Home | Skip to Content | Skip to Search | Skip to Navigation | Skip to Footer |
Worldwide [change] |Register |About Cisco
Guest

Hierarchical Navigation

Cisco Catalyst 2950 Series Switches

Release Notes for the Catalyst 2950 Switch Cisco IOS Release 12.1(6)EA2

Downloads

Table Of Contents

Release Notes for the Catalyst 2950 Switch Cisco IOS Release 12.1(6)EA2

Contents

System Requirements

Hardware Supported

Hardware Not Supported

Hardware and Software Requirements for the Cluster Management Suite

Browser Support

Installing the Required Plug-In

Creating Clusters with Different Releases of IOS Software

Features

Limitations and Restrictions

Port Configuration Conflicts

SPAN Limitations

Important Notes

Read-Only Mode in CMS

Connecting Catalyst 2950G-24-EI-DC Switches to DC Power

Connecting Catalyst 2950G-24-EI-DC Switches to Compatible Devices

Changing the Management VLAN

Documentation Notes

Correction to the Software Documentation

Addition to the Command Reference

interface range

Correction to the Software Configuration Guide

Replacing a Failed Command Switch with a Cluster Member

Replacing a Failed Command Switch with Another Switch

Caveats

Open Caveats

Resolved Caveats

Initial Configuration

Setting Up the Catalyst 2950

Accessing CMS

Configuring Netscape Communicator (All Versions)

Configuring Microsoft Internet Explorer (4.01)

Configuring Microsoft Internet Explorer (5.0)

Displaying the Access Page

Upgrading the Switch Software

Guidelines for Upgrading Switch Software

Overview of the Switch Upgrade Process

Determining the Software Version

Which Software Files to Download from Cisco.com

Downloading the New Software and TFTP Server Application to Your Management Station

Copying the Current Startup Configuration from the Switch to a PC or Server

Using Cluster Manager to Upgrade One or More Switches

Using the CLI to Upgrade a Catalyst 2950 Switch

Using the CLI to Upgrade Member Switches

Upgrading Catalyst 2950, Catalyst 2900 XL or Catalyst 3500 XL Member Switches

Upgrading Catalyst 1900 or Catalyst 2820 Member Switches

Related Documentation

Obtaining Documentation

World Wide Web

Documentation CD-ROM

Ordering Documentation

Documentation Feedback

Obtaining Technical Assistance

Cisco.com

Technical Assistance Center

Contacting TAC by Using the Cisco TAC Website

Contacting TAC by Telephone


Release Notes for the Catalyst 2950 Switch Cisco IOS Release 12.1(6)EA2

December 2001

Cisco IOS Release 12.1(6)EA2 runs on Catalyst 2950 switches.

These release notes include important information about this IOS release and any limitations, restrictions, and caveats that apply to it. To verify that these are the correct release notes for your switch:

If you are installing a new switch, refer to the IOS release label on the rear panel of your switch.

If your switch is on and running, you can use the show version user EXEC command. See the "Upgrading the Switch Software" section.

If you are upgrading to a new release, refer to the software upgrade filename for the IOS version.

This IOS release is part of a special release of Cisco IOS software that is not released on the same 8-week maintenance cycle that is used for other platforms. As maintenance releases and future IOS releases become available, they will be posted to Cisco.com in the Cisco IOS software area.

Contents

This document has these sections:

"System Requirements" section

"Features" section

"Limitations and Restrictions" section

"Important Notes" section

"Documentation Notes" section

"Caveats" section

"Initial Configuration" section

"Accessing CMS" section

"Upgrading the Switch Software" section

"Related Documentation" section

"Obtaining Technical Assistance" section

System Requirements

This section describes these system requirements for IOS Release 12.1(6)EA2:

"Hardware Supported" section

"Hardware Not Supported" section

"Hardware and Software Requirements for the Cluster Management Suite" section

Hardware Supported

Table 1 lists the hardware supported by this IOS release.

Table 1 Hardware Supported

Hardware
Description

Catalyst 2950C-24

24 fixed autosensing 10/100 Ethernet ports and
2 100BASE-FX ports

Catalyst 2950T-24

24 fixed autosensing 10/100 ports and
2  fixed autosensing 10/100/1000 Ethernet ports1

Catalyst 2950G-12-EI

12 fixed autosensing 10/100 Ethernet ports and 2 GBIC2 -based Gigabit Ethernet module slots

Catalyst 2950G-24-EI 

24 fixed autosensing 10/100 Ethernet ports and 2 GBIC-based Gigabit Ethernet module slots

Catalyst 2950G-48-EI

48 fixed autosensing 10/100 Ethernet ports and 2 GBIC-based Gigabit Ethernet module slots

Catalyst 2950G-24-EI-DC

24 fixed autosensing 10/100 Ethernet ports and 2 GBIC-based Gigabit Ethernet module slots with DC-input power

GBIC Modules

1000BASE-SX GBIC

1000BASE-LX/LH GBIC

1000BASE-ZX GBIC

GigaStack GBIC

Redundant power system

Cisco RPS 300 Redundant Power System

1 When the 10/100/1000 ports are set to 10 or 100 Mbps, they can operate in either half- or full-duplex mode, but when they are set to 1000 Mbps, they can operate only in full-duplex mode.

2 GBIC=Gigabit Interface Converter


Hardware Not Supported

Table 2 lists the hardware not supported by Cisco IOS Release 12.1(6)EA2.

