Cisco NX-OS Release 11.0(2j) Release Notes for Cisco Nexus 9000 Series ACI-Mode Switches

Available Languages

Download Options

  • PDF     (187.9 KB)
    View with Adobe Reader on a variety of devices
  • ePub     (81.1 KB)
    View in various apps on iPhone, iPad, Android, Sony Reader, or Windows Phone
  • Mobi (Kindle)     (93.3 KB)
    View on Kindle device or Kindle app on multiple devices
Updated:November 11, 2014

Bias-Free Language

The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.

Table of Contents

Cisco NX-OS Release 11.0(2j) Release Notes for Cisco Nexus 9000 Series ACI-Mode Switches

Contents

Introduction

ACI Fabric and Switches

Cisco Nexus 9000 Series ACI-Mode

Switch Features

Supported Hardware

Supported FEX Models

Installation Notes

Upgrade Instructions

Compatibility Information

Usage Guidelines

Caveats

Open Caveats

Resolved Caveats

Known Behaviors

Related Documentation

Web-Based Documentation

Downloadable Documentation

Hardware Documentation

Cisco NX-OS Release 11.0(2j) Release Notes
for Cisco Nexus 9000 Series ACI-Mode Switches

Publication Date: November 11, 2014


This document describes the features, caveats, and limitations for Cisco NX-OS software that runs on Cisco Nexus 9000 Series Application Centric Infrastructure (ACI) switches. Use this document in combination with the Cisco Application Policy Infrastructure Controller, Release 1.0(2j), Release Notes. Additional product documentation is listed in the “Related Documentation” section.

Release notes are sometimes updated with new information about restrictions and caveats. See the following website for the most recent version of the Cisco NX-OS Release 11.0(2j) Release Notes for Cisco Nexus 9000 Series ACI-Mode Switches:

http://www.cisco.com/c/en/us/support/switches/nexus-9000-series-switches/products-release-notes-list.html

Table 1 shows the online change history for this document.

Table 1 Online History Change

Date
Description

November 11, 2014

Created the release notes for Release 11.0(2j).

November 17, 2014

Added “Supported FEX Models”.

November 26, 2014

Added “Upgrade Instructions” and Downgrade Instructions.

December 4, 2014

Removed Downgrade Instructions section and updated “Usage Guidelines” with new downgrade information.

January 12, 2015

Removed ICMP from the protocol list in the “Usage Guidelines”.

February 2, 2015

Added a link to the APIC release notes in the “Usage Guidelines”

Contents

This document includes the following sections:

Introduction

The Cisco Application Centric Infrastructure (ACI) is an architecture that allows the application to define the networking requirements in a programmatic way. This architecture simplifies, optimizes, and accelerates the entire application deployment life cycle.

The Cisco Application Centric Infrastructure Fundamentals guide provides complete details about the ACI, including its two major components:

  • Cisco Application Policy Infrastructure Controller (APIC)
  • ACI Fabric, including Cisco Nexus 9000 spine and leaf switches

The Cisco Application Centric Infrastructure Fundamentals guide also includes a glossary of terms that are used in the ACI.

Key features of the ACI include the following:

  • Simplified automation with an application-driven policy model
  • Common platform for managing physical, virtual, and cloud-based environments
  • Centralized visibility with real-time, application health monitoring
  • Operational simplicity, with common policy, management, and operation models across application, network, and security resources
  • Open software flexibility for DevOps teams and ecosystem partner integration
  • Scalable performance and secure multi-tenancy

ACI Fabric and Switches

A clustered replicated APIC appliance manages the ACI fabric. Cisco Nexus 9000 Series switches can run with the ACI-compatible software to run in the leaf/spine fabric mode. These switches form a “fat-tree” network by connecting each leaf node to each spine node; all other devices connect to the leaf nodes.

Cisco Nexus 9000 Series ACI-Mode

Cisco NX-OS Software for the Cisco Nexus 9000 Series is a data center, purpose-built, operating system designed with performance, resiliency, scalability, manageability, and programmability at its foundation. It provides a robust and comprehensive feature set that meets the requirements of virtualization and automation in data centers

Cisco NX-OS Release 11.0 works only on Cisco Nexus 9000 Series switches in ACI Mode.

See Table 2 for a list of modules that are supported on Cisco Nexus 9000 Series switches in ACI Mode.

