Cisco Nexus 9000 Series NX-OS Release Notes, Release 10.1(1)

Available Languages

Download Options

  • PDF
    (1.0 MB)
    View with Adobe Reader on a variety of devices
Updated:May 7, 2021

Bias-Free Language

The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.

Available Languages

Download Options

  • PDF
    (1.0 MB)
    View with Adobe Reader on a variety of devices
Updated:May 7, 2021
 

 

Introduction

This document describes the features, issues, and exceptions of Cisco NX-OS Release 10.1(1) software for use on Cisco Nexus 9000 Series switches.

Note:       The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product.

The following table lists the changes to this document.

Date

Description

April 25, 2024

Added CSCwh50989 and CSCwe53655 to Open Issues.

July 18, 2023

Added flex link to the Enhanced Features section.

May 05, 2023

Added PTP in Unsupported Features on N9K-C92348GC section.

April 09, 2023

Added caveat CSCwe67205 in Open Issues table.

January 25, 2023

Updated the Unsupported Features on N9K-C92348GC section.

February 16, 2021

Cisco NX-OS Release 10.1(1) became available.

New and Enhanced Software Features

New Features

Feature

Description

64-bit NX-OS Image

Introduced a new 64-bit image of the Cisco NX-OS software for Cisco Nexus C9316D-GX, C93600CD-GX, C9364C-GX, Cisco Nexus N9K-X9716D-GX I/O modules, and Cisco Nexus C9504-FM-G, C9508-FM-G fabric modules.

For more information see, Cisco Nexus 9000 Series NX-OS Software Upgrade and Downgrade Guide, Release 10.1(x).

ITD Subsecond Convergence

Introduced the ability to add nodes from the same device group to a cluster.

For more information, see the Cisco Nexus 9000 Series NX-OS Intelligent Traffic Director Configuration Guide, Release 10.1(x).

Network Operations Interface (gNOI)

grpc Network Operations Interface (gNOI) defines a set of gRPC-based micro-services for executing operational commands on network devices.

For more information, see the Cisco Nexus 9000 Series NX-OS Programmability Guide, Release 10.1(x).

The enhanced features listed below are existing features introduced in earlier releases but enhanced to support new platforms in Cisco NX-OS Release 10.1(1).

Enhanced Features

Feature

Description

Telemetry

Introduced the following:

  trustpoint keyword for the Certificate Trustpoint Certificate
  Commands for Telemetry transport sessions
  A new sensor path query-condition to support ephemeral event
  Support for destination host name
  Support for Node ID
  gRPC asynchronous mode feature
  New FT event types  - receiveWindowZero, ipDf, tos, ttlMatchValue
  FT Analytics - Interface-level filtering

For more information, see the Cisco Nexus 9000 Series NX-OS Programmability Guide, Release 10.1(x).

Guest Shell 3.0

Added support for Guest Shell 3.0 based on CentOS 8 and Python 3.6. Upgraded the version of the docker on the switch.

For more information, see the Cisco Nexus 9000 Series NX-OS Programmability Guide, Release 10.1(x).

Linux Kernel Upgrade

Introduced a long lived kernel version - 4.19.x.  Also introduced Yocto 2.6 distribution for third-party binaries and libraries. This improves overall third-party software and kernel quality and contains fixes for a lot of security vulnerabilities.

For more information, see the Cisco Nexus 9000 Series NX-OS Programmability Guide, Release 10.1(x).

Client Based Certificate for gNMI

Enhanced support for gNMI client certificate authentication. This enhancement provides password-less authentication for different clients.

For more information, see the Cisco Nexus 9000 Series NX-OS Programmability Guide, Release 10.1(x).

Port-group Support for GX Switches

For N9K-C93600CD-GX: For ports 1-24, every four ports (1-4, 5-8, 9-12, and so on, referred to as a “port-group”) operate at the same speed. All the ports in a port-group operate in 10G, or 40G or 100G. Mixed speed is not supported within the same port-group. With QSA, all ports in a port-group can operate at 10G speed.

For N9K-C9364C-GX: For ports 1-64, every four ports (1-4, 5-8, 9-12, and so on, referred to as a "port-group”) operate at the same speed. Limitations for this port-group speed mismatch for N9K-C93600CD-GX are applicable for N9K-C9364C-GX too.

For N9K-C9316D-GX: Ports 1-16 support 400G/100G/40G and 10G with QSA and there are no port limitations.

For more information, see the Cisco Nexus 9000 Series NX-OS Interfaces Configuration Guide, Release 10.1(x).

Per-Interface Unicast Bandwidth Reservation

In IP Fabric for Media support has been added for configuring unicast bandwidth reservation per port. On configuring the per-port unicast BW percentage (%) reservation, the switch will check for the bandwidth to set aside for unicast purpose on both the ingress and egress directions.

For more information, see the Cisco Nexus 9000 Series NX-OS IP Fabric for Media Solution Guide, Release 10.1(x).

Multicast Consistency Checker

Added support for the following:

  IPv6 L2 Multicast Consistency Checker
  IPv6 L3 Multicast Consistency Checker
  Multicast NLB Consistency Checker
  Multicast MAC Lookup mode Consistency Checker
  Multicast NLB L3 unicast configuration Consistency Checker
  Multicast GRE Consistency Checker

For more information, see the Cisco Nexus 9000 Series NX-OS Troubleshooting Guide, Release 10.1(x).

OpenConfig Model Additions

Added support for the following:

  state containers for the OpenConfig ACL at interface-ref level
  system config containers for domain-name, login banner and motd banner models

For more information, see the Cisco Nexus 9000 Series NX-OS Programmability Guide, Release 10.1(x).

Third-party RPM Validation

Introduced a restriction on installation of unsigned or non-Cisco signed third-party RPMs, with an option to bypass the restriction.

For more information see, Cisco Nexus 9000 Series NX-OS Software Upgrade and Downgrade Guide, Release 10.1(x).

LLFC Watchdog Interval

Link Level Flow Control (LLFC) watchdog interval is triggered when an LLFC packet is seen on a Priority Flow Control (PFC)/PFC watchdog configured interface which doesn’t have LLFC configured. LLFC Watchdog Interval is now supported on Cisco Nexus 9300-FX3 platform switches.

For more information, see the Cisco Nexus 9000 Series NX-OS Quality of Service Configuration Guide, Release 10.1(x).

Logging Support for IPv6 Egress ACL

Added support for IPv6 egress ACL logs with IPv6 addresses.

For more information, see the Cisco Nexus 9000 Series NX-OS Security Configuration Guide, Release 10.1(x).

DHCP Relay with DAI

Added support for enabling DHCP Relay with DAI. This is supported on the Cisco Nexus 9200, 9300-EX, and 9300-FX, 9300-FX2,  9300-FX3, and -GX TOR platform switches.

For more information, see the Cisco Nexus 9000 Series Security Configuration Guide, Release 10.1(x).

Critical Authentication

From Cisco NX-OS Release 10.1(1), the 802.1X critical authentication on a port, accommodates 802.1X users that failed authentication when RADIUS servers were not reachable.

For more information, see the Cisco Nexus 9000 Series Security Configuration Guide, Release 10.1(x).

MACsec with QSA

Added MACsec support when QSA is enabled in Cisco Nexus N9K-C9336C-FX2, N9K-C9336C-FX2-E, and N9K-C9364C platform switches.

For more information, see the Cisco Nexus 9000 Series Security Configuration Guide, Release 10.1(x).

DSCP Wildcard Mask

Added support for creating an ACL that matches or filters traffic based on a DSCP bit mask in Cisco Nexus 9300 – EX/FX/FX2/FX3 Platform switches.

For more information, see the Cisco Nexus 9000 Series Security Configuration Guide, Release 10.1(x).

Policy-Based Routing Fast Convergence

Achieves sub-second traffic convergence in the case of failure of a next-hop PBR address.

For more information, see the Cisco Nexus 9000 Series Unicast Configuration Guide, Release 10.1(x).

Range AS Support for BGP Interface Peering

Expands BGP interface peering configuration by allowing a route map, which can contain AS lists and ranges.

For more information, see the Cisco Nexus 9000 Series Unicast Configuration Guide, Release 10.1(x).

BGP Replace ASNs in AS Path

Added support to replace specific AS numbers in the AS-path attribute with custom AS numbers, or remove the AS-path completely.

For more information, see the Cisco Nexus 9000 Series Unicast Configuration Guide, Release 10.1(x).

Suppress Link Prefixes in IS-IS

Added support to suppress or selectively advertise interface prefixes in system link-state packets (LSPs).

For more information, see the Cisco Nexus 9000 Series Unicast Configuration Guide, Release 10.1(x).

SRTE Explicit-Path Endpoint Substitution

Allows you to define an explicit path as a series of MPLS labels, like a regular explicit path, but allows a placeholder to be added in the series that represents the policy endpoint label.

For more information, see the Cisco Nexus 9000 Series NX-OS Label Switching Configuration Guide, Release 10.1(x).

SRTE over Default VRF

This feature uses the route colour that exists as an extended community attribute, to incorporate segment routing traffic engineering to achieve traffic steering benefits in your network.

For more information, see the Cisco Nexus 9000 Series NX-OS Label Switching Configuration Guide, Release 10.1(x).

FC/FCoE Switch Mode

Added FC FCoE switch mode support for Cisco Nexus N9K-C93360YC-FX2 platform switches.

For more information, see the Cisco Nexus 9000 Series NX-OS SAN Switching Configuration Guide, Release 10.1(x).

Redesign of the install deactivate CLI

Added support for options to either downgrade to the base version of RPM or to uninstall RPM.

For more information see, Cisco Nexus 9000 Series NX-OS Software Upgrade and Downgrade Guide, Release 10.1(x).

Enhanced ISSU with FC/FCoE

Added support for Enhanced ISSU on both FC/FCoE switch mode and NPV mode for Cisco Nexus N9K-C93360YC-FX2, N9K-C93180YC-FX platform switches.

For more information see, Cisco Nexus 9000 Series NX-OS Software Upgrade and Downgrade Guide, Release 10.1(x).

Standard ISSU

Added support for Standard ISSU on 9300-GX platform switches.

For more information see, Cisco Nexus 9000 Series NX-OS Software Upgrade and Downgrade Guide, Release 10.1(x).

ITD

Added support for Cisco Nexus N9K-X96136YC-R, N9K-X9636Q-R, N9K-X9636C-R, and N9K-X9636C-RX line cards.

For more information, see the Cisco Nexus 9000 Series NX-OS Intelligent Traffic Director Configuration Guide, Release 10.1(x).

Nondisruptive Addition/Removal of Node with Exclude and Include ACL

Added support for non-disruptive addition and removal of nodes with Multi Include and Exclude ACLs. This minimizes the traffic disruption, which can occur when you shut down the ITD service.

For more information, see the Cisco Nexus 9000 Series NX-OS Intelligent Traffic Director Configuration Guide, Release 10.1(x).

Ability to Change Weight without Disruption for ITD

Added support for non-disruptive addition or deletion of nodes in a ITD session with weights and change of weights in a device group. You can assign a weight to the newly added node or modifies the weight of an existing node in a ITD session.

For more information, see the Cisco Nexus 9000 Series NX-OS Intelligent Traffic Director Configuration Guide, Release 10.1(x).

ITD Fail-Action Drop on Node Failure

Fail-action for ITD enables traffic to the failed nodes to be reassigned to one or more active nodes. Once the failed node becomes active again, it resumes serving connections. If all the nodes are down, the packets are routed automatically.

Support is added now for a new drop-on-fail fail-action option for all fail actions.

For more information, see the Cisco Nexus 9000 Series NX-OS Intelligent Traffic Director Configuration Guide, Release 10.1(x).

Vagrant Sync Folder

Added support for Vagrant Sync Folder on Cisco Nexus 9300v platform. With this feature, a directory/folder on a host machine can be shared with a Cisco Nexus 9300v machine.

For more information, see the Cisco Nexus 9000v (9300v/9500v) Guide, Release 10.1(x).

vPC Fabric Peering

Added support for vPC Fabric Peering on Cisco Nexus 9300v and 9500v platforms.