Table 2 Hardware Not Supported

Hardware
Description

Catalyst 2950-12

12 fixed autosensing 10/100 Ethernet ports

Catalyst 2950-24

24 fixed autosensing 10/100 Ethernet ports

GBIC Module

1000BASE-T GBIC (part number WS-G4582)

Redundant power system

Cisco RPS 600 Redundant Power System


Hardware and Software Requirements for the Cluster Management Suite

The minimum PC requirement is a Pentium processor running at 233 MHz with 64 MB of DRAM. The minimum UNIX workstation requirement is a Sun Ultra 1 running at 143 MHz with 64 MB of DRAM. Table 3 lists the recommended platforms.

These operating systems are supported for web-based management:

Microsoft Windows 2000

Microsoft Windows 95 (Service Pack 1 required)

Microsoft Windows 98, second edition

Microsoft Windows NT 4.0 (Service Pack 3 or higher required)

Solaris 2.5.1 or higher, with the Sun-recommended patch cluster for that operating system and Motif library patch 103461-24

Table 3 Recommended Platform Configuration for Web-Based Management

OS
Processor Speed
DRAM
Number of Colors
Resolution
Font Size

Windows NT 4.01

Pentium 300 MHz

128 MB

65536

1024 x 768

Small

Solaris 2.5.1

Sparc 333 MHz

128 MB

Most colors for applications

Small (3)

1 Service Pack 3 or higher required


Browser Support

You can access the web-based interfaces through the browsers listed in Table 4, which also lists the configuration that yields the best results for web-based management. The switch checks the browser version when starting a session to ensure that the browser is supported. If the browser is not supported, the switch displays an error message, and the session does not start.

Table 4 Browser Support for Web-Based Management

Browser
Minimum Version
Supported Versions

Netscape Communicator

4.611

4.61, 4.7x

Internet Explorer2

4.01a

4.01a, 5.0, 5.5 (Service Pack 1 or higher)

1 Netscape Communicator 4.6 and 6.0 are not supported.

2 Not supported on Solaris 2.5.1 or higher.


Note In Cluster Management displays, Internet Explorer versions 4.01 and 5.0 might not display edge devices that are not connected to the command switch. Other functionality is similar to that of Netscape Communicator.

Installing the Required Plug-In

A Java plug-in is required for the browser to access the Java-based Cluster Management Suite (CMS). Download and install the plug-in before you start CMS. Each platform, Windows and Solaris, supports three plug-in versions. For information on the supported plug-ins, see the "Windows 2000, Windows 95, Windows 98, and Windows NT 4.0 Platforms" section and the "Solaris Platforms" section.

You can download the recommended plug-ins from this URL: http://www.cisco.com/pcgi-bin/tablebuild.pl/java

Note Uninstall older versions of the Java plug-ins before installing the Java plug-in.

If the Java applet does not initialize after you have installed the plug-in, open the Java Plug-in Control Panel (Start > Programs > Java Plug-in Control Panel), and verify these settings:

In the Proxies tab, verify that the Use browser settings is checked and that no proxies are enabled.

Note If you are running McAfee VirusScan on Windows 2000 and the plug-in takes a long time to load, you can speed up CMS operation by disabling the VirusScan Internet Filter option, the Download Scan option, or both.

From the Start menu, disable the options by selecting Start > Programs > Network Associates > Virus Scan Console > Configure.

or

From the taskbar, right-click the Virus Shield icon, and in the Quick Enable menu, disable the options by deselecting Internet Filter or Download Scan.

Windows 2000, Windows 95, Windows 98, and Windows NT 4.0 Platforms

These Java plug-ins are supported on the Windows platform:

Java plug-in 1.3.1

Java plug-in 1.3.0

Java plug-in 1.2.2_05

You can download these plug-ins from this URL:

http://www.cisco.com/pcgi-bin/tablebuild.pl/java

Note If you start CMS without having installed the required Java plug-in, the browser automatically detects this. If you are using a supported Internet Explorer browser, it automatically downloads and installs the Java plug-in 1.3.0 (default). If you are using a supported Netscape browser, the browser displays a Cisco.com page that contains the Java plug-in and installation instructions. If you are using Windows 2000, Netscape Communicator might not detect the missing Java plug-in.

Solaris Platforms

These Java plug-ins are supported on the Solaris platform:

Caution To avoid performance and compatibility issues, do not use Java plug-ins later than Java plug-in 1.3.1.

Java plug-in 1.2.2_07

Java plug-in 1.3.0

Java plug-in 1.3.1

You can download these plug-ins and instructions from this URL:

http://www.cisco.com/pcgi-bin/tablebuild.pl/java

To install the Java plug-in, follow the instructions in the README_FIRST.txt file.

Creating Clusters with Different Releases of IOS Software

When a cluster consists of Catalyst 3550 switches and a mixture of other Catalyst switches, we strongly recommend using only the Catalyst 3550 switches as the command and standby command switches. When the command switch is a Catalyst 3550 switch, all standby command switches must also be Catalyst 3550 switches. The Catalyst 3550 switch that has the latest software should be the command switch.

If your cluster has Catalyst 2950, Catalyst 2900 XL, and Catalyst 3500 XL switches, the Catalyst 2950 switch should be the command switch. The Catalyst 2950 switch that has the latest software should be the command switch.

If your switch cluster has Catalyst 1900, Catalyst 2820, Catalyst 2900 XL, and Catalyst 3500 XL switches, either the Catalyst 2900 XL or Catalyst 3500 XL should be the command switch. The Catalyst 2900 or 3500 XL switch that has the latest software should be the command switch.

Table 5 lists the cluster capabilities and software versions for the switches.

