Guest

Cisco Catalyst 6500 Series Switches

Cisco IOS Software Release 12.1(11b)E for Supervisor Engines

Product Bulletin No. 1687

Cisco IOS Software Release 12.1(11b)E for
Supervisor Engines of the Cisco Catalyst 6500 Series Switch
and Cisco 7600 Series Internet Router

Use this publication if you have the Cisco IOS® Software for the Cisco Catalyst® 6500 Series Switch or the Cisco 7600 Series Internet Router, which run Cisco IOS Software Release 12.1(11b)E on the Supervisor Engine 1A and Supervisor Engine 2 with the Multiyear Switch Feature Card (MSFC or MSFC2).

Table 1: Software Release 12.1(11b)E Hardware Features

Hardware Features

Hardware/Software Description
Intrusion Detection System Module WS-X6381-IDS

The Cisco Catalyst 6500 and Cisco 7600 Intrusion Detection Systems (IDS) Module provides real-time, around-the-clock network surveillance. Designed to address the increased requirements for security visibility, denial-of-service protection, anti-hacking detection, and e-commerce business defenses, the IDS Module monitors network traffic off the switch backplane and alarms on malicious or unauthorized activity. This Cisco IOS release adds support for Supervisor Engine 1A to the current Supervisor Engine 2 support.

Network Analysis Module WS-X6380-NAM

Providing remote monitoring functions based on RMON and RMON-2 Management Information Bases (MIBs), the NAM collects data at all layers so network managers can obtain analyses used for fault-isolation and troubleshooting, capacity-planning and management, performance management, application monitoring, and debugging. This Cisco IOS release adds support for Supervisor Engine 1A to the current Supervisor Engine 2 support.

Content Services Gateway (CSG) WS-SVC-CSG-1

Cisco Content Services Gateway (CSG) is a high-speed processing module that brings content billing and user awareness to the Cisco Catalyst® 6500 Series Switch and Cisco 7600 Series Internet Router platforms. Offering more than standard IP flow accounting, Cisco CSG examines HTTP requests to gather URLs and other HTTP header information for accounting purposes. In addition, the system gathers information on usernames and usage statistics, thus enabling differentiated billing for individual transactions based on hostname, on directory accessed, or even on individual files. This module is supported on the Supervisor Engine 1A and Supervisor Engine 2. For more information on this visit:

http://www.cisco.com/warp/public/779/servpro/solutions/wireless_mobile/csg.html


Note If you are running Cisco Catalyst software on the Supervisor Engine and Cisco IOS Software only on the MSFC, refer to the following release notes for MSFC publication:

http://www.cisco.com/univercd/cc/td/doc/product/lan/cat6000/relnotes/index.htm.

Other Hardware Supported

The system supports all cards previously supported by the Cisco IOS Software on the Cisco Catalyst 6500 Series Supervisor Engine 1A and the Supervisor Engine 2 for the Cisco Catalyst 6500 and Cisco 7600 Series.


Note The Optical Services Modules (OSMs) for the Cisco 7600 and Cisco Catalyst 6500 Series require the Supervisor Engine 2 with MSFC 2.

Table 2: Software Release 12.1(11b)E Software Features

Software Feature

Description
MultiProtocol Label Switching Virtual Private Networking (MPLS/VPN) for Optical Service Modules (OSMs)

MPLS is a highly scalable standards-based implementation on Optical Services Modules (OSM)on the OC-3/STM-1, OC-12/STM-3, OC-48/STM-q and GE-WAN Optical Services and the FlexWAN module on the Cisco Catalyst 6500 and Cisco 7600 Series. It provides efficient IP transport across the Layer 3 MPLS core and end-to-end IP quality of service (QoS) support for service providers, as well as large enterprise customers. MPLS/VPN, which are created in Layer 3, are based on the peer model, and are therefore substantially more scalable and easier to build and manage than conventional VPNs. In addition, value-added services, such as application and data hosting, network commerce, and telephony services, can easily be targeted and deployed for a particular MPLS VPN because the service provider backbone recognizes each MPLS VPN as a secure, connectionless IP network.

MPLS/VPNs implemented on the Cisco Catalyst 6500 or Cisco 7600 require both the ingress and egress line cards to be OSMs and/or FlexWAN modules.

