Introduction
This document is to help customers find a stable software release for the enterprise switching platforms running Catalyst 9000 series switches. The information in this document is not meant to be exhaustive and is intended to serve as a general guide to customers especially in cases of mass deployments/upgrades. Beyond these recommendations, if customers are required to run a release to utilize newer software features or hardware, the recommendation is to select Extended Maintenance (EM) release trains wherever possible.
For customers deploying Software Defined Access, please refer to the product compatibility matrix which is available here.
For customers looking for software recommendation on Cisco Catalyst 9800 Series Wireless Controllers, please refer to this page.
Cisco IOS XE Software Support
Each Cisco IOS XE software release is classified as either a Standard Maintenance release or an Extended Maintenance release.
Standard Maintenance Release - A sustaining support lifetime of 12 months from First Customer Shipment (FCS) with scheduled rebuilds. Examples are Cisco IOS XE Software releases 16.10, 16.11, 17.1 and 17.2
Extended Maintenance Release - A sustaining support lifetime of 36 months from First Customer Shipment (FCS) with scheduled rebuilds. Examples are Cisco IOS XE Software releases 16.9, 16.12 and 17.3
Note: Every subsequent third release (for example, Cisco IOS XE Software release 16.9, 16.12 and 17.3) will be an Extended Maintenance release.
Given that Standard Maintenance releases have much shorter support lifetimes whereas Extended Maintenance releases have longer support with more scheduled rebuilds / bug fixes, it is recommended that customers stay on Extended Maintenance releases wherever possible.
Recommendations
The recommendations stated below are current as of January 2021, and these will be updated as and when appropriate.
Note: The recommendation below does not necessitate that customers with stable deployments on IOS XE Software release 16.6 and 16.9 are required to upgrade to the recommended IOS XE Software release in the table below. However as the IOS XE 16.6 & 16.9 software trains approach their end of life milestones, customers are encouraged to migrate to the 16.12 software train.
Note: If TACACS+ is being used for AAA, please take note of configuration CLI syntax change in IOS XE version 16.12.X in Security Configuration Guide. The legacy CLI tacacs-server host needs to be migrated to the new CLI tacacs server before upgrade to IOS XE version 16.12.X from an older release. This will ensure seamless tacacs operation post upgrade.
Product Family |
Product Details |
Recommended IOS-XE release |
Non Stackwise-Virtual |
Stackwise-Virtual* |
Catalyst 9200 |
C9200L-48PL-4G, C9200L-48PL-4X |
17.3.2a |
not supported |
9200L (all models) |
16.12.4 |
not supported |
C9200-24PB, C9200-48PB, C9200-24PXG, C9200-48PXG, C9200-48PL
|
17.3.2a |
not supported |
9200 (all other models) |
16.12.4 |
not supported |
Catalyst 9300 |
9300L (all models)
|
16.12.4 |
not supported |
C9300-24H, C9300-48H, C9300-24S and C9300-48S |
17.3.2a |
not supported |
9300 (all other models) |
16.12.4 |
not supported |
Catalyst 9400 |
Supervisor Engine-1, Supervisor Engine-1XL or Supervisor 1XL with 25G uplinks in any 9400 chassis |
16.12.4 |
16.12.4 |
Catalyst 9500 |
9500 high performance models - C9500-32C, C9500-32QC, C9500-48Y4C, C9500-24Y4C |
16.12.4 |
16.12.4 |
9500 (all models) |
16.12.4 |
16.12.4 |
Catalyst 9600 |
9600 switches with these line cards - 9600-LC-48TX, 9600-LC-48S |
17.3.2a |
17.3.2a |
|
9600 (all models) |
16.12.4 |
16.12.4# |
Catalyst 3650 |
3650 (all models) |
16.9.6 |
not supported |
Catalyst 3850 |
3850-12XS, 3850-24XS, 3850-48XS |
16.9.6 |
16.9.6 |
3850 (all other models) |
16.9.6 |
not supported |
# For Quad Supervisor Stackwise Virtual design on Catalyst 9600 IOS-XE version 17.3.2a is recommended
* StackWise Virtual requires Network Advantage License on Catalyst 9000 Switches
+ If you are not prepared for smart licensing, then 16.6.8 is the recommended version for Catalyst 3850 and 3650 Switches.
Engineering Special Releases
In certain cases, critical bugs are made available on Engineering Special (ES) builds. These builds are not available on CCO (cisco.com). If you are running into any issues specific to your environment which is not already fixed in existing cisco.com releases, please contact Cisco Customer Experience (CX) to explore the possibility of an Engineering Special (ES) code. Engineering Special builds are meant to be deployed for a limited time frame and customers are advised to move to the next maintenance rebuild as soon as it is available on cisco.com. Engineering special builds are fully supported by the Cisco Customer Experience (CX) and the Business Unit (BU).
Open Caveats
Identifier |
Headline |
Affected Version |
Workaround Available |
Fixed Version |
CSCvv16874 |
CAT9K: SISF Crash due to a memory leak |
16.12.4 |
Yes |
17.3.2a, 16.12.5 (upcoming) |
CSCvw63161 |
ZTP failing with error in creating downloaded_script.py |
16.12.4 |
Yes |
17.3.1, 17.3.2a, 16.12.5 (upcoming) |
Archived Caveats
Identifier |
Headline |
Affected Version |
Workaround Available |
Fixed Version |
CSCvt61769 |
ISSU upgrade: ISSU fails after stage 2, Standby SUP goes into ROMMON |
16.9.5 |
Yes |
16.9.6 |
CSCvk70181 |
Memory Leak under Session Manager Daemon (sessmgrd/smd) |
16.9.4 |
No |
16.9.5 |
CSCvq78529 |
IOSd Segmentation Fault on SGT enabled stack |
16.9.4 |
Yes |
16.9.5 |
CSCvt22238 |
C9200L/C9200 : Interface counter/MAC learning/MAC ageing does not work/ 32 prefix stuck |
16.12.1, 16.12.2, 16.12.3, 17.1.1, 17.2.1 |
Yes |
16.12.3a |
CSCvu04483 |
C9200L Interface is UP with no cable / empty interface gets err-disabled if BPDU Guard is configured |
16.12.3a, 17.1.1, 17.2.1 |
Yes |
16.12.4, 17.3.1 |
For a complete list of resolved and open caveats in any software version, refer to the release notes.
Related Information
Cisco IOS XE 16 - Release Notes - Cisco
Cisco IOS XE 17 - Release Notes - Cisco
Cisco Support and Downloads
End-of-Sale and End-of-Life Announcement for the Cisco IOS XE 16.6.x
End-of-Sale and End-of-Life Announcement for the Cisco IOS XE 16.9.x