Worldwide [change] |Account |Register |About Cisco
Guest

Hierarchical Navigation

Cisco Catalyst 3550 Series Switches

Release Notes for the Catalyst 3550 Multilayer Switch, Cisco IOS Release 12.1(6)EA1

Downloads

Table Of Contents

Release Notes for the
Catalyst 3550 Multilayer Switch
Cisco IOS Release 12.1(6)EA1

Contents

System Requirements

Hardware Supported

Software Compatibility

Recommended Platform Configuration for Web-Based Management

Operating System and Browser Support

Installing the Required Plug-In

Creating Clusters with Different Releases of IOS Software

Supported Catalyst 2900 XL and Catalyst 3500 XL Switches

Supported Catalyst 2950 Switches

Supported Catalyst 1900 and 2820 Switches

Downloading Software

Determining the Software Version and Feature Set

Which Files to Use

Upgrading a Switch by Using CMS

Upgrading a Switch by Using the CLI

Recovering from Software Failure

Installation Notes

Setting Up the Catalyst 3550 Initial Configuration

Configuring Browsers and Accessing CMS

Configuring Netscape Communicator (All Versions)

Configuring Microsoft Internet Explorer (4.01)

Configuring Microsoft Internet Explorer (5.0)

Displaying the CMS Access Page

New Features in This Release

New Hardware Features

New Software Features

Limitations and Restrictions

Important Notes

Open Caveats

Open IOS Caveats

Open Cluster Caveats

Open Cluster Management Suite Caveats

Resolved Caveats

Resolved IOS Caveats

Resolved Cluster Caveats

Resolved Cluster Management Suite Caveats

Related Documentation

Obtaining Documentation

World Wide Web

Documentation CD-ROM

Ordering Documentation

Documentation Feedback

Obtaining Technical Assistance

Cisco.com

Technical Assistance Center

Cisco TAC Web Site

Cisco TAC Escalation Center


Release Notes for the
Catalyst 3550 Multilayer Switch
Cisco IOS Release 12.1(6)EA1

November 16, 2001

Cisco IOS Release 12.1(6)EA1 runs on Catalyst 3550 multilayer switches.

These release notes include important information about this IOS release and any limitations, restrictions, and caveats that apply to it. For the complete list of Catalyst 3550 switch documentation, see the "Related Documentation" section.

This IOS release is part of a special release of Cisco IOS software that is not released on the same 8-week maintenance cycle that is used for other platforms. As maintenance releases and future IOS releases become available, they will be posted to Cisco.com (previously Cisco Connection Online [CCO]) in the Cisco IOS software area.

Contents

This document has these sections:

"System Requirements" section

"Downloading Software" section

"Installation Notes" section

"New Features in This Release" section

"Limitations and Restrictions" section

"Important Notes" section

"Open Caveats" section

"Resolved Caveats" section

"Related Documentation" section

"Obtaining Documentation" section

"Obtaining Technical Assistance" section

System Requirements

This section describes these system requirements for this IOS release:

"Hardware Supported" section

"Software Compatibility" section

Hardware Supported

Table 1 lists the hardware supported by this IOS release.

Table 1 Supported Hardware

Switch
Description

Catalyst 3550-12T

10 Gigabit Ethernet 10/100/1000BASE-T ports and 2 Gigabit Interface Converter (GBIC)-based Gigabit Ethernet slots

Catalyst 3550-12G

10 GBIC-based Gigabit Ethernet slots and 2 10/100/1000BASE-T ports

GBIC modules

1000BASE-SX GBIC

1000BASE-LX/LH GBIC

1000BASE-ZX GBIC

1000BASE-T GBIC

GigaStack GBIC

Redundant power system

Cisco RPS 300 Redundant Power System


Software Compatibility

This section describes these software compatibility requirements for this IOS release:

"Recommended Platform Configuration for Web-Based Management" section

"Operating System and Browser Support" section

"Installing the Required Plug-In" section

"Creating Clusters with Different Releases of IOS Software" section

Recommended Platform Configuration for Web-Based Management

Table 2 lists the recommended platforms for web-based management.

Table 2 Recommended Platform Configuration for Web-Based Management

OS
Processor Speed
DRAM
Number of Colors
Resolution
Font Size

Windows NT 4.0

Pentium 300 MHz

128 MB

65,536

1024 x 768

Small

Solaris 2.5.1

SPARC 333 MHz

128 MB

Most colors for applications

Small (3)


The minimum PC requirement is a Pentium processor running at 233 MHz with 64 MB of DRAM. The minimum UNIX workstation requirement is a Sun Ultra 1 running at 143 MHz with 64 MB of DRAM.

For information about supported operating systems, see the next section.

Operating System and Browser Support

You can access the web-based interfaces through the browsers listed in Table 3. The switch checks the browser version when starting a session to ensure that the browser is supported. If the browser is not supported, the switch displays an error message, and the session does not start.

Table 3 Operating System and Browser Support

Operating System
Minimum Service Pack or Patch
Netscape Communicator1
Microsoft Internet Explorer

Windows 95

Service Pack 1

4.61, 4.7

4.01a or 5.0

Windows 98

Second Edition

4.61, 4.7

4.01a or 5.0

Windows NT 4.0

Service Pack 3 or later

4.61, 4.7

4.01a or 5.0

Windows 2000

None

4.61, 4.7

4.01a or 5.0

Solaris 2.5.1 or later

Sun-recommended patch cluster for the OS and Motif library patch 103461-24

4.61, 4.7

Not supported

1 Netscape Communicator version 4.60 is not supported.


Note If your browser is Internet Explorer and you receive an error message stating that the page might not display correctly because your security settings prohibit running activeX controls, this might mean that your security settings are set too high. To lower security settings, go to Tools > Internet Options, and select the Security tab. Select the indicated Zone, and move the Security Level for this Zone slider from High to Medium (the default).

Installing the Required Plug-In

A Java plug-in is required for the browser to access the Java-based Cluster Management Suite (CMS). Download and install the plug-in before you start CMS. Each platform, Windows and Solaris, supports two plug-in versions, one of which is recommended. For information on the supported plug-ins, see the "Windows 2000, Windows 95, Windows 98, and Windows NT 4.0 Platforms" section and "Solaris Platforms" section.

You can download the recommended plug-ins from this site: http://www.cisco.com/pcgi-bin/tablebuild.pl/java.

If the Java applet does not initialize after you have installed the plug-in, open the Java Plug-in Control Panel (Start > Programs > Java Plug-in Control Panel), and verify these settings:

In the Proxies tab, verify that Use browser settings is checked and that no proxies are enabled.

Note If you are running McAfee VirusScan on Windows 2000 and the plug-in takes a long time to load, you can speed up CMS operation by disabling the VirusScan Internet Filter option, the Download Scan option, or both.

From the Start menu, disable the options by selecting Start > Programs > Network Associates > Virus Scan Console > Configure.

or

From the taskbar, right-click the Virus Shield icon and in the Quick Enable menu, disable the options by deselecting Internet Filter or Download Scan.

Windows 2000, Windows 95, Windows 98, and Windows NT 4.0 Platforms

These Java plug-ins are supported on the Windows platform:

Caution To avoid performance and compatibility issues, do not use Java plug-ins later than Java plug-in 1.3.0.

Java plug-in 1.3.0 (recommended)

If you start CMS without having installed the required Java plug-in, the browser automatically detects this. If you are using a supported Internet Explorer browser, it automatically downloads and installs the plug-in. If you are using a supported Netscape browser, the browser displays a Cisco.com page that contains the Java plug-in and installation instructions.

If you are using Windows 2000, Netscape Communicator might not detect the missing Java plug-in.

You can download this plug-in and instructions from this URL:

http://www.cisco.com/pcgi-bin/tablebuild.pl/java

Note Uninstall older versions of the Java plug-ins before installing the Java plug-in 1.3.0.

Java plug-in 1.2.2_05

This plug-in is not automatically downloaded to the switch; however, you can download it from http://www.cisco.com/pcgi-bin/tablebuild.pl/java.

Solaris Platforms

These Java plug-ins are supported on the Solaris platform:

Caution To avoid performance and compatibility issues, do not use Java plug-ins later than Java plug-in 1.3.0.

Java plug-in 1.2.2_07 (recommended)

You can download this plug-in and instructions from this URL:

http://www.cisco.com/pcgi-bin/tablebuild.pl/java

To install the Java plug-in, follow the instructions in the README_FIRST.txt file.

Java plug-in 1.3.0

You can download this plug-in and instructions from this URL:

http://www.cisco.com/pcgi-bin/tablebuild.pl/java

To install the Java plug-in, follow the instructions in the README_FIRST.txt file.