Switch Features

The Cisco Nexus 9000 Series switches have the following features:

  • Predictable high performance
  • Nonblocking, high-density 1 and 10 Gigabit Ethernet configuration
  • Nonblocking, high-density 10 and 40 Gigabit Ethernet configuration
  • Advanced optics
  • Highly available, scalable, and robust solution
  • Chassis designed for 2 to 3 future generations of line cards
  • Storm Control
  • 64 IPs per MAC

Supported Hardware

Table 2 lists the hardware that the Cisco Nexus 9000 Series ACI Mode switches support.

Table 2 Supported Hardware

Hardware Type
Product ID
Description

Chassis

N9K-C9504

Cisco Nexus 9504 chassis with four slots

Chassis

N9K-C9508

Cisco Nexus 9508 chassis with 8 slots

Chassis component

N9K-C9508-FAN

Fan tray

Chassis component

N9k-PAC-3000W-B

Cisco Nexus 9500 3000W AC power supply, port side intake

Pluggable module (GEM)

N9K-M6PQ

6-port

Pluggable module (GEM)

N9K-M12PQ

12-port or 8-port

Spine switch

N9K-C9336PQ

Cisco Nexus 9336PQ switch, 36-port 40 Gigabit Ethernet QSFP

Spine switch

N9K-C9508-B1

Cisco Nexus 9508 chassis bundle with 1 supervisor module, 3 power supplies, 2 system controllers, 3 fan trays, and 3 fabric modules

Spine switch

N9K-C9508-B2

Cisco Nexus 9508 chassis bundle with 1 supervisor module, 3 power supplies, 2 system controllers, 3 fan trays, and 6 fabric modules

Spine switch module

N9K-C9504-FM

Cisco Nexus 9504 fabric module

Spine switch module

N9K-C9508-FM

Fabric module

Spine switch module

N9K-X9736PQ

Cisco Nexus 9500 36-port, 40 Gigabit Ethernet QSFP aggregation module

Switch module

N9K-SC-A

Cisco Nexus 9500 Series system controller

Switch module

N9K-SUP-A

Cisco Nexus 9500 Series supervisor module

Switch module

N9K-SUP-B

Cisco Nexus 9500 Series supervisor module

Top-of-rack (ToR) leaf switch

N9K-C93128TX

Cisco Nexus 9300 96-port, 1-/10-Gbps BASE-T and 6-port or 8-port, 40 Gigabit Ethernet QSFP switch

Top-of-rack (ToR) leaf switch

N9K-C9396PX

Cisco Nexus 9300 48-port, 1/10 Gigabit Ethernet SFP+ and 6-port or 12-port, 40 Gigabit Ethernet QSFP switch

Top-of-rack (ToR) leaf switch

N9K-C9396TX

Cisco Nexus 9300 48-port, 1/10 Gbps Base-T and 6-port or 12-port, 40 Gigabit Ethernet QSFP switch

Supported FEX Models

Table 3 lists the FEX models that the Cisco Nexus 9000 Series ACI Mode switches support. For more information on the FEX models, see Cisco Nexus 2000 Series Fabric Extenders Data Sheet.

Note FEX requires software version 5.x or later to be brought up successfully.

Table 3 Supported FEX Models
Product ID
Description

N2K-C2248PQ-10GE

Cisco Nexus 2248PQ 10GE Fabric Extender, 2PS, 4 Fan Module, 48x1/10GE (req SFP/SFP+) + 4x40G QSFP+(req QSFP+), choice of airflow and power supply

N2K-C2248TP-E-1GE

Cisco Nexus 2248TP-E Series 1GE Fabric Extender, 2PS, 1 Fan Module, 48x100/1000Base-T + 4x10GE (req SFP+), 32MB buffer, choice of airflow and power supply

N2K-C2248TP-1GE

Cisco Nexus 2248TP Series 1GE Fabric Extender, 2 AC PS, 1 Fan Module (Standard Airflow/port side exhaust), 48x100/1000Base-T + 4x10GE (req SFP+), same as N2K-C2248TP

N2K-C2232PP-10GE

Cisco Nexus 2232PP Series 10GE Fabric Extender, 2 AC PS, 1 Fan Module (Standard Airflow/port side exhaust), 32x1/10GE (req SFP/SFP+) + 8x10GE (req SFP+), same as N2K-C2232PP

N2K-C2232TM-E-10GE

Cisco Nexus 2232TM-E Series 10GBASE-T Fabric Extender, 2PS, 1 Fan Module, 32x1/10GBase-T + 8x10GE Module (req SFP+), choice of airflow and power supply

Installation Notes

For installation instructions, see the Cisco ACI Fabric Hardware Installation Guide.

