Guest

Cisco Catalyst 6500 Series Switches

Cisco IOS Software Release 12.1(8a)EX for Supervisor Engines

Product Bulletin No. 1585

Cisco IOS Software Release 12.1(8a)EX for Supervisor Engines of the Catalyst 6500 Series and Cisco 7600 Internet Router

Use this publication if you have the Cisco IOS® Software for the Cisco Catalyst® 6500 Series switching product or Cisco 7600 Internet Routers, which run Cisco IOS Software Release 12.1(8a)EX on the Supervisor Engine 1A and Supervisor Engine 2 with the Multilayer Switch Feature Card (MSFC or MSFC2).

Software Release 12.1(8a)EX Hardware Features

Hardware Features Hardware/Software Description
Cisco 7606 Internet Router CISCO7606

The Cisco 7606 Internet Router is a compact, high-performance router designed for deployment at the network edge and in the data center, where performance and services are required. The Cisco 7606 delivers a forwarding rate of 30 Mpps and 160 Gbps total throughput while providing high-touch, hardware-accelerated IP services.

10 Gigabit Ethernet Module WS-X6501-10GEX4

The Cisco Catalyst 6500 and Cisco 7600 1-port 10GBASE-EX4 Metro 10 Gigabit Ethernet Module provides scalable bandwidth and increased network reach with support of Layer 2, Layer 3, and Layer 4-7 intelligent services on the Catalyst 6500 and Cisco 7600 platforms. Supporting an extended reach distance of 50 km over single-mode fiber, it is ideal for building cost-effective, simple and manageable intercampus and inter-POP connections over metropolitan area networks. This module is currently supported on the Supervisor Engine 2 only.

48-Port Fabric-Enabled 10/100 Module with RJ-21 Interface WS-X6548-RJ-21

Designed to support the Catalyst 6500 and Cisco 7600 256 Gpbs platform, this new 48-port, fabric-enabled 10/100 Fast Ethernet module enables customers to scale their network performance with centralized or distributed forwarding. The module can be field upgraded to distributed Cisco Express Forwarding (CEF) via the addition of the Distributed Forwarding daughter card (DFC), WS-F6K-DFC=. The module has large packet buffers and multiple queues for enhanced quality of service (QoS), including strict priority queues.

16-Port 10/100/1000BASE-T Module WS-X6516-GE-TX

This 1000BASE-T Gigabit Ethernet module supports three speeds: 10 Mbps, 100 Mbps, and 1000 Mbps over copper. It is fabric-enabled, and supports the Catalyst 6500 and Cisco 7600 256 Gbps platform. It provides seamless migration for servers and high-end workstations from Fast Ethernet to gigabit speeds. The module can be field upgraded to distributed CEF via the addition of the DFC, WS-F6K-DFC=.

24-Fort Fabric Enabled 100FX Module WS-X6524-100FX-MM

This fabric-enabled 100FX module supports the Catalyst 6500 and Cisco 7600 256 Gbps platform with 24 ports of 100 Mbps fiber connectivity over multimode (MM) MT-RJ connectors. The module can be field upgraded to distributed CEF via the addition of the DFC, WS-F6K-DFC=. The module has large packet buffers and multiple queues for enhanced QoS, including strict priority queues.

10/100BASE-TX with Telco Connectors WS-X6348-RJ-21 and WS-X6348-RJ21V

This 48-port 10/100BASE-TX module with Telco RJ21 connectors provides 128k per-port packet buffers. The inline power module on WS-X6348-RJ21V is dormant (that is, inline power is not provided to IP phones).

4-Port Gigabit Ethernet WAN Optical Services Module OSM-4GE-WAN-GBIC

The four-port Gigabit Ethernet Optical Services WAN module supports SX, LX/LH, and ZX GBIC optic options.