Creating Clusters with Different Releases of IOS Software

When a cluster consists of Catalyst 3550 switches and a mixture of other Catalyst switches, we strongly recommend using only the Catalyst 3550 switches as the command and standby command switches. When the command switch is a Catalyst 3550 switch, all standby command switches must also be Catalyst 3550 switches.

These switches are eligible cluster members:

Catalyst 3500 XL switches running Release 12.0(5.1)XU or later

Catalyst 2950 switches running Release 12.0(5)WC(1) or later

Catalyst 2900 XL switches with 8 MB of DRAM running Release 12.0(5.1)XU or later

Catalyst 2916M-XL with 4 MB of DRAM running Release 11.2(8.5)SA6 or later

Catalyst 1900 and 2820 switches running Release 9.00.00 or later

Some versions of the Catalyst 2900 XL software do not support clustering and if you have a cluster with switches that are running different versions of IOS software, software features added on the latest release might not be reflected on switches running the older versions. For example, if you start Visual Switch Manager (VSM) on a Catalyst 2900 XL switch running Release 11.2(8)SA6, the windows and functionality can be different from a switch running Release 12.0(5)WC(1) or later.

Note The CMS is not forward-compatible, which means that if a member switch is running a software version that is newer than the release running on the command switch, the member switch is displayed as an unknown device in the Front Panel view. You cannot configure any parameters or generate a report through CMS for that member; instead, you must launch the Device Manager application to perform configuration and obtain reports for that member.

Supported Catalyst 2900 XL and Catalyst 3500 XL Switches

Table 4 lists the cluster capabilities and software versions for Catalyst 2900 XL and Catalyst 3500 XL switches.

Table 4 Catalyst 2900 XL and Catalyst 3500 XL Switch Software and Cluster Capability

Switch
IOS Release
Cluster Capability

Catalyst 3500 XL

Release 12.0(5.1)XU or later

Member or command switch

Catalyst 2900 XL (8-MB switches)

Release 12.0(5.1)XU or later

Member switch only

Catalyst 2900 XL (4-MB switches such as the 2916M-XL)

Release 11.2(8.5)SA6 or later

Edge device; no clustering capabilities


Supported Catalyst 2950 Switches

The Catalyst 2950 switches can be command and member switches.

Supported Catalyst 1900 and 2820 Switches

Catalyst 1900 and 2820 switches are always member switches, not command switches. Catalyst 1900 and 2820 switches must be running Software Release 9.00 (-A or -EN) to be cluster members.

Downloading Software

This section describes these procedures for downloading software:

"Determining the Software Version and Feature Set" section

"Which Files to Use" section

"Upgrading a Switch by Using CMS" section

"Upgrading a Switch by Using the CLI" section

Note Before downloading software, read this section for important information.

Determining the Software Version and Feature Set

The IOS image is stored as a .bin file in a directory that is named with the IOS release. A subdirectory contains the HTML files needed for web management. The image is stored on the system board Flash device (flash:).

You can use the show version privileged EXEC command to see the software version that is running on your switch. In the display, check the line that begins with System image file is. It shows the directory name in Flash memory where the image is stored. A couple of lines below the image name, you see Running Layer 2/3 Switching Image, which means you are running the enhanced multilayer switch image.

You can also use the dir filesystem: privileged EXEC command to see the directory names of other software images that you might have stored in Flash memory.

Which Files to Use

The upgrade procedures in these release notes describe how to perform the upgrade by using a combined .tar file. This file contains both the IOS image file and the HTML files (needed for the CMS). You must use the combined .tar file to upgrade the switch through the CMS.

The .tar file is an archive file from which you can extract files by using the tar command. You also use the .tar file to upgrade the system by using the archive download-sw privileged EXEC command.

Table 5 lists the software file name for this IOS release.

Table 5 Cisco IOS Software Files for Catalyst 3550 Switches

Filename
Description

c3550-i5q3l2-mz.121-6.EA1.tar

IOS image file and HTML files
This image, the enhanced multilayer switch image, has both Layer 2 and Layer 3 features.


Upgrading a Switch by Using CMS

You can upgrade switch software by using CMS. From the menu bar, select Administration > Software Upgrade. For detailed instructions, click Help.

Upgrading a Switch by Using the CLI

This procedure is for copying the combined .tar file to the Catalyst 3550 switch. You copy the file to the switch from a TFTP server and extract the files. You can download an image file and replace or keep the current image.

To download software, and if necessary, the TFTP server application, follow these steps:

Step 1 Use Table 5 to identify the file that you want to download.

Step 2 Download the software image file.

If you have a SmartNet support contract, log in to one of these URLs to download the appropriate files:

http://www.cisco.com/cgi-bin/tablebuildpl/cat3550

If you do not have a SmartNet contract, download the appropriate files from this URL:

http://www.cisco.com/pcgi-bin/tablebuild.pl/cat3550

Step 3 Download the Cisco TFTP server from the URL listed in Step 2, if necessary. The information on this page describes how to download and configure the TFTP server.

Step 4 Copy the image to the appropriate TFTP directory on the workstation, and make sure the TFTP server is properly configured.

For more information, refer to Appendix B in the Catalyst 3550 Multilayer Switch Software Configuration Guide.

Step 5 Log in to the switch through the console port or a Telnet session.

Step 6 Download the image file from the TFTP server to the switch. If you are installing the same version of software that is currently on the switch, overwrite the current image by using this privileged EXEC command: 

archive download-sw /overwrite /reload tftp:[[//location]/directory]/image-name.tar

The /overwrite option overwrites the software image in Flash memory with the downloaded one.

The /reload option reloads the system after downloading the image unless the configuration has been changed and not been saved.

For //location, specify the IP address of the TFTP server.

For /directory/image-name.tar, specify the directory (optional) and the image to download. Directory and image names are case sensitive.

This example shows how to download an image from a TFTP server at 172.20.129.10 and to overwrite the image on the switch: 

Switch# archive download-sw /overwrite tftp://172.20.129.10/c3550-i5q3l2-mz.121-6.EA1.tar

Note You can also download the image file from the TFTP server to the switch and keep the current image by replacing the /overwrite option with the /leave-old-sw option.

Recovering from Software Failure

In the software fails, you can reload the software. For detailed recovery procedures, refer to the "Troubleshooting" chapter in the Catalyst 3550 Multilayer Switch Software Configuration Guide.

Installation Notes

You can assign IP information to your switch by using the setup program, the Dynamic Host Configuration Protocol (DHCP)-based autoconfiguration (refer to the Catalyst 3550 Multilayer Switch Software Configuration Guide), or by manually assigning an IP address (refer to the Catalyst 3550 Multilayer Switch Software Configuration Guide).

This section describes these installation procedures:

"Setting Up the Catalyst 3550 Initial Configuration" section

"Configuring Browsers and Accessing CMS" section

Setting Up the Catalyst 3550 Initial Configuration

The first time that you access the switch, it runs a setup program that prompts you for an IP address and other configuration information necessary for the switch to communicate with the local routers and the Internet. This information is also required if you plan to use the CMS to configure and manage the switch.

Note If the switch will be a cluster member managed through the IP address of the command switch, it is not necessary to assign IP information or a password. If you are configuring the switch as a standalone switch or as a command switch, you must assign IP information.

Follow these steps to create an initial configuration for the switch:

Step 1 Enter Yes at the first two prompts. 

Would you like to enter the initial configuration dialog? [yes/no]: yes


At any point you may enter a question mark '?' for help.

Use ctrl-c to abort configuration dialog at any prompt.

Default settings are in square brackets '[]'.


Basic management setup configures only enough connectivity

for management of the system, extended setup will ask you

to configure each interface on the system.


Would you like to enter basic management setup? [yes/no]: yes

Step 2 Enter a host name for the switch, and press Return.

On a command switch, the host name is limited to 28 characters; on a member switch to 31 characters. Do not use -n, where n is a number, as the last character in a host name for any switch. 

Enter host name [Switch]: host_name

Step 3 Enter a secret password, and press Return.

The password can be from 1 to 25 alphanumeric characters, can start with a number, is case sensitive, allows spaces, but ignores leading spaces. 

Enter enable secret: secret_password

Step 4 Enter an enable password, and press Return. 

Enter enable password: enable_password

Step 5 Enter a virtual terminal (Telnet) password, and press Return.

The password can be from 1 to 25 alphanumeric characters, is case sensitive, allows spaces, but ignores leading spaces. 

Enter virtual terminal password: terminal-password

Step 6 (Optional) Configure the Simple Network Management Protocol (SNMP) by responding to the prompts.

Step 7 Enter the interface name (physical interface or VLAN name) of the interface that connects to the management network, and press Return. For this release, always use vlan 1 as that interface. 

