Table Of Contents
Release Notes for the Catalyst 4900 Series Switch, Cisco IOS Release 12.2(53)SG
Cisco IOS Software Packaging for the Cisco Catalyst 4900 Series
Catalyst 4900 Series Switch Cisco IOS Release Strategy
New Hardware Features in Release 12.2(53)SG
New Software Features in Release 12.2(53)SG
New Hardware Features in Release 12.2(52)SG
New Software Features in Release 12.2(52)SG
New Hardware Features in Release 12.2(50)SG2
New Software Features in Release 12.2(50)SG2
New Hardware Features in Release 12.2(50)SG1
New Software Features in Release 12.2(50)SG1
New Hardware Features in Release 12.2(50)SG
New Software Features in Release 12.2(50)SG
New Hardware Features in Release 12.2(46)SG
New Software Features in Release 12.2(46)SG
New Hardware Features in Release 12.2(44)SG
New Software Features in Release 12.2(44)SG
New Hardware Features in Release 12.2(40)SG
New Software Features in Release 12.2(40)SG
New Hardware Features in Release 12.2(37)SG
New Software Features in Release 12.2(37)SG
New Hardware Features in Release 12.2(31)SGA
New Software Features in Release 12.2(31)SGA
New Hardware Features in Release 12.2(31)SG
New Software Features in Release 12.2(31)SG
New Hardware Features in Release 12.2(25)SG
New Software Features in Release 12.2(25)SG
New Hardware Features in Release 12.2(25)EWA
New Software Features in Release 12.2(25)EWA
New Hardware Features in Release 12.2(25)EW
New Software Features in Release 12.2(25)EW
New Hardware Features in Release 12.2(20)EWA
New Software Features in Release 12.2(20)EWA
Upgrading the ROMMON from the Console
Upgrading the ROMMON Remotely Using Telnet
Upgrading the Cisco IOS Software
Open Caveats in Cisco IOS Release 12.2(53)SG1
Resolved Caveats in Cisco IOS Release 12.2(53)SG1
Open Caveats in Cisco IOS Release 12.2(53)SG
Resolved Caveats in Cisco IOS Release 12.2(53)SG
Open Caveats in Cisco IOS Release 12.2(52)SG
Resolved Caveats in Cisco IOS Release 12.2(52)SG
Open Caveats in Cisco IOS Release 12.2(50)SG4
Resolved Caveats in Cisco IOS Release 12.2(50)SG4
Open Caveats in Cisco IOS Release 12.2(50)SG2
Resolved Caveats in Cisco IOS Release 12.2(50)SG2
Open Caveats in Cisco IOS Release 12.2(50)SG1
Resolved Caveats in Cisco IOS Release 12.2(50)SG1
Open Caveats in Cisco IOS Release 12.2(50)SG
Resolved Caveats in Cisco IOS Release 12.2(50)SG
Open Caveats in Cisco IOS Release 12.2(46)SG
Resolved Caveats in Cisco IOS Release 12.2(46)SG
Open Caveats in Cisco IOS Release 12.2(44)SG1
Resolved Caveats in Cisco IOS Release 12.2(44)SG1
Open Caveats in Cisco IOS Release 12.2(44)SG
Resolved Caveats in Cisco IOS Release 12.2(44)SG
Open Caveats in Cisco IOS Release 12.2(40)SG
Resolved Caveats in Cisco IOS Release 12.2(40)SG
Open Caveats in Cisco IOS Release 12.2(37)SG1
Resolved Caveats in Cisco IOS Release 12.2(37)SG1
Open Caveats in Cisco IOS Release 12.2(37)SG
Resolved Caveats in Cisco IOS Release 12.2(37)SG
Open Caveats in Cisco IOS Release 12.2(31)SGA10
Resolved Caveats in Cisco IOS Release 12.2(31)SGA10
Open Caveats in Cisco IOS Release 12.2(31)SGA9
Resolved Caveats in Cisco IOS Release 12.2(31)SGA9
Open Caveats in Cisco IOS Release 12.2(31)SGA8
Resolved Caveats in Cisco IOS Release 12.2(31)SGA8
Open Caveats in Cisco IOS Release 12.2(31)SGA7
Resolved Caveats in Cisco IOS Release 12.2(31)SGA7
Open Caveats in Cisco IOS Release 12.2(31)SGA6
Resolved Caveats in Cisco IOS Release 12.2(31)SGA6
Open Caveats in Cisco IOS Release 12.2(31)SGA5
Resolved Caveats in Cisco IOS Release 12.2(31)SGA5
Open Caveats in Cisco IOS Release 12.2(31)SGA4
Resolved Caveats in Cisco IOS Release 12.2(31)SGA4
Open Caveats in Cisco IOS Release 12.2(31)SGA3
Resolved Caveats in Cisco IOS Release 12.2(31)SGA3
Open Caveats in Cisco IOS Release 12.2(31)SGA2
Resolved Caveats in Cisco IOS Release 12.2(31)SGA2
Open Caveats in Cisco IOS Release 12.2(31)SGA1
Resolved Caveats in Cisco IOS Release 12.2(31)SGA1
Open Caveats in Cisco IOS Release 12.2(31)SGA
Resolved Caveats in Cisco IOS Release 12.2(31)SGA
Open Caveats in Cisco IOS Release 12.2(31)SG2
Resolved Caveats in Cisco IOS Release 12.2(31)SG3
Open Caveats in Cisco IOS Release 12.2(31)SG2
Resolved Caveats in Cisco IOS Release 12.2(31)SG2
Open Caveats in Cisco IOS Release 12.2(31)SG1
Resolved Caveats in Cisco IOS Release 12.2(31)SG1
Open Caveats in Cisco IOS Release 12.2(31)SG
Resolved Caveats in Cisco IOS Release 12.2(31)SG
Open Caveats in Cisco IOS Release 12.2(25)SG4
Resolved Caveats in Cisco IOS Release 12.2(25)SG4
Open Caveats in Cisco IOS Release 12.2(25)SG3
Resolved Caveats in Cisco IOS Release 12.2(25)SG3
Open Caveats in Cisco IOS Release 12.2(25)SG2
Resolved Caveats in Cisco IOS Release 12.2(25)SG2
Open Caveats in Cisco IOS Release 12.2(25)SG1
Resolved Caveats in Cisco IOS Release 12.2(25)SG1
Open Caveats in Cisco IOS Release 12.2(25)SG
Resolved Caveats in Cisco IOS Release 12.2(25)SG
Open Caveats in Cisco IOS Release 12.2(25)EWA14
Resolved Caveats in Cisco IOS Release 12.2(25)EWA14
Open Caveats in Cisco IOS Release 12.2(25)EWA13
Resolved Caveats in Cisco IOS Release 12.2(25)EWA13
Open Caveats in Cisco IOS Release 12.2(25)EWA12
Resolved Caveats in Cisco IOS Release 12.2(25)EWA12
Open Caveats in Cisco IOS Release 12.2(25)EWA11
Resolved Caveats in Cisco IOS Release 12.2(25)EWA11
Open Caveats in Cisco IOS Release 12.2(25)EWA10
Resolved Caveats in Cisco IOS Release 12.2(25)EWA10
Open Caveats in Cisco IOS Release 12.2(25)EWA9
Resolved Caveats in Cisco IOS Release 12.2(25)EWA9
Open Caveats in Cisco IOS Release 12.2(25)EWA8
Resolved Caveats in Cisco IOS Release 12.2(25)EWA8
Open Caveats in Cisco IOS Release 12.2(25)EWA7
Resolved Caveats in Cisco IOS Release 12.2(25)EWA7
Open Caveats in Cisco IOS Release 12.2(25)EWA6
Resolved Caveats in Cisco IOS Release 12.2(25)EWA6
Open Caveats in Cisco IOS Release 12.2(25)EWA5
Resolved Caveats in Cisco IOS Release 12.2(25)EWA5
Open Caveats in Cisco IOS Release 12.2(25)EWA4
Resolved Caveats in Cisco IOS Release 12.2(25)EWA4
Open Caveats in Cisco IOS Release 12.2(25)EWA3
Resolved Caveats in Cisco IOS Release 12.2(25)EWA3
Open Caveats in Cisco IOS Release 12.2(25)EWA2
Resolved Caveats in Cisco IOS Release 12.2(25)EWA2
Open Caveats in Cisco IOS Release 12.2(25)EWA1
Resolved Caveats in Cisco IOS Release 12.2(25)EWA1
Open Caveats in Cisco IOS Release 12.2(25)EWA
Resolved Caveats in Cisco IOS Release 12.2(25)EWA
Open Caveats in Cisco IOS Release 12.2(25)EW
Resolved Caveats in Cisco IOS Release 12.2(25)EW
Open Caveats in Cisco IOS Release 12.2(20)EWA4
Resolved Caveats in Cisco IOS Release 12.2(20)EWA4
Open Caveats in Cisco IOS Release 12.2(20)EWA3
Resolved Caveats in Cisco IOS Release 12.2(20)EWA3
Open Caveats in Cisco IOS Release 12.2(20)EWA2
Resolved Caveats in Cisco IOS Release 12.2(20)EWA2
Open Caveats in Cisco IOS Release 12.2(20)EWA1
Resolved Caveats in Cisco IOS Release 12.2(20)EWA1
Open Caveats in Cisco IOS Release 12.2(20)EWA
Resolved Caveats in Cisco IOS Release 12.2(20)EWA
Troubleshooting at the System Level
Obtaining Documentation and Submitting a Service Request
Release Notes for the Catalyst 4900 Series Switch, Cisco IOS Release 12.2(53)SG
Current Release
12.2(53)SG1—November 13, 2009Previous Releases
12.2(53)SG, 12.2(52)SG, 12.2(50)SG4, 12.2(50)SG2, 12.1(50)SG1, 12.2(50)SG, 12.2(46)SG, 12.2(44)SG1, 12.2(44)SG, 12.2(37)SG1, 12..2(37)SG, 12.2(31)SGA10, 12.2(31)SGA9, 12.2(31)SGA8, 12.2(31)SGA7, 12.2(31)SGA6, 12.2(31)SGA5, 12.2(31)SGA4, 12.2(31)SGA3, 12.2(31)SGA2, 12.2(31)SGA1, 12.2(31)SGA, 12.2(31)SG3, 12.2(31)SG2, 12.2(31)SG1, 12.2(31)SG, 112.2(25)SG4, 2.2(25)SG3, 12.2(25)SG2, 12.2(25)SG1, 12.2(25)SG, 12.2(25)EWA14, 12.2(25)EWA13, 12.2(25EWA12, 12.2(25)EWA11, 12.2(25)EWA10, 12.2(25)EWA9, 12.2(25)EWA8, 12.2(25)EWA7, 12.2(25)EWA6, 12.2(25)EWA5, 12.2(25)EWA4, 12.2(25)EWA3, 12.2(25)EWA2, 12.2(25)EWA1, 12.2(25)EW, 12.2(20)EWA4, 12.2(20)EWA3, 12.2(20)EWA2, 12.2(20)EWA1, 12.2(20)EWAThese release notes describe the features, modifications, and caveats for the Cisco IOS software on the Catalyst 4900 series switch. The most current software release is Cisco IOS Release 12.2(53)SG.
The most current software release is Cisco IOS Release 12.2(53)SG. The most current release notes for this release is available on Cisco.com at this URL:
http://www.cisco.com/en/US/products/hw/switches/ps4324/prod_release_note09186a008062ff34.html
Note
Although their Release Notes are unique, the 4 platforms (Catalyst 4500, Catalyst 4900,
Catalyst ME 4900, and Catalyst 4900M) use the same Software Configuration Guide, Command Reference Guide, and System Message Guide. Refer to this location:
http://www.cisco.com/go/cat4500/docs
Contents
This publication consists of these sections:
•
•
•
•
Cisco IOS Software Packaging for the Cisco Catalyst 4900 Series
A new Cisco IOS Software package for Cisco Catalyst 4900 Series switches was introduced in Cisco IOS Software Release 12.2(25)SG. It is a new foundation for features and functionality and provides consistency across all Cisco Catalyst switches. The new Cisco IOS Software release train is designated as 12.2SG.
Prior Cisco Catalyst 4900 Series Cisco IOS Software images for the Cisco Catalyst 4900 Series Switches, formerly known as Basic Layer 3 and Enhanced Layer 3, now map to IP Base and Enterprise Services, respectively. All currently shipping Cisco Catalyst 4900 software features based on Cisco IOS Software are supported in the IP Base image of Release 12.2(44)SG with a few exceptions.
The IP Base image does not support enhanced routing features such as Nonstop Forwarding/Stateful Switchover (NSF/SSO), BGP, Enhanced Interior Gateway Routing Protocol (EIGRP), Open Shortest Path First (OSPF), Intermediate System-to-Intermediate System (IS-IS), Internetwork Packet Exchange (IPX), AppleTalk, Virtual Routing Forwarding (VRF-lite), GLBP, and policy-based routing (PBR). The IP Base image supports EIGRP-Stub for limited routing on Cisco Catalyst 4900 Series Switches.