For more information, see the Cisco Nexus 9000v (9300v/9500v) Guide, Release 10.1(x).

Event Log Auto Collection and Backup

Added support for the following: 

  Support for test_folder where more than one YAML file can be present. 
  Rate of collection can be regulated using a maximum number of triggers option. 
  LC core file includes the log-snapshot bundle. 

For more information, see the Cisco Nexus 9000 Series NX-OS System Management Configuration Guide, Release 10.1(x).

Multiple LLDP Neighbors per Physical Interface

Added support for multiple LLDP neighbors per physical interface for the following line cards- N9K-C93180YC-FX3S, N9K-C93108TC-FX3P, N9K-C93180YC-FX3.

For more information, see the Cisco Nexus 9000 Series NX-OS System Management Configuration Guide, Release 10.1(x).

FlashMIB SNMP Walk

Added support for up to 10000 flash files for snmpwalk request. 

For more information, see the Cisco Nexus 9000 Series NX-OS System Management Configuration Guide, Release 10.1(x).

VXLAN Header Stripping for NDB

Added support for VXLAN and IVXLAN header strip for all Cisco Nexus 9000 Series switches.

For more information, see the Cisco Nexus 9000 Series NX-OS System Management Configuration Guide, Release 10.1(x).

ITD and ePBR over VXLAN

Added support for N9K-X9716D-GX TOR and  N9K-C93180YC-FX3S platform switches.

For more information, see the Cisco Nexus 9000 Series NX-OS VXLAN Configuration Guide, Release 10.1(x).

VXLAN EVPN Loop Detection and Mitigation

Added support for Cisco Nexus 9300-FX3 and -GX platform switches.

For more information, see the Cisco Nexus 9000 Series NX-OS VXLAN Configuration Guide, Release 10.1(x).

VXLAN over Parent Interface that Carries Subinterfaces

Added support for Cisco Nexus 9300-FX3 platform switches.

For more information, see the Cisco Nexus 9000 Series NX-OS VXLAN Configuration Guide, Release 10.1(x).

VXLAN Static Tunnels

Added support for Cisco Nexus 9300-FX3 platform switches.

For more information, see the Cisco Nexus 9000 Series NX-OS VXLAN Configuration Guide, Release 10.1(x).

Selective Q-in-VNI and VXLAN VLAN on Same Port

Added support for Cisco Nexus 9300-FX3 platform switches.

For more information, see the Cisco Nexus 9000 Series NX-OS VXLAN Configuration Guide, Release 10.1(x).

Selective Q-in-VNI and Advertise PIP on a VTEP

Added support for Cisco Nexus 9300-FX3 platform switches.

For more information, see the Cisco Nexus 9000 Series NX-OS VXLAN Configuration Guide, Release 10.1(x).

VXLAN Tunnel Encryption

Secure VXLAN EVPN Multi-Site using CloudSec is supported on Cisco Nexus 9300-FX3 platform switches.

For more information, see the Cisco Nexus 9000 Series NX-OS VXLAN Configuration Guide, Release 10.1(x).

IPv4/IPv6 MIB Support

Added support for Cisco Nexus EoR platform switches with  -FX line cards.

For more information, see the Cisco Nexus 9000 Series NX-OS Interfaces Configuration Guide, Release 10.1(x).

ECMP Hashing based on GRE Inner IP Header

Added support for Cisco Nexus 9300-FX3 platform switches.

For more information, see the Cisco Nexus 9000 Series NX-OS Interfaces Configuration Guide, Release 10.1(x).

ECMP Symmetric Hashing

Added support for Cisco Nexus 9300-FX3 platform switches.

For more information, see the Cisco Nexus 9000 Series NX-OS Interfaces Configuration Guide, Release 10.1(x).

Unidirectional Ethernet (UDE)

Added support for Cisco Nexus 9000 -EX/FX/FX2/FX3/GX platform switches platforms.

For more information, see the Cisco Nexus 9000 Series NX-OS Interfaces Configuration Guide, Release 10.1(x).

vPC Fabric Peering and FEX Support

Added support for Cisco Nexus 9000-EX/FX/FX2/FX3/GX platform switches.

For more information, see the Cisco Nexus 9000 Series NX-OS VXLAN Configuration Guide, Release 10.1(x).

VXLAN EVPN with Downstream VNI

Added support for Cisco Nexus 9300-FX3 platform switches and for N9K-C9316D-GX, N9K-C93600CD-GX, and N9K-C9364C-GX TOR switches.

For more information, see the Cisco Nexus 9000 Series NX-OS VXLAN Configuration Guide, Release 10.1(x).

VXLAN PBR

Added support for N9K-C9316D-GX, N9K-C93600CD-GX, and N9K-C9364C-GX TOR switches.

For more information, see the Cisco Nexus 9000 Series NX-OS VXLAN Configuration Guide, Release 10.1(x).

IPv6 Underlay

Added support for N9K-C9316D-GX, N9K-C93600CD-GX, and N9K-C9364C-GX TOR switches.

For more information, see the Cisco Nexus 9000 Series NX-OS VXLAN Configuration Guide, Release 10.1(x).

VXLAN Flood and Learn

Added support for N9K-C9316D-GX, N9K-C93600CD-GX, and N9K-C9364C-GX TOR switches.

For more information, see the Cisco Nexus 9000 Series NX-OS VXLAN Configuration Guide, Release 10.1(x).

ePBR Exclude ACL

Added support for three action types (redirect, drop, and exclude) for each match statement under ePBR policy.

For more information, see the Cisco Nexus 9000 Series NX-OS ePBR Configuration Guide, Release 10.1(x).

Flex Link

Added support for flex link on Cisco N9K-C93180YC-FX3 platform switch.

For more information, see Cisco Nexus 9000 Series NX-OS Layer 2 Switching Configuration Guide, Release 10.1(x).

New Hardware Features

The following new hardware are introduced in Cisco NX-OS Release 10.1(1):

   N9K-X9716D-GX, a 16-port 400-Gigabit Ethernet QSFP line card for Cisco Nexus 9500 family switches.

   N9K-C9504-FM-G fabric module

   N9K-C9504-FAN2 Fan tray for Cisco Nexus 9504 Chassis

   N9K-C9508-FM-G fabric module

   N9K-C9508-FAN2 Fan tray for Cisco Nexus 9508 Chassis

   The Cisco Nexus 9336C-FX2-E switch (N9K-C9336C-FX2-E) is a 1-rack unit (RU), fixed-port switch designed for deployment in data centers.

This switch has the following ports:

o         36 40/100-Gigabit QSFP28 ports

o         Two management ports (one 10/100/1000BASE-T port and one SFP port)

o         One console port (RS-232)

o         One USB port

This switch includes the following user-replaceable components:

- Fan modules (six) with the following airflow choices:

o         Port-side exhaust fan module with blue coloring (NXA-FAN-35CFM-PE)

o         Port-side intake fan module with burgundy coloring (NXA-FAN-35CFM-PI)

- Power supply modules (two—One for operations and one for redundancy [1+1]) with the following  choices:

o         750-W port-side exhaust AC power supply with blue coloring (NXA-PAC-750W-PE)

o         750-W port-side intake AC power supply with burgundy coloring (NXA-PAC-750W-PI)

o         1100-W port-side exhaust AC power supply with blue coloring NXA-PAC-1100W-PE2

o         1100-W port-side intake AC power supply with burgundy coloring NXA-PAC-1100W-PI2

o         1100-W port-side exhaust DC power supply with blue coloring NXA-PDC-1100W-PE

o         1100-W port-side intake DC power supply with burgundy coloring NXA-PDC-1100W-PI

o         1100-W port-side exhaust HV power supply with blue coloring NXA-PHV-1100W-PE

o         1100-W port-side intake HV power supply with burgundy coloring NXA-PHV-1100W-PI

   The N9K-C93180YC-FX3 switch is a 1-rack unit (RU), fixed-port switch with:

o         48 1/10/25 Gigabit Ethernet SFP28 ports (ports 1-48)

o         6 10/25/40/50/100-Gigabit QSFP28 ports (ports 49-54)

Unsupported Hardware

Beginning with Cisco NX-OS Release 10.1(1), the following hardware are not supported.

   Third-party Switches or Whitebox

   N9K-C92304QC

   N9K-C9236C

   N9K-C92300YC-X

   N9K-C9272Q

   N9K-C92160YC-X

   N9K-C9372PX

   N9K-C9372TX

   N9K-C9332PQ

   N9K-C93120TX

   N9K-C9396PX

   N9K-C9396TX

   N9K-93180LC-EX

   N9K-C93128TX

   N9K-C9372PX-E

   N9K-C9372TX-E

   N9K-M6PQ

   N9K-M4PC-CFP2

   N9K-M12PQ

   N9K-M6PQ-E

   N9K-X9464TX

   N9K-X9408PC-CFP2 

   N9K-X9536PQ

   N9K-X9564PX

   N9K-X9564TX

   N9K-X9636PQ

   N9K-X9736PQ

   N9K-X9432PQ

   N9K-X9464PX

   N9K-X9464TX2

   N9K-C9504-FM

   N9K-C9508-FM

   N9K-C9516-FM

   N9K-C9516-FM-E

Unsupported Features on N9K-C92348GC

Beginning with Cisco NX-OS Release 10.1(1), the following features are not supported on N9K-C92348GC.

   VXLAN

   SW/HW Telemetry

   NetFlow/Analytics

   iCAM

   PTP

   NX-SDK

   DME, Device YANG, OpenConfig YANG, gRPC, NETCONF, and RESTCONF

Note:       NXAPI CLI and XML Agent (NETCONF over SSH) are supported on this platform.

Release Image

Cisco Nexus 9000 Series switches require 32-bit or 64-bit NX-OS image depending on the Cisco Nexus 9000 platforms.

Open Issues

Bug ID

Description

CSCvu05760

Headline: N9K/N3K | ATA Micron_M500IT_MT | Bootflash goes read only

Symptoms: N9K/N3K bootflash goes read only with M500IT Drive

Workarounds: Reload will correct read only condition

CSCvw70948

Headline: vPC BGW : multisite bgp-if is up for 30s after peer-link failure on vpc secondary

Symptoms: After peer-link failure on VPC secondary, the following happens:

The NVE source interface is immediately brought down

NVE is kept UP for additional 30s

The “multisite bgp-if” (dedicated loopback for multisite) is kept up for 30s (not tuneable “Source Interface hold-up-time”). This causes the traffic from DCI side to still be attracted possibly causing some deferred convergence.

Workarounds: None at this point, connectivity will be re-established after 30s

CSCvw73084

Headline: SVI Isolation in Maintenance mode does not work after a reload

Symptoms: When using maintenance mode on a Nexus  HW: 93180YC-EX running a software version of 9.2(2) with VPC isolation and VPC domain shutdown, after the reboot, the SVIs are in an 'UP' state.

Workarounds: N/A

CSCvw99262

Headline: ETHPM Lock seen with PCM/MACSEC race condition

Symptoms: ETHPM lock may be seen when doing configuration change on MACSEC enabled Po

Workarounds: Reload of the device is needed to clear the lock.

CSCvx16206

Headline: N9k/VXLAN/IR: BUM traffic dropped after ND-ISSU - MET not set (0xfffff)

Symptoms:  BUM traffic dropped for L2 VNI with IR (Ingress Replication). Traffic is dropped in source VTEP that should encapsulate traffic. There is no specific error seen in syslog.

ELAM capture will snow result as MET0 and result DROP

The command “show forwarding internal nve vlan-floodlist" shows vlans with IR MET index as "MET: 0xffffffff" as shown below.

Vlan : XXXX

Flags: None, Vlan Met: 0xc next_met 0x1d last_met 0x2

[0, 0] Peer: X.X.X.X.X  (ID: 1), MET: 0xffffffff , ENCAP_IDX: 0x3001[hwidx:3000, hwentry:1], MCIDX: 4000, port-channelYY, DCI: FALSE, DSVNI: FALSE

The command “show forwarding internal nve ir-peer" shows some MET INDEX as "-1" as shown below.

