Table Of Contents
Release Notes for Catalyst 5000 Family Software Release 5.x
Document Contents
Release 5.x Memory Requirements
Release 5.x Software Upgrade Path
Release 5.x Supervisor Engine Support Matrix
Supervisor Engine Redundancy
Product and Software Version Support Matrix
Release 5.x Orderable Software Images
New Features for Supervisor Engine Software Release 5.5
New Features for Supervisor Engine Software Release 5.4
New Features for Supervisor Engine Software Release 5.2
New Features for Supervisor Engine Software Release 5.1(2a)
New Features for Supervisor Engine Software Release 5.1
Open and Resolved Caveats in Software Release 5.5(21)
Open Caveats in Software Release 5.5(21)
Resolved Caveats in Software Release 5.5(21)
Open and Resolved Caveats in Software Release 5.5(20)
Open Caveats in Software Release 5.5(20)
Resolved Caveats in Software Release 5.5(20)
Open and Resolved Caveats in Software Release 5.5(19)
Open Caveats in Software Release 5.5(19)
Resolved Caveats in Software Release 5.5(19)
Open and Resolved Caveats in Software Release 5.5(18)
Open Caveats in Software Release 5.5(18)
Resolved Caveats in Software Release 5.5(18)
Open and Resolved Caveats in Software Release 5.5(17)
Open Caveats in Software Release 5.5(17)
Resolved Caveats in Software Release 5.5(17)
Open and Resolved Caveats in Software Release 5.5(16)
Open Caveats in Software Release 5.5(16)
Resolved Caveats in Software Release 5.5(16)
Open and Resolved Caveats in Software Release 5.5(15)
Open Caveats in Software Release 5.5(15)
Resolved Caveats in Software Release 5.5(15)
Open and Resolved Caveats in Software Release 5.5(14)
Open Caveats in Software Release 5.5(14)
Resolved Caveats in Software Release 5.5(14)
Open and Resolved Caveats in Software Release 5.5(13a)
Open Caveats in Software Release 5.5(13a)
Resolved Caveats in Software Release 5.5(13a)
Open and Resolved Caveats in Software Release 5.5(13)
Open Caveats in Software Release 5.5(13)
Resolved Caveats in Software Release 5.5(13)
Open and Resolved Caveats in Software Release 5.5(12a)
Open Caveats in Software Release 5.5(12a)
Resolved Caveats in Software Release 5.5(12a)
Open and Resolved Caveats in Software Release 5.5(12)
Open Caveats in Software Release 5.5(12)
Resolved Caveats in Software Release 5.5(12)
Open and Resolved Caveats in Software Release 5.5(11a)
Open Caveats in Software Release 5.5(11a)
Resolved Caveats in Software Release 5.5(11a)
Open and Resolved Caveats in Software Release 5.5(11)
Open Caveats in Software Release 5.5(11)
Resolved Caveats in Software Release 5.5(11)
Open and Resolved Caveats in Software Release 5.5(10a)
Open Caveats in Software Release 5.5(10a)
Resolved Caveats in Software Release 5.5(10a)
Open and Resolved Caveats in Software Release 5.5(10)
Open Caveats in Software Release 5.5(10)
Resolved Caveats in Software Release 5.5(10)
Open and Resolved Caveats in Software Release 5.5(9)
Open Caveats in Software Release 5.5(9)
Resolved Caveats in Software Release 5.5(9)
Open and Resolved Caveats in Software Release 5.5(8a)
Open Caveats in Software Release 5.5(8a)
Resolved Caveats in Software Release 5.5(8a)
Open and Resolved Caveats in Software Release 5.5(8)
Open Caveats in Software Release 5.5(8)
Resolved Caveats in Software Release 5.5(8)
Open and Resolved Caveats in Software Release 5.5(7a)
Open Caveats in Software Release 5.5(7a)
Resolved Caveats in Software Release 5.5(7a)
Open and Resolved Caveats in Software Release 5.5(7)
Open Caveats in Software Release 5.5(7)
Resolved Caveats in Software Release 5.5(7)
Open and Resolved Caveats in Software Release 5.5(6)
Open Caveats in Software Release 5.5(6)
Resolved Caveats in Software Release 5.5(6)
Open and Resolved Caveats in Software Release 5.5(5)
Open Caveats in Software Release 5.5(5)
Resolved Caveats in Software Release 5.5(5)
Open and Resolved Caveats in Software Release 5.5(4b)
Open Caveats in Software Release 5.5(4b)
Resolved Caveats in Software Release 5.5(4b)
Open and Resolved Caveats in Software Release 5.5(4a)
Open Caveats in Software Release 5.5(4a)
Resolved Caveats in Software Release 5.5(4a)
Open and Resolved Caveats in Software Release 5.5(4)
Open Caveats in Software Release 5.5(4)
Resolved Caveats in Software Release 5.5(4)
Open and Resolved Caveats in Software Release 5.5(3)
Open Caveats in Software Release 5.5(3)
Resolved Caveats in Software Release 5.5(3)
Open and Resolved Caveats in Software Release 5.5(2)
Open Caveats in Software Release 5.5(2)
Resolved Caveats in Software Release 5.5(2)
Open and Resolved Caveats in Software Release 5.5(1)
Open Caveats in Software Release 5.5(1)
Resolved Caveats in Software Release 5.5(1)
Open and Resolved Caveats in Software Release 5.4(4a)
Open Caveats in Software Release 5.4(4a)
Resolved Caveats in Software Release 5.4(4a)
Open and Resolved Caveats in Software Release 5.4(4)
Open Caveats in Software Release 5.4(4)
Resolved Caveats in Software Release 5.4(4)
Open and Resolved Caveats in Software Release 5.4(3)
Open Caveats in Software Release 5.4(3)
Resolved Caveats in Software Release 5.4(3)
Open and Resolved Caveats in Software Release 5.4(2a)
Open Caveats in Software Release 5.4(2a)
Resolved Caveats in Software Release 5.4(2a)
Open and Resolved Caveats in Software Release 5.4(2)
Open Caveats in Software Release 5.4(2)
Resolved Caveats in Software Release 5.4(2)
Open and Resolved Caveats in Software Release 5.4(1)
Open Caveats in Software Release 5.4(1)
Resolved Caveats in Software Release 5.4(1)
Open and Resolved Caveats in Software Release 5.2(7a)
Open Caveats in Software Release 5.2(7a)
Resolved Caveats in Software Release 5.2(7a)
Open and Resolved Caveats in Software Release 5.2(4)
Open Caveats in Software Release 5.2(4)
Resolved Caveats in Software Release 5.2(4)
Open and Resolved Caveats in Software Release 5.2(3)
Open Caveats in Software Release 5.2(3)
Resolved Caveats in Software Release 5.2(3)
Open and Resolved Caveats in Software Release 5.2(2)
Open Caveats in Software Release 5.2(2)
Resolved Caveats in Software Release 5.2(2)
Open and Resolved Caveats in Software Release 5.2(1)
Open Caveats in Software Release 5.2(1)
Resolved Caveats in Software Release 5.2(1)
Open and Resolved Caveats in Software Release 5.1(2b)
Open Caveats in Software Release 5.1(2b)
Resolved Caveats in Software Release 5.1(2b)
Open and Resolved Caveats in Software Release 5.1(2a)
Open Caveats in Software Release 5.1(2a)
Resolved Caveats in Software Release 5.1(2a)
Open Caveats in Software Release 5.1(1)
Usage Guidelines, Restrictions, and Troubleshooting
System and Supervisor Engine
Modules and Switch Ports
Transceivers
Spanning Tree
VTP, VLANs, and VLAN Trunks
EtherChannel
SPAN
Multicast
Network Analysis Module and TrafficDirector
CiscoView Images
Documentation Updates for Software Release 5.2
Documentation Updates for Software Release 5.1
Additional Documentation
Obtaining Documentation
Cisco.com
Documentation DVD
Ordering Documentation
Documentation Feedback
Cisco Product Security Overview
Reporting Security Problems in Cisco Products
Obtaining Technical Assistance
Cisco Technical Support Website
Submitting a Service Request
Definitions of Service Request Severity
Obtaining Additional Publications and Information
Release Notes for Catalyst 5000 Family Software Release 5.x
Final 5.x Release:
5.5(21)- May 24, 2005
Previous Releases: 5.5(20), 5.5(19), 5.5(18), 5.5(17), 5.5(16), 5.5(15), 5.5(14), 5.5(13a), 5.5(13), 5.5(12a), 5.5(12), 5.5(11a), 5.5(11), 5.5(10a), 5.5(10), 5.5(9), 5.5(8a)CV, 5.5(8), 5.5(7a) - GD release, 5.5(7), 5.5(6), 5.5(5), 5.5(4b), 5.5(4a), 5.5(4), 5.5(3), 5.5(2), 5.5(1), 5.4(3), 5.4(4a), 5.4(4), 5,4(2a), 5.4(2), 5.4(1) - Deferred, 5.2(7a), 5.2(4), 5.2(3), 5.2(2), 5.2(1), 5.1(2b), 5.1(2a), 5.1(1) - Deferred
These release notes describe the features, modifications, and caveats for Catalyst 5000 family supervisor engine software release 5.x and all 5.x maintenance releases. The most current 5.x release is supervisor engine software release 5.5(21). These release notes apply to Catalyst 5000 family switches and to Catalyst 2926G series switches running Catalyst 5000 family supervisor engine software.
Caution 
We strongly recommend that you read these release notes before using your switch or upgrading your switch software.
Note Although the software image in a new Catalyst 5000 family switch operates correctly, later software images containing the latest upgrades and modifications are released regularly to provide you the optimal software available. We strongly recommend that you check for the latest released software images at the World Wide Web location listed in the "Release 5.x Software Upgrade Path" section.
Note Release notes for prior Catalyst 5000 family software releases were accurate at the time of release. However, for information on the latest caveats and updates to previously released Catalyst 5000 family software releases, refer to the release notes for the latest maintenance release in your software release train. You can access all Catalyst 5000 family release notes at the World Wide Web locations listed in the "Obtaining Documentation" section.
Document Contents
These release notes describe the following topics:
•Release 5.x Memory Requirements
•Release 5.x Software Upgrade Path
•Release 5.x Supervisor Engine Support Matrix
•Supervisor Engine Redundancy
•Product and Software Version Support Matrix
•Release 5.x Orderable Software Images
•New Features for Supervisor Engine Software Release 5.5
•New Features for Supervisor Engine Software Release 5.4
•New Features for Supervisor Engine Software Release 5.2
•New Features for Supervisor Engine Software Release 5.1(2a)
•New Features for Supervisor Engine Software Release 5.1
•Open and Resolved Caveats in Software Release 5.5(21)
•Open and Resolved Caveats in Software Release 5.5(20)
•Open and Resolved Caveats in Software Release 5.5(19)
•Open and Resolved Caveats in Software Release 5.5(18)
•Open and Resolved Caveats in Software Release 5.5(17)
•Open and Resolved Caveats in Software Release 5.5(16)
•Open and Resolved Caveats in Software Release 5.5(15)
•Open and Resolved Caveats in Software Release 5.5(14)
•Open and Resolved Caveats in Software Release 5.5(13a)
•Open and Resolved Caveats in Software Release 5.5(13)
•Open and Resolved Caveats in Software Release 5.5(12a)
•Open and Resolved Caveats in Software Release 5.5(12)
•Open and Resolved Caveats in Software Release 5.5(11a)
•Open and Resolved Caveats in Software Release 5.5(11)
•Open and Resolved Caveats in Software Release 5.5(10a)
•Open and Resolved Caveats in Software Release 5.5(10)
•Open and Resolved Caveats in Software Release 5.5(9)
•Open and Resolved Caveats in Software Release 5.5(8a)
•Open and Resolved Caveats in Software Release 5.5(8)
•Open and Resolved Caveats in Software Release 5.5(7a)
•Open and Resolved Caveats in Software Release 5.5(7)
•Open and Resolved Caveats in Software Release 5.5(6)
•Open and Resolved Caveats in Software Release 5.5(5)
•Open and Resolved Caveats in Software Release 5.5(4b)
•Open and Resolved Caveats in Software Release 5.5(4a)
•Open and Resolved Caveats in Software Release 5.5(4)
•Open and Resolved Caveats in Software Release 5.5(3)
•Open and Resolved Caveats in Software Release 5.5(2)
•Open and Resolved Caveats in Software Release 5.5(1)
•Open and Resolved Caveats in Software Release 5.4(4a)
•Open and Resolved Caveats in Software Release 5.4(4)
•Open and Resolved Caveats in Software Release 5.4(3)
•Open and Resolved Caveats in Software Release 5.4(2a)
•Open and Resolved Caveats in Software Release 5.4(2)
•Open and Resolved Caveats in Software Release 5.4(1)
•Open and Resolved Caveats in Software Release 5.2(7a)
•Open and Resolved Caveats in Software Release 5.2(4)
•Open and Resolved Caveats in Software Release 5.2(3)
•Open and Resolved Caveats in Software Release 5.2(2)
•Open and Resolved Caveats in Software Release 5.2(1)
•Open and Resolved Caveats in Software Release 5.1(2b)
•Open and Resolved Caveats in Software Release 5.1(2a)
•Open Caveats in Software Release 5.1(1)
•Usage Guidelines, Restrictions, and Troubleshooting
•Documentation Updates for Software Release 5.2
•Documentation Updates for Software Release 5.1
•Additional Documentation
•Obtaining Documentation
•Documentation Feedback
•Cisco Product Security Overview
•Obtaining Technical Assistance
•Obtaining Additional Publications and Information
Release 5.x Memory Requirements
The Catalyst 5000 family supervisor engine 5.x software releases require a minimum of 32-MB DRAM installed on your supervisor engine.
All Catalyst 5000 family supervisor engines with at least 32-MB DRAM fully support software release 5.x, with the exception of Supervisor Engine I.
Release 5.x Software Upgrade Path
Caution Always back up the switch configuration file before upgrading or downgrading the switch software to avoid losing all or part of the configuration stored in nonvolatile RAM (NVRAM). Note that a software downgrade will
always cause the configuration to be lost. Use the
write network command (Supervisor Engine II, II G, or III G) or the
copy config tftp command (Supervisor Engine III or III F, and on the Catalyst 2926G) to back up your configuration to a Trivial File Transfer Protocol (TFTP) server. Use the
copy config flash command on a Supervisor Engine III or III F, and on the Catalyst 2926G, to back up the configuration to a Flash device.
Catalyst 5000 family supervisor engine software image files are available in the Software Center on Cisco.com, Cisco's WWW site (software downloads are available to registered Cisco.com users only):
http://www.cisco.com/pcgi-bin/tablebuild.pl/cat5000-sup
Note Supervisor Engine I, the WS-C2900, and the WS-C2926F/T are not supported in software release 5.x.
Caution On Supervisor Engine II, you must have NMP boot ROM version 5.1(2) or later, MCP boot ROM version 4.1(3) or later, and at least 32-MB DRAM to upgrade to any 5.
x release. A boot ROM and SIMM upgrade kit is available for Supervisor Engine II (MEM-C5K-SUP2-UPGD).
Caution Upgrading from software release versions 4.5(1), 4.5(2), 4.5(3), 5.1(x), or 5.2(1) causes Token Ring module configurations to be lost. The workaround is to upload the configuration to a TFTP server before upgrading and reload the configuration after the upgrade is complete. Note that this problem only affects the configuration for the actual Token Ring module itself and not general configurations such as Token Ring VLAN.
Table 1 shows the supervisor engine software upgrade path to software release 5.x from previous supervisor engine software releases.
Table 1 Catalyst 5000 Family 5.x Software Upgrade Path
Desired Upgrade
|
Upgrade Path
|
2.4(3) or earlier to 5.x
|
Supervisor Engine II
Follow these steps to upgrade to 5.x:
1. Upgrade to software release 2.4(5)
2. Upgrade to release 3.2(4)
3. Upgrade to release 5.x.
|
2.4(4) through 3.2(2) to 5.x
|
Supervisor Engine II
Follow these steps to upgrade to 5.x:
1. Upgrade to release 3.2(4)
2. Upgrade to release 5.x.
Supervisor Engine III
No restriction. Upgrade directly to software release 5.x.
|
3.2(3) or later to 5.x
|
All Supervisor Engines
No restriction. Upgrade directly to software release 5.x.
|
Note In some cases, when upgrading to software release 5.x from release 4.4(1) or earlier, a "Corrupted nvlog area" error is generated. This error is harmless and can be safely ignored.
Release 5.x Supervisor Engine Support Matrix
Catalyst 5000 family switches support these supervisor engine modules in software release 5.x:
•Supervisor Engine II
•Supervisor Engine II G
•Supervisor Engine III
•Supervisor Engine III F
•Supervisor Engine III G
Some supervisor engine types are not supported in certain switch chassis. Table 2 shows which supervisor engine types are supported in which Catalyst 5000 family switch chassis.
In addition, the supervisor engines are compatible with specific software releases. For more information, see the "Product and Software Version Support Matrix" section.
Table 2 Supervisor Engine Chassis Support Matrix
Switch Chassis
|
|
Supervisor Engine II G
|
Supervisor Engine III
|
Supervisor Engine III F
|
Supervisor Engine III G
|
Catalyst 2926G
|
N/A
|
N/A
|
Fixed
|
N/A
|
N/A
|
Catalyst 5002 (155W power supplies)
|
Yes
|
Yes
|
No
|
No
|
Yes
|
Catalyst 5002 (175W power supplies with PFC2 )
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Catalyst 5000
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Catalyst 5505
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Catalyst 5509
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Catalyst 5500
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Supervisor Engine Redundancy
You can install redundant supervisor engines in your switch if the following conditions are met:
•The switch must be a Catalyst 5500 series switch.
•The supervisor engines must be Supervisor Engine II, II G, III, III F or III G in the following configurations:
–Two Supervisor Engine IIs
–Two Supervisor Engine IIIs with EARL 1
–Two Supervisor Engine IIIs with the NFFC
–Two Supervisor Engine IIIs with the NFFC II
–Two Supervisor Engine III Fs with EARL 1
–Two Supervisor Engine III Fs with NFFC
–Two Supervisor Engine III Fs with NFFC II
–Two Supervisor Engine II Gs without the RSFC
–Two Supervisor Engine II Gs with RSFC
–Two Supervisor Engine III Gs without the RSFC
–Two Supervisor Engine III Gs with RSFC
–One Supervisor Engine II G with the RSFC and one Supervisor Engine II G without the RSFC
–One Supervisor Engine III G with the RSFC and one Supervisor Engine III G without the RSFC
The following redundant configurations are supported, but with the caveat that MLS is not supported for traffic on the redundant supervisor engine ports when the supervisor engine in standby mode has the NFFC or NFFCII. MLS is supported for traffic on the redundant supervisor engine ports when the supervisor engine in standby mode has the NFFC-A or NFFCII-A.
•Supervisor Engine III with NFFC and Supervisor Engine III with NFFC-A
•Supervisor Engine III with NFFC II and Supervisor Engine III with NFFC II-A
•Supervisor Engine III F with NFFC and Supervisor Engine III F with NFFC-A
•Supervisor Engine III F with NFFC II and Supervisor Engine III F with NFFC II-A
For more information on configuring supervisor engines for redundant operation, refer to the Software Configuration Guide for your switch.
Product and Software Version Support Matrix
Table 3 lists the minimum supervisor engine version and the recommended supervisor engine version for Catalyst 5000 family modules and chassis.
Note There might be additional minimum software version requirements for intelligent modules (modules that run an additional, separate software image). Refer to the software release notes for the module type for more information.
Note Software Release 5.5(7a) is the General Deployment (GD) release for the Catalyst 5000 family switches.
Table 3 Product/Supervisor Engine Software Version Matrix
Product Number
append with
"=" for spares
|
Product Description
|
Minimum Supervisor
Software Version
|
Recommended Supervisor
Software Version
|
Supervisor Engine II
|
WS-X5505
|
Supervisor Engine II
2-port 100BASE-FX SMF uplinks
|
2.2(1)
|
5.5(13a)
|
WS-X5506
|
Supervisor Engine II
2-port 100BASE-FX MMF uplinks
|
WS-X5509
|
Supervisor Engine II
2-port 100BASE-TX RJ-45/MII uplinks
|
Supervisor Engine II G
|
WS-X5540
|
Supervisor Engine II G base module
|
5.1(1a)
|
6.3(3)
|
Supervisor Engine III
|
WS-X5530-E1
|
Supervisor Engine III base module
|
3.1(1)
|
6.3(3)
|
WS-X5530-E2
|
Supervisor Engine III base module
with NFFC
|
4.1(1)
|
6.3(3)
|
WS-X5530-E2A
|
Supervisor Engine III base module
with enhanced NFFC
|
4.5(4)
|
6.3(3)
|
WS-X5530-E3
|
Supervisor Engine III base module
with NFFC II
|
4.3(1a)
|
6.3(3)
|
WS-X5530-E3A
|
Supervisor Engine III base module
with enhanced NFFC II
|
4.5(4)
|
6.3(3)
|
Supervisor Engine III F
|
WS-X5534-E1-GESX
|
Supervisor Engine III FSX
2-port 1000BASE-SX uplinks
|
4.3(1a)
|
5.5(13a)
|
WS-X5536-E1-GELX
|
Supervisor Engine III FLX
2-port 1000BASE-LX/LH uplinks
|
|
Supervisor Engine III G
|
WS-X5550
|
Supervisor Engine III G
2-port 1000BASE-X uplinks
|
5.1(1a)
|
6.3(3)
|
Supervisor Engine Uplink Modules
|
WS-U5531-FETX
|
2-port 10/100BASE-TX
Fast Ethernet uplink module
|
3.1(1)
|
6.3(3)
|
WS-U5533-FEFX-MMF
|
2-port 100BASE-FX
MMF Fast Ethernet uplink module
|
WS-U5535-FEFX-SMF
|
2-port 100BASE-FX
SMF Fast Ethernet uplink module
|
WS-U5537-FETX
|
4-port 10/100BASE-TX
Fast EtherChannel uplink module
|
4.3(1a)
|
6.3(3)
|
WS-U5534-GESX
|
2-port 1000BASE-SX
Gigabit Ethernet uplink module
|
4.1(1)
|
6.3(3)
|
WS-U5536-GELX
|
2-port 1000BASE-LX/LH
Gigabit Ethernet uplink module
|
WS-U5538-FEFX-MMF
|
4-port 100BASE-FX
MMF MT-RJ Fast EtherChannel uplink module
|
4.5(1)
|
6.3(3)
|
Supervisor Engine III Feature Cards
|
WS-F5521=
|
NetFlow Feature Card (NFFC)
|
4.1(1)
|
6.3(3)
|
WS-F5521A=1
|
NetFlow Feature Card (NFFC-A)
|
4.5(4)
|
6.3(3)
|
WS-F5531=2
|
NFFC II
|
4.5(4)
|
6.3(3)
|
WS-F5531A=
|
NFFC II-A
|
4.5(4)
|
6.3(3)
|
WS-F5541=
|
Route Switch Feature Card (RSFC)
|
5.1(1a)
|
6.3(3)
|
Ethernet, Fast Ethernet, and Gigabit Ethernet
|
WS-X5010
|
24-port 10BASE-T Ethernet Telco
|
1.1
|
6.3(3)
|
WS-X5011
|
12-port 10BASE-FL Ethernet MMF ST
|
1.2
|
WS-X5012
|
48-port 10BASE-T Ethernet
|
2.4(1)
|
6.3(3)
|
WS-X5012A
|
48-port 10BASE-T Ethernet Telco
|
4.2(1)
|
6.3(3)
|
WS-X5013
|
24-port 10BASE-T Ethernet RJ-45
|
2.2(1)
|
6.3(3)
|
WS-X5014
|
48-port, 2-slot 10BASE-T Ethernet
|
4.2(1)
|
6.3(3)
|
WS-X5015-MT
|
24-port 10BASE-FL Ethernet MT-RJ
|
5.1(1)
|
6.3(3)
|
WS-X5020
|
48-port, 4-segment 10BASE-T Ethernet Telco
|
2.1(1)
|
6.3(3)
|
WS-X5111
|
12-port 100BASE-FX Fast Ethernet MMF SC
|
1.4
|
WS-X5113
|
12-port 100BASE-TX Fast Ethernet RJ-45
|
1.2
|
WS-X5114
|
12-port (6-port SMF, 6-port MMF)
100BASE-FX Fast Ethernet SC
|
2.1(5)
|
WS-X5201
|
12-port 100BASE-FX Fast EtherChannel SC
|
2.3(1)
|
WS-X5201R
|
12-port 100BASE-FX backbone Fast Ethernet SC
|
4.1(2)
|
6.3(3)
|
WS-X5203
|
12-port 10/100BASE-TX Fast EtherChannel RJ-45
|
2.3(1)
|
6.3(3)
|
WS-X52133
|
12-port 10/100BASE-TX Fast Ethernet RJ-45
|
1.5(4)
|
WS-X5213A
|
12-port 10/100BASE-TX Fast Ethernet RJ-45
|
2.1(7)
|
WS-X5223
|
24-port, 3-segment
100BASE-TX Fast Ethernet RJ-45
|
2.2(1)
|
WS-X5224
|
24-port 10/100BASE-TX RJ-45
|
2.4(2)
|
WS-X5225R
|
24-port 10/100BASE-TX Fast Ethernet RJ-45
|
4.1(2)
|
6.3(3)
|
WS-X5234-RJ45
|
24-port 10/100BASE-TX Fast Ethernet RJ-45
|
4.5(1)
|
6.3(3)
|
WS-X5236-FX-MT
|
24-port 100BASE-FX Fast Ethernet MMF MT-RJ
|
WS-X5239-RJ21
|
36-port 10/100BASE-TX Fast Ethernet Telco
|
5.1(2a)
|
6.3(3)
|
WS-X5403
|
3-port 1000BASE-X Gigabit Ethernet
|
4.1(1)
|
6.3(3)
|
WS-X5410
|
9-port, 2-slot 1000BASE-X
Gigabit EtherChannel module4
|
4.2(1)
|
WS-X5237-FX-MT
|
24-port 100BASE-FX Fast Ethernet SMF MT-RJ
|
5.4(2)
|
6.3(3)
|
Gigabit Interface Converters (GBICs)
|
WS-G5484=
|
1000BASE-SX GBIC
|
4.1(1)
|
6.3(3)
|
WS-G5486=
|
1000BASE-LX/LH GBIC
|
WS-G5487=
|
1000BASE-ZX GBIC
|
4.5(1)
|
Token Ring
|
WS-X5030
|
16-port Token Ring module, UTP/FTP, RJ-45
|
3.1(1)
|
6.3(3)
|
WS-X5031
|
16-port Token Ring module, Volition, VF-45
|
FDDI/CDDI
|
WS-X5101
|
1 Dual-attach Multimode FDDI MIC
|
1.3
|
6.3(3)
|
WS-X5103
|
1 Dual-attach CDDI RJ-45
|
WS-X5104
|
1 Dual-attach Single-Mode FDDI ST
|
WS-X5105
|
1 Dual-attach Multimode FDDI SC
|
ATM
|
WS-X51533
|
1-port OC-3 UTP RJ-45
|
1.4
|
6.3(3)
|
WS-X51543
|
1-port OC-3 Single-Mode SC
|
WS-X51553
|
1-port OC-3 Multimode SC
|
WS-X5156
|
1 Dual PHY OC-3 UTP RJ-45
|
2.1(5)
|
WS-X5157
|
1 Dual PHY OC-3 Single-Mode SC
|
WS-X5158
|
1 Dual PHY OC-3 Multimode SC
|
WS-X5161
|
1 Dual PHY OC-12 MMF SC, MPOA/LANE
|
3.2(1)
|
5.5(10)
|
WS-X5162
|
1 Dual PHY OC-12 SC, MPOA/LANE
|
WS-X5166
|
1 Dual PHY DS3, BNC connectors
|
3.1(1)
|
WS-X5167
|
1 Dual PHY OC-3 MMF SC, MPOA/LANE
|
3.2(1)
|
WS-X5168
|
1 Dual PHY OC-3 SMF SC, MPOA/LANE
|
Route Switch Module
|
WS-X5302
|
Route Switch Module
|
2.3(1)
|
6.3(3)
|
Fabric Integration Modules
|
WS-X5165
|
ATM fabric integration module
|
4.3(1a)
|
6.3(3)
|
WS-X5305
|
Layer 3 fabric integration module
|
4.4(1)
|
Network Analysis Module
|
WS-X5380
|
Network Analysis Module (32 MB DRAM)
|
4.3(1a)
|
6.3(3)
|
WS-X5381
|
Network Analysis Module (128 MB DRAM)
|
4.3(1a)
|
6.3(3)
|
Modular Chassis
|
WS-C5000
|
Catalyst 5000 chassis (5-slot)
|
1.1
|
6.3(3)
|
WS-C5002
|
Catalyst 5002 chassis (2-slot)
|
2.2(1)
|
6.3(3)
|
WS-C5500
|
Catalyst 5500 chassis (13-slot)
|
WS-C5505
|
Catalyst 5505 chassis (5-slot)
|
2.3(1)
|
WS-C5509
|
Catalyst 5509 chassis (9-slot)
|
4.2(1)
|
6.3(3)
|
Fixed-Configuration Chassis
|
WS-C2926GS
|
Catalyst 2926G with NFFC, two 1000BASE-SX uplinks, and twenty-four 10/100BASE-TX ports
|
4.3(1a)
|
5.5(13a)
|
WS-C2926GL
|
Catalyst 2926G with NFFC, two 1000BASE-LX/LH uplinks, and twenty-four 10/100BASE-TX ports
|
Release 5.x Orderable Software Images
Table 4 lists the software versions and applicable ordering information for Catalyst 5000 family supervisor engine software release 5.x.