Class-Based Weighted Fair Queuing (CBWFQ) for OSMs

Initially available and implemented on the OC-3 POS and OC-12 POS OSMs, this feature segregates traffic into user-defined classes and then schedules traffic on the outputs to meet specified bandwidth allocation or delay bounds. CBWFQ classes can be assigned either by IP precedence or Differentiated Services Code Point (DSCP).

Low-Latency Queuing (LLQ) for OSMs

Initially available and implemented on the OC-3 POS and OC-12 POS OSMs, this feature allocates a specific amount of bandwidth for priority or time-sensitive traffic such as Voice over IP (VoIP) as segregated by user-defined classes. Once classified, the traffic is scheduled on the outputs to meet specified bandwidth allocation or delay bounds. LLQ classes can be assigned either by IP precedence or Differentiated Services Code Point (DSCP).

PFC-based QoS for OSMs

PFC-based QoS features such as Policing (with Classification) and Marking are now supported on the OC-3/STM-1, OC-12/STM-4, OC-48/STM-16 and GE-WAN OSMs. These features provide the ability to mark and rate limit network traffic entering the above OSMs.

For more detailed information on PFC-based features, go to:

http://www.cisco.com/univercd/cc/td/doc/product/core/cis7600/ios121_8/

swcg/qos.htm

Ethernet over MPLS (EoMPLS) Support for FlexWAN Module

Ethernet over MPLS (EoMPLS) is the transport of Ethernet frames across an MPLS core. This is an implementation of the Martini drafts for both transport and encaps to provide transport of Ethernet VLAN frames. This functionality is often referred to as "Any Transport over MPLS" (AToM). EoMPLS is the first AToM feature implemented on the Cisco Catalyst 6500 and Cisco 7600. Other transport options such as Frame Relay and ATM will be offered in future releases. This feature now enables the FlexWAN module with Supervisor2/MSFC@ to support transporting Ethernet frames across an MPLS-based Layer 3 core.

For details about this feature, refer to the following:

http://search.ietf.org/internet-drafts/draft-martini-l2circuit-trans-mpls-08.txt

http://search.ietf.org/internet-drafts/draft-martini-l2circuit-encap-mpls-04.txt

Frame Relay Encapsulation for OSMs

Enabled on the Packet over SONET (POS) and Channelized POS OSMs this adds the Frame Relay encapsulation to the already supported PPP and HDLC encaps.

IOS-SLB Content-Aware RADIUS Loadbalancing

This enhancement of the Cisco IOS-SLB software provides content-aware load balancing of RADIUS servers and proxy servers.

In networks where Cisco Service Selection Gateways (SSGs) are used as RADIUS proxy servers and multi-service packet gateways, IOS-SLB RADIUS Load Balancing enables scalable deployment of clusters of SSGs. The scalability is achieved by providing subscriber-aware SSG persistence for RADIUS requests associated with an end-user and for data packets sourced by an end-user. Clustering of SSGs in mobile wireless networks requires subscriber-aware persistence. The subscriber-aware persistence also enables IOS-SLB RADIUS Load Balancing to cluster Cisco Content Services Gateways (CSGs) acting as RADIUS service endpoints.

IOS-SLB Enhancements for Loadbalancing VPN Servers, and extensions for DNS and GGSN Loadbalancing, Including Additional Health Check Probes

This enhancement of IOS-SLB software enables endpoint loadbalancing of traffic for IP protocols other than TCP or UDP. An example of this would be loadbalancing of tunnel traffic to VPN Gateways.

This release also extends the support for existing loadbalancing as follows:

  • Non-TCP loadbalancing is extended to provide more granular loadbalancing for protocols whose transactions are single-packet requests and responses. A prime example of this is DNS Loadbalancing.

  • GGSN loadbalancing has been enhanced to enable backup server farms, and ServerNAT capability.

  • A DNS Health Check Probe has been added, thereby providing better DNS health checking than the previous ping probe.

  • A Generic TCP Health Check Probe has been added to allow checking of application availability at the designated port.

Exec Commands in Configuration Mode

The new "do" command allows you to use EXEC commands from Configuration mode. This command enables you to use EXEC commands such as show, debug and clear commands from the Configuration mode and sub-modes.