Table 5 Switch Software and Cluster Capability

Switch
IOS Release
Cluster Capability

Catalyst 3550

Release 12.1(4)EA1 or later

Member or command switch

Catalyst 3500 XL

Release 12.0(5.1)XU or later

Member or command switch

Catalyst 2950

Release 12.0(5.2)WC(1) or later

Member or command switch

Catalyst 2900 XL (8-MB switches)

Release 12.0(5.1)XU or later

Member or command switch

Catalyst 2900 XL (4-MB switches)

Release 11.2(8.5)SA6 (recommended)

Member switch only

Catalyst 1900 and 2820

Release 9.00(-A or -EN)

Member switch only


Some versions of the Catalyst 2900 XL software do not support clustering, and if you have a cluster with switches that are running different versions of IOS software, software features added on the latest release might not be reflected on switches running the older versions. For example, if you start Visual Switch Manager (VSM) on a Catalyst 2900 XL switch running Release 11.2(8)SA6, the windows and functionality can be different from a switch running Release 12.0(5)WC(1) or later.

The CMS is not forward-compatible, which means that if a member switch is running a software version later than the release running on the command switch, the new features are not available on the member switch. If your member switch is a new device that is running a software release later than the software release on the command switch, it appears as an unknown device in the Front Panel view. You cannot configure any parameters or generate a report through CMS for that member; instead, you must launch the Device Manager application to perform configuration and to obtain reports for that member.

Features

For a detailed list of key features for this software release, refer to the Catalyst 2950 Desktop Switch Software Configuration Guide.

Limitations and Restrictions

Read this section before you begin working with the switches. Some features might not work as documented, and some features could be affected by recent changes to the switch hardware or software.

Port Configuration Conflicts

Certain combinations of port features create configuration conflicts (see Table 6). If you try to enable incompatible features, CMS issues a warning message, and you cannot make the change. Reload the page to refresh CMS.

In Table 6, No means that the two referenced features are incompatible and should not both be enabled; Yes means that both can be enabled at the same time and do not cause an incompatibility conflict. A dash means not applicable.

Table 6 Conflicting Features 

 
Port Group
Port Security
SPAN Source Port
SPAN Destination Port
Connect to Cluster?
Protected Port
802.1X Port
Port Group

-

No

Yes

No

Yes

Yes

No

Port Security

No

-

Yes

No

Yes

No

No

SPAN Source Port

Yes

Yes

-

No

Yes

Yes1

Yes

SPAN Destination Port

No

No

No

-

Yes

Yes

No

Connect to Cluster

Yes

Yes

Yes

Yes

-

Yes

-

Protected Port

Yes

No

Yes1

Yes1

Yes

-

-

802.1X Port

No

No

Yes

No

-

-

-

1 Switch Port Analyzer (SPAN) can operate only if the monitor port or the port being monitored is not a protected port.


SPAN Limitations

When using the Switched Port Analyzer (SPAN) feature, the monitoring port receives copies of sent and received traffic for all monitored ports. If the monitoring port is 50 percent oversubscribed for a sustained period of time, it will probably become congested. One or more of the ports being monitored might also experience a slowdown.

Important Notes

This section describes important information related to this IOS release.

Read-Only Mode in CMS

CMS provides two levels of access to the configuration options. If your privilege level is 15, you have read-write access to CMS. If your switch privilege level is from 1 to 14, you have read-only access to CMS. In the read-only mode, some show commands are not available when these switches are running these software releases:

Catalyst 2900 XL or Catalyst 3500 XL member switches running Cisco IOS Release 12.0(5)WC2 or earlier

Catalyst 2950 member switches running Cisco IOS Release 12.0(5)WC2 or earlier

Catalyst 3550 member switches running Cisco IOS Release 12.1(6)EA1 or earlier

Therefore, the windows that use these show commands do not display data. These windows display an error message.

In the Front Panel view or Topology view, CMS does not display error messages. In the Front Panel view, if the switch is running one of the software releases listed previously, the device LEDs do not appear. In Topology view, if the member is an LRE switch, the customer premises equipment (CPEs) connected to the switch do not appear. The Bandwidth and Link graphs also do not appear in these views.

To view switch information, you need to upgrade the member switch software. For information about upgrading switch software, see the "Upgrading the Switch Software" section.

Connecting Catalyst 2950G-24-EI-DC Switches to DC Power

When wiring the DC-input power source, you must use 18-gauge copper wire instead of the
12- or 14-gauge wire specified in the Catalyst 2950 Desktop Switch Hardware Installation Guide.

Connecting Catalyst 2950G-24-EI-DC Switches to Compatible Devices

When connecting the 10/100 ports on Catalyst 2950G-24-EI-DC switches to compatible devices, if intrabuilding lightning surge protection is required, you must use shielded twisted-pair, Category 5 cables. Make sure that the cable shield is terminated properly at both ends.

Changing the Management VLAN

The management interface configuration command is not supported in Release 12.1(6)EA2 or later. To shut down the current management VLAN interface and to enable the new management VLAN interface, use the shutdown and no shutdown interface configuration commands. Refer to the Catalyst 2950 Desktop Switch Command Reference for information about using the shutdown interface configuration command.

Documentation Notes

This section describes documentation notes related to this IOS release.

Correction to the Software Documentation

The match class-map configuration command is documented incorrectly in the Catalyst 2950 Desktop Switch Software Configuration Guide and the Catalyst 2950 Desktop Switch Command Reference.
This is the correct command:

match access-group {acl-index | name acl-name}

Addition to the Command Reference

The interface range global configuration command was omitted in the Catalyst 2950 Desktop Switch Command Reference.

interface range

Use the interface range global configuration command to enter interface range configuration mode and to execute a command on multiple ports at the same time. Use the no form of this command to remove an interface range.

interface range port-range

no interface range port-range

Syntax Description

port-range

Port range. For a list of valid values for port-range, see the "Usage Guidelines" section.