Table 4 Release 5.x Orderable Software Image Matrix
Software Version
|
Filename
|
Orderable Product Number
Flash on System
|
Orderable Product Number
Spare Upgrade (Floppy Media)
|
Supervisor Engine II (32 MB minimum)
|
5.1(1)1
|
cat5000-sup.5-1-1.bin
|
SFC5K-SUP-5.1.1
|
SWC5K-SUP-5.1.1=
|
5.1(2a)
|
cat5000-sup.5-1-2a.bin
|
SFC5K-SUP-5.1.2
|
SWC5K-SUP-5.1.2=
|
5.1(2b)
|
cat5000-sup.5-1-2b.bin
|
SFC5K-SUP-5.1.2b
|
SWC5K-SUP-5.1.2b=
|
5.2(1)
|
cat5000-sup.5-2-1.bin
|
SFC5K-SUP-5.2.1
|
SWC5K-SUP-5.2.1=
|
5.2(2)
|
cat5000-sup.5-2-2.bin
|
SFC5K-SUP-5.2.2
|
SWC5K-SUP-5.2.2=
|
5.2(3)
|
cat5000-sup.5-2-3.bin
|
SFC5K-SUP-5.2.3
|
SWC5K-SUP-5.2.3=
|
5.2(4)
|
cat5000-sup.5-2-4.bin
|
SFC5K-SUP-5.2.4
|
SWC5K-SUP-5.2.4=
|
5.2(7a)
|
cat5000-sup.5-2-7a.bin
|
SFC5K-SUP-5.2.7a
|
SWC5K-SUP-5.2.7a=
|
5.4(1)
|
cat5000-sup.5-4-1.bin
|
SFC5K-SUP-5.4.1
|
SFC5K-SUP-5.4.1=
|
5.4(2)
|
cat5000-sup.5-4-2.bin
|
SC5K-SUP-5.4.2
|
SC5K-SUP-5.4.2=
|
5.4(2a)
|
cat5000-sup.5-4-2a.bin
|
SC5K-SUP-5.4.2
|
SC5K-SUP-5.4.2=
|
5.4(3)
|
cat5000-sup.5-4-3.bin
|
SC5K-SUP-5.4.3
|
SC5K-SUP-5.4.3=
|
5.4(4)
|
cat5000-sup.5-4-4.bin
|
SC5K-SUP-5.4.4
|
SC5K-SUP-5.4.4=
|
5.5(1)
|
cat5000-sup.5-5-1.bin
|
SC5K-SUP-5.5.1
|
SC5K-SUP-5.5.1=
|
5.5(2)
|
cat5000-sup.5-5-2.bin
|
SC5K-SUP-5.5.2
|
SC5K-SUP-5.5.2=
|
5.5(3)
|
cat5000-sup.5-5-3.bin
|
SC5K-SUP-5.5.3
|
SC5K-SUP-5.5.3=
|
5.5(4)
|
cat5000-sup.5-5-4.bin
|
SC5K-SUP-5.5.4
|
SC5K-SUP-5.5.4=
|
5.5(4a)
|
cat5000-sup.5-5-4a.bin
|
SC5K-SUP-5.5.4
|
SC5K-SUP-5.5.4=
|
5.5(4b)
|
cat5000-sup.5-5-4b.bin
|
SC5K-SUP-5.5.4
|
SC5K-SUP-5.5.4=
|
5.5(5)
|
cat5000-sup.5-5-5.bin
|
SC5K-SUP-5.5.5
|
SC5K-SUP-5.5.5=
|
5.5(6)
|
cat5000-sup.5-5-6.bin
|
SC5K-SUP-5.5.6
|
SC5K-SUP-5.5.6=
|
5.5(7)
|
cat5000-sup.5-5-7.bin
|
SC5K-SUP-5.5.7
|
SC5K-SUP-5.5.7=
|
5.5(8)
|
cat5000-sup.5-5-8.bin
|
SC5K-SUP-5.5.8
|
SC5K-SUP-5.5.8=
|
5.5(9)
|
cat5000-sup.5-5-9.bin
|
SC5K-SUP-5.5.9
|
SC5K-SUP-5.5.9=
|
5.5(10)
|
cat5000-sup.5-5-10.bin
|
SC5K-SUP-5.5.10
|
SC5K-SUP-5.5.10=
|
5.5(10a)
|
cat5000-sup.5-5-10a.bin
|
SC5K-SUP-5.5.10
|
SC5K-SUP-5.5.10=
|
5.5(11)
|
cat5000-sup.5-5-11.bin
|
SC5K-SUP-5.5.11
|
SC5K-SUP-5.5.11=
|
5.5(11a)
|
cat5000-sup.5-5-11a.bin
|
SC5K-SUP-5.5.11
|
SC5K-SUP-5.5.11=
|
5.5(12)
|
cat5000-sup.5-5-12.bin
|
SC5K-SUP-5.5.12
|
SC5K-SUP-5.5.12=
|
5.5(12a)
|
cat5000-sup.5-5-12a.bin
|
SC5K-SUP-5.5.12
|
SC5K-SUP-5.5.12=
|
5.5(13)
|
cat5000-sup.5-5-13.bin
|
SC5K-SUP-5.5.13
|
SC5K-SUP-5.5.13=
|
5.5(13a)
|
cat5000-sup.5-5-13a.bin
|
SC5K-SUP-5.5.13a
|
SC5K-SUP-5.5.13a=
|
5.5(14)
|
cat5000-sup.5-5-14.bin
|
SC5K-SUP-5.5.14
|
SC5K-SUP-5.5.14=
|
5.5(15)
|
cat5000-sup.5-5-15.bin
|
SC5K-SUP-5.5.15
|
SC5K-SUP-5.5.15=
|
5.5(16)
|
cat5000-sup.5-5-16.bin
|
SC5K-SUP-5.5.16
|
SC5K-SUP-5.5.16=
|
5.5(17)
|
cat5000-sup.5-5-17.bin
|
SC5K-SUP-5.5.17
|
SC5K-SUP-5.5.17=
|
5.5(18)
|
cat5000-sup.5-5-18.bin
|
SC5K-SUP-5.5.18
|
SC5K-SUP-5.5.18=
|
5.5(19)
|
cat5000-sup.5-5-19.bin
|
SC5K-SUP-5.5.19
|
SC5K-SUP-5.5.19=
|
5.5(20)
|
cat5000-sup.5-5-20.bin
|
SC5K-SUP-5.5.20
|
SC5K-SUP-5.5.20=
|
5.5(21)
|
cat5000-sup.5-5-21.bin
|
SC5K-SUP-5.5.21
|
SC5K-SUP-5.5.21=
|
Supervisor Engine II G and III G
|
5.1(1)1
|
cat5000-supg.5-1-1.bin
|
N/A
|
N/A
|
5.1(1a)
|
cat5000-supg.5-1-1a.bin
|
SFC5K-SUPG-5.1.1
|
SFC5K-SUPG-5.1.1=
|
5.1(2a)
|
cat5000-supg.5-1-2a.bin
|
SFC5K-SUPG-5.1.2
|
SFC5K-SUPG-5.1.2=
|
5.1(2b)
|
cat5000-supg.5-1-2b.bin
|
SFC5K-SUPG-5.1.2b
|
SFC5K-SUPG-5.1.2b=
|
5.2(1)
|
cat5000-supg.5-2-1.bin
|
SFC5K-SUPG-5.2.1
|
SFC5K-SUPG-5.2.1=
|
5.2(2)
|
cat5000-supg.5-2-2.bin
|
SFC5K-SUPG-5.2.2
|
SFC5K-SUPG-5.2.2=
|
5.2(3)
|
cat5000-supg.5-2-3.bin
|
SFC5K-SUPG-5.2.3
|
SFC5K-SUPG-5.2.3=
|
5.2(4)
|
cat5000-supg.5-2-4.bin
|
SFC5K-SUPG-5.2.4
|
SFC5K-SUPG-5.2.4=
|
5.2(7a)
|
cat5000-supg.5-2-7a.bin
|
SFC5K-SUPG-5.2.7a
|
SFC5K-SUPG-5.2.7a=
|
5.4(1)
|
cat5000-supg.5-4-1.bin
|
SFC5K-SUPG-5.4.1
|
SFC5K-SUPG-5.4.1=
|
5.4(2)
|
cat5000-supg.5-4-2.bin
|
SC5K-SUPG-5.4.2
|
SC5K-SUPG-5.4.2=
|
5.4(2a)
|
cat5000-supg.5-4-2a.bin
|
SC5K-SUPG-5.4.2
|
SC5K-SUPG-5.4.2=
|
5.4(3)
|
cat5000-supg.5-4-3.bin
|
SC5K-SUPG-5.4.3
|
SC5K-SUPG-5.4.3=
|
5.4(4)
|
cat5000-supg.5-4-4.bin
|
SC5K-SUPG-5.4.4
|
SC5K-SUPG-5.4.4=
|
5.5(1)
|
cat5000-supg.5-5-1.bin
|
SC5K-SUPG-5.5.1
|
SC5K-SUPG-5.5.1=
|
5.5(2)
|
cat5000-supg.5-5-2.bin
|
SC5K-SUPG-5.5.2
|
SC5K-SUPG-5.5.2=
|
5.5(3)
|
cat5000-supg.5-5-3.bin
|
SC5K-SUPG-5.5.3
|
SC5K-SUPG-5.5.3=
|
5.5(4)
|
cat5000-supg.5-5-4.bin
|
SC5K-SUPG-5.5.4
|
SC5K-SUPG-5.5.4=
|
5.5(4a)
|
cat5000-supg.5-5-4a.bin
|
SC5K-SUPG-5.5.4
|
SC5K-SUPG-5.5.4=
|
5.5(4b)
|
cat5000-supg.5-5-4b.bin
|
SC5K-SUPG-5.5.4
|
SC5K-SUPG-5.5.4=
|
5.5(5)
|
cat5000-supg.5-5-5.bin
|
SC5K-SUPG-5.5.5
|
SC5K-SUPG-5.5.5=
|
5.5(6)
|
cat5000-supg.5-5-6.bin
|
SC5K-SUPG-5.5.6
|
SC5K-SUPG-5.5.6=
|
5.5(7a)
|
cat5000-supg.5-5-7a.bin
|
SC5K-SUPG-5.5.7a
|
SC5K-SUPG-5.5.7a=
|
5.5(7)
|
cat5000-supg.5-5-7.bin
|
SC5K-SUPG-5.5.7
|
SC5K-SUPG-5.5.7=
|
5.5(8)
|
cat5000-supg.5-5-8.bin
|
SC5K-SUPG-5.5.8
|
SC5K-SUPG-5.5.8=
|
5.5(9)
|
cat5000-supg.5-5-9.bin
|
SC5K-SUPG-5.5.9
|
SC5K-SUPG-5.5.9=
|
5.5(10)
|
cat5000-supg.5-5-10.bin
|
SC5K-SUPG-5.5.10
|
SC5K-SUPG-5.5.10=
|
5.5(10a)
|
cat5000-supg.5-5-10a.bin
|
SC5K-SUPG-5.5.10
|
SC5K-SUPG-5.5.10=
|
5.5(11)
|
cat5000-supg.5-5-11.bin
|
SC5K-SUPG-5.5.11
|
SC5K-SUPG-5.5.11=
|
5.5(11a)
|
cat5000-supg.5-5-11a.bin
|
SC5K-SUPG-5.5.11
|
SC5K-SUPG-5.5.11=
|
5.5(12)
|
cat5000-supg.5-5-12.bin
|
SC5K-SUPG-5.5.12
|
SC5K-SUPG-5.5.12=
|
5.5(12a)
|
cat5000-supg.5-5-12a.bin
|
SC5K-SUPG-5.5.12
|
SC5K-SUPG-5.5.12=
|
5.5(13)
|
cat5000-supg.5-5-13.bin
|
SC5K-SUPG-5.5.13
|
SC5K-SUPG-5.5.13=
|
5.5(13a)
|
cat5000-supg.5-5-13a.bin
|
SC5K-SUPG-5.5.13a
|
SC5K-SUPG-5.5.13a=
|
5.5(14)
|
cat5000-supg.5-5-14.bin
|
SC5K-SUPG-5.5.14
|
SC5K-SUPG-5.5.14=
|
5.5(15)
|
cat5000-supg.5-5-15.bin
|
SC5K-SUPG-5.5.15
|
SC5K-SUPG-5.5.15=
|
5.5(16)
|
cat5000-supg.5-5-16.bin
|
SC5K-SUPG-5.5.16
|
SC5K-SUPG-5.5.16=
|
5.5(17)
|
cat5000-supg.5-5-17.bin
|
SC5K-SUPG-5.5.17
|
SC5K-SUPG-5.5.17=
|
5.5(18)
|
cat5000-supg.5-5-18.bin
|
SC5K-SUPG-5.5.18
|
SC5K-SUPG-5.5.18=
|
5.5(19)
|
cat5000-supg.5-5-19.bin
|
SC5K-SUPG-5.5.19
|
SC5K-SUPG-5.5.19=
|
5.5(20)
|
cat5000-supg.5-5-20.bin
|
SC5K-SUPG-5.5.20
|
SC5K-SUPG-5.5.20=
|
5.5(21)
|
cat5000-supg.5-5-21.bin
|
SC5K-SUPG-5.5.21
|
SC5K-SUPG-5.5.21=
|
Supervisor Engine III and III F
|
5.1(1)1
|
cat5000-sup3.5-1-1.bin
|
SFC5K-SUP3-5.1.1
|
SWC5K-SUP3-5.1.1=
|
5.1(2a)
|
cat5000-sup3.5-1-2a.bin
|
SFC5K-SUP3-5.1.2
|
SWC5K-SUP3-5.1.2=
|
5.1(2b)
|
cat5000-sup3.5-1-2b.bin
|
SFC5K-SUP3-5.1.2b
|
SWC5K-SUP3-5.1.2b=
|
5.2(1)
|
cat5000-sup3.5-2-1.bin
|
SFC5K-SUP3-5.2.1
|
SWC5K-SUP3-5.2.1=
|
5.2(2)
|
cat5000-sup3.5-2-2.bin
|
SFC5K-SUP3-5.2.2
|
SWC5K-SUP3-5.2.2=
|
5.2(3)
|
cat5000-sup3.5-2-3.bin
|
SFC5K-SUP3-5.2.3
|
SWC5K-SUP3-5.2.3=
|
5.2(4)
|
cat5000-sup3.5-2-4.bin
|
SFC5K-SUP3-5.2.4
|
SWC5K-SUP3-5.2.4=
|
5.2(7a)
|
cat5000-sup3.5-2-7a.bin
|
SFC5K-SUP3-5.2.7a
|
SWC5K-SUP3-5.2.7a=
|
5.4(1)
|
cat5000-sup3.5-4-1.bin
|
SFC5K-SUP3-5.4.1
|
SFC5K-SUP3-5.4.1=
|
5.4(2)
|
cat5000-sup3.5-4-2.bin
|
SC5K-SUP3-5.4.2
|
SC5K-SUP3-5.4.2=
|
5.4(2) Flash image
w/CiscoView2
|
cat5000-sup3cv.5-4-2.bin
|
SC5K-SUP3CV-5.4.2
|
SC5K-SUP3CV-5.4.2=
|
5.4(2a)
|
cat5000-sup3.5-4-2a.bin
|
SC5K-SUP3-5.4.2
|
SC5K-SUP3-5.4.2=
|
5.4(2a) Flash image
w/CiscoView2
|
cat5000-sup3cv.5-4-2a.bin
|
SC5K-SUP3CV-5.4.2
|
SC5K-SUP3CV-5.4.2=
|
5.4(3)
|
cat5000-sup3.5-4-3.bin
|
SC5K-SUP3-5.4.3
|
SC5K-SUP3-5.4.3=
|
5.4(3) Flash image
w/CiscoView2
|
cat5000-sup3cv.5-4-3.bin
|
SC5K-SUP3CV-5.4.3
|
SC5K-SUP3CV-5.4.3=
|
5.4(4)
|
cat5000-sup3.5-4-4.bin
|
SC5K-SUP3-5.4.4
|
SC5K-SUP3-5.4.4=
|
5.4(4) Flash image
w/CiscoView2
|
cat5000-sup3cv.5-4-4.bin
|
SC5K-SUP3CV-5.4.4
|
SC5K-SUP3CV-5.4.4=
|
5.5(1)
|
cat5000-sup3.5-5-1.bin
|
SC5K-SUP3-5.5.1
|
SC5K-SUP3-5.5.1=
|
5.5(1) Flash image
w/CiscoView2
|
cat5000-sup3cv.5-5-1.bin
|
SC5K-SUP3CV-5.5.1
|
SC5K-SUP3CV-5.5.1=
|
5.5(2)
|
cat5000-sup3.5-5-2.bin
|
SC5K-SUP3-5.5.2
|
SC5K-SUP3-5.5.2=
|
5.5(2) Flash image
w/CiscoView2
|
cat5000-sup3cv.5-5-2.bin
|
SC5K-SUP3CV-5.5.2
|
SC5K-SUP3CV-5.5.2=
|
5.5(3)
|
cat5000-sup3.5-5-3.bin
|
SC5K-SUP3-5.5.3
|
SC5K-SUP3-5.5.3=
|
5.5(3) Flash image
w/CiscoView2
|
cat5000-sup3cv.5-5-3.bin
|
SC5K-SUP3CV-5.5.3
|
SC5K-SUP3CV-5.5.3=
|
5.5(4)
|
cat5000-sup3.5-5-4.bin
|
SC5K-SUP3-5.5.4
|
SC5K-SUP3-5.5.4=
|
5.5(4) Flash image
w/CiscoView2, 3
|
cat5000-sup3cv.5-5-4.bin
|
SC5K-SUP3CV-5.5.4
|
SC5K-SUP3CV-5.5.4=
|
5.5(4a)
|
cat5000-sup3.5-5-4a.bin
|
SC5K-SUP3-5.5.4
|
SC5K-SUP3-5.5.4=
|
5.5(4a) Flash image
w/CiscoView2
|
cat5000-sup3cv.5-5-4a.bin
|
SC5K-SUP3CV-5.5.4
|
SC5K-SUP3CV-5.5.4=
|
5.5(4b)
|
cat5000-sup3.5-5-4b.bin
|
SC5K-SUP3-5.5.4
|
SC5K-SUP3-5.5.4=
|
5.5(4b) Flash image
w/CiscoView2
|
cat5000-sup3cv.5-5-4b.bin
|
SC5K-SUP3CV-5.5.4
|
SC5K-SUP3CV-5.5.4=
|
5.5(5)
|
cat5000-sup3.5-5-5.bin
|
SC5K-SUP3-5.5.5
|
SC5K-SUP3-5.5.5=
|
5.5(5) Flash image
w/CiscoView2
|
cat5000-sup3cv.5-5-5.bin
|
SC5K-SUP3CV-5.5.5
|
SC5K-SUP3CV-5.5.5=
|
5.5(6)
|
cat5000-sup3.5-5-6.bin
|
SC5K-SUP3-5.5.6
|
SC5K-SUP3-5.5.6=
|
5.5(6) Flash image
w/CiscoView2
|
cat5000-sup3cv.5-5-6.bin
|
SC5K-SUP3CV-5.5.6
|
SC5K-SUP3CV-5.5.6=
|
5.5(7a)
|
cat5000-sup3.5-5-7a.bin
|
SC5K-SUP3-5.5.7a
|
SC5K-SUP3-5.5.7a=
|
5.5(7)
|
cat5000-sup3.5-5-7.bin
|
SC5K-SUP3-5.5.7
|
SC5K-SUP3-5.5.7=
|
5.5(7) Flash image
w/CiscoView2
|
cat5000-sup3cv.5-5-7.bin
|
SC5K-SUP3CV-5.5.7
|
SC5K-SUP3CV-5.5.7=
|
5.5(8)
|
cat5000-sup3.5-5-8.bin
|
SC5K-SUP3-5.5.8
|
SC5K-SUP3-5.5.8=
|
5.5(8a) Flash image
w/CiscoView
|
cat5000-sup3cv.5-5-8a.bin
|
SC5K-SUP3CV-5.5.8
|
SC5K-SUP3CV-5.5.8=
|
5.5(9)
|
cat5000-sup3.5-5-9.bin
|
SC5K-SUP3-5.5.9
|
SC5K-SUP3-5.5.9=
|
5.5(9) Flash image
w/CiscoView
|
cat5000-sup3cv.5-5-9.bin
|
SC5K-SUP3CV-5.5.9
|
SC5K-SUP3CV-5.5.9=
|
5.5(10)
|
cat5000-sup3.5-5-10.bin
|
SC5K-SUP3-5.5.10
|
SC5K-SUP3-5.5.10=
|
5.5(10) Flash image
w/CiscoView
|
cat5000-sup3cv.5-5-10.bin
|
SC5K-SUP3CV-5.5.10
|
SC5K-SUP3CV-5.5.10=
|
5.5(10a)
|
cat5000-sup3.5-5-10a.bin
|
SC5K-SUP3-5.5.10
|
SC5K-SUP3-5.5.10=
|
5.5(10a) Flash image
w/CiscoView
|
cat5000-sup3cv.5-5-10a.bin
|
SC5K-SUP3CV-5.5.10
|
SC5K-SUP3CV-5.5.10=
|
5.5(11)
|
cat5000-sup3.5-5-11.bin
|
SC5K-SUP3-5.5.11
|
SC5K-SUP3-5.5.11=
|
5.5(11) Flash image
w/CiscoView
|
cat5000-sup3cv.5-5-11.bin
|
SC5K-SUP3CV-5.5.11
|
SC5K-SUP3CV-5.5.11=
|
5.5(11a)
|
cat5000-sup3.5-5-11a.bin
|
SC5K-SUP3-5.5.11
|
SC5K-SUP3-5.5.11=
|
5.5(11a) Flash image
w/CiscoView
|
cat5000-sup3cv.5-5-11a.bin
|
SC5K-SUP3CV-5.5.11
|
SC5K-SUP3CV-5.5.11=
|
5.5(12)
|
cat5000-sup3.5-5-12.bin
|
SC5K-SUP3-5.5.12
|
SC5K-SUP3-5.5.12=
|
5.5(12) Flash image
w/CiscoView
|
cat5000-sup3cv.5-5-12.bin
|
SC5K-SUP3CV-5.5.12
|
SC5K-SUP3CV-5.5.12=
|
5.5(12a)
|
cat5000-sup3.5-5-12a.bin
|
SC5K-SUP3-5.5.12
|
SC5K-SUP3-5.5.12=
|
5.5(12a) Flash image
w/CiscoView
|
cat5000-sup3cv.5-5-12a.bin
|
SC5K-SUP3CV-5.5.12
|
SC5K-SUP3CV-5.5.12=
|
5.5(13)
|
cat5000-sup3.5-5-13.bin
|
SC5K-SUP3-5.5.13
|
SC5K-SUP3-5.5.13=
|
5.5(13) Flash image
w/CiscoView
|
cat5000-sup3cv.5-5-13.bin
|
SC5K-SUP3CV-5.5.13
|
SC5K-SUP3CV-5.5.13=
|
5.5(13a)
|
cat5000-sup3.5-5-13a.bin
|
SC5K-SUP3-5.5.13a
|
SC5K-SUP3-5.5.13a=
|
5.5(13a) Flash image
w/CiscoView
|
cat5000-sup3cv.5-5-13a.bin
|
SC5K-SUP3CV-5.5.13a
|
SC5K-SUP3CV-5.5.13a=
|
5.5(14)
|
cat5000-sup3.5-5-14.bin
|
SC5K-SUP3-5.5.14
|
SC5K-SUP3-5.5.14=
|
5.5(14) Flash image
w/CiscoView
|
cat5000-sup3cv.5-5-14.bin
|
SC5K-SUP3CV-5.5.14
|
SC5K-SUP3CV-5.5.14=
|
5.5(15)
|
cat5000-sup3.5-5-15.bin
|
SC5K-SUP3-5.5.15
|
SC5K-SUP3-5.5.15=
|
5.5(15) Flash image
w/CiscoView
|
cat5000-sup3cv.5-5-15.bin
|
SC5K-SUP3CV-5.5.15
|
SC5K-SUP3CV-5.5.15=
|
5.5(16)
|
cat5000-sup3.5-5-16.bin
|
SC5K-SUP3-5.5.16
|
SC5K-SUP3-5.5.16=
|
5.5(16) Flash image
w/CiscoView
|
cat5000-sup3cv.5-5-16.bin
|
SC5K-SUP3CV-5.5.16
|
SC5K-SUP3CV-5.5.16=
|
5.5(17)
|
cat5000-sup3.5-5-17.bin
|
SC5K-SUP3-5.5.17
|
SC5K-SUP3-5.5.17=
|
5.5(17) Flash image
w/CiscoView
|
cat5000-sup3cv.5-5-17.bin
|
SC5K-SUP3CV-5.5.17
|
SC5K-SUP3CV-5.5.17=
|
5.5(18)
|
cat5000-sup3.5-5-18.bin
|
SC5K-SUP3-5.5.18
|
SC5K-SUP3-5.5.18=
|
5.5(18) Flash image
w/CiscoView
|
cat5000-sup3cv.5-5-18.bin
|
SC5K-SUP3CV-5.5.18
|
SC5K-SUP3CV-5.5.18=
|
5.5(19)
|
cat5000-sup3.5-5-19.bin
|
SC5K-SUP3-5.5.19
|
SC5K-SUP3-5.5.19=
|
5.5(19) Flash image
w/CiscoView
|
cat5000-sup3cv.5-5-19.bin
|
SC5K-SUP3CV-5.5.19
|
SC5K-SUP3CV-5.5.19=
|
5.5(20)
|
cat5000-sup3.5-5-20.bin
|
SC5K-SUP3-5.5.20
|
SC5K-SUP3-5.5.20=
|
5.5(20) Flash image
w/CiscoView
|
cat5000-sup3cv.5-5-20.bin
|
SC5K-SUP3CV-5.5.20
|
SC5K-SUP3CV-5.5.20=
|
5.5(21)
|
cat5000-sup3.5-5-21.bin
|
SC5K-SUP3-5.5.21
|
SC5K-SUP3-5.5.21=
|
5.5(21) Flash image
w/CiscoView
|
cat5000-sup3cv.5-5-21.bin
|
SC5K-SUP3CV-5.5.21
|
SC5K-SUP3CV-5.5.21=
|
New Features for Supervisor Engine Software Release 5.5
This section describes the new features available in software release 5.5.
•Auxiliary VLANs on 10/100 ports that support 802.1Q trunking.
New Features for Supervisor Engine Software Release 5.4
This section describes the new features available in software release 5.4.
•UDLD enhancements—With supervisor engine software releases 5.4(3) and later, you can specify the message interval between UDLD messages. Previously, the message interval was fixed at 60 seconds. With a configurable message interval, UDLD reacts much faster to link failures.
Additionally, software releases 5.4(3) and later have UDLD aggressive mode. UDLD aggressive mode is disabled by default and its use is recommended only for point-to-point links between Cisco switches running software release 5.4(3) or later. With aggressive mode enabled, when a port on a bidirectional link stops receiving UDLD packets, UDLD tries to reestablish the connection with the neighbor. After eight failed retries, the port is put into errdisable state.
In order to prevent spanning tree loops, normal UDLD with the message interval of 15 seconds is fast enough to shut down a unidirectional link before a blocking port transitions to forwarding state (when default spanning tree parameters are used).
Enabling UDLD aggressive mode provides additional benefits in the following situations:
–One side of a link has a port stuck (both Tx and Rx)
–One side of a link remains up while the other side of the link has gone down
In these situations, UDLD aggressive mode errdisables one of the ports on the link and stops traffic from being forwarded to a non-existent destination. Even with aggressive mode disabled, in this situation there would have been no risk for a broadcast storm due to a spanning tree loop, because one port is unable to pass traffic in both directions.
For detailed information on configuring the message interval and UDLD aggressive mode, refer to the online version of the Software Configuration Guide—Catalyst 5000 Family, 4000 Family, 2928G Series, 2948G, and 2980G Switches, Release 5.4.
•Catalyst Web Interface (CWI)—A browser-based tool for configuring the Catalyst 6000, 5000, and 4000 family switches.
•RADIUS authorization and accounting—Provides client-server authentication and accounting for users attempting to connect to the switch.
•TACACS+ authorization and accounting—Provides client-server authentication and accounting for access to network devices.
•Generic summertime—Allows you to configure non-US summertime.
•ErrDisable timeout—Allows you to automatically enable or reset a port minutes after a port is disabled by the software due to excessive errors.
•Case-sensitive password—Allows you to set case-sensitive passwords.
•IP Permit List enhancements—Increases the number of IP entries allowed.
•Banner improvement—Increases the banner string to 3,070 characters long, and includes a tab character.
•Scheduled reset—Allows you to reset the switch at a specified date and time.
•Permanent ARP entries—Allows you to save a static APR entry in the NVRAM (or Flash) configuration file so a reset or power cycle does not clear the entry.
•show config non-default and default filename for device configuration file—Allows you to specify non-default values only in the show config command.
•VLAN 1 disable on trunks—Allows you to disable VLAN 1 on any individual VLAN trunk link.
•Portfast guard—Provides a means to shut the port down when any received BPDUs are detected.
•RGMP support—Allows the switch to forward IP multicast traffic to only those multicast routers that are interested in receiving the traffic, which offloads unnecessary packet processing from multicast router and improving the network bandwidth.
•IGMP fast leave—Provides a method where you can leave multicast sessions without any latency.
•Disable Port Startup Option—Allows the administrator to specify the default operation for all ports to be shut down, and once set, no traffic will be transmitted through the switch in the event of a complete configuration erase or a corrupted configuration.
•Diagnostics options on bootup—Provides options to bypass all diagnostics completely, run a minimal set, or run the complete set.
•SNMPv3—Provides security and remote configuration capabilities of SNMPv3.
•Improved SNMP Response Time—Minimizes the response time for the SNMP subsystem in the Catalyst 5000 family switch.
•Common Open Policy Service (COPS) for Differentiated Services (DS)—Allows QoS to be configured from a central policy decision point server.
New Features for Supervisor Engine Software Release 5.2
This section describes the new features available in software release 5.2.
•Enhanced NFFC and Enhanced NFFC II provides increased performance and supports forwarding of multilayer traffic through uplink ports of redundant supervisor engines in redundant configurations.
•DHCP client—Allows the switch to obtain its IP configuration automatically from a DHCP server.
•Configure from Flash at startup—Allows the switch to execute one or more configuration files stored in Flash memory when the switch is powered on or reset.
•Minimal downtime software upgrade—Significantly reduces the downtime required for a software upgrade in a Catalyst 5500 series switch with redundant supervisor engines.
•Flexible PAgP—Provides enhancements and new functionality to existing EtherChannel port bundling features.
•Port security enhancements—Provides additional port security features, such as restricting traffic on a secure port instead of shutting down the port, and allowing multiple secure addresses on a port.
•UDLD on copper—Provides support for the UniDirectional Link Detection (UDLD) protocol on copper media.
•Kerberos Telnet—Provides support for encrypted Telnet sessions on the switch using Kerberos.
•rcp support—Provides an alternative method for copying system software image files and configuration files over the network, using remote copy (rcp).
•SPAN enhancements—Provides a "don't learn" option to prevent a SPAN destination port with the inpkts enable option set from learning addresses from the incoming traffic.
•Command completion—Provides new command-line options such as keyword completion using the Tab key and context-sensitive help using ?.
•New and enhanced commands:
–show config, write terminal, copy config—Now display only changes to the default switch configuration by default. Use the all keyword to display both the default and non-default configuration.
–set port host—Provides a command-macro that optimizes a port for host connections by enabling spanning tree PortFast mode and setting the trunking mode and EtherChannel mode to off.
–set tokenring explorer-throttle—Allows you to limit the number of explorer frames that are allowed to enter a port on the Token Ring modules.
•Support for the following SNMP MIBS:
–CISCO-PAGP-MIB
–Support for rcp in CISCO-FLASH-MIB
–Enhanced the CISCO-STACK-MIB to support the following software features:
Minimal downtime software upgrade
Port Security Enhancements
Configure from Flash at startup
fileCopyGrp for rcp support
New Features for Supervisor Engine Software Release 5.1(2a)
This section describes the new features available in software release 5.1(2a).
Support for the 36-port Telco 10/100 switching module (WS-X5239-RJ21) (software release 5.1(2a) and later).
New Features for Supervisor Engine Software Release 5.1
This section describes the new features available in software release 5.1.
•Support for the following hardware:
–Supervisor Engine II G (WS-X5540)—Supervisor engine with modular uplinks, NFFC II chipset, and support for the RSFC, for high-performance wiring-closet applications
–Supervisor Engine III G (WS-X5550)—Supervisor engine with two 1000BASE-X (GBIC) uplinks, NFFC II chipset, and support for the RSFC, for high-performance wiring-closet applications
–Route Switch Feature Card (RSFC, WS-F5541=)—Router feature card for the Catalyst 5000 family Supervisor Engine II G and III G that provides multiprotocol interVLAN routing
–24-port 10BASE-FL switching module (WS-X5015-MT)
•RADIUS authentication—Provides client-server authentication for users attempting to connect to the switch.
•SPAN enhancements—Provides more flexibility in configuring SPAN sessions, including multiple SPAN sources independent of VLAN membership.
•CDP Version 2—Provides additional information on connected Cisco devices, including native VLAN and port duplex mismatches.
•IEEE 802.1Q to ISL VLAN mapping—Allows you to map 802.1Q VLANs that are greater than VLAN 1000 to ISL VLANs.
•IEEE GVRP— GARP application that provides 802.1Q-compliant VLAN pruning and dynamic VLAN creation on 802.1Q trunk ports.
•IEEE GMRP—GARP application that provides a constrained multicast flooding facility similar to IGMP snooping and CGMP.
•Quality of Service (QoS)—Classifies frames by assigning priority-indexed IEEE 802.1p class of service (CoS) values to them at supported ingress ports.
•IP multicast Multilayer Switching (MLS)—Provides high-performance hardware-based Layer 3 switching of IP multicast traffic, offloading processor-intensive multicast packet routing from network routers.
•IPX MLS—Provides high-performance hardware-based Layer 3 switching of IPX traffic, offloading processor-intensive packet routing from network routers.
•CIDR IP routes—Allows you to specify classless IP routes for IP traffic originating on the switch.
•UniDirectional Link Detection (UDLD)—Detects unidirectional connections on fiber-optic links.
•NTP authentication—Prevents the switch from accepting NTP updates from untrusted sources, as described in RFC 1305.
•Redundant supervisor engine ports enhancement—Removes the 20-VLAN restriction on the redundant supervisor engine uplink ports.
•Support for the following SNMP MIBs:
–ENTITY-MIB
–CISCO-SYSLOG-MIB
–CISCO-PROCESS-MIB
–CISCO-IMAGE-MIB (Catalyst 5000 family)
–Mini-RMON groups in HC-RMON MIB
–usrHistory and probeConfig groups in RFC2021 RMON2 MIB
–portCopyTable in SMON-MIB
–CISCO-UDLDP-MIB
–Latest CISCO-CDP-MIB
–Enhanced the CISCO-SWITCH-ENGINE-MIB to support the IPX and Multicast Shortcut features
–Enhanced the CISCO-STP-EXTENSIONS-MIB to support the BackboneFast feature
–Enhanced the CISCO-STACK-MIB to support the following software features:
Port Capability
Config File Management
Port TopN
Trace Route
Multiple Default Gateway
NTP Authentication
RADIUS authentication
Open and Resolved Caveats in Software Release 5.5(21)
These sections describe the open and resolved caveats in supervisor engine software release 5.5(21):
•Open Caveats in Software Release 5.5(21)
•Resolved Caveats in Software Release 5.5(21)
Open Caveats in Software Release 5.5(21)
Note For a description of caveats resolved in software release 5.5(21), see the "Resolved Caveats in Software Release 5.5(21)" section.
This section describes the open caveats in software release 5.5(21):
•CiscoView sometimes cannot be launched on a Solaris/Netscape Communicator client; sometimes it launches with an access control error.
Workaround: Clear the browser cache or ensure that the Java Run-time Environment (JRE) and plug-in versions match. To make the JRE and plug-in versions match, follow this procedure:
a. Open the Java plug-in Control Panel located at:
java_plugin_install_directory/j2pi/ControlPanel
The standard java_plugin_install_directory is /opt/NSCPcom/
b. Go to the Advanced tab and select Java Run Time Environment as "Use Java Plug-in Default."
c. Restart the browser.
(CSCdu32540)
•When you open a configuration dialog box after resizing the CiscoView browser window on a Solaris/Netscape Communicator client with Java plug-in 1.3.0, a Java
IllegalComponentStateException error occurs.
Workaround: Open the same dialog box again. (CSCdu32555)
•If you download a COPS policy containing a differentiated services code point (DSCP) range to a Catalyst 5000 family switch, the COPS policy does not apply and displays the following error:
%COPS-3-APPLY_CAT5K_FAIL_DSCPRANGE: Applying COPS policy failed since DSCP policy
range not set to full range
Policies that do not contain a full DSCP range are not supported on Catalyst 5000 family switches. (CSCdr23429)
•The Catalyst 5000 family switches do not support nonzero WRED minimum values. If a COPS QoS Policy Manager (QPM) server sends a COPS policy with a nonzero WRED minimum value, error reports are not returned to the COPS server, and you will not be aware that the WRED minimum specified in the COPS policy was not used. (CSCdr28819)
•The clear log command does not clear the exception log for the Network Analysis Module (WS-X5380). (CSCdm32798)
•If a duplex mismatch occurs on an ISL trunk into a Catalyst 5000 family switch, you will see swBusCRCErrorDrop errors on all ports, and you will see RxInnerCRCErrorDrop errors on ports with the duplex mismatch. This mismatch results in dropped traffic between buses.
Workaround: To disable the ports with the duplex mismatch, enter the set feature fw-disable enable command. This command was introduced in software release 5.5(13). (CSCdw11398)
Resolved Caveats in Software Release 5.5(21)
Note For a description of open caveats in software release 5.5(21), see the "Open Caveats in Software Release 5.5(21)" section.
This section describes the resolved caveats in software release 5.5(21):
•With software release 5.5(21) and later releases, the switch now ignores broadcast NTP packets from unknown NTP servers. (CSCef95980)
•The dot3StatsFrameTooLongs counter increases on some trunk ports. This counter should not increase on trunk ports.
This problem is resolved in software release 5.5(21). (CSCee94947)
•When you set the diagnostics level to bypass (set test diaglevel bypass) and then reload the switch, port security does not work as expected.
Workaround: Set the diagnostics level to minimal (set test diaglevel complete) or complete (set test diaglevel complete) and reload the switch.
This problem is resolved in software release 5.5(21). (CSCef50667)
•A switch that has a Supervisor Engine II (WS-X5509) and is configured with TACACS+ might reload after upgrading from 5.5(13) to 5.5(20).
Workaround: Remove the TACACS+ configuration.
This problem is resolved in software release 5.5(21). (CSCee87653)
•If VLAN 1 contains no ports and UDLD is enabled, the trunk ports in the switch go into errdisable status when you reload the switch. If UDLD is not enabled, the trunk status toggles between "trunk" and "nontrunk." Cisco Discovery Protocol (CDP) entries are not found.
Workaround: Keep at least one port in VLAN 1.
This problem is resolved in software release 5.5(21). (CSCeh65691)
Open and Resolved Caveats in Software Release 5.5(20)
These sections describe the open and resolved caveats in supervisor engine software release 5.5(20):
•Open Caveats in Software Release 5.5(20)
•Resolved Caveats in Software Release 5.5(20)
Open Caveats in Software Release 5.5(20)
Note For a description of caveats resolved in software release 5.5(20), see the "Resolved Caveats in Software Release 5.5(20)" section.
This section describes the open caveats in software release 5.5(20):
•CiscoView sometimes cannot be launched on a Solaris/Netscape Communicator client; sometimes it launches with an access control error.
Workaround: Clear the browser cache or ensure that the Java Run-time Environment (JRE) and plug-in versions match. To make the JRE and plug-in versions match, follow this procedure:
a. Open the Java plug-in Control Panel located at:
java_plugin_install_directory/j2pi/ControlPanel
The standard java_plugin_install_directory is /opt/NSCPcom/
b. Go to the Advanced tab and select Java Run Time Environment as "Use Java Plug-in Default."
c. Restart the browser.
(CSCdu32540)
•When you open a configuration dialog box after resizing the CiscoView browser window on a Solaris/Netscape Communicator client with Java plug-in 1.3.0, a Java
IllegalComponentStateException error occurs.
Workaround: Open the same dialog box again. (CSCdu32555)
•If you download a COPS policy containing a differentiated services code point (DSCP) range to a Catalyst 5000 family switch, the COPS policy does not apply and displays the following error:
%COPS-3-APPLY_CAT5K_FAIL_DSCPRANGE: Applying COPS policy failed since DSCP policy
range not set to full range
Policies that do not contain a full DSCP range are not supported on Catalyst 5000 family switches. (CSCdr23429)
•The Catalyst 5000 family switches do not support nonzero WRED minimum values. If a COPS QoS Policy Manager (QPM) server sends a COPS policy with a nonzero WRED minimum value, error reports are not returned to the COPS server, and you will not be aware that the WRED minimum specified in the COPS policy was not used. (CSCdr28819)
•The clear log command does not clear the exception log for the Network Analysis Module (WS-X5380). (CSCdm32798)
•If a duplex mismatch occurs on an ISL trunk into a Catalyst 5000 family switch, you will see swBusCRCErrorDrop errors on all ports, and you will see RxInnerCRCErrorDrop errors on ports with the duplex mismatch. This mismatch results in dropped traffic between buses.
Workaround: To disable the ports with the duplex mismatch, enter the set feature fw-disable enable command. This command was introduced in software release 5.5(13). (CSCdw11398)
Resolved Caveats in Software Release 5.5(20)
Note For a description of open caveats in software release 5.5(20), see the "Open Caveats in Software Release 5.5(20)" section.
This section describes the resolved caveats in software release 5.5(20):
•Cisco CatOS is susceptible to a TCP-ACK Denial of Service (DoS) attack on the Telnet, HTTP and SSH service. When exploited, the vulnerability causes the Cisco CatOS running device to stop functioning and reload.
This vulnerability is documented as Cisco bug ID CSCec42751, CSCed45576, and CSCed48590. There are mitigation techniques available to mitigate the effects of this vulnerability in the workaround section of this advisory. Cisco is providing fixed software, and recommends that customers upgrade to it.
This advisory will be posted at
http://www.cisco.com/warp/public/707/cisco-sa-20040526-catos.shtml
This problem is resolved in software release 5.5(20). (CSCec42751)
•If a failover occurs on a Catalyst 5500 switch with redundant Supervisor Engine IIIs with uplink modules, the EARL tests are not performed and are marked as unknown (U).
This problem is resolved in software release 5.5(20). (CSCdy03366)
•If you configure port security on the WS-5225r or WS-5324 modules, security may be violated by an incorrect MAC address. The system will show that the MAC address was learned from the port, but a MAC address might have been learned from the network.
Workaround: Use the restrict violation action instead of the shutdown caution when you configure port security. This action will cause the incorrect MAC address to be restricted and ignored.
This problem is resolved in software release 5.5(20). (CSCdy81856)
•In a Catalyst 5000 family switch with an ATM module, SNMP queries might time out.
This problem is resolved in software release 5.5(20) and ATM software releases 12.0(26)W5(28a) and 12.1(20). (CSCea04300)
•A Catalyst switch with the Catalyst operating system incorrectly reports an STP root change with the following message:
2003 Jun 09 11:42:28 EST -04:00 %SPANTREE-5-ROOTCHANGE:Root changed for Vlan Y: New
root port n/m. New Root mac address is XX-XX-XX-XX-XX-XX.
This is an informational message only and should not affect the operation of your switch.
Workaround: Change the logging level on the SPANTREE facility down to level 4.
This problem is resolved in software release 5.5(20). (CSCeb78548)
•When you configure UplinkFast and MLS on a Catalyst 5000 family switch, a flood entry in the CAM table might cause routed packets through the Route Switch Module (RSM) to fail, resulting in dropped packets.
This problem is resolved in software release 5.5(20). (CSCdz44998)
•In certain hardware configurations (for example, one WS-X5225 module and two WS-X5012A modules), the uplink ports on the standby Supervisor Engine III stay in standby mode and fail to enable.
This problem is resolved in software release 5.5(20). (CSCdx66947)
Open and Resolved Caveats in Software Release 5.5(19)
These sections describe the open and resolved caveats in supervisor engine software release 5.5(19):
•Open Caveats in Software Release 5.5(19)
•Resolved Caveats in Software Release 5.5(19)
Open Caveats in Software Release 5.5(19)
Note For a description of caveats resolved in software release 5.5(19), see the "Resolved Caveats in Software Release 5.5(19)" section.
This section describes the open caveats in software release 5.5(19):
•CiscoView sometimes cannot be launched on a Solaris/Netscape Communicator client; sometimes it launches with an access control error.
Workaround: Clear the browser cache or ensure that the Java Run-time Environment (JRE) and plug-in versions match. To make the JRE and plug-in versions match, follow this procedure:
a. Open the Java plug-in Control Panel located at:
java_plugin_install_directory/j2pi/ControlPanel
The standard java_plugin_install_directory is /opt/NSCPcom/
b. Go to the Advanced tab and select Java Run Time Environment as "Use Java Plug-in Default."
c. Restart the browser.
(CSCdu32540)
•When you open a configuration dialog box after resizing the CiscoView browser window on a Solaris/Netscape Communicator client with Java plug-in 1.3.0, a Java
IllegalComponentStateException error occurs.