Online Diagnostics

Test and verify the hardware functionality of each line card in the system as well as the entire system before they go into full operation in a live network.

  • Online diagnostics are part of Cisco IOS Software image

  • No user-intervention required

  • Diagnostics run just before module comes on line

  • If diagnostics fail any test, the console displays an appropriate message

  • The port under test is shut down for the duration of the test (on-demand and scheduled diagnostics)

Bootup Online Diagnostics:

  • During system bootup

  • Line card online insertion and removal (OIR)

  • Switchover

Protocol-Independent Multicast (PIM) Scalability Enhancements for (*,G) and (S,G)

Improve the PIM timer management to greatly reduce the CPU utilization of large multicast distribution trees with only a small increase in memory space.

Hardware Support for Directed Broadcast in Supervisor 2

This feature provides greater performance for subnet broadcasts. For example, applications sent information such as ticker tape from a server as a subnet broadcast to different VLANs. By enabling 'ip directed-broadcast' broadcasts are sent with the processor. A new option on the command enables sending broadcasts with hardware support.

Disable IP sticky-arp Feature

Currently the interface default for the sticky arp feature is 'loose' mode. This feature will allow the feature to be turned off from the CLI.

The proposed new per-interface command is:

ip pvlan-sticky-arp mode {strict | loose}

[no] ip pvlan-sticky-arp

The default for an interface is:

ip pvlan-sticky-arp mode loose

The tuple {IP address, MAC address} should be sticky. The tuple {IP address, MAC address, source VLAN} will be sticky. Now it is possible to turn off the sticky-arp feature.

Crossbar Fallback for Classic Cards

Fabric switching-mode, or crossbar-fallback mode, was designed to operate at high performance (without classic cards). The switch is disabled if the switch fabric module (SFM) fails, so the switch will failover to another switch thus avoiding operating at degraded performance. This new "[no] fabric required" command, specifies whether classic cards may run in the switch in this mode.

Show Interface Capabilities Command

This new command is similar to the show port capabilities command in the Catalyst operating system (CatOS). Users can show capabilities for all ports by module or by interface.

Network Analysis Module (NAM) 2.1 Software Version Support

This version provides an embedded NAM Traffic Analyzer application with full-scale monitoring and troubleshooting capabilities accessible from a Web browser:

  • IP telephony monitoring for gathering details on VoIP calls

  • Differentiated services monitoring (DSMON) to monitor data and voice traffic by QoS classes

  • On-board packet capture and decode for quick troubleshooting includes monitoring support for Application Response Time (ART), VLANs (SMON), RMON2 and mini-RMON

Content Switching Module (CSM) 2.2 Software Version Support

With a full set of L4-7 features, the Content Switching Module (CSM) integrates advanced content switching into the Cisco Catalyst 6500 and Cisco 7600 Series to provide high-performance, high-availability load balancing of firewalls, Web servers, caches, and other network devices.

This 2.2 software image includes the following features:

  • Return Code Checking

  • Inband health monitoring

  • Increased VLAN limit to 256

  • Connection timeout value configurable

  • Real-Time Streaming Protocol (RTSP) support

MLPPP Minimum Throughput Threshold for FlexWAN Module

Added functionality to the MLPPP feature already supported on FlexWAN, this feature allows the user to configure the minimum traffic throughput that is acceptable for continued network operation. When traffic throughput falls below the threshold, the entire bundle is deactivated. This enables a backup bundle to take over packet delivery (assuming a backup has been established).

Features Not Supported in Cisco IOS Software Release 12.1(11b)E

None. All features currently supported by previous Cisco IOS Supervisor software versions are also supported in Cisco IOS Software Release 12.1(11b)E.

Orderable Software Images

The following table lists the software versions and applicable ordering information for the Cisco Catalyst 6500 Series Supervisor Engine 1A and Cisco Catalyst 6500 Series and Cisco 7600 Supervisor Engine 2 software. Cisco IOS Software runs on the Distributed Forwarding Card (DFC) to provide Distributed Cisco Express Forwarding support. This image is bundled as part of the c6sup22 image and is not released separately.