Enter interface name used to connect to the

management network from the above interface summary: vlan 1

Step 8 Configure the interface by entering the switch IP address and subnet mask and pressing Return: 

Configuring interface vlan 1:

Configure IP on this interface? [yes]: yes 

IP address for this interface: 10.4.120.106

Subnet mask for this interface [255.0.0.0]: 255.255.255.0

Step 9 Enter Y to configure the switch as the cluster command switch. Enter N to configure it as a member switch or as a standalone switch.

If you enter N, the switch appears as a candidate switch in the CMS. In this case, the message in Step 10 is not displayed. 

Would you like to enable as a cluster command switch? [yes/no]: yes

Step 10 Assign a name to the cluster, and press Return. 

Enter cluster name: cluster_name

The cluster name can be 1 to 31 alphanumeric characters, dashes, or underscores.

The initial configuration appears: 

The following configuration command script was created:


hostname host-name

enable secret 5 $1$LiBw$0Xc1wyT.PXPkuhFwqyhVi0

enable password enable-password

line vty 0 15

password terminal-password

snmp-server community public

!

no ip routing

!

interface vlan 1

no shutdown

ip address 10.4.120.106 255.255.255.0


interface GigabitEthernet0/1

shutdown

no ip address

!

interface GigabitEthernet0/2

shutdown

no ip address

!         

...<output abbreviated>

!

interface GigabitEthernet0/12

shutdown

no ip address


cluster enable cluster-name

!

end

Step 11 These choices are displayed: 

[0] Go to the IOS command prompt without saving this config.


[1] Return back to the setup without saving this config.


[2] Save this configuration to nvram and exit.


Enter your selection [2]:

Make your selection, and press Return.

After you complete the setup program, the switch can run the created default configuration. If you want to change this configuration or want to perform other management tasks, use one of these tools:

Command-line interface (CLI)

Cluster Management Suite from your browser

Configuring Browsers and Accessing CMS

For the browser to use CMS, a Java plug-in is required, as described in the "Installing the Required Plug-In" section. After you have assigned an IP address to the switch and installed the plug-in, you can access the switch from your browser and use the CMS to configure other switches. To use the web-based tools, see the "Software Compatibility" section to set up the appropriate browser options.

This section describes these installation procedures:

"Configuring Netscape Communicator (All Versions)" section

"Configuring Microsoft Internet Explorer (4.01)" section

"Configuring Microsoft Internet Explorer (5.0)" section

"Displaying the CMS Access Page" section

Configuring Netscape Communicator (All Versions)

Follow these steps to configure Netscape Communicator:

Step 1 Start Netscape Communicator.

Step 2 From the menu bar, select Edit > Preferences.

Step 3 In the Preferences window, click Advanced.

Step 4 Check the Enable Java, Enable JavaScript, and Enable Style Sheets check boxes.

Step 5 From the menu bar, select Edit > Preferences.

Step 6 In the Preferences window, click Advanced Cache, and select Every time.

Step 7 Click OK to return to the browser Home page.

Configuring Microsoft Internet Explorer (4.01)

Follow these steps to configure Microsoft Internet Explorer 4.01:

Step 1 Start Internet Explorer.

Step 2 From the menu bar, select View > Internet Options.

Step 3 In the Internet Options window, click the Advanced tab.

a. Scroll through the list of options until you see Java VM. Check the Java logging enabled and Java JIT compiler enabled check boxes.

b. Click Apply.

Step 4 In the Internet Options window, click the General tab.

a. In the Temporary Internet Files section, click Settings.

b. In the Settings window, select Every visit to the page, and click OK.

Configuring Microsoft Internet Explorer (5.0)

Note During the installation of this browser, make sure to check the Install Minimal or Customize Your Browser check box. In the Component Options window in the Internet Explorer 5 section, make sure to check the Microsoft Virtual Machine check box to display applets written in Java.

Follow these steps to configure Microsoft Internet Explorer 5.0:

Step 1 Start Internet Explorer.

Step 2 From the menu bar, select Tools > Internet Options.

Step 3 In the Internet Options window, click the Advanced tab.

a. Scroll through the list of options until you see Java VM. Check the Java logging enabled and JIT compiler for virtual machine enabled check boxes.

b. Click Apply.

Step 4 In the Internet Options window, click the General tab.

a. In the Temporary Internet Files section, click Settings.

b. In the Settings window, select Every visit to the page, and click OK.

If you are using Microsoft Internet Explorer 5.0 to make configuration changes to the switch, note that this browser does not automatically reflect the latest configuration changes. Make sure that you click Refresh for every configuration change.

Displaying the CMS Access Page

After the browser is configured, display the CMS access page:

Step 1 Enter the switch IP address in the browser Location field (Netscape Communicator) or Address field (Internet Explorer), and press Return.

Step 2 Enter your username and password when prompted. The password provides level 15 access. The Cisco Systems Access page appears. For more information on setting passwords and privilege levels, refer to the Catalyst 3550 Multilayer Switch Software Configuration Guide.

Step 3 Click Web Console to launch the CMS applet.

If you access CMS from a standalone or a cluster-member switch, Device Manager appears.

New Features in This Release

This section describes the new supported hardware and the new software features for the Catalyst 3550 switches that are provided in this release.

"New Hardware Features" section

"New Software Features" section

New Hardware Features

For a list of supported hardware, see the "Hardware Supported" section.

New Software Features

This software release contains these new features or enhancements:

Switch Port Analyzer (SPAN)—This feature enables users to analyze network traffic passing through ports or VLANs on a switch by sending a copy of the traffic to another port on the switch that is connected to a SwitchProbe device or other Remote Monitoring (RMON) probe. SPAN mirrors received or transmitted (or both) traffic on a source port. It can mirror received traffic on multiple source ports or one or more source VLANs to a destination port for analysis. The commands for this feature are the monitor session global configuration command and the show monitor privileged EXEC command.

Quality of Service (QoS) egress expedite queue—The priority queue is serviced until empty and before the other queues are serviced. The command for this feature is the priority-queue out interface configuration command.

The Switch Database Management (SDM) templates for Gigabit Ethernet switches have been revised to allow more QoS and security access control lists (ACLs), and all templates now support 1-K Layer 2 VLANs.

CMS—includes support for SPAN and the QoS egress expedite queue, support for suppression levels in configuring storm control, and inline editing of settings in many configuration windows.

For a detailed description of the software features supported on the switch, refer to the Catalyst 3550 Multilayer Switch Software Configuration Guide.

Limitations and Restrictions

You should review this section before you begin working with the switches. These are known limitations that will not be fixed, and there is not always a workaround. Some features might not work as documented, and some features could be affected by recent changes to the switch hardware or software.

In IP multicast routing and fallback bridging, certain hardware features are used to replicate packets for the different VLANs of an outgoing trunk port. If the incoming speed is line rate, the outgoing interface cannot duplicate that speed (because of the replication of the packets). As a result, certain replicated packets are dropped. (CSCdt06418)

When a Catalyst 2900 XL or Catalyst 3500 XL cluster command-switch is connected to a Catalyst 3550 switch, the command switch does not find any cluster candidates beyond the Catalyst 3550 switch if it is not a member of the cluster. You must add the Catalyst 3550 switch to the cluster. You can then see any cluster candidates connected to it. (CSCdt09918)

When you use the no interface port-channel global configuration command to remove an EtherChannel group, the ports in the port group change to the administratively down state.

When you remove an EtherChannel group, enter the no shutdown interface configuration command on the interfaces that belonged to the port group to bring them back on line. (CSCdt10825)

The mac-address interface configuration command does not properly assign a MAC address to an interface. This command is not supported on Catalyst 3550 switches. (CSCds11328)

In the output displayed after a show interface interface-id privileged EXEC command, the output buffer failures field shows the number of packets lost before replication, whereas the packets output field shows the successful transmitted packets after replication. To determine actual discarded frames, multiply the output buffer failures by the number of VLANs on which the multicast data is replicated. (CSCdt26928)

Internet Group Management Protocol (IGMP) packets classified by QoS to map the Differentiated Service Code Point (DSCP) value and the class of service (CoS) value in a QoS policy map might only modify the DSCP property and leave the CoS value at zero. (CSCdt27705)

If you assign both tail-drop threshold percentages to 100 percent by using the wrr-queue threshold interface configuration command and display QoS information for this interface by using the show mls qos interface statistics privileged command, the drop-count statistics are always zero even if the thresholds were exceeded. To display the total number of discarded packets, use the show controllers ethernet-controllers interface-id privileged EXEC command. In the display, the number of discarded frames includes the frames that were dropped when the tail-drop thresholds were exceeded. (CSCdt29703)

Disabling autonegotiation on a GBIC interface by using the speed nonegotiate interface configuration command might cause the interface to indicate that the physical link is up, even when it is not connected. (CSCdv29722)