Workaround: Open the same dialog box again. (CSCdu32555)
•If you download a COPS policy containing a differentiated services code point (DSCP) range to a Catalyst 5000 family switch, the COPS policy does not apply and displays the following error:
%COPS-3-APPLY_CAT5K_FAIL_DSCPRANGE: Applying COPS policy failed since DSCP policy
range not set to full range
Policies that do not contain a full DSCP range are not supported on Catalyst 5000 family switches. (CSCdr23429)
•The Catalyst 5000 family switches do not support nonzero WRED minimum values. If a COPS QoS Policy Manager (QPM) server sends a COPS policy with a nonzero WRED minimum value, error reports are not returned to the COPS server, and you will not be aware that the WRED minimum specified in the COPS policy was not used. (CSCdr28819)
•The clear log command does not clear the exception log for the Network Analysis Module (WS-X5380). (CSCdm32798)
•If a duplex mismatch occurs on an ISL trunk into a Catalyst 5000 family switch, you will see swBusCRCErrorDrop errors on all ports, and you will see RxInnerCRCErrorDrop errors on ports with the duplex mismatch. This mismatch results in dropped traffic between buses.
Workaround: To disable the ports with the duplex mismatch, enter the set feature fw-disable enable command. This command was introduced in software release 5.5(13). (CSCdw11398)
Resolved Caveats in Software Release 5.5(19)
Note For a description of open caveats in software release 5.5(19), see the "Open Caveats in Software Release 5.5(19)" section.
This section describes the resolved caveats in software release 5.5(19):
•A Catalyst 5000 family switch running 5.5(8a) CiscoView image (cat5000-sup3cv.5-5-8a.bin) might pause indefinitely when using Internet Explorer to access the HTTP server program that is used for configuring the switch.
This problem is resolved in software release 5.5(19). (CSCdu46560)
•If a connected ATM module runs out of memory, the switch may reload in the CmpOID function.
This problem is resolved in software release 5.5(19). (CSCdz50307)
•The system may reload when MALLOC failures and excessive SNMP processing occurs.
This problem is resolved in software release 5.5(19). (CSCdz59604)
•The switch might accept a BPDU with the contents zeroed out and process it as BID 0000.0000.0000, priority 0, and msg age expiry 0. Processing the BPDU causes switch instability. The switch should discard BPDUs if any parameters are out of range.
This problem is resolved in software release 5.5(19). (CSCea20106)
Open and Resolved Caveats in Software Release 5.5(18)
These sections describe the open and resolved caveats in supervisor engine software release 5.5(18):
•Open Caveats in Software Release 5.5(18)
•Resolved Caveats in Software Release 5.5(18)
Open Caveats in Software Release 5.5(18)
Note For a description of caveats resolved in software release 5.5(18), see the "Resolved Caveats in Software Release 5.5(18)" section.
This section describes the open caveats in software release 5.5(18):
•CiscoView sometimes cannot be launched on a Solaris/Netscape Communicator client; sometimes it launches with an access control error.
Workaround: Clear the browser cache or ensure that the Java Run-time Environment (JRE) and plug-in versions match. To make the JRE and plug-in versions match, follow this procedure:
a. Open the Java plug-in Control Panel located at:
java_plugin_install_directory/j2pi/ControlPanel
The standard java_plugin_install_directory is /opt/NSCPcom/
b. Go to the Advanced tab and select Java Run Time Environment as "Use Java Plug-in Default."
c. Restart the browser.
(CSCdu32540)
•When you open a configuration dialog box after resizing the CiscoView browser window on a Solaris/Netscape Communicator client with Java plug-in 1.3.0, a Java
IllegalComponentStateException error occurs.
Workaround: Open the same dialog box again. (CSCdu32555)
•If you download a COPS policy containing a differentiated services code point (DSCP) range to a Catalyst 5000 family switch, the COPS policy does not apply and displays the following error:
%COPS-3-APPLY_CAT5K_FAIL_DSCPRANGE: Applying COPS policy failed since DSCP policy
range not set to full range
Policies that do not contain a full DSCP range are not supported on Catalyst 5000 family switches. (CSCdr23429)
•The Catalyst 5000 family switches do not support nonzero WRED minimum values. If a COPS QoS Policy Manager (QPM) server sends a COPS policy with a nonzero WRED minimum value, error reports are not returned to the COPS server, and you will not be aware that the WRED minimum specified in the COPS policy was not used. (CSCdr28819)
•The clear log command does not clear the exception log for the Network Analysis Module (WS-X5380). (CSCdm32798)
•If a duplex mismatch occurs on an ISL trunk into a Catalyst 5000 family switch, you will see swBusCRCErrorDrop errors on all ports, and you will see RxInnerCRCErrorDrop errors on ports with the duplex mismatch. This mismatch results in dropped traffic between buses.
Workaround: To disable the ports with the duplex mismatch, enter the set feature fw-disable enable command. This command was introduced in software release 5.5(13). (CSCdw11398)
•A Catalyst 5000 family switch running 5.5(8a) CiscoView image (cat5000-sup3cv.5-5-8a.bin) might pause indefinitely when using Internet Explorer to access the HTTP server program that is used for configuring the switch. (CSCdu46560)
Resolved Caveats in Software Release 5.5(18)
Note For a description of open caveats in software release 5.5(18), see the "Open Caveats in Software Release 5.5(18)" section.
This section describes the resolved caveats in software release 5.5(18):
•The CAM table of a Catalyst 5000 family switch with a LANE module sometimes points to a virtual connection that does not exist.
Workaround: Clear the CAM table.
This problem is resolved in software release 5.5(18). (CSCdw62710)
•A Catalyst 5500 switch running 5.5(17) with a Supervisor Engine 3 does not generate a entConfigChange SNMP trap when the power supply (WS-C5508) is removed. However, when the power supply is inserted, the supervisor engine generates the following trap:
Oct 22 17:36:18 nms-server snmptrapd[223]: 10.32.6.10:
Enterprise Specific Trap (entConfigChange)
entityMIB.entityMIBObjects.entityGeneral.entLastChangeTime = Timeticks: (224114)
0:37:21.14
This problem is resolved in software release 5.5(18). (CSCdz09920)
Open and Resolved Caveats in Software Release 5.5(17)
These sections describe the open and resolved caveats in supervisor engine software release 5.5(17):
•Open Caveats in Software Release 5.5(17)
•Resolved Caveats in Software Release 5.5(17)
Open Caveats in Software Release 5.5(17)
Note For a description of caveats resolved in software release 5.5(17), see the "Resolved Caveats in Software Release 5.5(17)" section.
This section describes the open caveats in software release 5.5(17):
•On a Catalyst 5000 family switch running 5.5(15) or later with a Supervisor Engine 3 and an ATM module (WS-X5158), some VLANs communicating over the ATM trunk will not pass broadcast or unknown unicast traffic. Communication is restored between the hosts when you configure static ARPs on an IP host that has lost connectivity with another IP host. (CSCdx73126)
•CiscoView sometimes cannot be launched on a Solaris/Netscape Communicator client; sometimes it launches with an access control error.
Workaround: Clear the browser cache or ensure that the Java Run-time Environment (JRE) and plug-in versions match. To make the JRE and plug-in versions match, follow this procedure:
a. Open the Java plug-in Control Panel located at:
java_plugin_install_directory/j2pi/ControlPanel
The standard java_plugin_install_directory is /opt/NSCPcom/
b. Go to the Advanced tab and select Java Run Time Environment as "Use Java Plug-in Default."
c. Restart the browser.
(CSCdu32540)
•When you open a configuration dialog box after resizing the CiscoView browser window on a Solaris/Netscape Communicator client with Java plug-in 1.3.0, a Java
IllegalComponentStateException error occurs.
Workaround: Open the same dialog box again. (CSCdu32555)
•If you download a COPS policy containing a differentiated services code point (DSCP) range to a Catalyst 5000 family switch, the COPS policy does not apply and displays the following error:
%COPS-3-APPLY_CAT5K_FAIL_DSCPRANGE: Applying COPS policy failed since DSCP policy
range not set to full range
Policies that do not contain a full DSCP range are not supported on Catalyst 5000 family switches. (CSCdr23429)
•The Catalyst 5000 family switches do not support nonzero WRED minimum values. If a COPS QoS Policy Manager (QPM) server sends a COPS policy with a nonzero WRED minimum value, error reports are not returned to the COPS server, and you will not be aware that the WRED minimum specified in the COPS policy was not used. (CSCdr28819)
•The clear log command does not clear the exception log for the Network Analysis Module (WS-X5380). (CSCdm32798)
•If a duplex mismatch occurs on an ISL trunk into a Catalyst 5000 family switch, you will see swBusCRCErrorDrop errors on all ports, and you will see RxInnerCRCErrorDrop errors on ports with the duplex mismatch. This mismatch results in dropped traffic between buses.
Workaround: To disable the ports with the duplex mismatch, enter the set feature fw-disable enable command. This command was introduced in software release 5.5(13). (CSCdw11398)
Resolved Caveats in Software Release 5.5(17)
Note For a description of open caveats in software release 5.5(17), see the "Open Caveats in Software Release 5.5(17)" section.
This section describes the resolved caveats in software release 5.5(17):
•Systems with a Supervisor Engine III (WS-X5530) running 5.5(7) or later might send incorrect SNMP Trap information for a failed power supply.
This problem is resolved in software release 5.5(17). (CSCdy35990)
Open and Resolved Caveats in Software Release 5.5(16)
These sections describe the open and resolved caveats in supervisor engine software release 5.5(16):
•Open Caveats in Software Release 5.5(16)
•Resolved Caveats in Software Release 5.5(16)
Open Caveats in Software Release 5.5(16)
Note For a description of caveats resolved in software release 5.5(16), see the "Resolved Caveats in Software Release 5.5(16)" section.
This section describes the open caveats in software release 5.5(16):
•On a Catalyst 5000 family switch running 5.5(15) or later with a Supervisor Engine 3 and an ATM module (WS-X5158), some VLANs communicating over the ATM trunk will not pass broadcast or unknown unicast traffic. Communication is restored between the hosts when you configure static ARPs on an IP host that has lost connectivity with another IP host. (CSCdx73126)
•CiscoView sometimes cannot be launched on a Solaris/Netscape Communicator client; sometimes it launches with an access control error.
Workaround: Clear the browser cache or ensure that the Java Run-time Environment (JRE) and plug-in versions match. To make the JRE and plug-in versions match, follow this procedure:
a. Open the Java plug-in Control Panel located at:
java_plugin_install_directory/j2pi/ControlPanel
The standard java_plugin_install_directory is /opt/NSCPcom/
b. Go to the Advanced tab and select Java Run Time Environment as "Use Java Plug-in Default."
c. Restart the browser.
(CSCdu32540)
•When you open a configuration dialog box after resizing the CiscoView browser window on a Solaris/Netscape Communicator client with Java plug-in 1.3.0, a Java
IllegalComponentStateException error occurs.
Workaround: Open the same dialog box again. (CSCdu32555)
•If you download a COPS policy containing a differentiated services code point (DSCP) range to a Catalyst 5000 family switch, the COPS policy does not apply and displays the following error:
%COPS-3-APPLY_CAT5K_FAIL_DSCPRANGE: Applying COPS policy failed since DSCP policy
range not set to full range
Policies that do not contain a full DSCP range are not supported on Catalyst 5000 family switches. (CSCdr23429)
•The Catalyst 5000 family switches do not support nonzero WRED minimum values. If a COPS QoS Policy Manager (QPM) server sends a COPS policy with a nonzero WRED minimum value, error reports are not returned to the COPS server, and you will not be aware that the WRED minimum specified in the COPS policy was not used. (CSCdr28819)
•The clear log command does not clear the exception log for the Network Analysis Module (WS-X5380). (CSCdm32798)
•If a duplex mismatch occurs on an ISL trunk into a Catalyst 5000 family switch, you will see swBusCRCErrorDrop errors on all ports, and you will see RxInnerCRCErrorDrop errors on ports with the duplex mismatch. This mismatch results in dropped traffic between buses.
Workaround: To disable the ports with the duplex mismatch, enter the set feature fw-disable enable command. This command was introduced in software release 5.5(13). (CSCdw11398)
Resolved Caveats in Software Release 5.5(16)
Note For a description of open caveats in software release 5.5(16), see the "Open Caveats in Software Release 5.5(16)" section.
This section describes the resolved caveats in software release 5.5(16):
•The show port command or the show counters command reports FCS errors. The dot3StatFCSError SNMP object reports zero FCS errors.
This problem is resolved in software release 5.5(16). (CSCdx88030)
•Polling objects in the CISCO-MEMORY-POOL-MIB causes high CPU utilization in systems with a WS-X5540 supervisor engine.
This problem is resolved in software release 5.5(16). (CSCdx16304)
Open and Resolved Caveats in Software Release 5.5(15)
These sections describe the open and resolved caveats in supervisor engine software release 5.5(15):
•Open Caveats in Software Release 5.5(15)
•Resolved Caveats in Software Release 5.5(15)
Open Caveats in Software Release 5.5(15)
Note For a description of caveats resolved in software release 5.5(15), see the "Resolved Caveats in Software Release 5.5(15)" section.
This section describes the open caveats in software release 5.5(15):
•On a Catalyst 5000 family switch running 5.5(15) with a Supervisor Engine 3 and an ATM module (WS-X5158), some VLANs communicating over the ATM trunk will not pass broadcast or unknown unicast traffic. Communication is restored between the hosts when you configure static ARPs on an IP host that has lost connectivity with another IP host. (CSCdx73126)
•CiscoView sometimes cannot be launched on a Solaris/Netscape Communicator client; sometimes it launches with an access control error.
Workaround: Clear the browser cache or ensure that the Java Run-time Environment (JRE) and plug-in versions match. To make the JRE and plug-in versions match, follow this procedure:
a. Open the Java plug-in Control Panel located at:
java_plugin_install_directory/j2pi/ControlPanel
The standard java_plugin_install_directory is /opt/NSCPcom/
b. Go to the Advanced tab and select Java Run Time Environment as "Use Java Plug-in Default."
c. Restart the browser.
(CSCdu32540)
•When you open a configuration dialog box after resizing the CiscoView browser window on a Solaris/Netscape Communicator client with Java plug-in 1.3.0, a Java
IllegalComponentStateException error occurs.
Workaround: Open the same dialog box again. (CSCdu32555)
•If you download a COPS policy containing a differentiated services code point (DSCP) range to a Catalyst 5000 family switch, the COPS policy does not apply and displays the following error:
%COPS-3-APPLY_CAT5K_FAIL_DSCPRANGE: Applying COPS policy failed since DSCP policy
range not set to full range
Policies that do not contain a full DSCP range are not supported on Catalyst 5000 family switches. (CSCdr23429)
•The Catalyst 5000 family switches do not support nonzero WRED minimum values. If a COPS QoS Policy Manager (QPM) server sends a COPS policy with a nonzero WRED minimum value, error reports are not returned to the COPS server, and you will not be aware that the WRED minimum specified in the COPS policy was not used. (CSCdr28819)
•The clear log command does not clear the exception log for the Network Analysis Module (WS-X5380). (CSCdm32798)
•If a duplex mismatch occurs on an ISL trunk into a Catalyst 5000 family switch, you will see swBusCRCErrorDrop errors on all ports, and you will see RxInnerCRCErrorDrop errors on ports with the duplex mismatch. This mismatch results in dropped traffic between buses.
Workaround: To disable the ports with the duplex mismatch, enter the set feature fw-disable enable command. This command was introduced in software release 5.5(13). (CSCdw11398)
Resolved Caveats in Software Release 5.5(15)
Note For a description of open caveats in software release 5.5(15), see the "Open Caveats in Software Release 5.5(15)" section.
This section describes the resolved caveats in software release 5.5(15):
•When you make a Telnet connectionthrough Shiva Access Manager to a switch configured with authentication, authorization, and accounting (AAA), the switch sets the TACACS privilege level to 15. Authentication fails if users have a privilege level lower than 15.
Workaround: Configure Shiva Access Manager users to receive privilege level 15.
This problem is resolved in software release 5.5(15). (CSCdx08395)
•When you enter the show top command for an FDDI module, inconsistent utilization results are displayed (Uti %).
This problem is resolved in software release 5.5(15). (CSCdx55791)
•In rare circumstances, if you terminate a ping process by entering ^C (Ctrl-C), the process is terminated but the memory allocated to the process is not released properly.
This problem is resolved in software release 5.5(15). (CSCdx40797)
•In rare circumstances, if you terminate a DNS lookup process by entering ^C (Ctrl-C), the process is terminated but the memory allocated to the process is not released properly.
This problem is resolved in software release 5.5(15). (CSCdx40481)
Open and Resolved Caveats in Software Release 5.5(14)
These sections describe the open and resolved caveats in supervisor engine software release 5.5(14):
•Open Caveats in Software Release 5.5(14)
•Resolved Caveats in Software Release 5.5(14)
Open Caveats in Software Release 5.5(14)
Note For a description of caveats resolved in software release 5.5(14), see the "Resolved Caveats in Software Release 5.5(14)" section.
This section describes the open caveats in software release 5.5(14):
•CiscoView sometimes cannot be launched on a Solaris/Netscape Communicator client or sometimes it launches with an access control error.
Workaround: Clear the browser cache or ensure that the Java Run-time Environment (JRE) and plug-in versions match. To make the JRE and plug-in versions match, follow this procedure:
a. Open the Java plug-in Control Panel located at:
java_plugin_install_directory/j2pi/ControlPanel
The standard java_plugin_install_directory is /opt/NSCPcom/
b. Go to the Advanced tab and select Java Run Time Environment as "Use Java Plug-in Default."
c. Restart the browser.
(CSCdu32540)
•When you open a configuration dialog box after resizing the CiscoView browser window on a Solaris/Netscape Communicator client with Java plug-in 1.3.0, a Java
IllegalComponentStateException error occurs.
Workaround: Open the same dialog box again. (CSCdu32555)
•If you download a COPS policy containing a differentiated services code point (DSCP) range to a Catalyst 5000 family switch, the COPS policy will not apply and will display the following error:
%COPS-3-APPLY_CAT5K_FAIL_DSCPRANGE: Applying COPS policy failed since DSCP policy
range not set to full range
Policies that do not contain a full DSCP range are not supported on Catalyst 5000 family switches. (CSCdr23429)
•The Catalyst 5000 family switches do not support non-zero WRED minimum values. If a COPS QPM server sends a COPS policy with a non-zero WRED minimum value, error reports are not returned to the COPS server, and you will not be aware that the WRED minimum specified in the COPS policy was not used. (CSCdr28819)
•The clear log command does not clear the exception log for the Network Analysis Module (WS-X5380). (CSCdm32798)
•If a duplex mismatch occurs on an ISL trunk into a Catalyst 5000 family switch, you will see swBusCRCErrorDrop errors on all ports, and you will see RxInnerCRCErrorDrop errors on ports with the duplex mismatch. This mismatch results in dropped traffic between buses.
Workaround: To disable the ports with the duplex mismatch, enter the set feature fw-disable enable command. This command was introduced in software release 5.5(13). (CSCdw11398)
Resolved Caveats in Software Release 5.5(14)
Note For a description of open caveats in software release 5.5(14), see the "Open Caveats in Software Release 5.5(14)" section.
This section describes the resolved caveats in software release 5.5(14):
•After receiving eight TCP connection attempts using a non-standard TCP flags combination, a Catalyst switch stops responding to further TCP connections to that particular service. To reestablish functionality of that service, you must reboot the switch. There is no workaround. This vulnerability affects only Catalyst software. No other Cisco products are affected.
This advisory is available at this URL:
http://www.cisco.com/warp/public/707/cisco-sa-20030709-swtcp.shtml
This problem is resolved in software release 5.5(14). (CSCdw52219)
•On Catalyst 5000 family switches with 1000 or more VLANs configured, if you enter the show mls entry command immediately after the system boots up, the system may reload.
This problem is resolved in software release 5.5(14). (CSCdu18119)
•The Supervisor Engine III G does not populate sysTrafficMeterTable for the three individual switching buses. This problem exists on Catalyst software versions 5.5(1) through 5.5(13), 6.1(x), 6.2(x), and 6.3(1) through 6.3(5).
This problem is resolved in software release 5.5(14). (CSCdw66441)
•When an EtherChannel bundles ports across different modules, if one of the modules that contains the channeling ports gets reset, the ports may leave the bridge port and converge again when the module comes back online.
This problem is resolved in software release 5.5(14). (CSCdu17107)
•If a port is configured as a nontrunking port and it receives an ISL-encapsulated packet, the port will not be able to remove the ISL header. By default the system will install ISL system CAM entries and drop the ISL packets. These CAM entries are installed for every active VLAN in the switch. In rare circumstances, this default behavior may cause hash collisions for real MAC addresses because of the amount of system entries that are being used up. To prevent such collisions, use the new set feature no-isl-entries enable command to disable the creation of these ISL system entries.
Note Do not enter the set feature no-isl-entries enable command on switches that are connected to other switches because received ISL packets will be flooded on the specified VLAN.
This problem is resolved in software release 5.5(14). (CSCdw86312)
•In systems with a WS-U5533 uplink module on the supervisor engine running software release 5.5.7, packet buffer tests might fail the ports are disabled and the diagnostics are set to be bypassed.
This problem is resolved in software release 5.5(14). (CSCdw95036)
Open and Resolved Caveats in Software Release 5.5(13a)
These sections describe the open and resolved caveats in supervisor engine software release 5.5(13a):
•Open Caveats in Software Release 5.5(13a)
•Resolved Caveats in Software Release 5.5(13a)
Open Caveats in Software Release 5.5(13a)
Note For a description of caveats resolved in software release 5.5(13a), see the "Resolved Caveats in Software Release 5.5(13a)" section.
This section describes the open caveats in software release 5.5(13a):
•CiscoView sometimes cannot be launched on a Solaris/Netscape Communicator client or it sometimes launches with an Access Control error.
Workaround: Clear the browser cache or ensure that the Java Run-time Environment (JRE) and plug-in versions match. To make the JRE and plug-in versions match, follow this procedure:
a. Open the Java plug-in Control Panel located at:
java_plugin_install_directory/j2pi/ControlPanel
The standard java_plugin_install_directory is /opt/NSCPcom/
b. Go to the Advanced tab and select Java Run Time Environment as "Use Java Plug-in Default."
c. Restart the browser.
(CSCdu32540)
•When you open a configuration dialog box after resizing the CiscoView browser window on a Solaris/Netscape Communicator client with Java plug-in 1.3.0, a Java
IllegalComponentStateException error occurs.
Workaround: Open the same dialog box again. (CSCdu32555)
•If you download a COPS policy containing a differentiated services code point (DSCP) range to a Catalyst 5000 family switch, the COPS policy will not apply and will display the following error:
%COPS-3-APPLY_CAT5K_FAIL_DSCPRANGE: Applying COPS policy failed since DSCP policy
range not set to full range
Policies that do not contain a full DSCP range are not supported on Catalyst 5000 family switches. (CSCdr23429)
•The Catalyst 5000 family switches do not support non-zero WRED minimum values. If a COPS QPM server sends a COPS policy with a non-zero WRED minimum value, error reports are not returned to the COPS server, and you will not be aware that the WRED minimum specified in the COPS policy was not used. (CSCdr28819)
•The clear log command does not clear the exception log for the Network Analysis Module (WS-X5380). (CSCdm32798)
•If a duplex mismatch occurs on an ISL trunk into a Catalyst 5000 family switch, you will see swBusCRCErrorDrop errors on all ports, and you will see RxInnerCRCErrorDrop errors on ports with the duplex mismatch. This mismatch results in dropped traffic between buses.
Workaround: Enter the set feature fw-disable enable command, introduced in software release 5.5(13), to disable the ports with the duplex mismatch. (CSCdw11398)
Resolved Caveats in Software Release 5.5(13a)
Note For a description of open caveats in software release 5.5(13a), see the "Open Caveats in Software Release 5.5(13a)" section.
This section describes the resolved caveats in software release 5.5(13a):
•An error can occur with management protocol processing. Please use the following URL for further information:
http://www.cisco.com/pcgi-bin/bugtool/onebug.pl?bugid=CSCdw67458
This problem is resolved in software release 5.5(13a). (CSCdw67458)
Open and Resolved Caveats in Software Release 5.5(13)
These sections describe the open and resolved caveats in supervisor engine software release 5.5(13):
•Open Caveats in Software Release 5.5(13)
•Resolved Caveats in Software Release 5.5(13)
Open Caveats in Software Release 5.5(13)
Note For a description of caveats resolved in software release 5.5(13), see the "Resolved Caveats in Software Release 5.5(13)" section.
This section describes the open caveats in software release 5.5(13):
•CiscoView sometimes cannot be launched on a Solaris/Netscape Communicator client or it sometimes launches with an Access Control error.
Workaround: Clear the browser cache or ensure that the Java Run-time Environment (JRE) and plug-in versions match. To make the JRE and plug-in versions match, follow this procedure:
a. Open the Java plug-in Control Panel located at:
java_plugin_install_directory/j2pi/ControlPanel
The standard java_plugin_install_directory is /opt/NSCPcom/
b. Go to the Advanced tab and select Java Run Time Environment as "Use Java Plug-in Default."
c. Restart the browser.
(CSCdu32540)
•When you open a configuration dialog box after resizing the CiscoView browser window on a Solaris/Netscape Communicator client with Java plug-in 1.3.0, a Java
IllegalComponentStateException error occurs.
Workaround: Open the same dialog box again. (CSCdu32555)
•If you download a COPS policy containing a differentiated services code point (DSCP) range to a Catalyst 5000 family switch, the COPS policy will not apply and will display the following error:
%COPS-3-APPLY_CAT5K_FAIL_DSCPRANGE: Applying COPS policy failed since DSCP policy
range not set to full range
Policies that do not contain a full DSCP range are not supported on Catalyst 5000 family switches. (CSCdr23429)
•The Catalyst 5000 family switches do not support non-zero WRED minimum values. If a COPS QPM server sends a COPS policy with a non-zero WRED minimum value, error reports are not returned to the COPS server, and you will not be aware that the WRED minimum specified in the COPS policy was not used. (CSCdr28819)
•The clear log command does not clear the exception log for the Network Analysis Module (WS-X5380). (CSCdm32798)
•If a duplex mismatch occurs on an ISL trunk into a Catalyst 5000 family switch, you will see swBusCRCErrorDrop errors on all ports, and you will see RxInnerCRCErrorDrop errors on ports with the duplex mismatch. This mismatch results in dropped traffic between buses.
Workaround: Enter the set feature fw-disable enable command, introduced in software release 5.5(13), to disable the ports with the duplex mismatch. (CSCdw11398)
Resolved Caveats in Software Release 5.5(13)
Note For a description of open caveats in software release 5.5(13), see the "Open Caveats in Software Release 5.5(13)" section.
This section describes the resolved caveats in software release 5.5(13):
•Catalyst 5000 modules may fail to come online after a switch with a Supervisor Engine II G (WS-X5540) in a nonredundant chassis is reset. This problem exists in 5.5(x) and 6.1(x) releases of the Catalyst operating software. The problem usually occurs with WS-X5213(A) modules running firmware (FW) versions earlier than 3.1(1). After the switch restarts, you will need to reinsert the module.
This problem is resolved in software release 5.5(13). (CSCdv00286)
•When operating at 10 MB, a disabled port on a WS-X5224, WS-X5012, WS-X5012A, or WS-X5014 module will continue to transmit link pulses. This action causes the link-partner port to stay up. There is no workaround. The problem exists in 4.x, 5.x, and 6.x releases of the Catalyst operating software.
This problem is resolved in software release 5.5(13). (CSCdw25922)
•In rare circumstances, a designated port might be stuck in the spanning tree "listening" state and still be transmitting BPDUs. This does not introduce problems with spanning tree convergence or cause loops.
This problem is resolved in software release 5.5(13). (CSCdv89566)
•In rare circumstances, the output from the show mac mod/port command and the output from an SNMP query will report inconsistent values for the "In-Discards" field.
This problem is resolved in software release 5.5(13). (CSCdu30380)
Open and Resolved Caveats in Software Release 5.5(12a)
These sections describe the open and resolved caveats in supervisor engine software release 5.5(12a):
•Open Caveats in Software Release 5.5(12a)
•Resolved Caveats in Software Release 5.5(12a)
Open Caveats in Software Release 5.5(12a)
Note For a description of caveats resolved in software release 5.5(12a), see the "Resolved Caveats in Software Release 5.5(12a)" section.
This section describes the open caveats in software release 5.5(12a):
•CiscoView sometimes either cannot be launched on a Solaris/Netscape Communicator client or it launches with an Access Control error.
Workaround: Clear the browser cache or ensure that the JRE and plug-in versions match. To make the JRE and plug-in versions match, follow this procedure:
a. Open the Java plug-in Control Panel located at:
java_plugin_install_directory/j2pi/ControlPanel
The standard java_plugin_install_directory is /opt/NSCPcom/
b. Go to the Advanced tab and select Java Run Time Environment as "Use Java Plug-in Default."
c. Restart the browser.
(CSCdu32540)
•When you open a configuration dialog box after resizing the CiscoView browser window on a Solaris/Netscape Communicator client with Java plug-in 1.3.0, a Java
IllegalComponentStateException error occurs.
Workaround: Open the same dialog box again. (CSCdu32555)
•If you download a COPS policy containing a differentiated services code point (DSCP) range to a Catalyst 5000 family switch, the COPS policy will not apply and displays the following error:
%COPS-3-APPLY_CAT5K_FAIL_DSCPRANGE: Applying COPS policy failed since DSCP policy
range not set to full range
Policies that do not contain a full DSCP range are not supported on Catalyst 5000 family switches. (CSCdr23429)
•The Catalyst 5000 family switches do not support non-zero WRED minimum values. If a COPS QPM server sends a COPS policy with a non-zero WRED minimum value, error reports are not returned to the COPS server, and you will not be aware that the WRED minimum specified in the COPS policy was not used. (CSCdr28819)
•The clear log command does not clear the exception log for the Network Analysis Module (WS-X5380). (CSCdm32798)
Resolved Caveats in Software Release 5.5(12a)
Note For a description of open caveats in software release 5.5(12a), see the "Open Caveats in Software Release 5.5(12a)" section.
This section describes the resolved caveats in software release 5.5(12a):
•An error can occur with management protocol processing. Please use the following URL for further information:
http://www.cisco.com/pcgi-bin/bugtool/onebug.pl?bugid=CSCdw67458
This problem is resolved in software release 5.5(12a). (CSCdw67458)
Open and Resolved Caveats in Software Release 5.5(12)
These sections describe the open and resolved caveats in supervisor engine software release 5.5(12):
•Open Caveats in Software Release 5.5(12)
•Resolved Caveats in Software Release 5.5(12)
Open Caveats in Software Release 5.5(12)
Note For a description of caveats resolved in software release 5.5(12), see the "Resolved Caveats in Software Release 5.5(12)" section.
This section describes the open caveats in software release 5.5(12):
•CiscoView sometimes either cannot be launched on a Solaris/Netscape Communicator client or it launches with an Access Control error.
Workaround: Clear the browser cache or ensure that the JRE and plug-in versions match. To make the JRE and plug-in versions match, follow this procedure:
a. Open the Java plug-in Control Panel located at:
java_plugin_install_directory/j2pi/ControlPanel
The standard java_plugin_install_directory is /opt/NSCPcom/
b. Go to the Advanced tab and select Java Run Time Environment as "Use Java Plug-in Default."
c. Restart the browser.
(CSCdu32540)
•When you open a configuration dialog box after resizing the CiscoView browser window on a Solaris/Netscape Communicator client with Java plug-in 1.3.0, a Java
IllegalComponentStateException error occurs.
Workaround: Open the same dialog box again. (CSCdu32555)
•If you download a COPS policy containing a differentiated services code point (DSCP) range to a Catalyst 5000 family switch, the COPS policy will not apply and displays the following error:
%COPS-3-APPLY_CAT5K_FAIL_DSCPRANGE: Applying COPS policy failed since DSCP policy
range not set to full range
Policies that do not contain a full DSCP range are not supported on Catalyst 5000 family switches. (CSCdr23429)
•The Catalyst 5000 family switches do not support non-zero WRED minimum values. If a COPS QPM server sends a COPS policy with a non-zero WRED minimum value, error reports are not returned to the COPS server, and you will not be aware that the WRED minimum specified in the COPS policy was not used. (CSCdr28819)
•The clear log command does not clear the exception log for the Network Analysis Module (WS-X5380). (CSCdm32798)
Resolved Caveats in Software Release 5.5(12)
Note For a description of open caveats in software release 5.5(12), see the "Open Caveats in Software Release 5.5(12)" section.
This section describes the resolved caveats in software release 5.5(12):
•The switch might experience a memory leak if TACACS accounting is enabled and multiple Telnet sessions are established (concurrently or nonconcurrently). The memory leak could lead to a system reset or the switch could become unreachable.
•Workaround: Disable TACACS accounting and then reset the switch to free up the memory buffers.
This problem is resolved in software release 5.5(12). (CSCdv38306)
•When a port is configured as dynamic, it is not assigned a VLAN from the VMPS server. This problem occurs only if a port is first configured to be dynamic, next changed to static, and then changed to dynamic.
This problem is resolved in software release 5.5(12). (CSCdv34403)
•After a software upgrade from release 5.4(3) to 5.5(7), the uplink ports on the supervisor engine (WS-X5530) go into failed state. Reloading the switch corrects this problem.
This problem is resolved in software release 5.5(12). (CSCdv06726)
•The switch might reset because of a rare error condition in the FCP task function.
This problem is resolved in software release 5.5(12). (CSCdv51142)
•On a Catalyst 5000 family switch with a Supervisor Engine III, the MIB OID for sysTraffic and sysTrafficPeak show different values than the output of the show system command.
This problem is resolved in software release 5.5(12). (CSCdv60866)
•On a Catalyst 5000 family switch, IGMP is enabled by default when you clear the configuration and reset the switch. IGMP cannot be disabled, and CGMP cannot be enabled.
This problem is resolved in software release 5.5(12). (CSCdw00254)
•On a Catalyst 5500 switch running 5.5(8), with a Supervisor Engine II G and an RSM with MLS configured, a topology change may cause packet loss. The MLS entries will be purged and recreated to point to the new egress ports, but the switch may drop packets after the packet has been MLS switched in the egress path.
This problem is resolved in software release 5.5(12). (CSCdu53857)
•If CGMP is enabled with the set cgmp enable command and leave processing is disabled (the default), HSRP packets will not be forwarded by the switch. This may cause all HSRP routers to transition to the ACTIVE state.
Workaround: Enable and disable leave processing after CGMP is enabled using the following sequence of commands:
set cgmp disable
set cgmp enable
set cgmp leave enable
set cgmp leave disable
For more information, refer to the "Interaction Between CGMP Leave Processing and HSRP" section of the Catalyst 5000 Family Configuration Guide at the following URL:
http://www.cisco.com/univercd/cc/td/doc/product/lan/cat5000/rel_5_5/sw_cfg/multi.htm
This problem is resolved in software release 5.5(12). (CSCdv36030)
Open and Resolved Caveats in Software Release 5.5(11a)
These sections describe the open and resolved caveats in supervisor engine software release 5.5(11a):
•Open Caveats in Software Release 5.5(11a)
•Resolved Caveats in Software Release 5.5(11a)
Open Caveats in Software Release 5.5(11a)
Note For a description of caveats resolved in software release 5.5(11a), see the "Resolved Caveats in Software Release 5.5(11a)" section.
This section describes the open caveats in software release 5.5(11a):
•CiscoView sometimes either cannot be launched on a Solaris/Netscape Communicator client or it launches with an Access Control error.
Workaround: Clear the browser cache or ensure that the JRE and plug-in versions match. To make the JRE and plug-in versions match, follow this procedure:
a. Open the Java plug-in Control Panel located at:
java_plugin_install_directory/j2pi/ControlPanel
the standard java_plugin_install_directory is /opt/NSCPcom/
b. Go to the Advanced tab and select Java Run Time Environment as "Use Java Plug-in Default."
c. Restart the browser.
(CSCdu32540)
•When you open a configuration dialog box after resizing the CiscoView browser window on a Solaris/Netscape Communicator client with Java plug-in 1.3.0, a Java
IllegalComponentStateException error occurs.
Workaround: Open the same dialog box again. (CSCdu32555)
•If you download a COPS policy containing a differentiated services code point (DSCP) range to a Catalyst 5000 family switch, the COPS policy will not apply and displays the following error:
%COPS-3-APPLY_CAT5K_FAIL_DSCPRANGE: Applying COPS policy failed since DSCP policy
range not set to full range
Policies that do not contain a full DSCP range are not supported on Catalyst 5000 family switches. (CSCdr23429)
•The Catalyst 5000 family switches do not support non-zero WRED minimum values. If a COPS QPM server sends a COPS policy with a non-zero WRED minimum value, error reports are not returned to the COPS server, and you will not be aware that the WRED minimum specified in the COPS policy was not used. (CSCdr28819)
•The clear log command does not clear the exception log for the Network Analysis Module (WS-X5380). (CSCdm32798)
Resolved Caveats in Software Release 5.5(11a)
Note For a description of open caveats in software release 5.5(11a), see the "Open Caveats in Software Release 5.5(11a)" section.
This section describes the resolved caveats in software release 5.5(11a):
•An error can occur with management protocol processing. Please use the following URL for further information:
http://www.cisco.com/pcgi-bin/bugtool/onebug.pl?bugid=CSCdw67458
This problem is resolved in software release 5.5(11a). (CSCdw67458)
Open and Resolved Caveats in Software Release 5.5(11)
These sections describe the open and resolved caveats in supervisor engine software release 5.5(11):
•Open Caveats in Software Release 5.5(11)
•Resolved Caveats in Software Release 5.5(11)
Open Caveats in Software Release 5.5(11)
Note For a description of caveats resolved in software release 5.5(11), see the "Resolved Caveats in Software Release 5.5(11)" section.
This section describes the open caveats in software release 5.5(11):
•CiscoView sometimes either cannot be launched on a Solaris/Netscape Communicator client or it launches with an Access Control error.