Caution: Always back up the switch configuration file before upgrading or downgrading the switch software to avoid losing all or part of the configuration stored in NVRAM. When downgrading switch software, you will lose your configuration. Back up your configuration to a Trivial File Transfer Protocol (TFTP) server or Flash device before proceeding.


Table 3:
Orderable Product Number Description Image
S6S11AV-12111E

Cisco Catalyst 6000 Supervisor 1/MSFC IOS Enterprise with Versatile Interface Processor (VIP), Software Release 12.1(11b)E

c6sup11-jsv-mz.121-11a.E-

S6S11AV-12111E=

Spare

S6S11AK2-12111E

Cisco Catalyst 6000 Supervisor 1/MSFC IOS Enterprise with VIP, Secure Shell (SSH), and Triple Data Encryption Standard (3DES), Software Release 12.1(11b)E1

c6sup11-jk2sv-mz.121-11a.E

S6S11AK2-12111E=

Spare

S6S11BV-12111E

Cisco Catalyst 6000 Supervisor 1/MSFC IOS Desktop with VIP, Software Release 12.1(11b)E

c6sup11-dsv-mz.121-11a.E

S6S11BV-12111E=

Spare

S6S11DV-12111E

Cisco Catalyst 6000 Supervisor 1/MSFC IOS IP/IPX with VIP, Software Release 12.1(11b)E

c6sup11-dsv-mz.121-11a.E

S6S11DV-12111E=

Spare

S6S11ZV-12111E

Cisco Catalyst 6000 Supervisor 1/MSFC IOS Service Provider with VIP, Software Release 12.1(11b)E

c6sup11-psv-mz.121-11a.E

S6S11ZV-12111E=

Spare

S6S11ZK2-12111E

Cisco Catalyst 6000 Supervisor 1/MSFC IOS Service Provider with VIP, SSH, and 3DES. Software Release 12.1(11b)E

c6sup11-pk2sv-mz.121-11a.E

S6S11ZK2-12111E=

Spare

S6S12AV-12111E

Cisco Catalyst 6000 Supervisor 1/MSFC2 IOS Enterprise with VIP, Software Release 12.1(11b)E

c6sup12-jsv-mz.121-11a.E

S6S12AV-12111E=

Spare

S6S12AK2-12111E

Cisco Catalyst 6000 Supervisor 1/MSFC2 IOS Enterprise with Versatile Interface Processor (VIP), Secure Shell (SSH), and Triple Data Encryption Standard (3DES). Software Release 12.1(11b)E

c6sup12-jk2sv-mz.121-11a.E

S6S12AK2-12111E=

Spare

S6S12AVH-12111E

Cisco Catalyst 6000 Supervisor 1/MSFC2 IOS Enterprise with Firewall and VIP, Software Release 12.1(11b)E

c6sup12-jo3sv-mz.121-11a.E

S6S12AVH-12111E=

Spare

S6S12AK2H-12111E

Cisco Catalyst 6000 Supervisor 1/MSFC2 IOS Enterprise with Firewall, VIP, and 3DES. Software Release 12.1(11b)E

c6sup12-jk2o3sv-mz.121-11a.E

S6S12AK2H-12111E=

Spare

S6S12BV-12111E

Cisco Catalyst 6000 Supervisor 1/MSFC2 IOS Desktop with VIP, Software Release 12.1(11b)E

c6sup12-dsv-mz.121-11a.E

S6S12BV-12111E=

Spare

S6S12DV-12111E

Cisco Catalyst 6000 Supervisor 1/MSFC2 IOS IP/IPX with VIP, Software Release 12.1(11b)E

c6sup12-dsv-mz.121-11a.E

S6S12DV-12111E=

Spare

S6S12ZV-12111E

Cisco Catalyst 6000 Supervisor 1/MSFC2 IOS Service Provider with VIP, Software Release 12.1(11b)E

c6sup12-psv-mz.121-11a.E

S6S12ZV-12111E=

Spare

S6S12ZK2-12111E

Catalyst 6000 Supervisor 1/MSFC2 IOS Service Provider with VIP, SSH, and 3DES. Software Release 12.1(11b)E

