderable but is available on Cisco.com)

Obtaining Documentation

Cisco documentation and additional literature are available on Cisco.com. Cisco also provides several ways to obtain technical assistance and other technical resources. These sections explain how to obtain technical information from Cisco Systems.

Cisco.com

You can access the most current Cisco documentation at this URL:

http://www.cisco.com/techsupport

You can access the Cisco website at this URL:

http://www.cisco.com

You can access international Cisco websites at this URL:

http://www.cisco.com/public/countries_languages.shtml

Product Documentation DVD

Cisco documentation and additional literature are available in the Product Documentation DVD package, which may have shipped with your product. The Product Documentation DVD is updated regularly and may be more current than printed documentation.

The Product Documentation DVD is a comprehensive library of technical product documentation on portable media. The DVD enables you to access multiple versions of hardware and software installation, configuration, and command guides for Cisco products and to view technical documentation in HTML. With the DVD, you have access to the same documentation that is found on the Cisco website without being connected to the Internet. Certain products also have .pdf versions of the documentation available.

The Product Documentation DVD is available as a single unit or as a subscription. Registered Cisco.com users (Cisco direct customers) can order a Product Documentation DVD (product number DOC-DOCDVD=) from the Ordering tool or Cisco Marketplace.

Cisco Ordering tool:

http://www.cisco.com/en/US/partner/ordering/

Cisco Marketplace:

http://www.cisco.com/go/marketplace/

Ordering Documentation

Beginning June 30, 2005, registered Cisco.com users may order Cisco documentation at the Product Documentation Store in the Cisco Marketplace at this URL:

http://www.cisco.com/go/marketplace/

Cisco will continue to support documentation orders using the Ordering tool:

Registered Cisco.com users (Cisco direct customers) can order documentation from the Ordering tool:

http://www.cisco.com/en/US/partner/ordering/

Instructions for ordering documentation using the Ordering tool are at this URL:

http://www.cisco.com/univercd/cc/td/doc/es_inpck/pdi.htm

Nonregistered Cisco.com users can order documentation through a local account representative by calling Cisco Systems Corporate Headquarters (California, USA) at 408 526-7208 or, elsewhere in North America, by calling 1 800 553-NETS (6387).

Documentation Feedback

You can rate and provide feedback about Cisco technical documents by completing the online feedback form that appears with the technical documents on Cisco.com.

You can send comments about Cisco documentation to bug-doc@cisco.com.

You can submit comments by using the response card (if present) behind the front cover of your document or by writing to the following address:

Cisco Systems
Attn: Customer Document Ordering
170 West Tasman Drive
San Jose, CA 95134-9883

We appreciate your comments.

Cisco Product Security Overview

Cisco provides a free online Security Vulnerability Policy portal at this URL:

http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html

From this site, you can perform these tasks:

Report security vulnerabilities in Cisco products.

Obtain assistance with security incidents that involve Cisco products.

Register to receive security information from Cisco.

A current list of security advisories and notices for Cisco products is available at this URL:

http://www.cisco.com/go/psirt

If you prefer to see advisories and notices as they are updated in real time, you can access a Product Security Incident Response Team Really Simple Syndication (PSIRT RSS) feed from this URL:

http://www.cisco.com/en/US/products/products_psirt_rss_feed.html

Reporting Security Problems in Cisco Products

Cisco is committed to delivering secure products. We test our products internally before we release them, and we strive to correct all vulnerabilities quickly. If you think that you might have identified a vulnerability in a Cisco product, contact PSIRT:

Emergencies — security-alert@cisco.com

An emergency is either a condition in which a system is under active attack or a condition for which a severe and urgent security vulnerability should be reported. All other conditions are considered nonemergencies.

Nonemergencies — psirt@cisco.com

In an emergency, you can also reach PSIRT by telephone:

1 877 228-7302

1 408 525-6532


Tip We encourage you to use Pretty Good Privacy (PGP) or a compatible product to encrypt any sensitive information that you send to Cisco. PSIRT can work from encrypted information that is compatible with PGP versions 2.x through 8.x.

Never use a revoked or an expired encryption key. The correct public key to use in your correspondence with PSIRT is the one linked in the Contact Summary section of the Security Vulnerability Policy page at this URL:

http://www.cisco.com/en/US/products/products_security_vulnerability_policy.htm

The link on this page has the current PGP key ID in use.


Obtaining Technical Assistance

Cisco Technical Support provides 24-hour-a-day award-winning technical assistance. The Cisco Technical Support & Documentation website on Cisco.com features extensive online support resources. In addition, if you have a valid Cisco service contract, Cisco Technical Assistance Center (TAC) engineers provide telephone support. If you do not have a valid Cisco service contract, contact your reseller.