Network Analysis Module WS-X6380-NAM

Providing remote monitoring functions based on RMON and RMON-2 Management Information Bases (MIBs), the NAM collects data at all layers so network managers can obtain analyses used for fault-isolation and troubleshooting, capacity-planning and management, performance management, application monitoring, and debugging. This module is supported on the Supervisor Engine 2 only. Supervisor Engine 1A will be supported in a future release.

Intrusion Detection System Module WS-X6381-IDS

The Catalyst 6500 and Cisco 7600 Intrusion Detection Module provides real-time, around-the-clock network surveillance. Designed to address the increased requirements for security visibility, denial-of-service protection, antihacking detection, and e-commerce business defenses, the IDS module monitors network traffic off the switch backplane and alarms on malicious or unauthorized activity. It is supported on the Supervisor Engine 2 only. Supervisor Engine 1A will be supported in a future release



Note: If you are running Cisco Catalyst software on the Supervisor Engine and Cisco IOS Software only on the MSFC, refer to the following release notes for MSFC publication: http://www.cisco.com/univercd/cc/td/doc/product/lan/cat6000/relnotes/index.htm.

Other Hardware Supported

The system supports all cards previously supported by the Cisco IOS Software on the Catalyst 6500 Series Supervisor Engine 1A and Catalyst 6500 Series and Cisco 7600 Supervisor Engine 2.

Software Features

Software Feature Description
Multi Protocol Label Switching (MPLS), including Provider (P) and Provider Edge (PE) functionality

MPLS is a highly scalable standards-based implementation on OSM modules. It provides efficient Layer 2 transport across the Layer 3 MPLS core and end-to-end IP QoS support for service providers, as well as high-end enterprise customers. MPLS P switching is the process of taking a MPLS labeled packet in, and switching it to the egress interface based upon the label contained in the packet. The packet leaving the egress interface also contains a MPLS label. MPLS PE functionality is the imposition and disposition of MPLS headers at the edge of a network.

Ethernet over MPLS

Ethernet over MPLS (EoMPLS) transports Layer 2 Ethernet packets over an MPLS core. EoMPLS is supported on the OSM 4-port Gigabit Ethernet WAN module and OSM Packet-over-SONET modules.

VLAN Access Control Lists (VACLs)

A VACL contains an ordered list of access control entries (ACEs). Each VACL can contain ACEs of only one type. Each ACE contains a number of fields that are matched against the contents of a packet. VACLs can control access of all traffic. VACLs can be configured on the switch to apply to all packets that are routed into or out of a VLAN or are bridged within a VLAN. VACLs are strictly for security packet filtering and redirecting traffic to specific physical switch ports.

VACL Deny Logging

VACL logging provides a log option on any VACL so that any packets or flows that are denied access by the VACL will generate a SYSLOG reporting the denial.

VLAN 1 Minimization

This feature reduces the risk of spanning-tree loops or storms by allowing VLAN 1 to be disabled on any individual VLAN trunk link. With this feature, no user traffic is sent or received. The switch CPU continues to send and receive control protocol frames.

VLAN Configuration Mode

VLAN and VTP features are configured in a new CLI submode "config-vlan" and global configuration mode. This replaces the VLAN database.

Private VLANs

A Private VLAN (PVLAN) is a Layer 2 network structure not uncommon to, but rather an extension, of the common VLAN. Within a private VLAN are three separate port designations. Each port designation has its own unique set of rules that regulate a connected endpoint's ability to communicate with other endpoints connected to ports within a private VLAN. The three port designations are promiscuous, isolated, and community. Two-way community VLANS are not supported with this release.

IGMP Snooping over Private VLAN

This feature is the implementation of IGMP snooping over private VLANs. With IGMP snooping, the Cisco Catalyst 6500 and Cisco 7600 listens to the IGMP messages exchanged between the hosts and router and provides for selective transmission of multicast traffic based on source lists contained in the messages. It also provides for selective transmission of multicast data based on source IP address onto the ports that are interested.

Order Dependent ACL Merge (ODM) Algorithm

This merge algorithm is an alternative to the current Binary Decision Diagram (BDD) algorithm. The ODM algorithm has been optimized for performance and efficient memory utilization.