Open Shortest Path First (OSPF) path costs and Interior Gateway Routing Protocol (IGRP) metrics are incorrect for switch virtual interface (SVI) ports. You can manually configure the bandwidth of the SVI by using the bandwidth interface configuration command. Changing the bandwidth of the interface changes the routing metric for the routes when the SVI is used as an outgoing interface. (CSCdt29806)

When there is a transition from the cluster active command-switch to the standby command-switch, Catalyst 1900, 2820, and 4-MB 2900 switches that are cluster members might lose their cluster configuration. You must manually add these switches back to the cluster.
(CSCds32517, CSCds44529, CSCds55711, CSCds55787, CSCdt70872)

On the Catalyst 3550, coldStart and warmStart traps are not consistently sent. (CSCdt33779)

Remote Monitoring (RMON) collection functions on physical interfaces, but it is not supported on EtherChannels and SVIs. (CSCdt36101)

When clustering is enabled, do not configure SNMP community strings of more than 59 bytes, or clustering SNMP might not work correctly. (CSCdt39616)

If both the active command-switch and the standby command-switch fail at the same time, the cluster is not automatically recreated. Even if there is a third passive command-switch, it might not recreate all cluster members because it might not have all the latest cluster configuration information. You must manually recreate the cluster if both the active and standby command-switches simultaneously fail. (CSCdt43501)

Multicast router information is displayed in the show ip igmp snooping mrouter privileged EXEC command when IGMP snooping is disabled. Multicast VLAN Registration (MVR) and IGMP snooping use the same commands to display multicast router information. In this case, MVR is enabled, and IGMP snooping is disabled. (CSCdt48002)

When a VLAN interface has been disabled and restarted multiple times by using the shutdown and no shutdown interface configuration commands, the interface might not restart following a no shutdown command. To restart the interface, re-enter a shutdown and no shutdown command sequence. (CSCdt54435)

When you configure the ip pim spt-threshold infinity interface configuration command, you want all sources for the specified group to use the shared tree and not use the source tree. However, the switch does not automatically start to use the shared tree. No connectivity problem occurs, but the switch continues to use the shortest path tree for multicast group entries already installed in the mroute table. You can enter the clear ip mroute * privileged EXEC command to force the change to the shared tree. (CSCdt60412)

The show ip mroute count privileged EXEC command might display incorrect packet counts. In certain transient states (for example, when a multicast stream is forwarded only to the CPU during the route-learning process and the CPU is programming this route into the hardware), a multicast stream packet count might be counted twice. Do not trust the counter during this transient state. (CSCds61396)

If the number of multicast routes configured on the switch is greater than the switch can support, it might run out of available memory, which can cause it to reboot. This is a limitation in the platform-independent code. (CSCdt63354)

The workaround is to not configure the switch to operate with more than the maximum number of supported multicast routes. You can use the show sdm prefer and show sdm prefer routing privileged EXEC commands to view approximate maximum configuration guidelines for the current SDM template and the routing template.

The dec keyword is not supported in the bridge bridge-group protocol global configuration command. If two Catalyst 3550 switches are connected to each other through an interface that is configured for IP routing and fallback bridging, and the bridge group is configured with the bridge bridge-group protocol dec command, both switches act as if they were the spanning tree root. Therefore, spanning-tree loops might be undetected. (CSCdt63589)

Modifying a multicast boundary access list does not prevent packets from being forwarded by any multicast routes that were in existence before the access list was modified if the packets arriving on the input interface do not violate the boundary. However, no new multicast routes that violate the updated version of the multicast boundary access list are learned, and any multicast routes that are in violation of the updated access list are not relearned if they age out.

After updating a multicast boundary, the workaround is to use the clear ip mroute privileged EXEC command to delete any existing multicast routes that violate the updated boundary. (CSCdr79083)

When changing the link speed of a Gigabit Ethernet port from 1000 Mbps to 100 Mbps, there is a slight chance that the port will stop transmitting packets. If this occurs, shut down the port, and re-enable it by using the shutdown and no shutdown interface configuration commands. (CSCds84279)

When an IP packet with a cyclic redundancy check (CRC) error is received, the per-packet per-DSCP counter (for DSCP 0) is incremented. Normal networks should not have packets with CRC errors. (CSCdr85898)

The behavior of a software ACL with QoS is different from a hardware ACL with QoS. On the Catalyst 3550 switch, when the QoS hardware rewrites the DSCP of a packet, the rewriting of this field happens before software running on the CPU examines the packet, and the CPU sees only the new value and not the original DSCP value.

When the security hardware ACL matches a packet on input, the match uses the original DSCP value. For output security ACLs, the security ACL hardware should match against the final, possibly changed, DSCP value as set by the QoS hardware. Under some circumstances, a match to a security ACL in hardware prevents the QoS hardware from rewriting the DSCP and causes the CPU to use the original DSCP.

If a security ACL is applied in software (because the ACL did not fit into hardware, and packets were sent to the CPU for examination), the match probably uses the new DSCP value as determined by the QoS hardware, regardless of whether the ACL is applied at the input or at the output. When packets are logged by the ACL, this problem can also affect whether or not a match is logged by the CPU even if the ACL fits into hardware and the permit or deny filtering was completed in hardware.

To avoid these issues, whenever the switch rewrites the DSCP of any packet to a value different from the original DSCP, security ACLs should not test against DSCP values in any of their access control entries (ACEs), regardless of whether the ACL is being applied to an IP access group or to a VLAN map. This restriction does not apply to ACLs used in QoS class maps.

If the switch is not configured to rewrite the DSCP value of any packet, it is safe to match against DSCP in ACLs used for IP access groups or for VLAN maps because the DSCP does not change as the packet is processed by the switch.

The DSCP field of an IP packet encompasses the two fields that were originally designated precedence and TOS (type of service). Statements relating to DSCP apply equally to either IP precedence or IP TOS. (CSCdt94355)

Traffic suppression (configured by using the switchport broadcast, switchport multicast, and switchport unicast interface configuration commands) is supported only on physical interfaces; it is not supported on EtherChannel port channels even though you can enter these commands through the CLI.

The Cisco RPS 300 Redundant Power System supports the Catalyst 3550 multilayer switch and provides redundancy for up to six connected devices until one of these devices requires backup power. If a connected device has a power failure, the RPS immediately begins supplying power to that device and sends status information to other connected devices that it is no longer available as a backup power source. As described in the device documentation, when the RPS LED is amber, the RPS is connected but down. However, this might merely mean that the RPS is in standby mode. Press the Standby/Active button on the RPS to put it into active mode. You can view RPS status through the CLI by using the show rps privileged EXEC command. For more information, refer to the RPS 300 Hardware Installation Guide.

You can connect the switch to a PC by using the switch console port and the supplied rollover cable and the DB-9 adapter. You need to provide a RJ-45-to-DB-25 female DTE adapter if you want to connect the switch console port to a terminal. You can order a kit (part number ACS-DSBUASYN=) with this RJ-45-to-DB-25 female DTE adapter from Cisco.

Host names and Domain Name System (DNS) server names that contain commas on a cluster command switch, member switch, or candidate switch can cause CMS to behave unexpectedly. You can avoid this instability in the interface by not using commas in host names or DNS names. Do not enter commas when also entering multiple DNS names in the IP Configuration tab of the IP Management window in CMS.

ACEs that contain the host keyword precede all other ACEs in standard ACLs. You can reposition the ACEs in a standard ACL with one restriction: No ACE with the any keyword or a wildcard mask can precede an ACE with the host keyword.

Important Notes

This section describes important information related to this IOS release.

When you are configuring a cascaded stack of Catalyst 3550 switches by using the GigaStack GBIC and want to include more than one VLAN in the stack, be sure to configure all the GigaStack GBIC interfaces as trunk ports by using the switchport mode trunk interface configuration command and to use the same encapsulation method by using the switchport encapsulation {isl | dot1q} interface configuration command. For more information about these commands, refer to the Catalyst 3550 Multilayer Switch Command Reference.

If the 1000BASE-T GBIC (WS-G5482) is not securely inserted, the switch might fail to recognize it or might display an incorrect media type following a show interface privileged EXEC command entry. If this happens, remove and reinsert the GBIC.

If you use CMS on Windows 2000, it might not apply configuration changes if the enable password is changed from the CLI during your CMS session. You have to restart CMS and enter the new password when prompted. Platforms other than Windows 2000 prompt you for the new enable password when it is changed.

CMS does not display QoS classes that are created through the CLI if these classes have multiple match statements. When using CMS, you cannot create classes that match more than one match statement. CMS does not display policies that have such classes.

If you use Internet Explorer Version 5.5 and select a URL with a nonstandard port at the end of the address (for example, www.add.com:84), you must enter http:// as the URL prefix. Otherwise, you cannot launch CMS.

Within an ACL, you can change the sequence of ACEs that have the host keyword. However, because such ACEs are independent of each other, the change has no effect on the way the ACL filters traffic.