The Enterprise Services image supports all Cisco Catalyst 4900 Series software features based on Cisco IOS Software, including enhanced routing. BGP capability is included in the Enterprises Services package.
Cisco IOS Release 12.2(52)SG introduced a LAN Base software image and an IP upgrade image for the fixed configuration switches, WS-X4948 and WS-X4948-10GE. These will complement the existing IP Base and Enterprise Services images. The LAN Base image is primarily focused on customer access and Layer 2 requirements and therefore many of the IP Base features are not required. An IP Upgrade image is available if later you require some of those features.
Figure 1 illustrates feature support within the 3 packages: LAN Base, IP Base, and Enterprise Services. This is not a detailed list. Please visit Feature Navigator for full package details:
http://tools.cisco.com/ITDIT/CFN/.Figure 1 Feature Support by Package
Table 1 contrasts feature support on the LAN Base vs IP Base images.
Note
Table 1 LAN Base/IP Base Image Support
10G Uplink Use
12.2(46)SG1 (with license)
Yes
802.1p prioritization
12.2(46)SG1
Yes
802.1p/802.1q
12.2(46)SG1
Yes
802.1w/802.1s
12.2(46)SG1
Yes
802.1X (w/ Guest VLAN and VLAN Assignment)
12.2(50)SG
Yes
802.1X and MAB with ACL assignment
12.2(50)SG
Yes
802.1X (Auth-Fail VLAN, Critical Auth, Accounting)
12.2(50)SG
Yes
802.1X Wake on LAN
12.2(50)SG
Yes
802.1X Web-Auth
12.2(50)SG
Yes
802.1X with Multiple authenticated, multi-host
12.2(50)SG
Yes
802.1X w/ MDA
12.2(50)SG
Yes
802.1X w/ Open Access
12.2(50)SG
Yes
802.3ad LACP
12.2(46)SG1
Yes
802.3x - Flow Control
12.2(46)SG1
Yes
ACL Logging
12.2(46)SG1
Yes
All Mibs (EBAY MiBs a priority)
12.2(52)SG
Yes
Auto QoS
12.2(53)SG
Yes
Auto-MDIX
12.2(46)SG1
Yes
Auto-Voice VLAN (part of Auto QoS)
No support
Yes
BOOTP
12.2(46)SG1
Yes
Bootup GOLD
No support
Yes
Broadcast Suppression
12.2(46)SG1
Yes
CDP/CDPv2
12.2(46)SG1
Yes
Community PVLAN support
No support
Yes
Config File
12.2(46)SG1
Yes
Console Access
12.2(46)SG1
Yes
Control Plane Policing
12.2(46)SG1
Yes
Copy Command
12.2(46)SG1
Yes
CoS to DSCP Map
Yes
Yes
Debug Commands
12.2(46)SG1
Yes
Device Management
12.2(46)SG1
Yes
DHCP Server
12.2(46)SG1
Yes
DHCP Snooping
12.2(46)SG1
Yes
Diagnostics Tools
12.2(46)SG1
Yes
Downloading Software
12.2(46)SG1
Yes
DSCP to CoS Map
12.2(46)SG1
Yes
DSCP to egress queue mapping
12.2(46)SG1
Yes
Dynamic ARP inspection
12.2(46)SG1
Yes
EEM and EOT integration
12.2(46)SG1
No
EIGRP Stub
No support
Yes
EnergyWise 1.0
12.2(53)SG
Yes
EPoE
12.2(53)SG
Yes
Event Log
12.2(46)SG1
Yes
Factory Default Settings
12.2(46)SG1
Yes
File Management
12.2(46)SG1
Yes
Flex Link
12.2(53)SG
Yes
GLBP
No support
Yes
HSRP/VRRP
No support
Yes
HSRP v2 IPV41
No support
Yes
HSRP v2 IPV62
No support
Yes
ID 4.0 Voice Vlan assignment
12.2(46)SG1
Yes
ID4.1 Filter ID and per use ACL
12.2(46)SG1
Yes
IGMP
12.2(46)SG1
Yes
IGMP Snooping
12.2(46)SG1
Yes
Ingress Policing
12.2(46)SG1
Yes
Interface Access (Telnet, Console/Serial, Web)
12.2(46)SG1
Yes
IP Source Guard
12.2(46)SG1
Yes
IP Multicast
No support
Yes
IPV6 reformation
NA
Yes
IPV6 MLD snooping V1 and V2
Future
Yes
ISL Trunk
12.2(46)SG1
Yes
ISSU
No support
Yes
Jumbo Frames
12.2(46)SG1
Yes
Layer 2 Debug
12.2(46)SG1
Yes
Layer 2 PT and QinQ
No support
Yes
Layer 2 Traceroute
12.2(46)SG1
Yes
LLDP/LLDP-MED
12.2(52)SG
Yes
Local Web Auth
12.2(52)SG
Yes
MAB (MAC Authentication Bypass)
12.2(50)SG
Yes
MAC Address Filtering
12.2(50)SG
Yes
MAC Based Access List
12.2(50)SG
Yes
Management IPV6 port
12.2(52)SG
Yes
MLD Snooping
12.2(53)SG
Yes
Multicast Filtering
12.2(46)SG1
Yes
Multihop SXP (CTS)
No support
12.2(52SG
No. of QoS Filters
No. of Security ACE
Yes (4K entries)
Yes
PAgP
12.2(46)SG1
Yes
Passwords
Password clear protection12.2(46)SG1
Yes
PIM SM/DM
No support
Yes
PoE (up to 15.4W only)
12.2(46)SG1
Yes
PoE+ Ready
Yes
Yes
Port Monitoring (interface Stats)
12.2(46)SG1
Yes
Port Security
12.2(46)SG1
Yes; only 1024 MACs
Post Status
12.2(46)SG1
Yes
PVST+
12.2(53)SG
Yes
Q-in-Q
No support
Yes
RACL (DSCP based)
12.2(46)SG1
Yes
RADIUS/TACACS+ (AAA)
12.2(46)SG1
Yes
RMON
12.2(46)SG1
Yes
Routing - RIP, Static
12.2(46)SG1
Yes
RPR
12.2(46)SG1
Yes
RPVST+
12.2(53)SG
Yes
RSPAN
12.2(46)SG1
Yes
Smart Call Home
No support
Yes
Smartports (Role based MACRO)
12/2(53)SG
Yes
SNMP (including SNMv3)
12.2(46)SG1
Yes
Source port Filtering (Private VLAN)
12.2(46)SG1
Yes
SPAN (# of sessions) - Port Mirroring
12.2(46)SG1 (2 sessions)
Yes (8 bidirectional sessions)
SSHv2/Secure Copy, FTP, SSL, Syslog, Sys Information
12.2(46)SG1
Yes
Storm Control
12.2(46)SG1
Yes
TDR
No support
Yes
Time Protocols (SNTP, TimeP)
12.2(46)SG1
Yes
Time-based ACL
12.2(46)SG1
Yes
Traffic Mirroring (SPAN)
12.2(46)SG1
Yes
Trusted Boundary (LLDP & CDP Based)
12.2(46)SG1
Yes
UDLD
12.2(46)SG1
Yes
VACL and PACL
12.2(46)SG1
Yes
Voice VLAN
12.2(46)SG1
Yes
VRRP
No support
Yes
VTP
12.2(46)SG1
Yes
WCCP
No support
Yes
1 Supported on all supervisor engines.
2 Supported only for Catalyst 4900M and Supervisor Engines 6-E/6L-E.
Note
Orderable Product Numbers:
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
Note
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
Catalyst 4900 Series Switch Cisco IOS Release Strategy
Customers with Catalyst 4900 series switches who need the latest hardware support and software features should migrate to Cisco IOS Release 12.2(53)SG.
For more information on the Catalyst 4900 series switches, visit the following URL:
www.cisco.com/univercd/cc/td/doc/product/lan/cat4000/index.htmCatalyst 4900 Series has three maintenance trains. The Cisco IOS Release 12.2(31)SGA train is the longest living train. Currently, the Cisco IOS Release 12.2(31)SGA10 is the recommended release for customers who require a release with a maintenance train. The Cisco IOS Release 12.2(53)SG is the latest maintenance train.
Cisco IOS Software Migration
Figure 2 displays the two active, 12.2(31)SGA and 12.2(50)SG, and newly introduced 12.2(53)SG extended maintenance trains.
Figure 2 Software Release Strategy for the Catalyst 4900 Series Switch
Summary of Migration Plan
•
•
Support
Support for Cisco IOS Software Release 12.2(53)SG follows the standard Cisco Systems® support policy, available at
http://www.cisco.com/en/US/products/products_end-of-life_policy.htmlFor more information about the Cisco Catalyst 4900 series switch, visit
http://www.cisco.com/en/US/products/ps6021/index.htmlSystem Requirements
This section describes the system requirements:
Supported Hardware
The following tables lists the hardware supported on the Catalyst 4900 series switch.
Table 2 Supported Hardware
GLC-BX-D
1000BASE-BX10-D small form-factor pluggable module
12.2(20)EWA
12.2(31)SGA8
GLC-BX-U
1000BASE-BX10-U small form-factor pluggable module
12.2(20)EWA
12.2(31)SGA8
GLC-SX-MM
1000BASE-SX small form-factor pluggable module
12.2(20)EWA
12.2(31)SGA8
GLC-LH-SM
1000BASE-LX/LH small form-factor pluggable module
12.2(20)EWA
12.2(31)SGA8
GLC-ZX-SM
1000BASE-ZX small form-factor pluggable module
12.2(20)EWA
12.2(31)SGA8
GLC-T
1000BASE-T small form-factor pluggable module
12.2(20)EWA
12.2(31)SGA8
CWDM-SFP-xxxx
CWDM small form-factor pluggable module (See Table 3 for a list of supported wavelengths.)
12.2(20)EWA
12.2(31)SGA8
X2-10GB-LR
10GBASE-LR single-mode X2 module
12.2(25)EWA
12.2(31)SGA8
X2-10GB-SR
10GBASE-SR single-mode X2 module
12.2(25)EWA
12.2(31)SGA8
X2-10GB-CX4
10GBASE-CX4 single-mode X2 module
12.2(25)EWA
12.2(31)SGA8
X2-10GB-LX4
10GBASE-LX4 single-mode X2 module
12.2(25)EWA
12.2(31)SGA8
X2-10GB-LRM
10GBASE-LRM single-mode X2 module
12.2(31)SGA
12.2(31)SGA3
X2-10GB-ER
10GBASE-ER single-mode X2 module
12.2(25)EWA
12.2(31)SGA8
X2-10GB-ZR
10GBASE-ZR X2 transceiver module for SMF, 1550 nm wavelength up to 80 km. DOM is not supported.
12.2(50)SG
12.2(50)SG
X2-10GB-DWDM
10GBASE-ZR X2 transceiver module for SMF, 32 nontunable ITU 100-GHz wavelengths up to 80 km are supported. DOM is supported. Dual SC/PC connectors are supported.
12.2(50)SG
12.2(50)SG
CVR-X2-SFP10G
Hot-swappable input/output (I/O) converter module that fits into a 10-Gigabit Ethernet X2 slot on a switch or line card module. Hosts one 10-Gigabit Ethernet SFP+ transceiver module.
12.2(50)SG
12.2(50)SG
Table 3 briefly describes the supported CWDM wavelengths in the Catalyst 4900 series switches.
Table 4 briefly describes the Catalyst 4900 product set.
Supported Features
Table 5 lists the Cisco IOS software features for the Catalyst 4900 series switch.