Defaults

This command has no default setting.

Command Modes

Global configuration

Command History

Release
Modification

12.1(6)EA2

This command was first introduced.


Usage Guidelines

When you enter interface range configuration mode, all interface parameters that you enter are attributed to all interfaces within the range.

For VLANs, you can use the interface range command only on existing VLAN interfaces. To display VLAN interfaces, enter the show running-config privileged EXEC command. VLANs not displayed cannot be used in the interface range command. The commands entered under the interface range command are applied to all existing VLAN interfaces in the range.

All configuration changes made to an interface range are saved to nonvolatile RAM (NVRAM), but the interface range itself is not saved to NVRAM.

You can enter the interface range by specifying up to five interface ranges.

You can define up to five interface ranges with a single command, with each range separated by a comma.

All interfaces in a range must be the same type; that is, all Fast Ethernet ports, all Gigabit Ethernet ports, all EtherChannel ports, or all VLANs.

These are the valid values for port-range type and interface:

vlan vlan-id, where vlan-id is from 1 to 1001

port-channel port-channel-number, where port-channel-number is from 1 to 6

fastethernet interface-id

gigabitethernet interface-id

For physical interfaces, the interface-id is defined as a slot/number (where slot is always 0 for the Catalyst 2950 switch), and the range can be entered as type 0/number - number (for example, gigabitethernet0/1 - 2).

When you define a range, you must enter a space before and after the hyphen (-): 

interface range gigabitethernet0/1 - 2

A single interface can also be specified in port-range (this would make the command similar to the interface interface-id global configuration command).

Examples

This example shows how to use the interface range command to enter interface range configuration mode to apply commands to two ports: 

Switch(config)# interface range gigabitethernet0/1 - 2

Switch(config-if-range)#

Related Commands

Command
Description

show running-config

Displays the configuration information running on the switch. For syntax information, select Cisco IOS Configuration Fundamentals Command Reference for Release 12.1 > Cisco IOS File Management Commands > Configuration File Commands.


Correction to the Software Configuration Guide

The procedures in the "Recovering from a Command Switch Failure," section in Chapter 14 of the Catalyst 2950 Desktop Switch Software Configuration Guide are incorrect. These are the correct procedures:

Replacing a Failed Command Switch with a Cluster Member

To replace a failed command switch with a command-capable member in the same cluster, follow these steps:

Step 1 Disconnect the command switch from the member switches, and physically remove it from the cluster.

Step 2 Insert the member switch in place of the failed command switch, and duplicate its connections to the cluster members.

Step 3 Start a CLI session on the new command switch.

You can access the CLI by using the console port or, if an IP address has been assigned to the switch, by using Telnet. For details about using the console port, refer to the switch hardware installation guide.

Step 4 At the switch prompt, enter privileged EXEC mode: 

Switch> enable 
Switch#

Step 5 Enter the password of the failed command switch.

Step 6 Enter global configuration mode. 

Switch# configure terminal 
Enter configuration commands, one per line.  End with CNTL/Z.

Step 7 Remove the member switch from the cluster. 

Switch(config)# no cluster commander-address

Step 8 Return to privileged EXEC mode. 

Switch(config)# end 
Switch#

Step 9 Use the setup program to configure the switch IP information.

This program prompts you for IP address information and passwords. From privileged EXEC mode, enter setup, and press Return. 

Switch# setup

         --- System Configuration Dialog ---

Continue with configuration dialog? [yes/no]: y


At any point you may enter a question mark '?' for help.

Use ctrl-c to abort configuration dialog at any prompt.

Default settings are in square brackets '[]'.


Basic management setup configures only enough connectivity

for management of the system, extended setup will ask you

to configure each interface on the system


Would you like to enter basic management setup? [yes/no]:

Step 10 Enter Y at the first prompt.

The prompts in the setup program vary depending on the member switch that you selected to be the command switch: 

Continue with configuration dialog? [yes/no]: y

or 

Configuring global parameters:

If this prompt does not appear, enter enable, and press Return. Enter setup, and press Return to start the setup program.

Step 11 Respond to the questions in the setup program.

When prompted for the host name, recall that on a command switch, the host name is limited to 28 characters; on a member switch to 31 characters. Do not use -n, where n is a number, as the last characters in a host name for any switch.

When prompted for the Telnet (virtual terminal) password, recall that it can be from 1 to 25 alphanumeric characters, is case sensitive, allows spaces, but ignores leading spaces.

Step 12 When prompted for the enable secret and enable passwords, enter the passwords of the failed command switch again.

Step 13 When prompted, enable the switch as the cluster command switch, and press Return.

Step 14 When prompted, assign a name to the cluster, and press Return.

The cluster name can be 1 to 31 alphanumeric characters, dashes, or underscores.

Step 15 After the initial configuration displays, verify that the addresses are correct.

Step 16 If the displayed information is correct, enter Y, and press Return.

If this information is not correct, enter N, press Return, and begin again at Step 9.

Step 17 Start your browser, and enter the IP address of the new command switch.

Step 18 From the Cluster menu, select Add to Cluster to display a list of candidate switches to add to the cluster.

Replacing a Failed Command Switch with Another Switch

To replace a failed command switch with a switch that is command-capable but not part of the cluster, follow these steps:

Step 1 Insert the new switch in place of the failed command switch, and duplicate its connections to the cluster members.

Step 2 Start a CLI session on the new command switch.