Cisco Content Switching Module Software Version 2.1

This Cisco IOS Software release supports CSM 2.1 version. The 2.1 version provides session redundancy, firewall load balancing, HTTP 1.1 persistence, URL hashing, generic header parsing,and multiple CSMs in one chassis.

Cisco IOS Firewall Feature Set

This feature set brings stateful firewall support to the MSFC2. Stateful packet filtering is available for a large set of common multimedia applications. Denial-of-Service attacks and common SMTP and fragmentation attacks can be detected and prevented. Different types of audit trails and real-time alerts can be configured. TCP or UDP ports can be mapped to network services or applications. Users can be authenticated and authorized from inside or outside the firewall or network device using RADIUS or TACACS+.

Cisco QoS Device Manager (QDM)

Cisco QoS Device Manager is a network management application used for configuration and monitoring of Cisco IOS QoS functionality. QDM can manage traffic congestion within the Catalyst 6500 so that the performance of critical network applications is not adversely affected by the congestion.

QoS Data Export

QoS data export provides the ability to periodically export QoS statistics data using the UDP protocol. QoS statistics data for each user specified port, shared aggregate policer (or named policers) or classmap is read from hardware, processed, and optionally sent to an export destination. Users can enable or disable statistics and data export either globally, per port/shared aggregate policer, or per classmap. Microflow policers are not supported.

Field-Upgradable ROMMON

Supervisor Engine 2 with MSFC 2 and DFC ROM-monitor software images can be upgraded in the field.



Features Not Supported in Cisco IOS Software Release 12.1(8a)EX

None. All features currently supported by previous Cisco IOS Supervisor software versions are also supported in Cisco IOS Software Release 12.1(8a)EX.

Orderable Software Images

The following table lists the software versions and applicable ordering information for the Catalyst 6500 Series Supervisor Engine 1A and Catalyst 6500 Series and Cisco 7600 Supervisor Engine 2 software. Cisco IOS Software runs on the Distributed Forwarding Card (DFC) to provide Distributed Cisco Express Forwarding support. This image is bundled as part of the c6sup22 image and is not released separately.

Caution: Always back up the switch configuration file before upgrading or downgrading the switch software to avoid losing all or part of the configuration stored in NVRAM. When downgrading switch software, you will lose your configuration. Back up your configuration to a Trivial File Transfer Protocol (TFTP) server or Flash device before proceeding.

Orderable Product Number Description Image
S6S11AK2-12108EX S6S11AK2-12108EX=

Catalyst 6000 Supervisor 1/MSFC IOS Enterprise with Versatile Interface Processor (VIP), Secure Shell (SSH), and Triple Data Encryption Standard (3DES), Software Release 12.1(8a)EX

Spare

c6sup11-jk2sv-mz.121-8a.EX

S6S11AV-12108EX S6S11AV-12108EX=

Catalyst 6000 Supervisor 1/MSFC IOS Enterprise with VIP, Software Release 12.1(8a)EX

Spare

c6sup11-jsv-mz.121-8a.EX-

S6S11BV-12108EX S6S11BV-12108EX=

Catalyst 6000 Supervisor 1/MSFC IOS Desktop with VIP, Software Release 12.1(8a)EX

Spare

c6sup11-dsv-mz.121-8a.EX

S6S11DV-12108EX S6S11DV-12108EX=

Catalyst 6000 Supervisor 1/MSFC IOS IP/IPX with VIP, Software Release 12.1(8a)EX

Spare

c6sup11-dsv-mz.121-8a.EX

S6S11ZK2-12108EX S6S11ZK2-12108EX=

Catalyst 6000 Supervisor 1/MSFC IOS Service Provider with VIP SSH 3DES, Software Release 12.1(8a)EX

Spare

c6sup11-pk2sv-mz.121-8a.EX

S6S11ZV-12108EX S6S11ZV-12108EX=

Catalyst 6000 Supervisor 1/MSFC IOS Service Provider with VIP, Software Release 12.1(8a)EX