Node 0x1156fe6c: met_ptr [29], refcnt [4], met_ent [0x1156fe7c]

  peer list [count=2]

    1,19

  MET PTR: 29

  MET Entries:

 LTL: 2,  BD: 16382,  MET INDEX , SLICE: (-1, 0) (-1, 1)   MCIDX: 4099

, LTL: 3,  BD: 16382,  MET INDEX , SLICE: (-1, 0) (-1, 1)   MCIDX: 4098

Workarounds: No non-disruptive workaround - reload or disruptive upgrade will resolve the issue.

CSCvx18993

Headline: ON portfast enabled interface STP goes through BLK-LRN-FWD convergence after VPC sec turns Op. Prim

Symptoms: On portfast enabled interface, STP goes through BLK-LRN-FWD convergence after VPC secondary turns to operational primary.

Workarounds: Shut/ no shut interface bring it back without convergence wait.

CSCvx20120

Headline: Burst-detect cannot work on N9K-C93216TC-FX2, N9K-C93360YC-FX2,

N9K-C9336C-FX2-E, N9K-C93180YC-FX3

Symptoms: Burst-detect cannot work on N9K-C93216TC-FX2, N9K-C93360YC-FX2,

N9K-C9336C-FX2-E, N9K-C93180YC-FX3

Workarounds: None

CSCvx21858

Headline: N9K-X9788TC-FX: port LEDs turn on orange after switchover

Symptoms: On primary vpc, link not connected ports that belongs to vpc will turn on orange LED after switchover.

Workarounds: N/A

CSCvx23114

Headline: Breakout interface flaps on certain ports

Symptoms: Breakout interfaces may flap unexpectedly on certain ports for no apparent reason.

Workarounds: Breakout configuration is required - consider using other interfaces/ports on the switch/line card.

CSCvx23913

Headline: Clock protocol configured with NTP is not reflected in the running-config

Symptoms: When configuring the clock protocol with NTP, the configuration will not be seen under the running configuration. This problem cause automation tools (i.e. DCNM) to see discrepancy in the configuration and declare the Nexus out-of-sync

Workarounds:

  First configure the clock protocol to other than ntp (i.e. ptp)
  Configure the clock protocol ntp

CSCvx25283

Headline: msdp owned (s,g) mroute not inherite pim oif from (*,g)

Symptoms: On further checking, we found :MSDP S,G mroute (10.163.50.87/32, 239.191.81.80/32) sync'd by MSDP RP/Catalyst to RP/svcx001 does not inherit PIM OIF from (*,G) does not inherit PIM oif from (*,g). There are other groups are well which do not inherit OIFL from (*,G) Entry, whereas some groups are working fine.

Workarounds: Adding static OIF (S,G) for outgoing interface.interface Ethernet x/y  ip igmp static-oif <multicast_group> source <multicast_source_ip>

CSCvx25671

Headline: Generate syslog for Interface Inbound Discard (Buffer full) condition

Symptoms: Packet loss seen for traffic passing through the device due to "Interface Inbound Discard (Buffer full)" as below:N9508# show hardware internal errors allslot 1=======|------------------------------------------------------------------------|| Device:Sugarbowl Role:MAC Mod: 1 || Last cleared @ Wed Jan 13 12:05:22 2021| Device Statistics Category :: ERROR|------------------------------------------------------------------------|Instance:0ID Name Value Ports-- ---- ----- -----Instance:1ID Name Value Ports-- ---- ----- -----1245201 Interface Inbound Discard (Buffer full) 0000000660501648 17:0   <-----

Workarounds: For silent packet loss condition, verify "show hardware internal errors all" output for all the modules to determine if any of the counters incrementing heavily.

CSCvx26057

Headline: Unicast traffic punted to CPU due to HW ADJ pointing to global glean adj

Symptoms: Unicast traffic punted to CPU and dropped by COPP.HW adj is pointed to global glean adj after route flap or change.

Workarounds: None

CSCvx27433

Headline: Switch crashes due BMP configuration

Symptoms: Symptom: After a migration to 9.3.6, BGP crashes multiple times due to SIG 6 and triggers the HAP policy leading to a reload of the switch.

Workarounds: Disable BMP server configuration.

CSCvx03176

Headline: N9K-C9364C:100G copper link flaps continuously in MacSec mode

Symptoms: Link continues to flap when you have 100G copper cable on N9K-C9364C running macsec.
Workarounds: If macsec is needed, use fibre connection instead.

If macsec and copper connection is needed, disable auto negotiation. However, in this case, link will still not come up after ascii reload. No issue with binary reload.

CSCvx23143

Headline: N9K-C9364C: 40g copper link is not up after placing in place of QSA with macsec config

Symptoms: Link not coming up.

Workarounds: After you replace QSA with a 40G copper cable, you will need a reload to bring the link back.

CSCvx27216

Headline: EOR:Snmpbulkwalk timeouts on CISCO-PFC-EXT-MIB even with -t 10sec timeout

Symptoms: SNMP bulk walk on CISCO-PFC-EXT-MIB(iso.3.6.1.4.1.9.9.813) may timeout when attempting to poll on a fully loaded 9500 device with shorter timeouts

Workarounds: Admin down interfaces that are not being used on the platform

CSCvx29049

Headline: v1.5 apps not running and resulting in core

Symptoms:

Workarounds:

CSCvx38049

Headline: "show queuing burst-detect detail" cli getting stuck when interface or queue is not given

Symptoms: In NXOS 10.1(1) release, Python applications developed by the user and started on the switch via "nxsdk service " will fail to start, and a core file will be generated for the service.

Workarounds: If the Python application only requires use of the CliMgr module, the application may be started from bash.  There is no application level change that will impact this issue.

CSCvx37003

Headline: HMM core seen after vpc-link up , some svi are suspended

Symptoms: Some SVI (Interface vlan xx) interfaces remain in suspended state after switch reload. A crash of the hmm process is also observed. Core should be saved ideally.

Workarounds: Remove and reconfigure arp suppression on the suspended vlan/vni.

CSCvx29518

Headline: Crash is seen with process "snmpd"

Symptoms: SNMPD process crash has been observed intermittently after reload of the device

Workarounds:  There is no workaround. However, SNMPD process will be re-spawned after crash and SNMP process will work as normal.

CSCvx44024

Headline: "Telemetry Transport" in "Transmit Error" state when DUT loaded with 10.1.1 release image

Symptoms: "show telemetry transport" shows "Transmit Error" in the status column for all streaming telemetry sessions.

Workarounds:  Use addresses that are palindromes (eg 1.1.1.1 or 1.2.2.1) as source-interface in telemetry destination-profile.

CSCwe67205

Headline: Credit Loss Recovery is not triggered for FC interface with no transmit credits.

Symptom: A Fibre Channel interface that stays at 0 transmit credits is not recovered by the Credit Loss Recovery agent.

Workaround: If the interface has switchport ignore bit-errors configured, then remove it with the no switchport ignore bit-errors interface configuration command.

CSCwe53655

Headline: Revert reserved MAC blocking behavior for VRRP macs on SVIs

Symptoms: User not able to configure VRRP VMAC on SVI interfaces.

Workarounds: None.

CSCwh50989

Headline: Custom COPP causing transit traffic to be punted to the CPU on Nexus 9300-GX2

Symptoms: When custom-COPP policy contains ACL rules which match on Layer 4 destination or source port, transit traffic also hits the COPP and the packets are copied to CPU. This causes duplication of traffic as CPU also routes the copied packets to the destination.

Workarounds: Custom COPP policy using src/dst match mitigates punt for transit traffic.

Resolved Issues

Bug ID

Description

CSCva80686

Headline: Enhancement: New command 'show tech-support core'

Symptoms: This is an enhancement request for a new show command to expedite the gathering and decoding of core files.

Workarounds: Gather the following files separately.core files

CSCvi85331

Headline: Application vsh.bin on slot 28 vdc 1 SUP sap 65489 did not drop MTS_OPC_CLISH

Symptoms: After an upgrade or booting up an affected NX-OS release the following may be reported in the log just after entering a show command:`show logging log`2018 Apr  5 16:41:29 %$ VDC-1 %$ Apr  5 16:41:28 %KERN-2-SYSTEM_MSG: [ 8891.460963] Application vsh.bin on slot 28 vdc 1 SUP sap 65489 did not drop MTS_OPC_CLISH with msg_id 0x1ecfcd from sender sap 65531 in 180 sec, please contact the application owner – kernel

Workarounds: None

CSCvk45018

Headline: BFD is blocked over Unnumbered Interfaces

Symptoms: BFD would not come up over L3 interfaces if configured as unnumbered.

Workarounds: None

CSCvo90653

Headline: Graceful SPT switch-over

Symptoms: The incoming interface for an (S,G) entry is immediately set to the source RPF, with forwarding on the shortest path tree, and pruning the source off the shared tree. If there is no route for the source, this causes forwarding to stop for the source.

Workarounds: No workaround, although one could consider configuring the routers to not switch to shortest path tree.

CSCvs10216

Headline: TRM drops first multicast packet

Symptoms: In a tenant routed multicast EVPN network the first packet of a multicast stream is used to create the (S,G) and is subsequently dropped. This is regardless of whether ip routing multicast software-replicate is configured.

Workarounds: configure ip pim sg-expiry-timer high so that the (S,G) does not need to be recreated.

CSCvu01334

Headline: Unable to delete PBR under Physical Interface

Symptoms: This was on a N9K-C9336C-FX2 running 9.3(3).[+] Unable to remove the PBR configured under Physical interface.[+] Getting Following Error message when tried to remove it. switch(config)# interface ethernet 1/5switch(config-if)# no ip policy route-map rm_webcache4There are no ip policy configured on this interface          <<<switch(config-if)# end switch# sh accounting logFri Apr 17 07:03:37 2020:type=update:id=10.10.10.49@pts/0:user=test.s:cmd=configure terminal ; interface Ethernet1/5 (REDIRECT)Fri Apr 17 07:03:37 2020:type=update:id=10.10.10.49@pts/0:user=test.s:cmd=configure terminal ; interface Ethernet1/5 (SUCCESS)Fri Apr 17 07:03:49 2020:type=update:id=10.10.10.49@pts/0:user=test.s:cmd=configure terminal ; interface Ethernet1/5 ; no ip policy route-map rm_webcache4 (REDIRECT)Fri Apr 17 07:03:49 2020:type=update:id=10.10.10.49@pts/0:user=test.s:cmd=configure terminal ; interface Ethernet1/5 ; no ip policy route-map rm_webcache4 (FAILURE) Nothing shown up in logging log and nvram :switch# sh logging nvram last 202020 Apr 14 10:12:07 switch %$ VDC-1 %$ %VDC_MGR-2-VDC_ONLINE: vdc 1 has come online 2020 Apr 14 10:12:05 switch %$ VDC-1 %$ %CARDCLIENT-2-FPGA_BOOT_PRIMARY: MIFPGA booted from Primary switch# sh logging last 202020 Apr 17 06:56:08 switch %AUTHPRIV-3-SYSTEM_MSG: pam_aaa:Authentication failed from 10.10.10.49 - login2020 Apr 17 07:03:52 switch %VSHD-5-VSHD_SYSLOG_CONFIG_I: Configured from vty by test.s on 10.10.10.49@pts/02020 Apr 17 07:06:35 switch last message repeated 1 time

Workarounds: reload ascii binary reload might not help

CSCvu36528

Headline: Files are written with no read privilege for admin user

Symptoms: unable to copy files from n9k bootflash; below error message will be seen<snip>n9k1# copy bootflash:capture_00001_20200522212705.pcap ftp:Enter vrf (If no input, current vrf 'default' is considered): managementEnter hostname for the ftp server: 172.18.108.26Enter username: caloPassword: local: /bootflash/capture_00001_20200522212705.pcap: Permission denied</snip>

Workarounds: drop to bash and change the permission for the respective file

CSCvu67445

Headline: N9k switches ending with EX/FX/FX2/FX3/GX- Flood list missing member port - broadcast traffic loss

Symptoms: Broadcast may not Tx an Ethernet port for VLAN's allowed for one of the port-channel member links. ARP request or any other form of ethernet broadcast may not reach destination. This would lead to no connectivity for affected hosts. Consistency check will report failure for VLAN membership: Example: show consistency-checker membership vlan 442hecking hardware for Module 1 Unit 0No FEX interfaces to validate Consistency Check: FAILED >>> Vlan:442, Hardware state consistent for:   Ethernet1/41   Ethernet1/49   Ethernet1/50   Ethernet1/53 Vlan:442, Hardware state inconsistent for:   Ethernet1/54</snip>

Workarounds: Enter shut/no shut (flap) the affected interface. Do not use the "port-channel port load-defer" command.

