Guest

Cisco Catalyst 6500 Series Switches

Cisco Catalyst Operating System Software Version 7.2(2)

Product Bulletin, No. 1753

Cisco Catalyst Operating System Software Version 7.2(2)
for the Cisco Catalyst 6500 Series Swiches andCisco 7600 Series Internet Routers

The Cisco Catalyst® Operating System Software Version 7.2(2) for the supervisor engine supports the Cisco Catalyst 6500 Series switches and Cisco 7600 Series Internet Routers

Hardware Supported

The system software Version 7.2(2) supports all cards previously supported by the Cisco Catalyst Operating System Software on the Cisco Catalyst 6500 Series/Cisco 7600 Internet Router supervisor engines. In addition, the Cisco Catalyst Operating System Software Version 7.2.2 supports the hardware modules listed in Table 1:


Table 1: Hardware Modules Supported
Hardware Module Description
WS-G5483

One-port 1000BASE-T GBIC module for Cisco Catalyst switches with GBIC slots.

CWDM-GBIC-1470 CWDM-GBIC-1490 CWDM-GBIC-1510 CWDM-GBIC-1530 CWDM-GBIC-1550 CWDM-GBIC-1570 CWDM-GBIC-1590 CWDM-GBIC-1610

Coarse wave-division multiplexing (CWDM) optical solution, which consists of eight gigabit interface converter (GBIC) transceivers - one for each wavelength - for Cisco Catalyst switches with GBIC slots.



The Cisco Catalyst Operating System Software Version 7.2(2) for the Cisco Catalyst 6500 Series Switches also includes support for the Cisco 7606 Internet Router (Table 2):


Table 2: Internet Router Supported
Hardware Description
Cisco7606

Cisco 7606, 6-slot chassis




Note The Cisco 7606 Internet Router supports all supervisor engine configurations.

Software Features

Software features of the Cisco Catalyst Operating System Software Version 7.2(2) supported on Cisco Catalyst 6500 Series switches and Cisco 7600 Internet Routers are given in Table 3.


Table 3: Software Features of Cisco Catalyst Operating System Software Version 7.2(2)
Software Feature Description
Bridged NetFlow statistics

This feature enables you to explicitly enable/disable bridged flow statistics on a per-VLAN1 basis when the flows are exported as part of NetFlow data export, or NDE. This bridged flow statistics information will appear in the output of the show mls nde command.

Broadcast suppression enhancement

Broadcast suppression limits the amount of bandwidth allowed for broadcast frames. It measures how much broadcast traffic is occurring, and compares it to a user configurable threshold over a user configurable interval. If the amount of broadcast traffic reaches the threshold during this interval, the user can choose to have the switch either drop the broadcast frames or (in Version 7.2.2 and later) shutdown a port.

This feature is useful particularly when it is enabled on all except one of the ports that contribute to a spanning-tree loop. For example, if an errant condition causes an increasing level of broadcasts within a loop, the feature triggers the port shutdown and breaks the loop.

Extended trust for Cisco Discovery Protocol devices

The trusted boundary feature uses the Cisco Discovery Protocol to detect the presence of an IP phone on a given port, thus eliminating the potential security problem that arises when PCs are able to tag their own packets. If the switch detects the phone removal, the switch port is automatically set to "untrusted" so the users cannot disconnect the phone from the network and directly plug their PCs into the switch port to take advantage of the trust-cos2 setting on the switch.

Jumbo frames on sc0

This feature enables the Cisco Catalyst 6500 Series Switch to support jumbo frames on the management interface, sc0.

Layer 2 Protocol Tunneling

The L2 Protocol Tunneling feature allows the tunneling of control protocol PDUs3, such as STP4, Cisco Discovery Protocol and VTP5, which was not achieved by the existing feature of .1q-in-.1q tunneling on the Cisco Catalyst 6500 platform.

VLAN assignment with 802.1X

IEEE 802.1x is a client/server-based access control and authentication protocol that restricts unauthorized devices from connecting to a LAN through publicly accessible ports. The 802.1x standard authenticates each user device connected to a switch port before making available any services offered by the switch or the LAN. The current implementation of IEEE 802.1X in Cisco Catalyst switches is simply to authenticate the port with a RADIUS6 server and authorize it to be in the present port VLAN. With the 7.2.2 software enhancement, the user can specify the authorized VLAN for the user to gain access to when the authentication is complete.

