Table Of Contents
Release Notes for the
Catalyst 3550 Multilayer Switch
Cisco IOS Release 12.1(12c)EA1Recommended Platform Configuration for Web-Based Management
Operating System and Browser Support
Guidelines for Installing and Enabling the Java Plug-In
Installing the Required Plug-In
Creating Clusters with Different Releases of IOS Software
Determining the Software Version and Feature Set
Upgrading a Switch by Using CMS
Upgrading a Switch by Using the CLI
Upgrading with a Nondefault System MTU Setting
Recovering from Software Failure
Setting Up the Catalyst 3550 Initial Configuration
IOS Limitations and Restrictions
Cluster Limitations and Restrictions
CMS Limitations and Restrictions
IOS Caveat Resolved in Release 12.1(12c)EA1a
IOS Caveats Resolved in Release 12.1(12c)EA1
Cluster Caveats Resolved in Release 12.1(12c)EA1
References to the Cisco Documentation CD-ROM
Corrections to the Software Configuration Guide
Corrections to the Hardware Installation Guide
Obtaining Technical Assistance
Release Notes for the
Catalyst 3550 Multilayer Switch
Cisco IOS Release 12.1(12c)EA1
January 2002
The Cisco IOS Release 12.1(12c)EA1 runs on all Catalyst 3550 multilayer switches.
These release notes include important information about this IOS release and any limitations, restrictions, and caveats that apply to it. Verify that these are the correct release notes for your switch:
•
If you are installing a new switch, refer to the IOS release label on the rear panel of your switch.
•
•
For the complete list of Catalyst 3550 switch documentation, see the "Related Documentation" section.
You can download the switch software from these sites:
•
(for registered Cisco.com users with a login password)
•
(for nonregistered Cisco.com users)
This IOS release is part of a special release of Cisco IOS software that is not released on the same 8-week maintenance cycle that is used for other platforms. As maintenance releases and future IOS releases become available, they will be posted to Cisco.com (previously Cisco Connection Online [CCO]) in the Cisco IOS software area.
Contents
This information is in the release notes:
•
•
•
•
•
•
•
System Requirements
These are the system requirements for this IOS release:
•
Hardware Supported
Table 1 lists the hardware supported by this IOS release.
Table 1 Supported Hardware
Catalyst 3550-12T
10 Gigabit Ethernet 10/100/1000BASE-T ports and 2 GBIC1 -based Gigabit Ethernet slots
Catalyst 3550-12G
10 GBIC-based Gigabit Ethernet slots and 2 Gigabit Ethernet 10/100/1000BASE-T ports
Catalyst 3550-24
24 autosensing 10/100 Ethernet ports and 2 GBIC-based Gigabit Ethernet slots
Catalyst 3550-48
48 autosensing 10/100 Ethernet ports and 2 GBIC-based Gigabit Ethernet slots
Catalyst 3550-24-FX
24 100BASE-FX ports and 2 GBIC-based Gigabit Ethernet slots
Catalyst 3550-24-DC
24 autosensing 10/100 Ethernet ports, 2 GBIC-based Gigabit Ethernet slots, and an on-board DC2 power converter
Catalyst 3550-24PWR
24 autosensing 10/100 Ethernet ports, 2 GBIC-based Gigabit Ethernet slots, ability to provide power for Cisco IP Phones and Cisco Aironet Access Points from all 10/100 Ethernet ports, auto-detection and control of inline power on a per-port basis on all 10/100 ports
GBIC modules
•
•
•
•
•
•
Redundant power system
Cisco RPS 300 Redundant Power System
1 GBIC = Gigabit Interface Converter
2 DC = direct current
Software Compatibility
These are the software compatibility requirements for this IOS release:
•
•
•
•
Recommended Platform Configuration for Web-Based Management
Table 2 lists the recommended platforms for Web-based management.
Table 2 Recommended Platform Configuration for Web-Based Management
Windows NT 4.01
Pentium 300 MHz
128 MB
65,536
1024 x 768
Small
Solaris 2.5.1 or higher
SPARC 333 MHz
128 MB
Most colors for applications
—
Small (3)
1 Service Pack 3 or higher is required.
The minimum PC requirement is a Pentium processor running at 233 MHz with 64 MB of DRAM. The minimum UNIX workstation requirement is a Sun Ultra 1 running at 143 MHz with 64 MB of DRAM.
For information about supported operating systems, see the next section.
Operating System and Browser Support
You can access the web-based interfaces by using the operating systems and browsers listed in Table 3. The switch checks the browser version when starting a session to ensure that the browser is supported. If the browser is not supported, the switch displays an error message, and the session does not start.
Table 3 Supported Operating Systems and Browsers
Windows 95
Service Pack 1
4.75 or 6.2
5.5 or 6.0
Windows 98
Second Edition
4.75 or 6.2
5.5 or 6.0
Windows NT 4.0
Service Pack 3 or later
4.75 or 6.2
5.5 or 6.0
Windows 2000
None
4.75 or 6.2
5.5 or 6.0
Windows XP
None
4.75 or 6.2
5.5 or 6.0
Solaris 2.5.1 or later
Sun-recommended patch cluster for the OS and Motif library patch 103461-24
4.75 or 6.2
Not supported
1 Netscape Communicator version 6.0 is not supported.
2 Service Pack 1 or higher is required for Internet Explorer 5.5.
Note
Note
Guidelines for Installing and Enabling the Java Plug-In
If CMS does not launch automatically, you might not have a supported Java Plug-In installed, or the Java Plug-In might not be enabled. CMS does not automatically detect if a supported Java plug-in is installed. If you start CMS without the required Java plug-in installed, you remain on the CMS splash screen, and CMS will not launch.
To make sure that a supported Java Plug-In is correctly installed and enabled, follow these guidelines:
•
•
•
Installing the Required Plug-In
A Java plug-in is required for the browser to access and run the Java-based Cluster Management Suite (CMS). Download and install the plug-in before you start CMS. Each platform, Windows and Solaris, supports three plug-in versions. For information on the supported plug-ins, see the "Windows XP, Windows 2000, Windows 95, Windows 98, and Windows NT 4.0 Plug-Ins" section and the "Solaris Platforms" section.
Note
If the Java applet does not initialize after you have installed the plug-in, open the Java Plug-in Control Panel (Start > Programs > Java Plug-in Control Panel), and verify these settings:
In the Proxies tab, verify that Use browser settings is checked and that no proxies are enabled.
Note
On McAfee VirusScan, from the Start menu, to disable the VirusScan Internet Filter option, the Download Scan option, or both, select Start > Programs > Network Associates > Virus Scan Console > Configure.
or
From the taskbar, right-click the Virus Shield icon and in the Quick Enable menu, disable the options by deselecting Internet Filter or Download Scan.