c6sup12-pk2sv-mz.121-11a.E

S6S12ZK2-12111E=

Spare

S6S12ZVH-12111E

Cisco Catalyst 6000 Supervisor 1/MSFC2 IOS Service Provider with Firewall and VIP, Software Release 12.1(11b)E

c6sup12-po3sv-mz.121-11a.E

S6S12ZVH-12111E=

Spare

S6S12ZK2H-12111E

Cisco Catalyst 6000 Supervisor 1/MSFC2 IOS Service Provider with Firewall, VIP and 3DES. Software Release 12.1(11b)E

c6sup12-pk2o3sv-mz.121-11a.E

S6S12ZK2H-12111E=

Spare

S6S22AV-12111E

Cisco Catalyst 6000 and Cisco 7600 Supervisor 2/MSFC2 IOS Enterprise with VIP, Software Release 12.1(11b)E

c6sup22-jsv-mz.121-11a.E

S6S22AV-12111E=

Spare

S6S22AK2-12111E

Cisco Catalyst 6000 and Cisco 7600 Supervisor 2/MSFC2 IOS Enterprise with VIP and 3DES. Software Release 12.1(11b)E

c6sup22-jk2sv-mz.121-11a.E

S6S22AK2-12111E=

Spare

S6S22AVH-12111E

Cisco Catalyst 6000 and Cisco 7600 Supervisor 2/MSFC2 IOS Enterprise with Firewall and VIP, Software Release 12.1(11b)E

c6sup22-jo3sv-mz.121-11a.E

S6S22AVH-12111E=

Spare

S6S22AK2H-12111E

Cisco Catalyst 6000 and Cisco 7600 Supervisor 2/MSFC2 IOS Enterprise with Firewall, Versatile Interface Processor (VIP) and Triple Data Encryption Standard (3DES). Software Release 12.1(11b)E

c6sup22-jk2o3sv-mz.121-11a.E

S6S22AK2H-12111E=

Spare

S6S22BV-12111E

Cisco Catalyst 6000 and Cisco 7600 Supervisor 2/MSFC2 IOS Desktop with VIP, Software Release 12.1(11b)E

c6sup22-dsv-mz.121-11a.E

S6S22BV-12111E=

Spare

S6S22DV-12111E

Cisco Catalyst 6000 and Cisco 7600 Supervisor 2/MSFC2 IOS IP/IPX with VIP, Software Release 12.1(11b)E

c6sup22-dsv-mz.121-11a.E

S6S22DV-12111E=

Spare

S6S22ZV-12111E

Cisco Catalyst 6000 and Cisco 7600 Supervisor 2/MSFC2 IOS Service Provider with VIP. Software Release 12.1(11b)E

c6sup22-psv-mz.121-11a.E

S6S22ZV-12111E=

Spare

S6S22ZK2-12111E

Cisco Catalyst 6000 and Cisco 7600 Supervisor 2/MSFC2 IOS Service Provider with VIP, SSH, and 3DES. Software Release 12.1(11b)E

c6sup22-pk2sv-mz.121-11a.E

S6S22ZK2-12111E=

Spare

S6S22ZVH-12111E

Cisco Catalyst 6000 and Cisco 7600 Supervisor 2/MSFC2 IOS Service Provider with Firewall and VIP. Software Release 12.1(11b)E

c6sup22-po3sv-mz.121-11a.E

S6S22ZVH-12111E=

Spare

S6S22ZK2H-12111E

Cisco Catalyst 6000 and Cisco 7600 Supervisor 2/MSFC2 IOS Service Provider with Firewall, VIP and 3DES. Software Release 12.1(11b)E

c6sup22-pk2o3sv-mz.121-11a.E

S6S22ZK2H-12111E=

Spare

For more detailed information concerning this software release, refer to the Cisco Catalyst 6500 Series and Cisco 7600 release notes at:

http://www.cisco.com/univercd/cc/td/doc/product/lan/cat6000/relnotes/index.htm.

Review the Cisco Catalyst 6500 Series documentation at:

http://www.cisco.com/warp/public/cc/pd/si/casi/ca6000/ and

http://www.cisco.com/univercd/cc/td/doc/product/lan/cat6000/.

Review the Cisco 7600 Internet Router documentation at:

http://www.cisco.com/warp/public/cc/pd/rt/7600osr/.