Workaround: Clear the browser cache or ensure that the JRE and plug-in versions match. To make the JRE and plug-in versions match, follow this procedure:
a. Open the Java plug-in Control Panel located at:
java_plugin_install_directory/j2pi/ControlPanel
the standard java_plugin_install_directory is /opt/NSCPcom/
b. Go to the Advanced tab and select Java Run Time Environment as "Use Java Plug-in Default."
c. Restart the browser.
(CSCdu32540)
•When you open a configuration dialog box after resizing the CiscoView browser window on a Solaris/Netscape Communicator client with Java plug-in 1.3.0, a Java
IllegalComponentStateException error occurs.
Workaround: Open the same dialog box again. (CSCdu32555)
•If you download a COPS policy containing a differentiated services code point (DSCP) range to a Catalyst 5000 family switch, the COPS policy will not apply and displays the following error:
%COPS-3-APPLY_CAT5K_FAIL_DSCPRANGE: Applying COPS policy failed since DSCP policy
range not set to full range
Policies that do not contain a full DSCP range are not supported on Catalyst 5000 family switches. (CSCdr23429)
•The Catalyst 5000 family switches do not support non-zero WRED minimum values. If a COPS QPM server sends a COPS policy with a non-zero WRED minimum value, error reports are not returned to the COPS server, and you will not be aware that the WRED minimum specified in the COPS policy was not used. (CSCdr28819)
•The clear log command does not clear the exception log for the Network Analysis Module (WS-X5380). (CSCdm32798)
Resolved Caveats in Software Release 5.5(11)
Note For a description of open caveats in software release 5.5(11), see the "Open Caveats in Software Release 5.5(11)" section.
This section describes the resolved caveats in software release 5.5(11):
•A port in PAgP non-silent mode may behave as if in PAgP silent mode if the port has been connected to a non-silent partner. Therefore, the port may be posted to STP after reset and could cause channel disturbance.
This problem is resolved in software release 5.5(11). (CSCdu85834)
•A BUS error might occur when spanning tree receives a BPDU of abnormal size and is disabled for the VLAN on which the BPDU was received.
This problem is resolved in software release 5.5(11). (CSCdu69958)
•If you configure more than one default gateway, the default gateway might change from the primary to the secondary and back without obvious valid reason.
This problem is resolved in software release 5.5(11). (CSCdt73765)
Open and Resolved Caveats in Software Release 5.5(10a)
These sections describe the open and resolved caveats in supervisor engine software release 5.5(10a):
•Open Caveats in Software Release 5.5(10a)
•Resolved Caveats in Software Release 5.5(10a)
Open Caveats in Software Release 5.5(10a)
Note For a description of caveats resolved in software release 5.5(10a), see the "Resolved Caveats in Software Release 5.5(10a)" section.
This section describes the open caveats in software release 5.5(10a):
•CiscoView sometimes either cannot be launched on a Solaris/Netscape Communicator client or it launches with an Access Control error.
Workaround: Clear the browser cache or ensure that the JRE and plug-in versions match. To make the JRE and plug-in versions match, follow this procedure:
a. Open the Java plug-in Control Panel located at:
java_plugin_install_directory/j2pi/ControlPanel
The standard java_plugin_install_directory is /opt/NSCPcom/
b. Go to the Advanced tab and select Java Run Time Environment as "Use Java Plug-in Default."
c. Restart the browser.
(CSCdu32540)
•When you open a configuration dialog box after resizing the CiscoView browser window on a Solaris/Netscape Communicator client with Java plug-in 1.3.0, a Java
IllegalComponentStateException error occurs.
Workaround: Open the same dialog box again. (CSCdu32555)
•If you download a COPS policy containing a differentiated services code point (DSCP) range to a Catalyst 5000 family switch, the COPS policy will not apply and displays the following error:
%COPS-3-APPLY_CAT5K_FAIL_DSCPRANGE: Applying COPS policy failed since DSCP policy
range not set to full range
Policies that do not contain a full DSCP range are not supported on Catalyst 5000 family switches. (CSCdr23429)
•The Catalyst 5000 family switches do not support non-zero WRED minimum values. If a COPS QPM server sends a COPS policy with a non-zero WRED minimum value, error reports are not returned to the COPS server, and you will not be aware that the WRED minimum specified in the COPS policy was not used. (CSCdr28819)
•The clear log command does not clear the exception log for the Network Analysis Module (WS-X5380). (CSCdm32798)
•A port in PAgP non-silent mode may behave as if in PAgP silent mode if the port has been connected to a non-silent partner. Therefore, the port may be posted to STP after reset and could cause channel disturbance. (CSCdu85834)
Resolved Caveats in Software Release 5.5(10a)
Note For a description of open caveats in software release 5.5(10a), see the "Open Caveats in Software Release 5.5(10a)" section.
This section describes the resolved caveats in software release 5.5(10a):
•An error can occur with management protocol processing. Please use the following URL for further information:
http://www.cisco.com/pcgi-bin/bugtool/onebug.pl?bugid=CSCdw67458
This problem is resolved in software release 5.5(10a). (CSCdw67458)
Open and Resolved Caveats in Software Release 5.5(10)
These sections describe the open and resolved caveats in supervisor engine software release 5.5(10):
•Open Caveats in Software Release 5.5(10)
•Resolved Caveats in Software Release 5.5(10)
Open Caveats in Software Release 5.5(10)
Note For a description of caveats resolved in software release 5.5(10), see the "Resolved Caveats in Software Release 5.5(10)" section.
This section describes the open caveats in software release 5.5(10):
•CiscoView sometimes either cannot be launched on a Solaris/Netscape Communicator client or it launches with an Access Control error.
Workaround: Clear the browser cache or ensure that the JRE and plug-in versions match. To make the JRE and plug-in versions match, follow this procedure:
a. Open the Java plug-in Control Panel located at:
java_plugin_install_directory/j2pi/ControlPanel
The standard java_plugin_install_directory is /opt/NSCPcom/
b. Go to the Advanced tab and select Java Run Time Environment as "Use Java Plug-in Default."
c. Restart the browser.
(CSCdu32540)
•When you open a configuration dialog box after resizing the CiscoView browser window on a Solaris/Netscape Communicator client with Java plug-in 1.3.0, a Java
IllegalComponentStateException error occurs.
Workaround: Open the same dialog box again. (CSCdu32555)
•If you download a COPS policy containing a differentiated services code point (DSCP) range to a Catalyst 5000 family switch, the COPS policy will not apply and displays the following error:
%COPS-3-APPLY_CAT5K_FAIL_DSCPRANGE: Applying COPS policy failed since DSCP policy
range not set to full range
Policies that do not contain a full DSCP range are not supported on Catalyst 5000 family switches. (CSCdr23429)
•The Catalyst 5000 family switches do not support non-zero WRED minimum values. If a COPS QPM server sends a COPS policy with a non-zero WRED minimum value, error reports are not returned to the COPS server, and you will not be aware that the WRED minimum specified in the COPS policy was not used. (CSCdr28819)
•The clear log command does not clear the exception log for the Network Analysis Module (WS-X5380). (CSCdm32798)
•A port in PAgP non-silent mode may behave as if in PAgP silent mode if the port has been connected to a non-silent partner. Therefore, the port may be posted to STP after reset and could cause channel disturbance. (CSCdu85834)
Resolved Caveats in Software Release 5.5(10)
Note For a description of open caveats in software release 5.5(10), see the "Open Caveats in Software Release 5.5(10)" section.
This section describes the resolved caveats in software release 5.5(10):
•If you include a control character, such as ^C, in a comment line of a configuration file, the commands following the comment line are ignored when the configuration file is copied to the running configuration. This problem occurs with all 5.x software releases prior to 5.5(10).
This problem is resolved in software release 5.5(10). (CSCdu58728)
•On a Catalyst 5509 switch with a Supervisor Engine II G and many (approximately 20) trunk ports connected to the switch, all available CPU resources are consumed by the EthChnlConfig process when all of the ports are enabled at the same time, or after a reboot. VTP pruning cannot send out periodic messages on time, causing the neighbor to prune all VLANs on this trunk. VTP pruning will recover on its own once the CPU resources return to normal.
This problem is resolved in software release 5.5(10). (CSCdu44453)
•In extremely rare conditions, when shortcut entries are programmed in the FIB or MET table, an error, such as a full MET table or a missing Layer 2 entry, might cause the switch to suddenly reset.
•If you have a Supervisor Engine III (WS-X5530) with an NFFC or NFFC II and a 100BASE-FX uplink module, entering the show cam dynamic command may display invalid CAM entries in VLAN 989 after booting the system. This does not affect service.
Also, if you have redundant Supervisor Engines III, each with an NFFC or NFFC II and 100BASE-FX uplink modules, entering the show cam dynamic command after you enter the switch supervisor command may display an invalid CAM entry for port 1/9 or 2/9. This does not affect service.
This problem is resolved in software release 5.5(10). (CSCdu50957)
•On the 10/100-Mbps workgroup Fast Ethernet switching module (WS-X5224) running 5.5(x), the receive counters (RX) may increase, although no MAC addresses are learned; transmit counters (TX) will not increase.
Workaround: Disable and reenable the port, or downgrade to the latest 4.5(x) release.
This problem is resolved in software release 5.5(10). (CSCdu62858)
•In extremely rare conditions, when shortcut entries are programmed in the FIB or MET table, an error, such as a full MET table or a missing Layer 2 entry, might cause the switch to suddenly reset.
This problem is resolved in software release 5.5(10). (CSCdu23126)
•The switch might reset with a TLB exception related to the ATM module. If the line
logging buffered 13684 debugging
is added to the ATM configuration file and the configuration is then saved and the ATM module reloaded, the switch might reset with the TLB exception.
This problem is resolved in software release 5.5(10). (CSCdu82644)
•In rare conditions, in systems with a Supervisor Engine II or III G, the ATM module (WS-X5156, WS-X5157, WS-X5158, WS-X5167) might fail to come online after a switchover from the active supervisor engine to the redundant supervisor engine.
Workaround: Reset the ATM module by doing one of the following:
–Remove and reinsert the ATM module in the chassis.
–Perform another switchover on the supervisor engines, if both are operational.
This problem is resolved in software release 5.5(10). (CSCdu16999)
Open and Resolved Caveats in Software Release 5.5(9)
These sections describe the open and resolved caveats in supervisor engine software release 5.5(9):
•Open Caveats in Software Release 5.5(9)
•Resolved Caveats in Software Release 5.5(9)
Open Caveats in Software Release 5.5(9)
Note For a description of caveats resolved in software release 5.5(9), see the "Resolved Caveats in Software Release 5.5(9)" section.
This section describes the open caveats in software release 5.5(9):
•CiscoView sometimes either cannot be launched on a Solaris/Netscape Communicator client or it launches with an Access Control error.
Workaround: Clear the browser cache or ensure that the JRE and plug-in versions match. To make the JRE and plug-in versions match, follow this procedure:
a. Open the Java plug-in Control Panel located at:
java_plugin_install_directory/j2pi/ControlPanel
The standard java_plugin_install_directory is /opt/NSCPcom/
b. Go to the Advanced tab and select Java Run Time Environment as "Use Java Plug-in Default."
c. Restart the browser.
(CSCdu32540)
•When you open a configuration dialog box after resizing the CiscoView browser window on a Solaris/Netscape Communicator client with Java plugin 1.3.0, a Java
IllegalComponentStateException error occurs.
Workaround: Open the same dialog box again. (CSCdu32555)
•If you download a COPS policy containing a differentiated services code point (DSCP) range to a Catalyst 5000 family switch, the COPS policy will not apply and displays the following error:
%COPS-3-APPLY_CAT5K_FAIL_DSCPRANGE: Applying COPS policy failed since DSCP policy
range not set to full range
Policies that do not contain a full DSCP range are not supported on Catalyst 5000 family switches. (CSCdr23429)
•The Catalyst 5000 family switches do not support non-zero WRED minimum values. If a COPS QPM server sends a COPS policy with a non-zero WRED minimum value, error reports are not returned to the COPS server, and you will not be aware that the WRED minimum specified in the COPS policy was not used. (CSCdr28819)
•The clear log command does not clear the exception log for the Network Analysis Module (WS-X5380). (CSCdm32798)
Resolved Caveats in Software Release 5.5(9)
Note For a description of open caveats in software release 5.5(9), see the "Open Caveats in Software Release 5.5(9)" section.
This section describes the resolved caveats in software release 5.5(9):
•When using Supervisor Engine II G or III G with DHCP enabled, a stack overflow problem might occur.
This problem is resolved in software release 5.5(9). (CSCdt59867)
•On systems with Supervisor III FSX (WS-X5534), the show version command incorrectly displays the total memory as 556928K DRAM, instead of 32MB. This does not affect system performance and no workaround is known.
This problem is resolved in software release 5.5(9). (CSCdr26496)
•After a Spanning Tree topology change, CAM aging time will remain at a short aging time (5 to 15 seconds). This problem occurs on VLANs with forward delay set at a value less than 5.
Workaround: Set the forward delay to 15 on the root switch.
This problem is resolved in software release 5.5(9). (CSCdt78700)
•Catalyst 5000 family systems with redundant Supervisor Engine II Gs (WS-X5540) with RSFCs configured in the MLS MULTICAST INCLUDE list, and running 6.1(2.1), may crash when MMLS is enabled. When this problem occurs, MMLS shortcuts are deleted as a result of topology changes.
Workaround: Disable any configured L2 multicast functionality (that is, IGMP/CGMP/GMRP). If the multicast traffic is too high to permit this action, remove the PIM non-DR RSFC from the MLS MULTICAST INCLUDE list.
This problem is resolved in software release 5.5(9). (CSCdt38243)
•When an ISL trunk port is connected to an access port and QoS is enabled on the switch with the ISL trunk, the ISL header will have the USER bits set in the destination address. Currently, the QoS ASIC drops the packets with user bits set to 0 and 1 only; packets with other bits set are forwarded on the access VLAN of the nontrunk port. These packets will not go through the blocked ports.
Workaround: Fix the misconfiguration (that is, both ends should be set to trunking).
This problem is resolved in software release 5.5(9). (CSCdu10858)
•You might not be able to enable logging for Dynamic VLANs using the set logging level dvlan command:
Console> (enable) set logging level dvlan 7
This problem is resolved in software release 5.5(9). (CSCdu19163)
•The Catalyst 5000 family switch sends the wrong trap OID (.1.3.6.1.2.1.47.2.1.0.1) for the entConfigChange MIB.
This problem is resolved in software release 5.5(9). (CSCdu34057)
•The "hidden" commands set igmp mode and show igmp mode have been moved to enable mode. For description of this command, see the Catalyst 5000 Family Command Reference, software release 5.5.
This problem is resolved in software release 5.5(9). (CSCdu39547)
•Under rare circumstances, the RSFC (module 15) will not come up on a Supervisor Engine III G running software release 5.5.5 through 6.1.2. The following error message will appear on the supervisor console:
RSFC (mod 15, slot 1) error called from 1050c408 err 5
RSFC (mod 15, slot 1) failed, waiting for reset
When you enter the show module command, no status for the RSFC is displayed. All the logical VLAN interfaces in RSFC will be down.
This problem is resolved in software release 5.5(9). (CSCdt92255)
•The Catalyst 5000 family switch may pause indefinitely after the 20 MB Viking Flash PC (PCMCIA) card is hotswapped numerous times (approximately 20).
This problem is resolved in software release 5.5(9). (CSCdu23412)
•Improperly terminating a Telnet session may cause a memory leak in the switch.
This problem is resolved in software release 5.5(9). (CSCdu29283)
•Authentication protocols (TACACS+, RADIUS, Kerberos) uses a global character array to store the user input (such as passwords). Because the buffer is global, it is shared by all console and Telnet sessions; therefore, it may contain input from multiple Telnet sessions, which might cause incorrect password input for authentication.
This problem is resolved in software release 5.5(9). (CSCdu35551)
•When you use the CLI to create a multicast router entry in cseStaticExtRouterTable and then clear it, an error occurs when you create an entry in the same table from SNMP.
This problem is resolved in software release 5.5(9). (CSCdu39239)
Open and Resolved Caveats in Software Release 5.5(8a)
This section describes open and resolved caveats in supervisor engine software release 5.5(8a):
•Open Caveats in Software Release 5.5(8a)
•Resolved Caveats in Software Release 5.5(8a)
Open Caveats in Software Release 5.5(8a)
Note For a description of caveats resolved in software release 5.5(9), see the "Resolved Caveats in Software Release 5.5(8a)" section.
This section describes open caveats in software release 5.5(8a):
•When you open a configuration dialog box after resizing the CiscoView browser window on a Solaris/Netscape Communicator client with Java plugin 1.3.0, a Java
IllegalComponentStateException error occurs.
Workaround: Open the same dialog box again. (CSCdu32555)
•CiscoView sometimes either cannot be launched on a Solaris/Netscape Communicator client or it launches with an Access Control error.
Workaround: Clear the browser cache or ensure that the JRE and plug-in versions match. To make the JRE and plug-in versions match, follow this procedure:
a. Open the Java plug-in Control Panel located at:
java_plugin_install_directory/j2pi/ControlPanel
The standard java_plugin_install_directory is /opt/NSCPcom/
b. Go to the Advanced tab and select Java Run Time Environment as "Use Java Plug-in Default."
c. Restart the browser.
(CSCdu32540)
Resolved Caveats in Software Release 5.5(8a)
Note For a description of open caveats in software release 5.5(9), see the "Open Caveats in Software Release 5.5(8a)" section.
This section describes resolved caveats in software release 5.5(8a):
•The embedded CiscoView cannot be launched after May 11, 2001.
The problem is resolved in software release 5.5(8a). (CSCdu25881)
Open and Resolved Caveats in Software Release 5.5(8)
These sections describe the open and resolved caveats in supervisor engine software release 5.5(8):
•Open Caveats in Software Release 5.5(8)
•Resolved Caveats in Software Release 5.5(8)
Open Caveats in Software Release 5.5(8)
Note For a description of caveats resolved in software release 5.5(8), see the "Resolved Caveats in Software Release 5.5(8)" section.
This section describes the open caveats in software release 5.5(8):
•If you download a COPS policy containing a DSCP range to a Catalyst 5000 family switch, the COPS policy will fail to apply and will display the following error:
%COPS-3-APPLY_CAT5K_FAIL_DSCPRANGE: Applying COPS policy failed since DSCP policy
range not set to full range
Policies that do not contain a full DSCP range are not supported on Catalyst 5000 family switches. (CSCdr23429)
•The Catalyst 5000 family switches do not support non-zero WRED minimum values. If a COPS QPM server sends a COPS policy with a non-zero WRED minimum value, no error report is returned to the COPS server, and as a result, there is no indication to the user that the WRED minimum specified in the COPS policy was not used. (CSCdr28819)
•The clear log command does not clear the exception log for the Network Analysis Module (WS-X5380). (CSCdm32798)
Resolved Caveats in Software Release 5.5(8)
Note For a description of open caveats in software release 5.5(8), see the "Open Caveats in Software Release 5.5(8)" section.
This section describes resolved caveats in software release 5.5(8):
•Entering the show flash or show tech-support command in a Catalyst 5500 switch with Supervisor Engine II G or III G will fail to yield the CPU on the supervisor engine to other running processes. These commands can adversely affect processes that require periodic "hellos". Processes similar to spanning tree may see spanning tree reconfigured and reconverged, while unidirectional link detection (UDLD) may incorrectly disable a port.
Workaround: Do not enter the show flash or show tech-support commands from the CLI.
This problem is resolved in software release 5.5(8). (CSCdt94706)
•While running scheduled packet buffer testing on a Catalyst 5500 series switch with a Supervisor Engine II, the packet buffer testing may inaccurately place a supervisor engine uplink port in a faulty status. These packet buffers are not faulty.
This problem is resolved in software release 5.5(8). (CSCdu18288)
•The set option packetbuffer command is ignored. Ports are always set to "faulty" when a packet buffer test fails.
This problem is resolved in software release 5.5(8). (CSCdu19172)
•User traffic may not get through active ports in system with a Supervisor Engine II while a packet buffer test is running.
This problem is resolved in software release 5.5(8). (CSCdu21524)
•Running an on-demand packet buffer test on enabled ports may cause administrative protocol packets to be lost, resulting in network instability. Users are now required to disable the targeted port(s) before running an on-demand packet buffer test. Background testing behavior may still be done on enabled ports.
This problem is resolved in software release 5.5(8). (CSCdu22986)
•In a Catalyst 5000 switch with a Supervisor Engine II G (WS-X5540) installed in slot 1, a Saint5-based module (WS-X5234-RJ45, WS-X5236-FX-MT) in slot 2, and an additional Saint5-based module installed in the switch, the module in slot 2 may fail to initialize. This problem does not occur if an uplink module is installed on the supervisor engine.
Workaround: Reinstall the module in slot 2.
This problem is resolved in software release 5.5(8). (CSCds69273)
•The Catalyst 5500 series switch might crash when you make Telnet connections between the switch and the RSM.
Workaround: Reload the switch.
This problem is resolved in software release 5.5(8). (CSCdt01088)
•When the ifOperStatus value for the port changes (the port is enabled and disabled, or the link is brought up and down), the ifLastChange value for the port does not change.
This problem is resolved in software release 5.5(8). (CSCdt69418)
•After restarting an NT server that has a Compaq NC3123 FastEthernet NIC connected to a port on a 10/100-Mbps Fast Ethernet switching module (WS-X5225R), the port of the WS-X5225R may stop sending or receiving frames.
Workaround: The following workarounds solve the problem:
–Enter the set port disable mod/port command followed by set port enable mod/port command.
–Remove and insert the cable from the WS-X5225R port or NIC.
–Power down and restart the NT server.
This problem is resolved in software release 5.5(8). (CSCdt40099)
•A Supervisor Engine III with Gigabit Ethernet uplink module (WS-U5534-GESX or WS-U5536-GELX) does not display the PAGP message for the Gigabit Ethernet port when the link is established.
This problem is resolved in software release 5.5(8). (CSCdt86011)
•In a configuration with a redundant Supervisor Engine III with 10/100 uplink modules, the redundant supervisor engine does not poll the link status of the uplink ports fast enough. The active supervisor engine might not detect a link up or down on the redundant supervisor engine.
This problem is resolved in software release 5.5(8). (CSCdu08203)
•The value of dot1dTpPortInDiscards object contains same value of object ifInDiscards for a bridge port.
This problem is resolved in software release 5.5(8). (CSCdt71890)
•Configuring SPAN with two or more admin source ports on a Fast EtherChannel bundle and then deleting one of the admin source ports results in an error.
This problem is resolved in software release 5.5(8). (CSCdt90794)
•A Catalyst 5000 with Supervisor Engine III running 4.5(8) or 5.5(6) with CGMP configured will not install a static CAM entry for a multicast receiver on the other end of a port channel.
Workaround: Enable IGMP instead of CGMP on the core switch.
This problem is resolved in software release 5.5(8). (CSCdu05568)
•On a Supervisor Engine II (WS-X5506), the in-band (sc0) interface reports a large number of MIB II ifInErrors, which will increase continuously.
This problem is resolved in software release 5.5(8). (CSCdt91434)
Open and Resolved Caveats in Software Release 5.5(7a)
These sections describe the open and resolved caveats in supervisor engine software release 5.5(7a):
•Open Caveats in Software Release 5.5(7a)
•Resolved Caveats in Software Release 5.5(7a)
Open Caveats in Software Release 5.5(7a)
Note For a description of caveats resolved in software release 5.5(7a), see the "Resolved Caveats in Software Release 5.5(7a)" section.
This section describes open caveats in software release 5.5(7a):
•Entering the show flash or show tech-support command in a Catalyst 5500 switch with Supervisor Engine II G or III G will fail to yield the CPU on the supervisor engine to other running processes. These commands can adversely affect processes that require periodic "hellos". Processes similar to spanning tree may see spanning tree reconfigured and reconverged, while unidirectional link detection (UDLD) may incorrectly disable a port.
Workaround: Do not issue the show flash or show tech commands from the CLI. (CSCdt94706)
•If you download a COPS policy containing a DSCP range to a Catalyst 5000 family switch, the COPS policy will fail to apply and display the following error:
%COPS-3-APPLY_CAT5K_FAIL_DSCPRANGE: Applying COPS policy failed since DSCP policy
range not set to full range
Policies that do not contain a full DSCP range are not supported on Catalyst 5000 family switches. (CSCdr23429)
•The Catalyst 5000 family switches do not support non-zero WRED minimum values. If a COPS QPM server sends a COPS policy with a non-zero WRED minimum value, no error report is returned to the COPS server, and as a result, there is no indication to the user that the WRED minimum specified in the COPS policy was not used. (CSCdr28819)
•The clear log command does not clear the exception log for the Network Analysis Module (WS-X5380). (CSCdm32798)
Resolved Caveats in Software Release 5.5(7a)
Note For a description of open caveats in software release 5.5(7a), see the "Open Caveats in Software Release 5.5(7a)" section.
This section describes resolved caveats in software release 5.5(7a):
•An error can occur with management protocol processing. Please use the following URL for further information:
http://www.cisco.com/pcgi-bin/bugtool/onebug.pl?bugid=CSCdw67458
This problem is resolved in software release 5.5(7a). (CSCdw67458)
Open and Resolved Caveats in Software Release 5.5(7)
These sections describe the open and resolved caveats in supervisor engine software release 5.5(7):
•Open Caveats in Software Release 5.5(7)
•Resolved Caveats in Software Release 5.5(7)
Open Caveats in Software Release 5.5(7)
Note For a description of caveats resolved in software release 5.5(7), see the "Resolved Caveats in Software Release 5.5(7)" section.
This section describes open caveats in software release 5.5(7):
•Entering the show flash or show tech-support command in a Catalyst 5500 switch with Supervisor Engine II G or III G will fail to yield the CPU on the supervisor engine to other running processes. These commands can adversely affect processes that require periodic "hellos". Processes similar to spanning tree may see spanning tree reconfigured and reconverged, while unidirectional link detection (UDLD) may incorrectly disable a port.
Workaround: Do not issue the show flash or show tech commands from the CLI. (CSCdt94706)
•If you download a COPS policy containing a DSCP range to a Catalyst 5000 family switch, the COPS policy will fail to apply and display the following error:
%COPS-3-APPLY_CAT5K_FAIL_DSCPRANGE: Applying COPS policy failed since DSCP policy
range not set to full range
Policies that do not contain a full DSCP range are not supported on Catalyst 5000 family switches. (CSCdr23429)
•The Catalyst 5000 family switches do not support non-zero WRED minimum values. If a COPS QPM server sends a COPS policy with a non-zero WRED minimum value, no error report is returned to the COPS server, and as a result, there is no indication to the user that the WRED minimum specified in the COPS policy was not used. (CSCdr28819)
•The clear log command does not clear the exception log for the Network Analysis Module (WS-X5380). (CSCdm32798)
Resolved Caveats in Software Release 5.5(7)
Note For a description of open caveats in software release 5.5(7), see the "Open Caveats in Software Release 5.5(7)" section.
This section describes resolved caveats in software release 5.5(7):
•Operating systems, such as Windows XP, will attempt 802.1X authentication by sending frames to the Authenticator PAE on the destination multicast address 01-80-c2-00-00-0f and 01-80-c2-00-00-03. On Catalyst 5000 family switches with EARL1, EARL1+, EARL1++, or EARL1.1, these frames will be forwarded on all ports including Spanning Tree Blocking Ports. Since these frames are forwarded on blocked ports, the network will experience a Layer 2 multicast storm.
Workaround 1: Enter the following commands to configure a permanent CAM entry for 01-80-c2-00-00-0f and 01-80-c2-00-00-03 to be directed out an unused port.
–set cam permanent 01-80-c2-00-00-0f mod/port
–set cam permanent 01-80-c2-00-00-03 mod/port
Workaround 2: Follow this procedure to configure Windows XP to not send these frames:
a. Under Network Connections, click on the associated Local Area Connection.
b. Click on the Authentication Tab.
c. Uncheck "Network Access Control using IEEE 802.1x."
For additional information, see the following URL:
http://www.cisco.com/warp/public/707/cat5k-8021x-vuln-pub.shtml
This problem is resolved in software release 5.5(7). (CSCdt62732)
•When you try to configure software based (packet-based) broadcast suppression on a Catalyst 5000 family module that can also do hardware-based broadcast suppression (percentage based), the packet-based broadcast suppression might not be configured properly. This problem will happen in software releases after 5.4.
This problem is resolved in software release 5.5(7). (CSCdt65879)
•Changes in the NTP client request packet format generated by the switch can cause problems with certain time servers.
This problem is resolved in software release 5.5(7). (CSCds90575)
•The switch might reset if you attempt to delete a nonexistent VLAN through the SNMP vtpVlanEditTable.
This problem is resolved in software release 5.5(7). (CSCdt38160)
•CAM entries created by MPOA are not removed when the ATM module is removed, reset, reloaded, or when the ATM module hangs.
Workaround: Reset the Catalyst 5000 switch.
This problem is resolved in software release 5.5(7). (CSCds79580)
•After a spanning tree topology change timer is started, the timer for VLAN 1005 does not expire. Therefore, the CAM aging time remains at a short aging time (5 to 15 seconds).
This problem is resolved in software release 5.5(7). (CSCdp49351)
•In-line rewrite fails when using the 10/100-Mbps Fast Ethernet switching module (WS-X5225R) with Supervisor Engine III G (WS-X5550).
This problem is resolved in software release 5.5(7). (CSCds62260)
•Resetting the ATM line card from the supervisor engine console might reset the supervisor engine.
This problem is resolved in software release 5.5(7). (CSCdt31393)
•A Catalyst 5000 switch running 4.5(5) might display "malloc failed!" messages, indicating that the NetFlow process is taking memory. NetFlow does not have to be enabled for this to occur.
Workaround: Configure one HSRP group per VLAN.
This problem is resolved in software release 5.5(7). (CSCdt45785)
•Creating a large number of rows in cseStaticExtRouterTable, deleting them, and then creating a large number of rows again might cause the switch to reset.
This problem is resolved in software release 5.5(7). (CSCdt53749) (CSCdt54012)
•The Ifindex for EtherChannel interfaces might not be reported correctly in NDE.
This problem is resolved in software release 5.5(7). (CSCdt55622)
•Creating an entry in cseStaticIpxExtRouterTable with a cseStaticIpxRouterOwner object greater than 80 characters in length might cause the switch to crash.
This problem is resolved in software release 5.5(7). (CSCdt57596)
•The RSM might reset with the following error message:
Jan 19 10:15:54 CST: %LINK-4-TOOBIG: Interface Vlan1, Output packet size of 1534 bytes
too big
-Traceback= 602494E8 601D454C 603D0470 603CECE0 603D64C4 603D63B0 603CD2E8 601F558C
601F5578
%SYS-3-OVERRUN: Block overrun at 61B4D460 (red zone 0C07AC5C)
-Traceback= 6026E140 60270D30 60271E00 60272060 6026190C 602618F8
The reset is caused by a high number of MLS-enabled interfaces with HSRP and static MAC addresses configured. The fix allows MLS to be enabled on a large number of interfaces configured for MLS.
This problem is resolved in software release 5.5(7). (CSCdp08252)
Note that the RSM IOS software must be upgraded to 12.2(1) or later.
•The show ip permit command might cause the switch to reset. The workaround is to disable DNS on the switch.
This problem is resolved in software release 5.5(7). (CSCdt55237)
•When you disable IGMP snooping by entering the set igmp disable command on systems with redundant Supervisor Engine II Gs with RSFCs, the NMP will not instruct both RSFCs to clear their multicast hardware switched flow state.
Workaround: Enter the clear ip mroute * command on each RSFC.
This problem is resolved in software release 5.5(7). (CSCdt59219)
Open and Resolved Caveats in Software Release 5.5(6)
These sections describe the open and resolved caveats in supervisor engine software release 5.5(6):
•Open Caveats in Software Release 5.5(6)
•Resolved Caveats in Software Release 5.5(6)
Open Caveats in Software Release 5.5(6)
Note For a description of caveats resolved in software release 5.5(6), see the "Resolved Caveats in Software Release 5.5(6)" section.
This section describes open caveats in software release 5.5(6):
•If you download a COPS policy containing a DSCP range to a Catalyst 5000 family switch, the COPS policy will fail to apply and display the following error:
%COPS-3-APPLY_CAT5K_FAIL_DSCPRANGE: Applying COPS policy failed since DSCP policy
range not set to full range
Policies that do not contain a full DSCP range are not supported on Catalyst 5000 family switches. (CSCdr23429)
•The Catalyst 5000 family switches do not support non-zero WRED minimum values. If a COPS QPM server sends a COPS policy with a non-zero WRED minimum value, no error report is returned to the COPS server, and as a result, there is no indication to the user that the WRED minimum specified in the COPS policy was not used. (CSCdr28819)
•The clear log command does not clear the exception log for the Network Analysis Module (WS-X5380). (CSCdm32798)
•CAM entries created by MPOA are not removed when the ATM module is removed, reset, reloaded, or when the ATM module hangs.
Workaround: Reload the Catalyst 5000 switch. (CSCds79580)
Resolved Caveats in Software Release 5.5(6)
Note For a description of open caveats in software release 5.5(6), see the "Open Caveats in Software Release 5.5(6)" section.
This section describes resolved caveats in software release 5.5(6):
•Entering the set port membership mod/port dynamic command on a Supervisor Engine II/III G in a Catalyst 5000 switch chassis may cause the following error to display:
Trap not supported in hardware
This problem is resolved in software release 5.5(6). (CSCdr09366)
•The Catalyst 5000 family switch might reload if the configuration is restored from the configuration file and if EtherChannel and RMON are enabled and the following commands are entered in sequence:
a. clear config all
b. reset
c. copy flash config
This problem is resolved in software release 5.5(6). (CSCds79278)
•In some situations, multicast packets might not reach the receivers connected to ports on the group switching Ethernet module (WS-X5020), even though a correct static CAM entry is present.
Workaround: Disable CGMP.
This problem is resolved in software release 5.5(6). (CSCds85025)
•Entering the show file bootflash: command (with no filename specified) will cause the Catalyst 5000 family switch to crash.
This problem is resolved in software release 5.5(6). (CSCds89528)
•Disabling IGMP when MLS is enabled may cause MLS flows to be purged.
This problem is resolved in software release 5.5(6). (CSCds90126)
•Ports on WS-X5225r may stop sending and receiving frames.
Workaround: Disable and reenable the port.
This problem is resolved in software release 5.5(6). (CSCdt23334)
•The Catalyst 5000 switch does not accept TACACS+ authorization replies from the CiscoSecure server.
This problem is resolved in software release 5.5(6). (CSCds92279)
Open and Resolved Caveats in Software Release 5.5(5)
These sections describe the open and resolved caveats in supervisor engine software release 5.5(5):
•Open Caveats in Software Release 5.5(5)
•Resolved Caveats in Software Release 5.5(5)
Open Caveats in Software Release 5.5(5)
Note For a description of caveats resolved in software release 5.5(5), see the "Resolved Caveats in Software Release 5.5(5)" section.
This section describes open caveats in software release 5.5(5):
•If you download a COPS policy containing a DSCP range to a Catalyst 5000 family switch, the COPS policy will fail to apply and will display the following error:
%COPS-3-APPLY_CAT5K_FAIL_DSCPRANGE: Applying COPS policy failed since DSCP policy
range not set to full range
Policies that do not contain a full DSCP range are not supported on Catalyst 5000 family switches. (CSCdr23429)
•The Catalyst 5000 family switches do not support non-zero WRED minimum values. If a COPS QPM server sends a COPS policy with a non-zero WRED minimum value, no error report is returned to the COPS server. As a result, there is no indication to the user that the WRED minimum specified in the COPS policy was not used. (CSCdr28819)
•The clear log command does not clear the exception log for the Network Analysis Module (WS-X5380). (CSCdm32798)
Resolved Caveats in Software Release 5.5(5)
Note For a description of open caveats in software release 5.5(5), see the "Open Caveats in Software Release 5.5(5)" section.
This section describes resolved caveats in software release 5.5(5):
•In a Catalyst 5000 switch with WS-X5530 and WS-X5012, SCP communication between the supervisor engine and the WS-X5012 module fails. As a result of this SCP communication failure, SNMP cannot collect statistics from the WS-X5012 module, and the module stops responding to SNMP queries.
This problem is resolved in software release 5.5(5). (CSCds16761)
•After upgrading a Cisco 7204VXR MLS router to 12.1(2) and a Catalyst 5500 to 4.5(7), the following messages appear randomly in the Catalyst 5500 logs:
2000 Aug 16 18:08:27 nzst +13:00 %MLS-5-ROUTERDEL:Route Processor 10.177.134.1 deleted
- rxed a random sequence number SDM
2000 Aug 16 18:09:39 nzst +13:00 %MLS-5-ROUTERADD:Route Processor 10.177.134.1 added
If you enter the show mls entry command on the switch and the screen output pauses with a -More- prompt at the bottom of the screen for longer than one minute, these messages appear:
2000 Jul 05 16:13:57 nzst +13:00 %MLS-5-ROUTERDEL:Route Processor 10.177.134.1 deleted
- dead router timer expired
2000 Jul 05 16:13:57 nzst +13:00 %MLS-5-ROUTERADD:Route Processor 10.177.134.1 added
This problem is resolved in software release 5.5(5). (CSCds07183)
•Ports on WS-X5225r that have Intel Pro 10/100 Management Adapters may stop sending frames, but will receive frames from the port.
Workaround: Disable and reenable the port.
This problem is resolved in software release 5.5(5). (CSCds02646)
•If you enter the set span src dst inpkts enable command and the destination is a WS-X5234 module and MLS is enabled, you will not see MLS shortcut packets to the destination port.
This problem is resolved in 5.5(5). (CSCds39714)
•A Catalyst 5505 running software release 5.5(3) with supervisor engine WS-X5530 returns an incorrect value when polled for vlanTrunkPortVlansEnabled.
This problem is resolved in software release 5.5(5). (CSCds44309)
•When a single period (.) is used as a filename for the copy or show file command, the system might reload.