Windows XP, Windows 2000, Windows 95, Windows 98, and Windows NT 4.0 Plug-Ins
These Java plug-ins are supported in Windows environments:
•
•
•
You can download these plug-ins from this URL:
http://www.cisco.com/pcgi-bin/tablebuild.pl/java
Solaris Platforms
These Java plug-ins are supported on the Solaris platform:
•
•
•
You can download these plug-ins and instructions from this URL:
http://www.cisco.com/pcgi-bin/tablebuild.pl/java
To install the Java plug-in, follow the instructions in the README_FIRST.txt file.
Creating Clusters with Different Releases of IOS Software
When a cluster consists of a mixture of other Catalyst switches, we strongly recommend using only the Catalyst 3550 switches as the command and standby command switches. When the command switch is a Catalyst 3550 switch, all standby command switches must also be Catalyst 3550 switches. The Catalyst 3550 switch that has the latest software should be the command switch. If the command switch is a Catalyst 3550 Gigabit Ethernet switch and the standby command switch is a Catalyst 3550 Fast Ethernet switch, command switch port speeds are reduced if the standby command switch takes over.
If your cluster has Catalyst 2950, Catalyst 2900 XL, and Catalyst 3500 XL switches, the Catalyst 2950 switch (with the latest software release) should be the command switch. The Catalyst 2950 switch that has the latest software should be the command switch.
If your switch cluster has Catalyst 1900, Catalyst 2820, Catalyst 2900 XL, and Catalyst 3500 XL switches, either the Catalyst 2900 XL or Catalyst 3500 XL (whichever has the latest software release) should be the command switch.
Table 4 lists the cluster capabilities and software versions for the switches.
Table 4 Switch Software and Cluster Capability
Catalyst 3550
Release 12.1(4)EA1 or later
Member or command switch
Catalyst 3500 XL
Release 12.0(5.1)XU or later
Member or command switch
Catalyst 2950
Release 12.0(5.2)WC(1) or later
Member or command switch
Catalyst 2900 XL (8-MB switches)
Release 12.0(5.1)XU or later
Member or command switch
Catalyst 2900 XL (4-MB switches)
Release 11.2(8.5)SA6 (recommended)
Member switch only1
Catalyst 1900 and 2820
Release 9.00(-A or -EN) or later
Member switch only
1 Catalyst 2900 XL (4-MB) switches appear in the front-panel and topology views of CMS. However, CMS does not support configuration or monitoring of these switches.
Some versions of the Catalyst 2900 XL software do not support clustering and if you have a cluster with switches that are running different versions of IOS software, software features added on the latest release might not be reflected on switches running the older versions. For example, if you start Visual Switch Manager (VSM) on a Catalyst 2900 XL switch running Release 11.2(8)SA6, the windows and functionality can be different from a switch running Release 12.0(5)WC(1) or later.
Note
Downloading Software
These are the procedures for downloading software:
•
•
•
Note
Caution
Determining the Software Version and Feature Set
The IOS image is stored as a .bin file in a directory that is named with the IOS release. A subdirectory contains the HTML files needed for web management. The image is stored on the system board Flash device (flash:).
You can use the show version privileged EXEC command to see the software version that is running on your switch. The second line displays C3550-I5Q3L2 for the enhanced multilayer software image (EMI) or C3550-I9Q3L2 for the standard multilayer software image (SMI).
Note
You can also use the dir filesystem: privileged EXEC command to see the directory names of other software images that you might have stored in Flash memory.
Which Files to Use
The upgrade procedures in these release notes describe how to perform the upgrade by using a combined .tar file. This file contains both the IOS image file and the HTML files (needed for the CMS). You must use the combined .tar file to upgrade the switch through the CMS.
The .tar file is an archive file from which you can extract files by using the tar command. You also use the .tar file to upgrade the system by using the archive download-sw privileged EXEC command.
Table 5 lists the software filenames for this IOS release.
The Catalyst 3550 switch is supported by either the SMI, which provides Layer 2+ features and basic Layer 3 routing, or the EMI, which provides Layer 2+ features, full Layer 3 routing, and advanced services. All Catalyst 3550 Gigabit Ethernet switches are shipped with the EMI installed. Catalyst 3550 Fast Ethernet switches are shipped with either the SMI or the EMI installed. After initial deployment, you can order the Enhanced Multilayer Software Image Upgrade kit to upgrade the Catalyst 3550 Fast Ethernet switches from the SMI to the EMI.
Upgrading a Switch by Using CMS
You can upgrade switch software by using CMS. From the menu bar, select Administration > Software Upgrade. For detailed instructions, click Help.
Caution
Upgrading a Switch by Using the CLI
This procedure is for copying the combined .tar file to the Catalyst 3550 switch. You copy the file to the switch from a TFTP server and extract the files. You can download an image file and replace or keep the current image.
Caution
To download software, and if necessary, the TFTP server application, follow these steps:
Step 1
Step 2
•
http://www.cisco.com/kobayashi/sw-center/sw-lan.shtml
•
http://www.cisco.com/public/sw-center/sw-lan.shtml
To download the SMI and EMI files, select Catalyst 3550 software.
To obtain authorization and to download the crypto software files, select Catalyst 3550 3DES Cryptographic Software.
Step 3
Step 4
For more information, refer to Appendix B in the Catalyst 3550 Multilayer Switch Software Configuration Guide.
Step 5
Step 6
Step 7
archive download-sw /overwrite /reload tftp:[[//location]/directory]/image-name.tarThe /overwrite option overwrites the software image in Flash memory with the downloaded one.
The /reload option reloads the system after downloading the image unless the configuration has been changed and not been saved.
For //location, specify the IP address of the TFTP server.
For /directory/image-name.tar, specify the directory (optional) and the image to download. Directory and image names are case sensitive.
This example shows how to download an image from a TFTP server at 198.30.20.19 and to overwrite the image on the switch:
Switch# archive download-sw /overwrite tftp://198.30.20.19/c3550-i5q3l2-tar.121-12c.EA1.tarYou can also download the image file from the TFTP server to the switch and keep the current image by replacing the /overwrite option with the /leave-old-sw option.
Upgrading with a Nondefault System MTU Setting
If the switch was running Release 12.1(8)EA1c or earlier and you had used the system mtu global configuration command to configure a nondefault system maximum transmission unit (MTU) size on your switch, follow these steps to upgrade your switch to Release 12.1(11)EA1 or later:
Step 1
Step 2
Note
is 2000 bytes; the maximum system MTU for Fast Ethernet switches is 1546 bytes.Step 3
Step 4
Step 5
Recovering from Software Failure
If the software fails, you can reload the software. For detailed recovery procedures, refer to the "Troubleshooting" chapter in the Catalyst 3550 Multilayer Switch Software Configuration Guide.
Installation Notes
You can assign IP information to your switch by using the setup program, the Dynamic Host Configuration Protocol (DHCP)-based autoconfiguration (refer to the Catalyst 3550 Multilayer Switch Software Configuration Guide), or by manually assigning an IP address (refer to the Catalyst 3550 Multilayer Switch Software Configuration Guide).