You can access the CLI by using the console port or, if an IP address has been assigned to the switch, by using Telnet. For details about using the console port, refer to the switch hardware installation guide.

Step 3 At the switch prompt, enter privileged EXEC mode: 

Switch> enable 
Switch#

Step 4 Enter the password of the failed command switch.

Step 5 Use the setup program to configure the switch IP information.

This program prompts you for IP address information and passwords. From privileged EXEC mode, enter setup, and press Return. 

Switch# setup

         --- System Configuration Dialog ---

Continue with configuration dialog? [yes/no]: y


At any point you may enter a question mark '?' for help.

Use ctrl-c to abort configuration dialog at any prompt.

Default settings are in square brackets '[]'.


Basic management setup configures only enough connectivity

for management of the system, extended setup will ask you

to configure each interface on the system


Would you like to enter basic management setup? [yes/no]:

Step 6 Enter Y at the first prompt.

The prompts in the setup program vary depending on the switch that you selected to be the command switch: 

Continue with configuration dialog? [yes/no]: y

or 

Configuring global parameters:

If this prompt does not appear, enter enable, and press Return. Enter setup, and press Return to start the setup program.

Step 7 Respond to the questions in the setup program.

When prompted for the host name, recall that on a command switch, the host name is limited to 28 characters. Do not use -n, where n is a number, as the last characters in a host name for any switch.

When prompted for the Telnet (virtual terminal) password, recall that it can be from 1 to 25 alphanumeric characters, is case sensitive, allows spaces, but ignores leading spaces.

Step 8 When prompted for the enable secret and enable passwords, enter the passwords of the failed command switch again.

Step 9 When prompted, enable the switch as the cluster command switch, and press Return.

Step 10 When prompted, assign a name to the cluster, and press Return.

The cluster name can be 1 to 31 alphanumeric characters, dashes, or underscores.

Step 11 When the initial configuration displays, verify that the addresses are correct.

Step 12 If the displayed information is correct, enter Y, and press Return.

If this information is not correct, enter N, press Return, and begin again at Step 9.

Step 13 Start your browser, and enter the IP address of the new command switch.

From the Cluster menu, select Add to Cluster to display a list of candidate switches to add to the cluster.

Caveats

Open Caveats

This section describes possible unexpected activity by IOS Release 12.1(6)EA2:

CSCdw29898

When you are using the Remote Authentication Dial-In User Service (RADUIS) client for Extensible Authentication Protocol (EAP) authentication, the Microsoft Windows2000 Internet Authentication Server authenticates all valid users, regardless of the password. Therefore, you can enter any password to authenticate an 802.1X port.

The workaround is to use the Cisco Secure Access Control Server version 3.0 for RADIUS-EAP authentication.

CSCdw15773

If the multicast VLAN registration (MVR) query-response time on an MVR receiver port is set to the default value (0.5 seconds), when the receiver port leaves a multicast group and rejoins it, the receiver port might not send or receive traffic for up to 10 seconds.

The workaround is to enter the mvr querytime 100 global configuration command to set the MVR query-response time to 10 seconds, which is the general-query-response time to prune member ports.

CSCdw13531

If CISCO-FLASH-MIB is included in the MIB walk on a Catalyst 2950 switch, the MIB walk halts in CISCO-FLASH-MIB.

The workaround is to remove CISCO-FLASH-MIB from the MIB walk.

CSCdw06738

Traffic interruption can occur for several seconds during a cross-stack UplinkFast (CSUF) root-port transition.

There is no workaround.

CSCdw19137

When you are using the AVVID Voice Wizard in CMS, some cluster members might fail if the client PC or workstation running CMS is not connected to the cluster through the command switch.

The workaround is to make the command switch the entry point for the client PC or workstation running CMS.

CSCdv90806

On the Catalyst 2950 switches, you can monitor incoming traffic on multiple ports by using the CLI; however, you can only select one port if you are using CMS.

The workaround is to use the CLI to monitor incoming traffic on multiple ports.

CSCdw11223

If you configure an SNMP community string larger than 123 characters and then configure a VLAN with an ID greater than 99, the Catalyst 2950 switch resets and restarts.

The workaround is to configure an SNMP community string up to 123 characters.

CSCdw10837

When a Catalyst 2950 cluster command-switch is running Cisco IOS Release 12.1(6)EA2 and you enter the no cluster commander-address global configuration command on a member switch of this cluster, the member switch cannot be removed from the cluster if there are any member switches beyond that member switch.

The workaround is to enter the no cluster member n global configuration command on the command switch to remove the member from the cluster.

CSCdt27223

When you enter the show controllers ethernet-controller interface-id or show interfaces interface-id counters privileged EXEC command, if a large number of erroneous frames are received on an interface, the receive-error counts might be smaller than the actual values, and the receive-unicast frame count might be larger than the actual frame count.

There is no workaround.

CSCdt09918

If the cluster command-switch is a Catalyst 2900 XL switch, a Catalyst 2950 switch running software earlier than Release 12.1(6)EA2, or a Catalyst 3500 XL switch that is connected to a Catalyst 2950 switch running Release 12.1(6)EA2 or later or to a Catalyst 3550 switch, the command switch does not find any cluster candidates beyond the Catalyst 2950 or 3550 switch if it is not a member of the cluster.

The workaround is to add the Catalyst 2950 or 3550 switch to the cluster. You can then see any cluster candidates connected to it.

CSCdw06074

Layer 3 CPU packets from a SPAN-source port configured to monitor transmitted traffic are not mirrored to the SPAN-destination port on a Catalyst 2950 switch.