This enhancement is achieved by maintaining a username-to-VLAN database within the RADIUS server. Following successful 802.1x authentication, RADIUS sends the VLAN to the switch for that particular user and the switch configures the attached port for the specified VLAN. Thus, 802.1x authenticated ports are assigned to a VLAN based on the username of the supplicant connected to a port.

Authentication lockout enhancement

The authentication lockout feature provides the capability to block users trying to access the network on a trial basis without their knowing the exact username and password. When the user is blocked because of a user-defined number of unsuccessful login attempts (between 3 and 10 attempts), users are denied access to the switch for a user-defined period of time.

With this enhancement, the range of user-defined seconds of lockout time has been increased from 30 to 600 seconds to 30 to 43200 seconds.

ErrDisable Reactivation Per Port

A port is in errdisable state if it is enabled in NVRAM7 , but is disabled at runtime by any process. The errdisable timeout feature allows you to configure a timeout period for ports in errdisable state; the ports are automatically reenabled after the selected time interval, on a global basis. This enhancement enables the user to manually set ports to enable on a per port basis, rather than on a global basis.

Various Management Information Base (MIB) Support

CISCO-AAA-CLIENT-MIB Enhancement

CISCO-ENVMON-MIB

CISCO-PROCESS-MIB

CISCO-STACK-MIB Enhancement

CISCO-STP-EXTENSIONS-MIB

CISCO-PAGP-MIB

CISCO-CATOS-ACL-QOS-MIB

CISCO-CDP-MIB Enhancement

CISCO-L2-TUNNEL-CONFIG-MIB

CISCO-SWITCH-ENGINE-MIB

1Virtual LAN
2Class of service
3Protocol data units
4Spanning-Tree Protocol
5Virtual Trunking Protocol
6Remote Access Dial-In User Service
7Nonvolatile RAM


Orderable Software Images

Table 4 lists the software versions and applicable ordering information for the Cisco Catalyst 6500 Series/Cisco 7600 Internet Router Supervisor Engine Software.

Caution: Always back up the switch configuration file before upgrading or downgrading the switch software to avoid losing all or part of the configuration stored in NVRAM. When downgrading switch software, you will lose your configuration. Use the write network command or the copy config tftp command to back up your configuration to a Trivial File Transfer Protocol (TFTP) server. Use the copy config flash command to back up the configuration to a Flash memory device.


Table 4: Software Ordering Information
Orderable Product Number Description Image
SC6K-SUPK8-7.2.2

Cisco Catalyst 6000 Supervisor 1 Flash Image, Release 7.2.2

cat6000-supk8

SC6K-SUPK8-7.2.2=

Spare

SC6K-SUP2K8-7.2.2

Cisco Catalyst 6000 Supervisor 2 Flash Image, Release 7.2.2

cat6000-sup2k8

SC6K-SUP2K8-7.2.2=

Spare

SC6K-SCVK8-7.2.2

Cisco Catalyst 6000 Supervisor 1 Flash Image with CiscoView, Release 7.2.2

cat6000-supcvk8

SC6K-SCVK8-7.2.2=

Spare

SC6K-S2CVK8-7.2.2

Cisco Catalyst 6000 Supervisor 2 Flash Image with CiscoView, Release 7.2.2

cat6000-sup2cvk8

SC6K-S2CVK8-7.2.2

Spare

SC6K-SUPK9-7.2.2

Cisco Catalyst 6000 Supervisor 1 Flash Image with SSH, Release 7.2.2

cat6000-supk9

SC6K-SUPK9-7.2.2=

Spare

SC6K-SUP2K9-7.2.2

Cisco Catalyst 6000 Supervisor 2 Flash Image with SSH, Release 7.2.2

cat6000-sup2k9

SC6K-SUP2K9-7.2.2=

Spare

SC6K-SCVK9-7.2.2

Cisco Catalyst 6000 Supervisor 1 Flash Image with CV and SSH, Release 7.2.2

cat6000-supcvk9

SC6K-SCVK9-7.2.2=

Spare

SC6K-S2CVK9-7.2.2

Cisco Catalyst 6000 Supervisor 2 Flash Image with CV and SSH, Release 7.2.2

cat6000-sup2cvk9

SC6K-S2CVK9-7.2.2=

Spare



For more detailed information, refer to the Cisco Catalyst 6500 Series release notes at:
http://www.cisco.com/univercd/cc/td/doc/product/lan/cat6000/relnotes/index.htm

Also, review the Cisco Catalyst 6500 Series documentation at:
http://www.cisco.com/univercd/cc/td/doc/product/lan/cat6000/index.htm