Cisco Technical Support & Documentation Website

The Cisco Technical Support & Documentation website provides online documents and tools for troubleshooting and resolving technical issues with Cisco products and technologies. The website is available 24 hours a day, at this URL:

http://www.cisco.com/techsupport

Access to all tools on the Cisco Technical Support & Documentation website requires a Cisco.com user ID and password. If you have a valid service contract but do not have a user ID or password, you can register at this URL:

http://tools.cisco.com/RPF/register/register.do


Note Use the Cisco Product Identification (CPI) tool to locate your product serial number before submitting a web or phone request for service. You can access the CPI tool from the Cisco Technical Support & Documentation website by clicking the Tools & Resources link under Documentation & Tools. Choose Cisco Product Identification Tool from the Alphabetical Index drop-down list, or click the Cisco Product Identification Tool link under Alerts & RMAs. The CPI tool offers three search options: by product ID or model name; by tree view; or for certain products, by copying and pasting show command output. Search results show an illustration of your product with the serial number label location highlighted. Locate the serial number label on your product and record the information before placing a service call.


Submitting a Service Request

Using the online TAC Service Request Tool is the fastest way to open S3 and S4 service requests. (S3 and S4 service requests are those in which your network is minimally impaired or for which you require product information.) After you describe your situation, the TAC Service Request Tool provides recommended solutions. If your issue is not resolved using the recommended resources, your service request is assigned to a Cisco engineer. The TAC Service Request Tool is located at this URL:

http://www.cisco.com/techsupport/servicerequest

For S1 or S2 service requests or if you do not have Internet access, contact the Cisco TAC by telephone. (S1 or S2 service requests are those in which your production network is down or severely degraded.) Cisco engineers are assigned immediately to S1 and S2 service requests to help keep your business operations running smoothly.

To open a service request by telephone, use one of the following numbers:

Asia-Pacific: +61 2 8446 7411 (Australia: 1 800 805 227)
EMEA: +32 2 704 55 55
USA: 1 800 553-2447

For a complete list of Cisco TAC contacts, go to this URL:

http://www.cisco.com/techsupport/contacts

Definitions of Service Request Severity

To ensure that all service requests are reported in a standard format, Cisco has established severity definitions.

Severity 1 (S1)—Your network is "down," or there is a critical impact to your business operations. You and Cisco will commit all necessary resources around the clock to resolve the situation.

Severity 2 (S2)—Operation of an existing network is severely degraded, or significant aspects of your business operation are negatively affected by inadequate performance of Cisco products. You and Cisco will commit full-time resources during normal business hours to resolve the situation.

Severity 3 (S3)—Operational performance of your network is impaired, but most business operations remain functional. You and Cisco will commit resources during normal business hours to restore service to satisfactory levels.

Severity 4 (S4)—You require information or assistance with Cisco product capabilities, installation, or configuration. There is little or no effect on your business operations.

Obtaining Additional Publications and Information

Information about Cisco products, technologies, and network solutions is available from various online and printed sources.

Cisco Marketplace provides a variety of Cisco books, reference guides, documentation, and logo merchandise. Visit Cisco Marketplace, the company store, at this URL:

http://www.cisco.com/go/marketplace/

Cisco Press publishes a wide range of general networking, training and certification titles. Both new and experienced users will benefit from these publications. For current Cisco Press titles and other information, go to Cisco Press at this URL:

http://www.ciscopress.com

Packet magazine is the Cisco Systems technical user magazine for maximizing Internet and networking investments. Each quarter, Packet delivers coverage of the latest industry trends, technology breakthroughs, and Cisco products and solutions, as well as network deployment and troubleshooting tips, configuration examples, customer case studies, certification and training information, and links to scores of in-depth online resources. You can access Packet magazine at this URL:

http://www.cisco.com/packet

iQ Magazine is the quarterly publication from Cisco Systems designed to help growing companies learn how they can use technology to increase revenue, streamline their business, and expand services. The publication identifies the challenges facing these companies and the technologies to help solve them, using real-world case studies and business strategies to help readers make sound technology investment decisions. You can access iQ Magazine at this URL:

http://www.cisco.com/go/iqmagazine

or view the digital edition at this URL:

http://ciscoiq.texterity.com/ciscoiq/sample/

Internet Protocol Journal is a quarterly journal published by Cisco Systems for engineering professionals involved in designing, developing, and operating public and private internets and intranets. You can access the Internet Protocol Journal at this URL:

http://www.cisco.com/ipj

Networking products offered by Cisco Systems, as well as customer support services, can be obtained at this URL:

http://www.cisco.com/en/US/products/index.html

Networking Professionals Connection is an interactive website for networking professionals to share questions, suggestions, and information about networking products and technologies with Cisco experts and other networking professionals. Join a discussion at this URL:

http://www.cisco.com/discuss/networking

World-class networking training is available from Cisco. You can view current offerings at this URL:

http://www.cisco.com/en/US/learning/index.html