This problem is resolved in software release 5.5(5). (CSCds54945)
•If the summertime system time change is done with an NTP update, the time change notification message might not display.
This problem is resolved in software release 5.5(5). (CSCds75722)
Open and Resolved Caveats in Software Release 5.5(4b)
These sections describe the open and resolved caveats in supervisor engine software release 5.5(4b):
•Open Caveats in Software Release 5.5(4b)
•Resolved Caveats in Software Release 5.5(4b)
Open Caveats in Software Release 5.5(4b)
Note For a description of caveats resolved in software release 5.5(4b), see the "Resolved Caveats in Software Release 5.5(4b)" section.
This section describes open caveats in software release 5.5(4b):
•If you download a COPS policy containing a DSCP range to a Catalyst 5000 family switch, the COPS policy will fail to apply with the following error:
%COPS-3-APPLY_CAT5K_FAIL_DSCPRANGE: Applying COPS policy failed since DSCP policy
range not set to full range
Policies not containing a full DSCP range are not supported on Catalyst 5000 family switches. (CSCdr23429)
•The Catalyst 5000 family switches do not support non-zero WRED minimum values. If a COPS QPM server sends a COPS policy with a non-zero WRED minimum value, no error report is returned to the COPS server, and as a result, there is no indication to the user that the WRED minimum specified in the COPS policy was not used. (CSCdr28819)
•The clear log command does not clear the exception log for the Network Analysis Module (WS-X5380). (CSCdm32798)
Resolved Caveats in Software Release 5.5(4b)
Note For a description of open caveats in software release 5.5(4b), see the "Open Caveats in Software Release 5.5(4b)" section.
This section describes resolved caveats in software release 5.5(4b):
•A series of unauthenticated Telnet attempts can cause the Catalyst switch to fail to pass traffic or accept management connections until the system is rebooted or a power cycle is performed.
For more information, refer to the security advisory at this URL:
http://www.cisco.com/warp/public/707/catalyst-memleak-pub.shtml
This problem is resolved in software release 5.5(4b). (CSCds66191).
Open and Resolved Caveats in Software Release 5.5(4a)
These sections describe the open and resolved caveats in supervisor engine software release 5.5(4a):
•Open Caveats in Software Release 5.5(4a)
•Resolved Caveats in Software Release 5.5(4a)
Open Caveats in Software Release 5.5(4a)
Note For a description of caveats resolved in software release 5.5(4a), see the "Resolved Caveats in Software Release 5.5(4a)" section.
This section describes open caveats in software release 5.5(4a):
•The clear log command does not clear the exception log for the Network Analysis Module (WS-X5380). (CSCdm32798)
•If you download a COPS policy containing a DSCP range to a Catalyst 5000 family switch, the COPS policy will fail to apply with the following error:
%COPS-3-APPLY_CAT5K_FAIL_DSCPRANGE: Applying COPS policy failed since DSCP policy
range not set to full range
Policies not containing a full DSCP range are not supported on Catalyst 5000 family switches. (CSCdr23429)
•The Catalyst 5000 family switches do not support non-zero WRED minimum values. If a COPS QPM server sends a COPS policy with a non-zero WRED minimum value, no error report is returned to the COPS server, and as a result, there is no indication to the user that the WRED minimum specified in the COPS policy was not used. (CSCdr28819)
Resolved Caveats in Software Release 5.5(4a)
Note For a description of open caveats in software release 5.5(4a), see the "Open Caveats in Software Release 5.5(4a)" section.
There are no resolved caveats in software release 5.5(4a).
Open and Resolved Caveats in Software Release 5.5(4)
These sections describe the open and resolved caveats in supervisor engine software release 5.5(4):
•Open Caveats in Software Release 5.5(4)
•Resolved Caveats in Software Release 5.5(4)
Open Caveats in Software Release 5.5(4)
Note For a description of caveats resolved in software release 5.5(4), see the "Resolved Caveats in Software Release 5.5(4)" section.
This section describes open caveats in software release 5.5(4):
•If you download a COPS policy containing a DSCP range to a Catalyst 5000 family switch, the COPS policy will fail to apply with the following error:
%COPS-3-APPLY_CAT5K_FAIL_DSCPRANGE: Applying COPS policy failed since DSCP policy
range not set to full range
Policies not containing a full DSCP range are not supported on Catalyst 5000 family switches. (CSCdr23429)
•The Catalyst 5000 family switches do not support non-zero WRED minimum values. If a COPS QPM server sends a COPS policy with a non-zero WRED minimum value, no error report is returned to the COPS server, and as a result, there is no indication to the user that the WRED minimum specified in the COPS policy was not used. (CSCdr28819)
•The clear log command does not clear the exception log for the Network Analysis Module (WS-X5380). (CSCdm32798)
Resolved Caveats in Software Release 5.5(4)
Note For a description of open caveats in software release 5.5(4), see the "Open Caveats in Software Release 5.5(4)" section.
This section describes resolved caveats in software release 5.5(4):
•The switch does not allow you to create the etherStatsEntry with the same ifIndex in the etherStatsDataSource as in the existing etherStatsEntry. This problem exists in software releases 5.1(1) and later and is resolved in software release 5.5(4). (CSCds22815)
•To avoid high CPU utilization from a show logging buffer command, do not display more than 20 messages when the screen length is set to 0 or greater than 24 with the set length command.
This problem is resolved in software release 5.5(4). (CSCds05287)
•When you enter the clear config all command and reset the system, the ifIndex does not reset. The problem also occurs after a switchover from the active supervisor engine to the redundant supervisor engine.
This problem is resolved in software release 5.4(1). (CSCds34328)
•Setting ntpAuthenticationSecretKey from SNMP does not have any effect.
This problem is resolved in software release 5.5(4). (CSCdk75107)
•The switch does not allow you to create a second etherStatsEntry with the same ifIndex for an interface. When you try to create the second etherStatsEntry with the same interface in etherStatsDataSource as one of the existing entries, the switch returns a "bad value" error. The problem exists in 5.x and 6.1(1) releases.
Workaround: Use the existing etherStatsEntry for the interface or create a new one after deleting the existing entry that has the same ifIndex.
This problem is resolved in software release 5.5(4). (CSCds25729)
•Allocating too many buckets in RMON might cause memory allocation errors. When system memory usage reaches 90%, some show commands might not work and new Telnet sessions might not be allowed. An example follows:
Failed to allocate session block.
Error: can't find scp/slp buffer slot for show command: 10.
Workaround: If most of the memory was used by RMON buckets, use one of the following workarounds:
–Reduce the number of buckets for each entry.
–Reduce the number of control entries.
–Disable the RMON feature.
This problem is resolved in software release 5.5(4). (CSCds30395)
•On Solaris, if there is already a Java Plug-in installed with the Netscape browser, and the plug-in version is earlier than 1.1.3, the embedded CiscoView is unable to detect that version and might not work properly.
This problem is resolved in software release 5.5(4) for Java Plug-in 1.2.2. (CSCdp56012)
•When a FDDI module takes a watchdog timeout and resets, the supervisor engine declares that the FDDI module is faulty before the module resets.
This problem is resolved in software release 5.5(4). (CSCds45400)
•Non-alphanumeric characters are not valid in VTP domain names, but can be configured in certain cases.
This problem is resolved in software release 5.5(4). (CSCds34927)
Open and Resolved Caveats in Software Release 5.5(3)
These sections describe the open and resolved caveats in supervisor engine software release 5.5(3):
•Open Caveats in Software Release 5.5(3)
•Resolved Caveats in Software Release 5.5(3)
Open Caveats in Software Release 5.5(3)
Note For a description of caveats resolved in software release 5.5(3), see the "Resolved Caveats in Software Release 5.5(3)" section.
This section describes open caveats in software release 5.5(3):
•When you enter the clear config all command and reset the system, the ifIndex does not reset. The problem also occurs after a switchover from the active supervisor engine to the redundant supervisor engine. This problem appears in software releases 5.4(1) and later. (CSCds34328)
•If you download a COPS policy containing a DSCP range to a Catalyst 5000 family switch, the COPS policy will fail to apply with the following error:
%COPS-3-APPLY_CAT5K_FAIL_DSCPRANGE: Applying COPS policy failed since DSCP policy
range not set to full range
Policies not containing a full DSCP range are not supported on Catalyst 5000 family switches. (CSCdr23429)
•The Catalyst 5000 family switches do not support non-zero WRED minimum values. If a COPS QPM server sends a COPS policy with a non-zero WRED minimum value, no error report is returned to the COPS server, and as a result, there is no indication to the user that the WRED minimum specified in the COPS policy was not used. (CSCdr28819)
•The set/clear cops domain-name commands might close Telnet sessions to the supervisor engine. When the set cops domain-name command is run over a Telnet session to the supervisor engine, the Telnet session might terminate with a "connection lost" message. This could also happen with commands such as set qos enable/disable or set/clear port cops roles if the QoS policy source is set to COPS. (CSCdr54368)
•The clear log command does not clear the exception log for the Network Analysis Module (WS-X5380). (CSCdm32798)
•On Solaris, if there is already a Java Plug-in installed with the Netscape browser, and the plug-in version is earlier than 1.1.3, the embedded CiscoView is unable to detect that version and might not work properly. (CSCdp56012)
Resolved Caveats in Software Release 5.5(3)
Note For a description of open caveats in software release 5.5(3), see the "Open Caveats in Software Release 5.5(3)" section.
This section describes resolved caveats in software release 5.5(3):
•Ports on WS-X5225r, WS-X5234, and WS-X5201r stop transmitting unicast frames after a scheduled test of the packet buffers.
Workaround: Disable and enable the affected port.
This problem is resolved in software release 5.5(3). (CSCdr50629)
•On a Supervisor Engine II G, the show flash command might overwhelm the switch CPU and cause the switch to fail to respond to pings.
This problem is resolved in software release 5.5(3). (CSCdr90907)
•A memory leak occurs when you create an entry in cseStaticExtRouterTable with an non-empty string value for the cseStaticRouterOwner object.
This problem is resolved in software release 5.5(3). (CSCdr98533)
•A memory leak occurs when you create an entry in cseStaticIpxExtRouterTable with an non-empty string value for the cseStaticIpxRouterOwner object.
This problem is resolved in software release 5.5(3). (CSCdr99264)
•A minor hardware problem that causes the switching bus to time out occurs during the power-on self-test (POST) on the supervisor engine if the configuration includes a single WS-X550x (Supervisor Engine II) and any combination of the WS-X5234-RJ45, WS-X5236-FX-MT, and WS-X5237-FX-MT modules. This problem occurs during every boot-up.
This problem applies only to switch configurations that consist of a single Supervisor Engine II (WS-X550x) and any combination of the WS-X5234-RJ45, WS-X5236-FX-MT, or WS-X5237-FX-MT modules. Redundant configurations of Supervisor Engine II, Supervisor Engine II G (WS-X5540), Supervisor Engine III (WS-X5530), and Supervisor Engine III G (WS-X5550) are not affected by this problem.
This problem is resolved in software release 5.5(3). (CSCdr27879)
•In some instances when IGMP snooping is used, a device might not be added to a multicast group on its first attempt to join. A related problem occurs when a switch has only multicast sources for a given group of MAC addresses directly attached. Because of problems with entries periodically timing out, packet loss may occur when this entry is removed and reinstalled.
This problem is resolved in software release 5.5(3). (CSCdr54030)
•The switch might display "Out of memory" messages, which can cause VMPS to become inactive. This could be due to duplicate MAC addresses in the VMPS database.
Workaround: Reboot the switch.
This problem is resolved in software release 5.5(3). (CSCdr95115)
•The switch might run out of memory if many RMON related entries are created. This problem may exist in releases 5.4(x), 5.5(1), and 5.5(2).
This problem is resolved in software release 5.5(3). (CSCdr99175)
•In a redundancy setup with two WS-X5530 supervisor engines where the redundant supervisor engine contains any of the uplink cards WS-U5537, WS-U5538, WS-U5539, and the standby port feature is disabled, do not use the administrative group already used for the uplink ports. (Use the show port channel standby_mod info command to display the administrative group information). If you use the same administrative group, the supervisor engine may try to form an EtherChannel across modules when the standby port is enabled later.
This problem is resolved in software release 5.5(3). (CSCdr77054)
•VMPS client malfunctions occur with SUN and SGI workstations. The problem occurs when reconfirm VMPS requests are retransmitted and as a result multiple replies are received from the VMPS server.
This problem is resolved in software release 5.5(3). (CSCdr82526)
•When a WS-X5236 is used to trunk Token Ring VLANS in a redundant supervisor engine setup, trunking fails after a switchover from the active to the passive supervisor engine. The only workaround is to disable and enable the ports.
This problem is resolved in software release 5.5(3). (CSCdr83488)
•Entries for EtherChannel in the vlanTrunkPortTable show incorrect values.
This problem is resolved in software release 5.5(3). (CSCdr89734)
•In 5.x software releases prior to 5.5(3), after a reboot, traps are sent only to the first trap receiver.
This problem is resolved in software release 5.5(3). (CSCdr91480)
•In a redundant supervisor engine configuration with a WS-X5530 as the redundant supervisor engine, ports on the redundant supervisor engine are disabled after the switch resets or the redundant supervisor engine resets.
This problem is resolved in software release 5.5(3). (CSCds14696)
Open and Resolved Caveats in Software Release 5.5(2)
These sections describe the open and resolved caveats in supervisor engine software release 5.5(2):
•Open Caveats in Software Release 5.5(2)
•Resolved Caveats in Software Release 5.5(2)
Open Caveats in Software Release 5.5(2)
Note For a description of caveats resolved in software release 5.5(2), see the "Resolved Caveats in Software Release 5.5(2)" section.
This section describes open caveats in software release 5.5(2):
•A minor hardware problem that causes the switching bus to time out occurs during the power-on self-test on the supervisor engine if the configuration includes a single WS-X550x (Supervisor Engine II) and any combination of the WS-X5234-RJ45, WS-X5236-FX-MT, and WS-X5237-FX-MT modules. This problem occurs during every boot-up.
This problem applies only to switch configurations that consist of a single Supervisor Engine II (WS-X550x) and any combination of the WS-X5234-RJ45, WS-X5236-FX-MT, or WS-X5237-FX-MT modules. Redundant configurations of Supervisor Engine II, Supervisor Engine II G (WS-X5540), Supervisor Engine III (WS-X5530), and Supervisor Engine III G (WS-X5550) are not affected by this problem. (CSCdr27879)
•Ports on WS-X5225r, WS-X5234, and WS-X5201r stop transmitting unicast frames after a scheduled test of the packet buffers.
Workaround: Disable and enable the affected port. (CSCdr50629)
•If you download a COPS policy containing a DSCP range to a Catalyst 5000 family switch, the COPS policy will fail to apply with the following error:
%COPS-3-APPLY_CAT5K_FAIL_DSCPRANGE: Applying COPS policy failed since DSCP policy
range not set to full range
Policies not containing a full DSCP range are not supported on Catalyst 5000 family switches. (CSCdr23429)
•The Catalyst 5000 family switches do not support non-zero WRED minimum values. If a COPS QPM server sends a COPS policy with a non-zero WRED minimum value, no error report is returned to the COPS server, and as a result, there is no indication to the user that the WRED minimum specified in the COPS policy was not used. (CSCdr28819)
•The set/clear cops domain-name commands might close Telnet sessions to the supervisor engine. When the set cops domain-name command is run over a Telnet session to the supervisor engine, the Telnet session might terminate with a "connection lost" message. This could also happen with commands such as set qos enable/disable or set/clear port cops roles if the QoS policy source is set to COPS. (CSCdr54368)
•The clear log command does not clear the exception log for the Network Analysis Module (WS-X5380). (CSCdm32798)
•On Solaris, if there is already a Java Plug-in installed with the Netscape browser, and the plug-in version is earlier than 1.1.3, the embedded CiscoView is unable to detect that version and might not work properly. (CSCdp56012)
Resolved Caveats in Software Release 5.5(2)
Note For a description of open caveats in software release 5.5(2), see the "Open Caveats in Software Release 5.5(2)" section.
This section describes resolved caveats in software release 5.5(2):
•When large amounts of data display during a Telnet session, the Telnet session will sometimes hang. This situation usually happens if you have set the screen length to 0 and long show commands are being displayed or if you have cut and pasted several show commands onto the window.
Workaround: Avoid using cut and paste in a Telnet session and setting the screen length to non-zero.
This problem is resolved in software release 5.5(2). (CSCdp47176, CSCdr40184)
•If you enable and disable QoS repeatedly, then depending on the complexity of the QoS configuration, the switch might reset.
This problem is resolved in software release 5.5(2). (CSCdr60464)
•The show cops pib command might cause the switch to reset if COPS is used.
This problem is resolved in software release 5.5(2). (CSCdr52849)
•Frame Priority is set incorrectly from Ethernet to FDDI. A new command, set option fddi-user-pri, has been added to enable the priority field in the FDDI packets. This command requires FDDI software release 3.2(1a) and supervisor engine software release 5.5(2) or later.
This problem is resolved in software release 5.5(2). (CSCdr42228)
•In Catalyst 5000 family switch software releases prior to 5.4(3) and 5.5(2) when you enable a SPAN session with inpkts and the SPAN source ports include a trunking port, if you turn trunking off and on or add VLANs to the trunking port, the system will not respond to pings through the SPAN destination port.
This problem is resolved in software release 5.4(3) and 5.5(2).
•The SNMP OID dot3StatsFrameTooLong is not consistent with CLI.
This problem is resolved in software release 5.5(2). (CSCdp77600)
•The FDDI dual-port module returns the ifIndex of the first port. This problem occurs in software release 4.5.7 and all earlier versions of 4.x software and in software release 5.5(1) and all earlier versions of 5.x software.
This problem is resolved in software release 5.5(2). (CSCdp81474)
•The show top command incorrectly reports errors on trunk.
This problem is resolved in software releases 4.5(7), 5.4(3), and 5.5(2).(CSCdr23551)
•When you disable a module with no NVRAM and then bring it back online, the administrative group used by the module ports might be shared with ports on another module. This situation could cause a system reset because bundling ports across modules is not supported.
This problem is resolved in software releases 5.4(3) and 5.5(2). (CSCdr25839)
•QoS classification does not work properly when an EtherChannel is disabled.
This problem is resolved in software releases 5.4(3) and 5.5(2). (CSCdr28804)
•Broadcast/multicast suppression on modules that support hardware suppression does not filter out multicasts to DA FF FF FF FF FF 00.
This problem is resolved in software releases 4.5(7), 5.4(3), and 5.5(2). (CSCdr30012)
•If the four ports on the WS-U5538 uplink module on the Supervisor Engine II G are grouped into two 2-port channels, the second 2-port channel is configured incorrectly.
This problem is resolved in software release 5.4(3) and 5.5(2). (CSCdr37866)
•For normal UDLD, the recommended message interval is 15 seconds. Caveat CSCdr50206 requires that you follow these configuration guidelines:
–When enabling aggressive UDLD, the recommended default is 30 seconds.
–We recommend that you do not use UDLD or aggressive UDLD with the ON - AUTO trunk combination. UDLD and aggressive UDLD can be used with any other valid trunk combination.
This problem is resolved in software release 5.5(2). (CSCdr50206)
•The LINK LED of the Supervisor Engine III G uplink port stays amber. Output from the show spantree command shows the port is in forwarding mode and is able to pass traffic normally.
This problem is resolved in software release 5.5(2). (CSCdr51720)
•The MLS-SE running software release 5.4(2) or 5.5(1) is unable to process FCP packets after the MLS configuration is removed and then configured again.
This problem is resolved in software release 5.5(2). (CSCdr56070)
•On Catalyst 5000 family platforms, if you enable the protocol filtering feature when the switch is reset, IGMP snooping will not be able to process IGMP reports or other IGMP messages.
Workaround: Disable protocol filtering before a switch is reset. After you reset the switch with protocol filtering disabled, IGMP will work correctly. If you want both features, the following workaround can be applied:
a. Enable IGMP snooping.
b. Disable protocol filtering.
c. Reset the switch.
d. Enable protocol filtering.
Note In the above situation, IGMP snooping will not work if the switch is reset a second time (since now both features are enabled).
This problem is resolved in software releases 5.4(4), and 5.5(2). (CSCdr61567)
•The set spantree enable all command hangs the console.
This problem is resolved in software release 5.5(2). (CSCdr66291)
•CGMP is not operational when the system is booted and CGMP is enabled in the NVRAM.
This problem is resolved in software releases 5.5(2) and 5.4(4). (CSCdr67677)
•After upgrading from a pre-5.2(1) software release to release 5.2(1) and later, EtherChannel configurations might be broken, or two 2-port channels might be combined into one 4-port channel on the following modules:
–WS-X5201 12-port 100BASE-FX MM (SC connector)
–WS-X5203 12-port 10/100BASE-TX (RJ-45 connector)
–WS-U5537 4-port 10/100BASE-TX uplink module
–WS-U5531 2-port 10/100BASE-TX uplink module
–WS-U5533 2-port 100 BASE-FX (MMF) uplink module
–WS-U5535 2-port 100 BASE-FX (SMF) uplink module
–WS-X5410 Gigabit EtherChannel Switching Module
This problem is resolved in software release 5.5(2) (CSCdr74463)
•The Catalyst 5000 family switch is unable to resolve DNS names if the DNS server has more than seven entries.
This problem is resolved in software release 5.5(2). (CSCdr808353)
•Under certain conditions the CPU on the supervisor engine might stay at 90 percent or higher utilization. This situation might affect management and essential operation of the system. Switching of data traffic will be unaffected.
This problem is resolved in software release 5.5(2). (CSCdr71528)
•If you make a Telnet connection to a Supervisor Engine III running software version 4.5 and then make a Telnet connection to another device, displaying a large list or file can cause the Telnet session to hang.
This problem is resolved in software releases 5.4(4) and 5.5(2). (CSCdm79404)
•When large amounts of data display during a Telnet session, the Telnet session sometimes hangs. This situation usually happens if you have set the screen length to 0 and long show commands are being displayed or if you have cut and pasted several show commands onto the window.
Workaround: Avoid using cut and paste in a Telnet session and setting the screen length to non-zero.
This problem is resolved in software releases 5.4(4) and 5.5(2). (CSCdp47176, CSCdr40184)
•When cut-and-paste is used in an inbound or outbound Telnet session, some characters are missing and the Telnet session appears to hang.
This problem is resolved in software releases 5.4(4) and 5.5(2). (CSCdr40184)
Open and Resolved Caveats in Software Release 5.5(1)
These sections describe the open and resolved caveats in supervisor engine software release 5.5(1):
•Open Caveats in Software Release 5.5(1)
•Resolved Caveats in Software Release 5.5(1)
Open Caveats in Software Release 5.5(1)
Note For a description of caveats resolved in software release 5.5(1), see the "Resolved Caveats in Software Release 5.5(1)" section.
This section describes open caveats in software release 5.5(1):
•A minor hardware problem that causes the switching bus to time out occurs during the power-on self-test on the supervisor engine if the configuration includes a single WS-X550x (Supervisor Engine II) and any combination of the WS-X5234-RJ45, WS-X5236-FX-MT, and WS-X5237-FX-MT modules. This problem occurs during every boot-up.
This problem applies only to switch configurations that consist of a single Supervisor Engine II (WS-X550x) and any combination of the WS-X5234-RJ45, WS-X5236-FX-MT, or WS-X5237-FX-MT modules. Redundant configurations of Supervisor Engine II, Supervisor Engine II G (WS-X5540), Supervisor Engine III (WS-X5530), and Supervisor Engine III G (WS-X5550) are not affected by this problem. (CSCdr27879)
•If a COPS policy containing a DSCP range is downloaded to a Catalyst 5000 family switch, the COPS policy will fail to apply with the following error:
%COPS-3-APPLY_CAT5K_FAIL_DSCPRANGE: Applying COPS policy failed since DSCP policy
range not set to full range
Policies not containing a full DSCP range are not supported on Catalyst 5000 family switches.(CSCdr23429)
•The Catalyst 5000 family switches do not support non-zero WRED minimum values. If a COPS QPM server sends down a COPS policy with a non-zero WRED minimum value, no error report is returned to the COPS server, and as a result, there is no indication to the user that the WRED minimum specified in the COPS policy was not used. (CSCdr28819)
•The show cops pib command might cause the switch to reset if COPS is used. (CSCdr52849)
•The set/clear cops domain-name commands might close Telnet sessions to the supervisor engine. When the set cops domain-name command is run over a Telnet session to the supervisor engine, the Telnet session might get terminated with a "connection lost" message. This could also happen with commands such as set qos enable/disable or set/clear port cops roles if the QoS policy source is set to COPS. (CSCdr54368)
•If QoS is enabled and disabled repeatedly, then depending on the complexity of the QoS configuration, the switch might experience a reset. (CSCdr60464)
•For normal UDLD, the recommended message interval is 15 seconds. Caveat CSCdr50206 requires that you follow these configuration guidelines:
–When enabling aggressive UDLD, the recommended default is 30 seconds.
–We recommend that you do not use UDLD or aggressive UDLD with the ON - AUTO trunk combination. UDLD and aggressive UDLD can be used with any other valid trunk combination. (CSCdr50206)
•Ports on WS-X5225r, WS-X5234 and WS-X5201r stop transmitting unicast frames after a scheduled test of the packet buffers.
Workaround: Disable and enable the affected port. (CSCdr50629)
•The clear log command does not clear the exception log for the Network Analysis Module (WS-X5380). (CSCdm32798)
•If you make a Telnet connection to a Supervisor Engine III running software version 4.5 and from there make a Telnet connection to another device, displaying a large list or file can cause the Telnet session to hang. (CSCdm79404)
•When large amounts of data are being displayed during a Telnet session, the Telnet session will sometimes hang. This usually happens if you have set the screen length to 0 and long show commands are being displayed or if you have cut and pasted several show commands onto the window.
Workaround: Avoid using cut and paste in a Telnet session and setting the screen length to non-zero. (CSCdp47176, CSCdr40184)
•On Solaris, if there is already a Java Plug-in installed with the Netscape browser, and the plug-in version is earlier than 1.1.3, the embedded CiscoView is unable to detect that version and might not work properly. (CSCdp56012)
•The set spantree enable all command hangs the console. (CSCdr66291)
Resolved Caveats in Software Release 5.5(1)
Note For a description of open caveats in software release 5.5(1), see the "Open Caveats in Software Release 5.5(1)" section.
This section describes resolved caveats in software release 5.5(1):
•The WS-X5225R module fails to negotiate the duplex mode correctly after a system reset or power cycle with Sun workstations Ultra 5.
This problem is resolved in software release 4.5(7). (CSCdr03818)
•RSM Token Ring VLAN interfaces stay up when no ports are connected to VLANs.
This problem is resolved in software release 5.5(1).(CSCdp90466)
•A link problem occurs between WS-X5225R and WS-X6248-RJ-45 when the port is at a fixed 10 Mbps and connected ports are disabled and enabled or the module or system is reset. The link remains up on WS-X5225R but down on WS-X6248-RJ-45.
Workaround: Unplug and then plug the ports.
This problem is resolved in software releases 5.4(2) and 5.5(1).
Open and Resolved Caveats in Software Release 5.4(4a)
These sections describe the open and resolved caveats in supervisor engine software release 5.4(4a):
•Open Caveats in Software Release 5.4(4a)
•Resolved Caveats in Software Release 5.4(4a)
Open Caveats in Software Release 5.4(4a)
Note For a description of caveats resolved in software release 5.4(4a), see the "Resolved Caveats in Software Release 5.4(4a)" section.
This section describes open caveats in software release 5.4(4a):
•The clear log command does not clear the exception log for the Network Analysis Module (WS-X5380). (CSCdm32798)
•The LINK LED on the Supervisor Engine III G uplink port stays amber. Output from the show spantree command shows the port is in forwarding mode and is able to pass traffic normally. (CSCdr51720)
•A minor hardware problem that causes the switching bus to time out occurs during the power-on self-test on the supervisor engine if the configuration includes a single WS-X550x (Supervisor Engine II) and any combination of the WS-X5234-RJ45, WS-X5236-FX-MT, and WS-X5237-FX-MT modules. This problem occurs during every boot-up.
This problem applies only to switch configurations that consist of a single Supervisor Engine II (WS-X550x) and any combination of the WS-X5234-RJ45, WS-X5236-FX-MT, or WS-X5237-FX-MT modules. Redundant configurations of Supervisor Engine II, Supervisor Engine II G (WS-X5540), Supervisor Engine III (WS-X5530), and Supervisor Engine III G (WS-X5550) are not affected by this problem. (CSCdr27879)
•If you make a Telnet connection to a Supervisor Engine III running software version 4.5 and from there make a Telnet connection to another device, displaying a large list or file can cause the Telnet session to hang. (CSCdm79404)
•When large amounts of data are being displayed during a Telnet session, the Telnet session will sometimes hang. This usually happens if you have set the screen length to 0 and long show commands are being displayed or if you have cut and pasted several show commands onto the window.
Workaround: Avoid using cut and paste in a Telnet session and setting the screen length to non-zero. (CSCdp47176, CSCdr40184)
•Sometimes unplugging a cable from a port in older ATM modules (WS-X5156, WS-X5157, WS-X5158) does not remove the port from Spanning Tree Protocol when many VLANs are active on the switch. For this reason the show port command might indicate that the port is not connected, while the show spantree command will indicate that the port is in forwarding state.
Workaround: Unplug/plug back the cable or disable/reenable the port. If the cable is reconnected when the Spanning Tree Protocol has this inconsistent knowledge of the port, Spanning Tree Protocol loops can occur. (CSCdr17124)
Note CSCdr17124 has not been seen in later releases.
•On Solaris, if there is already a Java Plug-in installed with the Netscape browser and the Plug-in version is earlier than 1.1.3, the embedded CiscoView is unable to detect that version and might not work properly. (CSCdp56012)
•When cut-and-paste is used in an inbound or outbound Telnet session, some characters are missing and the Telnet session appears to hang. (CSCdr40184)
Resolved Caveats in Software Release 5.4(4a)
Note For a description of open caveats in software release 5.4(4a), see the "Open Caveats in Software Release 5.4(4a)" section.
This section describes resolved caveats in software release 5.4(4a):
•An error can occur with management protocol processing. Please use the following URL for further information:
http://www.cisco.com/pcgi-bin/bugtool/onebug.pl?bugid=CSCdw67458
This problem is resolved in software release 5.4(2a). (CSCdw67458)
Open and Resolved Caveats in Software Release 5.4(4)
These sections describe the open and resolved caveats in supervisor engine software release 5.4(4):
•Open Caveats in Software Release 5.4(4)
•Resolved Caveats in Software Release 5.4(4)
Open Caveats in Software Release 5.4(4)
Note For a description of caveats resolved in software release 5.4(4), see the "Resolved Caveats in Software Release 5.4(4)" section.
This section describes open caveats in software release 5.4(4):
•A minor hardware problem that causes the switching bus to time out occurs during the power-on self-test on the supervisor engine if the configuration includes a single WS-X550x (Supervisor Engine II) and any combination of the WS-X5234-RJ45, WS-X5236-FX-MT, and WS-X5237-FX-MT modules. This problem occurs during every boot-up.
This problem applies only to switch configurations that consist of a single Supervisor Engine II (WS-X550x) and any combination of the WS-X5234-RJ45, WS-X5236-FX-MT, or WS-X5237-FX-MT modules. Redundant configurations of Supervisor Engine II, Supervisor Engine II G (WS-X5540), Supervisor Engine III (WS-X5530), and Supervisor Engine III G (WS-X5550) are not affected by this problem. (CSCdr27879)
•If a COPS policy containing a DSCP range is downloaded to a Catalyst 5000 family switch, the COPS policy will fail to apply with the following error:
%COPS-3-APPLY_CAT5K_FAIL_DSCPRANGE: Applying COPS policy failed since DSCP policy
range not set to full range
Policies not containing a full DSCP range are not supported on Catalyst 5000 family switches.(CSCdr23429)
•After upgrading from a pre-5.2(1) software release to release 5.2(1) and later, EtherChannel configurations might be broken, or two 2-port channels might change into one 4-port channel on the following modules:
–WS-X5201 12-port 100BASE-FX MM (SC connector)
–WS-X5203 12-port 10/100BASE-TX (RJ-45 connector)
–WS-U5537 4-port 10/100BASE-TX uplink module
–WS-U5531 2-port 10/100BASE-TX uplink module
–WS-U5533 2-port 100 BASE-FX (MMF) uplink module
–WS-U5535 2-port 100 BASE-FX (SMF) uplink module
–WS-X5410 Gigabit EtherChannel Switching Module (CSCdr74463)
•The Catalyst 5000 family switches do not support non-zero WRED minimum values. If a COPS QPM server sends down a COPS policy with a non-zero WRED minimum value, no error report is returned to the COPS server, and as a result, there is no indication to the user that the WRED minimum specified in the COPS policy was not used. (CSCdr28819)
•The show cops pib command might cause the switch to reset if COPS is used. (CSCdr52849)
•Ports on WS-X5225r, WS-X5234 and WS-X5201r stop transmitting unicast frames after a scheduled test of the packet buffers.
Workaround: Disable and enable the affected port. (CSCdr50629)
•The clear log command does not clear the exception log for the Network Analysis Module (WS-X5380). (CSCdm32798)
•On Solaris, if there is already a Java Plug-in installed with the Netscape browser, and the plug-in version is earlier than 1.1.3, the embedded CiscoView is unable to detect that version and might not work properly. (CSCdp56012)
•The set spantree enable all command hangs the console. (CSCdr66291)
Resolved Caveats in Software Release 5.4(4)
Note For a description of open caveats in software release 5.4(4), see the "Open Caveats in Software Release 5.4(4)" section.
This section describes resolved caveats in software release 5.4(4):
•CGMP is not operational when the system boots up and CGMP is enabled in the NVRAM.
Workaround: Disable and reenable CGMP using the CLI.
This problem is resolved in software release 5.4(4). (CSCdr67677)
•For normal UDLD, the recommended message interval is 15 seconds. Caveat CSCdr50206 requires that you follow these configuration guidelines:
–When enabling aggressive UDLD, the recommended default is 30 seconds.
–We recommend that you do not use UDLD or aggressive UDLD with the ON - AUTO trunk combination. UDLD and aggressive UDLD can be used with any other valid trunk combination.
This problem is resolved in software release 5.4(4). (CSCdr50206)
•On Catalyst 5000 platforms, if the protocol filtering feature is enabled when the switch is reset, IGMP Snooping will not be able to process IGMP reports or other IGMP messages.
Workaround: Ensure that protocol filtering is disabled when a switch is reset. Once the switch is reset with protocol filtering disabled, IGMP will work correctly. If you desire both features, the following workaround can be applied:
a. Enable IGMP snooping.
b. Disable protocol filtering.
c. Reset the switch.
d. Enable protocol filtering.
Note Note, in the above scenario, IGMP Snooping will again not work if the switch is reset a second time (since now both features are enabled).
This problem is resolved in software releases 5.4(4) and 5.5(2). (CSCdr61567)
•CGMP is not operational when the system is booted and CGMP is enabled in the NVRAM.
This problem is resolved in software releases 5.5(2) and 5.4(4). (CSCdr67677)
•If you make a Telnet connection to a Supervisor Engine III running software version 4.5 and from there make a Telnet connection to another device, displaying a large list or file can cause the Telnet session to hang.
This problem is resolved in software releases 5.4(4) and 5.5(2). (CSCdm79404)
•When large amounts of data are being displayed during a Telnet session, the Telnet session will sometimes hang. This usually happens if you have set the screen length to 0 and long show commands are being displayed or if you have cut and pasted several show commands onto the window.
Workaround: Avoid using cut and paste in a Telnet session and setting the screen length to non-zero.
This problem is resolved in software releases 5.4(4) and 5.5(2). (CSCdp47176, CSCdr40184)
•When cut-and-paste is used in an inbound or outbound Telnet session, some characters are missing and the Telnet session appears to hang.
This problem is resolved in software releases 5.4(4) and 5.5(2). (CSCdr40184)
•If you set port security on an RSM module (WS-X5302), the set port security command returns an incorrect port range. The RSM should deny the port security setting altogether.
This problem is resolved in software releases 5.4(4)(CSCdr74496)
Open and Resolved Caveats in Software Release 5.4(3)
These sections describe the open and resolved caveats in supervisor engine software release 5.4(3):
•Open Caveats in Software Release 5.4(3)
•Resolved Caveats in Software Release 5.4(3)
Open Caveats in Software Release 5.4(3)
Note For a description of caveats resolved in software release 5.4(3), see the "Resolved Caveats in Software Release 5.4(3)" section.
This section describes open caveats in software release 5.4(3):
•A minor hardware problem that causes the switching bus to time out occurs during the power-on self-test on the supervisor engine if the configuration includes a single WS-X550x (Supervisor Engine II) and any combination of the WS-X5234-RJ45, WS-X5236-FX-MT, and WS-X5237-FX-MT modules. This problem occurs during every boot-up.
This problem applies only to switch configurations that consist of a single Supervisor Engine II (WS-X550x) and any combination of the WS-X5234-RJ45, WS-X5236-FX-MT, or WS-X5237-FX-MT modules. Redundant configurations of Supervisor Engine II, Supervisor Engine II G (WS-X5540), Supervisor Engine III (WS-X5530), and Supervisor Engine III G (WS-X5550) are not affected by this problem. (CSCdr27879)
•If a COPS policy containing a DSCP range is downloaded to a Catalyst 5000 family switch, the COPS policy will fail to apply with the following error:
%COPS-3-APPLY_CAT5K_FAIL_DSCPRANGE: Applying COPS policy failed since DSCP policy
range not set to full range
Policies not containing a full DSCP range are not supported on Catalyst 5000 family switches. (CSCdr23429)
•The Catalyst 5000 family switches do not support non-zero WRED minimum values. If a COPS QPM server sends down a COPS policy with a non-zero WRED minimum value, no error report is returned to the COPS server, and as a result, there is no indication to the user that the WRED minimum specified in the COPS policy was not used. (CSCdr28819)
•If there are no COPS policies defined on the COPS server and a Catalyst 5000 switch attempts to make a COPS DS connection to the COPS server, local QoS policies will be applied to, or the Catalyst 5000 switch might reset.