These are the installation procedures:
•
Setting Up the Catalyst 3550 Initial Configuration
The first time that you access the switch, it runs a setup program that prompts you for an IP address and other configuration information necessary for the switch to communicate with the local routers and the Internet. This information is also required if you plan to use the CMS to configure and manage the switch.
Note
Follow these steps to create an initial configuration for the switch:
Step 1
Would you like to enter the initial configuration dialog? [yes/no]: yesAt any point you may enter a question mark '?' for help.Use ctrl-c to abort configuration dialog at any prompt.Default settings are in square brackets '[]'.Basic management setup configures only enough connectivityfor management of the system, extended setup will ask youto configure each interface on the system.Would you like to enter basic management setup? [yes/no]: yesStep 2
On a command switch, the host name is limited to 28 characters; on a member switch to 31 characters. Do not use -n, where n is a number, as the last character in a host name for any switch.
Enter host name [Switch]: host_nameStep 3
The password can be from 1 to 25 alphanumeric characters, can start with a number, is case sensitive, allows spaces, but ignores leading spaces.
Enter enable secret: secret_passwordStep 4
Enter enable password: enable_passwordStep 5
The password can be from 1 to 25 alphanumeric characters, is case sensitive, allows spaces, but ignores leading spaces.
Enter virtual terminal password: terminal-passwordStep 6
Step 7
Enter interface name used to connect to themanagement network from the above interface summary: vlan 1Step 8
Configuring interface vlan 1:Configure IP on this interface? [yes]: yesIP address for this interface: 10.4.120.106Subnet mask for this interface [255.0.0.0]: 255.255.255.0Step 9
If you enter N, the switch appears as a candidate switch in the CMS. In this case, the message in Step 10 is not displayed.
Would you like to enable as a cluster command switch? [yes/no]: yesStep 10
Enter cluster name: cluster_nameThe cluster name can be 1 to 31 alphanumeric characters, dashes, or underscores.
The initial configuration appears:
The following configuration command script was created:hostname host-nameenable secret 5 $1$LiBw$0Xc1wyT.PXPkuhFwqyhVi0enable password enable-passwordline vty 0 15password terminal-passwordsnmp-server community public!no ip routing!interface vlan 1no shutdownip address 10.4.120.106 255.255.255.0interface GigabitEthernet0/1no ip address!interface GigabitEthernet0/2no ip address!...<output abbreviated>!interface GigabitEthernet0/12no ip addresscluster enable cluster-name!endStep 11
[0] Go to the IOS command prompt without saving this config.[1] Return back to the setup without saving this config.[2] Save this configuration to nvram and exit.Enter your selection [2]:2Make your selection, and press Return.
After you complete the setup program, the switch can run the created default configuration. If you want to change this configuration or want to perform other management tasks, use one of these tools:
•
•
Accessing CMS
Before using the web-based CMS tools, see the "Software Compatibility" section and the "Installing the Required Plug-In" section to set up the appropriate browser options. After you have assigned an IP address to the switch and installed the plug-in, you can access the switch from your browser and use the CMS to configure other switches.
Note
The browser prompts for a username and password when you access CMS:
•
•
Configuring the HTTP Server
Beginning in privileged EXEC mode, follow these steps to configure the HTTP server interface:
After you have configured the HTTP server interface, display the CMS access page as described in the "Displaying CMS" section.
Displaying CMS
To display the CMS access page, follow these steps:
Step 1
Step 2
The Cisco Systems Access page appears. For more information on setting passwords and privilege levels, refer to the Catalyst 3550 Multilayer Switch Software Configuration Guide.
Step 3
When you access CMS from a standalone or a cluster-member switch, Device Manager appears.
New Features
These are the new supported hardware and the new software features provided in IOS Release 12.1(12c)EA1:
•
•
New Hardware Features
Cisco IOS Release 12.1(12c)EA1 supports the Catalyst 3550-24PWR switch.
For a list of all supported hardware, see the "Hardware Supported" section.
New Software Features
Cisco IOS Release 12.1(12c)EA1 contains these new features or enhancements:
•
•
•
•
•
•
•
–
–
–
–
•
–
–
Limitations and Restrictions
You should review this section before you begin working with the switches. These are known limitations that will not be fixed, and there is not always a workaround. Some features might not work as documented, and some features could be affected by recent changes to the switch hardware or software.
These are the limitations and restrictions:
•
•
•
IOS Limitations and Restrictions
These limitations apply to IOS configuration:
•
After updating a multicast boundary, the workaround is to use the clear ip mroute privileged EXEC command to delete any existing multicast routes that violate the updated boundary. (CSCdr79083)
•
•
•
The workaround is to make sure that you configure the DHCP server with reserved leases that are bound to each switch by the switch hardware address. (CSCds55220)
•
•
•
•
When you remove an EtherChannel group, enter the no shutdown interface configuration command on the interfaces that belonged to the port group to bring them back on line. (CSCdt10825)
•
•
•
•
•
•
•
•
•
•
The workaround is to not configure the switch to operate with more than the maximum number of supported multicast routes. You can use the show sdm prefer and show sdm prefer routing privileged EXEC commands to view approximate maximum configuration guidelines for the current SDM template and the routing template. (CSCdt63354)
•
•
•
The workaround is to disable the Port Aggregation Protocol (PAgP) on both devices by using the channel-group channel-group-number mode on interface configuration command. PAgP negotiation between these two devices is not reliable. (CSCdt78727)
•
The workaround is to remain within the documented recommended and supported limits. (CSCdt79172)
•
When the security hardware ACL matches a packet on input, the match uses the original DSCP value. For output security ACLs, the security ACL hardware should match against the final, possibly changed, DSCP value as set by the QoS hardware. Under some circumstances, a match to a security ACL in hardware prevents the QoS hardware from rewriting the DSCP and causes the CPU to use the original DSCP.
If a security ACL is applied in software (because the ACL did not fit into hardware, and packets were sent to the CPU for examination), the match probably uses the new DSCP value as determined by the QoS hardware, regardless of whether the ACL is applied at the input or at the output. When packets are logged by the ACL, this problem can also affect whether or not a match is logged by the CPU even if the ACL fits into hardware and the permit or deny filtering was completed in hardware.
To avoid these issues, whenever the switch rewrites the DSCP of any packet to a value different from the original DSCP, security ACLs should not test against DSCP values in any of their access control elements (ACEs), regardless of whether the ACL is being applied to an IP access group or to a VLAN map. This restriction does not apply to ACLs used in QoS class maps.
If the switch is not configured to rewrite the DSCP value of any packet, it is safe to match against DSCP in ACLs used for IP access groups or for VLAN maps because the DSCP does not change as the packet is processed by the switch.
