The Cisco® Catalyst® Operating System Software Release 8.6 for the supervisor engine supports the Cisco Catalyst 6500 Series multilayer switches.
The Cisco Catalyst OS Software Release 8.6 continues to provide several innovative features in the areas of security, Metro Ethernet and operational manageability, allowing customers to deploy scalable, highly available, and secure networks from the access layer to the WAN edge. Cisco Catalyst OS 8.6 as a Layer 2 forwarding software targets the wiring closets or access-layer service deployments. With the Cisco Catalyst OS and Cisco IOS® Software, the system in a hybrid mode can be used for offering Layer 2 through 4 services suited for WAN edge, core, and distribution-layer deployments.
Cisco Catalyst OS Software Release 8.6 supports three generations of supervisor engines-Cisco Catalyst 6500 Series Supervisor Engine 2, Cisco Catalyst 6500 Supervisor Engine 32, and Cisco Catalyst 6500 Series Supervisor Engine 720.
Cisco Catalyst OS 8.6 supports all hardware and software supported in Release 8.5 except the Cisco Catalyst 6500 Series Supervisor Engine 1A. In addition, Cisco Catalyst OS 8.6 brings the following important capabilities to the Cisco Catalyst 6500 Series:
• Cisco Catalyst OS 8.6 greatly improves Metro Ethernet network monitoring capabilities by introducing support for end-to-end Connectivity Fault Management (CFM) features including continuity check, traceroute and loopback (also known as Layer 2 ping). These features provide diagnostic tools to discover and visualize Metro Ethernet networks, troubleshoot network issues, and verify network health.
• Cisco Catalyst OS 8.6 continues to enhance Cisco Identity-Based Networking Services (IBNS) on Cisco Catalyst 6500. Cisco IBNS contains three main components: IEEE 802.1x, MAC Authentication Bypass (MAB) and Web Authentication Proxy. Cisco Catalyst 8.6 OS IBNS enhancements include:
– Support for private VLANs with IEEE 802.1x, MAB and Web Authentication Proxy.
– Downloadable access control list (ACL) allow per-user ACLs to be downloaded from the authentication, authorization, and accounting (AAA) server based on the user attributes obtained after a IEEE 802.1x, MAB or Web Authentication providing granular identity-based access control.
• Cisco Catalyst OS 8.6 introduces several enhancements on Network Admission Control (NAC) solution on the Cisco Catalyst 6500 to make it adaptive to various deployment scenarios. These enhancements include:
– Extension of inaccessible authentication bypass (IAB) to NAC to allow critical devices to be configured to access the network resources even if the AAA server is inaccessible.
– Extension of URL redirection to NAC IEEE 802.1x and L2 IP exception hosts.
– Downloadable ACL allows per-user ACLSs to be downloaded from the AAA server based on the user attributes obtained during the authentication and posture validation phases. It is supported for both NAC L2 IEEE 802.1x and NAC L2 IP. This feature is supported on Supervisor Engine 720 and Supervisor Engine 32, not supported on Supervisor Engine 2.
– Support for session timeout override for NAC IEEE 802.1x.
– Support for NAC L2 IP to be configured on switch ports that have private VLAN enabled.
• A mini protocol analyzer is introduced in Cisco Catalyst OS 8.6 that allows packet capture utilizing SPAN sessions. The captured packets are dumped on local flash disk in a standard PCAP format and can be later sourced to a common packet analyzing tools such as ethereal. This provides a powerful diagnostic tool to network administrators to quickly define and capture interesting traffic for troubleshooting purposes without any service disruption.
• Cisco Catalyst OS 8.6 continues to improve operational manageability by enhancing existing CLIs and Simple Network Management Protocol (SNMP) MIBs to provide more useful information and statistics and introducing new features such as:
– Diagnostic optical monitoring (DOM) to monitor the transceivers present in the Cisco Catalyst 6500 over a user defined time interval and raise alarms when the operating values exceeds defined thresholds.
– Secure Copy Protocol (SCP) and SSH File Transfer Protocol (SFTP) introduced in Release 8.6 provide secure and authenticated switch configuration and file transfer.
– MAC Move Counter allows detection of MAC moves on the switch.
– Support for port error detection mechanism to provide robust recovery from line card error conditions caused by corrupted packets.
• Most importantly, provides more compelling reasons for customers to continue migration from their Cisco Catalyst 5000 or Cisco Catalyst 5500 to Cisco Catalyst 6500 converged networks
Cisco Catalyst OS Release 8.6 supports all of the Cisco Catalyst 6500 series hardware previously supported up to Release 8.5 except Supervisor Engine 1A.
Cisco Catalyst OS Software Release 8.6 Release introduces no new hardware support.