CSCvu72378

Headline: Nexus 9K/3K - QDD-400-CUXM Copper Cable Init Sequence Error - EEPROM Corruption

Symptoms: A 400G interface may be stuck in Initializing state.The log may display the following message:%ETHPORT-5-IF_DOWN_INITIALIZING: Interface Ethernet1/XX is down (Initializing)The transceiver may be reported as "not supported" in the output of `show interface ethernet x/y transceiver'

Workarounds: TAC can reprogram the EEPROM

CSCvu73849

Headline: PTP corrections field (CF) received from transparent clock device not processed by N9000

Symptoms: Nexus 9000 reports and propagates high PTP corrections downstream.

Workarounds: Use all devices in BC mode.

CSCvu84315

Headline: Commit Failure after we create a checkpoint with an existing name -  N9K-C93108TC-EX

Symptoms: When we try to create a checkpoint with the same name as an existing one you can't commit config sessions until you either delete that checkpoint or create a new checkpoint.

Workarounds: Delete the old checkpoint with the same name as the new one or do any checkpoint /rollback operation

CSCvu90939

Headline: N9364 - Mgmt0 sending out signals when force admin Shut

Symptoms: When 9364C mgmt0 connects to 93108TC-FX eth port directly, the 93108TC-FX Ethernet port shows Up when remote mgmt0 of Cisco Nexus 9364C is admin down.

Workarounds: No workaround

CSCvv00706

Headline: Need to add a cli to view SFP details on N9K Mgmt0 port

Symptoms: No user friendly cli available to view if SFP is inserted or not on N9K mgmt port

Workarounds: Need to go into bash and get the info, reachout to TAC

CSCvv01406

Headline: EIGRP Neighbor flapped when adjust the time to past

Symptoms: # show clock 09:01:36.172 UTC Wed Jul 15 2020      <<<<<<<<< Time source is Hardware Calendar# clock set 05:00:00 15 july 2020     <<<<<<<< modify the time to the past cause the eigrp neighbor flappingWed Jul 15 05:00:00 UTC 2020# terminal monitor 2020 Jul 15 05:00:12 SWITCH %EIGRP-5-NBRCHANGE_DUAL:  eigrp-1 [3813] (default-base) IP-EIGRP(0) 1: Neighbor 10.x.x.x (Ethernet1/XX) is down: Interface Goodbye received2020 Jul 15 05:00:17 SWITCH %EIGRP-5-NBRCHANGE_DUAL:  eigrp-1 [3813] (default-base) IP-EIGRP(0) 1: Neighbor 10.x.x.x (Ethernet1/XX) is up: new adjacency

Workarounds: None

CSCvv09729

Headline: Cisco Nexus 92348 back pressure results in PSU fan spinning wrong direction

Symptoms: The power supply exhaust fan may spin in the wrong direction on the Cisco Nexus 92348.

Workarounds: None

CSCvv09753

Headline: BGP mass prefix withdrawal causing high CPU spikes for event_manager and policyelem

Symptoms: # sh processes cpu | exclude 0.00PID    Runtime(ms)  Invoked   uSecs  1Sec    Process-----  -----------  --------  -----  ------  -----------   52    229124253  317691941    721   1.00%  ksmd28182         1027       290   3543  31.25%  event_manager28183         1948       523   3726   8.75%  policyelem28341      1286455  10566658    121   1.50%  vman28389          263       208   1266   0.50%  confelem28466     12223331  12799864    954   0.50%  diagmgr28531       183686   9203510     19   0.50%  nginx28535       290028   5637064     51  15.75%  device_test28689          275       123   2240   0.50%  adjmgr30088       231051   4497027     51   0.50%  l2rib30269      2085655   7006841    297   0.50%  diag_port_lb30270     79629350  558705133    142   1.50%  ethpm30409          365       364   1004   5.00%  bgp30429          353       284   1245   0.50%  ospf31735    183889131  2147483647     16   1.50%  mts-sync-thrPID Runtime(ms) Invoked uSecs 1Sec Process----- ----------- -------- ----- ------ -----------11833 187091199 2147483647 17 2.00% mts-sync-thr27844 996 282 3532 30.25% event_manager27845 1928 541 3564 8.75% policyelemPID Runtime(ms) Invoked uSecs 1Sec Process----- ----------- -------- ----- ------ -----------27844 996 282 3532 34.25% event_manager27845 1928 541 3564 23.00% policyelem28048 287 921 311 2.00% confelem

Workarounds: NA

CSCvv12119

Headline: N9K EOR / N9K-SUP-A+ / Acl-mgr crash

Symptoms: Reason: Reset triggered due to HA policy of Reset   


Workarounds: N/A

CSCvv21551

Headline: Memory leak in "ascii-cfg" process due to "write-memory" command in archive config

Symptoms: There is a memory leak in the "ascii-cfg" process. It happens when customers use the archive feature with the "write-memory" command. The leak happens when entering the "copy run start" command which also triggers the archive to automatically run in parallel and backup will be performed.

Workarounds: Remove the "write-memory" command.

CSCvv21797

Headline: no vpc domain 20 removes previously configure vpc domain 10 without any warning

Symptoms: On a Nexus 9000 switch one can remove an existing vpc domain  with the wrong vpc id number.I.e examplevpc domain 10 is configured but the executed command is:no vpc domain 20this will remove domain 10 without any further warning, despite that we tried to remove domain 20 which does not exist in this example.

Workarounds: None

CSCvv22452

Headline: Cisco NX-OS HSRP stuck in "Initial" state after reload with static HSRP MAC configured

Symptoms: - For Nexus broken VLAN 2251 with static HSRP MAC is configured, after reload HSRP gets stuck in "Initial" state, but should move to next states as seen for working VLAN 2250.

Workarounds: -Shutdown/no shutdown SVI VLAN 2251 (or impacted HSRP VLAN) will move the HSRP state out of "Initial" and continue to next state eventually transitioning to Standby or Active as expected.-Temporary fix would be to use any MAC not in this range 0000.0C9F.xxxx. However, HSRP MAC range is 0000.0C9F.Fxxx which we anyway cannot configure statically for a group.

CSCvv28535

Headline: error: mkstemp failed when applying switchport host

Symptoms: error: mkstemp failed when applying switchport host to an interfaceswitch(config-if)# int e 1/6switch(config-if)# switchport hosterror: mkstemp failedThis is only happening on 9.3(5).9.3(2) and 9.3(4) are not showing this behavior and command is applied properly

Workarounds: None

CSCvv28681

Headline: Cisco Nexus 9500-R heavy RPF failure traffic congesting CPU pipeline causing IGMP drops

Symptoms: IGMP groups time out due to dropping of IGMP packets in CoPP.

Workarounds: Fixing the RPF failure causing congestion.

CSCvv29453

Headline: Line card PFM going out of sync, extraneous "Module is undergoing ISSU" in XML output

Symptoms: One, or more, line cards on a Cisco Nexus 9500 may become stuck in 'initializing' or 'powered-dn' state after switch boots up. The following messages may be reported in the log for the affected module(s):2020 Jul 28 03:46:45 %ETHPORT-5-IF_SEQ_ERROR: Error ("sequence timeout") communicating with MTS_SAP_VLAN_MGR for opcode MTS_OPC_VLAN_MGR_GET_PORT_TRUNKING_MEMBERSHIP_2 (RID_MODULE: 5)2020 Jul 28 03:47:05 %VMM-2-VMM_SERVICE_ERR: VDC1: Service SAP Ethpm SAP for slot 5 returned error 0x408c0008 (sequence timeout) in if_bind sequence

Workarounds: Power cycle/Reload the line card.

CSCvv29703

Headline: Error occured while trying to read database when recreating an object-group

Symptoms: When attempting to recreate or modify an object-group on the N9K the following error gets displayed:"Error occured while trying to read database"

Workarounds: None

CSCvv35402

Headline: Support for as-path replace under route-map for BGP as-path manipulation

Symptoms: as-path replace under route-map for BGP as-path manipulation is not supported.

Workarounds: NA

CSCvv47247

Headline: N9k with 3rd party optics link down when FEC is enabled

Symptoms: When using 3rd party Optics with FEC enables, link remains down

Workarounds: None, need to downgrade to 9.3(3) or 9.3(4)

CSCvv48289

Headline: Unable to upgrade from Cisco NX-OS 9.3(2) to 9.3(5) via install all for N9K-C92348GC-X

Symptoms: Upgrade from 9.3.2 to 9.3.5 fails via ISSU

Workarounds: NA

CSCvv49105

Headline: Control-Plane Tx will get dropped due to incorrect namespace ID

Symptoms: ICMP Tx will get dropped due to incorrect namespace ID

Workarounds:
1. Kill KIM process using kill -6 <process ID> and Delete the interface VLAN/recreate it.
2. Reload of the switch - Preferred way

CSCvv60665

Headline: ISSU ports with QSFP-100G40G-BIDI remain not connected after a flap

Symptoms: Port remains stuck in (Link not connected) after port flap or admin shut/no shut.

Workarounds: Reloading the switch clears the issue.

CSCvv61335

Headline: N9300 does not respond and register PTP delay-request received from PTP client

Symptoms: PTP client runs in uncalibrated mode.

Workarounds: N/A

CSCvv65667

Headline: MAC ACL + MAC packet classification could not let IPv6 NS/NA pass through in N9K-C93600CD-GX

Symptoms: With the configuration of MAC ACL + MAC packet classification, the port will deny IPv6 NS/NA packets. It caused the IPv6 traffic could not go through the port.Example configuration:mac access-list test  statistics per-entry  10 permit any any 0x86dd  <<<<< ethertype of IPv6 interface Ethernet2/1  switchport  mac port access-group test  mac packet-classify  no shutdown

Workarounds: None

CSCvv66928

Headline: Cannot retrieve port-channel rate statistics via SNMP

Symptoms: Customer can't get aggregated port-channel statistics via SNMP that is how this device will be deployed.

Workarounds: No workarounds.

CSCvv70929

Headline: NXOS: MFDM service crashes in mfdm_fib_process_v4_route_response

Symptoms: A Cisco Nexus datacenter switch may experience a service crash within MFDM on the supervisor due to a signal 11 / segmentation fault. In some cases, multiple crashes within MFDM may trigger a HA reset and bring the supervisor down (or cause a failover). %$ %SYSMGR-2-SERVICE_CRASHED: Service "mfdm" (PID ####) hasn't caught signal 11 (core will be saved).

Workarounds: The workaround in this case is to scale back down if a particular group is displaying large number of OIFs per source. In some cases the offending isolating the multicast group can be blocked using a RACL policy.

CSCvv75490

Headline: NFM process crashes leads to hap-reset

Symptoms: A Nexus device is seeing multiple nfm (netflow) process crashes. This results in the system getting reloaded due to a hap-reset.

Workarounds: Remove netflow if possible. Downgrading to a version bellow 9.2(4) or 9.3(1) should also stop the crash

CSCvv82134

Headline: N9K CDP EEM not working - Max Limit for CDP EEM events reached !! with single event

Symptoms: When attempting to create CDP neighbor-discovery event under EEM applet, system will throw error indicating limit is reached even if no previous events are defined and you are only configuring a single port for event:n9k(config-applet)# event neighbor-discovery interface e1/1Max Limit for CDP EEM events reached !!

Workarounds: No workarounds available.

CSCvv94794

Headline: SNMPd crash at mtrack_int_free, probably due to corrupt ptr

Symptoms: SNMPd process crashes:%SYSMGR-2-SERVICE_CRASHED: Service "snmpd" (PID 29464) hasn't caught signal 11 (core will be saved).