There is no workaround.

CSCdv82224

If a stack contains Catalyst 3550, 3500 XL, or 2900 XL switches, then the cross-stack UplinkFast (CSUF) feature does not work if the management VLAN on these switches is changed to a VLAN other than VLAN 1.

The workaround is to ensure that the management VLAN of all the Catalyst 3550, 3500 XL, and 2900 XL switches in the stack is set to VLAN 1.

CSCdv14833

When the show running-config or write memory privileged EXEC command is entered, it might take up to 8 seconds before the current configuration appears on the Catalyst 2950 switch. This is because it takes a large number of system resources to execute this command.

There is no workaround.

CSCdv02941

In some network topologies, when UplinkFast is enabled on all Catalyst 2950 switches and BackboneFast is not enabled on all switches, a temporary loop might be caused when the STP root switch is changed.

The workaround is to enable BackboneFast on all switches.

CSCdv19671

At times, the Window-XP pop-up window might not appear while authenticating a client (supplicant) because the user information is already stored in Windows XP. However, the Extensible Authentication Protocol over LAN (EAPOL) response to the switch (authenticator) might have an empty userid that causes the 802.1X port to be deauthenticated.

The workaround is to manually re-initiate authentication by either logging off or detaching the link and then re-connecting it.

CSCdv67047

The ip http authentication enable global configuration command is not saved to the configuration file because this is the default configuration. Therefore, this configuration is lost after a reboot.

The workaround is to manually enter the command again after a reboot.

CSCdv56582

In the CMS topology view, icons for the fiber-optic, ATM, and FDDI links are not visible.

There is no workaround.

CSCdv44005

A Catalyst 2950 command switch running IOS Release 12.1(6)EA2 cannot use the rcommand privileged EXEC command to start a Telnet session on a Catalyst 3550 member running
IOS Release 12.1(4)EA1, when the aaa authorization exec default group tacacs+ global configuration command is configured on both the command switch and the member.

The workaround is to upgrade the Catalyst 3550 switch to IOS Release 12.1(6)EA1a.

CSCdv34505

The Catalyst 2950 command switch might not show the Catalyst 1900, Catalyst 2820, and Catalyst 2900 XL 4-MB (models C2908-XL, C2916M-XL, C2924C-XL, and C2924-XL) switches as candidates even though their management VLAN is the same as the command switch. This occurs only when their management VLAN is not VLAN 1.

There is no workaround.

CSCdv62271

There might be a link on the Fast Ethernet port of the Catalyst 2950switch when it is forced to 10 Mbps and full-duplex mode and its link partner is forced to 100 Mbps and forced duplex mode. The LED on the Catalyst 2950 switch might display the link, and the error counters might increment.

The workaround is to configure both sides of a link to the same speed or use auto-negotiation.

CSCdu83640

The receive count output for the show controllers ethernet-controller interface-id privileged EXEC command shows the incoming packets count before the ASIC makes a decision of whether to drop the packet or not. Therefore, for ports in the STP blocking states, even though the receive count shows incoming frames, the packet is not forwarded to the other port.

There is no workaround.

CSCdv49871

A Catalyst 2950 command switch can discover only the first Catalyst 3550 switch if the link between the Catalyst 3550 switches is an 802.1Q trunk and the native VLAN is not the same as the management VLAN of the Catalyst 2950 switch or if the link between the Catalyst 3550 switches is an ISL trunk and the management VLAN is not VLAN 1.

The workaround is to connect Catalyst 3550 switches by using the access link on the command switches management VLAN or to configure an 802.1Q trunk with a native VLAN that is the same as the management VLAN of the command switch.

CSCdv27247

If two Catalyst 2950 switches are used in a network and if access ports are used to connect two different VLANs whose VLAN IDs are separated by the correct multiple of 64, it is possible to create a situation where the two switches use the same bridge ID in the same spanning-tree instances. This might cause a loss of connectivity in the VLAN as the spanning tree blocks the ports that should be forwarding.

The workaround is to not cross-connect VLANs. For example, do not use an access port to connect VLAN 1 to VLAN 65 on either the same switch or from one switch to another switch.

CSCdv45190

On a Catalyst 2950 switch, the Multicast VLAN Registration (MVR) receiver port joins only 255 groups when the Internet Group Management Protocol (IGMP) join message is sent to all 256 MVR groups configured. Multicast data for the 256th group is not received.

The workaround is to set the mode to dynamic for Catalyst 2950 switches that are connected to IGMP-capable devices. Then, MVR members can join any group but can only support 255 IP multicast streams at any given time.

CSCdt24814 (formerly CSCdt2481)

A source-based distribution port group does not share the broadcast with all the group members. When the destination of the packets is a broadcast or unknown unicast or multicast, the packets are forwarded only on one port member of a port group, instead of being shared among all members of the port group.

There is no workaround.

CSCdt48011

Two problems occur when the Catalyst 2950 switch is in transparent mode:

If the switch is a leaf switch, any new VLANs added to it are not propagated upstream through VTP messages. As a result, the switch does not receive flooded traffic for that VLAN.

If the switch is connected to two VTP servers, it forwards their pruning messages. If the switch has a port on a VLAN that is not requested by other servers through their pruning messages, it does not receive flooded traffic for that VLAN.

There is no workaround.

CSCds20365

Internal loopback in half-duplex mode causes input errors. We recommend that you configure the PHY to operate in full duplex before setting the internal loopback.

There is no workaround.

CSCdt83016

When the Catalyst 2950 switch boots up without being configured, it prompts the user with a configuration dialog. The switch allows the user to omit the dialog and to enable traps without configuring a community string. If the host trap receiver is configured without defining the community strings, when the switch attempts to generate a trap, it fails and displays an error message.