Workaround: Define COPS DS policies on the COPS server before attempting to connect devices to it. (CSCdr43041, CSCdr54688, CSCdr60174, CSCdr61165)
Note CSCdr43041, CSCdr54688, CSCdr60174, and CSCdr61165 have not been seen in later releases.
•The clear cops role command might cause the switch to reset with a TLB exception. (CSCdr59342)
Note CSCdr59342 has not been found in later releases.
•The show cops pib command might cause the switch to reset if COPS is used. (CSCdr52849)
•The set/clear cops domain-name commands might close Telnet sessions to the supervisor engine. When the set cops domain-name command is run over a Telnet session to the supervisor engine, the Telnet session might get terminated with a "connection lost" message. This could also happen with commands such as set qos enable/disable or set/clear port cops roles if the QoS policy source is set to COPS. (CSCdr54368)
•If QoS is enabled and disabled repeatedly, then depending on the complexity of the QoS configuration, the switch might experience a reset. (CSCdr60464)
•If the MTU size of a Catalyst 5000 Token Ring port is changed while the port is active, the port will block traffic.
Workaround: Disable the port before changing the MTU size and enable the port when the change is completed. Alternatively, the port can be disabled and enabled after the change is made.(CSCdr59090)
Note CSCdr59090 has not been found in later releases.
•For normal UDLD, the recommended message interval is 15 seconds. Caveat CSCdr50206 requires that you follow these configuration guidelines:
–When enabling aggressive UDLD, the recommended default is 30 seconds.
–We recommend that you do not use UDLD or aggressive UDLD with the ON - AUTO trunk combination. UDLD and aggressive UDLD can be used with any other valid trunk combination. (CSCdr50206)
•Under certain circumstances the WS-X5225R modules might report a second MAC address on a secure port with only one client attached.
Workaround: Use the set port security mod_num maximum command to set the maximum to 2. (CSCdr37143)
Note CSCdr37143 has not been seen in later releases.
•Ports on WS-X5225r, WS-X5234 and WS-X5201r stop transmitting unicast frames after a scheduled test of the packet buffers.
Workaround: Disable and enable the affected port. (CSCdr50629)
•The clear log command does not clear the exception log for the Network Analysis Module (WS-X5380). (CSCdm32798)
•If you Telnet to a Supervisor Engine III running software version 4.5 and from there Telnet to another device, displaying a large list or file can cause the Telnet session to hang. (CSCdm79404)
•When large amounts of data are being displayed during a Telnet session, the Telnet session will sometimes hang. This usually happens if you have set the screen length to 0 and long show commands are being displayed or if you have cut and pasted several show commands onto the window.
Workaround: Avoid using cut and paste in a Telnet session and setting the screen length to non-zero. (CSCdp47176, CSCdr40184)
•On Solaris, if there is already a Java Plug-in installed with the Netscape browser, and the plug-in version is earlier than 1.1.3, the embedded CiscoView is unable to detect that version and might not work properly. (CSCdp56012)
•CGMP is not operational when the system is booted and CGMP is enabled in the NVRAM. (CSCdr67677)
•When cut-and-paste is used in an inbound or outbound Telnet session, some characters are missing and the Telnet session appears to hang. (CSCdr40184)
Resolved Caveats in Software Release 5.4(3)
Note For a description of open caveats in software release 5.4(3), see the "Open Caveats in Software Release 5.4(3)" section.
This section describes resolved caveats in software release 5.4(3):
•The show top command incorrectly reports errors on trunk.
This problem is resolved in software releases 4.5(7), 5.4(3), and 5.5(2).(CSCdr23551)
•TACACS+ allows users with privilege level 1 access to enable mode if their passwords are accepted.
This problem is resolved in software release 5.4(3). (CSCdr45221)
•UplinkFast transitions and Serial Communications Protocol (SCP) messages are sent in incorrect order. During an UplinkFast transition, this situation might cause both the old and new root ports to be in FORWARDING state, creating the potential for Spanning Tree loops.
This problem is resolved in software release 5.4(3). (CSCdr39668)
•If the SNMP PDU size is greater than 1300 bytes, memory corruption occurs and the system might reset.
This problem is resolved in software release 5.4(3). (CSCdr33785)
•When routers are in PIMV1V2 mode, they send odd-length PIM packets. The IGMP Snooping checksum algorithm calculates the checksum incorrectly for odd-length packets and drops them, causing routers to time out their PIM neighbors.
This problem is resolved in software release 5.4(3). (CSCdr25218)
•In a shared-media environment, the UDLD detection mechanism may get stuck if many linkup and linkdown events occur concurrently.
This problem is resolved in software release 5.4(3). (CSCdp97787)
•UDLD enhancements, including an aggressive UDLD mode, have been added to software release 5.3(4) and later releases. For more information, refer to the "New Features for Supervisor Engine Software Release 5.4" section.
This problem is resolved in software release 5.4(3). (CSCdp69036)
•After a system reset under traffic, the switch initializes to VLAN 0 and Spanning Tree Protocol sets the ports to Forwarding state. Due to a short delay before the correct VLAN is set, packets might come in with VLAN 0 learned, which causes VLAN 0 CAM entries to be created and isolates the ports from connected devices.
This problem is resolved in software release 5.4(3). (CSCdr21314)
•When you upgrade from 5.4(1) or 5.4(2) to 5.4(3), 5.5(1) and newer software releases, the local snmpEngineID will automatically be converted from 10 bytes to 12 bytes if there is no local user configured in usmUserTable. If there are any local users in the usmUserTable, the 10-byte snmpEngineID will still remain unless you do one of the following:
–Delete all the local users from usmUserTable and then reset the system.
–Enter the clear config snmp or clear config all commands.
This problem is resolved in software release 5.4(3). (CSCdr22335)
•The clear config all command does not clear a port's UDLD configuration. For example, UDLD and aggressive UDLD are enabled on port 3/3. After clearing the system configuration and enabling system wide UDLD, port 3/3 UDLD shows enabled (show udld port 3/3). The clear config all command should have set the port UDLD to disable.
This problem is resolved in software release 5.4(3). (CSCdr35885)
•When an EtherChannel is configured between two switches and the Spanning Tree Protocol is disabled, under some circumstances (such as a reboot or the presence of a lot of broadcasts on the sc0 VLAN), the EtherChannel might take a long time to come up.
Workaround: Enable the Spanning Tree Protocol.
This problem is resolved in software release 5.4(3). (CSCdr16565)
•Under certain conditions, after closing a Telnet session, the switch still shows the session as open. Using the disconnect ip_address command to disconnect a user and manually close the session does not close the session.
This problem is fixed in software release 5.4(3). (CSCdp33649)
•In certain situations, incoming traffic is missing on the SPAN port when spanning from WS-X5012A module to WS-X5011 module or from WS-X5011 to WS-X5224 module using a different bus.
This problem is resolved in software release 5.4(3). (CSCdr22775)
•CAM entries for dynamic VLAN ports get corrupted during the aging time. As a result, the port connections are lost until the entries are relearned.
This problem is resolved in software release 5.4(3). (CSCdr27492)
•The show TopN utility reports errors on trunk ports when no errors occurred.
This problem is resolved in software release 5.4(3). (CSCdr23551)
•QoS classification does not work properly when an EtherChannel is disabled.
This problem is resolved in software releases 5.4(3) and 5.5(2). (CSCdr28804)
•Broadcast/multicast suppression on modules that support hardware suppression does not filter out Multicasts to DA FF FF FF FF FF 00.
This problem is resolved in software releases 4.5(7), 5.4(3), and 5.5(2). (CSCdr30012)
•When ISL trunking is enabled on a Token Ring module, BPDUs are dropped because the minimum size for ISL frames is set to 72 bytes while the minimum size for Token Ring frames is 58 bytes.
This problem is resolved in software release 5.4(3). (CSCdr29164)
•When a module with no NVRAM is disabled and then brought back online, the administrative group used by the module ports might be shared with ports on another module. This could cause a system reset since bundling ports across modules is not supported.
This problem is resolved in software release 5.4(3) and 5.5(2). (CSCdr25839)
•Repeatedly removing and creating an entry in cseStaticExtRouterTable using SNMP causes a system reset.
This problem is resolved in software release 5.4(3). (CSCdr40101)
•A system reset might occur during SNMP polling of the switch ports (SWPoll64bCnt) if a module goes on- and off-line frequently.
This problem is resolved in software release 5.4(3). (CSCdr41609)
•For the WS-U5534 uplink modules, the etherStatsOversizePkts RMON counters incorrectly reports increases for trunk links.
This problem is resolved in software release 5.4(3). (CSCdr38895)
•The show mls and show mls statistics ipx rp commands show that the switch has active IPX shortcut entries, but the show mls entry ipx and show mls entry ipx destination ipx_addr commands do not show the shortcut entries.
This problem is resolved in software release 5.4(3). (CSCdr18182)
•If the four ports on the WS-U5538 uplink module on the Supervisor Engine II G are grouped into two 2-port channels, the second 2-port channel is configured incorrectly.
This problem is resolved in software release 5.4(3) and 5.5(2). (CSCdr37866)
•In software release 5.4(1) and later, for authentication retries, TACACS+ prompts for a password only but not for a user name.
This problem is resolved in software release 5.4(3). (CSCdr44356)
Open and Resolved Caveats in Software Release 5.4(2a)
These sections describe the open and resolved caveats in supervisor engine software release 5.4(2a):
•Open Caveats in Software Release 5.4(2a)
•Resolved Caveats in Software Release 5.4(2a)
Open Caveats in Software Release 5.4(2a)
Note For a description of caveats resolved in software release 5.4(2a), see the "Resolved Caveats in Software Release 5.4(2a)" section.
This section describes open caveats in software release 5.4(2a):
•The clear log command does not clear the exception log for the Network Analysis Module (WS-X5380). (CSCdm32798)
•The LINK LED on the Supervisor Engine III G uplink port stays amber. Output from the show spantree command shows the port is in forwarding mode and is able to pass traffic normally. (CSCdr51720)
•A minor hardware problem that causes the switching bus to time out occurs during the power-on self-test on the supervisor engine if the configuration includes a single WS-X550x (Supervisor Engine II) and any combination of the WS-X5234-RJ45, WS-X5236-FX-MT, and WS-X5237-FX-MT modules. This problem occurs during every boot-up.
This problem applies only to switch configurations that consist of a single Supervisor Engine II (WS-X550x) and any combination of the WS-X5234-RJ45, WS-X5236-FX-MT, or WS-X5237-FX-MT modules. Redundant configurations of Supervisor Engine II, Supervisor Engine II G (WS-X5540), Supervisor Engine III (WS-X5530), and Supervisor Engine III G (WS-X5550) are not affected by this problem. (CSCdr27879)
•If you make a Telnet connection to a Supervisor Engine III running software version 4.5 and from there make a Telnet connection to another device, displaying a large list or file can cause the Telnet session to hang. (CSCdm79404)
•When large amounts of data are being displayed during a Telnet session, the Telnet session will sometimes hang. This usually happens if you have set the screen length to 0 and long show commands are being displayed or if you have cut and pasted several show commands onto the window.
Workaround: Avoid using cut and paste in a Telnet session and setting the screen length to non-zero. (CSCdp47176, CSCdr40184)
•Sometimes unplugging a cable from a port in older ATM modules (WS-X5156, WS-X5157, WS-X5158) does not remove the port from Spanning Tree Protocol when many VLANs are active on the switch. For this reason the show port command might indicate that the port is not connected, while the show spantree command will indicate that the port is in forwarding state.
Workaround: Unplug/plug back the cable or disable/reenable the port. If the cable is reconnected when the Spanning Tree Protocol has this inconsistent knowledge of the port, Spanning Tree Protocol loops can occur. (CSCdr17124)
Note CSCdr17124 has not been seen in later releases.
•On Solaris, if there is already a Java Plug-in installed with the Netscape browser and the Plug-in version is earlier than 1.1.3, the embedded CiscoView is unable to detect that version and might not work properly. (CSCdp56012)
•When cut-and-paste is used in an inbound or outbound Telnet session, some characters are missing and the Telnet session appears to hang. (CSCdr40184)
Resolved Caveats in Software Release 5.4(2a)
Note For a description of open caveats in software release 5.4(2a), see the "Open Caveats in Software Release 5.4(2a)" section.
This section describes resolved caveats in software release 5.4(2a):
•An error can occur with management protocol processing. Please use the following URL for further information:
http://www.cisco.com/pcgi-bin/bugtool/onebug.pl?bugid=CSCdw67458
This problem is resolved in software release 5.4(2a). (CSCdw67458)
Open and Resolved Caveats in Software Release 5.4(2)
These sections describe the open and resolved caveats in supervisor engine software release 5.4(2):
•Open Caveats in Software Release 5.4(2)
•Resolved Caveats in Software Release 5.4(2)
Open Caveats in Software Release 5.4(2)
Note For a description of caveats resolved in software release 5.4(2), see the "Resolved Caveats in Software Release 5.4(2)" section.
This section describes open caveats in software release 5.4(2):
•The clear log command does not clear the exception log for the Network Analysis Module (WS-X5380). (CSCdm32798)
•The LINK LED on the Supervisor Engine III G uplink port stays amber. Output from the show spantree command shows the port is in forwarding mode and is able to pass traffic normally. (CSCdr51720)
•A minor hardware problem that causes the switching bus to time out occurs during the power-on self-test on the supervisor engine if the configuration includes a single WS-X550x (Supervisor Engine II) and any combination of the WS-X5234-RJ45, WS-X5236-FX-MT, and WS-X5237-FX-MT modules. This problem occurs during every boot-up.
This problem applies only to switch configurations that consist of a single Supervisor Engine II (WS-X550x) and any combination of the WS-X5234-RJ45, WS-X5236-FX-MT, or WS-X5237-FX-MT modules. Redundant configurations of Supervisor Engine II, Supervisor Engine II G (WS-X5540), Supervisor Engine III (WS-X5530), and Supervisor Engine III G (WS-X5550) are not affected by this problem. (CSCdr27879)
•If you make a Telnet connection to a Supervisor Engine III running software version 4.5 and from there make a Telnet connection to another device, displaying a large list or file can cause the Telnet session to hang. (CSCdm79404)
•When large amounts of data are being displayed during a Telnet session, the Telnet session will sometimes hang. This usually happens if you have set the screen length to 0 and long show commands are being displayed or if you have cut and pasted several show commands onto the window.
Workaround: Avoid using cut and paste in a Telnet session and setting the screen length to non-zero. (CSCdp47176, CSCdr40184)
•Sometimes unplugging a cable from a port in older ATM modules (WS-X5156, WS-X5157, WS-X5158) does not remove the port from Spanning Tree Protocol when many VLANs are active on the switch. For this reason the show port command might indicate that the port is not connected, while the show spantree command will indicate that the port is in forwarding state.
Workaround: Unplug/plug back the cable or disable/reenable the port. If the cable is reconnected when the Spanning Tree Protocol has this inconsistent knowledge of the port, Spanning Tree Protocol loops can occur. (CSCdr17124)
Note CSCdr17124 has not been seen in later releases.
•On Solaris, if there is already a Java Plug-in installed with the Netscape browser and the Plug-in version is earlier than 1.1.3, the embedded CiscoView is unable to detect that version and might not work properly. (CSCdp56012)
•When cut-and-paste is used in an inbound or outbound Telnet session, some characters are missing and the Telnet session appears to hang. (CSCdr40184)
Resolved Caveats in Software Release 5.4(2)
Note For a description of open caveats in software release 5.4(2), see the "Open Caveats in Software Release 5.4(2)" section.
This section describes resolved caveats in software release 5.4(2):
•Packets are not marked with the correct CoS value when they exit a port which has EtherChannel turned on.
This problem is resolved in software release 5.4(2). (CSCdp71805)
•If a VTP client is connected to a VTP server by just one trunk and the VTP client is reset, the link on the client side may incorrectly be disabled.
This problem is resolved in software release 5.4(2). (CSCdp89198)
•When a Catalyst 5000 family switch with a FDDI switching module installed resets, the FDDI module does not forward traffic if the FDDI VLAN is not the same as the native VLAN.
This problem is resolved in software release 5.4(2). (CSCdp68378)
•In a dual supervisor engine configuration, the ports on the redundant supervisor engine fail to come up when they are disabled and then enabled using the set standbyports disable/enable commands.
This problem is resolved in software release 5.4(2). (CSCdp49323)
•On the Catalyst supervisor engine II and II G, GetNextUnicastEarlEntry does not return module and port number for Fast EtherChannel ports to the dot1dTpFdbTable.
This problem is resolved in software release 5.4(2). (CSCdp71680)
•When the logging level is changed over a Telnet session, the change does not take effect until the switch is reloaded.
This problem is resolved in software release 5.4(2). (CSCdp91935)
•The ifOutUcastPkts and ifInUcastPkts counter sometimes decrements instead of increments on 10/100 Ethernet ports.
This problem is resolved in software release 5.4(2). (CSCdp71615)
•In WS-C5500 and WS-C5509 chassis with redundant WS-X5530 supervisor engine running software versions 5.2(1) or 5.4(1) and multiple WS-X5239-RJ21 Ethernet switching modules, the Ethernet switching modules may become non-functional after a system reset or power cycle.
This problem is resolved in software release 5.4(2). (CSCdp95858)
•On Catalyst 5000 family switches running software versions prior to 5.4(2), the administrative source ports in the show span command display disappears if a module is removed. Once the module is reinserted, the ports reappear in the show span display.
This problem is resolved in 5.4(2). (CSCdp75909)
•RGMP does not use an official IANA address.
This problem is resolved in software release 5.4(2). (CSCdr05497)
•The Catalyst 5000 family switches do not support PIB version 0.6. As a result, error messages may display when certain unsupported policies are downloaded.
This problem is resolved in software release 5.4(2). (CSCdp92562)
•Ports remain in blocking state due to a Spanning Tree Protocol error, causing VLANs to become isolated.
This problem is resolved in software release 5.4(2) (CSCdp93234)
•The SNMP getone and getnext commands produce different values for the same dot1dTpFdbPort object when they retrieve LANE module port index information from the CAM table.
This problem is resolved in software release 5.4(2). (CSCdp80044)
•Use the following command sequence to avoid Spanning Tree errors on EtherChannel trunks configured with both the on channelling keyword and the nonegotiate trunking keyword:
set port channel mod/port on
set trunk mod/port nonegotiate
Do not use the set port channel mod/port mode on command.
This problem is resolved in release 5.4(2). (CSCdp85804)
•Summertime start and end dates are not calculated correctly when using the generic summertime rule if the start and end rules span across year-end (southern hemisphere rule).
Workaround: Use a fixed date for the southern hemisphere.
This problem is resolved in release 5.4(2). (CSCdp91755)
•A Catalyst switch configured with two Supervisor Engine III Gs (WS-X5550) with RSFCs forwards packets larger than 1454 bytes after a redundancy failover.
This problem is resolved in release 5.4(2).(CSCdp92661)
•Auto-recovery operation for ASIC may function incorrectly.
This problem is resolved in release 5.4(2). (CSCdr14225)
•The WS-X5225R module fails to negotiate the duplex mode correctly after a system reset or power cycle with Sun workstations Ultra 5.
This problem is resolved in release 5.4(2). (CSCdr03818)
•When upgrading from software version 4.x to versions prior to 5.4(2) with RMON history entries installed, the system may reset.
This problem is resolved in release 5.4(2). (CSCdr01233)
•The clear cops command is not recognized in the 5.4(1) software release on the WS-X5540 and WS-X5550 supervisor engines.
This problem is resolved in release 5.4(2). (CSCdr09635)
•Attempts to Telnet out of a Supervisor Engine III G from within a Telnet session causes the switch to reset.
This problem is resolved in release 5.4(2). (CSCdp96050)
Open and Resolved Caveats in Software Release 5.4(1)
These sections describe the open and resolved caveats in supervisor engine software release 5.4(1):
•Open Caveats in Software Release 5.4(1)
•Resolved Caveats in Software Release 5.4(1)
Open Caveats in Software Release 5.4(1)
Note For a description of caveats resolved in software release 5.4(1), see the "Resolved Caveats in Software Release 5.4(1)" section.
This section describes open caveats in software release 5.4(1):
•Use the following command sequence to avoid Spanning Tree errors on EtherChannel trunks configured with both the on channelling keyword and the nonegotiate trunking keyword:
set port channel mod/port on
set trunk mod/port nonegotiate
Do not use the set port channel mod/port mode on command. (CSCdp85804)
•The clear log command does not clear the exception log for the Network Analysis Module (WS-X5380). (CSCdm32798)
•Summertime start and end dates are not calculated correctly when using the generic summertime rule if the start and end rules span across year-end (southern hemisphere rule).
Workaround: Use a fixed date for the southern hemisphere. (CSCdp91755)
Resolved Caveats in Software Release 5.4(1)
Note For a description of open caveats in software release 5.4(1), see the "Open Caveats in Software Release 5.4(1)" section.
This section describes resolved caveats in software release 5.4(1):
•If you set the in-band (sc0) interface IP address to 0.0.0.0 (or if you clear the switch configuration using the clear config all command), the sc0 entry in the switch IP routing table might be replaced by a second entry for the SLIP (sl0) interface if the sl0 IP address is set to 0.0.0.0 (the default).
Workaround: Set the sl0 interface IP address to a value other than 0.0.0.0.
This problem is resolved in release 5.4(1). (CSCdm78466) (CSCdm78813)
•In some cases, the spanning tree port-VLAN cost for a port might not change when you change the overall spanning tree port cost for that port. In addition, if you create an EtherChannel from ports experiencing this problem, the port-VLAN costs (not the port costs) for the member ports are used to calculate the EtherChannel port cost, which might result in an unexpected EtherChannel cost.
Workaround: Set the correct port-VLAN cost manually for the ports using the set spantree portvlancost command.
This problem is resolved in release 5.4(1). (CSCdp01070)
Open and Resolved Caveats in Software Release 5.2(7a)
These sections describe the open and resolved caveats in supervisor engine software release 5.2(7a):
•Open Caveats in Software Release 5.2(7a)
•Resolved Caveats in Software Release 5.2(7a)
Open Caveats in Software Release 5.2(7a)
Note For a description of caveats resolved in software release 5.2(7a), see the "Resolved Caveats in Software Release 5.2(7a)" section.
This section describes open caveats in software release 5.2(7a):
•The clear log command does not clear the exception log for the Network Analysis Module (WS-X5380). (CSCdm32798)
•In some cases, the spanning tree port-VLAN cost for a port might not change when you change the overall spanning tree port cost for that port. In addition, if you create an EtherChannel from ports experiencing this problem, the port-VLAN costs (not the port costs) for the member ports are used to calculate the EtherChannel port cost, which might result in an unexpected EtherChannel cost.
Workaround: Set the correct port-VLAN cost manually for the ports using the set spantree portvlancost command.
This problem is resolved in release 5.4(1). (CSCdp01070)
•If you set the in-band (sc0) interface IP address to 0.0.0.0 (or if you clear the switch configuration using the clear config all command), the sc0 entry in the switch IP routing table might be replaced by a second entry for the SLIP (sl0) interface if the sl0 IP address is set to 0.0.0.0 (the default).
Workaround: Set the sl0 interface IP address to a value other than 0.0.0.0.
This problem is resolved in release 5.4(1). (CSCdm78466) (CSCdm78813)
Resolved Caveats in Software Release 5.2(7a)
Note For a description of open caveats in software release 5.2(7a), see the "Open Caveats in Software Release 5.2(7a)" section.
This section describes resolved caveats in software release 5.2(7a):
•An error can occur with management protocol processing. Please use the following URL for further information:
http://www.cisco.com/pcgi-bin/bugtool/onebug.pl?bugid=CSCdw67458
This problem is resolved in software release 5.2(7a). (CSCdw67458)
Open and Resolved Caveats in Software Release 5.2(4)
These sections describe the open and resolved caveats in supervisor engine software release 5.2(4):
•Open Caveats in Software Release 5.2(4)
•Resolved Caveats in Software Release 5.2(4)
Open Caveats in Software Release 5.2(4)
Note For a description of caveats resolved in software release 5.2(4), see the "Resolved Caveats in Software Release 5.2(4)" section.
This section describes open caveats in software release 5.2(4):
•The clear log command does not clear the exception log for the Network Analysis Module (WS-X5380). (CSCdm32798)
•In some cases, the spanning tree port-VLAN cost for a port might not change when you change the overall spanning tree port cost for that port. In addition, if you create an EtherChannel from ports experiencing this problem, the port-VLAN costs (not the port costs) for the member ports are used to calculate the EtherChannel port cost, which might result in an unexpected EtherChannel cost.
Workaround: Set the correct port-VLAN cost manually for the ports using the set spantree portvlancost command.
This problem is resolved in release 5.4(1). (CSCdp01070)
•If you set the in-band (sc0) interface IP address to 0.0.0.0 (or if you clear the switch configuration using the clear config all command), the sc0 entry in the switch IP routing table might be replaced by a second entry for the SLIP (sl0) interface if the sl0 IP address is set to 0.0.0.0 (the default).
Workaround: Set the sl0 interface IP address to a value other than 0.0.0.0.
This problem is resolved in release 5.4(1). (CSCdm78466) (CSCdm78813)
Resolved Caveats in Software Release 5.2(4)
Note For a description of open caveats in software release 5.2(4), see the "Open Caveats in Software Release 5.2(4)" section.
This section describes resolved caveats in software release 5.2(4):
•Occasionally, when MLS detects a host move, the show mls entry command might display no entries.
This problem is resolved in software release 5.2(4). (CSCdp39218)
•Configuring the RMON alarm for the ATM module-related MIB object might cause Catalyst 5000 family switches to stop responding to SNMP requests.
This problem is resolved in software release 5.2(4). (CSCdp48766)
•When using VMPS on ports connected to routers running HSRP that are not configured to use the manufacturer-assigned MAC address, the switch might reset when the active HSRP router is being shut down.
This problem is resolved in software release 5.2(4). (CSCdp51787)
•Occasionally, when a switch is reset, it may receive a TLB exception and reset again.
This problem is resolved in software release 5.2(4). (CSCdm30574)
•The switch might reset following a show configuration command if the login banner, set via SNMP, is longer than 200 characters without a carriage return.
This problem is resolved in software release 5.2(4). (CSCdp65405)
•Systems with a high level of SNMP activity may receive out of memory messages.
This problem is resolved in software release 5.2(4). (CSCdp58575)
•Occasionally when a port is enabled, inline rewrite is not enabled.
This problem is resolved in software release 5.2(4). (CSCdp27228)
•VTP updates received through other trunks might enable disabled trunks that have a default VLAN other than 1.
This problem is resolved in software release 5.2(4). (CSCdp39638)
•A TLB exception might occur if the module status polling process attempts to access an uninitialized memory address.
This problem is resolved in software release 5.2(4). (CSCdp60336)
•The Kerberos Client functionality on Cisco products, when configured to provide access control, will fail in a deny state when the expiration of the credentials is in January or February of leap years, which denies any Kerberos-authenticated access.
This problem is resolved in software release 5.2(4). (CSCdp61840)
•A switch configured to use DHCP might reset if you enter a clear configuration command before the IP address is received and then enter a set interface sc0 dhcp renew command before the port has entered the spanning tree forwarding state and you then assign a static IP address. Assigning a static IP address kills the DHCP process, but some internal DHCP protocols are not freed, which leaves more than one IP protocol stack loaded and causes a reset.
This problem is resolved in software release 5.2(4). (CSCdp34956)
•The link speed detected by SNMP does not change when a port is disconnected.
This problem is resolved in software release 5.2(4). (CSCdp42337)
•After entry of a set int sc0 dhcp release command, the supervisor engine might not renew with DHCP and receive an IP address.
This problem is resolved in software release 5.2(4). (CSCdp32813)
•When running MLS on a Catalyst 5000 with an ATM module, the place holding CAM entries for the MLS-RP on the Catalyst 5000 will cause the LANE module to incorrectly respond to LE-ARP for the MLS-RP's MAC address.
Workaround: Disable MLS on switches that do not have a local MLS-RP.
This problem is resolved in software release 5.2(4). (CSCdp37448)
•When a port channel is configured between the Catalyst 6000 and Catalyst 5000 family switches, the pings between the switches fail if more than 2 ports are added and if the CAM table is cleared when the pings are in progress.
This problem is resolved in software release 5.2(4). (CSCdp35639)
•In software versions 4.5(3) and 4.5(4), when a VLAN designation is changed and portfast is enabled on a port on the WS-X5010, new MAC entries are not learned until the port is disabled and re-enabled.
This problem is resolved in software release 5.2(4). (CSCdp38670)
•The SPANTREE-3-PORTDEL_FAILNOTFOUND message severity level needs to be changed to 7: debugging level.
This problem is resolved in software release 5.2(4). (CSCdp50989)
•When upgrading from 4.4(1) to 5.2(2), two 2-port channels may be merged into one 4-port channel if the two 2-port channels fall into the same four port boundary. When adjacent two 2-port channels are merged, a spanning tree loop occurs, and the affected 4 ports enter the errdisable state.
This problem is resolved in software release 5.2(4). (CSCdp44194)
•The system clock might stop. The time and date stamp then remains unchanged and appears on all subsequent system log events and show time output.
This problem is resolved in software release 5.2(4). (CSCdp35421)
•In a Catalyst 5000 family switch with Supervisor Engine III G, some modules may not respond when a show module command is issued and then the non-responding modules reset.
This problem is resolved in software release 5.2(4). (CSCdm29095)
•The switch might reset if a module is removed during redundant supervisor engine switchover.
This problem is resolved in software release 5.2(4). (CSCdp59829)
•Entering a Telnet command might cause the switch to reset.
This problem is resolved in software release 5.2(4). (CSCdp75537)
•Permanent CAM entries created by MPOA are not removed when an ATM module is removed or reset.
This problem is resolved in software release 5.2(4). (CSCdm94115)
•Following cable disconnection and reconnection, URT-supported NT workstations might not be able to login.
This problem is resolved in software release 5.2(4). (CSCdp50922)
•When MLS is reenabled, QoS entries established based on the MLS-RP's MAC address are not removed.
This problem is resolved in software release 5.2(4). (CSCdp73196)
Open and Resolved Caveats in Software Release 5.2(3)
These sections describe the open and resolved caveats in supervisor engine software release 5.2(3):
•Open Caveats in Software Release 5.2(3)
•Resolved Caveats in Software Release 5.2(3)
Open Caveats in Software Release 5.2(3)
Note For a description of caveats resolved in software release 5.2(3), see the "Resolved Caveats in Software Release 5.2(3)" section.
This section describes open caveats in software release 5.2(3):
•The clear log command does not clear the exception log for the Network Analysis Module (WS-X5380). (CSCdm32798)
•In some cases, the spanning tree port-VLAN cost for a port might not change when you change the overall spanning tree port cost for that port. In addition, if you create an EtherChannel from ports experiencing this problem, the port-VLAN costs (not the port costs) for the member ports are used to calculate the EtherChannel port cost, which might result in an unexpected EtherChannel cost.
Workaround: Set the correct port-VLAN cost manually for the ports using the set spantree portvlancost command.
This problem is resolved in release 5.4(1). (CSCdp01070)
•If you set the in-band (sc0) interface IP address to 0.0.0.0 (or if you clear the switch configuration using the clear config all command), the sc0 entry in the switch IP routing table might be replaced by a second entry for the SLIP (sl0) interface if the sl0 IP address is set to 0.0.0.0 (the default).
Workaround: set the sl0 interface IP address to a value other than 0.0.0.0.
This problem is resolved in release 5.4(1). (CSCdm78466) (CSCdm78813)
Resolved Caveats in Software Release 5.2(3)
Note For a description of open caveats in software release 5.2(3), see the "Open Caveats in Software Release 5.2(3)" section.
This section describes caveats resolved in software release 5.2(3):
•When upgrading from any Catalyst 5000 4.x software release to software release 5.2(2), the SNMP trap receiver conversion causes SNMP trap receiver information to be lost and replaced with 10 incorrect SNMP trap receivers of 0.0.0.0.
Workaround: Enter the clear snmp trap all command and reenter the valid SNMP trap receivers.
This problem is resolved in software release 5.2(3) (CSCdp44206)
Open and Resolved Caveats in Software Release 5.2(2)
These sections describe the open and resolved caveats in supervisor engine software release 5.2(2):
•Open Caveats in Software Release 5.2(2)
•Resolved Caveats in Software Release 5.2(2)
Open Caveats in Software Release 5.2(2)
Note For a description of caveats resolved in software release 5.2(2), see the "Resolved Caveats in Software Release 5.2(2)" section.
This section describes open caveats in software release 5.2(2):
•The clear log command does not clear the exception log for the Network Analysis Module (WS-X5380). (CSCdm32798)
•In some cases, the spanning tree port-VLAN cost for a port might not change when you change the overall spanning tree port cost for that port. In addition, if you create an EtherChannel from ports experiencing this problem, the port-VLAN costs (not the port costs) for the member ports are used to calculate the EtherChannel port cost, which might result in an unexpected EtherChannel cost.
Workaround: Set the correct port-VLAN cost manually for the ports using the set spantree portvlancost command.
This problem is resolved in release 5.4(1). (CSCdp01070)
•If you set the in-band (sc0) interface IP address to 0.0.0.0 (or if you clear the switch configuration using the clear config all command), the sc0 entry in the switch IP routing table might be replaced by a second entry for the SLIP (sl0) interface if the sl0 IP address is set to 0.0.0.0 (the default).
Workaround: Set the sl0 interface IP address to a value other than 0.0.0.0.
This problem is resolved in release 5.4(1). (CSCdm78466) (CSCdm78813)
Resolved Caveats in Software Release 5.2(2)
Note For a description of open caveats in software release 5.2(2), see the "Open Caveats in Software Release 5.2(2)" section.
This section describes caveats resolved in software release 5.2(2):
•When the backup concentrator relay function (CRF) is configured on the Catalyst 5000 supervisor engine, it is stored in the NVRAM, but when you enter a copy config command, the CRF configuration parameters do not get copied with the rest of the switch configuration. If the switch is power-cycled, the backup CRF configuration is retained in the NVRAM.
This problem is resolved in software release 5.2(2). (CSCdp38648)
•RMON rising and falling threshold traps are not generated when the alarm variable is set to an RMON object with an instance that is not equal to (ifIndex-1)/16.
This problem is resolved in software release 5.2(2). (CSCdm76987)
•Trunk connections may go up and down when the channel mode is ON and the trunk mode is non-negotiate.
Workaround: Ensure that the ports are trunking before the channel is formed.
This problem is resolved in software release 5.2(2). (CSCdp32703)
•Under certain conditions, when you perform a MIB walk on the switch, this message might appear on the console if you poll the cpmProcessTable object:
%SYS-3-LLC_SCPSTATNOTOK:Send scp message to module 1 status 255
This problem does not affect the normal operation of the switch, and the correct values for the cpmProcessTable object are returned.
This problem is resolved in software release 5.2(2). (CSCdm91242)
•You cannot clear a specific user-configured dynamic CAM entry using the clear cam mac_addr command. There is no workaround. However, you can clear all dynamic CAM entries (including user-configured dynamic entries) using the clear cam dynamic command. In addition, unused user-configured dynamic entries are aged out by the normal mechanisms. The clear cam mac_addr command results in the following erroneous message, although the entry has in fact been cleared:
This problem is resolved in software release 5.2(2). (CSCdm76686) (CSCdk48841)
•If you configure a Kerberos server using the set kerberos server kerberos-realm {hostname | ip-address} port-number command without specifying the port number, the Kerberized Telnet session fails.
Workaround: Specify the port number.
This problem is resolved in software release 5.2(2). (CSCdm83742)
•In some cases, power cycling or resetting the switch erases permanent CAM entries. The correct behavior is that permanent entries remain in the CAM through a power cycle or system reset.
Workaround: Reenter permanent entries after power cycling or resetting the switch.
This problem is resolved in software release 5.2(2). (CSCdm25544)
•The VTP client is unable to learn the ELAN names on an ATM LANE module connecting a Catalyst 5000 switch to an ATM backbone.
This problem is resolved in software release 5.2(2). (CSCdp29056)
•Occasionally, no IP connectivity occurs between the Catalyst 5000 supervisor engine and a Catalyst 3900 over Token Ring ISL trunk.
This problem is resolved in software release 5.2(2). (CSCdp07427)
•With the Multiple Default Gateway (MDG) feature, the switch pings its default gateway(s) every 10 seconds to verify they are still available. The set feature mdg enable/disable command is needed to turn off this feature if users do not want to have their switches sending out pings every 10 seconds.
This problem is resolved in software release 5.2(2). (CSCdm69920)
•Multicast and broadcast related counters are not cleared correctly after the clear counter command is issued.
This problem is resolved in software release 5.2(2). (CSCdm94354)
•The switch may reboot if the "help" keyword is abbreviated in the command line.
This problem is resolved in software release 5.2(2). (CSCdp18798)
•Kerberos authentication lookups fail on me1 when the me1 address is not the same as the sc0 address.
This problem is resolved in software release 5.2(2). (CSCdm82831)
•The supervisor engine software incorrectly discards Token Ring source-routed frames from the RSM destined to Token Ring ports on the chassis.
This problem is resolved in software release 5.2(2). (CSCdp21155)
•In some cases, the Supervisor Engine III G fails to download a software image.
This problem is resolved in software release 5.2(2). (CSCdp25702)
•A Catalyst 5509 switch with redundant supervisor engine (WS-X5550) erroneously shows that EARL tests failed.
This problem is resolved in software release 5.2(2). (CSCdp21580)
•The Token Ring module is slow to recover from a supervisor engine switchover.