The DSCP field of an IP packet encompasses the two fields that were originally designated precedence and TOS (type of service). Statements relating to DSCP apply equally to either IP precedence or IP TOS. (CSCdt94355)
•
•
This problem has been fixed in hardware on Catalyst 3550-24 switches with motherboard assembly number 73-5700-08 or later. To determine the board level on your switch, enter the show version privileged EXEC. Motherboard information appears toward the end of the output display. (CSCdv68158)
•
If you use the ip igmp max-groups interface configuration command to set the maximum number of IGMP groups for an interface to 0, the port still receives group reports from reserved multicast groups (224.0.0.x) and their Layer 2 aliases (y.0.0.x). (CSCdv79832)
•
The workaround is to ensure that the target host or the next-hop gateway to that host is in the ARP cache (for example, by using a ping command) before removing it from the SNMP configuration. Alternatively, disable all SNMP traps and informs before removing any hosts from the SNMP configuration. (CSCdw44266)
•
The workaround is to use the value 1 to represent module 0. (CSCdw71848)
•
There is no workaround. (CSCdw27519)
•
The workaround is to configure the Catalyst 3550 switch for PVST by using the spanning-tree mode pvst global configuration command bridge, and then change it to MSTP by using the spanning-tree mode mst global configuration command. (CSCdx10808)
•
%ETHCNTR-3-RA_ALLOC_ERROR: RAM Access write pool I/O memory allocation failureThere is no workaround. However, we recommend that you reload the switch by using the reload privileged EXEC command. To avoid this problem, configure the system with fewer VLANs and fewer trunk ports, or use the switchport trunk allowed vlan interface configuration command to reduce the number of active VLANs on each trunk port. (CSCdx20106)
•
The workaround, when QoS rate limiting is configured on an interface, is to configure applied ACLs so that packets are not forwarded by the CPU or reduce the number of ACEs in the ACL so that it can fit into the TCAM. (CSCdx30485)
•
As a result, the link partner might shut down the port when it detects loopback packets, or MAC addresses might be learned on the wrong ports on upstream switches. The network might be unable to deliver packets to a few devices for up to 5 minutes after rebooting the Catalyst 3550-24-FX switch when:
–
–
–
–
This problem corrects itself after five minutes or when these devices transmit a broadcast or multicast packet, whichever comes first.
The workaround is to enable spanning tree in the network and to make sure that the Port Fast feature is disabled on all ports connected to the Catalyst 3550-24-FX switch. (CSCdx45558)
•
•
%SW_VLAN-4-VTP_INVALID_DATABASE_DATA: VLAN manager received bad data of type device type: value 0 from vtp database$SW_VLAN-3-VTP_PROTOCOL_ERROR: VTP protocol code internal errorThe workaround is to use the delete flash:vlan.dat privileged EXEC command to delete the corrupted VLAN database. Then reload the switch by using the reload privileged EXC command. (CSCdx19540)
•
•
•
There is no workaround. (CSCdx80751)
•
There is no workaround. (CSCdx90515)
•
•
This happens because the MAC addresses for the original packets as well as the mirrored RSPAN packets are all learned on the tunnel VLAN, so the RSPAN traffic is no longer properly segregated on the tunneling switches.
The workaround is to not include any RSPAN VLANs in any Layer 2 Protocol tunnels unless the tunnel is dedicated to a single RSPAN VLAN. (CSCdy37188)
•
•
•
Note
•
•
Cluster Limitations and Restrictions
These limitations apply to cluster configuration:
•
(CSCds32517, CSCds44529, CSCds55711, CSCds55787, CSCdt70872)•
•
CMS Limitations and Restrictions
These limitations apply to CMS configuration:
•
•
•
The workaround is to close the browser, reopen it, and launch CMS again. (CSCds29230)
•
The workaround is to close the browser, re-open it, and launch CMS again. Before you perform any other task, bring up the view that you want to print, and click Print in the CMS menu.(CSCds80920)
•
The workaround is to relaunch CMS. (CSCdv88724)
•
The workaround is to use the CLI. It is the only method for specifying multiple VLANs for filtering in a SPAN session. (CSCdw93904)
Important Notes
These are the important notes related to this IOS release:
•
IOS Notes
These notes apply to IOS configuration:
•
The workaround is to change the number of seconds between re-authentication attempts by using the dot1x timeout re-authperiod seconds global configuration command. (CSCdz38483)
•
•
•
•
The workaround is to configure the port as a static access port. (CSCdz32330)
•
•
•
The result is that packets received on that physical port will be permitted or denied based on the port ACL action without regard to any permit or deny statements in any router ACL or VLAN map, while packets received on other physical ports in the VLAN will still be permitted or denied based on any router ACLs or VLAN maps applied to the VLAN. If the port ACL is applied to a trunk port, it overrides any other input ACLs applied to all VLANs on the trunk port.
•
•
•
•
•
•
Cluster Notes
This note applies to cluster configuration:
The cluster setup privileged EXEC command and the standby mac-address interface configuration command have been removed from the CLI and the documentation because they did not function correctly.
CMS Notes
These notes apply to CMS configuration:
•
•
•
•
•
Resize the browser window again when CMS is not busy.
•
The workaround is to remove all the jar_cache*.tmp files from the temporary directory. The path to the directory is different for different operating systems:
Solaris: /var/tmp
Windows NT and Windows 2000: \TEMP
Windows 95 and 98: \Windows\TempRead-Only Mode in CMS
CMS provides two levels of access to the configuration options. If your privilege level is 15, you have read-write access to CMS. If your privilege level is from 1 to 14, you have read-only access to CMS. In the read-only mode, some data is not displayed, and an error message appears when these switches are running these software releases:
•
•
•
In the Front Panel view or Topology view, CMS does not display error messages. In the Front Panel view, if the switch is running one of the software releases listed previously, the device LEDs do not appear. In Topology view, if the member is a Long-Reach Ethernet (LRE) switch, the customer premises equipment (CPEs) connected to the switch do not appear. The Bandwidth and Link graphs also do not appear in these views.
To view switch information, you need to upgrade the member switch software. For information about upgrading switch software, see the "Downloading Software" section.
Open Caveats
These are the open caveats with possible unexpected activity in this IOS release:
Open IOS Caveats
These are the severity 3 IOS configuration caveats:
•
SNMP queries that are run on the ciscoFLASHPartitionTable do not show all the attributes defined by the MIB.
There is no workaround.
•
When a Catalyst 6000 SSH client connects to a Catalyst 3550 SSH server, the Catalyst 6000 switch halts at the enable-password prompt from which to enter privileged EXEC mode. This problem occurs when the Catalyst 6000 switch is running the c6sup1_rp-JK2SV-M crypto-image as a client and the Catalyst 3550 switch is running the crypto-image as the SSH server.
There is no workaround.