If you use the Netscape browser to view the CMS GUI and you resize the browser window while CMS is initializing, CMS does not resize to fit the window.

Resize the browser window again when CMS is not busy.

CMS does not start if the temporary directory on your computer runs out of memory. This problem can occur because of a bug in the 1.2.2 version of the Java plug-in. The plug-in creates temporary files in the directory whenever it runs CMS, and the directory eventually runs out of plug-in space.

The workaround is to remove all the jar_cache*.tmp files from the temporary directory. The path to the directory is different for different operating systems:

Solaris: /var/tmp
Windows NT and Windows 2000: \TEMP
Windows 95 and 98: \Windows\Temp

Open Caveats

This section describes these open caveats with possible unexpected activity in this IOS release:

"Open IOS Caveats" section

"Open Cluster Caveats" section

"Open Cluster Management Suite Caveats" section

Open IOS Caveats

This section describes the severity 3 IOS configuration caveats:

CSCdv10257

You cannot set the vmVlanType object in CISCO-VLAN-MEMBERSHIP-MIB, which means that you cannot convert a port from static to dynamic access by using SNMP.

The workaround is to use the switchport access vlan dynamic interface configuration command to to change an access port from static to dynamic.

CSCdv10276

The switch does not generate the vmVmpsChange trap in CISCO-VLAN-MEMBERSHIP-MIB, so there is no way to monitor VMPS change event by using SNMP.

There is no workaround.

CSCdt11224

Sometimes unknown unicast, unknown multicast, and broadcast packets are flooded from the multicast VLAN to MVR receiver ports.

There is no workaround.

CSCdv15832

If a routed interface is configured with a multicast boundary by using the ip multicast boundary interface configuration command, and there are ACLs configured, if the ACLs are modified or the multicast boundary is removed, this might not affect the existing multicast routes.

The workaround is to delete the multicast routing table by using the clear ip mroute * privileged EXEC command.

CSCdv20470

An interface-range macro created with the define interface-range global configuration command might be rejected when referenced in a subsequent interface range macro global configuration command or might produce results on interfaces that were not included in the macro definition.

The workaround is to not use the define interface-range command to configure a range of interfaces. Instead, use the interface range port-range global configuration command.

CSCdv21103

When a dynamic port is configured with an access VLAN that is later deleted from the VLAN database, Dynamic Trunking Protocol (DTP) negotiation might fail on that port the next time the switch is reloaded or the port is shut down and re-enabled.

The workaround after you delete a VLAN from the VLAN database is to verify access VLAN assignments for all ports to ensure that all access VLANs are still valid. Alternatively, use the switchport mode trunk interface configuration command to configure static trunking on the port.

CSCdv21765

If the MAC address table associated with an MVR VLAN or an MVR receiver VLAN contains a large number of MAC addresses, disabling and re-enabling MVR might take a long time because the CPU needs to search the table for conflicting static multicast addresses.

The workaround is to clear the MAC address tables for the associated VLANs by using the clear mac-address-table dynamic vlan vlan-id (where the vlan-id is the MVR VLAN and the receiver VLANs) privileged EXEC command before re-enabling MVR.

CSCdv28407

Applying VLAN access maps to a VLAN might cause frames to be forwarded between protected ports.

The workaround is to not apply VLAN maps to VLANs that include protected ports.

CSCdv32094

When the show snmp host privileged EXEC command is executed through the CMS, the browser output does not provide full information as does the CLI, making it impossible for you to configure some of the SNMP trap management features.

The workaround is to enter the show snmp host privileged EXEC command from the CLI to display the full information and to use the snmp commands to configure the features.

CSCdv34017

Pause frame counters are not displayed with the show interfaces interface-id privileged EXEC command.

The workaround is to display pause frame counters by using the show controllers ethernet-controller interface-id privileged EXEC command.

CSCdv34376

When the internal power supply of the Catalyst 3550 switch fails and the RPS is providing power to the switch, the RPS LED flashes green. This is incorrect, and it should flash amber.

When the RPS is backing up another switch and is not available to the Catalyst 3550 switch, the RPS LED flashes amber. This is incorrect, and it should flash green.

There is no workaround.

CSCdv42163

When IGMP snooping or MVR is enabled, non-IP packets with a destination MAC address matching the multicast group address are forwarded as IP packets. If the multicast VLAN belongs to a bridge group, non-IP packets might be forwarded to the receiver ports instead of being fallback bridged within the bridge group.

The workaround is to not apply a bridge group to a multicast VLAN or to a VLAN that has IGMP snooping enabled.

CSCdv46631

If you apply a policy map to an interface and then change the interface to the trust DSCP state by using the trust dscp policy-map class configuration command, the DSCP and CoS values in the packets received from that interface cannot be trusted.

The workaround is to always remove the policy map from the interface by using the no service-policy interface configuration command before configuring the trust state of the interface.

CSCdv46715

If you configure a trunk port for DTP nonegotiate mode and change the encapsulation type from ISL to 802.1Q by using the switchport trunk encapsulation interface configuration command, the port becomes an access port and is no longer trunking.

There is no workaround.

CSCdv47319

The switch might fail while deleting 7000 multicast routes with the maximum number of SVIs supported by the SDM access template.

There is no workaround.

CSCdv47727

If you use the SNMP get operation to retrieve the portIfIndex object in CISCO-STACK-MIB, the switch does not return the correct value for GBIC ports. Instead, it always returns the value zero.

The workaround is to use the show interfaces status privileged EXEC command to determine the portIfIndex of the GBIC interfaces on the switch.

CSCdt48614

The configurations for the tunnel keywords and commands related to IP multicasting and the track keyword related to the Hot Standby Router Protocol (HSRP) are not kept properly after rebooting the switch. If these configurations reference routed ports, the configuration is not applied after reboot.

There is no workaround.

CSCdv50452

Although the Catalyst 3550 switch does not support QoS policy maps on virtual interfaces such as a port channel or a VLAN interface, the switch software allows you to apply a policy map to a virtual interface.

There is no workaround. Do not apply a QoS policy map to a virtual interface.

CSCdv51072

You cannot use SNMP to set the port priority, path cost, or Spanning Tree Protocol (STP) enable MIB objects in CISCO-BRIDGE-MIB.

The workaround is use the spanning-tree port-priority interface configuration command to set the port priority, the spanning-tree [vlan vlan-id] cost interface configuration command to set the path cost, and the [no] spanning-tree vlan vlan-id global configuration command to disable or enable STP on a VLAN.

CSCdt51254

If you try to configure an ACL that uses the log keyword, an error is displayed, and a match none statement is added to the show class-map class-map-name display. Not only does the match none statement make the ACL useless, but any previously entered match commands for the same class map are not retained.

The workaround is to re-enter the old ACL without the log keyword.

CSCdv52460

When using cross-stack UplinkFast (CSUF), temporary spanning tree loops might occur when the switches in the stack first receive bridge protocol data units (BPDUs) from a new root switch that is not a member of the stack, or when the BPDUs from an old root switch age out without any loss of link or other loss of connectivity between any of the switches in the stack and the immediate neighbor switches of the stack.

The workaround is to disable CSUF by using the no spanning-tree stack-port interface configuration command.

CSCdv53183

If you configure a bridge group on VLAN interfaces or routed ports without configuring the global bridge protocol, data packets will be forwarded within the bridge group with STP disabled, which could result in potential loops in the network.

The workaround is to always enter the bridge bridge-group protocol vlan-bridge global configuration command before applying the bridge group to VLAN interfaces or routed ports.

CSCdv53258

If you configure a static forwarding address on a VLAN that is a member of a bridge group before you configure the global bridge protocol for the bridge group, traffic is forwarded to only the trunk ports but not the access ports in that VLAN.

The workaround is to always enter the bridge bridge-group protocol vlan-bridge global configuration command before applying the bridge group to VLAN interfaces and configuring static forwarding addresses.

CSCds55220

If you configure the DHCP server to allocate addresses from a pool to the switch, two devices on the network might have the same IP address. Pooled addresses are temporarily allocated to a device and are returned to the pool when not in use. If you save the configuration file after the switch receives such an address, the pooled address is saved, and the switch does not attempt to access the DHCP server after a reboot to receive a new IP address. As a result, two devices might have the same IP address.

The workaround is to make sure that you configure the DHCP server with reserved leases that are bound to each switch by the switch hardware address.

CSCdu55510

The Cisco BRIDGE-MIB extension that manages multiple spanning-tree instances by using community string indexing does not work on the Catalyst 3550 switch.

There is no workaround for this problem.

CSCdv59356

When you use the setup program during initial installation, all the ports are administratively shut down when you exit the setup program, making it impossible to access the switch without manually bringing up the ports.