This problem is resolved in software release 5.2(2). (CSCdp27114)
•When VTP v2 is enabled and port channels are configured and the port channel status is changed by resetting the module or disabling/reenabling the port channel, the RSM becomes unreachable.
This problem is resolved in software release 5.2(2). (CSCdp28707)
•Ports on the redundant supervisor engine are not included in the ifIndex-related MIB tables.
Workaround: Reset the redundant supervisor engine.
This problem is resolved in software release 5.2(2). (CSCdm30287)
•When two Supervisor Engine III Gs are used, the active supervisor engine does not see the GBICs on the redundant module, although ports stay fully operational. When the redundant supervisor engine becomes active, it recognizes its own GBIC but is unable to see GBICs on the redundant supervisor engine.
This problem is resolved in software release 5.2(2). (CSCdp30570)
•If you set the spanning tree port cost of an EtherChannel port bundle using the set channel cost command, the configured value might change if you reset the switch or the module on which the channel is configured.
This problem is resolved in software release 5.2(2). (CSCdm89834)
•In some cases, if you change the SPAN source port of a SPAN session from a single switch port to an EtherChannel port using the same destination SPAN port, the following error message is displayed on the console:
Invalid port number in SPAN source ports
However, all of the ports in the EtherChannel are set correctly as the SPAN source ports and the traffic on the EtherChannel is mirrored properly to the SPAN destination port.
This problem is resolved in software release 5.2(2). (CSCdp00873)
•When ELANs are configured on an ATM module, but a corresponding VLAN is not configured on the supervisor engine, you might see syslog message such as the following:
1999 Aug 24 17:15:51 EDT -04:00 %PRUNING-4-NOBUF:no mbuf to build join
This message indicates that a protocol failed to find a memory buffer to perform an operation.
Workaround: Configure the corresponding VLANs on the supervisor engine. The syslog messages should stop within a few minutes.
This problem is resolved in software release 5.2(2). (CSCdm30975)
•Communication using SLIP on the console port of a Supervisor Engine II might fail.
This problem is resolved in software release 5.2(2). (CSCdm45445)
•In certain redundant network topologies, if a spanning tree topology change (route flap) causes the IP MLS entry for an HSRP router interface to be removed from the MLS cache, the entry might not be added back to the MLS cache properly when the link comes back up.
This problem is resolved in software release 5.2(2). (CSCdm90511)
•If you configure a permanent multicast CAM entry for multiple ports and you then change the port-VLAN membership of two or more of those ports, the switch might reset. Only the first port specified in the list retains the new VLAN membership, and that port is removed from the permanent CAM entry.
Workaround: Assign each port to the new VLAN individually.
This problem is resolved in software release 5.2(2). (CSCdm91321)
•In a switch with redundant supervisor engines and 24-port 10/100BASE-TX RJ-45 (WS-X5224) modules, if a port on a WS-X5224 module shuts down due to port security violation, the port will not recover the link to connected devices after a switchover from the active to the redundant supervisor engine. In addition, if you disconnect the cables on the affected port, the Link LED remains green and the link is not dropped.
Workaround: Disable and reenable the affected port.
This problem is resolved in software release 5.2(2). (CSCdp08791)
Open and Resolved Caveats in Software Release 5.2(1)
These sections describe the open and resolved caveats in supervisor engine software release 5.2(1):
•Open Caveats in Software Release 5.2(1)
•Resolved Caveats in Software Release 5.2(1)
Open Caveats in Software Release 5.2(1)
Note For a description of caveats resolved in software release 5.2(1), see the "Resolved Caveats in Software Release 5.2(1)" section.
This section describes open caveats in software release 5.2(1):
•In some cases, power cycling or resetting the switch erases permanent CAM entries. The correct behavior is that permanent entries remain in the CAM through a power cycle or system reset.
Workaround: Reenter permanent entries after power cycling or resetting the switch.
This problem is resolved in software release 5.2(2). (CSCdm25544)
•You cannot clear a specific user-configured dynamic CAM entry using the clear cam mac_addr command.
Workaround: Clear all dynamic CAM entries using the clear cam dynamic command, or wait for the entry to age out (if no traffic from that address is received by the switch).
This problem is resolved in software release 5.2(2). (CSCdk48841)
•The clear log command does not clear the exception log for the Network Analysis Module (WS-X5380). (CSCdm32798)
•You cannot clear a specific user-configured dynamic CAM entry using the clear cam mac_addr command. There is no workaround. However, you can clear all dynamic CAM entries (including user-configured dynamic entries) using the clear cam dynamic command. In addition, unused user-configured dynamic entries are aged out by the normal mechanisms. This problem is resolved in software release 5.2(2). (CSCdm76686)
•If you set the in-band (sc0) interface IP address to 0.0.0.0 (or if you clear the switch configuration using the clear config all command), the sc0 entry in the switch IP routing table might be replaced by a second entry for the SLIP (sl0) interface if the sl0 IP address is set to 0.0.0.0 (the default).
Workaround: Set the sl0 interface IP address to a value other than 0.0.0.0.
This problem is resolved in release 5.4(1). (CSCdm78466)
•In some cases, if you release a DHCP lease using the set interface sc0 dhcp release command and then attempt to obtain a new address using the set interface sc0 dhcp renew command, the switch might fail to obtain an IP address from the DHCP server. This problem is resolved in release 5.4(1). (CSCdm78813)
•If you configure a Kerberos server using the set kerberos server kerberos-realm {hostname | ip-address} port-number command without specifying the port number, the Kerberized Telnet session fails.
Workaround: Specify the port number.
This problem is resolved in software release 5.2(2). (CSCdm83742)
•If you set the spanning tree port cost of an EtherChannel port bundle using the set channel cost command, the configured value might change if you reset the switch or the module on which the channel is configured. This problem is resolved in software release 5.2(2). (CSCdm89834)
•Under certain conditions, when you perform a MIB walk on the switch, this message might appear on the console if you poll the cpmProcessTable object:
%SYS-3-LLC_SCPSTATNOTOK:Send scp message to module 1 status 255
This problem does not affect the normal operation of the switch and the correct values for the cpmProcessTable object are returned. This problem is resolved in software release 5.2(2). (CSCdm91242)
•If you configure a SPAN session, reset the switch, and then disable SPAN, the former SPAN destination port remains in a not-connected state even when an active device is attached to the port.
Workaround: Disable and reenable the affected port. (CSCdp02036)
•In some cases, if you change the SPAN source port of a SPAN session from a single switch port to an EtherChannel port using the same destination SPAN port, the following error message is displayed on the console:
Invalid port number in SPAN source ports
However, all of the ports in the EtherChannel are set correctly as the SPAN source ports and the traffic on the EtherChannel is mirrored properly to the SPAN destination port. This problem is resolved in software release 5.2(2). (CSCdp00873)
•In some cases, the spanning tree port-VLAN cost for a port might not be changed when you change the overall spanning tree port cost for that port. In addition, if you create an EtherChannel from ports experiencing this problem, the port-VLAN costs (not the port costs) for the member ports are used to calculate the EtherChannel port cost, which might result in an unexpected EtherChannel cost.
Workaround: Manually set the correct port-VLAN cost for the ports using the set spantree portvlancost command.
This problem is resolved in release 5.4(1). (CSCdp01070)
•When there are ELANs configured on an ATM module but a corresponding VLAN is not configured on the supervisor engine, you might see syslog message such as the following:
1999 Aug 24 17:15:51 EDT -04:00 %PRUNING-4-NOBUF:no mbuf to build join
These messages indicate that a protocol failed to find a memory buffer to perform an operation.
Workaround: Configure the corresponding VLANs on the supervisor engine. The syslog messages should stop within a few minutes.
This problem is resolved in software release 5.2(2). (CSCdm30975)
•Communication using SLIP on the console port of a Supervisor Engine II might fail. This problem is resolved in software release 5.2(2). (CSCdm45445)
•In certain redundant network topologies, if a spanning tree topology change (route flap) causes the IP MLS entry for an HSRP router interface to be removed from the MLS cache, the entry might not be added back to the MLS cache properly when the link comes back up. This problem is resolved in software release 5.2(2). (CSCdm90511)
•If you configure a permanent multicast CAM entry for multiple ports and you then change the port-VLAN membership of two or more of those ports, the switch might reset. Only the first port specified in the list retains the new VLAN membership, and that port is removed from the permanent CAM entry.
Workaround: Assign each port to the new VLAN individually.
This problem is resolved in software release 5.2(2). (CSCdm91321)
•In a switch with redundant supervisor engines and 24-port 10/100BASE-TX RJ-45 (WS-X5224) modules, if a port on a WS-X5224 module is shutdown due to port security violation, the port will not recover link to connected devices after a switchover from the active to the redundant supervisor engine. In addition, if you disconnect the cables on the affected port, the Link LED remains green and the link is not dropped.
Workaround: Disable and reenable the affected port.
This problem is resolved in software release 5.2(2). (CSCdp08791)
Resolved Caveats in Software Release 5.2(1)
Note For a description of open caveats in software release 5.2(1), see the "Open Caveats in Software Release 5.2(1)" section.
This section describes caveats resolved in software release 5.2(1):
•In some cases, attempts to set the primary VMPS server using SNMP fail.
Workaround: Set the primary VMPS server using the CLI.
This problem is resolved in software release 5.2(1). (CSCdm31717)
•Enabling UplinkFast increases the port cost of Token Ring modules by 3000.
Workaround: Reconfigure the port cost on Token Ring modules to the desired value after enabling UplinkFast on the switch.
This problem is resolved in software release 5.2(1). (CSCdm39080)
•On certain modules, due to the manner in which the software polls the port for packet totals, the output of the show mac command might report an incorrect value (0xFFFF FFFF FFFF FFFF - broadcasts - multicasts + total packets) for the Xmit-Unicast counter. The problem occurs when the total packets transmitted value reported is less than the total (multicast + broadcast) packets transmitted value. These switching modules are affected:
–WS-X5010—24-port 10BASE-T (Telco connector)
–WS-X5011—12-port 10BASE-FL MMF (ST connector)
–WS-X5013—24-port 10BASE-T (RJ-45 connector)
–WS-X5113—12-port 100BASE-TX (RJ-45 connector)
This problem is resolved in software release 5.2(1). (CSCdm25614)
•If you configure RMON alarm entries, if the value of the sampled alarmVariable overflows during the configured alarmInterval, alarmValue will be reported as a negative value. If the alarmValue is reported as a negative value, you can use the following calculation to determine the correct value: (alarmValue + 232-1).
This problem is resolved in software release 5.2(1). (CSCdm27392)
•IP multicast MLS traffic is not transmitted out the ATM interface on the Catalyst 5000 family dual-PHY OC-12 ATM LANE/MPOA modules (WS-X5161 and WS-X5162). This problem does not occur if you are running ATM module release 11.3(10)WA4(13) or 12.0(4a)W5(10) on the ATM module.
This problem is resolved in software release 5.2(1). (CSCdm30413)
•If you attempt to form an EtherChannel between four ports on a Catalyst 5000 family switch and four ports on a Catalyst 6000 family switch, the Catalyst 6000 family switch might bundle the ports in such a manner that one of the ports is connected to an individual port on the Catalyst 5000 family switch, resulting in a spanning tree loop. In this case, ports are placed in the errdisable state.
Workaround: Remove the problem port on the Catalyst 6000 family switch from the EtherChannel administrative group.
This problem is resolved in software release 5.2(1). (CSCdm63203)
•On some switch ports, if you enable port security on the port before the port is in the spanning tree forwarding state, port security might shut the port down. This problem occurs only if BPDUs, broadcast packets, or other traffic is received on the port before the port enters the forwarding state. This problem affects these modules:
–WS-X5223—24-port 3 segment 100BASE-TX (RJ-45 connector)
–WS-X5224—24-port 10/100BASE-TX (RJ-45 connector)
–WS-X5020—48-port 4 segment 10BASE-T (Telco connector)
–WS-X5010—24-port 10BASE-T (Telco connector)
–WS-X5014—48-port 10BASE-T (RJ-45 connector)
–WS-X5012—48-port 10BASE-T (Telco connector)
–WS-X5012a—48-port 10BASE-T (Telco connector)
–WS-X5013—24-port 10BASE-T (RJ-45 connector)
Workaround: Enable the port security feature after the port is in the forwarding state (use the show spantree mod_num/port_num command to verify the spanning tree state).
This problem is resolved in software release 5.2(1). (CSCdk73206)
•In some cases, autonegotiation fails when connecting some 10/100-Mbps Fast Ethernet modules to a Compaq 4000 system with the Netflex 3 NIC.
This problem is resolved in software release 5.2(1). (CSCdk87853)
•In some cases, entering the show cdp neighbors detail command causes the switch to generate "alignment correction" syslog messages. These messages do not affect the functionality of the switch.
This problem is resolved in software release 5.2(1). (CSCdk85671)
•Enabling an ISL trunk on a switch with many (spanning tree enabled) VLANs can cause the switch to delay BPDU transmission on TrBRF and TrCRF VLANs if the switch is the root bridge for any of the defined VLANs.
This problem is resolved in software release 5.2(1). (CSCdk69087)
•If DNS is enabled and none of the configured DNS servers is reachable, local password authentication can be excessively slow.
This problem is resolved in software release 5.2(1). (CSCdm14239)
•In some cases, when the active link of an UplinkFast link pair is disconnected, the switch does not transmit broadcast frames on the secondary link.
This problem is resolved in software release 5.2(1). (CSCdm23587)
•In some cases, if you enable PortFast on a port on the Gigabit Ethernet uplink module (WS-U5534) and the attached end station is rebooted, the port stops transmitting traffic. The port continues to receive traffic.
Workaround: Disable and then reenable the port (using the set port disable and set port enable commands) after the end station has rebooted, or disable PortFast on the port (using the set spantree portfast disable command).
This problem is resolved in software release 5.2(1). (CSCdm27416)
•In some cases, on a switch with both BackboneFast and UplinkFast enabled, the show spantree mod/port output shows that a port is in forwarding mode, but in reality the port is in listening mode. As a result, all data traffic received on the port is discarded.
Workaround: Disable and reenable the affected port.
This problem is resolved in software release 5.2(1). (CSCdm08504)
•In some cases, UplinkFast does not function correctly between a Catalyst 5000 family switch and a Catalyst 4000 family switch, a Catalyst 2948G switch, or a Catalyst 5000 family Gigabit EtherChannel module (WS-X5410).
This problem is resolved in software release 5.2(1). (CSCdm34341)
•In some cases, if a Telnet session to the switch closes abnormally while the switch is authenticating a user with the TACACS+ server, the switch might not close the session to the server properly, eventually causing the server to reach the maximum number of supported sessions. Subsequent attempts to authenticate with the server will fail.
This problem is resolved in software release 5.2(1). (CSCdk79831)
•Under specific conditions, a spanning tree loop might occur in a redundant configuration with Catalyst 5000 family and Catalyst 3900 series switches connected using ISL trunks.
This problem is resolved in software release 5.2(1). (CSCdm24178)
•In some cases, a Catalyst 5000 family switch might bridge an 802.1Q-encapsulated BPDU if spanning tree is disabled and both an 802.1Q trunk and an ATM LANE or ISL trunk are configured on the switch.
This problem is resolved in software release 5.2(1). (CSCdm26165)
•In a switch with one or more 24-port 10/100BASE-TX Fast Ethernet modules (WS-X5225R) or the 12-port 100BASE-FX Ethernet (WS-X5201R) modules, the swBusSBDErrorDrop counter in the show counters output increments if the module detects invalid frames on the backplane. Such frames are discarded and have no effect on the normal operation of the switch.
This problem is resolved in software release 5.2(1). (CSCdm02396)
•If you reset the switch with certain Lancast MII transceivers attached, the port to which the transceiver is attached is marked faulty.
Workaround: Disconnect the transceiver, reset the switch, and then reattach the transceiver after the switch boots up.
This problem is resolved in software release 5.2(1). (CSCdk70113)
•When you configure dynamic VLAN membership for any EtherChannel-capable port, spanning tree convergence time is 7 to 8 seconds longer than usual for those ports.
This problem is resolved in software release 5.2(1). (CSCdm40338)
•A syslog message for a given facility is not sent to the syslog server if the syslog server severity level is set to a value equal to or greater than the message severity but the default severity level for that facility is set to a value less than the message severity.
Workaround: Set the default facility severity level to a value equal to or greater than the configured syslog severity level. In release 5.2(1), syslog messages are sent to the syslog server if the syslog server severity level is equal to or greater than the message severity and the default facility severity level is equal to or greater than the message severity. (CSCdm71889)
•If you configure a port as an ISL trunk in on mode and the neighbor port is configured in off mode, the switch still forwards Token Ring ISL frames over the link.
Workaround: Correct the misconfiguration by configuring the ports to compatible trunk modes (for example, both off, both on, one desirable and one auto, and so forth).
This problem is resolved in software release 5.2(1). (CSCdm44861)
•In some cases, when you clear the configuration using the clear config all command, not all routes are removed from the IP routing table.
Workaround: Configure the in-band (sc0), out-of-band management Ethernet (me1), and SLIP (sl0) interfaces down using the set interface {sc0 | me1 | sl0} down command before clearing the configuration.
This problem is resolved in software release 5.2(1). (CSCdm56746)
•If you configure an RMON threshold alarm on the switch and that alarm is triggered while a MIB walk is in progress, the MIB walking application might loop back to the first leaf of the MIB branch it is currently walking.
Workaround: Disable RMON, not configure any RMON alarms on the switch, or increase the polling interval of the alarm (such as one poll every five minutes).
This problem is resolved in software release 5.2(1). (CSCdm34091)
•In some cases, the CiscoView application fails to display a Catalyst 5000 family switch if the switch contains 24-port 10/100BASE-TX RJ-45 (WS-X5224) or 24-port 10/100BASE-TX Fast Ethernet RJ-45 (WS-X5225R) modules.
Workaround: Increase the polling interval value on the CiscoView application.
This problem is resolved in software release 5.2(1). (CSCdm34809)
•If you configure a switch from a configuration file on a TFTP server and the configuration applies to 24-port 10BASE-T RJ-45 (WS-X5013) modules in the switch, one or more of the WS-X5013 modules might stop responding. In addition, if you enter the show mac command, this message is displayed for the affected module: "Unable to access counters."
Workaround: Reset the module.
This problem is resolved in software release 5.2(1). (CSCdm74925)
•In some topologies with MLS enabled on multiple switches, UplinkFast convergence time might be slower than expected, causing excessive packet drops.
This problem is resolved in software release 5.2(1). (CSCdm67466)
•There is no SNMP MIB support for redundant supervisor engine uplink ports.
This problem is resolved in software release 5.2(1). (CSCdm12187)
•In some cases, the following message appears on the supervisor engine console:
%SYS-1-MOD_INVALIDSEQ:Bus asic invalid sequence occurred on module
This message has no effect on the functionality of the system and can be safely ignored.
This problem is resolved in software release 5.2(1). (CSCdm32301)
•In some cases, port utilization is reported incorrectly.
This problem is resolved in software release 5.2(1). (CSCdm18211)
Open and Resolved Caveats in Software Release 5.1(2b)
These sections describe the open and resolved caveats in supervisor engine software release 5.1(2b):
•Open Caveats in Software Release 5.1(2b)
•Resolved Caveats in Software Release 5.1(2b)
Open Caveats in Software Release 5.1(2b)
Note For a description of caveats resolved in software release 5.1(2b), see the "Resolved Caveats in Software Release 5.1(2b)" section.
This section describes open caveats in software release 5.1(2b).
•In some cases, power cycling or resetting the switch erases permanent CAM entries. The correct behavior is that permanent entries remain in the CAM through a power cycle or system reset.
Workaround: Reenter permanent entries after power cycling or resetting the switch.
This problem is resolved in software release 5.2(2). (CSCdm25544)
•You cannot clear a specific user-configured dynamic CAM entry using the clear cam mac_addr command.
Workaround: Clear all dynamic CAM entries using the clear cam dynamic command, or wait for the entry to age out (if no traffic from that address is received by the switch).
This problem is resolved in software release 5.2(2). (CSCdk48841)
•In some cases, attempts to set the primary VMPS server using SNMP fail.
Workaround: Set the primary VMPS server using the CLI.
This problem is resolved in software release 5.2(1). (CSCdm31717)
•The clear log command does not clear the exception log for the Network Analysis Module (WS-X5380). (CSCdm32798)
•Enabling UplinkFast increases the portcost of Token Ring modules by 3000.
Workaround: Reconfigure the portcost on Token Ring modules to the desired value after enabling UplinkFast on the switch.
This problem is resolved in software release 5.2(1). (CSCdm39080)
•On certain modules, due to the manner in which the software polls the port for packet totals, the output of the show mac command might report an incorrect value (0xFFFF FFFF FFFF FFFF - broadcasts - multicasts + total packets) for the Xmit-Unicast counter. The problem occurs when the total packets transmitted value reported is less than the total (multicast + broadcast) packets transmitted value. These switching modules are affected:
–WS-X5010—24-port 10BASE-T (Telco connector)
–WS-X5011—12-port 10BASE-FL MMF (ST connector)
–WS-X5013—24-port 10BASE-T (RJ-45 connector)
–WS-X5113—12-port 100BASE-TX (RJ-45 connector)
This problem is resolved in software release 5.2(1). (CSCdm25614)
•If you configure RMON alarm entries, if the value of the sampled alarmVariable overflows during the configured alarmInterval, alarmValue will be reported as a negative value. If the alarmValue is reported as a negative value, you can use the following calculation to determine the correct value: (alarmValue + 232-1). This problem is resolved in software release 5.2(1). (CSCdm27392)
•IP multicast MLS traffic is not transmitted out the ATM interface on the Catalyst 5000 family dual-PHY OC-12 ATM LANE/MPOA modules (WS-X5161 and WS-X5162). This problem does not occur if you are running ATM module release 11.3(10)WA4(13) or 12.0(4a)W5(10) on the ATM module. This problem is resolved in software release 5.2(1). (CSCdm30413)
•If you attempt to form an EtherChannel between four ports on a Catalyst 5000 family switch and four ports on a Catalyst 6000 family switch, the Catalyst 6000 family switch might bundle the ports in such a manner that one of the ports is connected to an individual port on the Catalyst 5000 family switch, resulting in a spanning tree loop. In this case, ports are placed in the errdisable state.
Workaround: Remove the problem port on the Catalyst 6000 family switch from the EtherChannel administrative group.
This problem is resolved in software release 5.2(1). (CSCdm63203)
Resolved Caveats in Software Release 5.1(2b)
Note For a description of open caveats in software release 5.1(2b), see the "Open Caveats in Software Release 5.1(2b)" section.
This section describes caveats resolved in software release 5.1(2b):
•An error can occur with management protocol processing. Please use the following URL for further information:
http://www.cisco.com/pcgi-bin/bugtool/onebug.pl?bugid=CSCdw67458
This problem is resolved in software release 5.1(2b). (CSCdw67458)
Open and Resolved Caveats in Software Release 5.1(2a)
These sections describe the open and resolved caveats in supervisor engine software release 5.1(2a):
•Open Caveats in Software Release 5.1(2a)
•Resolved Caveats in Software Release 5.1(2a)
Open Caveats in Software Release 5.1(2a)
Note For a description of caveats resolved in software release 5.1(2a), see the "Resolved Caveats in Software Release 5.1(2a)" section.
This section describes open caveats in software release 5.1(2a).
•In some cases, power cycling or resetting the switch erases permanent CAM entries. The correct behavior is that permanent entries remain in the CAM through a power cycle or system reset.
Workaround: Reenter permanent entries after power cycling or resetting the switch.
This problem is resolved in software release 5.2(2). (CSCdm25544)
•You cannot clear a specific user-configured dynamic CAM entry using the clear cam mac_addr command.
Workaround: Clear all dynamic CAM entries using the clear cam dynamic command, or wait for the entry to age out (if no traffic from that address is received by the switch).
This problem is resolved in software release 5.2(2). (CSCdk48841)
•In some cases, attempts to set the primary VMPS server using SNMP fail.
Workaround: Set the primary VMPS server using the CLI.
This problem is resolved in software release 5.2(1). (CSCdm31717)
•The clear log command does not clear the exception log for the Network Analysis Module (WS-X5380). (CSCdm32798)
•Enabling UplinkFast increases the portcost of Token Ring modules by 3000.
Workaround: Reconfigure the portcost on Token Ring modules to the desired value after enabling UplinkFast on the switch.
This problem is resolved in software release 5.2(1). (CSCdm39080)
•On certain modules, due to the manner in which the software polls the port for packet totals, the output of the show mac command might report an incorrect value (0xFFFF FFFF FFFF FFFF - broadcasts - multicasts + total packets) for the Xmit-Unicast counter. The problem occurs when the total packets transmitted value reported is less than the total (multicast + broadcast) packets transmitted value. These switching modules are affected:
–WS-X5010—24-port 10BASE-T (Telco connector)
–WS-X5011—12-port 10BASE-FL MMF (ST connector)
–WS-X5013—24-port 10BASE-T (RJ-45 connector)
–WS-X5113—12-port 100BASE-TX (RJ-45 connector)
This problem is resolved in software release 5.2(1). (CSCdm25614)
•If you configure RMON alarm entries, if the value of the sampled alarmVariable overflows during the configured alarmInterval, alarmValue will be reported as a negative value. If the alarmValue is reported as a negative value, you can use the following calculation to determine the correct value: (alarmValue + 232-1). This problem is resolved in software release 5.2(1). (CSCdm27392)
•IP multicast MLS traffic is not transmitted out the ATM interface on the Catalyst 5000 family dual-PHY OC-12 ATM LANE/MPOA modules (WS-X5161 and WS-X5162). This problem does not occur if you are running ATM module release 11.3(10)WA4(13) or 12.0(4a)W5(10) on the ATM module. This problem is resolved in software release 5.2(1). (CSCdm30413)
•If you attempt to form an EtherChannel between four ports on a Catalyst 5000 family switch and four ports on a Catalyst 6000 family switch, the Catalyst 6000 family switch might bundle the ports in such a manner that one of the ports is connected to an individual port on the Catalyst 5000 family switch, resulting in a spanning tree loop. In this case, ports are placed in the errdisable state.
Workaround: Remove the problem port on the Catalyst 6000 family switch from the EtherChannel administrative group.
This problem is resolved in software release 5.2(1). (CSCdm63203)
Resolved Caveats in Software Release 5.1(2a)
Note For a description of open caveats in software release 5.1(2a), see the "Open Caveats in Software Release 5.1(2a)" section.
This section describes caveats resolved in software release 5.1(2a):
•In some cases, if you boot a switch with a user-defined TrCRF VLAN configured but no active end user ports or trunk ports in that TrCRF, an RSM VLAN interface in that TrCRF is not properly added to the parent TrBRF, preventing routing for the TrCRF.
Workaround: Do not define a TrCRF without active ports in the TrCRF, add the TrCRF to an active trunk port, add an active port to the TrCRF, or disable RSM autostate.
This problem is resolved in software release 5.1(2a). (CSCdm23217)
•If you delete the RMON alarmEntry or if you modify the alarmVariable of the RMON alarmEntry while that alarmVariable is being sampled, the switch might reset.
This problem is resolved in software release 5.1(2a). (CSCdm49575)
•In some cases, when you connect a port on the 24-port 10/100BASE-TX Fast Ethernet module (WS-X5225R) to an end station, the port might loop data back to itself. If spanning tree is disabled on the port, this problem can negatively affect switch performance. If spanning tree is enabled, the port is automatically disabled. You can verify that the problem is occurring, and identify the problem port, by entering the show cdp neighbors command and checking to see if the switch itself is listed as a neighbor.
Workaround: Disable and reenable the problem port.
This problem is resolved in software release 5.1(2a). (CSCdm26889)
•Under certain circumstances, an ISL packet can get corrupted in such a way that a blocked spanning tree port will forward the packet. The packet can get flooded again, leading to packet storms in certain network topologies.
This problem is resolved in software release 5.1(2a). (CSCdm34970)
•If you disconnect a Telnet session to the switch when the switch is at the "More" prompt (such as with show command output) or is waiting for user input (such as a "Yes/No" prompt), future Telnet sessions might stop accepting user input.
This problem is resolved in software release 5.1(2a). (CSCdk83562)
•If you enable both UplinkFast and protocol filtering on the switch, when a spanning tree topology change occurs that activates UplinkFast, UplinkFast multicast frames (using destination MAC address 0x0100 0CCD CDCD) might be transmitted on access ports.
Workaround: Do not use UplinkFast if protocol filtering is enabled.
This problem is resolved in software release 5.1(2a). (CSCdm31699)
•After entering the configure network command, do not interrupt the configuration using Control-C. You might prevent the current command from completely executing, causing unexpected results.
This problem is resolved in software release 5.1(2a). (CSCdm27473)
•If you enable GMRP on the switch, the Layer 2 multicast table entry required for MLS to receive MLSP messages is removed, preventing MLSP control traffic from being exchanged between the MLS-SE and the MLS-RP.
Workaround: Make sure the MLS management interface is in the same VLAN as the switch in-band (sc0) interface (MLSP messages are flooded on the MLS management VLAN). Alternately, you can disable and reenable both IP and IPX MLS after you enable GMRP on the switch. However, this workaround must be repeated each time you reset the switch.
This problem is resolved in software release 5.1(2a). (CSCdm51500)
•On certain supervisor engine Gigabit Ethernet uplink ports, if there is no unicast traffic through the ports (for example, if the ports are trunking), the output of the show mac command returns an incorrect value for the Rcv-Unicast and Xmit-Unicast counters. These supervisor engine modules are affected:
–Supervisor Engine II G (WS-X5540) with dual-port 1000BASE-SX MMF (WS-U5534-GESX) or dual-port 1000BASE-LX/LH MMF/SMF (WS-U5536-GELX) uplink module
–Supervisor Engine III G (WS-X5550)
This problem is resolved in software release 5.1(2a). (CSCdm42255)
•Autonegotiation between Sun 10/100 NICs and certain Catalyst 5000 family modules (such as the WS-X5225R) might result in speed and or duplex mismatches under certain conditions. The problem typically occurs after you reset the module or you disable and reenable the switch port.
Workaround: Disconnect and reconnect the cable connecting the workstation to the switch port.
This problem is resolved in software release 5.1(2a). (CSCdm51653)
•In some situations, the "RxBPDUThresholdDrop" counter does not show the actual number of dropped frames.
This problem is resolved in software release 5.1(2a). (CSCdm56862)
•When you configure a port with a connected workstation as the SPAN destination port (with the inpkts option enabled) for a SPAN source port configured as a VLAN trunk, attempts to ping other devices in the network from the workstation fail.
This problem is resolved in software release 5.1(2a). (CSCdm48998)
Open Caveats in Software Release 5.1(1)
This section describes open caveats in software release 5.1(1).
•If you disconnect a Telnet session to the switch when the switch is at the "More" prompt (such as with show command output) or is waiting for user input (such as a "Yes/No" prompt), future Telnet sessions might stop accepting user input. This problem is resolved in software release 5.1(2a). (CSCdk83562)
•In some cases, power cycling or resetting the switch erases permanent CAM entries. The correct behavior is that permanent entries remain in the CAM through a power cycle or system reset.
Workaround: Reenter permanent entries after power cycling or resetting the switch.
This problem is resolved in software release 5.2(2). (CSCdm25544)
•If you enable both UplinkFast and protocol filtering on the switch, when a spanning tree topology change occurs that activates UplinkFast, UplinkFast multicast frames (using destination MAC address 0x0100 0CCD CDCD) might be transmitted on access ports.
Workaround: Do not use UplinkFast if protocol filtering is enabled.
This problem is resolved in software release 5.1(2a). (CSCdm31699)
•You cannot clear a specific user-configured dynamic CAM entry using the clear cam mac_addr command.
Workaround: Clear all dynamic CAM entries using the clear cam dynamic command, or wait for the entry to age out (if no traffic from that address is received by the switch).
This problem is resolved in software release 5.2(2). (CSCdk48841)
•In some cases, attempts to set the primary VMPS server using SNMP fail.
Workaround: Set the primary VMPS server using the CLI.
This problem is resolved in software release 5.2(1). (CSCdm31717)
•After entering the configure network command, do not interrupt the configuration using Control-C. You might prevent the current command from completely executing, causing unexpected results.This problem is resolved in software release 5.1(2a). (CSCdm27473)
•The clear log command does not clear the exception log for the Network Analysis Module (WS-X5380). (CSCdm32798)
•Enabling UplinkFast increases the portcost of Token Ring modules by 3000.
Workaround: Reconfigure the portcost on Token Ring modules to the desired value after enabling UplinkFast on the switch.
This problem is resolved in software release 5.2(1). (CSCdm39080)
•On certain modules, due to the manner in which the software polls the port for packet totals, the output of the show mac command might report an incorrect value (0xFFFF FFFF FFFF FFFF - broadcasts - multicasts + total packets) for the Xmit-Unicast counter. The problem occurs when the total packets transmitted value reported is less than the total (multicast + broadcast) packets transmitted value. These switching modules are affected:
–WS-X5010—24-port 10BASE-T (Telco connector)
–WS-X5011—12-port 10BASE-FL MMF (ST connector)
–WS-X5013—24-port 10BASE-T (RJ-45 connector)
–WS-X5113—12-port 100BASE-TX (RJ-45 connector)
This problem is resolved in software release 5.2(1). (CSCdm25614)
•On certain supervisor engine Gigabit Ethernet uplink ports, if there is no unicast traffic through the ports (for example, if the ports are trunking), the output of the show mac command returns an incorrect value for the Rcv-Unicast and Xmit-Unicast counters. These supervisor engine modules are affected:
–Supervisor Engine II G (WS-X5540) with 2-port 1000BASE-SX MMF (WS-U5534-GESX) or 2-port 1000BASE-LX/LH MMF/SMF (WS-U5536-GELX) uplink module
–Supervisor Engine III G (WS-X5550)
This problem is resolved in software release 5.1(2a). (CSCdm42255)
•If you configure RMON alarm entries, if the value of the sampled alarmVariable overflows during the configured alarmInterval, alarmValue will be reported as a negative value. If the alarmValue is reported as a negative value, you can use the following calculation to determine the correct value: (alarmValue + 232-1). This problem is resolved in software release 5.2(1). (CSCdm27392)
•IP multicast MLS traffic is not transmitted out the ATM interface on the Catalyst 5000 family dual-PHY OC-12 ATM LANE/MPOA modules (WS-X5161 and WS-X5162). This problem does not occur if you are running ATM module release 11.3(10)WA4(13) or 12.0(4a)W5(10) on the ATM module. This problem is resolved in software release 5.2(1). (CSCdm30413)
•If you enable GMRP on the switch, the Layer 2 multicast table entry required for MLS to receive MLSP messages is removed, preventing MLSP control traffic from being exchanged between the MLS-SE and the MLS-RP.
Workaround: Make sure the MLS management interface is in the same VLAN as the switch in-band (sc0) interface (MLSP messages are flooded on the MLS management VLAN). Alternately, you can disable and reenable both IP and IPX MLS after you enable GMRP on the switch. However, this workaround must be repeated each time you reset the switch.
This problem is resolved in software release 5.1(2a). (CSCdm51500)
Usage Guidelines, Restrictions, and Troubleshooting
These sections provide usage guidelines, restrictions, and troubleshooting information for Catalyst 5000 family switch hardware and software:
•System and Supervisor Engine
•Modules and Switch Ports
•Transceivers
•Spanning Tree
•VTP, VLANs, and VLAN Trunks
•EtherChannel
•SPAN
•Multicast
•Network Analysis Module and TrafficDirector
•CiscoView Images
System and Supervisor Engine
This section contains usage guidelines, restrictions, and troubleshooting information that apply to the supervisor engine and to the switch at the system level.
•There is an NVRAM limitation on the Supervisor Engine II. The Supervisor Engine II might run out of NVRAM space if there are more than 200 ports (approximately) in the system and each module possesses a non-default configuration. There is no software workaround. We recommend upgrading to the Supervisor Engine II G, Supervisor Engine III, or to a Catalyst 6000 family switch.
•If no COPS policies are defined on the COPS server and a Catalyst 5000 family switch attempts to make a COPS DS connection to the COPS server, local QoS policies will be applied.
Workaround: Define COPS DS policies on the COPS server before attempting to connect devices to it.
•The set/clear cops domain-name commands might close Telnet sessions to the supervisor engine. When the set cops domain-name command is run over a Telnet session to the supervisor engine, the Telnet session might terminate with a "connection lost" message. This could also happen with commands such as set qos enable/disable or set/clear port cops roles if the QoS policy source is set to COPS.
•The following restrictions apply to the CWI (Catalyst Web Interface) on the Catalyst 5000 family switches:
–CWI support is available for Supervisor Engine III (WS-X5530) only.
–Because the CWI image is greater than 8 MB in size, you will need to download the image to the PCMCIA card since it will not fit on the bootflash. You must also manually synchronize the CWI image to the redundant supervisor.
–CWI does not support the RSM.
–CWI requires Java Plug-in 1.2.2 to be installed on the client.
•If you attempt to boot a Catalyst 5000 family switch and the switch generates continuous MCP exception errors (and possibly fails to boot), make sure that the supervisor engine has the correct software version for all of the hardware in your configuration. For information on the minimum and recommended software versions for Catalyst 5000 family hardware, see the "Product and Software Version Support Matrix" section.
Caution Before powering up a Catalyst 5500 (WS-C5500) switch with redundant power supplies, install at least two modules in the chassis. If you power up a Catalyst 5500 switch with redundant power supplies with less than two modules installed, the red OUTPUT FAIL LED on one of the power supplies might light, even though the supply is not faulty.
•After downloading a new Flash image, the next reboot might take longer than normal if Erasable Programmable Logic Devices (EPLDs) on the supervisor engine module need to be reprogrammed. Whether this happens depends on which software version was running on the supervisor engine module before the download and which software version is downloaded. This can add up to 15 minutes to the normal reboot time the first time you reboot with the new image.