Workarounds: None.

CSCvv99888

Headline: Default routed pbr-statistics not counted if more than one object-group in ACL

Symptoms: Traffic that matches the default routing of a PBR will not be counted by pbr-statistics.

Workarounds: Use the command `show system internal access-list interface [interface_name] input entries detail` to display statistics for the PBR applied to the interface specified.Use only 1 object group per ACE

CSCvw06114

Headline: Post-routing flood will use L3VNI instead of user VLAN when MAC is not learnt in L2RIB/MAC table

Symptoms: when MAC gets deleted during TCN the remote VTEP flood arriving in local VTEP will get flooded in L3VNI VLAN instead of user VLAN even though routes exist in L2RIB/HMM.

Workarounds: L3VNI VLAN should never get allowed in the downstream VLAN this will prevent the un-necessary flooding.

CSCvw24004

Headline: SVI goes down as soon as access interfaces goes down and only flex link stays up

Symptoms: SVI interface can go down when corresponding VLAN is active (forwarded by) on FlexLink only.

Workarounds: In order to restore SVI state, you will need to shutdown/no shutdown it.

CSCvw34161

Headline: Deleted port-profiles appear in CLI with show port-profile name command

Symptoms: You can see deleted port-profiles with "show port-profile name ?" command

Workarounds: software downgrade to 7.x

CSCvw34566

Headline: NXOS rfc1583compatibility not consistent with IOS/XE implementation

Symptoms: NXOS by default supports rfc2328. To support inter-op with the devices which supports rfc1583 NXOS provides configuration option "rfc1583compatibility". This makes NXOS to follow rfc1583.  When NXOS devices operating in rfc1583compatibility mode it may choose a different path to ASBR compare to IOS/XE.There is no concern if "rfc1583compatibility" is not configured.

Workarounds: Use RFC2328 throughout the network instead

CSCvw41524

Headline: LACP hot-standby after exiting maintenance-mode

Symptoms: When exiting from maintenance-mode to normal-mode, a subset of port-channels on the switch may be stuck in hot-standby state.

Workarounds: Shut / no shut affected ports.

CSCvw43139

Headline: after changing VPC HIF ports to orphan, Flood traffic crossing MCT does not egress HIF

Symptoms: + HIF ports are configured as VPCs members.+ after changing the config in a certain way to be orphan ports.+ broadcast traffic are not egressing hif ports and causing disconnection.+ any broadcast traffic ingressing peer-link will not forwarded to orphan ports which were members of vpcs before

Workarounds: Reconfigure the ports.

CSCvw43442

Headline: VXLAN: MAC address learned on Fabric Layer3 interfaces

Symptoms: MAC address learnt on a L3 Fabric interface of VXLAN EVPN Border Gateway (BGW) switch.As result, MAC address may move between the L3 interface and NVE interface and eventually gets `Permanently-Frozen` on one of the leaf.

Workarounds: None. Excessive MAC move will cause software to permanently keep the MAC in frozen state. On L3 interface MAC learning shouldn't happen and MAC frozen state doesn't impact L3 forwarding

CSCvw48498

Headline: N9K - NXAPI : %SAFE_STR CONSTRAINT: strncpy_s: slen is zero, error code=401

Symptoms: Viewing following error message :  ?%SAFE_STR CONSTRAINT: strncpy_s: slen is zero, error code=401? into /var/sysmgr_nxapi/logs/error.log file

Workarounds: From bash mode, clear the content of the error.log manually by echo-ing empty string inside the file.(To get into bash mode - have the bash feature enabled and run bash to get inside)bash-4.3$ echo "" > /var/sysmgr_nxapi/logs/error.log

CSCvw49456

Headline: Nexus switch "ipfib" crash

Symptoms: A Nexus switch might experience an IPFIB crash

Workarounds: No known workaround

CSCvw50234

Headline: NX93180LC - GLC-TEs not working after upgrade to 9.3.5 (not connected) on even ports only

Symptoms: GLC-TE transceiver stays in not connected state after upgrade to 9.3.5 on even ports (i.e. eth1/20). Odd ports are working fine (i.e. eth1/19)513E-C.06-N9K-C93180LC-EX# sh int eth1/20Ethernet1/20 is down (Link not connected)513E-C.06-N9K-C93180LC-EX# sh int eth1/20 transceiver Ethernet1/20    transceiver is present    type is 1000base-T    name is CISCO    part number is SBCU-5740ARZ-CS1    revision is G3.1    serial number is AVC204822X4    nominal bitrate is 1300 MBit/sec    Link length supported for copper is 100 m    cisco id is 3    cisco extended id number is 4    cisco part number is 30-1475-01    cisco product id is GLC-TE    cisco version id is V01

Workarounds: downgrade to nxos.7.0.3.I7.X

CSCvw51632

Headline: N9K-C93180YC-FX3S: Observing PTP port flap which is connected to STU(GM)

Symptoms: In scale environment, customer is facing port flap issue and due to this their cell site operation got impacted.

Workarounds: Reduce the no.of master ports below 25 and do fine tuning of policer operation, so that policer wont discard ptp pkts.

CSCvw53323

Headline: CAP_FEATURE_MULTIHOP_BFD capability is not getting removed from the system after disabling BFD

Symptoms: Switch gives an error during downgrade if BFD feature is directly disabled, instead of removing the multihop BFD configuration. CAP_FEATURE_MULTIHOP_BFD capability is not getting removed from the system and hence causing error. Ideally all the BFD related capabilities should have been deleted when feature is disabled.

Workarounds: Following workaround can be used by customer to overcome this1.Enable BFD "feature bfd"2.Add Multhihop BFD configuration "bfd multihop interval 500 min_rx 500 multiplier 5"3.*Delete Multihop BFD configuration "no bfd multihop interval 500 min_rx 500 multiplier 5"4.Disable BFD "no feature bfd”.

CSCvw53976

Headline: Incorrect Forwarding on Hardware. VXLAN Flood & Learn. IPFIB process stuck and MTS queue build up.

Symptoms: Traffic forwarded incorrectly to other interfaces. Traffic that should be punted to CPU is getting VXLAN encapsulated. show forwarding commands do not work. show tech l3 forwarding generates no output. show ip mroute for underlay mcast shows pending routes. Messages stuck on queue for ipfib.

Workarounds: Passive-interface for SVIs shared between spines to avoid creating an IGP adjacency between SPINES over VXLAN and reload if mts suck in queue.

CSCvw56696

Headline: NXOS: VLAN Manager crashes with VLAN mapping configuration change

Symptoms: The VLAN Manager (vlan_mgr) service reports a crash and a core file is saved.

Workarounds: None

CSCvw59799

Headline: Hairpin of L2 multicast NLB KA frames on the same interface it was received

Symptoms: NLB KA packets, received on a VPC Po are hair-pining and exiting the same interface they were received on.

Workarounds: - Disable IGMP snooping

CSCvw60409

Headline: HSRP vmac is not cleared and remains as static entry after shutting down SVI.

Symptoms: On N9k switch running HSRP, when SVI is shut down on active HSRP switch, HSRP vmac is not cleared and remains as static entry. This may cause traffic disruption.

Workarounds: remove HSRP configurations from SVI then shut down SVI. switch(config-if)# no hsrp 1 ipv4switch(config-if)# no hsrp 1 ipv6

CSCvw60736

Headline: N9K-C9348GC link up delay after reloaded

Symptoms: After vPC peer reloaded, vPC member port linkup delay than the other end, which lead to packet loss when using channel group mode on.

Workarounds: none

CSCvw65224

Headline: N9K-PAC-650W for N9k reporting Fail/Shut status

Symptoms: The below Syslog will be seen on the switch: %KERN-3-SYSTEM_MSG: [6960403.222450] cctrlib_tor2_get_psu_env_info.557: PSU 1 failed to read CCTRL_PSU_READ_VIN (3 =>2.58.88.2) - kernelSyslog can be seen also for PSU 0 slot. The output of show environment will be as follows with either one or both of the PSUs showing the fail/shut state:# sh env powerPower Supply:Voltage: 12 VoltsPower                      Actual             Actual        TotalSupply    Model            Output             Input      Capacity       Status                           (Watts )           (Watts )     (Watts )-------  ----------  ---------------  ------  ----------  --------------------1        N9K-PAC-650W            0 W                0 W         0 W   Fail/Shut2        N9K-PAC-650W            0 W                0 W         0 W   Fail/Shut

Workarounds: None

CSCvw66557

Headline: EOR - default v6 route not correctly programmed in hw with template-service-provider

Symptoms: Traffic that hitting default v6 route is forwarded in software. This can cause packet drop for traffic using v6 default route due to sw switching and CoPP

Workarounds: If using IPv6 static route:* Add and remove static route after device reload. If using IPv6 dynamic route:* Add a more specific IPv6 route for the affected prefix(es)

CSCvw66611

Headline: N9k: Incrementing IntMacRx-Er Errors

Symptoms: IntMacRx-Er errors are being incremented on the N9k interfaces when receiving frames with the actual number of bytes in the payload not being equal to the value in their Ethernet Length field.

Workarounds:

CSCvw66700

Headline: N3600/N9500-R does not send arp request for glean vxlan encapsulated IP traffic

Symptoms: Missing ARP entry for connected NSX vtep.

Workarounds: Use ping from nxos switch towards connected NSX host to resolve its ARP.

CSCvw68897

Headline: segmentation fault on call home service turn on after enabling smart license

Symptoms: + Below logs2020 Dec  2 19:42:14 R3-USFWT-05-LF1 %LICMGR-5-LOG_SMART_LIC_EVAL_START: (pid=2294) Entering evaluation period2020 Dec  2 19:42:16 R3-USFWT-05-LF1 last message repeated 1 time2020 Dec  2 19:42:16 R3-USFWT-05-LF1 %SYSMGR-2-SERVICE_CRASHED: Service "licmgr" (PID 2294) hasn't caught signal 11 (core will be saved).2020 Dec  2 19:42:16 R3-USFWT-05-LF1 %CALLHOME-2-EVENT: SW_CRASH2020 Dec  2 19:42:16 R3-USFWT-05-LF1 %LICMGR-5-LOG_SMART_LIC_EVAL_START: (pid=26014) Entering evaluation period2020 Dec  2 19:42:17 R3-USFWT-05-LF1 last message repeated 1 time2020 Dec  2 19:42:17 R3-USFWT-05-LF1 %LICMGR-5-LOG_SMART_LIC_COMM_RESTORED: (pid=26014) Communications with the Cisco Smart Software Manager or satellite restored2020 Dec  2 19:43:36 R3-USFWT-05-LF1 %SYSMGR-2-SERVICE_CRASHED: Service "licmgr" (PID 26014) hasn't caught signal 6 (core will be saved).2020 Dec  2 19:43:37 R3-USFWT-05-LF1 %LICMGR-5-LOG_SMART_LIC_EVAL_START: (pid=6479) Entering evaluation period2020 Dec  2 19:43:38 R3-USFWT-05-LF1 last message repeated 1 time2020 Dec  2 19:43:38 R3-USFWT-05-LF1 %LICMGR-5-LOG_SMART_LIC_COMM_RESTORED: (pid=6479) Communications with the Cisco Smart Software Manager or satellite restored2020 Dec  2 19:43:44 R3-USFWT-05-LF1 %VSHD-5-VSHD_SYSLOG_CONFIG_I: Configured from vty by <user> on <ip>@pts/42020 Dec  2 19:44:47 R3-USFWT-05-LF1 %UFDM-3-FIB_IPv4_ADJ_CONSISTENCY_CHECKER_PASS: FIB IPv4 adjacency consistency checker PASSED on slot 12020 Dec  2 19:44:47 R3-USFWT-05-LF1 %UFDM-3-FIB_IPv4_ROUTE_CONSISTENCY_CHECKER_PASS: FIB IPv4 route consistency checker PASSED on slot 12020 Dec  2 19:45:16 R3-USFWT-05-LF1 %CALLHOME-2-EVENT: SW_CRASH licmgr in slot 1 crashed with crash type : stateful crash2020 Dec  2 20:24:48 R3-USFWT-05-LF1 %VSHD-5-VSHD_SYSLOG_CONFIG_I: Configured from vty by A1264370-3 on <ip>@pts/42020 Dec  2 20:28:32 R3-USFWT-05-LF1 %LICMGR-3-LOG_SMART_LIC_AGENT_REG_FAILED: (pid=6479) Smart Agent for Licensing Registration with the Cisco Smart Software Manager or satellite failed: Response error: The product '<id>' and sudi { udi_pid: nil+licmgr cores generated show coreVDC  Module  Instance  Process-name     PID       Date(Year-Month-Day Time)---  ------  --------  ---------------  --------  -------------------------1    1       1         licmgr           2294      2020-12-02 19:42:431    1       1         licmgr           26014     2020-12-02 19:43:54

Workarounds: None

CSCvw69648

Headline: 'vpc orphan-port suspend' configuration can't be removed on interfaces associated to vPC PO

Symptoms: 'vpc orphan-port suspend' configuration can't be removed on interfaces associated to vPC port-channel.