Table 5 Cisco IOS Software Feature Set for the Catalyst 4900 Series Switch
Storm control
Multicast storm control
IP Source Guard
IP Source Guard for Static Hosts
PVRST+
Layer 2 protocol tunneling
Layer 2 transparent bridging1
Layer 2 MAC2 learning, aging, and switching by software
Unicast MAC address filtering
VMPS3 Client
Layer 2 hardware forwarding up to 102 Mpps
Layer 2 switch ports and VLAN trunks
Spanning-Tree Protocol (IEEE 802.1D) per VLAN
802.1s and 802.1w
Layer 2 traceroute
Unidirectional Ethernet port
Per-VLAN spanning tree (PVST) and PVST+
Spanning-tree root guard
Spanning-tree Loop guard and PortFast BPDU Filtering
Support for 9216 byte frames
Port security on PVLANs
Private VLANs
Private VLAN DHCP snooping
Community PVLANs
Private VLAN Promiscuous Trunk
ISL
IEEE 802.1Q-based VLAN encapsulation
Multiple VLAN access port
VLAN Trunking Protocol (VTP) and VTP domains
VTP v3
Support for 4096 VLANs per switch
Unidirectional link detection (UDLD) and aggressive UDLD
Resilient Ethernet Protocol
Ethernet CFM
Ethernet OAM Protocol
802.1Q Tunneling (Q in Q)
QinQ and Protocol Tunneling
Pragmatic General Multicast
ANCP Client
Auto RP Listener
IP and IP multicast routing and switching between Ethernet ports
IP Multicast Load Splitting (Equal Cost Multipath (ECMP) using S, G and Next-hop)
Static IP routing
Classless routing4
PBR5
Dynamic Buffer Limiting
Selective Dynamic Buffer Limiting
QoS-based forwarding based on IP precedence
Trusted boundary
Auto QoS
Match CoS for non-IPV4 traffic
CoS Mutation
CEF6 load balancing
Hardware-based IP CEF routing at 102 Mpps
Up to 32,000 IP routes
Up to 32,000 IP host entries (Layer 3 adjacencies)
Up to 16,000 IP multicast route entries
Up to 55,000 unicast entries
Multicast flooding suppression for STP changes
Software routing of IPX, AppleTalk, and IPv6
IGMPv1, IGMPv2, and IGMPv3 (Full Support)
IGMP Querier
VRF-lite
VRF-aware IP services
Route Leaking7
IP Unnumbered
SVI Autostate Exclude
IS-IS8
DTP9
RIP10 and RIP II
EIGRP11
EIGRP stub
OSPF12
BGP413
BGP route-map Continue
BGP Neighbor Policy
MBGP14
MSDP15
ICMP16 Router Discovery Protocol
PIM17 —sparse and dense mode
Static routes
Classless interdomain routing (CIDR)
DVMRP18
SSM
NTP19
WCCPv2 Layer 2 Redirection
VRRP20
SCP21
GLBP22
Cisco EtherChannel technology - 10/100/1000 Mbps, 10 Gbps
Load balancing for routed traffic, based on source and destination IP addresses
Load sharing for bridged traffic based on MAC addresses
ISL on all EtherChannels
IEEE 802.1Q on all EtherChannels
Bundling of up to eight Ethernet ports
Up to 50 active Ethernet port channels
Trunk Port Security over EtherChannel
SPAN CPU port mirroring
SPAN packet-type filtering
SPAN destination in-packets option
SPAN ACL filtering
RSPAN23
Enhanced VLAN statistics
Secondary addressing
Bootstrap protocol (BOOTP)
Authentication, authorization, and accounting using TACACS+ and RADIUS protocol
Cisco Discovery Protocol (CDP)
CDP 2nd Port Status TLV
FlexLink and MAC Address-Table Move Update
Network Mobility Services Protocol
Link Layer Discovery Protocol (LLDP)
LLDP Media Discovery (LLDP-MED)
Sticky port security
Trunk port security
Voice VLAN Sticky Port Security
Cisco Group Management Protocol (CGMP) server support
HSRP24 over Ethernet, EtherChannels - 10/100/1000Mbps, 10 Gbps
IGMP25 snooping version1, version 2, and version 3 (Full Support)
IGMP filtering
Port Aggregation Protocol (PagP)
802.3ad LACP
SSH version 1 and version 226
show interface capabilities command
IfIndex persistence
UDLR27
Enhanced SNMP MIB support
SNMP28 version 1, version 2, and version 3
SNMP version 3 (with encryption)
DHCP server and relay-agent
DHCP snooping
DHCP client autoconfiguration
DHCP Option 82 Pass Through
802.1X port-based authentication
802.1X with port security
802.1X accounting
802.1X with voice VLAN ID29
802.1X private VLAN assignment
802.1X private guest VLAN
802.1X RADIUS-supplied session timeout
802.1X authentication failure VLAN
802.1X MAC Authentication Bypass
802.1X Inaccessible Authentication Bypass
802.1X Unidirectional Controlled Port
Flexible Authentication Sequencing
Multi-Authentication
Open Authentication
Web Authentication
Local Web Authentication (EPM syslog and Common session ID)
PPPoE Intermediate Agent
Control Plane Policing
Port flood blocking
Router standard and extended ACLs 30 on all ports with no performance penalty
Identity ACL Policy Enforcement31
Extended IPX ACL
VLAN ACL
PACL32
Downloadable ACLs
Local Proxy ARP
Dynamic ARP Inspection on PVLANs
Dynamic ARP Inspection
Per-port QoS33 rate-limiting and shaping
Per-port Per-VLAN QoS
Energy Wise
Power redundancy
Non-stop Forwarding Awareness
Non-stop Forwarding Awareness for EIGRP-stub in IP base for all supervisor engines
WCCP34 v2 Layer 2 Redirection
MAC Address Notification
SmartPort macros
802.1s standards compliance
IS-IS MIB
OSPF and EIGRP Fast Convergence
OSPF Fast Convergence
Time Domain Reflectometry
CNA35
EEM36
EEM with ISSU
VSS client with PagP+
Ethernet Management Port
IP SLA37
X2 Link Debounce Timer
Enhanced Object Tracking subfeatures:
•
•
•
•
•
Inactivity Timer
boot config command
Crashdump enhancement
Unicast MAC filtering
Smart Call Home
DHCPv6 Ethernet Remote ID option
DHCPv6 Relay - Persistent Interface ID option DHCPv6 Relay Agent notification for Prefix Delegation
PIM SSM Mapping
VRF lite NSF support with routing protocols OSPF/EIGRP/BG
Online Diagnostics
PIM Accept Register - Rogue Multicast Server Protection38
Configuration Rollback
Archiving crashfile information
1 Hardware-based transparent bridging within a VLAN
2 MAC = Media Access Control
3 VMPS = VLAN Management Policy Server
4 The ip classless command is not supported as classless routing is enabled by default.
5 PBR = policy-based routing
6 CEF = Cisco Express Forwarding
7 Route Leaking from a global routing table into a VRF and Route Leaking from a VRF into a global routing table
8 IS-IS = Intermediate System to Intermediate System
9 DTP = Dynamic Trunking Protocol
10 RIP = Routing Information Protocol
11 EIGRP = Enhanced Interior Gateway Routing Protocol
12 OSPF = Open Shortest Path First
13 BGP4 = Border Gateway Protocol 4
14 MBGP = Multicast Border Gateway Protocol
15 MSDP = Multicast Source Discovery Protocol
16 ICMP = Internet Control Message Protocol
17 PIM = Protocol Independent Multicast
18 DVMRP = Distance Vector Multicast Routing Protocol
19 NTP = Network Time Protocol
20 VRRP = Virtual Router Redundancy Protocol
21 SCP = Secure Copy Protocol
22 GLBP = Gateway Load Balancing Protocol
23 RSPAN = Remote SPAN
24 HSRP = Hot Standby Router Protocol
25 IGMP = Internet Group Management Protocol
26 SSH = Secure Shell Protocol
27 UDLR = Unidirectional Link Routing
28 SNMP = Simple Network Management Protocol
29 PoE is not supported on the Catalyst 4900 series switch.
30 ACLs = Access Control Lists
31 filter-ID and per-user ACL
32 PACL = Port Access Control List
33 QoS = Quality of Service
34 WCCP = Web Content Communication Protocol
35 CNA = Cisco Network Assistant; Minimum CNA release that supports Releases 12.2(25)EW is 1.0(2). Minimum CNA release that supports Release 12.2(20)EWA is 1.0(1).
36 EEM = Embedded Event anager
37 Includes HTTPS-HTTP with SSL 3.0, CEF-MIB, Embedded Syslog Manage, ...
38 The route-map keyword is not supported.
Unsupported Features
These features are not supported in Cisco IOS Release 12.2(53)SG for the 4900 series switches:
•
–
–
–
–
•
–
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
New and Changed Information
These sections describe the new and changed information for the Catalyst 4900 series switch running Cisco IOS software:
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
New Hardware Features in Release 12.2(53)SG
Release 12.2(53)SG provides the following new hardware for the Catalyst 4900 series switch:
•
New Software Features in Release 12.2(53)SG
Release 12.2(53)SG provides the following Cisco IOS software features for the Catalyst 4900 series switch:
•
New Hardware Features in Release 12.2(52)SG
Release 12.2(52)SG provides no new hardware for the Catalyst 4900 series switch.
New Software Features in Release 12.2(52)SG
Release 12.2(52)SG provides the following new Cisco IOS software features for the Catalyst 4900 series switch:
•
All LAN Base customers looking to upgrade from LAN Base to IP Base or Enterprise services are required to order "The Catalyst 4948 IP Base upgrade license WS-C4900-SW-LIC." This license is not required for customers currently running IP base or enterprise services.
Note
•
•
•
–
–
•
•
•
–
–
•
•
•
•
–
–
–
–
–
–
–
–
New Hardware Features in Release 12.2(50)SG2
Release 12.2(50)SG2 provides the following new hardware for the Catalyst 4900 series switch:
•
New Software Features in Release 12.2(50)SG2
Release 12.2(50)SG2 provides the following new Cisco IOS software features for the Catalyst 4900 series switch:
•
New Hardware Features in Release 12.2(50)SG1
Release 12.2(50)SG1 provides the following new hardware for the Catalyst 4900 series switch:
•
New Software Features in Release 12.2(50)SG1
Release 12.2(50)SG1 provides the following new Cisco IOS software features for the Catalyst 4900 series switch:
•
New Hardware Features in Release 12.2(50)SG
Release 12.2(50)SG provides the following new hardware for the Catalyst 4900 series switch:
•
•
•
New Software Features in Release 12.2(50)SG
Release 12.2(50)SG provides the following Cisco IOS software features for the Catalyst 4900 series switch:
Note
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
New Hardware Features in Release 12.2(46)SG
Release 12.2(46)SG provides the following new hardware for the Catalyst 4900 series switch:
•
New Software Features in Release 12.2(46)SG
Release 12.2(46)SG provides the following Cisco IOS software features for the Catalyst 4900 series switch:
Note
•
•
•
–
–
–
–
–
•
•
•
New Hardware Features in Release 12.2(44)SG
Release 12.2(44)SG provides the following new hardware for the Catalyst 4900 series switch:
•
New Software Features in Release 12.2(44)SG
Release 12.2(44)SG provides the following Cisco IOS software features for the Catalyst 4900 series switch:
Note
•
•
After configuring VSS dual-active on a Catalyst 6500 switches, the Catalyst 4500 series switch can detect VSS dual-active with PagP+ support.
•
•
•
•
For details, refer to the EEM Home Page:
http://www.cisco.com/en/US/products/ps6815/products_ios_protocol_group_home.html•
For details, refer to the ESM Home Page:
http://www.cisco.com/en/US/docs/ios/12_3t/12_3t2/feature/guide/gt_esm.htmlNew Hardware Features in Release 12.2(40)SG
Release 12.2(40)SG provides the following new hardware for the Catalyst 4900 series switch:
•
New Software Features in Release 12.2(40)SG
Release 12.2(40)SG provides the following Cisco IOS software features for the Catalyst 4900 series switch:
Note
•
•
New Hardware Features in Release 12.2(37)SG
Release 12.2(37)SG provides the following new hardware for the Catalyst 4900 series switch:
•
New Software Features in Release 12.2(37)SG
Release 12.2(37)SG provides the following Cisco IOS software features for the Catalyst 4900 series switch:
Note
•
•
•
•
For details, locate the feature entry in the Feature Information Table located toward the end of the "Connecting to a Service Provider Using External BGP" module
•
New Hardware Features in Release 12.2(31)SGA
Cisco IOS Release 12.2(31)SGA is the first IOS release supporting the Cisco ME 4900 Series Ethernet Switch.
Following hardware was supported:
•
New Software Features in Release 12.2(31)SGA
Release 12.2(31)SGA provides the following Cisco IOS software features for the Catalyst 4900 series switch:
Note
•
•
•
•
•
New Hardware Features in Release 12.2(31)SG
There are no new hardware features in Cisco IOS Release 12.2(31)SG.
New Software Features in Release 12.2(31)SG
Release 12.2(31)SG provides the following Cisco IOS software features for the Catalyst 4900 series switch:
Note
•
•
•
•
•
•
•
•
•
•
New Hardware Features in Release 12.2(25)SG
There are no new hardware features in Cisco IOS Release 12.2(25)SG.
New Software Features in Release 12.2(25)SG
Release 12.2(25)SG provides the following Cisco IOS software features for the Catalyst 4900 series switch:
Note
•
Note
•
•
•
•
•
•
•
•
New Hardware Features in Release 12.2(25)EWA
Release 12.2(25)EWA provides the following new hardware for the Catalyst 4900 series switch:
•
Caution
Catalyst 4948-10GE Switch Installation Guide.
