New and Changed Information
|
Feature |
Description |
Changed in Release |
Where Documented |
|---|---|---|---|
|
MACsec ND ISSU |
Two new commands are introduced at the MACsec policy level to support MACsec ND ISSU on Cisco Nexus 9300-GX2, H2R and H1 switches. |
10.6(2)F |
|
|
AAA, RADIUS, TACACS+, and SSH protocol |
Cisco N9324C-SE1U and N9348Y2C6D-SE1U Smart switches support AAA, RADIUS, TACACS+, and SSH protocol features. |
10.6(2)F |
Guidelines and limitations for AAA on Cisco N9300 Smart switches Guidelines and limitations for RADIUS on Cisco N9300 Smart switches Guidelines and limitations for TACACS+ on Cisco N9300 Smart switches Guidelines and limitations for SSH protocol on Cisco N9300 Smart switches |
|
MACsec support on Cisco N9300 Smart switch |
Added MACsec support on Cisco N9300 Smart switches. |
10.6(2)F |
Guidelines and limitations for MACsec on Cisco N9300 Smart switches |
|
Custom CoPP support on Cisco N9300 Smart switch |
Added Custom CoPP support on Cisco N9300 Smart switches. |
10.6(2)F |
Guidelines and limitations for CoPP on Cisco N9300 Smart switches |
|
ACL support on Cisco N9300 Smart switch |
Cisco N9300 Smart switches support these ACL features:
|
10.6(2)F |
ACL guidelines and limitations for Cisco N9300 Smart switches |
|
DHCP relay support on Cisco N9300 Smart switch |
Added DHCP relay support on Cisco N9300 Smart switches. |
10.6(2)F |
Guidelines and limitations for DHCP relay on Cisco N9300 Smart switches |
|
Cisco Live Protect supported on Smart switches |
Added support for Cisco Live Protect on Cisco N9324C-SE1U and N9348Y2C6D-SE1U Smart switches |
10.6(2)F |
|
|
Enforce Mode support for Cisco Live Protect |
Added support for enforce mode as part of the Cisco Live Protect feature |
10.6(2)F |
Guidelines and limitations for Cisco Live Protect Add or remove Cisco Live Protect policy packages |
|
Routing TACACS+ (AAA) Traffic via Linux Kernel Network Stack |
Beginning with Cisco NX-OS Release 10.6(2)F, Cisco Nexus 9000 Series switches support routing TACACS+ (AAA) traffic via the Linux kernel network stack (kstack) in addition to the existing netstack path. |
10.6(2)F |
Guidelines and Limitations for TACACS+ |
|
DHCP Relay to Server in Local Guest Shell/Docker |
Beginning with Cisco NX-OS Release 10.6(2), Cisco Nexus 9000 switches support relaying DHCP requests to a server running locally within the switch, either in the Guest Shell or as a Docker container. This capability allows the switch to forward DHCP client requests received on its interfaces to a locally hosted DHCP server, enabling centralized and flexible IP address assignment within the network environment. |
10.6(2)F |
DHCP Relay to Server in Local Guest Shell/Docker How DHCP Relay to Local Guest Shell/Docker Works |
|
Displaying Cisco SUDI Certificate Chain |
Beginning with Cisco NX-OS Release 10.6(2), Cisco Nexus 9000 switches support displaying and signing the Cisco Secure Unique Device Identifier (SUDI) certificate chain as part of Cisco’s trustworthy technologies, which leverage Secure Unique Device Identifier (SUDI) and Trust Anchor Module (TAm). This capability allows the switch to display the SUDI certificate chain and generate a signature based on a user-provided nonce, supporting integration with external systems. |
10.6(2)F |
Displaying Cisco SUDI Certificate Chain |
|
Cisco Discovery Protocol (CDP) enhancement for second port disconnect |
Added CDP enhancement for second Port disconnect which allows a Cisco IP phone to send a CDP message to a switch when a host is unplugged from behind the phone. |
10.6(2)F |
|
|
MAC move support for data clients on MDA ports |
Added support to handle MAC move events for data clients connected to Multi-Domain Authentication (MDA) ports. |
10.6(2)F |
|
|
Support for 1R2C on Cisco N9300 Series smart switches |
Added 1R2C support for traffic storm control on Cisco N9300 Series smart switches. |
10.6(2)F |
Guidelines and Limitations for Traffic Storm Control Configure traffic storm control for one-level threshold on N9300 Series smart switches |
|
RACL on SVI |
Added RACL support on SVI interfaces of Cisco Nexus 9364E-SG2 Series switches. |
10.6(2)F |
|
|
Securing NX-OS with Cisco Live Protect |
This feature protects the Nexus switches in monitoring mode, and is implemented using the NXSecure configuration. |
10.6(1)F |
|
|
MACsec support on Cisco Nexus 9336C-SE1 switch |
Added MACsec support on Cisco Nexus 9336C-SE1 switches. |
10.6(1)F |
Guidelines and limitations for MACsec on Cisco Nexus 9336C-SE1 switches |
|
Custom CoPP support on Cisco Nexus 9336C-SE1 switch |
Added Custom CoPP support on Cisco Nexus 9336C-SE1 switches. |
10.6(1)F |
Guidelines and limitations for CoPP on Cisco Nexus 9336C-SE1 switches |
|
ACL support on Cisco Nexus 9336C-SE1 switch |
Cisco Nexus 9336C-SE1 switches support these ACL features:
|
10.6(1)F |
|
|
TACACS+ over TLS |
Added support to configure TACACS+ over TLS |
10.6(1)F |
|
|
Host Identity Based Authorization (HIBA) |
Added support for centralized SSH authorization management by embedding host authorization information within certificates. |
10.6(1)F |
SSH Authentication Using Host Identity Based Authorization (HIBA) |
|
Deprecate redundant SSH configuration and DSA CLIs |
Added support to deprecate redundant SSH configuration and DSA CLIs |
10.6(1)F |
Feedback