Cisco Nexus Software Release 5.0 for Cisco Nexus 7000 Series Switches
Available Languages
Download Options
PDF(139.8 KB) View with Adobe Reader on a variety of devices
Updated:February 5, 2010
Document ID:1518712112496317
PB577133
This product bulletin introduces Cisco® NX-OS Software Release 5.0 for Cisco Nexus® 7000 Series Switches and summarizes the new features it offers.
New Features
Cisco NX-OS 5.0 for the Cisco Nexus 7000 Series provides a rich and comprehensive feature set to address the high demands of mission-critical data centers. Cisco NX-OS 5.0 is also used by the Cisco MDS 9000 Series Multilayer Switches, focusing on data center features and protocols, availability, and operational considerations.
Cisco NX-OS 5.0 supports all hardware and software supported in Cisco NX-OS Software Release 4.2. In addition, Cisco NX-OS 5.0 for the Cisco Nexus 7000 Series now supports several new software features and new and enhanced optics. The following list summarizes the main software and hardware features new in this release:
Cisco NX-OS 5.0 supports all the hardware for the Cisco Nexus 7000 Series previously supported up through Cisco NX-OS 4.2. Release 5.0 adds new hardware support for 8-port 10 Gigabit Ethernet GE (XL) and 48-port 1GE (XL) line cards and 6.0-kW DC power supply and power interface unit. XL refers to the capability to support 1 million hardware routing entries and 256,000 access control list (ACL) entries. This capability requires a new XL license. Table 1 lists the new modules supported, and Table 2 lists the new optics supported.
Table 1. New Hardware Modules Supported on Cisco Nexus 7000 Series with Cisco NX-OS 5.0
Description
Part Number
Cisco Nexus 7000 Series 8-Port 10 Gigabit Ethernet XL Module (license required to enable XL feature; default is non-XL mode)
N7K-M108X2-12L
Cisco Nexus 7000 Series 48-Port Gigabit Ethernet XL Module (license required to enable XL feature; default is non-XL mode)
N7K-M148GS-11L
Cisco Nexus 7000 6.0kW DC Power Supply Module (cable included)
N7K-DC-6.0KW
Cisco Nexus 7000 DC Power Interface Unit
N7K-DC-PIU
Table 2. New Optics Supported in Cisco NX-OS 5.0
For Cisco Nexus 7000 Series 48-Port Gigabit Ethernet Module (SFP)
Part Number
• Gigabit Ethernet Small Form-Factor Pluggable (SFP), with LC connector and SX transceiver
• Gigabit Ethernet SFP, with LC connector and LX/LH transceiver
• Gigabit Ethernet SFP, with LC connector and ZX transceiver
For Cisco Nexus 7000 Series 32-Port 10Gb Ethernet Module
Part Number
• 10GBASE SFP
• SFP-10GB-ER
For Cisco Nexus 7000 Series 8-Port 10Gb Ethernet XL Module
Part Number
• 10GBASE-SR X2 transceiver module for MMF, with 850-nm wavelength and SC duplex connector
• 10GBASE-LR X2 transceiver module for SMF, with 1310-nm wavelength and SC duplex connector
• 10GBASE-LRM X2 transceiver module for MMF, with 1310-nm wavelength, SC duplex connector length, and SC duplex connector
• DWDM 10GBASE-DWDM
• X2-10GB-SR
• X2-10GB-LR
• X2-10GB-LRM
• X2-10GB-ER
• DWDM-X2-xx.xx
Software Support
Cisco NX-OS 5.0 supports all the software features previously supported on the Cisco Nexus 7000 Series up through Cisco NX-OS 4.2. Cisco NX-OS 5.0 is compatible with In Service Software Upgrade (ISSU) with a 4.x train. In addition, Cisco NX-OS 5.0 supports the new software features described in Table 3.
For more detailed information about features and ISSU, refer to the Cisco NX-OS 5.0 release notes (see "For More Information" at the end of this document).