New Software Features in Release 12.2(25)EWA
Release 12.2(25)EWA provides the following Cisco IOS software features for the Catalyst 4900 series switch:
Note
•
•
•
•
•
•
New Hardware Features in Release 12.2(25)EW
There are no new hardware features in Release 12.2(25)EW.
New Software Features in Release 12.2(25)EW
There are no new software features in Cisco IOS Release 12.2(25)EW
New Hardware Features in Release 12.2(20)EWA
There are no new hardware features in Cisco IOS Release 12.2(20)EWA.
New Software Features in Release 12.2(20)EWA
Release 12.2(20)EWA provides the following Cisco IOS software features for the Catalyst 4900 series switch:
Note
•
•
Upgrading the System Software
In most cases, upgrading the switch to a newer release of Cisco IOS software does not require a ROMMON upgrade. However, if you are running an early release of Cisco IOS software and plan to upgrade, the following tables list the recommended ROMMON release.
Caution
The following sections describe how to upgrade your switch software:
•
•
•
Upgrading the ROMMON from the Console
Caution
Note
Follow this procedure to upgrade your supervisor engine ROMMON:
Step 1
Note
Step 2
The cat4000-ios-promupgrade-122_25r_EWA programs are available on Cisco.com at the same location from which you download Catalyst 4000 system images.
Step 3
squeeze bootflash: command to reclaim the space.Step 4
The following example shows how to download the PROM upgrade image cat4000-ios-promupgrade-122_25r_EWA from the remote host 172.20.58.78 to bootflash:
Switch# copy tftp: bootflash: Address or name of remote host [172.20.58.78]? Source filename [cat4000-ios-promupgrade-122_25r_EWA]? Destination filename [cat4000-ios-promupgrade-122_25r_EWA]? Accessing tftp://172.20.58.78/cat4000-ios-promupgrade-122_25r_EWA... Loading cat4000-ios-promupgrade-122_25r_EWA from 172.20.58.78 (viaFastEthernet2/1):!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!![OK - 455620 bytes]455620 bytes copied in 2.644 secs (172322 bytes/sec) Switch#Step 5
The following example shows the output after a reset into ROMMON:
Switch# reloadProceed with reload? [confirm]2d11h: %SYS-5-RELOAD: Reload requested by console. Reload Reason: Reload Command.*********************************************************** ** Welcome to Rom Monitor for WS-C4948-10GE System. ** Copyright (c) 1999-2005 by Cisco Systems, Inc. ** All rights reserved. ** ***********************************************************Rom Monitor Program Version 12.2(25r)EWASupervisor: WS-C4948-10GE Chassis: WS-C4948Hardware Revisions - Board: 8.3 CPLD Gill: 17MAC Address : 00-0b-fc-ff-3b-ffIP Address : 10.5.43.225Netmask : 255.255.255.0Gateway : 10.5.43.1TftpServer : 10.5.5.5***** The system will autoboot in 5 seconds *****Type control-C to prevent autobooting.. .Autoboot cancelled......... please wait!!!Autoboot cancelled......... please wait!!!rommon 1 > [interrupt]Step 6
boot bootflash:cat4000-ios-promupgrade-122_25r_EWA
Caution
The following example shows the output from a successful upgrade, followed by a system reset:
rommon 2 > boot bootflash:cat4000-ios-promupgrade-122_25r_EWA*********************************************************** ** Rom Monitor Upgrade Utility For WS-C4948-10GE System ** This upgrades flash Rom Monitor image to the latest ** ** Copyright (c) 1997-2005 by Cisco Systems, Inc. ** All rights reserved. ** ***********************************************************Image size = 1024.0 KBytesMaximum allowed size = 1048576 KBytesUpgrading your PROM... DO NOT RESET the systemunless instructed or upgrade of PROM will fail !!!Beginning erase of 0x100000 bytes at offset 0x3e00000... Done!Beginning write of prom (0x100000 bytes at offset 0x3e00000)...This could take as little as 30 seconds or up to 2 minutes.Please DO NOT RESET!Verifying...Success! The prom has been upgraded successfully.System will reset itself and reboot within few seconds....Step 7
Step 8
The following example shows how to delete the cat4000-ios-promupgrade-122_25r_EWA image from bootflash and reclaim unused space:
Switch# delete bootflash:cat4000-ios-promupgrade-122_25r_EWASwitch# squeeze bootflash:All deleted files will be removed, proceed (y/n) [n]? ySqueeze operation may take some time, proceed (y/n) [n]? ySwitch#Step 9
Switch# show versionCisco IOS Software, Catalyst 4900 L3 Switch Software (cat4500-IPBASE-M), Version 12.2(25)EWA, RELEASE SOFTWARE (fc1)Technical Support: http://www.cisco.com/techsupportCopyright (c) 1986-2005 by Cisco Systems, Inc.Compiled Wed 17-Aug-05 17:09 by alnguyenImage text-base: 0x10000000, data-base: 0x11269914ROM: 12.2(25r)EWAPod Revision 0, Force Revision 31, Tie Revision 17Switch uptime is 1 minuteSystem returned to ROM by reloadSystem image file is "bootflash:cat4500-ipbase-mz.122-25.EWA"cisco WS-C4948-10GE (MPC8540) processor (revision 3) with 262144K bytes of memory.Processor board ID 0MPC8540 CPU at 667Mhz, Fixed ModuleLast reset from Reload1 Virtual Ethernet interface48 Gigabit Ethernet interfaces2 Ten Gigabit Ethernet interfaces511K bytes of non-volatile configuration memory.Configuration register is 0x2Switch#The ROMMON has now been upgraded.
See the "Upgrading the Cisco IOS Software" section for instructions on how to upgrade the Cisco IOS software on your switch.
Upgrading the ROMMON Remotely Using Telnet
Caution
Follow this procedure to upgrade your supervisor engine ROMMON to Release 12.2(25r)EWA. This procedure can be used when console access is not available and when the ROMMON upgrade must be performed remotely.
Note
Step 1
Note
Step 2
The cat4000-ios-promupgrade-122_25r_EWA programs are available on Cisco.com at the same location from which you download Catalyst 4000 system images.
Step 3
squeeze bootflash: command to reclaim the space.Step 4
copy tftp command.The following example shows how to download the PROM upgrade image cat4000-ios-promupgrade-122_25r_EWA from the remote host 10.5.5.5 to bootflash:
Switch# copy tftp: bootflash: Address or name of remote host [10.5.5.5]?Source filename [cat4000-ios-promupgrade-122_25r_EWA]? /tftpboot/pjose/cat4000-ios-promupgrade-122_25r_EWADestination filename [cat4000-ios-promupgrade-122_25r_EWA]?Accessing tftp://10.5.5.5//tftpboot/pjose/cat4000-ios-promupgrade-122_25r_EWA...Loading /tftpboot/pjose/cat4000-ios-promupgrade-122_25r_EWA from 10.5.5.5 (via GigabitEthernet1/1): !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!![OK - 1244496 bytes]1244496 bytes copied in 9.484 secs (131221 bytes/sec)Switch#Step 5
Switch# configure terminalSwitch(config)# no boot system flash bootflash:cat4000-ios-promupgrade-122_25r_EWASwitch(config)# exitSwitch# writeBuilding configuration...Compressed configuration from 3641 to 1244 bytes [OK]Switch#Use the boot system flash bootflash:file_name command to set the BOOT variable. You will use two BOOT commands: one to upgrade the ROMMON and a second to load the Cisco IOS software image after the ROMMON upgrade is complete. Notice the order of the BOOT variables in the example below. At bootup the first BOOT variable command upgrades the ROMMON. When the upgrade is complete the supervisor engine will autoboot, and the second BOOT variable command will load the Cisco IOS software image specified by the second BOOT command.
Note
In this example, we assume that the console port baud rate is set to 9600 bps and that the config-register is set to 0x0102.Use the config-register command to autoboot using image(s) specified by the BOOT variable. Configure the BOOT variable to upgrade the ROMMON and then autoboot the IOS image after the ROMMON upgrade is complete. In this example, we are upgrading the ROMMON to version 12.2(25r)EWA. After the ROMMON upgrade is complete, the supervisor engine will boot Cisco IOS software Release 12.2(25)EWA.config-register to 0x0102.Switch# configure terminalSwitch(config)# boot system flash bootflash:cat4000-ios-promupgrade-122_25r_EWASwitch(config)# boot system flash bootflash:cat4500-ipbase-mz.122-25.EWASwitch(config)# config-register 0x0102Switch(config)# exitSwitch# writeBuilding configuration...Compressed configuration from 3641 to 1244 bytes [OK]Switch#Step 6
Switch#sh bootvarBOOT variable = bootflash:cat4000-ios-promupgrade-122_25r_EWA,1;bootflash:cat4500-ipbase-mz.122-25.EWACONFIG_FILE variable does not existBOOTLDR variable does not existConfiguration register is 0x2102Step 7
Caution
The following example shows the console port output from a successful ROMMON upgrade followed by a system reset. Your Telnet session will be disconnected during the ROMMON upgrade, so you will not see this output. This step could take 2-3 minutes to complete. You will need to reconnect your Telnet session after 2-3 minutes when the Cisco IOS software image and the interfaces are loaded.
Switch# reloadProceed with reload? [confirm]00:00:36: %SYS-5-RELOAD: Reload requested by console. Reload Reason: Reload Command.*********************************************************** ** Welcome to Rom Monitor for WS-C4948-10GE System. ** Copyright (c) 1999-2005 by Cisco Systems, Inc. ** All rights reserved. ** ***********************************************************Rom Monitor Program Version 12.2(25r)EWASupervisor: WS-C4948-10GE Chassis: WS-C4948Hardware Revisions - Board: 8.0 CPLD : 17 FPGA : 0MAC Address : 00-0b-fc-ff-3b-ffIP Address : 10.5.43.225Netmask : 255.255.255.0Gateway : 10.5.43.1TftpServer : 10.5.5.5***** The system will autoboot in 5 seconds *****Type control-C to prevent autobooting.. . . . .******** The system will autoboot now ********config-register = 0x102Autobooting using BOOT variable specified file.....Current BOOT file is --- bootflash:cat4000-ios-promupgrade-122_25r_EWA*********************************************************** ** Rom Monitor Upgrade Utility For WS-C4948-10GE System ** This upgrades flash Rom Monitor image to the latest ** ** Copyright (c) 1997-2005 by Cisco Systems, Inc. ** All rights reserved. ** ***********************************************************Image size = 1024.0 KBytesMaximum allowed size = 1048576 KBytesUpgrading your PROM... DO NOT RESET the systemunless instructed or upgrade of PROM will fail !!!Beginning erase of 0x100000 bytes at offset 0x3e00000... Done!Beginning write of prom (0x100000 bytes at offset 0x3e00000)...This could take as little as 30 seconds or up to 2 minutes.Please DO NOT RESET!Verifying...Success! The prom has been upgraded successfully.System will reset itself and reboot within few seconds....****(output truncated). . . . .******** The system will autoboot now ********config-register = 0x102Autobooting using BOOT variable specified file.....Current BOOT file is --- bootflash:cat4500-ipbase-mz.122-25.EWARommon reg: 0x00004180###########(output truncated)Exiting to ios...Rommon reg: 0x00000180###############################Restricted Rights LegendUse, duplication, or disclosure by the Government issubject to restrictions as set forth in subparagraph(c) of the Commercial Computer Software - RestrictedRights clause at FAR sec. 52.227-19 and subparagraph(c) (1) (ii) of the Rights in Technical Data and ComputerSoftware clause at DFARS sec. 252.227-7013.cisco Systems, Inc.170 West Tasman DriveSan Jose, California 95134-1706Cisco IOS Software, Catalyst 4900 L3 Switch Software (cat4500-IPBASE-M), Version 12.2(25)EWA, RELEASE SOFTWARE (fc1)Technical Support: http://www.cisco.com/techsupportCopyright (c) 1986-2005 by Cisco Systems, Inc.Compiled Wed 17-Aug-05 17:09 by alnguyenImage text-base: 0x10000000, data-base: 0x11269914cisco WS-C4948-10GE (MPC8540) processor (revision 3) with 262144K bytes of memory.Processor board ID 0MPC8540 CPU at 667Mhz, Fixed ModuleLast reset from Reload1 Virtual Ethernet interface48 Gigabit Ethernet interfaces2 Ten Gigabit Ethernet interfaces511K bytes of non-volatile configuration memory.Uncompressed configuration from 1171 bytes to 2726 bytesPress RETURN to get started!Switch>enSwitch#Step 8
Switch# configure terminalSwitch(config)# no boot system flash bootflash:cat4000-ios-promupgrade-122_25r_EWASwitch(config)# exitSwitch# writeBuilding configuration...Compressed configuration from 3641 to 1244 bytes [OK]Switch#Step 9
Switch# show versionCisco IOS Software, Catalyst 4900 L3 Switch Software (cat4500-IPBASE-M), Version 12.2(25)EWA, RELEASE SOFTWARE (fc1)Technical Support: http://www.cisco.com/techsupportCopyright (c) 1986-2005 by Cisco Systems, Inc.Compiled Wed 17-Aug-05 17:09 by alnguyenImage text-base: 0x10000000, data-base: 0x11269914ROM: 12.2(25r)EWAPod Revision 0, Force Revision 31, Tie Revision 17Switch uptime is 0 minutesSystem returned to ROM by reloadSystem image file is "bootflash:cat4500-ipbase-mz.122-25.EWA"cisco WS-C4948-10GE (MPC8540) processor (revision 3) with 262144K bytes of memory.Processor board ID 0MPC8540 CPU at 667Mhz, Fixed ModuleLast reset from Reload1 Virtual Ethernet interface48 Gigabit Ethernet interfaces2 Ten Gigabit Ethernet interfaces511K bytes of non-volatile configuration memory.Configuration register is 0x102Switch#Step 10
The following example shows how to delete the cat4000-ios-promupgrade-122_25r_EWA image from bootflash and reclaim unused space:
Switch# delete bootflash:cat4000-ios-promupgrade-122_25r_EWASwitch# squeeze bootflash:All deleted files will be removed, proceed (y/n) [n]? ySqueeze operation may take some time, proceed (y/n) [n]? ySwitch#Step 11
Switch# show bootvarBOOT variable = bootflash:cat4500-ipbase-mz.122-25.EWA,12;CONFIG_FILE variable does not existBOOTLDR variable does not existConfiguration register is 0x2102Switch#The ROMMON has now been upgraded.