The workaround after exiting the setup program is to bring up all of the ports on the switch by entering the interface range port-range global configuration command (for example, interface range gigabitethernet0/1 - 12) and then the no shutdown command in the interface range subconfiguration mode.

CSCdv59364

If you use the setup program for initial configuration and set an IP address for a specific port (making it a router port and not a switch port), the setup program does not write the no switchport mode access interface configuration command to the configuration file, making the port unusable without manual reconfiguration.

The workaround is to not use the setup program for configuring routed ports. Always enter no when prompted with the Configure IP on this interface? message.

CSCdv61129

The CSUF feature uses a special protocol to quickly advise all stack members of spanning-tree changes on individual stack members. Even though CSUF receives configuration information, the hello timer and the message age timer are not being started. If the hello timer is not started when one of the stack members becomes the root switch of the spanning tree, then periodic hellos are not sent through the network, resulting in an unstable spanning-tree configuration. If the message age timer is not started, then one of the switches in the stack might treat a configuration message from an old root that is no longer present in the network as the correct configuration message. The message is counted as received on the stack port, and because the switch does not receive messages from this root on any other port, it does not block any other port even if it is necessary to break a loop in the network.

Because the hello timer is not started, excessive numbers of new root traps are sent and possible spanning-tree loops might occur. Because the message age timer is not started, possible spanning-tree loops might occur.

The workaround for the hello timer problem is to design the network so that no network partition leaves any of the stack switches connected to a switch outside of the stack or causes a switch in the stack to become the root bridge. Another workaround is to disable CSUF by using the no spanning-tree stack-port interface configuration command.

The workaround for the message age timer problem is to disable CSUF by using the no spanning-tree stack-port interface configuration command. You can also clear the condition without rebooting the switch by shutting down the affected stack port by using the shutdown interface configuration command and then re-enabling it.

CSCdv61405

If UplinkFast is enabled and all physical ports that can receive BPDUs from the root bridge of the spanning tree gain link within the same short period of time (such as when a neighboring switch that multiple uplinks connect to is rebooted), temporary spanning-tree loops might occur. These uplink ports do not need to be directly connected to the root bridge; they might also indirectly learn about the root bridge from other bridges in the network. The short period of time during which the vulnerability occurs is approximately 5 to 10 seconds.

The workaround is to not make multiple uplink connections to the same neighboring switch. You can group the multiple physical links together into a single EtherChannel, which will behave as a single port for spanning-tree purposes. You can also disable UplinkFast by using the no spanning-tree uplinkfast global configuration command.

CSCdt62226

You might see this message, where dec represents an internal implementation value in hexadecimal: 

ETHCNTR-3-UNEXPECTED_EVENT: Request [dec] encountered event 1 in state 2

The workaround is to ignore this message; switch operation is not affected.

CSCdt63480

Configuring too many multicast groups might result in an extremely low memory condition and cause the software control data structure to go out of sync, resulting in unpredictable forwarding behavior. The memory resources can only be recovered by issuing the clear ip mroute privileged EXEC command.

To prevent this situation, do not configure more than the recommended multicast routes on the switch.

CSCdv64589

You cannot configure the cluster SNMP traps by using the snmp-server host global configuration command through the CLI, and you cannot monitor SNMP traps for the cluster on the Catalyst 3550 switch.

There is no workaround.

CSCdt67895

The Catalyst 3550 switch does not send topology change and newRoot trap messages.

There is no workaround for this problem.

CSCdv73411

If an active QoS ACL is changed, or an active class map is changed to use a different ACL when the QoS ternary content addressable memory (TCAM) region is nearly full, the QoS ACL entries in the TCAM might get corrupted. As a result, ACL-based QoS classification might not behave correctly on the Catalyst 3550 switch.

The workaround for this problem is before changing the ACL or the class map, use the no service-policy interface configuration command to detach the affected policy map from all interfaces that have the policy map applied. After the ACL or the class map is changed, re-apply the policy map using the service-policy interface configuration command.

CSCdv77415

If a stack contains some members that are Catalyst 3550 switches, and other members that are Catalyst 2900 XL, 3500 XL, or 2950 switches running a version of IOS Release 12.0, the cross-stack UplinkFast transitions only occur on the management VLAN of the Catalyst 2900 XL, 3500 XL, or 2950 switches. All other VLANs on the stack port undergo slow STP transitions.

There is no workaround.

CSCdt78727

When configuring an EtherChannel between a Catalyst 3550 and a Catalyst 1900 switch, some of Catalyst 3550 links in the EtherChannel might go down, but one link in the channel remains up, and connectivity is maintained.

The workaround is to disable the Port Aggregation Protocol (PAgP) on both devices by using the channel-group channel-group-number mode on interface configuration command. PAgP negotiation between these two devices is not reliable.

CSCdt79172

When the switch is operating with equal-cost routes and it is required to learn more unicast routes than it can support, the CPU might run out of memory and the switch might fail.

The workaround is to remain within the documented recommended and supported limits.

CSCdv82135

The switch can support a policer traffic rate up to 1,000,000,000 bps even though the help string for the police rate-bps burst-byte [exceed-action {drop | policed-dscp-transmit}] policy-map class configuration command shows the traffic-rate range as 8,000 to 2,000,000,000.

The switch can support a policer burst size up to 2,000,000 bytes even though the help string for the police rate-bps burst-byte [exceed-action {drop | policed-dscp-transmit}] policy-map class configuration command shows the burst-size range as 8,000 to 512,000,000.

Any traffic rate configured larger than 1,000,000,000 bps and any burst size configured larger than 2,000,000 bytes leads to inaccurate policing operation.

The workaround is to not configure policer traffic rate larger than 1,000,000,000 bps and to not configure the policer burst size larger than 2,000,000 bytes on the switch.

CSCdt85647

Debug messages do not always get logged. If you enter the logging synchronous line configuration command on the console line and then log out or disconnect from the console, when the console's synchronous message queue fills up, all logging to all destinations ceases.

You can use any one of these workarounds:

Do not enter the logging synchronous command on the console.

Disable logging to the console.

Do not disconnect from the console; always remain logged in.

CSCdu87797

If Catalyst 3550 GBIC ports containing GigaStack GBICs are configured as routed ports with EtherChannel group assignments, they might not correctly join the channel group.

GigaStack GBICs are not supported as EtherChannel group members on the Catalyst 3550 switch. The workaround is to not configure channel-group settings on interfaces containing GigaStack GBICs.

CSCdu88934

If the Enhanced Interior Gateway Routing Protocol (EIGRP) is enabled and configured on the switch and the maximum number of supported routes are operating, disabling EIGRP routing by using the no router eigrp global configuration command might cause the switch to reset.

The workaround is to not shut down the EIGRP routing process after it has been configured.

CSCdr90575

Spurious output appears on the console part way through the setup program. Sometimes keyboard inputs must be entered several times before they are accepted, making the setup program almost unusable.

The workaround is to not use the setup program. When the switch is powered up, enter no when prompted with the Would you like to enter the initial configuration dialog? [yes/no] message. You might have to enter no several times to exit from the setup program.

Open Cluster Caveats

There are no open severity 3 cluster configuration caveats.

Open Cluster Management Suite Caveats

This section describes the severity 3 CMS configuration caveats:

CSCds29230

CMS performance degrades if the Topology View is open for several hours on a Solaris machine. The cause might be a memory leak.

The workaround is to close the browser, reopen it, and launch CMS again.

CSCdv35455

If you select multiple FastEthernet ports on a Catalyst 3550 switch, the speed of 1000 Mbps is shown as an option in the Modify Port Settings window. Ignore this speed option.

CSCdv36309

If you change the Policed DSCP table in the QoS Maps window and apply the changes, the table entries are not correctly updated on the device.

The workaround is to use the CLI to change the Policed DSCP table.

CSCdv37429

The burst rate and burst size that you request with the QoS wizard appear to be configured incorrectly if you display them in the Policy Details window.

There is no workaround. The values are configured on the device as you requested; this is a display problem.

CSCdv57881

You cannot modify the multicast groups that are shown in the IGMP Snooping window.

The workaround is to delete the group that you want to modify and then recreate it with the change that you want.

CSCdt60328

If you enable the STP BPDU guard feature on a switch, also enable Port Fast on a port that connects to that switch, and then disconnect and reconnect that switch, you cannot refresh the GUI.

The workaround is to disable Port Fast, and then shut down and re-enable the port by using the CLI.

CSCdt61586

The device manager does not launch properly if the HTTP port for the command switch is other than 80.

The workaround is to launch the device manager manually by entering the URL. For example, to view cluster member 1 by using HTTP port 5000, you would enter:

http://nnn.nnn.nnn.nnn:5000/es1/homepage.htm

CSCdu69526

You cannot use CMS to configure dynamic-access ports on Catalyst 2900 XL switches that run the IOS Release 11.2(8.6)SA6.

