Cisco ACI Virtual Edge Release Notes, Release 1.2(7a)
Available Languages
Cisco ACI Virtual Edge Release Notes, Release 1.2(7a)
This document describes the features, bugs, and limitations for the Cisco Application Centric Infrastructure (ACI) Virtual Edge Switch software.
Note: Use this document in combination with the Cisco Application Policy Infrastructure Controller (APIC) Release Notes, which you can view at the following location:
Release notes are sometimes updated with new information about restrictions and bugs. See this website for the most recent version of this document.
Table 1 shows the online change history for this document.
Table 1 Online History Change
| Date |
Description |
| 2019-07-10 |
Cisco ACI Virtual Edge Release 1.2(7a) became available. |
| 2020-02-21 |
Added information about portgroups being added in VMware vCenter when you upgrade Cisco APIC. See "VXLAN Load Balancing" the New Information section. |
| 2021-03-25 |
Added bug CSCvq34172 to the Open Bugs section. |
Contents
This document includes the following sections:
Cisco ACI Virtual Edge Software Compatibility
About Cisco ACI Virtual Edge
Cisco ACI Virtual Edge is a hypervisor-independent distributed service virtual machine (VM) that is specifically designed for Cisco ACI. It leverages the native distributed virtual switch that belongs to the hypervisor. Cisco ACI Virtual Edge runs in the user space, operates as a virtual leaf, and is managed by Cisco Application Policy Infrastructure Controller (APIC). If you use Cisco AVS, you can migrate to Cisco ACI Virtual Edge; if you use VMware VDS, you can run Cisco ACI Virtual Edge on top of it.
Cisco ACI Virtual Edge supports two modes of traffic forwarding: local switching and no local switching. The forwarding mode is selected during Cisco ACI Virtual Edge installation.
Cisco ACI Virtual Edge is supported as a vLeaf for Cisco APIC with the VMware ESXi hypervisor. It manages a data center defined by the VMware vCenter Server.
Cisco ACI Virtual Edge is compatible with any upstream physical access layer switch that complies with the Ethernet standard, including Cisco Nexus switches. Cisco ACI Virtual Edge is compatible with any server hardware listed in the VMware Hardware Compatibility Guide on the VMware website.
Cisco ACI Virtual Edge Software Compatibility
Hypervisor Compatibility
Cisco ACI Virtual Edge Release 1.2(7a) is supported as a vLeaf for Cisco APIC with releases 6.0 and later versions of the VMware ESXi hypervisor.
Cisco ACI Virtual Edge and Cisco APIC Compatibility
Cisco ACI Virtual Edge Release 1.2(7a) is compatible with Cisco APIC 3.2(7f) and later versions.
See the Cisco APIC and ACI Virtual Edge Support Matrix for details.
Virtualization Compatibility Information
The Cisco ACI Virtualization Compatibility Matrix provides interoperability information for Cisco ACI components and configurations that have been tested and validated by Cisco, by Cisco partners, or both.
Compatibility and Upgrade/Downgrade Considerations
Support Matrix
The Cisco APIC Versus ACI Virtual Edge Support Matrix is an interactive tool that enables you to choose an APIC version and view the compatible Cisco ACI Virtual Edge, vSphere, and compatible Cisco APIC versions.
ACI Virtual Edge Upgrade Method
You must use the Cisco ACI vCenter plug-in to upgrade Cisco ACI Virtual Edge. See the chapter "Cisco ACI Virtual Edge Upgrade" in the Cisco ACI Virtual Edge Installation Guide on Cisco.com for upgrade instructions.
Number of IP Addresses when Upgrading Cisco ACI Virtual Edge
If you use static or DHCP IP pools and want to upgrade Cisco ACI Virtual Edge, ensure that you have enough IP addresses. There must be more IP addresses in the static or DHCP pools than there are the in the Cisco ACI Virtual Edge service VMs in the data center in VMware vCenter. Otherwise, the upgrade of the new Cisco ACI Virtual Edge will fail.
New Information
Cisco ACI Virtual Edge provides most of the functionality of the Cisco AVS solution, including support VLAN and VXLAN encapsulation, Microsegmentation with Cisco ACI, and Distributed Firewall. Cisco ACI Virtual Edge also provides near-seamless migration from Cisco AVS and VMware VDS.
Note: When you install or configure Cisco ACI Virtual Edge, you may see Cisco ACI Virtual Edge options labeled Cisco AVE or AVE.
This section describes new of changed features in the Cisco ACI Virtual Edge Release 1.2(7a) and Cisco APIC 3.2(2) and later.
VXLAN Load Balancing
In Cisco APIC Release 3.2(7f), Cisco ACI Virtual Edge supports VXLAN load balancing. VXLAN load balancing is a built-in feature; no configuration is necessary to enable it. It is not available for Cisco ACI Virtual Edge when it is part of Cisco ACI vPod.