Spare

c6sup11-psv-mz.121-8a.EX

S6S12AV-12108EX S6S12AV-12108EX=

Catalyst 6000 Supervisor 1/MSFC2 IOS Enterprise with VIP, Software Release 12.1(8a)EX

Spare

c6sup12-jsv-mz.121-8a.EX

S6S12AVH-12108EX S6S12AVH-12108EX=

Catalyst 6000 Supervisor 1/MSFC2 IOS Enterprise with Firewall and VIP, Software Release 12.1(8a)EX

Spare

c6sup12-jo3sv-mz.121-8a.EX

S6S12BV-12108EX S6S12BV-12108EX=

Catalyst 6000 Supervisor 1/MSFC2 IOS Desktop with VIP, Software Release 12.1(8a)EX

Spare

c6sup12-dsv-mz.121-8a.EX

S6S12DV-12108EX S6S12DV-12108EX=

Catalyst 6000 Supervisor 1/MSFC2 IOS IP/IPX with VIP, Software Release 12.1(8a)EX

Spare

c6sup12-dsv-mz.121-8a.EX

S6S12ZV-12108EX S6S12ZV-12108EX=

Catalyst 6000 Supervisor 1/MSFC2 IOS Service Provider with VIP, Software Release 12.1(8a)EX

Spare

c6sup12-psv-mz.121-8.EX

S6S22AK2-12108EX S6S22AK2-12108EX=

Catalyst 6000 and Cisco 7600 Supervisor 2/MSFC2 IOS Enterprise with VIP SSH, Software Release 12.1(8a)EX

Spare

c6sup22-jk2sv-mz.121-8a.EX

S6S22AV-12108EX S6S22AV-12108EX=

Catalyst 6000 and Cisco 7600 Supervisor 2/MSFC2 IOS Enterprise with VIP, Software Release 12.1(8a)EX

Spare

c6sup22-jsv-mz.121-8a.EX

S6S22BV-12108E S6S22BV-12108E=

Catalyst 6000 and Cisco 7600 Supervisor 2/MSFC2 IOS Desktop with VIP, Software Release 12.1(8a)EX

Spare

c6sup22-dsv-mz.121-8a.EX

S6S22DV-12108E S6S22DV-12108E=

Catalyst 6000 and Cisco 7600 Supervisor 2/MSFC2 IOS IP/IPX with VIP, Software Release 12.1(8a)EX

Spare

c6sup22-dsv-mz.121-8a.EX

S6S22ZK2-12108E S6S22ZK2-12108E=

Catalyst 6000 and Cisco 7600 Supervisor 2/MSFC2 IOS Service Provider with VIP SSH 3DES, Software Release 12.1(8a)EX

Spare

c6sup22-pk2sv-mz.121-8a.EX

S6S22ZV-12108E S6S22ZV-12108E=

Catalyst 6000 and Cisco 7600 Supervisor 2/MSFC2 IOS Service Provider with VIP, Software Release 12.1(8a)EX

Spare

c6sup22-psv-mz.121-8a.EX

S6S22ZVH-12108E S6S22ZVH-12108E=

Catalyst 6000 and Cisco 7600 Supervisor 2/MSFC2 IOS Service Provider with Firewall and VIP, Software Release 12.1(8a)EX

Spare

c6sup22-po3sv-mz.121-8a.EX



For more detailed information concerning this software release, refer to the Cisco Catalyst 6000 Series and Cisco 7600 release notes at:

http://www.cisco.com/univercd/cc/td/doc/product/lan/cat6000/relnotes/index.htm.

Review the Cisco Catalyst 6500 Series documentation at:

http://www.cisco.com/warp/public/cc/pd/si/casi/ca6000/ and

http://www.cisco.com/univercd/cc/td/doc/product/lan/cat6000/.

Review the Cisco 7600 Internet Router documentation at:

http://www.cisco.com/warp/public/cc/pd/rt/7600osr/.