See the "Upgrading the Cisco IOS Software" section for instructions on how to upgrade the Cisco IOS software on your switch.
Upgrading the Cisco IOS Software
Caution
Before you proceed, observe the following rules for hostname:
•
Uppercase and lowercase characters look the same to many internet software applications. It may seem appropriate to capitalize a name the same way you might do in English, but conventions dictate that computer names appear all lowercase. For more information, refer to RFC 1178, Choosing a Name for Your Computer.
•
•
•
•
To upgrade the Cisco IOS software on your Catalyst 4900 series switch, use this procedure:
Step 1
Step 2
Step 3
The following example shows how to download the Cisco IOS software image cat4500-ipbase-mz.122-25.EWA from the remote host 172.20.58.78 to bootflash:
Switch# copy tftp: bootflash:Address or name of remote host [172.20.58.78]?Source filename [cat4500-ipbase-mz.122_25.EWA]?Destination filename [cat4500-ipbase-mz.122-25.EWA]?Accessing tftp://172.20.58.78/cat4500-ipbase-mz.122-25.EWA...Loading cat4500-ipbase-mz.122-25.EWA from 172.20.58.78 (viaFastEthernet2/1):!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!|!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!![OK - 6923388/13846528 bytes]6923388 bytes copied in 72.200 secs (96158 bytes/sec)Switch#Step 4
The following example shows how to clear the BOOT variable:
Switch# configure terminalSwitch(config)# no boot system flash bootflash:cat4500-ipbase-mz.122_25.EWASwitch(config)# exitSwitch# writeBuilding configuration...Compressed configuration from 3641 to 1244 bytes [OK]Switch#Step 5
The following example shows how to add the cat4500-ipbase-mz.122-25.EWA image to the BOOT variable:
Switch# configure terminalSwitch(config)# boot system flash bootflash:cat4500-ipbase-mz.122_25.EWASwitch(config)# exitSwitch# writeBuilding configuration...Compressed configuration from 3641 to 1244 bytes [OK]Switch#Step 6
The following example show how to set the second least significant bit in the configuration register:
Switch# configure terminalSwitch(config)# config-register 0x2102Switch(config)# exitSwitch# writeBuilding configuration...Compressed configuration from 3723 to 1312 bytes [OK]Switch#Step 7
Caution
The following example shows the output from a successful upgrade followed by a system reset:
Switch# reloadSystem configuration has been modified. Save? [yes/no]: yesBuilding configuration...Compressed configuration from 2668 bytes to 1127 bytes[OK]Proceed with reload? [confirm]00:02:11: %SYS-5-RELOAD: Reload requested by console. Reload Reason: Reload Command.*********************************************************** ** Welcome to Rom Monitor for WS-C4948-10GE System. ** Copyright (c) 1999-2005 by Cisco Systems, Inc. ** All rights reserved. ** ***********************************************************Rom Monitor Program Version 12.2(25r)EWASupervisor: WS-C4948-10GE Chassis: WS-C4948Hardware Revisions - Board: 8.3 CPLD Gill: 17MAC Address : 00-0b-fc-ff-3b-ffIP Address : 10.5.43.225Netmask : 255.255.255.0Gateway : 10.5.43.1TftpServer : 10.5.5.5***** The system will autoboot in 5 seconds *****Type control-C to prevent autobooting.. . . . .******** The system will autoboot now ********config-register = 0x2102Autobooting using BOOT variable specified file.....Current BOOT file is --- bootflash:cat4500-ipbase-mz.122-25.EWARommon reg: 0x00004180###########k2diags version 5.0.1_eprod: WS-C4948-10GE part: 0 serial: 0Power-on-self-test for Module 1: WS-C4948-10GEPort/Test Status: (. = Pass, F = Fail, U = Untested)Cpu Subsystem Tests ...seeprom: . temperature_sensor: .Port Traffic: L2 Serdes Loopback ...0: . 1: . 2: . 3: . 4: . 5: . 6: . 7: . 8: . 9: . 10: . 11: .12: . 13: . 14: . 15: . 16: . 17: . 18: . 19: . 20: . 21: . 22: . 23: .24: . 25: . 26: . 27: . 28: . 29: . 30: . 31: . 32: . 33: . 34: . 35: .36: . 37: . 38: . 39: . 40: . 41: . 42: . 43: . 44: . 45: . 46: . 47: .62: . 63: .Port Traffic: L2 Asic Loopback ...0: . 1: . 2: . 3: . 4: . 5: . 6: . 7: . 8: . 9: . 10: . 11: .12: . 13: . 14: . 15: . 16: . 17: . 18: . 19: . 20: . 21: . 22: . 23: .24: . 25: . 26: . 27: . 28: . 29: . 30: . 31: . 32: . 33: . 34: . 35: .36: . 37: . 38: . 39: . 40: . 41: . 42: . 43: . 44: . 45: . 46: . 47: .62: . 63: .Port Traffic: L3 Asic Loopback ...0: . 1: . 2: . 3: . 4: . 5: . 6: . 7: . 8: . 9: . 10: . 11: .12: . 13: . 14: . 15: . 16: . 17: . 18: . 19: . 20: . 21: . 22: . 23: .24: . 25: . 26: . 27: . 28: . 29: . 30: . 31: . 32: . 33: . 34: . 35: .36: . 37: . 38: . 39: . 40: . 41: . 42: . 43: . 44: . 45: . 46: . 47: .62: . 63: .Switch Subsystem Memory ...1: . 2: . 3: . 4: . 5: . 6: . 7: . 8: . 9: . 10: . 11: . 12: .13: . 14: . 15: . 16: . 17: . 18: . 19: . 20: . 21: . 22: . 23: . 24: .25: . 26: . 27: . 28: . 29: . 30: . 31: . 32: . 33: . 34: . 35: . 36: .37: . 38: . 39: . 40: . 41: . 42: . 43: . 44: . 45: . 46: . 47: . 48: .49: . 50: . 51: .Front Panel Ports ...1: . 2: . 3: . 4: . 5: . 6: . 7: . 8: . 9: . 10: . 11: . 12: .13: . 14: . 15: . 16: . 17: . 18: . 19: . 20: . 21: . 22: . 23: . 24: .25: . 26: . 27: . 28: . 29: . 30: . 31: . 32: . 33: . 34: . 35: . 36: .37: . 38: . 39: . 40: . 41: . 42: . 43: . 44: . 45: . 46: . 47: . 48: .Module 1 PassedExiting to ios...Rommon reg: 0x00000180###############################Restricted Rights LegendUse, duplication, or disclosure by the Government issubject to restrictions as set forth in subparagraph(c) of the Commercial Computer Software - RestrictedRights clause at FAR sec. 52.227-19 and subparagraph(c) (1) (ii) of the Rights in Technical Data and ComputerSoftware clause at DFARS sec. 252.227-7013.cisco Systems, Inc.170 West Tasman DriveSan Jose, California 95134-1706Cisco IOS Software, Catalyst 4900 L3 Switch Software (cat4500-IPBASE-M), Version12.2(25)EWA, RELEASE SOFTWARE (fc1)Technical Support: http://www.cisco.com/techsupportCopyright (c) 1986-2005 by Cisco Systems, Inc.Compiled Wed 17-Aug-05 17:09 by alnguyenImage text-base: 0x10000000, data-base: 0x11269914# # ## ##### # # # # # ##### # # # # # ## # # ## # # ## # # # # # # # # # # # # ## ## # ###### ##### # # # # # # # # ##### ## # # # # # ## # # ## # ## # # # # # # # # # # ####The following environment variable(s) are set. Setting theseenvironment variables may cause the system to behave unpredictably."DontShipAllowChassisSimulation""gdbEnable"Use 'clear platform environment variable unsupported' to clear these variables.cisco WS-C4948-10GE (MPC8540) processor (revision 3) with 262144K bytes of memory.Processor board ID 0MPC8540 CPU at 667Mhz, Fixed ModuleLast reset from Reload1 Virtual Ethernet interface48 Gigabit Ethernet interfaces2 Ten Gigabit Ethernet interfaces511K bytes of non-volatile configuration memory.Uncompressed configuration from 1127 bytes to 2668 bytesPress RETURN to get started!00:00:06: %C4K_IOSMODPORTMAN-4-POWERSUPPLYBAD: Power supply 2 has failed or beenturned off00:00:06: %C4K_IOSMODPORTMAN-4-POWERSUPPLYFANBAD: Fan of power supply 2 has failed00:00:15: %SPANTREE-5-EXTENDED_SYSID: Extended SysId enabled for type vlan00:00:15: %C4K_IOSMODPORTMAN-6-MODULEONLINE: Module 1 (WS-C4948-10GE S/N: 0 Hw:0.3) is online00:00:16: %SYS-5-CONFIG_I: Configured from memory by console00:00:16: %SYS-5-RESTART: System restarted --Cisco IOS Software, Catalyst 4900 L3 Switch Software (cat4500-IPBASE-M), Version12.2(25)EWA, RELEASE SOFTWARE (fc1)Technical Support: http://www.cisco.com/techsupportCopyright (c) 1986-2005 by Cisco Systems, Inc.Compiled Wed 17-Aug-05 17:09 by alnguyenSwitch>Switch#Step 8
Limitations and Restrictions
These sections list the limitations and restrictions for the current release of Cisco IOS software on the Catalyst 4900 series switch.
•
–
–
–
–
•
–
–
–
–
•
–
–
–
•
–
–
–
–
•
–
–
–
•
•
•
•
•
•
Workaround: Display the configuration with the show standby command, then remove the CLI. Here is sample output of the show standby GigabitEthernet1/1 command:
switch(config)# interface g1/1switch(config)# no standby 0 name (0 is hsrp group number)•
Use the standby delay reload option if the router is rebooting after reloading the image.
•
Workaround: Since the problem is caused by mismatched MTUs, the solution is to change the MTU on either router to match the neighbor's MTU.
•
•
•
•
•
Workaround: Verify whether or not the Neighbor discovery cache has an entry, separate from regular troubleshooting areas of IPv6 address configurations and other configurations.
•
•
•
•
•
•
•
•
switchport private-vlan mapping trunk command above is 1000. For example, one thousand secondary VLANs could map to one primary VLAN, or one thousand secondary VLANs could map one to one to one thousand primary VLANs.•
•
•
•
00:02:57: %RADIUS-4-RADIUS_DEAD: RADIUS server 172.20.246.206:1645,1646 is not responding.If this message appears, check that there is network connectivity between the switch and the ACS. You should also check that the switch has been properly configured as an AAA client on the ACS.
•
•
Workaround: Disable idle timeouts. (CSCec30214)
•
–
–
•
•
•
•
•
–
–
•
–
–
–
–
•
•
% Hardware MTU table exhaustedIn such a scenario, the ipv6 MTU value programmed in hardware will be different from the ipv6 interface MTU value. This will happen if there is no room in the hw MTU table to store additional values.
You must free up some space in the table by unconfiguring some unused MTU values and subsequently disable/re-enable ipv6 on the interface or reapply the MTU configuration.
•
Switch(config-if)# no ip verify sourceSwitch(config-if)# no ip device tracking max"To enable IPSG with Static Hosts on a port, issue the following commands:
Switch(config)# ip device tracking ****enable IP device tracking globallySwitch(config)# ip device tracking max <n> ***set an IP device tracking maximum on intSwitch(config-if)# ip verify source tracking [port-security] ****activate IPSG on port
Caution
Note
•
•
CSCsy31324
•
•
Caveats
Caveats describe unexpected behavior in Cisco IOS releases. Caveats listed as open in a prior release are carried forward to the next release as either open or resolved.