Workarounds:
1) the physical interface needs to be removed from the vPC PO
2)  the "vpc orphan-port suspend" command can now be removed from the physical interface
3) Re-add the physical interface to the vPC PO

CSCvw73129

Headline: N9k switches ending with EX/FX/FX2/FX3/GX / ASICs ELAM - Unknown Unicast brief report doesn't indicate L2 miss

Symptoms: ELAM outgoing interface may print an index giving an impression of unicast forwarding while traffic is L2 flood

Workarounds: Refer to ELAM full report for FLOOD|MISS bit set:report detail | egrep "FLOOD|MISS"

CSCvw73676

Headline: Nexus 9K - Unable To Boot NXOS Version 9.x From USB

Symptoms: + On Nexus 9K, when attempting to boot NXOS version 9.x from USB via the loader prompt you may see the output below, followed by getting kicked back to the loader prompt.================================================Bootable Disk is detected. Device Name: Micron_1100_MTFDDAV256TBNVersion 2.18.1260. Copyright (C) 2020 American Megatrends, Inc.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   FPGA SPI Flash Micron(Numonyx) N25Q128Board type  4IOFPGA @ 0xd8000000SLOT_ID @ 0xfSet fan speed to 60% Filesystem type is ext2fs, partition type 0x83ACI chassisTrying to read config file /boot/grub/menu.lst.local from (hd0,0) Filesystem type is fat, partition type 0xcTrying to read config file /boot/grub/menu.lst.local from (hd1,4) Filesystem type is ext2fs, partition type 0x83Trying to read config file /boot/grub/menu.lst.local from (hd1,5) Filesystem type is ext2fs, partition type 0x83Auto boot configuration file is absent.Autoboot image boot failed. Trying recovery imageTrying to read config file /boot/grub/menu.lst.recovery from (hd1,4) Filesystem type is ext2fs, partition type 0x83Trying to read config file /boot/grub/menu.lst.recovery from (hd1,5) Filesystem type is ext2fs, partition type 0x83Auto boot configuration file is absent.No autoboot or failed autoboot. falling to loader================================================

Workarounds:
1. Have 7.x and 9.x NXOS versions on USB
2. In loader, boot 7.x version from USB
3. Once successfully booted in 7.x, copy the 9.x image file from USB to bootflash via the "copy" command
4. Modify the boot statements from the 7.x image to the 9.x image using the "boot" command
5. Reload the switch to boot to the 9.x image

CSCvw76165

Headline: N9500:other end port of mgmt port with shutdown force is up

Symptoms: Other end port of mgmt port on N9500 SUP is up even though shutdown force is configured on mgmt port.

Workarounds: Remove "shutdwon force" and configure "shutdown force" again on mgmt 0

CSCvw76953

Headline: ip routing multicast holddown 0 does not propagate in running config

Symptoms: When trying to configure "ip routing multicast holddown 0" command, it does not propagate to running config.

Workarounds: It looks like problem is happening only for fresh configuration. Remove/Re-apply of the 'ip routing multicast holddown 0' should solve the problem.

CSCvw78632

Headline: N9K-C93180YC-FX3S: Wrong delivery order and incorrect Timestamp(T1) carried by Follow-up pkt

Symptoms: TOR switch( BC)  port that the T1 timestamps carried in Follow-up pkts  towards O-DU  are behind in time w.r.t the Delay Response packets which are received before Follow-up pkt. Because of this the end offset computed by ptp4l servo goes high and this is screwing up the time and impacting the cell operations/sectors on O-DU.

Workarounds: No workaround, Dev is debugging the issue.

CSCvw80210

Headline: On N9K-C9332C - 100G macsec links stop forwarding traffic

Symptoms: On N9K-C9332C - 100G macsec links stop forwarding traffic after some time (depending on the traffic rate)which results in LACP suspend and connectivity loss

Workarounds:
1) Configure XPN Cipher-suite instead of non-xpnWorkaound
2) Configure "sak-rekey-time 300" under macsec security policy

CSCvw81106

Headline: STOMP generated on 9300-FX2 when using 1G xcvr

Symptoms: In a VxLAN fabric with -FX2 devices as leaf, packets over 740 bytes are not correctly forwarded over the fabric.

Workarounds: Use 10G xcvr in between Leaf and Spine

CSCvw83503

Headline: Nexus 9000 forwards ARP traffic received on suspended interface, causing Layer 2 loop

Symptoms: A Nexus 9000 switch running NX-OS software release 9.3(6) may begin forwarding ARP traffic received on a physical interface that is configured to be a member of an LACP port-channel, even though the physical interface is suspended from the port-channel for not receiving LACPDUs.

Workarounds:
1. Administratively shut down the suspended port-channel member.
2. Reconfigure the remote network device such that the remote network device's interface sends LACPDUs as expected. This will bring the suspended port-channel member out of a suspended state.

CSCvw84453

Headline: src_mac is 00:00:00:00:00:00 after PBR routing after rebooting of one Nexus in VPC pair

Symptoms: src_mac is 00:00:00:00:00:00 after PBR routing after rebooting of one Nexus in VPC pair

Workarounds:
1. Link shutdown/no shutdown
2.Delete/create static MAC

CSCvw86078

Headline: N9k switches ending with EX/FX/FX2/FX3/GX - DHCP Binding lease will not refresh

Symptoms: If have approximate 2000 dhcp snooping entries in N9K after reloading the dhcp snooping binding will not refresh.

Workarounds: Remove DHCP binding and re-configure

CSCvw92365

Headline: Next Hop v6 Filter does not work properly on the show ip route output.

Symptoms: show ip route next-hop-v6 X:X:X:X not only shows ipv6 next-hop routes but also ipv4 routes.

 
Workarounds: NA

CSCvw92732

Headline: Vfc interface mode can't be set to E

Symptoms: VFC interface port mode config is not configurable as E. This is the expected behaviour. Currently, there is no support for PORT mode E for vfc links.

Workarounds: There is no workaround. This is expected behaviour.

CSCvw94313

Headline: N9k: port-security does not effect on the VPC port-channel

Symptoms: N9k: Port-security does not effect on the VPC port-channel. Violated traffic can pass though

Workarounds: NA

CSCvx01231

Headline: Enh: Add more debug capability for N9K EOR PSU flap

Symptoms: N9K EOR PSU went down and came up in 1-2 sec.Randomly happens 1 flap in months or a year.

Workarounds: None

CSCvx02717

Headline: After upgrade 9.x  N9k cannot be downgraded via install all

Symptoms: Upgrade from 9.3(3) to 9.3(6) then when testing downgrade back via "install all" there are incompatibilities that prevent the downgrade:N9K-C9336-FX2-Z-PI

Workarounds: Write erase, reload, then downgrade of the N9k via "install all"

CSCvx04061

Headline: Incorrect NIV programming after changing from VPC HIF to orphan port

Symptoms: Traffic traversing vPC peer-link in communication with orphan host connected behind single homed FEX is dropped.ELAM report will show the following drop reason: UC_DF_CHECK_FAIILURE

Workarounds: None

CSCvx07013

Headline: no negotiate auto command missing after upgrade to 7.0(3)I7(9)

Symptoms: When upgrading from 7.0(3)I7(6) to 7.0(3)I7(9), the command "no negotiate auto" is missing from the interfaces:version 7.0(3)I7(6) Bios:version 08.36 interface Ethernet1/2  switchport  speed 1000  no negotiate auto  no shutdownBRU-N9K5-7# show run int eth2/1!Command: show running-config interface Ethernet2/1!No configuration change since last restart!Time: Mon Nov 30 00:46:00 2020version 7.0(3)I7(9) Bios:version 08.36 interface Ethernet2/1  switchport  speed 1000  no shutdownThis caused the interfaces in customer setup to go down and we have to manually configure "no negotiate auto" under the interface configuration to recover.

Workarounds: We have to manually configure "no negotiate auto" under the interface configuration to recover.

CSCvx09137

Headline: Nexus 9K Linecard Memory Leak in /tmp/logs/l2mcast_lib.log

Symptoms: A Nexus 9k switch running NX-OS 9.3(6) may begin printing the below logs indicating one of the linecards has high memory usage in a tmp directory:  %SYSMGR-SLOTX-2-TMP_DIR_FULL: System temporary directory usage is unexpectedly high at 100%.In addition, if you attach into the impacted linecard and run "show system internal flash", the "aufs" filesystem will be fully used:  SWITCH# attach module x  module-x# show system internal flash  <snip>  aufs             2097152 2097152         0 100% /lcFinally, when checking the filesystem more thoroughly via the bash shell, a file at "/tmp/logs/l2mcast_lib.log" will be growing abnormally large (replace "x" in "login lcx"  with the slot number of the impacted linecard):  SWITCH# conf t  SWITCH(config)# feature bash  SWITCH(config)# exit   SWITCH# run bash  bash-4.2$ sudo bash  bash-4.2# rlogin lcx  root@lcx:/# ls -la /tmp/logs  total 15400  drwxr-xr-x 2 root floppy       60 Jan  1 12:22 .  drwxrwxrwx 3 root floppy      600 Jan  1 15:22 ..  -rw-rw-rw- 1 root root   15766000 Jan  1 15:44 l2mcast_lib.log <=====

Workarounds: The offending file can be periodically deleted, eg: every 24 hours, via a very basic shell script (replace the "x" in "lcx" with the slot number of the impacted linecard):conf t  feature bashexitrun bash  rlogin lcx  while [ True ]; do echo "Deleting l2mcast_lib.log..."; rm /tmp/logs/l2mcast_lib.log; sleep 86400; done &  exit exit

CSCvx19094

Headline: 36180 may experience system power loss during ATS switchover

Symptoms: On 36180, during ATS switchover, the system may reload during the momentarily loss of power as ATS is finishing the switch.

Workarounds: None (issue is only seen during ATS switch)

Known Issues

Bug ID

Description

CSCvi73973

Error message is seen rarely when a huge file (greater than 1GB) is copied to the USB first time after reload.

There is no functional impact to the copy command itself.

CSCvj74453

If you enable and disable a feature using a script in one VSH terminal session and execute those feature related commands in another terminal session, the behavior is unpredictable. Configuring and deleting the same parser chain in multiple VSH sessions is not supported. You must refrain from entering feature specific show CLI commands from a different VSH session when the same feature is being disabled in another terminal session.

Doing so might even result in a VSH crash. There is no functional impact or SSO or reload due to this crash.

CSCvp19886

During re-key when conf_offset for a macsec policy is updated dynamically, packet drop for ~100ms is observed. This is a known hardware limitation.

CSCvx05248

When running debug tool, ethanalzyer autostop duration does not work and does not automatically stop the packet capture. This is an expected behavior.

N/A

LXC ISSU will not be supported for N9K-C92348GC switch.

Device Hardware

The following tables list the Cisco Nexus 9000 Series hardware that Cisco NX-OS Release 10.1(1) supports. For additional information about the supported hardware, see the Hardware Installation Guide for your Cisco Nexus 9000 Series device.