The workaround is to follow the configuration sequence by creating a community string before configuring traps for the host.

CSCdr96565

Aging of dynamic addresses does not always occur exactly after the specified aging time elapses. It might take up to three times this time period before the entries are removed from the table.

There is no workaround.

CSCdt48569

If any VLAN other than VLAN 1 is configured as the management VLAN, the switch reports an incorrect shutdown for VLAN 1. VLAN 1 is not administratively down, even though the running configuration has shut down in VLAN 1.

There is no workaround.

CSCds68177

The UniDirectional Link Detection (UDLD) protocol does not always detect a unidirectional link when there is a loop between the TX and RX strands on the same port (TX/RX loop condition).

This is an intermittent problem, and there is no workaround.

CSCds58369

If the switch gets configured from the dynamic IP pool, a duplicate or different IP address might be assigned.

The workaround is to make sure that the DHCP server contains reserved addresses that are bound to each switch by the switch hardware address so that the switch does not obtain its IP address from the dynamic pool.

CSCdp67822

CMS requires a Java plug-in from Sun Microsystems. If you are using Internet Explorer and you disable Java plug-ins by using the Java Plug-In Control Panel, the initial Splash screen shows that the plug-in and Java are enabled, but Internet Explorer fails.

The workaround is to not disable Java plug-ins on the Java Plug-In Control Panel.

CSCdp82224

The CMS Time Management window supports the configuration of the Network Time Protocol (NTP) and system time. When you make changes on this window from a command switch, Java propagates the changes to all cluster members. A conflict can arise if you configure NTP and also use the Set Daylight Saving Time and Set Current Time tabs.

To avoid a possible conflict, either set the system time for the entire cluster on the command switch, or configure NTP on the command switch to use an NTP server to provide time to the cluster. Do not use both methods at the same time.

CSCdp82354

You can use Cluster Manager to configure an Hot Standby Router Protocol (HSRP) standby group and bind it to a cluster. However, you cannot use Cluster Manager to configure more than one standby group. If you want to configure more than one standby group, use the CLI.

CSCdp70389

When changing the management VLAN on a cluster with command-switch redundancy enabled, the cluster can break if HSRP is configured on any of the cluster members in the new management VLAN.

The workaround is to not change the management VLAN to a VLAN where a member is configured as part of a standby group.

CSCdp85954

Root guard is inconsistent when configured on a port that is in the STP blocked state at the time of configuration.

CSCdp49419

HSRP does not support a virtual MAC address entry or a built-in address (BIA) for a cluster.

CSCdp97517

All members of an HSRP standby group must be cluster members.

CSCdp30543

If the storm control filter is enabled for unicast or multicast traffic and the rising threshold is reached, all traffic on the port is filtered. No unicast, multicast, or broadcast traffic is forwarded from the port.

CSCdp87748

Cisco IOS does perform some checks on entered IP addresses. For example, it does not allow the broadcast address to be entered. However, it does not check for the broadcast address on the same subnet as the HSRP Versatile Interface Processor (VIP) or the management VLAN IP address. This means that you could configure HSRP with a virtual IP address that is the same as the network broadcast address.

There is no workaround.

CSCdp75220

If you use the command switch Domain Name System (DNS) server name to start CMS for a member that is running an earlier software release, CMS might not display the switch image, or it might display the command switch image. This can also occur when a standby group is configured for a cluster and you access CMS by entering the command-switch IP address and not the virtual IP address.

The workaround is to always use the command-switch IP address to access CMS. If a standby group is configured for a cluster, always use the virtual IP address to access CMS.

CSCdp62807

If you click the list of switches in CMS and press the Page Down key on the keyboard, the entire list moves to the bottom of the window. This only happens with Windows NT.

The workaround is to collapse the list into a single icon, which returns the list to the top of the window.

Resolved Caveats

These problems were resolved in Cisco IOS Release 12.1(6)EA2:

CSCdv35805

If you are copying the configuration file using ciscoConfigCopyMIB from a Catalyst 2950 switch by using Simple Network Management Protocol (SNMP) manager, the switch no longer reloads the configuration.

CSCdv16305

A broadcast storm no longer occurs when two 100BASE-FX ports on a Catalyst 2950 switch are connected to the 100BASE-FX ports on another Catalyst 2950 switch if these ports are in trunk mode and one of the ports is administratively down.

CSCds72421

If the management VLAN is changed to any other VLAN from VLAN 1 and VLAN 1 is shut down, the IP address configured in the new management VLAN now appears in the show cdp neighbor detail privileged EXEC command output.

CSCdt57346

When you enter the show rmon history user EXEC command, the value for the collision is now unique for each sample.

CSCdu09410

The ifSpeed of the interfaces now reports the default value of the visible bandwidth when the link is down and reports the configured and assigned values when the link is up.

CSCdu37367

The clear counters and clear counters fastethernet port interface configuration commands now clear the port security counters. These commands also clear the other counters for the interface.

CSCdu49099

Changing the VLAN Trunking Protocol (VTP) mode to transparent no longer causes a virtual type terminal session to lock up when executing commands, such as the show vlan privileged EXEC command, that require access to the VLAN- and VTP-related data.

In addition, ports that were shut down during VTP mode change now come back up automatically when VTP is stable.

CSCdu67033

The output count displayed by the show interface privileged EXEC command output now appears correctly when the count is greater than 4,294,967,296 packets.