Extra interfaces have been added to accommodate VXLAN load balancing and improve performance. New portgroups in VMware vCenter are assigned to the new uplinks. These portgroups are automatically added for existing instances of Cisco ACI Virtual Edge when Cisco APIC is upgraded.
For more information, see the section "VXLAN Load Balancing" in the Cisco ACI Virtual Edge Configuration Guide.
Support for Enhanced LACP
In Cisco APIC Release 3.2(7f), you can create multiple link aggregation (LAG) policies and determine which VMware vCenter portgroup uses which LAG policy. You can choose from 20 different load-balancing techniques when you create LAG policies. You can configure the enhanced LAG policy as a vSwitch policy only for Link Aggregation Control Protocol (LACP) passive or LACP active.
Note: If you want to use a Link Aggregation Control Protocol port channel with VMware DVS 6.6 and later, you must configure Enhanced LACP.
For more information, see the Cisco ACI Virtual Edge Configuration Guide.
VMware vSphere 6.7
Beginning with the Cisco APIC Release 3.2(2), VMware vSphere version 6.7 supports Cisco ACI Virtual Edge. VMware vSphere version 6.7 includes vCenter 6.7, ESXi 6.7, and DVS 6.6.
Limitations and Restrictions
For Cisco ACI Virtual Edge scalability information, see the Verified Scalability Guide for Cisco ACI for the relevant Cisco APIC release.
General
L3 Multicast is not supported on bridge domains with endpoints after AVE.
Hypervisor Availability
Cisco ACI Virtual Edge is available only on the VMware hypervisor at initial release.
VMware vSphere Support
Cisco ACI Virtual Edge is supported only on VMware vSphere 6.0 and later versions.
Cisco ACI Multi-Site Support
Cisco ACI Virtual Edge is not supported for Cisco ACI Multi-Site environments.
Cisco ACI Virtual Edge Deployment
· The server where you install Cisco ACI Virtual Edge must have an Intel Nehalem CPU or later. You also must set the cluster Enhanced vMotion Compatibility (EVC) to a Nehalem CPU or later. See the knowledge base article Enhanced vMotion Compatibility (EVC) processor support (1003212) on the VMware web site.
· We recommend that you install only one Cisco ACI Virtual Edge virtual machine (VM) on each host.
· Removing Cisco ACI Virtual Edge or the ESXi host from the VMware vCenter and then adding it back in is not supported. If you do that, Cisco ACI Virtual Edge loses password, infra VLAN, IP address, and other key configurations. You should instead delete the original Cisco ACI Virtual Edge and deploy a new one.
· After you deploy Cisco ACI Virtual Edge, if the Cisco ACI Virtual Edge VM is moved across VMware vCenter, all the configurations that you made during deployment are lost.
Management Interface IP Address
The Cisco ACI Virtual Edge management interface must have an IPv4 address. It can have an additional IPv6 address, but you cannot configure it with only an IPv6 address.
vMotion Support
vMotion is supported for endpoints but not supported for Cisco ACI Virtual Edge itself.
Note: After you migrate VMs using cross-data center VMware vMotion in the same VMware vCenter, you may find a stale VM entry under the source DVS. This stale entry can cause problems, such as host removal failure. The workaround for this problem is to enable "Start monitoring port state" on the vNetwork DVS. See the KB topic "Refreshing port state information for a vNetwork Distributed Virtual Switch" on the VMware Web site for instructions.
Features not Supported for Cisco ACI Virtual Edge with Multipod
The following features are not supported for Cisco ACI Virtual Edge with multipod in the Cisco APIC 1.2(7a) release:
· Storage vMotion with two separate NFS in two separate PODs
· ERSPAN destination in different PODs
· Distributed Firewall syslog server in different PODs
Pre-provisioning not Supported for EPG Resolution Immediacy
When you set EPG resolution immediacy, Cisco ACI Virtual Edge does not support pre-provisioning, which downloads a policy to a switch before the switch is installed.
Permission Denied for some Files on vem-support with Admin Login
When you log in as an administrator, you may be denied some files when you enter a vem-support command. However, you can get permission if you log in as root.
Brief Delay Possible When Switching EPG from Native to AVE Mode
Changing the switching mode from Native to AVE (Cisco ACI Virtual Edge) on an EPG requires changing the underlying switching platform from regular VMware DVS to Cisco ACI Virtual Edge. It also requires moving all the associated ports from DVS to Cisco ACI Virtual Edge.
This operation requires reprogramming of the port group associated with that EPG. That in turn requires a VMware vCenter operation. This operation may take a few seconds to complete and for ports to show up in forwarding state on the Cisco ACI Virtual Edge switching platform. The length of time depends on the VMware vCenter load as well as the number of endpoints that reside on the EPG that is being moved from Native to AVE mode.