Table 3. New Software Features in Cisco NX-OS 5.0
Software Feature
Description
Bidirectional Forwarding Detection (BFD)
• BFD provides low-overhead, short-duration detection of failures in the path between adjacent forwarding engines.
• Cisco NX-OS supports BFD (version 1) for the verification of IPv4 single-hop connectivity. Cisco NX-OS supports asynchronous mode.
• BFD is a fixed-length hello protocol, in which each end of a connection transmits packets periodically over a forwarding path. Cisco NX-OS supports BFD adaptive detection times.
• BFD works over Gigabit Ethernet, 10 Gigabit Ethernet, PortChannel interfaces and can be used with the following protocols: Border Gateway Protocol (BGP), Intermediate System-to-Intermediate System (IS-IS), Open Shortest Path First (OSPF), Enhanced Interior Gateway Routing Protocol (EIGRP), Hot-Standby Router Protocol (HSRP), Protocol Independent Multicast (PIM), and static routes.
Link Level Discovery Protocol (LLDP)
LLDP (IEEE 802.1AB) is a neighbor discovery protocol that is used for network devices to advertise information about themselves to other devices on the network.
LLDP supports a set of attributes that it uses to discover neighbor devices. LLDP-supported devices can use type-length-value (TLV) elements to receive and send information to their neighbors. Details such as configuration information, device capabilities, and device identity can be advertised using this protocol.
The following TLV elements are being supported in Cisco NX-OS:
• Port description TLV
• System name TLV
• System description TLV
• System capabilities TLV
• Management address TLV
• Chassis ID
• Port VLAN
Hot Standby Routing Protocol for IPv6 (HSRPv6)
Cisco NX-OS 5.0 supports IPv6 for HSRP. This support includes link-layer address as well as global IPv6 address support.
Port level QinQ with support for Layer 2 Protocol Tunneling
This feature adds another layer of IEEE 802.1Q tag to the 802.1Q tagged packets that enter the network. The purpose is to expand the VLAN space by tagging the tagged packets, thus producing a double-tagged frame. The expanded VLAN space allows network administrators to provide certain services, such as Internet access on specific VLANs for specific customers, yet to still provide other types of services for their other customers on other VLANs.
Private VLAN Trunk Promiscuous ports
This feature extends support for PVLANs on trunk ports.
IPv6 PMTU discovery
As in IPv4, path MTU discovery in IPv6 allows a host to dynamically discover and adjust to differences in the MTU size of every link along a given data path. In IPv6, however, fragmentation is handled by the source of a packet when the PMTU of one link along a given data path is not large enough to accommodate the size of the packets. Having IPv6 hosts handle packet fragmentation saves IPv6 router processing resources and helps IPv6 networks run more efficiently.
Object Tracking for IPv6
With this enhancement, objects tracked now include static as well as dynamic IPv6 routes and also IPv6 routing on interfaces, similar to IPv4.
Per-command authorization with TACACS with roles support
The current Cisco NX-OS code does not support any means for commands to be verified by a server outside the switch. The capability to verify users (authentication) and commands (authorization) using a TACACS+ server is now supported. A TACACS+ server can be used to perform any or all AAA services.
DHCP VRF support
In typical network deployments, multiple VPNs and VRF instances are being serviced by one single network element (such as a router) where a relay agent can exist. It may be desirable to have just one DHCP server placed in one VRF to cater to all the clients in different VRFs. This approach would enable a network administrator to conserve address space by allowing overlapping addresses. The relay agent can now support multiple clients on different VPNs, and many of these clients from different VPNs can share the same IP address.
Time Domain Reflectometer (TDR)
TDRs are used to find physical layer network problems such as cable faults. By being able to remotely diagnose a cable failure, network administrators can now identify the root cause of a problem more quickly and more effectively to provide users a more prompt response to their connectivity problems. Moreover, with cable diagnostic capabilities now embedded directly on the Cisco Nexus 7000 Series modules, it is no longer necessary to unplug cables and connect cable testers to diagnose a link fault since each line card's port can independently detect cabling problems and report them to the switch software.