•
The VLAN Query Protocol (VQP) might not work correctly when the switch has multiple switch virtual interfaces (SVIs) configured with IP addresses. If the VLAN Membership Policy Server (VMPS) does not have routes configured to reach all subnets on the Catalyst 3550 switch, it might not assign dynamic access ports on the switch to a VLAN. This is because the switch randomly selects one of the configured SVI IP addresses (instead of the IP address configured on the VLAN interface used to reach the VMPS) when it sends VQP requests to the VMPS server. The server responds with the VLAN assignment only if the IP address used in the VQP request is in the VMPS database.
The workaround is to configure the VMPS server to have routes to reach all subnets on the Catalyst 3550 switch.
•
Ternary content addressable memory (TCAM) generation might fail when there are multiple ACLs in a policy-map. If you add an entry that checks Transmission Control Protocol (TCP) flags to an access list that is used for QoS classification, the system might report that a hardware limitation has been reached for the policy map. This can occur when the policy map already contains several other access list entries that check different TCP flags, or that check TCP or User Datagram Protocol (UDP) port numbers using an operation different from equal (eq), such as not equal (ne), less than (lt), greater than (gt), or range. When the hardware limitation is reached, the service-policy input policy-map-name interface configuration command is removed from the running configuration of the interface.
Checking for TCP flags and TCP/UDP port numbers using operators other than eq share some of the same hardware resources. The switch supports no more than six checks within a single policy map. An identical check repeated in multiple entries in the same policy map counts as a single instance. If this limit is reached during a TCP or UDP port number check, the software can often work around the problem by allocating extra entries in the TCAM, but there is no workaround if the limit is reached during a check against the TCP flags in the packet. Similar checks in a port ACL applied to the same physical interface as the policy map also count toward the limit.
Because these resources are allocated on a first-come, first-serve basis, rearranging the order of ACLs within a policy map or the order of entries within a single ACL, placing the TCP flags checks as early as possible, might enable the policy map to be loaded into the hardware.
Similar limits apply for any combination of input VLAN maps, input router ACLs, output VLAN maps, and output router ACLs that share the same VLAN label. The switch supports eight checks for all features on the same VLAN label. When the limit is reached, the system might forward packets by using the CPU rather than through hardware, greatly reducing system performance. To determine the VLAN label assigned to a VLAN or interface on input or output, use the show fm vlan or show fm interface privileged EXEC commands. Then use the show fm vlan-label privileged EXEC command to determine which set of features (input VLAN map, input router ACL, output VLAN map, or output router ACL) share this label.
These are the workarounds:
–
–
–
If the other workarounds fail, avoid combining any check against the TCP flags with gt, lt, ne, or range checks within the policy map and port ACL configured on the interface or within the VLAN maps and router ACLs that share the same VLAN label.
•
On an interface with excessive traffic, if one of the queue sizes is set to 0 or if the queue sizes are set to high values such as 1, 100, 100, and 100 by using the wrr-queue queue-limit 1 100 100 100 interface configuration command, the switch might reset.
The workaround is to change the queue size from 0 to a nonzero value or to follow these steps:
a.
b.
•
If you create a policy map by using the policy-map policy-map-name global configuration command, enter the class class-map-name policy-map configuration command and then you immediately exit from the policy-map class configuration mode, the policy map does not show its class-map association.
The workaround is to configure another command (such as the police, trust, or set policy-map class configuration command) after entering the class class-map-name policy-map configuration command.
•
When the switch runs out Layer 4 operation (L4op) resources, the ACL that you are configuring or modified is not applied.
There is no workaround.
•
If you try to attach a a large per-port per-VLAN QoS policy map with many classes to an interface, the Catalyst 3550 switch might generate this syslog message:
%SYS-3-CPUHOG: Task ran for xxxx msec (4/4), process = Exec, PC = yyyy. -Traceback=...This can occur when the policy map has more than 128 classes and the VLANs in the classes overlap.
The workaround is to modify the policy map so that there are fewer classes or so that fewer classes have overlapping VLANs.
•
The switch utilization might be unusually high when you try to remove a match criteria common to per-port per-VLAN QoS policy-maps that are already attached to interfaces. These policy-maps have a large number of VLANs specified in the match clauses.
The workaround is to detach the policy-maps from the interfaces, change the match clause, and then re-attach the policy-map to the interfaces.
•
When a community string is assigned by the cluster command switch, you cannot get any dot1dBridge MIB objects using a community string with a VLAN entity from a cluster member switch.
The workaround is to manually add the cluster community string with the VLAN entity on the member switches for all active VLANs shown in the show spanning-tree summary display. This is an example of such a change, where cluster member 3 has spanning-tree on vlan 1-3 and the cluster commander community string is public@es3.
Mbr3(config)#snmp community public@es3@1 ROMbr3(config)#snmp community public@es3@2 ROMbr3(config)#snmp community public@es3@3 RO•
When you enter an snmp-server host global configuration command with a non-existent community-string value, the Community Strings tag shows a non-existent community string. This creates a community with only notification-view access.
Note
The workaround is to:
a.
b.
c.
d.
e.
•
An assertion error message occurs when you apply a VLAN map to a list of VLANs after entering the service-policy interface configuration command for a per-port, per-VLAN quality of service (QoS) policy. This error message occurs only if the list of VLANs in the QoS policy overlaps with list in the VLAN map.
There is no workaround.
•
The switch LEDs on a Catalyst 3550-24PWR switch do not function correctly during POST.
The workaround is to view the POST results from the console.
•
The IEEE8023-LAG-MIB is not supported by Release 12.1(12c)EA1.
There is no workaround.
•
When SNMP traps are enabled and a switch runs out of I/O memory, a software-forced reload can occur on a switch, and this message is displayed:
-Process= "Pool Manager", ipl= 0, pid= 6-Traceback= 19727C 198774 156364 1566A0 156C80 5E5FBC 9189C 10311C 19727C 198774 156364 1A44D0 1B7470%SYS-2-WATCHDOG: Process aborted on watchdog timeout, process = Pool Manager.-Traceback= 1B6B8C 1BA184 1B452CThere is no workaround.
•
If two switch ports in two different VLANs are connected to each other, both switch ports continue forwarding. This is the expected behavior. However, if two additional ports in the two different VLANs are connected together, a loop is formed.
The workaround is to remove the loop from the switch.