Table 1.      Cisco Nexus 9500 Switches. 29

Table 2.      Cisco Nexus 9500 Cloud Scale Line Cards. 29

Table 3.      Cisco Nexus 9500 R-Series Line Cards. 30

Table 4.      Cisco Nexus 9500 Cloud Scale Fabric Modules. 30

Table 5.      Cisco Nexus 9500 R-Series Fabric Modules. 31

Table 6.      Cisco Nexus 9500 Supervisor Modules. 31

Table 7.      Cisco Nexus 9500 System Controller 31

Table 8.      Cisco Nexus 9500 Fans and Fan Trays. 31

Table 9.      Cisco Nexus 9500 Fabric Module Blanks with Power Connector 31

Table 10.    Cisco Nexus 9500 Power Supplies. 32

Table 11.    Cisco Nexus 9200 and 9300 Switches. 32

Table 12.    Cisco Nexus 9200 and 9300 Fans and Fan Trays. 33

Table 13.    Cisco Nexus 9200 and 9300 Power Supplies. 34

Table 14.    Cisco Nexus 9500 Cloud Scale Line Cards. 37

Table 15.    Cisco Nexus 9500 R-Series Line Cards. 37

 

Table 1.                 Cisco Nexus 9500 Switches

Product ID

Description

N9K-C9504

7.1-RU modular switch with slots for up to 4 line cards in addition to two supervisors, 2 system controllers, 3 to 6 fabric modules, 3 fan trays, and up to 4 power supplies.

N9K-C9508

13-RU modular switch with slots for up to 8 line cards in addition to two supervisors, 2 system controllers, 3 to 6 fabric modules, 3 fan trays, and up to 8 power supplies.

N9K-C9516

21-RU modular switch with slots for up to 16 line cards in addition to two supervisors, 2 system controllers, 3 to 6 fabric modules, 3 fan trays, and up to 10 power supplies.

Table 2.                 Cisco Nexus 9500 Cloud Scale Line Cards

Product ID

Description

Maximum Quantity

Cisco Nexus
9504

Cisco Nexus
9508

Cisco Nexus
9516

N9K-X9716D-GX

Cisco Nexus 9500 16-port 400-Gigabit Ethernet QSFP line card

4

8

N/A

N9K-X9736C-FX

Cisco Nexus 9500 36-port 40/100 Gigabit Ethernet QSFP28 line card

4

8

16

N9K-X9788TC-FX

Cisco Nexus 9500 48-port 1/10-G BASE-T Ethernet and 4-port 40/100 Gigabit Ethernet QSFP28 line card

4

8

16

N9K-X97160YC-EX

Cisco Nexus 9500 48-port 10/25-Gigabit Ethernet SFP28 and 4-port 40/100 Gigabit Ethernet QSFP28 line card

4

8

16

N9K-X9732C-FX

Cisco Nexus 9500 32-port 40/100 Gigabit Ethernet QSFP28 line card

4

8

16

N9K-X9732C-EX

Cisco Nexus 9500 32-port 40/100 Gigabit Ethernet QSFP28 line card

4

8

16

N9K-X9736C-EX

Cisco Nexus 9500 36-port 40/100 Gigabit Ethernet QSFP28 line card

4

8

16

Table 3.                 Cisco Nexus 9500 R-Series Line Cards

Product ID

Description

Maximum Quantity

Cisco Nexus 9504

Cisco Nexus 9508

N9K-X9636C-R

Cisco Nexus 9500 36-port 40/100 Gigabit Ethernet QSFP28 line card

4

8

N9K-X9636C-RX

Cisco Nexus 9500 36-port 40/100 Gigabit Ethernet QSFP28 line card

4

8

N9K-X9636Q-R

Cisco Nexus 9500 36-port 40 Gigabit Ethernet QSFP line card

4

8

N9K-X96136YC-R

Cisco Nexus 9500 16-port 1/10 Gigabit, 32-port 10/25 Gigabit, and 4-port 40/100 Gigabit Ethernet line card

4

8

Table 4.                 Cisco Nexus 9500 Cloud Scale Fabric Modules

Product ID

Description

Minimum

Maximum

N9K-C9504-FM-E

Cisco Nexus 9504 100-Gigabit cloud scale fabric module

4

5

N9K-C9504-FM-G

Cisco Nexus 9500 4-slot 1.6Tbps cloud scale fabric module

4

5

N9K-C9508-FM-E

Cisco Nexus 9508 100-Gigabit cloud scale fabric module

4

5

N9K-C9508-FM-E2

Cisco Nexus 9508 100-Gigabit cloud scale fabric module

4

5

N9K-C9508-FM-G

Cisco Nexus 9500 8-slot 1.6Tbps cloud-scale fabric module

4

5

N9K-C9516-FM-E2

Cisco Nexus 9516 100-Gigabit cloud scale fabric module

4

5

Table 5.                 Cisco Nexus 9500 R-Series Fabric Modules

Product ID

Description

Minimum

Maximum

N9K-C9504-FM-R

Cisco Nexus 9504 100-Gigabit R-Series fabric module

4

6

N9K-C9508-FM-R

Cisco Nexus 9508 100-Gigabit R-Series fabric module

4

6

Table 6.                 Cisco Nexus 9500 Supervisor Modules

Supervisor

Description

Quantity

N9K-SUP-A

1.8-GHz supervisor module with 4 cores, 4 threads, and 16 GB of memory

2

N9K-SUP-A+

1.8-GHz supervisor module with 4 cores, 8 threads, and 16 GB of memory

2

N9K-SUP-B

2.2-GHz supervisor module with 6 cores, 12 threads, and 24 GB of memory

2

N9K-SUP-B+

1.9-GHz supervisor module with 6 cores, 12 threads, and 32 GB of memory

2

Note:       N9K-SUP-A and N9K-SUP-A+ are not supported on Cisco Nexus 9504 and 9508 switches with -R line cards.

Table 7.                 Cisco Nexus 9500 System Controller

Product ID 

Description

Quantity

N9K-SC-A

Cisco Nexus 9500 Platform System Controller Module

2

Table 8.                 Cisco Nexus 9500 Fans and Fan Trays

Product ID

Description

Quantity

 N9K-C9504-FAN

Fan tray for 4-slot modular chassis

3

N9K-C9504-FAN2

Fan tray that supports the Cisco N9K-C9504-FM-G fabric module

3

N9K-C9508-FAN

Fan tray for 8-slot modular chassis

3

N9K-C9508-FAN2

Fan tray that supports the Cisco N9K-C9508-FM-G fabric module

3

N9K-C9516-FAN

Fan tray for 16-slot modular chassis

3

Table 9.                 Cisco Nexus 9500 Fabric Module Blanks with Power Connector

Product ID

Description

Minimum

Maximum

N9K-C9504-FAN-PWR

Nexus 9500 4-slot chassis 400G cloud scale fan tray power connector

1

2

N9K-C9508-FAN-PWR

Nexus 9500 4-slot chassis 400G cloud scale fan tray power connector

1

2

Table 10.             Cisco Nexus 9500 Power Supplies

Product ID

Description

Quantity

Cisco Nexus Switches

N9K-PAC-3000W-B

3 KW AC power supply

Up to 4
Up to 8
Up to 10

Cisco Nexus 9504
Cisco Nexus 9508
Cisco Nexus 9516

N9K-PDC-3000W-B

3 KW DC power supply

Up to 4
Up to 8
Up to 10

Cisco Nexus 9504
Cisco Nexus 9508
Cisco Nexus 9516

N9K-PUV-3000W-B

3 KW Universal AC/DC power supply

Up to 4
Up to 8
Up to 10

Cisco Nexus 9504
Cisco Nexus 9508
Cisco Nexus 9516

N9K-PUV2-3000W-B

3.15-KW Dual Input Universal AC/DC Power Supply

Up to 4
Up to 8
Up to 10

Cisco Nexus 9504
Cisco Nexus 9508
Cisco Nexus 9516

Table 11.             Cisco Nexus 9200 and 9300 Switches

Cisco Nexus Switch

Description

N9K-C9316D-GX

1-RU switch with 16x400/100/40-Gbps ports.

N9K-C9364C-GX

2-RU fixed-port switch with 64 100-Gigabit SFP28 ports.

N9K-C93600CD-GX

1-RU fixed-port switch with 28 10/40/100-Gigabit QSFP28 ports (ports 1-28), 8 10/40/100/400-Gigabit QSFP-DD ports (ports 29-36)

N9K-C9364C

2-RU Top-of-Rack switch with 64 40-/100-Gigabit QSFP28 ports and 2 1-/10-Gigabit SFP+ ports.

- Ports 1 to 64 support 40/100-Gigabit speeds.

 - Ports 49 to 64 support MACsec encryption.

Ports 65 and 66 support 1/10 Gigabit speeds.

N9K-C9332C

1-RU fixed switch with 32 40/100-Gigabit QSFP28 ports and 2 fixed 1/10-Gigabit SFP+ ports.

N9K-C93180YC-FX3

48 1/10/25 Gigabit Ethernet SFP28 ports (ports 1-48)

6 10/25/40/50/100-Gigabit QSFP28 ports (ports 49-54)

N9K-C93180YC-FX3S

48 1/10/25 Gigabit Ethernet SFP28 ports (ports 1-48)

6 10/25/40/50/100-Gigabit QSFP28 ports (ports 49-54)

N9K-C9336C-FX2-E

1- RU switch with 36 40-/100-Gb QSFP28 ports

N9K-C9336C-FX2

1-RU switch with 36 40-/100-Gb Ethernet QSFP28 ports

N9K-C93360YC-FX2

2-RU switch with 96 10-/25-Gigabit SFP28 ports and 12 40/100-Gigabit QSFP28 ports

N9K-C93240YC-FX2

1.2-RU Top-of-Rack switch with 48 10-/25-Gigabit SFP28 fiber ports and 12 40-/100-Gigabit Ethernet QSFP28 ports.

N9K-C93216TC-FX2

2-RU switch with 96 100M/1G/10G RJ45 ports, 12 40/100-Gigabit QSFP28 ports, 2 management ports (one RJ-45 and one SFP port), 1 console, port, and 1 USB port.

N9K-C93180YC-FX

1-RU Top-of-Rack switch with 10-/25-/32-Gigabit Ethernet/FC ports and 6 40-/100-Gigabit QSFP28 ports. You can configure the 48 ports as 1/10/25-Gigabit Ethernet ports or as FCoE ports or as 8-/16-/32-Gigabit Fibre Channel ports.

N9K-C93180YC-FX-24

1-RU 24 1/10/25-Gigabit Ethernet SFP28 front panel ports and 6 fixed 40/100-Gigabit Ethernet QSFP28 spine-facing ports. The SFP28 ports support 1-, 10-, and 25-Gigabit Ethernet connections and 8-, 16-, and 32-Gigabit Fibre Channel connections.

N9K-C93108TC-FX

1-RU Top-of-Rack switch with 48 100M/1/10GBASE-T (copper) ports and 6 40-/100-Gigabit QSFP28 ports

N9K-C93108TC-FX-24

1-RU 24 1/10GBASE-T (copper) front panel ports and 6 fixed 40/100-Gigabit Ethernet QSFP28 spine-facing ports.

N9K-C93108TC-FX3P

1-RU fixed-port switch with 48 100M/1/2.5/5/10GBASE-T ports and 6 40-/100-Gigabit QSFP28 ports

N9K-C9348GC-FXP

Nexus 9300 with 48p 100M/1 G, 4p 10/25 G SFP+ and 2p 100 G QSFP

N9K-C92348GC-X

The Cisco Nexus 92348GC-X switch (N9K-C92348GC-X) is a 1RU switch that supports 696 Gbps of bandwidth and over 250 mpps. The 1GBASE-T downlink ports on the 92348GC-X can be configured to work as 100-Mbps, 1-Gbps ports. The 4 ports of SFP28 can be configured as 1/10/25-Gbps and the 2 ports of QSFP28 can be configured as 40- and 100-Gbps ports. The Cisco Nexus 92348GC-X is ideal for big data customers that require a Gigabit Ethernet ToR switch with local switching.