IS-IS Non Stop Routing
This feature combines stateful high availability with graceful restart support for the IS-IS protocol to maintain routing sessions during switch supervisor switchover, thus maintaining zero downtime during system upgrades (ISSU) and disruptions.
Network Time Protocol (NTP) Enhancements
NTP ACLs:
• The NTP access group can be used to specify the servers and peers from which time responses are accepted. These lists are built on the ACL infrastructure of Cisco NX-OS.
NTP authentication:
• Authentication support allows the NTP client to verify that servers are known and trusted and not intruders intending accidentally or intentionally to masquerade as legitimate servers. NTP authentication uses symmetric key cryptography.
NTP logging and debugging:
• With logging enabled, significant NTP daemon events (such as synchronization to a server or a clock reset) are logged.
SGACL Log/statistics
This feature enables statistics collection for SGACLs as well as logging for SGACLs.
Route Policy Manager Enhancements
These enhancements include:
• match metric command
• match mac command
• match vlan command
Call Home enhancements
Enhancements include support for:
• Multiple SMTP server capability with Call Home
• Call Home messages for process failures on line card
• Support for HTTP proxy
• Enhancement for syslog alerts
• VRF support for HTTP transport
Secure Shell (SSH) enhancements
Enhancements include:
• Support for SSH command in boot mode
• PKI X509 certificate support for SSH
• File copy without password to SCP server
Authentication, authorization, and accounting (AAA) enhancements
• Lightweight Directory Access Protocol (LDAP) and Microsoft Active Directory support for AAA
• Support for an OTP (OneTimePassword) scheme for AAA infrastructure
• Enhancement to enable or disable fallback to local if remote authentication fails
• Added support in the SNMP MIB to get the list of logged in users
• Capability to configure test parameters at the AAA group level instead of having to set them up individually for each server in the AAA group
• Capability to disable username accounts
• Capability to enable AAA accounting on LOGFLASH for the Cisco Nexus 7000 Series
IEEE 802.1x enhancements
Enhancements include:
• Support for dot1x on PortChannels
• Enhancements related to Protected Access Credential (PAC) provisioning
Configurable maximum fabric modules per system
Cisco NX-OS reserves power for all five fabric modules in the Cisco Nexus 7000 Series. This feature allows customers to release some of the reserved power, by allowing power to the configured fabric module. Fabric modules in slots that are unsupported will be kept powered down.
Display of actual power draw for line card and fan
Support is now provided to display the actual power draw for newer line cards like the Cisco Nexus 7000 Series 48-Port Gigabit Ethernet XL and 8-Port 10 Gigabit Ethernet XL Modules.
Support is also provided to display the estimated power draw for the fan.
Fan EEM policies
For the Cisco Nexus 7000 10-Slot Switch:
• Fan table speed is capped at a lower value, and hence the maximum reserved power for the fan can be reduced.
• Fan table mappings at various speeds have changed.
• Fan shutdown policy in the 10-slot chassis has changed as follows:
• If a system fan is removed: Earlier releases shut off the other fan in 3 minutes. The new policy is to increase the speed of the other fan based on the table mapping.
• If a fabric fan is removed: Earlier releases shut off the other fan in 3 minutes. The new policy is to increase the speed of the other fan to the maximum.
• Hysteresis:
• Fan speed is controlled by temperature: If the temperature increases to T1, the fan speed is increased to cool down. If successful, the fan speed is not reduced until the temperature is down to T1 - 5°C
For the Cisco Nexus 7000 18-Slot Switch:
• Fan table speed is capped at a lower value, and hence the maximum reserved power for the fan can be reduced.
• Fan table mappings at various speeds have changed.
• Fan shutdown policy has not changed.
• Hysteresis policy is similar to that for the Cisco Nexus 7000 10-Slot Switch.
ACL logging on management interfaces
ACL log feature allows the user to monitor flows that hit specific ACLs. User can configure specific ACEs with logging option. When such an option is configured, statistics for each flow that matches the permit or deny conditions of the ACL entry are logged in software.