•
When a port channel becomes active between two Catalyst 3550 switches, these messages might be displayed:
01:36:56: %LINK-3-UPDOWN: Interface GigabitEthernet0/1, changed state to up01:37:00: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0/2, changed state to up01:37:00: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0/1, changed state to up01:37:01: %LINK-3-UPDOWN: Interface Port-channel1, changed state to up01:37:01: %SPANTREE-2-RECV_PVID_ERR: Received BPDU with inconsistent peer vlan id 1 on Port-channel1 VLAN71.01:37:01: %SPANTREE-2-BLOCK_PVID_PEER: Blocking Port-channel1 on VLAN0001. Inconsistent peer vlan.01:37:01: %SPANTREE-2-BLOCK_PVID_LOCAL: Blocking Port-channel1 on VLAN0071. Inconsistent local vlan.01:37:02: %LINEPROTO-5-UPDOWN: Line protocol on Interface Port-channel1, changed state to up01:37:16: %SPANTREE-2-UNBLOCK_CONSIST_PORT: Unblocking Port-channel1 on VLAN0001. Port consistency restored.01:37:16: %SPANTREE-2-UNBLOCK_CONSIST_PORT: Unblocking Port-channel1 on VLAN0071. Port consistency restored.These messages cause traffic-forwarding delays when the port-channel link becomes active or inactive.
There is no workaround.
•
When you use the VLAN database configuration mode, pressing Ctrl-Z might not return you to privileged EXEC mode.
The workaround is to use the abort VLAN configuration command to abort the pending VLAN database changes and to return you to privileged EXEC mode.
•
When configuring 802.1X with dynamic VLAN assignment on a switch, the Tunnel-Private-Group-ID field in the Radius server must be configured with a VLAN number.
The Catalyst 3550 switch does not support the Tunnel-Private-Group-ID field when it is configured as a VLAN name.
There is no workaround.
•
When you remove a port ACL from an interface to which a per-port per-VLAN policy map is attached, if that policy map is already attached to other interfaces, the switch fails.
The workaround is to follow these steps:
a.
b.
c.
•
When RSPAN is configured to use a Fast Ethernet port as the reflector port, traffic from the SPAN session might not be forwarded to the RSPAN VLAN.
The workaround is to set the reflector port to 100 Mbps, full duplex, by using the speed 100 and duplex full interface configuration commands prior to configuring it as a reflector port.
•
When a neighboring switch directly connected to a Fast Ethernet port of a Catalyst 3550-24-FX switch reboots, that port might be place in an administratively down state, and this error message might appear:
NETWORK_PORT_SATELLITE-3-PHY_LOCKUP: Repeated phy lockup seen on FastEthernet0/24. Interface will be shut down. %LINK-5-CHANGED: Interface FastEthernet0/24, changed state to administratively downThe workaround is to shut down the port and re-enable it by using the shutdown and no shutdown interface configuration commands.
•
When you change a dynamic-access port to a static-access port, the switch port might still operate as a dynamic-access port.
The workaround is to shut down the port and re-enable it by using the shutdown and no shutdown interface configuration commands.
•
When a Catalyst 3550-24PWR switch is connected to a 10/100/1000 port on another switch that has the speed and duplex modes set to auto, the link between the switches might be down.
The workaround is to set the speed and the duplex mode to auto on the Catalyst 3550-24PWR port and to manually set the speed to 10 or 100 Mbps and the duplex mode to auto on the 10/100/1000 port of the other switch.
Open CMS Caveats
These are the severity 3 CMS configuration caveats:
•
If you try to enable Port Fast on an interface that does not accept it—a trunk port, for example—no message warns you that Port Fast was not enabled.
•
In read-only mode, time ranges are not displayed. See the "Read-Only Mode in CMS" section for more information about CMS modes.
There is no workaround.
•
A red border appears around the text-entering area of some CMS dialogs. The color of the border changes to green when text is entered. This is only a cosmetic error. The colored border does not prevent you from entering text.
There is no workaround.
Note
•
If you open a window in which you can enter text, open another window, and return to the first window, right-clicking in the text field might make the cursor in this field disappear. You can still enter text in the field.
There is no workaround.
•
After you configure a cluster standby group, the configured standby command switches appear in the Current Candidates list.
The workaround is to refresh the Standby Command Switches window. The configured standby command switches now appear in the Standby Command Group list.
•
If you remove a police that is applied to both the ingress and egress directions on an interface, an error message appears.
There is no workaround.
•
When you remove a policy that is applied to both the ingress and egress directions on multiple interfaces, the policy is only removed from the first interface. An error message also appears.
There is no workaround.
•
If you open the QoS Policies window and specify a policy name that is already configured, the Add Class to QoS Policy window that defines a traffic classification opens.
The workaround is to not specify a policy name that is already configured.
•
CMS does not work when a switch is running the crypto software image and the vty lines are configured to use only SSH by using the transport input ssh line vty 0 15 interface configuration command.
The workaround is to allow SSH and Telnet access through the vty lines by using the transport input ssh telnet interface configuration command.
•
In the QoS Trust Settings window, when selecting multiple interfaces in a child window, you cannot disable the interface to override the CoS value of the incoming packets.
The workaround is to use the QoS Trust Settings window instead of the child window to reconfigure the CoS value for an interface.
•
The switch does not show link reports between Catalyst 2900 XL switches and Catalyst 2820 switches.
There is no workaround.
•
When you select an ATM interface on a Catalyst 2924-LRE-XL switch and open the Link Reports window, a read-only error message appears and the MAC address field is red because the Catalyst 2924-LRE-XL switch does not show the MAC addresses on ATM links.
There is no workaround.
•
When you create a policy by configuring a policer, if unsupported values for the average traffic rate and normal size burst are entered, an error message appears.
The workaround is to use the supported values for the average traffic rate and the normal burst size. For the supported values, refer to the software configuration guide for this release.
•
In the QoS Maps window, in read-only mode, details of the DSCP mutation table are not available.
There is no workaround.
•
In the Ping and Trace window, when you ping another device or use traceroute to identify a Layer 2 or Layer 3 path that packets take through a network, these actions occur:
–
–
There are no workarounds.
–
–
•
You cannot create bridge groups on switches that are running the SMI.
Note
The workaround is to not choose or configure fallback bridging in the Fallback Bridging window on switches that are running the SMI.
•
When an ACL is defined in a class map, if the ACL is deleted and then you open QoS Class Modify window, it shows an ACL that is not defined in the class map.
There is no workaround.
•
If you create a time-range entry that is active only on specific days, it might not work if you modify it later.
The workaround is to delete that time-range entry and create it again.
•
When you assign routed ports to a fallback bridge group, CMS does not add the routed ports to the bridge group, and an error message does not appear.
The workaround is to use the CLI to add routed ports to a fallback bridge group.
•
When you select and delete multiple time ranges from the ACL window, not all of the time ranges are deleted.
This is an intermittent problem. The workaround is to reselect the time ranges and try to delete them again.
•
If you open the Standby Command Switches window when other windows, such as the SNMP Management window and the Cisco Group Management Protocol (CGMP) window are open, a NullPointerException message might appear.
The workaround is to refresh the Standby Command Switches window. If the NullPointerException message still appears, close the others windows, re-open the Standby Command Switches window, and then re-open the other windows.
•
If a policer configuration that exceeds the policy-map hardware limitation is applied to a policy map, CMS shows that the policer is applied to the policy map, but the policer is not applied.