The workaround is to use the CLI to configure dynamic-access ports on these devices.

CSCdt79358

If you select an HSRP group in the Router Redundancy window and click Delete, the group is not deleted but changes to a disabled state. To delete the group, you must click Delete again.

There is no workaround.

CSCdu79932

If you try to enable Port Fast on an interface that does not accept it—a trunk port, for example—no message warns you that Port Fast was not enabled.

There is no workaround.

CSCds80920

If you are printing a Topology View or Front Panel View that contains many devices and are running Solaris 2.6 with JDK1.2.2, you might get an Out of Memory error message.

The workaround is to close the browser, re-open it, and launch CMS again. Before you perform any other task, bring up the view you want to print, and click Print in the CMS menu.

CSCdt89722

When you perform these actions, you sometimes cannot display a popup menu in the Front Panel view: launch the Front Panel view, browse a non-CMS page, use the browser's Back button, and launch the Front Panel view again.

The workaround is to close the browser, reopen it, and launch CMS again.

Resolved Caveats

This section describes caveats that have been resolved:

"Resolved IOS Caveats" section

"Resolved Cluster Caveats" section

"Resolved Cluster Management Suite Caveats" section

Resolved IOS Caveats

All of these severity 3 IOS configuration caveats are resolved in Release 12.1(6)EA1:

CSCdu01957

The time-range option in the access-list access-list-number {deny | permit} global configuration command now works on QoS classification.

CSCdu10704

When routed ports are grouped into an EtherChannel and a single physical interface in the EtherChannel is shut down by administrative command, all packets received on the remaining ports of that EtherChannel are now routed in hardware rather than in software.

CSCdt11329

The speed interface configuration command now has keywords to force the speed to 1000 Mbps.

CSCdu11973

If dynamic trunking is enabled on the physical interfaces that make up a port channel, the physical interfaces in the port channel are now put into the correct access VLAN, eliminating connectivity problems and preventing packets from being forwarded into the wrong VLAN.

CSCdv13157

The Catalyst 3550 switch now creates a crashinfo file that saves information that helps Cisco technical support representatives debug problems that caused the IOS image to fail (crash). The switch writes the crash information to the console at the time of the failure, and the file is created the next time you boot the IOS image after the failure. You can provide this information to the Cisco technical support representative by using the show tech-support privileged EXEC command.

All crashinfo files are kept in the same directory on the Flash file system as follows:

flash:/crashinfo/crashinfo_n, where n is a sequence number.

CSCdt39109

When copying the SVI configuration to a Layer 3 (routed) port, you no longer see this message: 

SYS-3-MGDTIMER: Running timer, init, timer = 116FB7C

CSCdt43859

When a VLAN in the VTP database has been deleted or disabled, the show interface privileged EXEC command now correctly displays the status for the ports in the VLAN as down.

CSCdv52104

If a switch running cross-stack UplinkFast is receiving BPDUs from the root on multiple ports, and the root configuration message ages out on the root port before it has aged out on all of the blocking ports, the switch no longer undergoes an UplinkFast transition that causes a temporary spanning-tree loop.

CSCdt55808

While toggling between the no switchport and switchport interface configuration commands, you no longer see this message: 

SM-4-BADEVENT: Event linkup is invalid for the current state dtp

CSCdt57901

When you configure the Hot Standby Router Protocol (HSRP) and enter the standby priority interface configuration command, you are no longer forced to enter the preempt keyword, which had prevented you from forcing a change between two routers or command switches in HSRP mode.

CSCdt61708

If a GBIC in the Catalyst 3550 switch is connected to another GBIC that does not support autonegotiation, you can now disable autonegotiation on 1000BASE-SX, -LX, and -ZX GBICs by using the speed nonegotiate interface configuration command. However, Gigastack GBICs and 1000BASE-T GBICs do not support the disabling of autonegotiation.

CSCdu63688

Enabling BPDU debug by using the debug spanning-tree bpdu privileged EXEC command no longer causes the switch to fail or possibly to reset.

CSCdt65803

The ip default-network network number global configuration command now works properly and adds a default network. It no longer adds a static route that cannot be deleted later.

CSCdu79051

A large number of multicast routes no longer causes the switch to reset due to a low-memory condition.

CSCdu79905

When the switch is operating in Layer 3 mode and you change the IP address of an interface, the old static route is now removed from the Cisco Express Forwarding (CEF) table, and the old IP address can be used again for other interfaces. The route for the newly entered IP address is populated into the CEF table and functions properly.

CSCdt79987

If a Catalyst 1900 switch and a Catalyst 3550 switch are connected through an EtherChannel port group, a Catalyst 3550 port in the group no longer shuts down because of a falsely detected loopback condition.

CSCdu80687

If a Catalyst 3550 switch in Layer 3 mode exceeds the recommended number of unicast MAC addresses, unicast routes, and multicast routes, a TCAM overflow results. Entering a clear arp privileged EXEC command no longer causes the switch to reset.

CSCdu81118

When the switch is in Layer 3 mode and routing with Enhanced Interior Gateway Routing Protocol (EIGRP), enabling EtherChannel and creating a port channel no longer increases the delay metric for the EIGRP route to a large value, thus making it unavailable as the preferred route.

CSCdt82690

An EtherChannel group between the Catalyst 3550 and another device that supports EtherChannel no longer is erroneously shut down on the Catalyst 3550 side because the Catalyst 3550 reported a detected loopback condition when there is actually no loopback situation.

CSCdt95414

When IP traffic is redirected for some reason, the IP redirects cache now ages out, and the switch relearns the original route to the destination.

CSCdt97404

If a GBIC port is disabled, either through an administrative command or because an error has been detected (loopback detection, UDLD, and so on), the switch now correctly shuts down the link on the GBIC port.

Resolved Cluster Caveats

All of these severity 3 cluster configuration caveats are resolved in Release 12.1(6)EA1:

CSCds20465

In a full 16-member cluster with a Catalyst 3550 command switch, if the command switch is continuously polled from the CMS network management application, HTTP requests no longer fail with a Premature end of file message. You no longer need to close the browser and reopen it.

CSCdt60520

When both the active command-switch and the standby command-switch are Catalyst 3550 switches, HSRP priority changes on the command switch are now supported.

CSCdt64048

If there are more than two Catalyst 1900 or Catalyst 2820 switches in a cluster with the Catalyst 3550 as the command switch, the cluster no longer loses network connectivity when the CMS continuously polls the Catalyst 1900 or Catalyst 2820 switches.

CSCdt67153

If there are redundant paths from a cluster command-switch to a cluster candidate, and one of the paths goes through a routed port, the command switch always uses the routed port path, and subsequent candidates are now discovered on the correct VLAN.

CSCdu73440

When you use the cluster standby-group name global configuration command to bind an HSRP group to a cluster with the same name before you enable the cluster command switch, the cluster configuration is no longer lost.

Resolved Cluster Management Suite Caveats

All of these severity 3 Cluster Management Suite caveats are resolved in Release 12.1(6)EA1:

CSCdu01104

When you add a cluster member and remove a cluster member in quick succession, the Front Panel view now shows the replacement.

CSCdu02133, CSCdu03253, CSCdt90554

You can now use the Modify VLAN window to modify VLAN settings.

CSCdu04736

When you create a standby command group and then click Remove Group, the entire group is consistently removed.

CSCdu07231

If the command switch is a Catalyst 3550 switch that is running Release 12.1(4)EA1b, you can now use CMS on the command switch to upgrade software on Catalyst 2900 XL switches with only 4 MB of RAM.

CSCdu08110

EtherChannel links between Catalyst 3550 switches are now displayed correctly on the Topology view. These links no longer appear as multiple links (two separate lines).

CSCdu09588

Link reports now contain full and correct information when they are launched for a link to a device that has an STP-blocked link.

CSCdu10411

You can now change the VLAN mode of a port from a dynamic-access or static-access state to a trunk state.

CSCdu22344

When you select an extended ACL and click Modify or Details in the ACL window, the displayed ACE list is now consistently accurate.

CSCdv33121

In the Create VLAN and Modify VLAN windows, you can now enter a maximum transmission unit (MTU) size of as little as 576 bytes.

CSCdt66690

The inventory report now shows IP addresses for Catalyst 3550 switches.

CSCdt68402

When you request a routing table report from the Router Reports window, the report now shows all default routes.

CSCdt68799

When you apply changes to the Unknown MACs tab of the Flooding Control window and the device is a Catalyst 2950 switch, you no longer receive an error message.

CSCdt69599

The Max. update Rate field on the Uplink Fast tab of the STP window no longer shows that you can enter a value of up to 65535 packets per second.

CSCdt71640

Link graphs now show the total number of errors and total number of packets dropped on a link at each polling interval.