N9K-C93180YC-EX

1-RU Top-of-Rack switch with 48 10-/25-Gigabit SFP28 fiber ports and 6 40-/100-Gigabit QSFP28 ports

N9K-C93180YC-EX-24

1-RU 24 1/10/25-Gigabit front panel ports and 6-port 40/100 Gigabit QSFP28 spine-facing ports

N9K-C93108TC-EX

1-RU Top-of-Rack switch with 48 10GBASE-T (copper) ports and 6 40-/100-Gigabit QSFP28 ports

N9K-C93108TC-EX-24

1-RU 24 1/10GBASE-T (copper) front panel ports and 6 40/100-Gigabit QSFP28 spine facing ports.

Table 12.             Cisco Nexus 9200 and 9300 Fans and Fan Trays

Product ID

Description

Quantity

Cisco Nexus Switches

NXA-FAN-160CFM-PE

Fan module with port-side exhaust airflow (blue coloring)

3

9364Ca
93360YC-FX2

NXA-FAN-160CFM-PI

Fan module with port-side intake airflow (burgundy coloring)

3

9364Ca
93360YC-FX2

NXA-FAN-160CFM2-PE

Fan module with port-side exhaust airflow (blue coloring)

4

9364C-GX

NXA-FAN-160CFM2-PI

Fan module with port-side intake airflow (burgundy coloring)

4

9364C-GX

NXA-FAN-30CFM-B

Fan module with port-side intake airflow (burgundy coloring)

3

93108TC-EX
93108TC-FXa
93180YC-EX
93180YC-FXa
9348GC-FXPa

NXA-FAN-30CFM-F

Fan module with port-side exhaust airflow (blue coloring)

3

93108TC-EX
93108TC-FXa
93180YC-EX
93180YC-FXa
9348GC-FXP

NXA-FAN-35CFM-PE

Fan module with port-side exhaust airflow (blue coloring)

4

 

 

 

 

6

92300YCa
9332Ca
93180YC-FX3Sb
93180YC-FX3
93108TC-FX3P

 

9336C-FX2-E
9316D-GX
93600CD-GX

NXA-FAN-35CFM-PI

Fan module with port-side intake airflow (burgundy coloring)

 

 

 

Fan module with port-side exhaust airflow (blue coloring)

4

 

 

 

6

6

92300YCa
9332Ca
93180YC-FX3Sb
93180YC-FX3
93108TC-FX3P

9316D-GX
93600CD-GX

9336C-FX2-E

NXA-FAN-65CFM-PE

Fan module with port-side exhaust airflow (blue coloring)

3

93240YC-FX2a
9336C-FX2a

NXA-FAN-65CFM-PI

Fan module with port-side exhaust airflow (burgundy coloring)

3

93240YC-FX2a
9336C-FX2a

aFor specific fan speeds see the Overview section of the Hardware Installation Guide.
b This switch runs with +1 redundancy mode so that if one fan fails, the switch can sustain operation. But if a second fan fails, this switch is not designed to sustain operation. Hence before waiting for the major threshold temperature to be hit, the switch will power down due to entering the fan policy trigger command.

Table 13.             Cisco Nexus 9200 and 9300 Power Supplies

Product ID

Description

Quantity

Cisco Nexus Switches

NXA-PAC-500W-PE

500-W AC power supply with port-side exhaust airflow (blue coloring)

2

93108TC-EX
93180YC-EX
93180YC-FX

NXA-PAC-500W-PI

500-W AC power supply with port-side intake airflow (burgundy coloring)

2

93108TC-EX
93180YC-EX
93180YC-FX

NXA-PAC-650W-PE

650-W power supply with port-side exhaust (blue coloring)

2

92300YC
93180YC-FX3S
93108TC-EX
93180YC-EX
93180YC-FX3

NXA-PAC-650W-PI

650-W power supply with port-side intake (burgundy coloring)

2

92300YC
93180YC-FX3S
93108TC-EX
93180YC-EX
93180YC-FX3

NXA-PAC-750W-PE

750-W AC power supply with port-side exhaust airflow (blue coloring) 1

2

9336C-FX2
9336C-FX2-E
9332C
93240YC-FX2

NXA-PAC-750W-PI

750-W AC power supply with port-side intake airflow (burgundy coloring) 1

2

9336C-FX2
9336C-FX2-E
9332C
93240YC-FX2

NXA-PAC-1100W-PE2

1100-W AC power supply with port-side exhaust airflow (blue coloring)

2

93240YC-FX2
9332C
9316D-GX
9336C-FX2
9336C-FX2-E
93600CD-GX

NXA-PAC-1100W-PI2

1100-W AC power supply with port-side intake airflow (burgundy coloring)

2

93240YC-FX2
9332C
9316D-GX
9336C-FX2
9336C-FX2-E
93600CD-GX

NXA-PAC-1100W-PI

Cisco Nexus 9000 PoE 1100W AC PS, port-side intake

2

93108TC-FX3P

NXA-PAC-1100W-PE

Cisco Nexus 9000 PoE 1100W AC PS, port-side exhaust

2

93108TC-FX3P

NXA-PAC-1900W-PI

Cisco Nexus 9000 PoE 1900W AC PS, port-side intake

2

93108TC-FX3P

NXA-PAC-1200W-PE

1200-W AC power supply with port-side exhaust airflow (blue coloring)

2

93360YC-FX2
9364C

NXA-PAC-1200W-PI

1200-W AC power supply with port-side intake airflow (burgundy coloring)

2

93360YC-FX2
9364C

N9K-PUV-1200W

1200-W Universal AC/DC power supply with bidirectional airflow (white coloring)

2

92300YC
93108TC-EX
93108TC-FX
93360YC-FX2
93180YC-FX3S
93180YC-EX
93180YC-FX
9364C

NXA-PDC-930W-PE

930-W DC power supply with port-side exhaust airflow (blue coloring)

2

93108TC-EX
93180YC-EX
93360YC-FX2
93180YC-FX3S
93180YC-FX
9364C

NXA-PDC-930W-PI

930-W DC power supply with port-side intake airflow (burgundy coloring)

2

93108TC-EX
93180YC-EX
93360YC-FX2
93180YC-FX3S
93180YC-FX
9364C

NXA-PDC-1100W-PE

1100-W DC power supply with port-side exhaust airflow (blue coloring)

2

93240YC-FX2
93600CD-GX
9316D-GX
9332C
9336C-FX2
9336C-FX2-E

NXA-PDC-1100W-PI

1100-W DC power supply with port-side intake airflow (burgundy coloring)

2

93240YC-FX2
93600CD-GX
9316D-GX
9332C
9336C-FX2
9336C-FX2-E

UCSC-PSU-930WDC

930-W DC power supply with port-side intake (green coloring)

2

93108TC-EX
93180YC-EX

UCS-PSU-6332-DC

930-W DC power supply with port-side exhaust (gray coloring)

2

93108TC-EX
93180YC-EX

NXA-PHV-1100W-PE

1100-W AC power supply with port-side exhaust airflow (blue coloring)

2

93240YC-FX2
9336C-FX2

NXA-PHV-1100W-PI

1100-W AC power supply with port-side intake airflow (burgundy coloring)

2

93240YC-FX2
9336C-FX2

NXA-PAC-2KW-PE

2000-W AC power supply with port-side exhaust airflow (blue coloring)

2

9364C-GX

NXA-PAC-2KW-PI

2000-W AC power supply with port-side intake airflow (burgundy coloring)

2

9364C-GX

NXA-PDC-2KW-PE

2000-W DC power supply with port-side exhaust airflow (blue coloring

2

9364C-GX

NXA-PDC-2KW-PI

2000-W DC power supply with port-side intake airflow (burgundy coloring)

2

9364C-GX

N2200-PAC-400W

400-W AC power supply with port-side exhaust airflow (blue coloring)

2

92348GC-X

N2200-PAC-400W-B

400-W AC power supply with port-side intake airflow (burgundy coloring)

2

92348GC-X

N2200-PDC-350W-B

350-W DC power supply with port-side intake airflow

2

92348GC-X

N2200-PDC-400W

400-W DC power supply with port-side exhaust airflow (blue coloring)

2

92348GC-X

Compatibility Information

Fabric Module and Line Card compatibility details are listed below.

Table 14.             Cisco Nexus 9500 Cloud Scale Line Cards

Product ID

N9K-C9504-FM-G

N9K-C9508-FM-G

N9K-C9504-FM-E

N9K-C9508-FM-E

N9K-C9508-FM-E2

N9K-C9516-FM-E2

N9K-X9716D-GX

4

4

No

No

No

No

N9K-X9736C-FX

No

No

5

5

5

5

N9K-X97160YC-EX

No

No

4

4

4

4

N9K-X9788TC-FX

No

No

4

4

4

4

N9K-X9732C-EX

No

No

4

4

4

4

N9K-X9736C-EX

No

No

4

4

4

4

N9K-X9732C-FX

No

No

4

5 (n+1 redundancy)

4

5 (n+1 redundancy)

4

5 (n+1 redundancy)

4

5 (n+1 redundancy)

Table 15.             Cisco Nexus 9500 R-Series Line Cards

Product ID

N9K-C9504-FM-R

N9K-C9508-FM-R

N9K-X9636C-RX

6

6

N9K-X9636Q-R

4

6 (n+2 redundancy)

4

6 (n+2 redundancy)

N9K-X9636C-R

5

6 (n+1 redundancy)

5

6 (n+1 redundancy)

N9K-X96136YC-R

6

6

Optics

To determine which transceivers and cables are supported by a switch, see the Transceiver Module (TMG) Compatibility Matrix. To see the transceiver specifications and installation information, see the Install and Upgrade Guides.

Cisco Network Insights

Cisco NX-OS Release 10.1(1) supports the Cisco Network Insights Advisor (NIA) and Cisco Network Insights for Resources (NIR) on Cisco Nexus 9200, 9300-EX, and 9300-FX platform switches and 9500 platform switches with -EX/FX line cards. For more information, see the Cisco Network Insights documentation.

Upgrade and Downgrade

To perform a software upgrade or downgrade, follow the instructions in the Cisco Nexus 9000 Series NX-OS Software Upgrade and Downgrade Guide, Release 10.1(x). For information about an In Service Software Upgrade (ISSU), see the Cisco NX-OS ISSU Support Matrix.

Related Content

Document

Description

Cisco Nexus 9000 Series Switches

Cisco Nexus 9000 Series documentation

Cisco Nexus 9000 and 3000 Series NX-OS Switch License Navigator

Cisco Nexus 9000 and 3000 Series NX-OS Switch License Navigator

Cisco Nexus 9000 Series NX-OS Software Upgrade and Downgrade Guide, Release 10.1(x)

Cisco Nexus 9000 Series Software Upgrade and Downgrade Guide

Cisco Nexus 9000 Series FPGA/EPLD Upgrade Release Notes, Release 10.1(1)

Cisco Nexus 9000 Series FPGA/EPLD Upgrade Release Notes

Cisco Nexus NX-API Reference

Cisco Nexus 3000 and 9000 Series NX-API REST SDK User Guide and API Reference

ftp.cisco.com/pub/mibs/supportlists/nexus9000/Nexus9000MIBSupportList.html

Cisco NX-OS Supported MIBs

Cisco Nexus 9000 Series Switch FEX Support Matrix

Supported FEX modules

Cisco NX-OS Licensing Guide

Licensing Information

When you downgrade from Cisco NX-OS Release 10.1(1) to an earlier release, the features that use the ACI+NX-OS Essentials, Advantage, and add-on licenses or the Hardware Streaming Telemetry license continue to work in honor mode in the downgraded version. In addition, the output of the show license usage command continues to include entries for these unsupported licenses.

For more information, see the Cisco NX-OS Licensing Guide.

Documentation Feedback

To provide technical feedback on this document, or to report an error or omission, please send your comments to nexus9k-docfeedback@cisco.com. We appreciate your feedback.

Legal Information

Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this URLwww.cisco.com/go/trademarks. Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1721R)

Any Internet Protocol (IP) addresses and phone numbers used in this document are not intended to be actual addresses and phone numbers. Any examples, command display output, network topology diagrams, and other figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses or phone numbers in illustrative content is unintentional and coincidental.

© 2021-2023 Cisco Systems, Inc. All rights reserved.

Learn more