The workaround is to refresh the QoS Policies window, select the policy map that was previously configured, and click the Details button to see policy-map details.
•
In Runtime Status tab of the Port Settings window, if you configure an interface description by using one of these words:
–
–
–
–
–
–
CMS does not display the correct port settings in the Configuration Settings and the Runtime Status tabs of the Port Settings window. The duplex and speed settings might appear as NA.
There is no workaround.
•
You cannot use CMS to disable port security on cluster members.
The workaround is to use the no port security interface configuration command to disable port security on each cluster member.
•
In the Front Panel View, when you select a connected port other than the port that was first connected and open the Link Graph window, the graph for another port appears.
The workaround is to open the Link Graph window and select the port for which you want to see in the link graph.
•
When you run a link graph report on a connected port selected from the Front Panel view, the graph displays data for the first connected port, regardless of which port you select.
The workaround is to select a port from the Link Graph window instead of the Front Panel view.
•
When you enable UplinkFast, the maximum-update-rate field does not contain the default value.
There is no workaround.
•
In the UplinkFast tab of the STP window, CMS incorrectly shows the maximum update range as 0 to 1000. The correct range is 0 to 65535.
There is no workaround.
•
After you create a class and apply an ACL to that class, if you delete this ACL and attempt to modify the class by applying another ACL to it, the ACL is not applied to the class.
The workaround is to delete and recreate the class.
•
When one of two switches in a link is down, the link might appear green. This could happen when you are using any of the supported operating systems, browsers, or java plug-ins.
There is no workaround.
•
If an internal power supply of a cluster member switch fails and the switch is using a redundant power system, such as the RPS 300, CMS fails.
The workaround is to fix the internal power supply of the member switch or to replace the switch.
•
Log scaling does not appear in a link graph until the first data values appear in the graph. This happens when you are using any of the supported operating systems, browsers, or java plug-ins.
There is no workaround.
Resolved Caveats
These are the caveats that have been resolved in this release.
•
•
•
IOS Caveat Resolved in Release 12.1(12c)EA1a
This IOS caveat was resolved in Release 12.1(12c)EA1a:
•
A security fix prevents incorrectly-formed Secure Shell (SSH) packets from halting a switch.
For more information, refer to this URL:
http://www.cisco.com/warp/public/707/ssh-packet-suite-vuln.shtml
IOS Caveats Resolved in Release 12.1(12c)EA1
These IOS caveats were resolved in Release 12.1(12c)EA1:
•
When you disable autonegotiation on a GBIC interface by using the speed nonegotiate interface configuration command, the interface no longer indicates that the link is up, even when the link is no longer connected.
•
After you enter the no mls qos interface configuration command, the quality of service (QoS) counters now work correctly.
•
When you change the class action of an existing per-port per-VLAN QoS policy map that is already attached to an interface, the per-port per-VLAN QoS hardware entries on the switch are now modified correctly.
•
The Catalyst 3550 Multilayer Switch Software Configuration Guide now describes when a switch can automatically obtain an IP address from a Dynamic Host Configuration Protocol (DHCP) server and when you must manually assign an IP address to the switch.
•
A switch now provides fail-over protection when up to 16 Hot Standby Router Protocol (HSRP) groups are configured or active.
•
You can create an extended VLAN after rebooting a switch. Previously, creation of an extended VLAN failed after rebooting.
•
802.1X security with Extensible Authentication Protocol Transport Layer Security (EAP-TLS) authentication is now supported.
•
If a policy map has a class map with the match vlan vlan-list criterion, when you apply that policy map to an interface, remove it, and then reapply it to that interface, this error message no longer appears:
%FM-3-WRONGLABEL•
When a port channel member is added or removed from a port channel interface, path cost on the port channel interface reverts to a non-uplinkfast path cost.
•
After the link status and line protocol of a Gigabit Ethernet port are up, the speed and the duplex settings displayed by the show interfaces user EXEC command change to unknown.
•
The switch no longer reloads during repeated interface flapping of a routed EtherChannel.
•
After interface-range parser debugging global configuration command is enabled by using the debug parser interface-range privileged EXEC command, if the interface range global configuration command is entered multiple times, the switch no longer reloads.
•
When classification occurs on a per-port per-VLAN basis by using class maps, if one of the class maps has an ACL with a permit any condition and if some of the VLANs in the VLAN list for that class map are in the VLAN list for another class map, the class map with the permit any condition no longer fails.
•
A switch running Release 12.1(12c)EA1 or later no longer loses the config.text file after these commands are entered:
copy startup-config flash:testfilewr erasecopy flash:testfile startup-configreload•
If the aging time for dynamic MAC addresses is greater than 255 seconds, the addresses that were learned on the affected VLAN now age out at the appropriate time.
•
Downloading a software image by using the archive download-sw privileged EXEC command no longer causes this error message:
Not enough free space to download w/o firstdeleting existing and/or current version(s)...ERROR: Problems deleting existing version.ERROR: Partial copy may still exist.•
Entering the no snmp-server global configuration command no longer causes a switch to fail.
•
When you are applying a per-port per-VLAN policy map to an interface, if the match-VLAN clause in one of the classes applies to a VLAN list from VLAN 1 to VLAN 4094 and if other policy maps apply to VLANs that are already in the previous list, the switch no longer reloads.
•
Dynamic access ports that are also configured to carry Voice-over-IP (VoIP) traffic now send VLAN Query Protocol (VQP) requests.
Cluster Caveats Resolved in Release 12.1(12c)EA1
These cluster caveats were resolved in Release 12.1(12c)EA1:
•
When you enter a remote command on a Catalyst 3550 member switch from a command switch that is not a Catalyst 3550 switch, communication between the switches no longer halts.
•
When Catalyst 1900, 2820, or 2900 XL 4 MB series switches are participating in a cluster and the active command switch fails and then is restored after the standby command switch has updated the members, these legacy switches no longer miss the restoration and correctly retain the standby command switch MAC address.
•
When you start a switch that has a configured SPAN or RSPAN session configured to filter VLANs on source trunk ports, the VLAN filtering now works correctly.
Documentation Updates
You can access all Catalyst 3550 documentation at this URL:
http://www.cisco.com/univercd/cc/td/doc/product/lan/c3550/index.htm
This section provides these updates to the product documentation:
•
•
•
These changes will be included in the next version of the documentation.
References to the Cisco Documentation CD-ROM
The documentation for the Catalyst 2950 switches incorrectly refers to the Cisco Documentation CD-ROM. The Catalyst 2950 switches no longer ship with this CD-ROM.
Corrections to the Software Configuration Guide
These are corrections for the Catalyst 3550 Multilayer Switch Software Configuration Guide:
•
Assign vendor-specific tunnel attributes in the RADIUS server. The RADIUS server must return these attributes to the switch:
–
–
–
Attribute [64] must contain the value VLAN (type 13). Attribute [65] must contain the value 802 (type 6). Attribute [81] specifies the VLAN number assigned to the 802.1X-authenticated user.