IPv6 on Connectivity Management Processor (CMP) interface
The following features are provided:
• IPv6 support on CMP management interface
• IPv6 configurability from startup scripts
• Telnet and SSH reachability to CMP through IPv6
• Ping6 and Traceroute6 support on CMP
Virtual Port Channel (vPC) enhancements
This enhancement allows new ports to be enabled on the vPC primary switch when the peer link is down.
MIB enhancements
IP-MIB ( RFC-2011)
IP Forwarding Table (RFC4292)
UDP MIB (RFC4113)
CISCO-SYSTEM-EXT-MIB
• cseHaRestartNotify
• cseShutDownNotify
• cseFailSwCoreNotify
• cseFailSwCoreNotifyExtended
• ciscoSwFailureNotifEnable
CISCO-ENHANCED-MEMPOOL-MIB
• ModuleInstalledMemory
• ModuleSystemHeapFree
• Dynamically load/unload MIB
CiscoConfigManMIB
• ccmHistoryRunningLastSaved
• ccmHistoryStartupLastChanged
• ccmHistoryRunningLastChanged
Ordering Information
Cisco NX-OS is available in four license levels. A rich feature set is provided with the Base license, which is bundled with the hardware at no extra cost. The Enterprise license enables incremental functions that are applicable to many enterprise deployments. The Advanced LAN Enterprise license enables next-generation functions such as virtual device contexts (VDCs) and Cisco TrustSec. In addition, two new licenses are being introduced: Scalable services to enable XL capabilities on the line cards and the Transport Services license to enable OTV functionality. The Scalable Feature license is applied on a per-chassis basis.
Table 4 summarizes the license packages.
Table 4. License Packages
Package
Content
Base package
Provides a rich feature set appropriate for most data center requirements
Enterprise package
Provides incremental functions available only with the Enterprise license:
• IP routing
• OSPFv2 and v3 (IPv4 and v6)
• IS-IS Protocol (IPv4)
• BGP (IPv4 and v6)
• EIGRP (IPv4 and v6)
• IP Multicast
• PIM: Sparse, Bidir, Any-Source Multicast (ASM), and Source-Specific Multicast (SSM) modes (IPv4 and v6)
Chassis license for XL feature modules; one per chassis
To place an order, visit the Cisco Ordering homepage. To download software, visit the Cisco Software Center. Table 5 provides ordering information.
Table 5. Ordering Information
Description
Part Number
Cisco NX-OS Enterprise LAN License
N7K-LAN1K9
Cisco NX-OS Advanced LAN License
N7K-ADV1K9
Cisco NX-OS Transport Services License
N7K-TRS1K9
Cisco Nexus 7010 Scalable Feature License
N7K-C7010-XL
Cisco Nexus 7018 Scalable Feature License
N7K-C7018-XL
Cisco NX-OS 5.0 Software for the Cisco Nexus 7000 Supervisor 1
N7KS1K9-50
Cisco NX-OS 5.0 No Payload Encryption Software (no CTS)
N7K1S1NPEK9-50
Cisco Services and Support
Cisco offers a wide range of services to help accelerate your success in deploying and optimizing Cisco Nexus 7000 Series Switches in your data center. Cisco's innovative services are delivered through a unique combination of people, processes, tools, and partners and are focused on helping you increase operational efficiency and improve your data center network. Cisco Advanced Services uses an architecture-led approach to help you align your data center infrastructure with your business goals and achieve long-term value. Cisco SMARTnet
® Service helps you resolve mission-critical problems with direct access at any time to Cisco network experts and award-winning resources. With this service, you can take advantage of the Smart Call Home service capability, which offers proactive diagnostics and real-time alerts on your Cisco Nexus 7000 Series Switches. Spanning the entire network lifecycle, Cisco Services helps protect your investment, optimize network operations, support migration, and strengthen your IT expertise. For more information about Cisco Data Center Services, visit
http://www.cisco.com/go/dcservices.
For More Information
For more information about Cisco NX-OS, visit the product homepage at
http://www.cisco.com/go/nxos or contact your local account representative.