Note
http://www.cisco.com/en/US/products/products_security_advisories_listing.html
Open Caveats in Cisco IOS Release 12.2(53)SG1
This section lists the open caveats in Cisco IOS Release 12.2(53)SG1:
•
show policy-map interface fa6/1 do not show the packets being matched:Switch# sh policy-map intFastEthernet3/2Service-policy output: p1Class-map: c1 (match-all)0 packets <--------It stays at '0' despite of traffic being receivedMatch: access-group name fnacl21police: Per-interfaceConform: 9426560 bytes Exceed: 16573440 bytesWorkaround: Verify that the MAC addresses being transmitted through the system are learned.
(CSCef01798)
•
–
–
On a switch that support redundancy, the generation of the self-signed certificate is performed independently on the active and the standby supervisor engines. So, the certificates differ. After switchover, the HTTP client that holds the old certificate can not connect to the HTTPS server.
Workaround: Re-connect. (CSCsb11964)
•
This only impacts a switch that has any of the following queues are configured as SPAN source in releases prior to 12.2(31)SG and saved to startup-config. The SPAN destination would not get the same traffic after upgrading to 12.2(31)SG and later releases.
Workaround: After upgrading to 12.2(31)SG and later releases, remove the old SPAN source configuration and reconfigure with the new queue names/IDs. For example:
Switch(config)# no monitor session n source cpu queue all rxSwitch(config)# monitor session n source cpu queue <new_Queue_Name>(CSCsc94802)
•
Workaround: None. (CSCsc11726)
•
This could occur for these reasons:
–
–
Workarounds:
–
–
•
qos account layer2 encapsulation.Workaround: None. (CSCsg58526)
•
This does not impact performance.
Workaround: Issue the no shutdown command. (CSCsg27395)
•
Workaround: Remove the transceiver from the new port and place it in the old port. Once the SFP is recognized in the old port, remove it slowly and insert it in the new port. (CSCse34693).
•
Workaround: None. (CSCsm30320)
•
Workaround: None. (CSCsq72572)
•
Workaround: None. (CSCso93282)
•
Workarounds: Do one of the following:
–
–
–
(CSCsq63051)
•
%PM-4-PORT_INCONSISTENT: STANDBY:Port is inconsistent:Workaround: When the port channel starts to flap, enter shut and no shut on the port channel. After the first switchover and after deleting the portchannel, create a new channel. (CSCsr00333)
•
Mar 6 03:28:29.140 EST: %COMMON_FIB-3-FIBHWIDBINCONS: An internalsoftware error occurred. Null0 linked to wrong hwidb Null0Workaround: None. (CSCso68331)
•
Workaround: Before removing a linecard, delete the statically configured ip source binding entries on any of the interfaces on the line-card. (CSCsv54529)
•
Workaround: Clear the errors with the clear ethernet cfm errors command in EXEC mode. (CSCsv43819)
•
Workarounds: Use either of the following to set the sxp default password:
–
–
(CSCsv33006)
•
This problem impacts X2, OneX converters, and SFP+ on the Supervisor Engine 6-E, and linecards.
Workaround: Remove and reinsert the One X Convertor with SFP+, SFP+ alone, or X2 after some perceivable delay. (CSCsu43461)
•
On a switch with multiple Layer 3 interfaces, if the CTS SXP connection is configured without specifying source IP address and no default SXP source IP address is configured on the box, different SXP connections may pickup different source IP address for each connection.
Workaround: Do one of the following:
–
–
–
(CSCsv28348)
•
This problem occurs when an 802.1X client is authorized on a multi-auth port. After the access VLAN is deleted, then restored, the client is reauthorized but the spanning tree state of the access VLAN remains Disabled.
Workaround: Shut down then reopen the interface.
(CSCso50921)
•
Workaround: For VTP database propagation, configure ISL/dot1q trunk port. (CSCsu43445)
•
Workarounds: Do one of the following:
–
–
(CSCsv05205)
•
Workaround: When a log message appears indicating that the SFP+ has been removed, do one of the following:
–
–
–
(CSCsv90044)
•
Workaround: Do one of the following:
–
–
–
(CSCsu39009)
•
Workaround: Reconfigure tracking on the newly created interface. (CSCsr66876)
•
*Oct 27 10:32:01.159: %TCP-6-BADAUTH: No MD5 digest from 2.2.2.3(50374) to 2.2.2.1(64999)This issue is seen when the default SXP password is encrypted with type-6 encryption.
Workaround: Do one of the following:
–
–
(CSCsv33136)
•
Workaround: None. (CSCsv42869)
•
Workaround: To reconfigure VLAN Load Balancing with a different configuration, do the following:
a.
b.
c.
d.
(CSCsv69853)
•
%SM-4-BADEVENT: Event 'eouAAAAuthor' is invalid for the current state 'eou_abort': eou_auth 4.1.0.101 Traceback= 101D9A88 10B76BB0 10B76FE0 10B7A114 10B7A340 1066A678 106617F8%SM-4-BADEVENT: Event 'eouAAAAuthor' is invalid for the current state 'eou_abort': eou_auth 4.1.0.102 Traceback= 101D9A88 10B76BB0 10B76FE0 10B7A114 10B7A340 1066A678 106617F8This applies to classic or E-series Catalyst 4500 supervisor engines running
Cisco IOS Release 12.2(50)SGWorkaround: None. (CSCsw14005)
•
If the switch were to run a supervisor switchover while in this state, the host's MAC address would not be present in the new active supervisor engine's MAC address table, causing possible connectivity interruption on the host.
Workaround: Enter the shutdown command, followed by the no shutdown command on the interface. This triggers relearning and synchronizing of the host's MAC to the standby supervisor engine. CSCsw91661
•
Workaround: None. CSCsy72343
•
Workaround: None.
CSCsy38640
•
Workaround: None.
CSCsu35604
•
Switch# call-home send alert-group diagnostic module 2Sending diagnostic info call-home message ...Please wait. This may take some time ...Switch#*Jan 3 01:54:24.471: %CALL_HOME-3-ONDEMAND_MESSAGE_FAILED: call-home on-demand message failed to send (ERR 18, The alert group is not subscribed)Workaround: Specify a profile name when you enter the diagnostic command.
You might want to avoid requesting on demand send for invalid modules. First, enter the
show module command to check for valid or present modules.CSCsz05888
•
No TCAM entries are available for the new access-list.
Workaround: Manually remove and reapply the ACL after freeing hardware TCAM resources by removing or shortening other classification policies on the switch.
CSCsy85006
•
show policy-map interface command are wrong.Workaround: None.
The queue transmit counters as well as the policing statistics (if any) are correct.
CSCsz20149
•
Workaround: None.
CSCsz06719
•
Workaround: Enter shut, then no shut on the port.
CSCsz63355
•
Workaround: Manually re-enter all entries with new time settings.
CSCsy27389
•
Workaround: Disable explicit host tracking in the affected VLANs.
CSCsz28612
•
This only happens when the switch is running network mobility service protocol (nmsp). It does not happen if the phone is CDP enabled.
Workaround: Use VLAN ID or name to differentiate the IP phone and the PC sitting behind the phone on the WCS. Specifically, the IP phone is detected on the voice VLAN, and the displayed information of serial number, model number, and software version is correct. However, a PC sitting behind the phone is detected on a data VLAN, and the displayed device information is wrong and should be ignored.
CSCsz34522
•
Assuming that you configured authentication open on the port and a host is authenticated on that port, if you unconfigure open auth (no authentication open), the STP state becomes blocked on an authenticated port.
The connected host is authenticated so it should be able to send traffic and the STP state should be Forwarding.
Workaround: Enter shut, then no shut on the port.
CSCta04665
•
|auto qos voice trust command auto generates qos trust cos configuration, in addition to other parameters. However, when the port is converted from Layer 2 to Layer 3 with the no switchport command, the qos trust dscp command should be generated.Workaround: When interface mode is changed from Layer2 to Layer3, manually change interface trust state by enter the cos trust dscp command.
CSCta16492
•
Workaround: Configure the port in multi-domain mode (rather than multi-auth mode) with the authentication host-mode multi-domain command
CSCtb28114
•
All software releases up to and including Cisco IOS Releases 12.2(31)SGA9, 12.2(50)SG6 and 12,2(53)SG1 are affected.
Workaround: After rebooting the switch, adjust the system clock with the clock set command.
CSCtc65375
•
Cisco IOS Release 12.2(53)SG1 or 12.2(50)SG6, Layer 2 multicast is not blocked.Prior to Cisco IOS Release 12.2(53)SG1, 12.2(50)SG6, the switchport block multicast command would block IP Multicast, Layer 2 multicast, and broadcast traffic (CSCta61825).
Workaround: None
CSCtb30327
•
%C4K_EBM-4-HOSTFLAPPING: happening between master loopback port and the source port during layer3 (IPv4 and IPv6) packets loop using ethernet oam (EOAM)This message is does not impact performance.
Workaround: None.
CSCtc26043
Resolved Caveats in Cisco IOS Release 12.2(53)SG1
This section lists the resolved caveats in Release 12.2(53)SG1:
•
Workaround: Configure an access-list to permit the CPU generated packets and apply the ACL to the class-map.
CSCsy43967
•
Workaround: Manually re-enter all entries with new time settings.
CSCsy27389
•
ROM by abort at PC 0x0Workaround: None.
Downgrade to Cisco IOS Release 12.2(50)SG3 if needed.
CSCta49512
•
Workaround: None.
CSCsz38442
•
A syslog warning message "%SM-4-BADEVENT: Event 'forward' is invalid for the current state 'present': pm_vp .."A traceback error messageThis issue happens only on flexlink ports under the following two scenarios:
–
–
Workaround: None
The syslog and Traceback do not impact functionality. Flexlink states end up with correct states and there is no impact on traffic forwarding.
CSCta05317
•
The existing per-port error disable (that is, when a violation happens, the entire port will be error disabled) still works on flexlink.
Workaround: Use flexlink with VLAN load balancing.
If you do not want to use vlan load balancing, then enter the
switchport backup interface perfer vlan command on the Active interface, where vlan z is set to an unused vlan on the systemCSCta76320
•
Workaround: Change the VTP version from 3 to version 2 or 1 and then revert to version 3.
CSCsy66803
Open Caveats in Cisco IOS Release 12.2(53)SG
This section lists the open caveats in Cisco IOS Release 12.2(53)SG:
•
show policy-map interface fa6/1 do not show the packets being matched:Switch# sh policy-map intFastEthernet3/2Service-policy output: p1Class-map: c1 (match-all)0 packets <--------It stays at '0' despite of traffic being receivedMatch: access-group name fnacl21police: Per-interfaceConform: 9426560 bytes Exceed: 16573440 bytesWorkaround: Verify that the MAC addresses being transmitted through the system are learned.
(CSCef01798)
•
–
–
On a switch that support redundancy, the generation of the self-signed certificate is performed independently on the active and the standby supervisor engines. So, the certificates differ. After switchover, the HTTP client that holds the old certificate can not connect to the HTTPS server.
Workaround: Re-connect. (CSCsb11964)
•
This only impacts a switch that has any of the following queues are configured as SPAN source in releases prior to 12.2(31)SG and saved to startup-config. The SPAN destination would not get the same traffic after upgrading to 12.2(31)SG and later releases.
Workaround: After upgrading to 12.2(31)SG and later releases, remove the old SPAN source configuration and reconfigure with the new queue names/IDs. For example:
Switch(config)# no monitor session n source cpu queue all rxSwitch(config)# monitor session n source cpu queue <new_Queue_Name>(CSCsc94802)
•
Workaround: None. (CSCsc11726)
•
This could occur for these reasons:
–
–
Workarounds:
–
–
•
qos account layer2 encapsulation.Workaround: None. (CSCsg58526)
•
This does not impact performance.
Workaround: Issue the no shutdown command. (CSCsg27395)
•
Workaround: Remove the transceiver from the new port and place it in the old port. Once the SFP is recognized in the old port, remove it slowly and insert it in the new port. (CSCse34693).