Note
The Catalyst 3550 switch does not support the Tunnel-Private-Group-ID field when it is configured as a VLAN name. (CSCdz31076)
•
Do not use the show policy-map interface privileged EXEC command to display classification information for incoming traffic. The interface keyword is not supported, and the statistics shown in the display should be ignored. Instead, you should specify the DSCPs to be monitored by using the mls qos monitor dscp dscp1 ... dscp8 interface configuration command, and then you should use the show mls qos interface interface-id statistics privileged EXEC command. For more information about these commands, refer to the Catalyst 3550 Multilayer Switch Command Reference.
•
With per-port per-VLAN classification, unmatched VLANs are treated similarly to the default class, which means that the unmatched VLANs share the remaining bandwidth. You cannot modify this default-class behavior. If necessary, you can use VLAN map filters to block these VLANs.
Corrections to the Hardware Installation Guide
These are corrections for the Catalyst 3550 Multilayer Switch Hardware Installation Guide:
•
Lightning Activity Warning
Related Documentation
These documents provide complete information about the switch and are available from this Cisco.com site:
http://www.cisco.com/univercd/cc/td/doc/product/lan/c3550/index.htm
You can order printed copies of documents with a DOC-xxxxxx= number from the Cisco.com sites and from the telephone numbers listed in the "Ordering Documentation" section.
•
•
•
•
•
•
•
Obtaining Documentation
These sections explain how to obtain documentation from Cisco Systems.
World Wide Web
You can access the most current Cisco documentation on the World Wide Web at this URL:
Translated documentation is available at this URL:
http://www.cisco.com/public/countries_languages.shtml
Documentation CD-ROM
Cisco documentation and additional literature are available in a Cisco Documentation CD-ROM package, which is shipped with your product. The Documentation CD-ROM is updated monthly and may be more current than printed documentation. The CD-ROM package is available as a single unit or through an annual subscription.
Ordering Documentation
You can order Cisco documentation in these ways:
•
http://www.cisco.com/cgi-bin/order/order_root.pl
•
http://www.cisco.com/go/subscription
•
Documentation Feedback
You can submit comments electronically on Cisco.com. In the Cisco Documentation home page, click the Fax or Email option in the "Leave Feedback" section at the bottom of the page.
You can e-mail your comments to bug-doc@cisco.com.
You can submit your comments by mail by using the response card behind the front cover of your document or by writing to the following address:
Cisco Systems
Attn: Document Resource Connection
170 West Tasman Drive
San Jose, CA 95134-9883We appreciate your comments.
Obtaining Technical Assistance
Cisco provides Cisco.com as a starting point for all technical assistance. Customers and partners can obtain online documentation, troubleshooting tips, and sample configurations from online tools by using the Cisco Technical Assistance Center (TAC) Web Site. Cisco.com registered users have complete access to the technical support resources on the Cisco TAC Web Site.
Cisco.com
Cisco.com is the foundation of a suite of interactive, networked services that provides immediate, open access to Cisco information, networking solutions, services, programs, and resources at any time, from anywhere in the world.
Cisco.com is a highly integrated Internet application and a powerful, easy-to-use tool that provides a broad range of features and services to help you with these tasks:
•
•
•
•
•
If you want to obtain customized information and service, you can self-register on Cisco.com. To access Cisco.com, go to this URL:
Technical Assistance Center
The Cisco Technical Assistance Center (TAC) is available to all customers who need technical assistance with a Cisco product, technology, or solution. Two levels of support are available: the Cisco TAC Web Site and the Cisco TAC Escalation Center.
Cisco TAC inquiries are categorized according to the urgency of the issue:
•
•
•
•
The Cisco TAC resource that you choose is based on the priority of the problem and the conditions of service contracts, when applicable.
Cisco TAC Web Site
You can use the Cisco TAC Web Site to resolve P3 and P4 issues yourself, saving both cost and time. The site provides around-the-clock access to online tools, knowledge bases, and software. To access the Cisco TAC Web Site, go to this URL:
All customers, partners, and resellers who have a valid Cisco service contract have complete access to the technical support resources on the Cisco TAC Web Site. The Cisco TAC Web Site requires a Cisco.com login ID and password. If you have a valid service contract but do not have a login ID or password, go to this URL to register:
http://www.cisco.com/register/
If you are a Cisco.com registered user, and you cannot resolve your technical issues by using the Cisco TAC Web Site, you can open a case online by using the TAC Case Open tool at this URL:
http://www.cisco.com/tac/caseopen
If you have Internet access, we recommend that you open P3 and P4 cases through the Cisco TAC Web Site.
Cisco TAC Escalation Center
The Cisco TAC Escalation Center addresses priority level 1 or priority level 2 issues. These classifications are assigned when severe network degradation significantly impacts business operations. When you contact the TAC Escalation Center with a P1 or P2 problem, a Cisco TAC engineer automatically opens a case.
To obtain a directory of toll-free Cisco TAC telephone numbers for your country, go to this URL:
http://www.cisco.com/warp/public/687/Directory/DirTAC.shtml
Before calling, please check with your network operations center to determine the level of Cisco support services to which your company is entitled: for example, SMARTnet, SMARTnet Onsite, or Network Supported Accounts (NSA). When you call the center, please have available your service agreement number and your product serial number.
This document is to be used with the documentation listed in the "Related Documentation" section.
CCIP, the Cisco Arrow logo, the Cisco Powered Network mark, the Cisco Systems Verified logo, Cisco Unity, Follow Me Browsing, FormShare, iQ Breakthrough, iQ Expertise, iQ FastTrack, the iQ Logo, iQ Net Readiness Scorecard, Networking Academy, ScriptShare, SMARTnet, TransPath, and Voice LAN are trademarks of Cisco Systems, Inc.; Changing the Way We Work, Live, Play, and Learn, Discover All That's Possible, The Fastest Way to Increase Your Internet Quotient, and iQuick Study are service marks of Cisco Systems, Inc.; and Aironet, ASIST, BPX, Catalyst, CCDA, CCDP, CCIE, CCNA, CCNP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, the Cisco IOS logo, Cisco Press, Cisco Systems, Cisco Systems Capital, the Cisco Systems logo, Empowering the Internet Generation, Enterprise/Solver, EtherChannel, EtherSwitch, Fast Step, GigaStack, Internet Quotient, IOS, IP/TV, LightStream, MGX, MICA, the Networkers logo, Network Registrar, Packet, PIX, Post-Routing, Pre-Routing, RateMUX, Registrar, SlideCast, StrataView Plus, Stratm, SwitchProbe, TeleRouter, and VCO are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the U.S. and certain other countries.
All other trademarks mentioned in this document or Web site are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (0208R)
Copyright © 2001-2003, Cisco Systems, Inc.
All rights reserved.
Guest