CSCdt72652

A default network other than 0.0.0.0 in the IP Routing window no longer prevents an IP address from appearing in the Default Router IP field.

CSCdt73251

A link report no longer halts if it is for a link that is configured as a trunk on a switch with more than 250 VLANs.

CSCdt75783

You can now use CMS to configure Protected Port on Catalyst 2950 switches.

CSCdt76817

The UplinkFast tab of the STP window now recognizes the stackable GBIC connector type.

CSCdt76918

When you enter a process ID (as part of the task of adding an IGRP, EIGRP, or OSPF network), the validity of the ID is now checked. For OSPF, the validity of the area value is now checked as well.

CSCdu79951

When a Catalyst 3550 switch is operating in Layer 3 mode, entering a clear adjacency privileged EXEC command no longer causes possible memory corruption or switch failure.

CSCdt82846

When you select an interface to be a monitor port in the SPAN window, the message Error: SPAN Grouped port cannot be a monitor port is no longer displayed when the interface is not in any port group.

CSCdt87058

In the Topology view, you can now display a link report for an EtherChannel.

CSCdt97265

Including a Catalyst 2820 switch with an FDDI Fiber SAS module in the cluster no longer prevents the Front Panel view from displaying the switches in the cluster.

Related Documentation

These documents provide complete information about the switch and are available from this Cisco.com site:

http://www.cisco.com/univercd/cc/td/doc/product/lan/c3550/index.htm

You can order printed copies of documents with a DOC-xxxxxx= number from the Cisco.com sites and from the telephone numbers listed in the "Ordering Documentation" section.

Catalyst 3550 Multilayer Switch Software Configuration Guide (order number DOC-7811194=)

Catalyst 3550 Multilayer Switch Command Reference (order number DOC-7811195=)

Catalyst 3550 Multilayer Switch System Message Guide (order number DOC-7811196=)

Cluster Management Suite (CMS) online help (available only from the switch CMS software)

Catalyst 3550 Multilayer Switch Hardware Installation Guide (order number DOC-7811358=)

1000BASE-T Gigabit Interface Converter Installation Note (not orderable but is available on Cisco.com)

Catalyst GigaStack Gigabit Interface Converter Hardware Installation Guide (order number DOC-786460=)

Obtaining Documentation

The following sections explain how to obtain documentation from Cisco Systems.

World Wide Web

You can access the most current Cisco documentation on the World Wide Web at the following URL:

http://www.cisco.com

Translated documentation is available at the following URL:

http://www.cisco.com/public/countries_languages.shtml

Documentation CD-ROM

Cisco documentation and additional literature are available in a Cisco Documentation CD-ROM package, which is shipped with your product. The Documentation CD-ROM is updated monthly and may be more current than printed documentation. The CD-ROM package is available as a single unit or through an annual subscription.

Ordering Documentation

Cisco documentation is available in the following ways:

Registered Cisco Direct Customers can order Cisco product documentation from the Networking Products MarketPlace:

http://www.cisco.com/cgi-bin/order/order_root.pl

Registered Cisco.com users can order the Documentation CD-ROM through the online Subscription Store:

http://www.cisco.com/go/subscription

Nonregistered Cisco.com users can order documentation through a local account representative by calling Cisco corporate headquarters (California, USA) at 408 526-7208 or, elsewhere in North America, by calling 800 553-NETS (6387).

Documentation Feedback

If you are reading Cisco product documentation on the World Wide Web, you can send us your comments by completing the online survey. When you display the document listing for this platform, click Give Us Your Feedback.

You can e-mail your comments to bug-doc@cisco.com.

To submit your comments by mail, use the response card behind the front cover of your document, or write to the following address:

Cisco Systems, Inc.
Attn: Document Resource Connection
170 West Tasman Drive
San Jose, CA 95134-9883

We appreciate your comments.

Obtaining Technical Assistance

Cisco provides Cisco.com as a starting point for all technical assistance. Customers and partners can obtain documentation, troubleshooting tips, and sample configurations from online tools by using the Cisco Technical Assistance Center (TAC) Web Site. Cisco.com registered users have complete access to the technical support resources on the Cisco TAC Web Site.

Cisco.com

Cisco.com is the foundation of a suite of interactive, networked services that provides immediate, open access to Cisco information, networking solutions, services, programs, and resources at any time, from anywhere in the world.

Cisco.com is a highly integrated Internet application and a powerful, easy-to-use tool that provides a broad range of features and services to help you to

Streamline business processes and improve productivity

Resolve technical issues with online support

Download and test software packages

Order Cisco learning materials and merchandise

Register for online skill assessment, training, and certification programs

You can self-register on Cisco.com to obtain customized information and service. To access Cisco.com, go to the following URL:

http://www.cisco.com

Technical Assistance Center

The Cisco TAC is available to all customers who need technical assistance with a Cisco product, technology, or solution. Two types of support are available through the Cisco TAC: the Cisco TAC Web Site and the Cisco TAC Escalation Center.

Inquiries to Cisco TAC are categorized according to the urgency of the issue:

Priority level 4 (P4)—You need information or assistance concerning Cisco product capabilities, product installation, or basic product configuration.

Priority level 3 (P3)—Your network performance is degraded. Network functionality is noticeably impaired, but most business operations continue.

Priority level 2 (P2)—Your production network is severely degraded, affecting significant aspects of business operations. No workaround is available.

Priority level 1 (P1)—Your production network is down, and a critical impact to business operations will occur if service is not restored quickly. No workaround is available.

Which Cisco TAC resource you choose is based on the priority of the problem and the conditions of service contracts, when applicable.

Cisco TAC Web Site

The Cisco TAC Web Site allows you to resolve P3 and P4 issues yourself, saving both cost and time. The site provides around-the-clock access to online tools, knowledge bases, and software. To access the Cisco TAC Web Site, go to the following URL:

http://www.cisco.com/tac

All customers, partners, and resellers who have a valid Cisco services contract have complete access to the technical support resources on the Cisco TAC Web Site. The Cisco TAC Web Site requires a Cisco.com login ID and password. If you have a valid service contract but do not have a login ID or password, go to the following URL to register:

http://www.cisco.com/register/

If you cannot resolve your technical issues by using the Cisco TAC Web Site, and you are a Cisco.com registered user, you can open a case online by using the TAC Case Open tool at the following URL:

http://www.cisco.com/tac/caseopen

If you have Internet access, it is recommended that you open P3 and P4 cases through the Cisco TAC Web Site.

Cisco TAC Escalation Center

The Cisco TAC Escalation Center addresses issues that are classified as priority level 1 or priority level 2; these classifications are assigned when severe network degradation significantly impacts business operations. When you contact the TAC Escalation Center with a P1 or P2 problem, a Cisco TAC engineer will automatically open a case.

To obtain a directory of toll-free Cisco TAC telephone numbers for your country, go to the following URL:

http://www.cisco.com/warp/public/687/Directory/DirTAC.shtml

Before calling, please check with your network operations center to determine the level of Cisco support services to which your company is entitled; for example, SMARTnet, SMARTnet Onsite, or Network Supported Accounts (NSA). In addition, please have available your service agreement number and your product serial number.

This document is to be with the document listed in the "Related Documentation" section.

AccessPath, AtmDirector, Browse with Me, CCIP, CCSI, CD-PAC, CiscoLink, the Cisco Powered Network logo, Cisco Systems Networking Academy, the Cisco Systems Networking Academy logo, Cisco Unity, Fast Step, Follow Me Browsing, FormShare, FrameShare, IGX, Internet Quotient, IP/VC, iQ Breakthrough, iQ Expertise, iQ FastTrack, the iQ Logo, iQ Net Readiness Scorecard, MGX, the Networkers logo, ScriptBuilder, ScriptShare, SMARTnet, TransPath, Voice LAN, Wavelength Router, and WebViewer are trademarks of Cisco Systems, Inc.; Changing the Way We Work, Live, Play, and Learn, and Discover All That's Possible are service marks of Cisco Systems, Inc.; and Aironet, ASIST, BPX, Catalyst, CCDA, CCDP, CCIE, CCNA, CCNP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, the Cisco IOS logo, Cisco Press, Cisco Systems, Cisco Systems Capital, the Cisco Systems logo, Empowering the Internet Generation, Enterprise/Solver, EtherChannel, EtherSwitch, FastHub, FastSwitch, GigaStack, IOS, IP/TV, LightStream, MICA, Network Registrar, Packet, PIX, Post-Routing, Pre-Routing, RateMUX, Registrar, SlideCast, StrataView Plus, Stratm, SwitchProbe, TeleRouter, and VCO are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the U.S. and certain other countries.

All other trademarks mentioned in this document or Web site are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (0110R)

Copyright © 2001, Cisco Systems, Inc.
All rights reserved.