New Software Features
Cisco Catalyst OS Software Release 8.6 supports all of the software features previously supported up to Release 8.5 on the Cisco Catalyst 6500 Series. In addition, Release 8.6 adds the following software features described in Table 1. For more detailed information, refer to the Cisco Catalyst Software Release 8.6 release notes, available at the links in the "For More Information" section.
Table 1. Software Features of Cisco Catalyst OS Software Release 8.6
Metro Ethernet Enhancements
• Metro Ethernet End-to-End CFM
• PBF Marco Enhancements
• Extends Inaccessible Authentication Bypass Support to NAC L2 IP, MAB and Web Authentication
• URL redirection for NAC IEEE 802.1x and NAC L2 IP exception hosts
• Downloadable ACL For NAC L2 IEEE 802.1x and NAC L2 IP
• Session Timeout Override for NAC L2 IEEE 802.1x
• NAC L2 IP on Private VLAN port
• Downloadable ACL For IEEE 802.1x, MAB and Web Authentication
• PVLAN with IEEE 802.1x
Dynamic ARP Inspection (DAI) Enhancements
• DAI now can be enabled on a per port basis and interoperates with PACL
• DHCP Snooping can be enabled per port and DHCP Snooping binding can be defined per port as well
Mini Protocol Analyzer
• Allows network administrators to select and then capture Layer 2 and Layer 3 protocol traffic for network diagnostics purpose. The packet capture is performed locally on the switch without service disruption. The captured packets are stored on a local disk in standard PCAP format
SCP and SFTP with SSH version 2
• Provides secure and authenticated methods to copy switch configuration or switch files
Operational Manageability Enhancement
• Digital Optical Monitoring (DOM)
• Packet Error Detection for Line Card Packet Buffer
• SNMP MIBs Enhancements
• MAC Move Counter
Software Support Matrix
Tables 2 and 3 list the software support combinations for various supervisor engines in Cisco Catalyst Software and hybrid environments.
Table 2. Cisco Catalyst Software-Only Deployments
Supervisor Engine 1A
Supervisor Engine 2
Supervisor Engine 32
Supervisor Engine 720
Cisco CatOS Software Release 8.6
Table 3. Hybrid Environment
Cisco Supervisor Engine 2
Cisco Supervisor Engine 32
Cisco Supervisor Engine 720
Cisco Catalyst OS Software Release 8.6
Cisco IOS Software Release 12.1(27)E
Cisco IOS Software Release 12.2(18)SXF
Table 3 lists the software versions and applicable ordering information for the Cisco Catalyst 6500 Series software.
*Caution: Back up the switch configuration file before you upgrade or downgrade the switch software. When you downgrade switch software, you will lose your configuration. Issue the "write network" command or the "copy config tftp" command to back up your configuration to a TFTP server. Issue the "copy config flash" command to back up the configuration to a Flash memory device.
Table 4. Software Ordering Information
Note: The image names (image version suffix such as 8.6.(1), 8.6.(2), 8.6.(3) will differ based on the latest available maintenance release for 8.6; the image names in this table reflect Version 8.6(1) of Release 8.6.
Cisco Catalyst 6500 Series Supervisor Engine 2 Flash image, Cisco Catalyst OS Software Release 8.6
Cisco Catalyst 6500 Series Supervisor Engine 32 PFC3 Flash image, Cisco Catalyst OS Software Release 8.6
Cisco Catalyst 6500 Series Supervisor Engine 720 Flash image, Cisco Catalyst OS Software Release 8.6
Cisco Catalyst 6500 Series Supervisor Engine 2 Flash image with CiscoView, Cisco Catalyst OS Software Release 8.6
Cisco Catalyst 6500 Series Supervisor Engine 32 PFC3 Flash image with CiscoView, Cisco Catalyst OS Software Release 8.6
Cisco Catalyst 6500 Series Supervisor Engine 720 Flash image with CiscoView, Cisco Catalyst OS Software Release 8.6
Cisco Catalyst 6500 Series Supervisor Engine 2 Flash image with SSH, Cisco Catalyst OS Software Release 8.6
Cisco Catalyst 6500 Series Supervisor Engine 32 PFC3 Flash image with SSH, Cisco Catalyst OS Software Release 8.6
Cisco Catalyst 6500 Series Supervisor Engine 720 Flash image with SSH, Cisco Catalyst OS Software Release 8.6
Cisco Catalyst 6500 Series Supervisor Engine 2 Flash image with CiscoView and SSH, Cisco Catalyst OS Software Release 8.6
Cisco Catalyst 6500 Series Supervisor Engine 32 PFC3 Flash image with CiscoView and SSH, Cisco Catalyst OS Software Release 8.6
Cisco Catalyst 6500 Series Supervisor Engine 720 Flash image with CiscoView and SSH, Cisco Catalyst OS Software Release 8.6