•
Workaround: None. (CSCsm30320)
•
Workaround: None. (CSCsq72572)
•
Workaround: None. (CSCso93282)
•
Workarounds: Do one of the following:
–
–
–
(CSCsq63051)
•
%PM-4-PORT_INCONSISTENT: STANDBY:Port is inconsistent:Workaround: When the port channel starts to flap, enter shut and no shut on the port channel. After the first switchover and after deleting the portchannel, create a new channel. (CSCsr00333)
•
Mar 6 03:28:29.140 EST: %COMMON_FIB-3-FIBHWIDBINCONS: An internalsoftware error occurred. Null0 linked to wrong hwidb Null0Workaround: None. (CSCso68331)
•
Workaround: Before removing a linecard, delete the statically configured ip source binding entries on any of the interfaces on the line-card. (CSCsv54529)
•
Workaround: Clear the errors with the clear ethernet cfm errors command in EXEC mode. (CSCsv43819)
•
Workarounds: Use either of the following to set the sxp default password:
–
–
(CSCsv33006)
•
This problem impacts X2, OneX converters, and SFP+ on the Supervisor Engine 6-E, and linecards.
Workaround: Remove and reinsert the One X Convertor with SFP+, SFP+ alone, or X2 after some perceivable delay. (CSCsu43461)
•
On a switch with multiple Layer 3 interfaces, if the CTS SXP connection is configured without specifying source IP address and no default SXP source IP address is configured on the box, different SXP connections may pickup different source IP address for each connection.
Workaround: Do one of the following:
–
–
–
(CSCsv28348)
•
This problem occurs when an 802.1X client is authorized on a multi-auth port. After the access VLAN is deleted, then restored, the client is reauthorized but the spanning tree state of the access VLAN remains Disabled.
Workaround: Shut down then reopen the interface.
(CSCso50921)
•
Workaround: For VTP database propagation, configure ISL/dot1q trunk port. (CSCsu43445)
•
Workarounds: Do one of the following:
–
–
(CSCsv05205)
•
Workaround: When a log message appears indicating that the SFP+ has been removed, do one of the following:
–
–
–
(CSCsv90044)
•
Workaround: Do one of the following:
–
–
–
(CSCsu39009)
•
Workaround: Reconfigure tracking on the newly created interface. (CSCsr66876)
•
*Oct 27 10:32:01.159: %TCP-6-BADAUTH: No MD5 digest from 2.2.2.3(50374) to 2.2.2.1(64999)This issue is seen when the default SXP password is encrypted with type-6 encryption.
Workaround: Do one of the following:
–
–
(CSCsv33136)
•
Workaround: None. (CSCsv42869)
•
Workaround: To reconfigure VLAN Load Balancing with a different configuration, do the following:
a.
b.
c.
d.
(CSCsv69853)
•
%SM-4-BADEVENT: Event 'eouAAAAuthor' is invalid for the current state 'eou_abort': eou_auth 4.1.0.101 Traceback= 101D9A88 10B76BB0 10B76FE0 10B7A114 10B7A340 1066A678 106617F8%SM-4-BADEVENT: Event 'eouAAAAuthor' is invalid for the current state 'eou_abort': eou_auth 4.1.0.102 Traceback= 101D9A88 10B76BB0 10B76FE0 10B7A114 10B7A340 1066A678 106617F8This applies to classic or E-series Catalyst 4500 supervisor engines running
Cisco IOS Release 12.2(50)SGWorkaround: None. (CSCsw14005)
•
If the switch were to run a supervisor switchover while in this state, the host's MAC address would not be present in the new active supervisor engine's MAC address table, causing possible connectivity interruption on the host.
Workaround: Enter the shutdown command, followed by the no shutdown command on the interface. This triggers relearning and synchronizing of the host's MAC to the standby supervisor engine. CSCsw91661
•
Workaround: None. CSCsy72343
•
Workaround: None.
CSCsy38640
•
Workaround: None.
CSCsu35604
•
Workaround: Change the VTP version from 3 to version 2 or 1 and then revert to version 3.
CSCsy66803
•
Switch# call-home send alert-group diagnostic module 2Sending diagnostic info call-home message ...Please wait. This may take some time ...Switch#*Jan 3 01:54:24.471: %CALL_HOME-3-ONDEMAND_MESSAGE_FAILED: call-home on-demand message failed to send (ERR 18, The alert group is not subscribed)Workaround: Specify a profile name when you enter the diagnostic command.
You might want to avoid requesting on demand send for invalid modules. First, enter the
show module command to check for valid or present modules.CSCsz05888
•
No TCAM entries are available for the new access-list.
Workaround: Manually remove and reapply the ACL after freeing hardware TCAM resources by removing or shortening other classification policies on the switch.
CSCsy85006
•
show policy-map interface command are wrong.Workaround: None.
The queue transmit counters as well as the policing statistics (if any) are correct.
CSCsz20149
•
Workaround: None.
CSCsz38442
•
Workaround: None.
CSCsz06719
•
Workaround: Enter shut, then no shut on the port.
CSCsz63355
•
Workaround: Manually re-enter all entries with new time settings.
CSCsy27389
•
Workaround: Disable explicit host tracking in the affected VLANs.
CSCsz28612
•
This only happens when the switch is running network mobility service protocol (nmsp). It does not happen if the phone is CDP enabled.
Workaround: Use VLAN ID or name to differentiate the IP phone and the PC sitting behind the phone on the WCS. Specifically, the IP phone is detected on the voice VLAN, and the displayed information of serial number, model number, and software version is correct. However, a PC sitting behind the phone is detected on a data VLAN, and the displayed device information is wrong and should be ignored.
CSCsz34522
•
Assuming that you configured authentication open on the port and a host is authenticated on that port, if you unconfigure open auth (no authentication open), the STP state becomes blocked on an authenticated port.
The connected host is authenticated so it should be able to send traffic and the STP state should be Forwarding.
Workaround: Enter shut, then no shut on the port.
CSCta04665
•
|auto qos voice trust command auto generates qos trust cos configuration, in addition to other parameters. However, when the port is converted from Layer 2 to Layer 3 with the no switchport command, the qos trust dscp command should be generated.Workaround: When interface mode is changed from Layer2 to Layer3, manually change interface trust state by enter the cos trust dscp command.
CSCta16492
•
A syslog warning message "%SM-4-BADEVENT: Event 'forward' is invalid for the current state 'present': pm_vp .."A traceback error messageThis issue happens only on flexlink ports under the following two scenarios:
–
–
Workaround: None
The syslog and Traceback do not impact functionality. Flexlink states end up with correct states and there is no impact on traffic forwarding.
CSCta05317
•
The existing per-port error disable (that is, when a violation happens, the entire port will be error disabled) still works on flexlink.
Workaround: Use flexlink with VLAN load balancing.
If you do not want to use vlan load balancing, then enter the
switchport backup interface perfer vlan command on the Active interface, where vlan z is set to an unused vlan on the systemCSCta76320
Resolved Caveats in Cisco IOS Release 12.2(53)SG
This section lists the resolved caveats in Release 12.2(53)SG:
•
Entering shut/no shut on the port after deleting a secondary VLAN.
Workarounds:
–
–
(CSCsz73895)
•
The link partner detects the link as up although the link on the 4948 is still down, causing the partner to start forwarding traffic. Because the Catalyst 4948 is down, it drops the traffic.
Workarounds:
–
–
CSCsz21181
•
Workarounds:
–
–
–
•
CSCsq24002
•
Cisco has released free software updates that address this vulnerability.
This advisory is posted at http://www.cisco.com/warp/public/707/cisco-sa-20090923-tunnels.shtml.
CSCsx70889
Open Caveats in Cisco IOS Release 12.2(52)SG
This section lists the open caveats in Cisco IOS Release 12.2(52)SG:
•
show policy-map interface fa6/1 do not show the packets being matched:Switch# sh policy-map intFastEthernet3/2Service-policy output: p1Class-map: c1 (match-all)0 packets <--------It stays at '0' despite of traffic being receivedMatch: access-group name fnacl21police: Per-interfaceConform: 9426560 bytes Exceed: 16573440 bytesWorkaround: Verify that the MAC addresses being transmitted through the system are learned.
(CSCef01798)
•
–
–
On a switch that support redundancy, the generation of the self-signed certificate is performed independently on the active and the standby supervisor engines. So, the certificates differ. After switchover, the HTTP client that holds the old certificate can not connect to the HTTPS server.
Workaround: Re-connect. (CSCsb11964)
•
This only impacts a switch that has any of the following queues are configured as SPAN source in releases prior to 12.2(31)SG and saved to startup-config. The SPAN destination would not get the same traffic after upgrading to 12.2(31)SG and later releases.
Workaround: After upgrading to 12.2(31)SG and later releases, remove the old SPAN source configuration and reconfigure with the new queue names/IDs. For example:
Switch(config)# no monitor session n source cpu queue all rxSwitch(config)# monitor session n source cpu queue <new_Queue_Name>(CSCsc94802)
•
Workaround: None. (CSCsc11726)
•
This could occur for these reasons:
–
–
Workarounds:
–
–
•
qos account layer2 encapsulation.Workaround: None. (CSCsg58526)
•
This does not impact performance.
Workaround: Issue the no shutdown command. (CSCsg27395)
•
Workaround: Remove the transceiver from the new port and place it in the old port. Once the SFP is recognized in the old port, remove it slowly and insert it in the new port. (CSCse34693).
•
Workaround: None. (CSCsm30320)
•
Workaround: None. (CSCsq72572)
•
Workaround: None. (CSCso93282)
•
Workarounds: Do one of the following:
–
–
–
(CSCsq63051)
•
%PM-4-PORT_INCONSISTENT: STANDBY:Port is inconsistent:Workaround: When the port channel starts to flap, enter shut and no shut on the port channel. After the first switchover and after deleting the portchannel, create a new channel. (CSCsr00333)
•
Mar 6 03:28:29.140 EST: %COMMON_FIB-3-FIBHWIDBINCONS: An internalsoftware error occurred. Null0 linked to wrong hwidb Null0Workaround: None. (CSCso68331)
•
Workaround: Before removing a linecard, delete the statically configured ip source binding entries on any of the interfaces on the line-card. (CSCsv54529)
•
Workaround: Clear the errors with the clear ethernet cfm errors command in EXEC mode. (CSCsv43819)
•
Workarounds: Use either of the following to set the sxp default password:
–
–
(CSCsv33006)
•
This problem impacts X2, OneX converters, and SFP+ on the Supervisor Engine 6-E, and linecards.
Workaround: Remove and reinsert the One X Convertor with SFP+, SFP+ alone, or X2 after some perceivable delay. (CSCsu43461)
•
On a switch with multiple Layer 3 interfaces, if the CTS SXP connection is configured without specifying source IP address and no default SXP source IP address is configured on the box, different SXP connections may pickup different source IP address for each connection.
Workaround: Do one of the following:
–
–
–
(CSCsv28348)
•
This problem occurs when an 802.1X client is authorized on a multi-auth port. After the access VLAN is deleted, then restored, the client is reauthorized but the spanning tree state of the access VLAN remains Disabled.
Workaround: Shut down then reopen the interface.
(CSCso50921)
•
Workaround: For VTP database propagation, configure ISL/dot1q trunk port. (CSCsu43445)
•
Workarounds: Do one of the following:
–
–
(CSCsv05205)
•
Workaround: When a log message appears indicating that the SFP+ has been removed, do one of the following:
–
–
–
(CSCsv90044)
•
Workaround: Do one of the following:
–
–
–
(CSCsu39009)
•
Workaround: Reconfigure tracking on the newly created interface. (CSCsr66876)
•
*Oct 27 10:32:01.159: %TCP-6-BADAUTH: No MD5 digest from 2.2.2.3(50374) to 2.2.2.1(64999)This issue is seen when the default SXP password is encrypted with type-6 encryption.
Workaround: Do one of the following:
–
–
(CSCsv33136)
•
Workaround: None. (CSCsv42869)
•
Workaround: To reconfigure VLAN Load Balancing with a different configuration, do the following:
a.
b.
c.
d.
(CSCsv69853)
•
%SM-4-BADEVENT: Event 'eouAAAAuthor' is invalid for the current state 'eou_abort': eou_auth 4.1.0.101 Traceback= 101D9A88 10B76BB0 10B76FE0 10B7A114 10B7A340 1066A678 106617F8%SM-4-BADEVENT: Event 'eouAAAAuthor' is invalid for the current state 'eou_abort': eou_auth 4.1.0.102 Traceback= 101D9A88 10B76BB0 10B76FE0 10B7A114 10B7A340 1066A678 106617F8This applies to classic or E-series Catalyst 4500 supervisor engines running
Cisco IOS Release 12.2(50)SGWorkaround: None. (CSCsw14005)
•
If the switch were to run a supervisor switchover while in this state, the host's MAC address would not be present in the new active supervisor engine's MAC address table, causing possible connectivity interruption on the host.
Workaround: Enter the shutdown command, followed by the no shutdown command on the interface. This triggers relearning and synchronizing of the host's MAC to the standby supervisor engine. CSCsw91661
•
Workaround: None. CSCsy72343
•
Workaround: None.
CSCsy38640
•
Workaround: None.
CSCsu35604
•
Workaround: Change the VTP version from 3 to version 2 or 1 and then revert to version 3.