CSCdu88701

When performing an snmpwalk SNMP operation on the dot1dTpFdbTable (1.3.6.1.2.1.17.4.3), the response no longer omits all entries of show mac in the display in which the first byte of the host MAC address is greater than 0x00.

CSCdv21552

High CPU utilization no longer occurs when a switch boots with a VLAN (without an IP address) in the shutdown state while another active VLAN has an IP address.

CSCdv41819

Enabling spanning-tree UplinkFast no longer causes brief spanning-tree loops if the configuration message from the root switch of the spanning tree ages out.

CSCdt04001

When you change the privilege level for an interface on the Catalyst 2950 switches, you can execute commands with the newly configured privilege level. The switch now saves the arguments associated with the command, and after a reload, the configured commands are executable.

CSCdt24089

If the Catalyst 2950 switch contains multicast addresses, the MIB walk of Dot1dTpFdbEntry no longer consumes excess CPU cycles on the switch.

CSCdt68204

If you continuously ping a switch from a PC and the links from the switch to the network are brought down, when the link from the switch to the network is restored, pinging now resumes.

CSCdt59751

The no snmp-server enable traps snmp [authentication] global configuration command is not supported by this software release.

CSCdu87426

The 100BASE-FX ports in a Fast EtherChannel port group no longer loop packets when the connected device resets or reloads.

CSCdv47498

The SNMP walk of the Dot1dTpFdbTable no longer causes the switch to halt and put an SNMP CPU HOG error message in the logging buffer.

CSCdv51153

SNMP MIB variables etherStatsEntry does not display any values in Cisco IOS Release 12.0(5)XU or later.

CSCdt88908

When IGMP packets are received on a port for a non-existent VLAN, the Catalyst 2950 switch no longer loses buffer space on that port.

CSCds72421

If you shut down the management VLAN on VLAN 1 on a Catalyst 2950 switch, set the management VLAN to 999, and then again use the shutdown command to shut down VLAN 1, the IP address of VLAN 999 now appears correctly in the show cdp neighbor detail command output on a connected device.

CSCdt74555

When a MAC address is learned on a member of a port group created between a Catalyst 2950 and Catalyst 2900 or 3500 XL switch, the same MAC address gets deleted and relearned on another port member of the port group on the 2900 or 3500 XL switch. As a result, a real-time diagnostic message reporting this address relearning behavior no longer appears.

Initial Configuration

You can assign IP information to your switch in one of these ways:

Using the Setup program (switch's configuration dialog)

Using DHCP-based auto configuration (refer to the Catalyst 2950 Desktop Switch Software Configuration Guide)

Manually assigning an IP address (refer to the Catalyst 2950 Desktop Switch Software Configuration Guide)

Setting Up the Catalyst 2950

The first time that you access the switch, it runs a setup program that prompts you for an IP address and other configuration information necessary for the switch to communicate with the local routers and the Internet. This information is also required if you plan to use the CMS to configure and manage the switch.

Note If the switch will be a cluster member managed through the IP address of the command switch, it is not necessary to assign IP information or a password. If you are configuring the switch as a standalone switch or as a command switch, you must assign IP information.

Follow these steps to create an initial configuration for the switch:

Step 1 Enter Yes at the first two prompts. 

Would you like to enter the initial configuration dialog? [yes/no]: yes


At any point you may enter a question mark '?' for help.

Use ctrl-c to abort configuration dialog at any prompt.

Default settings are in square brackets '[]'.


Basic management setup configures only enough connectivity

for management of the system, extended setup will ask you

to configure each interface on the system.


Would you like to enter basic management setup? [yes/no]: yes

Step 2 Enter a host name for the switch, and press Return.

On a command switch, the host name is limited to 28 characters; on a member switch to 31 characters. Do not use -n, where n is a number, as the last character in a host name for any switch. 

Enter host name [Switch]: host_name

Step 3 Enter a secret password, and press Return.

The password can be from 1 to 25 alphanumeric characters, can start with a number, is case sensitive, allows spaces, but ignores leading spaces. 

Enter enable secret: secret_password

Step 4 Enter an enable password, and press Return. 

Enter enable password: enable_password

Step 5 Enter a virtual terminal (Telnet) password, and press Return.

The password can be from 1 to 25 alphanumeric characters, is case sensitive, allows spaces, but ignores leading spaces. 

Enter virtual terminal password: terminal-password

Step 6 (Optional) Configure the Simple Network Management Protocol (SNMP) by responding to the prompts.

Step 7 Enter the interface name (physical interface or VLAN name) of the interface that connects to the management network, and press Return. For this release, always use vlan1 as that interface. 

Enter interface name used to connect to the

management network from the above interface summary: vlan1

Step 8 Configure the interface by entering the switch IP address and subnet mask and pressing Return: 

Configuring interface vlan1:

Configure IP on this interface? [yes]: yes 

IP address for this interface: 10.4.120.106

Subnet mask for this interface [255.0.0.0]: 255.255.255.0

Step 9 Enter Y to configure the switch as the cluster command switch. Enter N to configure it as a member switch or as a standalone switch.

If you enter N, the switch appears as a candidate switch in the CMS. In this case, the message in Step 10 does not appear. 

Would you like to enable as a cluster command switch? [yes/no]: yes

Step 10 Assign a name to the cluster, and press Return. 

Enter cluster name: cluster_name

The cluster name can be 1 to 31 alphanumeric characters, dashes, or underscores.

The initial configuration appears: 

The following configuration command script was created:


hostname host_name

enable secret 5 $1$Max7$Qgr9eXBhtcBJw3KK7bc850

enable password grandkey1

line vty 0 15

password grandkey

snmp-server community public

!