•The Catalyst 5500 series switches support redundant supervisor engine modules. Redundant supervisor engines must be the same type (for example, both Supervisor Engine IIs or both Supervisor Engine IIIs). You can use any combination of Supervisor Engine III and III F modules in a redundant configuration provided the feature card on both modules is the same (both EARL1+, both NFFC, or both NFFC II).
•The Supervisor Engine II G supports the following uplink modules:
–4-port 10/100BASE-TX with RJ-45 MDIX interfaces (WS-U5537-FETX)
–4-port 100BASE-FX Fast EtherChannel MMF (WS-U5538-FEFX-MMF)
–2-port 1000BASE-SX MMF (WS-U5534-GESX)
–2-port 1000BASE-LX/LH MMF/SMF (WS-U5536-GELX)
•After initiating a switchover from the active supervisor engine to the redundant supervisor engine, or when inserting a redundant supervisor engine in an operating switch, always wait until the supervisor engines have synchronized and all modules are online before removing or inserting modules or supervisor engines, or performing another switchover.
•Under certain conditions, inserting a second supervisor engine module into a running Catalyst 5500 switch might cause the switch to reset.
•In supervisor engine software release 5.2 and later, the show config, write terminal, and copy config commands return only the non-default configuration (that is, only commands entered that change the default configuration are displayed). Use the all keyword to display both the default and non-default configuration (for example, show config all).
•If you need to download configuration files to many switches in a network topology with redundant EtherChannel links, download the configuration at each switch manually using the configure network command. Otherwise, in some situations, a broadcast storm can occur.
•Under certain conditions, Clock Module:B is Active after boot. This situation does not indicate any failure of Clock Module:A. It is related to fluctuations in the boot sequence that select Clock Module:B over Clock Module:A. All standard error query and notification processes accurately reflect the status of the primary and standby clock modules.
•If your configuration produces thousands of CAM entries, ensure that your screen length is set to a value greater than 0 before entering the show cam dynamic command.
•The LrnDiscard counter (displayed by entering the show mac command) indicates the number of times a CAM entry is replaced with a newly learned address when the CAM table is full. The counter value is not maintained for each port; instead, the value is maintained for the entire switch.
•The CLI command show cam dynamic and the SNMP query "getmany community@vlan dot1dTpFdbAddress" are sometimes out of sync.
•The set port qos and show port qos commands have extraneous output in the display. This is cosmetic and does not affect operation. (CSCdr74527)
Modules and Switch Ports
This section contains usage guidelines, restrictions, and troubleshooting information that apply to modules and switch ports.
•On a Catalyst 5000 family switch running 5.5(15) or later with a Supervisor Engine 3 and an ATM module (WS-X5158), some VLANs communicating over the ATM trunk will not pass broadcast or unknown unicast traffic. Communication is restored between the hosts when you configure static ARPs on an IP host that has lost connectivity with another IP host. (CSCdx73126)
•On Catalyst 5500 switches with a Supervisor Engine III and NFFC, to avoid a broadcast storm, do not insert a WS-X5030 Token Ring module in slots 9 through 12 while the switch is in service. Reset the switch after inserting a WS-X5030 Token Ring module in slots 9 through 12. (CSCdk67305)
•Hardware restrictions in the WS-X5201 and WS-X5203 modules prevent the Ethernet Bundle Controller from forming channels with ports 3 and 4 if ports 1 and 2 are not included. As a result, the following restriction on the construction of circular topologies using the WS-X5201 and WS-X5203 modules applies to software release 5.2.(2):
To construct a circular topology with channels using three or more switches, the circularity must be broken in the way the WS-X5201 and WS-X5203 modules are wired. For example, instead of using this topology:
B[3,4]—C[1,2] and C[3,4]—D[1,2],
use:
B[3,4]—C[3,4] and C[1,2]—D[1,2].
Failure to modify the topology as suggested above may result in all four channels not being formed. (CSCdp30971)
•To avoid software timeouts on end stations that use IPX, DHCP, or BOOTP, use the following configuration on ports connected to such end stations:
–Spanning-tree PortFast enabled
–Trunking off
–Channeling off
In supervisor engine software release 5.2 and later you can use the set port host command to optimize the port configuration for host connections. This command automatically enables PortFast and sets the trunking and channeling modes to off.
In software releases prior to release 5.2, you can optimize the port configuration for host connections as follows:
–Use the set spantree portfast mod_num/port_num enable command to enable PortFast on a port.
–Use the set trunk mod_num/port_num off command to disable trunking on a port.
–Use the set port channel port_list off command to disable channeling on a port.
Note You must specify a valid port range when entering the set port channel command. You cannot specify a single port.
This example shows how to configure a port for end station connectivity using the set port host command:
Console> (enable) set port host 2/1
Warning: Span tree port fast start should only be enabled on ports connected to a
single host. Connecting hubs, concentrators, switches, bridges, etc. to a fast start
port can cause temporary spanning tree loops. Use with caution.
Spantree port 2/1 fast start enabled.
Port(s) 2/1 trunk mode set to off.
Port(s) 2/1 channel mode set to off.
This example shows how to manually configure a port for end station connectivity:
Console> (enable) set spantree portfast 2/2 enable
Warning: Spantree port fast start should only be enabled on ports connected
to a single host. Connecting hubs, concentrators, switches, bridges, etc. to
a fast start port can cause temporary spanning tree loops. Use with caution.
Spantree port 2/2 fast start enabled.
Console> (enable) set trunk 2/2 off
Port(s) 2/2 trunk mode set to off.
Console> (enable) set port channel 2/1-2 off
Port(s) 2/1-2 channel mode set to off.
•If you plan to use the Gigabit EtherChannel module (WS-X5410) with Supervisor Engine II or in a Catalyst 5000 chassis, use supervisor engine software release 4.3(1) or later in conjunction with Gigabit EtherChannel module software release 4.3(1) or later. This hardware was not fully tested with the Gigabit EtherChannel module in earlier releases. The Gigabit EtherChannel module is supported in the Catalyst 5500 series chassis with a Supervisor Engine III module in software release 4.2(1) and later.
•A maximum of seven ATM modules or RSMs, in any combination, can be installed in a Catalyst 5500 or 5509 switch.
Caution If you plan to run both the Ethernet LANE software and the Token Ring LANE software, you must run them on separate ATM LANE modules.
•When inserting a module into a Catalyst 5000 family chassis, be sure to use the ejector levers on the front of the module to seat the backplane pins properly. Incorrectly inserting a module can cause unexpected behavior. For proper module installation instructions, refer to the Catalyst 5000 Series Module Installation Guide.
•When you replace a module (other than the supervisor engine module) with a module of a different type, or when you insert a module (other than the supervisor engine module) in an empty slot, enter the command clear config mod_num to clear the module configuration information in the supervisor engine module and obtain the correct spanning tree parameters.
•If a module fails to come online, reset the module by entering the reset mod_num command.
•On a Catalyst 5000 family switch with a Supervisor Engine II, if you attempt to download a new supervisor engine software image file before one or more modules come online, those modules might fail to come online. After the download is complete and you reset the switch, the modules should come online correctly.
•If a port fails the physical-medium-dependent (PMD) loopback test (port LED is flashing orange) after the Catalyst 5000 family switch is reset, you must reset the affected module to recover.
•If the Catalyst 5000 family switch detects a port-duplex misconfiguration, the misconfigured switch port is disabled and placed in the "errdisable" state. Reconfigure the port-duplex setting and use the set port enable command to reenable the port.
•In Catalyst 5000 family supervisor engine software release 3.2(2) and later, when the 48-port 10BASE-T Telco module (WS-X5012) detects excessive or late collisions on a port, that port is automatically disabled. The show port command output shows the state of the disabled port as "errdisable."
These errors can occur when there is a port-duplex misconfiguration (both ends of the link are not configured for the same duplex mode) or when the attached cable is not to specification (too long or of the wrong type). If a port has been automatically disabled, make sure the duplex configuration is the same on both ends of the link, verify that the cable is within specification, and then reenable the port using the set port enable command.
•If you have a port whose port speed is set to auto connected to another port whose speed is set to a fixed value, configure the port whose speed is set to a fixed value for half duplex. Alternately, you can configure both ports to a fixed-value port speed and full duplex.
•If you connect an end station to a 10/100-Mbps port configured to autonegotiate port speed, and the port enters spanning tree blocking mode (as reported by the show spantree command), configure a fixed speed on the port (either 10-Mbps or 100-Mbps, depending on the speed supported on the end station NIC).
•If the link state of a port connected to an end station with a Xircom CE2 PC card (PCMCIA) NIC toggles up and down, make sure you install the latest Xircom drivers for the NIC and disable auto-polarity on the NIC.
•Whenever you connect a Catalyst 5000 family port that is set to autonegotiate to an end station or another networking device, make sure that the other device is configured for autonegotiation as well. If the other device is not set to autonegotiate, the Catalyst 5000 family port will remain in half-duplex mode, which can cause a duplex mismatch resulting in packet loss, late collisions, and line errors on the link.
•The show mac command displays the InDiscard counter value as zero, instead of the actual counter value for Ethernet ports. (The InDiscard counter tracks the number of frames that the Catalyst 5000 family switch discards because the frames were destined for the local segment.)
•Under certain conditions, etherHistoryUtilization is not reported correctly if the counter value wraps between the two consecutive samples.
Workaround: Reduce the sample interval.
•Under heavy traffic conditions, and with a duplex mismatch between connected ports, the following Catalyst 5000 family modules might transmit frames with bad CRC values:
–48-port 10BASE-T Telco Ethernet module (WS-X5012)
–48-port 10BASE-T Telco Ethernet module (WS-X5012A)
–2-slot, 48-port 10BASE-T RJ-45 Ethernet module (WS-X5014)
•If you are using FDDI modules in your Catalyst 5000 family switch, we recommend that you run FDDI software release 2.1(7) or later.
•If both PHY ports on an FDDI module are connected, you should disable and reenable them together. If you disable and reenable only one port, a broadcast storm might result.
•Serial download is supported for downloading Flash code to the supervisor engine module, but not to the switching modules.
•In some instances, when using the autonegotiating functions of either the WS-X5213 or WS-X5213A 10/100-Mbps Fast Ethernet 12-port switching modules to connect to another autonegotiating Ethernet or Fast Ethernet device over a cable distance of 98 to 131 feet (30 to 40 meters), the duplex mode and port speed might be incorrectly negotiated. In this case, the link between the devices cannot be established. To recover from this situation, manually set the port speed and duplex mode manually.
•Alignment and frame check sequence (FCS) errors are detected when 3Com 3c595 and 3c905 cards are attached to a Catalyst 5000 family switch. (CSCdj01465)
•You cannot disable an ATM module by entering the set module disable command.
Workaround: Session to the ATM module and shut down the ATM interface using the shutdown interface configuration command.
•If you have an LECS or LES/BUS configured on an ATM module and you replace the supervisor engine module (on Catalyst 5000 series switches only) or move the ATM module from one slot to another, the ATM addresses (NSAPs) are modified. Be sure to update the LECS database configuration with the new NSAP values.
•ATM modules do not generate link up/down traps.
•UplinkFast is not supported over ATM.
•In a 10BASE-2 network, incorrect termination can cause the port to hang. To recover, disable and then reenable the port.
•Do not enable protocol filtering on the switch if you have configured port security on any ports and set the violation mode to restrict. There is no restriction if the violation mode is set to shutdown (you can enable protocol filtering on the switch).
•The following restrictions apply when configuring port security:
–You cannot configure dynamic, static, or permanent CAM entries on a secure port.
–When you enable port security on a port, any static or dynamic CAM entries associated with the port are cleared; any currently configured permanent CAM entries are treated as secure.
•If you configure a secure port in restrictive mode, and a station is connected to the port whose MAC address is already configured as a secure MAC address on another port on the switch, the port in restrictive mode will shut down rather than restrict traffic from that station. For example, if you configure MAC-1 as the secure MAC address on port 2/1 and MAC-2 as the secure MAC address on port 2/2, if you then connect the station with MAC-1 to port 2/2 when port 2/2 is configured for restrictive mode, port 2/2 will shut down instead of restricting traffic from MAC-1.
Transceivers
This section contains usage guidelines, restrictions, and troubleshooting information that apply to transceivers.
•If you experience trouble with a port that has an MII transceiver attached to it, check that the transceiver jumpers are set properly.
•If an MII transceiver is plugged in at an angle, the Catalyst 5000 family switch might stop transmitting data. To recover, reseat the MII transceiver so that it is not seated at an angle. If the Catalyst 5000 family switch still cannot transmit data, disable and then reenable the port.
•If you are using MII transceivers, make sure that you are using compliant MII transceivers. Enter the show portreg command for each MII port to ensure that the value 2100 appears in the first column of output, as shown in the following example:
Console> (enable) show portreg 1/1
Port/PHY registers for 1/1
0x00: 2100 780F 2000 5C00 0081 0000 0000 0000
If you see a value of 0xffff instead of 2100, do not use the MII transceiver. An MII transceiver whose value is set to 0xffff can prevent the Catalyst 5000 family switch from receiving on this MII port, which can cause spanning tree loops.
Check the Disconnect Counter Register (DCR) and the False Carrier Sense Counter Register (FCSCR). These registers should remain at 0 (except for the moment at which the link comes up). A value other than 0 indicates a physical layer problem (most likely a problem with the transceiver).
Spanning Tree
The Spanning Tree Protocol (STP) blocks certain ports to prevent physical loops in a redundant topology. On a blocked port, the Catalyst 5000 family switch receives spanning tree bridge protocol data units (BPDUs) periodically from neighboring Layer 2 devices. You can configure the frequency with which BPDUs are received by entering the set spantree hello command (the default frequency is set to two seconds). If a Catalyst 5000 family switch does not receive a BPDU in the time period defined by the set spantree maxage command (20 seconds by default), the blocked port transitions to the listening state, the learning state, and to the forwarding state. As it transitions, the Catalyst 5000 family switch waits for the time period specified by the set spantree fwddelay command (15 seconds by default) in each of these intermediate states. Therefore, a blocked spanning tree port moves into the forwarding state if it does not receive BPDUs from its neighbor within approximately 50 seconds.
This section contains usage guidelines, restrictions, and troubleshooting information that apply to spanning tree.
•If the Spanning Tree Protocol parameters are reduced in value, ensure that the number of instances Spanning Tree Protocol are also reduced proportionally in order to avoid spanning tree loops in the network.
•Ensure that the total number of logical ports across all instances of spanning tree for different VLANs does not exceed the maximum number supported for each supervisor engine type and memory configuration.
You can use the show spantree summary command and this formula to compute the sum of logical ports on the switch:
(number of non-ATM trunks on the switch * number of active VLANs on that trunk)
+ (number of ATM trunks on the switch * number of active VLANs on that trunk * 2)
+ number of nontrunking ports on the switch
The sum of all logical ports, as calculated with the formula above, should be less than or equal to:
–1500 for Supervisor Engine II and III F
–1800 for Supervisor Engine II G and III G
–4000 for Supervisor Engine III
Caution If you enable numerous memory-intensive features concurrently (such as VTP pruning, VMPS, EtherChannel, and RMON), or if there is switched data traffic on the management VLAN, the maximum number of supported logical ports is reduced.
Note Count each port in an EtherChannel port bundle independently (do not count the bundle as a single port).
•A Catalyst family switch should be the root for all VLANs, especially VLAN 1. In order to recover from an extended broadcast storm caused by a faulty device in a network, Catalyst family switches reset blocked ports. To ensure recovery, all Catalyst family switches in the network should perform this function at the same time by sending synchronization packets on VLAN 1. These synchronization packets are only sent by a Catalyst family switch if it is the root bridge.
•Use the most-powerful possible supervisor engine version for the root node (for example, Supervisor Engine III instead of Supervisor Engine II).
•On a switch with Supervisor Engine II G or III G, or Supervisor Engine III or III F with an NFFC or NFFC II, you cannot enable or disable spanning tree on a per-VLAN basis. You must enable or disable spanning tree on every VLAN using the set spantree enable all and set spantree disable all commands.
•Disabling spanning tree on the native VLAN of an IEEE 802.1Q trunk can potentially cause spanning tree loops. We recommend that you leave spanning tree enabled on the native VLAN of an 802.1Q trunk. If you plan to disable spanning tree in an 802.1Q environment, disable spanning tree on every VLAN in the network and ensure a loop-free topology exists.
•Use these commands to monitor blocked spanning tree ports:
–show port—Check to see if the port has registered a lot of alignment, FCS, or any other type of line errors. If these errors are incrementing continuously, the port might drop input BPDUs.
–show mac—If the Inlost counter is incrementing continuously, the port is losing input packets because of a lack of receive buffers. This problem can also cause the port to drop incoming BPDUs.
•On a blocked spanning tree port, make sure that the Rcv-Frms and Rcv-Multi counters are incrementing continuously. If the Rcv-Frms counter stops incrementing, the port is not receiving any frames, including BPDUs. If the Rcv-Frms counter is incrementing but the Rcv-Multi counter is not, then this port is receiving non-multicast frames but is not receiving BPDUs.
•On a blocked spanning tree port, check the duplex configuration to ensure that the port duplex is set to the same type as the port of the neighboring device.
•On trunk ports, make sure that the trunk configuration is set properly on both sides of the link.
•On trunk ports, make sure that the duplex is set to full on both sides of the link to prevent any collisions under heavy traffic conditions.
•Do not use spanning tree PortFast on a trunk port. Although the show spantree command displays PortFast as enabled on a trunk port, PortFast has no effect on trunk ports.
•IEEE STP between a Cisco router and Catalyst 5000 family ATM LANE module over RFC 1483 PVCs does not function properly.
•Spanning tree convergence on 802.1Q trunks on a switch with a large number of active VLANs (several hundred) can be delayed up to several minutes.
VTP, VLANs, and VLAN Trunks
This section contains usage guidelines, restrictions, and troubleshooting information that apply to VTP, VLANs, and VLAN trunks.
•When traffic is transmitted over an ISL trunk, the output from the show mac command shows transmitted unicast and broadcast packets as multicast packets. (CSCdm32224)
•Although the Dynamic Trunk Protocol (DTP) is a point-to-point protocol, some internetworking devices might forward DTP frames. To avoid connectivity problems, follow these guidelines:
–For ports connected to non-Catalyst family devices in which trunking is not being used, configure trunk-capable Catalyst 5000 family switch ports to off by entering the set trunk mod_num/port_num off command.
–When trunking to a Cisco router, use the set trunk mod_num/port_num nonegotiate command. The nonegotiate keyword transitions a link into trunking mode without sending DTP frames.
•With Cisco IOS software release 12.0(1a)W5(6b) or earlier, the Catalyst 8510 campus switch router (CSR) does not process untagged packets (packets on the native VLAN) received on an IEEE 802.1Q trunked interface (all such packets are dropped). If you configure Catalyst 8510 CSR subinterfaces to trunk using 802.1Q encapsulation, traffic cannot be carried successfully on the native VLAN for the trunk configured on the Catalyst 5000 family switch.
Workaround: Create an unused VLAN and assign that VLAN as the native VLAN for the 802.1Q trunk on the Catalyst 5000 family switch. Verify the native VLAN assignment for the trunk using the show trunk command.
This problem is tracked as a defect against the Catalyst 8510 CSR software (CSCdk77676) and is resolved in IOS release 12.0(1a)W5(6e).
•A VTP transparent switch with no VTP domain name configured might not relay VTP requests received from VTP client and server switches. Therefore, VTP client and server switches might not synchronize if they are separated by a VTP transparent switch with no domain name configured.
Workaround: Configure a VTP domain name on the VTP transparent switch.
•If you disconnect the link between trunk ports with 100 or more active VLANs, one of the ports might fail to become a non-trunk port and an error message might be generated. When you reconnect the link, the trunk might not re-form. In this situation, disconnect and reconnect the link until the trunk comes up. (CSCdm60737)
EtherChannel
This section contains usage guidelines, restrictions, and troubleshooting information that apply to Fast and Gigabit EtherChannel.
•When using Fast EtherChannel, if a "SPANTREE-2: Channel misconfig - x/x-x will be disabled" or similar syslog message is displayed, it indicates a mismatch of Fast EtherChannel modes on the connected ports. We recommend that you correct the configuration and reenable the ports by entering the set port enable command. Valid EtherChannel configurations include:
Port Channel Mode
|
Valid Neighbor Port Channel Modes
|
desirable
|
desirable or auto
|
auto
|
desirable or auto1
|
on
|
on
|
off
|
off
|
•If you are using media-independent interface (MII) connectors, Fast EtherChannel does not work on the 100BASE-TX, RJ-45 supervisor engine module (WS-X5509).
•With a large number of channels, trunks, or VLANs, or a change of channel configuration (for example, off to auto), or upon Fast EtherChannel module reboot, ports might take up to five minutes to form a channel and to participate in spanning tree. (During this interval, the port does not appear in show spantree command output.) If it takes more than ten minutes for a channel to form and appear on spanning tree, disable and reenable the ports. In addition, it might take up to two minutes to unbundle a channel after changing the channel mode.
SPAN
This section contains usage guidelines, restrictions, and troubleshooting information that apply to the Switch Port Analyzer (SPAN).
•Incoming traffic on the SPAN destination port is disabled by default. You can enable it using the set span command with the inpkts enable keywords. However, while the port receives traffic for its assigned VLAN, it does not participate in spanning tree for that VLAN. To avoid creating spanning tree loops with incoming traffic enabled, assign the SPAN destination port to an unused VLAN.
•A SPAN destination port receives flooded unicasts and broadcasts for the VLAN of the source SPAN port.
•The RSM does not support SPAN.
Multicast
This section contains usage guidelines, restrictions, and troubleshooting information that apply to multicast protocols and traffic on the switch.
•Due to a conflict with the Hot Standby Router Protocol (HSRP), Cisco Group Management Protocol (CGMP) leave processing is disabled by default.
To enable CGMP leave processing, enter the set cgmp leave enable command.
Note If both HSRP and CGMP leave processing are enabled, you might experience some unicast packet flooding.
•When you enable CGMP and IP multicast MLS on the switch, the multicast flow is not multilayer switched in these situations:
–If the multicast source is not directly attached to the switch and belongs to a transit VLAN (that is, a VLAN with no multicast receivers present), then multicast flows for that source are not multilayer switched because the switch cannot create an entry in the Layer 2 multicast forwarding table.
–If the path to a multicast receiver is through a transit VLAN, the multicast flow to that receiver is not multilayer switched. However, the traffic is still software forwarded to the receiver, and traffic for receivers not reached through a transit VLAN are still multilayer switched.
Note These problems do not occur if IGMP snooping is enabled on the switch, even if some of the MLS-RP router interfaces are configured for CGMP in order to support downstream Cisco switches that support only CGMP.
•When CGMP leave processing is enabled, the Catalyst 5000 family switch learns router ports through PIM-v1, HSRP, and CGMP self-join messages. When CGMP leave processing is disabled, the Catalyst 5000 family switch learns router ports through CGMP self-join messages only.
•CGMP does not prune multicast traffic for any IP multicast address that maps to the MAC address range of 01-00-5E-00-00-00 to 01-00-5E-00-00-FF. The reserved IP multicast addresses, in the range 224.0.0.0 to 224.0.0.255, are used to forward local IP multicast traffic in a single Layer 3 hop.
Network Analysis Module and TrafficDirector
This section contains usage guidelines, restrictions, and troubleshooting information that apply to the Network Analysis Module (WS-X5380), including important caveats tracked against the TrafficDirector application.
•Using the TrafficDirector Data Capture tool with slice sizes greater than 1500 bytes might cause data collected by RMON2 to be lost. (CSCdm22949)
•TrafficDirector 5.6.1 does not set the Roving destination port correctly on the agent when the Configuration Manager Rove function is used. (CSCdm27588)
•In some cases, TrafficDirector 5.5.1 fails to configure the SNMP agent with the Property File configuration even though the application reports the configuration was successful. (CSCdm32749)
CiscoView Images
This section contains usage guidelines, restrictions, and troubleshooting information that applies to CiscoView (CV) images:
•The supported client platform/browser/plugin versions to launch embedded CiscoView are as follows:
Client Platform
|
Web Browser
|
Java Plug-in
|
Solaris 2.6/2.7
|
Netscape Communicator 4.7
|
Java Plug-in 1.3.0 (JRE 1.3.0)
|
Windows NT 4.0 or Windows 2000
|
Internet Explorer 5.5 or Netscape Communicator 4.7
|
Java Plug-in 1.3.0-C (JRE 1.3.0)
|
Note Java Plug-in versions 1.3.0_01 and 1.3.0_02 do not work.
•The digital security certificate that is used to sign the Java classes in supervisor engine software release 5.5(8a) will be valid until May 19th 2002. After the expiration date, if embedded CiscoView cannot be launched or an Access Control Error occurs, upgrade to the latest supervisor engine image available at that time or upgrade the plugin/browser on the client machine.
Documentation Updates for Software Release 5.2
This section describes caveats for the Catalyst 5000 family software release 5.2 documentation. These changes will be included in the next update to the documentation.
•The printed version of the Command Reference for software release 5.2 incorrectly includes the show tech-support command. This command is not supported in software release 5.2.
Documentation Updates for Software Release 5.1
This section describes caveats for the Catalyst 5000 family software release 5.1 documentation. These changes will be included in the next update to the documentation.
•The May 1999 Catalyst 5000 Series Supervisor Engine Installation Guide incorrectly states that the Supervisor Engine II G supports the following uplink modules:
–WS-U5531-FETX
–WS-U5533-FEFX-MMF
–WS-U5535-FEFX-SMF
The Supervisor Engine II G does not support these uplink modules.
•In the Software Configuration Guide for software release 5.1, the "Software and Hardware Requirements" sections in the "Configuring IP MLS," "Configuring IP Multicast MLS," and "Configuring IPX MLS" chapters mention Cisco IOS release 12.0(3a)W5(8). In all cases, the correct version number is 12.0(3c)W5(8).
•In the Software Configuration Guide for software release 5.1, the "Configuring IP MLS" chapter states that input access lists are not supported with IP MLS. Input access lists are supported with IP MLS in Cisco IOS release 12.0(2) and later.
•In the Software Configuration Guide for software release 5.1, the "Configuring IP MLS" chapter states that policy routing is not supported with IP MLS. Policy routing is supported with IP MLS in Cisco IOS release 12.0(3) and later. Enter the [no] mls rp ip route-map global configuration command to allow policy routing in conjunction with IP MLS. However, IP MLS cannot function on interfaces configured to policy route based on packet length.
•In the Software Configuration Guide and the Command Reference for software release 5.1, the set qos ip-filter command syntax is incorrect. The proper command syntax is:
set qos ip-filter cos {src_ip_addr_spec} {dest_ip_addr_spec} [before ACE# | modify ACE#]
set qos ip-filter cos protocol {src_ip_addr_spec} {src_port} {dest_ip_addr_spec} {dest_port) [before ACE# | modify ACE#]
•In the Command Reference for software release 5.1, the description for the set port qos cos command is incorrect. The description states, "Use the set port qos cos command to set the CoS value for unclassified frames from trusted ports and all frames from untrusted ports." The correct description is, "Use the set port qos cos command to set the CoS value for all unclassified frames."
•In the Software Configuration Guide and the Command Reference for software release 5.1, the screen output for the show qos ip command shows "both" as a possible value in the Protocol field. The command actually displays "any," not "both."
•In the Software Configuration Guide for software release 5.1, the following description of GMRP was omitted:
GMRP software components run on both the switch and on the host (Cisco is not a source for GMRP host software). On the host, GMRP is typically used with IGMP: the host GMRP software generates Layer 2 GMRP versions of the host's Layer 3 IGMP control packets. The switch receives both the Layer 2 GMRP and the Layer 3 IGMP traffic from the host. The switch uses the received GMRP traffic to constrain multicasts at Layer 2 in the host's VLAN.
Note In all cases, you can use CGMP or IGMP snooping to constrain multicasts at Layer 2 without the need to install or configure software on hosts.
When a host wants to join an IP multicast group, it sends an IGMP join message, which generates a GMRP join message.
Upon receipt of the GMRP join message, the switch adds the port through which the join message was received to the appropriate multicast group. The switch propagates the GMRP join message to all other hosts in the VLAN, one of which is typically the multicast source. When the source is multicasting to the group, the switch forwards the multicast only to the ports from which it received join messages for the group.
The switch sends periodic GMRP queries. If a host wants to remain in a multicast group, it responds to the query. In this case, the switch does nothing. If a host does not want to remain in the multicast group, it can either send a leave message or not respond to the periodic queries from the switch. If the switch receives a leave message or receives no response from the host for the duration of the leaveall timer, the switch removes the host from the multicast group.
Note To use GMRP in a routed environment, enable the GMRP forwardall option on all ports where routers are attached.
Additional Documentation
The following documents are available for Catalyst 5000 family switches:
•Quick Software Configuration—Catalyst 5000 Family, 4000 Family, 2926G Series, and 2948G Switches
•Catalyst 5000 Family Installation Guide
•Catalyst 5000 Family Supervisor Engine Installation Guide
•Catalyst 5000 Family Module Installation Guide
•Software Configuration Guide - Catalyst 5000 Family, 4000 Family, 2926G Series, and 2948G Switches
•Layer 3 Switching Software Configuration Guide - Catalyst 5000 Family, 4000 Family, 2926G Series, and 2948G Switches
•ATM Software Configuration Guide - Catalyst 6000 Family and 5000 Family Switches
•Command Reference - Catalyst 5000 Family, 4000 Family, 2926G Series, and 2948G Switches
•System Message Guide - Catalyst 5000 Family, 4000 Family, 2926G Series, and 2948G Switches
•Enterprise MIB User Quick Reference (online only)
Obtaining Documentation
Cisco documentation and additional literature are available on Cisco.com. Cisco also provides several ways to obtain technical assistance and other technical resources. These sections explain how to obtain technical information from Cisco Systems.
Cisco.com
You can access the most current Cisco documentation at this URL:
http://www.cisco.com/univercd/home/home.htm
You can access the Cisco website at this URL:
http://www.cisco.com
You can access international Cisco websites at this URL:
http://www.cisco.com/public/countries_languages.shtml
Documentation DVD
Cisco documentation and additional literature are available in a Documentation DVD package, which may have shipped with your product. The Documentation DVD is updated regularly and may be more current than printed documentation. The Documentation DVD package is available as a single unit.
Registered Cisco.com users (Cisco direct customers) can order a Cisco Documentation DVD (product number DOC-DOCDVD=) from the Ordering tool or Cisco Marketplace.
Cisco Ordering tool:
http://www.cisco.com/en/US/partner/ordering/
Cisco Marketplace:
http://www.cisco.com/go/marketplace/
Ordering Documentation
You can find instructions for ordering documentation at this URL:
http://www.cisco.com/univercd/cc/td/doc/es_inpck/pdi.htm
You can order Cisco documentation in these ways:
•Registered Cisco.com users (Cisco direct customers) can order Cisco product documentation from the Ordering tool:
http://www.cisco.com/en/US/partner/ordering/
•Nonregistered Cisco.com users can order documentation through a local account representative by calling Cisco Systems Corporate Headquarters (California, USA) at 408 526-7208 or, elsewhere in North America, by calling 1 800 553-NETS (6387).
Documentation Feedback
You can send comments about technical documentation to bug-doc@cisco.com.
You can submit comments by using the response card (if present) behind the front cover of your document or by writing to the following address:
Cisco Systems
Attn: Customer Document Ordering
170 West Tasman Drive
San Jose, CA 95134-9883
We appreciate your comments.
Cisco Product Security Overview
Cisco provides a free online Security Vulnerability Policy portal at this URL:
http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html
From this site, you can perform these tasks:
•Report security vulnerabilities in Cisco products.
•Obtain assistance with security incidents that involve Cisco products.
•Register to receive security information from Cisco.
A current list of security advisories and notices for Cisco products is available at this URL:
http://www.cisco.com/go/psirt
If you prefer to see advisories and notices as they are updated in real time, you can access a Product Security Incident Response Team Really Simple Syndication (PSIRT RSS) feed from this URL:
http://www.cisco.com/en/US/products/products_psirt_rss_feed.html
Reporting Security Problems in Cisco Products
Cisco is committed to delivering secure products. We test our products internally before we release them, and we strive to correct all vulnerabilities quickly. If you think that you might have identified a vulnerability in a Cisco product, contact PSIRT:
•Emergencies — security-alert@cisco.com
•Nonemergencies — psirt@cisco.com
Tip We encourage you to use Pretty Good Privacy (PGP) or a compatible product to encrypt any sensitive information that you send to Cisco. PSIRT can work from encrypted information that is compatible with PGP versions 2.x through 8.x.
Never use a revoked or an expired encryption key. The correct public key to use in your correspondence with PSIRT is the one that has the most recent creation date in this public key server list:
http://pgp.mit.edu:11371/pks/lookup?search=psirt%40cisco.com&op=index&exact=on
In an emergency, you can also reach PSIRT by telephone:
•1 877 228-7302
•1 408 525-6532
Obtaining Technical Assistance
For all customers, partners, resellers, and distributors who hold valid Cisco service contracts, Cisco Technical Support provides 24-hour-a-day, award-winning technical assistance. The Cisco Technical Support Website on Cisco.com features extensive online support resources. In addition, Cisco Technical Assistance Center (TAC) engineers provide telephone support. If you do not hold a valid Cisco service contract, contact your reseller.
Cisco Technical Support Website
The Cisco Technical Support Website provides online documents and tools for troubleshooting and resolving technical issues with Cisco products and technologies. The website is available 24 hours a day, 365 days a year, at this URL:
http://www.cisco.com/techsupport
Access to all tools on the Cisco Technical Support Website requires a Cisco.com user ID and password. If you have a valid service contract but do not have a user ID or password, you can register at this URL:
http://tools.cisco.com/RPF/register/register.do
Note Use the Cisco Product Identification (CPI) tool to locate your product serial number before submitting a web or phone request for service. You can access the CPI tool from the Cisco Technical Support Website by clicking the Tools & Resources link under Documentation & Tools. Choose Cisco Product Identification Tool from the Alphabetical Index drop-down list, or click the Cisco Product Identification Tool link under Alerts & RMAs. The CPI tool offers three search options: by product ID or model name; by tree view; or for certain products, by copying and pasting show command output. Search results show an illustration of your product with the serial number label location highlighted. Locate the serial number label on your product and record the information before placing a service call.
Submitting a Service Request
Using the online TAC Service Request Tool is the fastest way to open S3 and S4 service requests. (S3 and S4 service requests are those in which your network is minimally impaired or for which you require product information.) After you describe your situation, the TAC Service Request Tool provides recommended solutions. If your issue is not resolved using the recommended resources, your service request is assigned to a Cisco TAC engineer. The TAC Service Request Tool is located at this URL:
http://www.cisco.com/techsupport/servicerequest
For S1 or S2 service requests or if you do not have Internet access, contact the Cisco TAC by telephone. (S1 or S2 service requests are those in which your production network is down or severely degraded.) Cisco TAC engineers are assigned immediately to S1 and S2 service requests to help keep your business operations running smoothly.
To open a service request by telephone, use one of the following numbers:
Asia-Pacific: +61 2 8446 7411 (Australia: 1 800 805 227)
EMEA: +32 2 704 55 55
USA: 1 800 553-2447
For a complete list of Cisco TAC contacts, go to this URL:
http://www.cisco.com/techsupport/contacts
Definitions of Service Request Severity
To ensure that all service requests are reported in a standard format, Cisco has established severity definitions.
Severity 1 (S1)—Your network is "down," or there is a critical impact to your business operations. You and Cisco will commit all necessary resources around the clock to resolve the situation.
Severity 2 (S2)—Operation of an existing network is severely degraded, or significant aspects of your business operation are negatively affected by inadequate performance of Cisco products. You and Cisco will commit full-time resources during normal business hours to resolve the situation.
Severity 3 (S3)—Operational performance of your network is impaired, but most business operations remain functional. You and Cisco will commit resources during normal business hours to restore service to satisfactory levels.
Severity 4 (S4)—You require information or assistance with Cisco product capabilities, installation, or configuration. There is little or no effect on your business operations.
Obtaining Additional Publications and Information
Information about Cisco products, technologies, and network solutions is available from various online and printed sources.
•Cisco Marketplace provides a variety of Cisco books, reference guides, and logo merchandise. Visit Cisco Marketplace, the company store, at this URL:
http://www.cisco.com/go/marketplace/
•Cisco Press publishes a wide range of general networking, training and certification titles. Both new and experienced users will benefit from these publications. For current Cisco Press titles and other information, go to Cisco Press at this URL:
http://www.ciscopress.com
•Packet magazine is the Cisco Systems technical user magazine for maximizing Internet and networking investments. Each quarter, Packet delivers coverage of the latest industry trends, technology breakthroughs, and Cisco products and solutions, as well as network deployment and troubleshooting tips, configuration examples, customer case studies, certification and training information, and links to scores of in-depth online resources. You can access Packet magazine at this URL:
http://www.cisco.com/packet
•iQ Magazine is the quarterly publication from Cisco Systems designed to help growing companies learn how they can use technology to increase revenue, streamline their business, and expand services. The publication identifies the challenges facing these companies and the technologies to help solve them, using real-world case studies and business strategies to help readers make sound technology investment decisions. You can access iQ Magazine at this URL:
http://www.cisco.com/go/iqmagazine
•Internet Protocol Journal is a quarterly journal published by Cisco Systems for engineering professionals involved in designing, developing, and operating public and private internets and intranets. You can access the Internet Protocol Journal at this URL:
http://www.cisco.com/ipj
•World-class networking training is available from Cisco. You can view current offerings at this URL:
http://www.cisco.com/en/US/learning/index.html
This document is to be used in conjunction with the Software Configuration Guide and the Command Reference publications for your switch.
Copyright © 2001-2005, Cisco Systems, Inc.
All rights reserved. Printed in USA.