Bugs
Open Bugs
Table 2 lists the open bugs in Cisco ACI Virtual Edge Release 1.2(7a):
Table 2 – Open Cisco ACI Virtual Edge bugs
| Bug ID |
Headline |
| Stale endpoint: VM moves in and out of Cisco ACI Virtual Edge when OpFlex is down |
|
| Cisco ACI Virtual Edge: Changing memory reservation from 3G to 4G |
The compatible Cisco APIC version contains bug fixes; see the Cisco APIC Release Notes.
Resolved Bugs
Table 3 lists the resolved bugs in the Cisco ACI Virtual Edge Release 1.2(7a):
Table 3 – Resolved Cisco ACI Virtual Edge bugs
| Bug ID |
Headline |
| Ports not freed and gets exhausted on continuous vMotion while moving between microsegments |
|
| Headless vMotion: Fails to attach EPs while existing EPs wait for inventory |
|
| Cisco ACI Virtual Edge is not correctly handling less than 60-byte Ethernet frame |
|
| Cisco ACI Virtual Edge fails to send epp igmp joins for more than 20 groups |
|
| Cisco ACI Virtual Edge has a stale endpoint when vMotion is done when TOR is down |
|
| Cisco ACI Virtual Edge domain not getting deployed on VMware vCenter |
|
| Cisco APIC shows vmmmgr core with proactive HA feature when VMware vCenter is disconnected |
|
| 169.x.x.x vmk IP address causes F606392 fault to be raised |
|
| Cisco ACI Virtual Edge deployment with PowerCLI not putting the host back in maintenance mode |
|
| Cisco ACI Virtual Edge moves to different host when we power off to enter host in maintenance mode |
|
| Stale compPendEp object after lsnode switchover |
|
| Cisco AVS to Cisco ACI Virtual Edge migration wizard failed to deploy the Cisco ACI Virtual Edge VM using the VMware vCenter plug-in |
|
| Need to block VLAN traffic coming from uplink to internal port groups |
|
| Cisco ACI Virtual Edge goes into a bad state so that even the console or SSH doesn't work. |
|
| Cisco ACI 3.2.3n : vmmmgr cored |
|
| CSCvq04476 |
Cisco ACI vCenter plug-in: Uninstall not working; plug-in remains present in the GUI |
Known Behaviors
vMotion Failure Causes Silent Host to Stay Detached
When you move a port with vMotion, and an external problem, such as a networking or storage failure, occurs, the port is detached on the source host. If the port is sending packets, it will be re-attach immediately; however, for a silent host, the port remains detached until it sends some traffic.
You can bring back the silent port by detaching and reattaching it in VMware vCenter. Or you can bring the silent host back by sending some token traffic.
Bulk vMotion of Ports Incurs Port Delays
When you do a bulk vMotion of 50 or more ports, the ports take additional time to come up and start forwarding traffic. You may see delays of 30 seconds to 2 minutes for the last port to come up when you move 300 ports. However, some ports at the front of the vMotion queue begin forwarding traffic much earlier.
You can avoid this problem by limiting the number of ports that you vMotion at a time to 50.
vMotion Across Policy Groups Can Cause Multicast Traffic Loss
You may experience traffic loss up to the querier interval when you migrate a VM to a host where the other endpoints are not subscribed to the multicast group or groups that the migrated VM subscribed to.
You can avoid this problem by configuring bridge domains with multicast flooding.
Cisco ACI Virtual Edge Can Become Unusable if NFS Connectivity is Lost and Then Restored
If Cisco ACI Virtual Edge is deployed in NFS, and connectivity to the host is lost and then restored, Cisco ACI Virtual Edge might be in read-only mode. Reboot Cisco ACI Virtual Edge to make it work again.
Documentation
Related Documentation for Cisco ACI Virtual Edge
Cisco ACI Virtual Edge documentation is available at the following URL:
Related Documentation for Cisco APIC
Cisco APIC documentation is available at the following URL:
Cisco APIC documentation includes the Cisco ACI Virtualization Guide, which provides detailed information about Distributed Firewall and Microsegmentation with Cisco AVS.
Documentation Feedback
To provide technical feedback on this document or report an error or omission, please send your comments to avs-docfeedback@cisco.com. We appreciate your feedback.
Obtaining Documentation and Submitting a Service Request
For information on obtaining documentation, using the Cisco Bug Search Tool (BST), submitting a service request, and gathering additional information, see What’s New in Cisco Product Documentation at: http://www.cisco.com/en/US/docs/general/whatsnew/whatsnew.html.
Subscribe to What’s New in Cisco Product Documentation, which lists all new and revised Cisco technical documentation, as an RSS feed and deliver content directly to your desktop using a reader application. The RSS feeds are a free service.
Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this URL: www.cisco.com/go/trademarks. Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1110R)
Any Internet Protocol (IP) addresses and phone numbers used in this document are not intended to be actual addresses and phone numbers. Any examples, command display output, network topology diagrams, and other figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses or phone numbers in illustrative content is unintentional and coincidental.
© 2019-2021 Cisco Systems, Inc. All rights reserved.
FeedbackContact Cisco
- Open a Support Case
- (Requires a Cisco Service Contract)