CSCsy66803
•
Switch# call-home send alert-group diagnostic module 2Sending diagnostic info call-home message ...Please wait. This may take some time ...Switch#*Jan 3 01:54:24.471: %CALL_HOME-3-ONDEMAND_MESSAGE_FAILED: call-home on-demand message failed to send (ERR 18, The alert group is not subscribed)Workaround: Specify a profile name when you enter the diagnostic command.
You might want to avoid requesting on demand send for invalid modules. First, enter the
show module command to check for valid or present modules.CSCsz05888
•
No TCAM entries are available for the new access-list.
Workaround: Manually remove and reapply the ACL after freeing hardware TCAM resources by removing or shortening other classification policies on the switch.
CSCsy85006
•
show policy-map interface command are wrong.Workaround: None.
The queue transmit counters as well as the policing statistics (if any) are correct.
CSCsz20149
•
Workaround: None.
CSCsz38442
•
Workaround: None.
CSCsz06719
•
Workaround: Enter shut, then no shut on the port.
CSCsz63355
•
Workaround: Manually re-enter all entries with new time settings.
CSCsy27389
•
Workaround: Disable explicit host tracking in the affected VLANs.
CSCsz28612
•
This only happens when the switch is running network mobility service protocol (nmsp). It does not happen if the phone is CDP enabled.
Workaround: Use VLAN ID or name to differentiate the IP phone and the PC sitting behind the phone on the WCS. Specifically, the IP phone is detected on the voice VLAN, and the displayed information of serial number, model number, and software version is correct. However, a PC sitting behind the phone is detected on a data VLAN, and the displayed device information is wrong and should be ignored.
CSCsz34522
•
Entering shut/no shut on the port after deleting a secondary VLAN. (CSCsz73895)
Workarounds:
–
–
Entering shut/no shut on the port after configuring port-security vp err disable and a violation occurs. (CSCsz80415)
Workarounds:
–
–
–
Resolved Caveats in Cisco IOS Release 12.2(52)SG
This section lists the resolved caveats in Release 12.2(52)SG:
•
macro global apply system-cpp command and use predefined ACLs to match traffic) increment both their packet and byte count. So, both counters are non-zero.In contrast, data plane classes (the classes that are configured manually by user written ACLs), the byte counter increments as expected, but the packet count remains 0.
Workaround: None.
CSCsw16557
•
This impacts Cisco IOS Releases 12.2(31)SGA08, 12.2(37)SG, 12.2(40)SG, 12.2(44)SG, 12.2(46)SG, 12.2(50)SG, and 12.2(50)SG1.
Workarounds:
For a Classic Series Supervisor Engine, disable and configure QoS on the port.
For example, to configure Gig 2/1 as an isolated private VLAN trunk port, do the following:
Switch# conf tEnter configuration commands, one per line. End with CNTL/Z.Switch(config)# interface gigabitEthernet 2/1Switch(config-if)# no qosSwitch(config-if)# qosSwitch(config-if)# endSwitch#You can configure the following EEM script to automate this workaround. QoS will be disabled and re-enabled whenever a port flaps.
logging event link-status globalevent manager applet linkup-reqosevent syslog pattern "changed state to up"action 1 cli command "enable"action 2 cli command "conf t"action 3 cli command "interface gigabitEthernet 2/1"action 4 cli command "no qos"action 5 cli command "qos"CSCsw19087
•
Workaround: None, other than stopping the query.
CSCsw89720
•
Workaround: Disable the authentication control-direction in command.
If you require authentication control-direction in, configure the port for multi-authentication or Multi-Domain Authentication (MDA).
CSCsx98360
•
802.1X VVID and port security are configured on a port, CDP MAC from the non 802.1X capable Cisco IP phone might not be added to the port security table on the standby supervisor engine.Workaround: None.
This problem is fixed in Cisco IOS Releases 12.2(50)SG2 and 12.2(52)SG.
CSCsw29489
•
Workaround: Turn off LLDP (on the switch) and the phone (from Call Manager).
This problem is fixed in 12.2(50)SG2 and 12.2(52)SG.
CSCsy21167
•
Switch# show platform crashdumpVECTOR 0*** CRASH DUMP ***02/09/2009 10:10:30Last crash: 02/09/2009 10:10:30Build: 12.2(20090206:234053) IPBASEbuildversion addr: 13115584MCSR: 40000000 <--- non-zero value!.
The key pieces of data are "VECTOR 0" and a MCSR value of 40000000, 20000000, or 10000000.
Workaround: Enter the show platform cpu cache command to launch an IOS algorithm that detects and recovers from parity errors in the CPU's cache. You will obtain a running count of the number of CPU cache parity errors that have been successfully detected and corrected on a running system:
Switch# show platform cpu cacheL1 Instruction Cache: ENABLEDL1 Data Cache: ENABLEDL2 Cache: ENABLEDMachine Check Interrupts: 5L1 Instruction Cache Parity Errors: 3L1 Instruction Cache Parity Errors (CPU30): 1L1 Data Cache Parity Errors: 1CSCsx15372
•
This problem occurs only when a port is configured with PVLAN and 802.1X multi-auth.
Workaround: Shut down then reopen the interface. (CSCsr58573)
•
Workaround: None. (CSCsr95941)
•
Workaround: None. (CSCsu42775)
•
Workaround: Remove the above debug command. (CSCsu67323)
•
'This problem is seen on all Catalyst 4500 or 4900 chassis running Cisco IOS Release 12.2.(50)SG. The problem occurs when the following conditions are present:
–
–
–
Workarounds: Do not configure the callback or callback-dialstring attribute for the user. If you use the callback-dialstring attribute in the TACACS+ profile, ensure that the NULL value is not configured. (CSCei62358)
•
Workaround: None. (CSCsw32519)
•
Port-channel functionality is not supported on the management interface.
This is a configuration error.
Workaround: None. (CSCsv91302)
•
Workaround: None. CSCsy29140
•
001298: .Oct 8 01:38:50.968: %C4K_SWITCHINGENGINEMAN-4-TCAMINTERRUPT: flCam0aPErr interrupt. errAddr: 0x2947 dPErr: 1 mPErr: 0 valid: 1001299: .Oct 8 01:51:20.100: %C4K_SWITCHINGENGINEMAN-4-TCAMINTERRUPT: flCam0aPErr interrupt. errAddr: 0x2B59 dPErr: 1 mPErr: 0 valid: 1Workaround: None
CSCsv17545
•
Workaround: Reapply the identity policy on the interface with the permit icmp command. (CSCsu03507
•
Workaround: Remove the WCCP redirection.
If the WAAS device drops this unexpected GRE traffic, the WCCP service group with promiscuous mode cannot be used on the interface. Conversely, if the WAAS device returns the traffic to the switch, the switch routes it normally to the original destination.
CSCsx56922
•
CSCsq24002
•
Workaround: None.
Do not configure 802.1X with other per vp errdisable features.
CSCsx74871
•
Switch# sh runn int fa 3/1channel-group 2 mode on -- Port in etherchannelSwitch# conf tSwitch(config)# int fa 3/1Switch(config-if)# auto qos voip trustAutoQoS Error: AutoQoS can not be configured on member port(s) of a port-channelThis problem is first seen in Cisco IOS Release 12.2(40)SG.
Workaround: Manually apply the configuration that would be generated by Auto QoS.
CSCsv03316
Open Caveats in Cisco IOS Release 12.2(50)SG4
This section lists the open caveats in Cisco IOS Release 12.2(50)SG4:
•
show policy-map interface fa6/1 do not show the packets being matched:Switch# sh policy-map intFastEthernet3/2Service-policy output: p1Class-map: c1 (match-all)0 packets <--------It stays at '0' despite of traffic being receivedMatch: access-group name fnacl21police: Per-interfaceConform: 9426560 bytes Exceed: 16573440 bytesWorkaround: Verify that the MAC addresses being transmitted through the system are learned.
(CSCef01798)
•
–
–
On a switch that support redundancy, the generation of the self-signed certificate is performed independently on the active and the standby supervisor engines. So, the certificates differ. After switchover, the HTTP client that holds the old certificate can not connect to the HTTPS server.
Workaround: Re-connect. (CSCsb11964)
•
This only impacts a switch that has any of the following queues are configured as SPAN source in releases prior to 12.2(31)SG and saved to startup-config. The SPAN destination would not get the same traffic after upgrading to 12.2(31)SG and later releases.
Workaround: After upgrading to 12.2(31)SG and later releases, remove the old SPAN source configuration and reconfigure with the new queue names/IDs. For example:
Switch(config)# no monitor session n source cpu queue all rxSwitch(config)# monitor session n source cpu queue <new_Queue_Name>(CSCsc94802)
•
Workaround: None. (CSCsc11726)
•
This could occur for these reasons:
–
–
Workarounds:
–
–
•
qos account layer2 encapsulation.Workaround: None. (CSCsg58526)
•
This does not impact performance.
Workaround: Issue the no shutdown command. (CSCsg27395)
•
Workaround: Remove the transceiver from the new port and place it in the old port. Once the SFP is recognized in the old port, remove it slowly and insert it in the new port. (CSCse34693).
•
Workaround: None. (CSCsm30320)
•
Workaround: None. (CSCsq72572)
•
Workaround: None. (CSCso93282)
•
Workarounds: Do one of the following:
–
–
–
(CSCsq63051)
•
%PM-4-PORT_INCONSISTENT: STANDBY:Port is inconsistent:Workaround: When the port channel starts to flap, enter shut and no shut on the port channel. After the first switchover and after deleting the portchannel, create a new channel. (CSCsr00333)
•
Mar 6 03:28:29.140 EST: %COMMON_FIB-3-FIBHWIDBINCONS: An internalsoftware error occurred. Null0 linked to wrong hwidb Null0Workaround: None. (CSCso68331)
•
Workaround: Before removing a linecard, delete the statically configured ip source binding entries on any of the interfaces on the line-card. (CSCsv54529)
•
Workaround: Clear the errors with the clear ethernet cfm errors command in EXEC mode. (CSCsv43819)
•
This problem impacts X2, OneX converters, and SFp+ on the Supervisor Engine 6-E, and linecards.
Workaround: Remove and reinsert the One X Convertor with SFP+ , SFP+ alone, or X2 after some perceivable delay. (CSCsu43461)
•
Workaround: Reapply the identity policy on the interface with the permit icmp command. (CSCsu03507
•
This problem occurs when an 802.1X client is authorized on a multi-auth port. After the access VLAN is deleted, then restored, the client is reauthorized but the spanning tree state of the access VLAN remains Disabled.
Workaround: Shut down then reopen the interface.
(CSCso50921)
•
This problem occurs only when a port is configured with PVLAN and 802.1X multi-auth.
Workaround: Shut down then reopen the interface. (CSCsr58573)
•
Workaround: None. (CSCsu42775)
•
Workaround: For VTP database propagation, configure ISL/dot1q trunk port. (CSCsu43445)
•
Workarounds: Do one of the following:
–
–
(CSCsv05205)
•
Workaround: When a log message appears indicating that the SFP+ has been removed , do one of the following:
–
–
–
(CSCsv90044)
•
Workaround: None. (CSCsr95941)
•
Workaround: None. (CSCsr95941)
•
Workaround: Do one of the following:
–
–
–
(CSCsu39009)
•
Workaround: Reconfigure tracking on the newly created interface. (CSCsr66876)
•
Workaround: Remove the above debug command. (CSCsu67323)
•
Workaround: None. (CSCsv42869)
•
'This problem is seen on all Catalyst 4500 or 4900 chassis running CiscoIOS Release 12.2.(50)SG. The problem occurs when the following conditions are present:
–
–
–
Workarounds: Do not configure the callback or callback-dialstring attribute for the user. If you use the callback-dialstring attribute in the TACACS+ profile, ensure that the NULL value is not configured. (CSCei62358)
•
Workaround: None. (CSCsw32519)
•
Workaround: To reconfigure VLAN Load Balancing with a different configuration, do the following:
a.
b.
c.
d.
(CSCsv69853)
•
%SM-4-BADEVENT: Event 'eouAAAAuthor' is invalid for the current state 'eou_abort': eou_auth 4.1.0.101 Traceback= 101D9A88 10B76BB0 10B76FE0 10B7A114 10B7A340 1066A678 106617F8%SM-4-BADEVENT: Event 'eouAAAAuthor' is invalid for the current state 'eou_abort': eou_auth 4.1.0.102 Traceback= 101D9A88 10B76BB0 10B76FE0 10B7A114 10B7A340 1066A678 106617F8This applies to classic or E-series Catalyst 4500 supervisor engines running
Cisco IOS Release 12.2(50)SGWorkaround: None. (CSCsw14005)
•
Port-channel functionality is not supported on the management interface.
This is a configuration error.
Workaround: None. (CSCsv91302)
•
If the switch were to run a supervisor switchover while in this state, t
Guest