Upgrade Instructions

When upgrading from Release 1.0(1x) to Release 1.0(2x), you must upgrade the switch software image for all the spine and leaf switches in the fabric first. After that upgrade is successfully completed, upgrade the APIC controller software image.

However, if you are upgrading within the Release 1.0(1x) software sequence or within the Release 1.0(2x) software sequence, you must first upgrade the APIC controller software image. And then, after that is successfully completed, upgrade all the switches in the fabric.

Compatibility Information

Cisco NX-OS Release 11.0(2j) supports the hardware and software listed on the ACI Ecosystem Compatibility List and the Cisco AVS, Release 4.2(1)SV2(2.3).

Usage Guidelines

  • The current list of protocols that are allowed (and cannot be blocked through contracts) include the following. Some of the protocols have SrcPort/DstPort distinction.

Note Also see the APIC release notes for policy information: http://www.cisco.com/c/en/us/support/cloud-systems-management/application-policy-infrastructure-controller-apic/products-release-notes-list.html

UDP DestPort 161: SNMP. These cannot be blocked through contracts. Creating an SNMP ClientGroup with a list of Client-IP Addresses restricts SNMP access to only those configured Client-IP Addresses. If no Client-IP address is configured, SNMP packets are allowed from anywhere.

TCP SrcPort 179: BGP

TCP DstPort 179: BGP

OSPF

UDP DstPort 67: BOOTP/DHCP

UDP DstPort 68: BOOTP/DHCP

IGMP

PIM

UDP SrcPort 53: DNS replies

TCP SrcPort 25: SMTP replies

TCP DstPort 443: HTTPS

UDP SrcPort 123: NTP

UDP DstPort 123: NTP

Note The APIC 1.0(1n) release is the earliest version supported for downgrading from a 1.0(2x) release. When downgrading from 1.0(2x) to 1.0(1n), first downgrade the switch software image for all the spine and leaf switches in the fabric. After that downgrade is successfully completed, downgrade the APIC controller software image.

Caveats

This section includes the following topics:

Open Caveats

This section lists the open caveats in Cisco NX-OS Release 11.0(2j). Click a Bug ID shown in Table 4 to access the Bug Search Tool and see additional information about the bug.

Table 4 Open Caveats

Bug ID
Description

CSCun35596

FEX logs are missing in the output of the show fex detail command.

CSCun96495

Events and faults for interfaces are not updated under Ports in the GUI.

CSCup05629

The output of some CLI commands displays very slowly.

CSCur14844

iping picks a source address from a different subnet for a directly connected destination.

CSCur22644

In case of multiple QoS Custom Policies (QoSCustomPol) or multiple operations on an existing QoS Custom Policy, the DSCP and Dot1p rules do not get configured correctly on ToRs.

The ToR's object store may or may not show an error.

Once the programming fails for DSCP/Dot1p Rules, further DSCP/DoT1p programming on ToR is not possible. It will also affect the contract configuration of new l3extOut/l2extOut (external networks) that requires DSCP remarking.

CSCur32247

FEX related diagnostic results are missing.

CSCur38673

Ongoing diagnostic test configuration options need to be removed for FEX.

CSCur65254

The policy element process crashes when upgrading the spine with supervisor slot-2 as active, preventing the spine from joining the fabric.

Resolved Caveats

This section lists caveats that are resolved in Cisco NX-OS Release 11.0(2j). Click a Bug ID shown in Table 5 to access the Bug Search Tool and see additional information about the bug.

Table 5 Resolved Caveats
Bug ID
Description

CSCuo20106

Unnecessary SNMP traps are generated when an I/O module is removed and inserted.

CSCup38579

The show environment command in the APIC is missing equipment sensors and FEXes.

CSCup41392

The clear counters command does not work when spaces are included in the interface name.

CSCup68324

When a spine port and a port context source are in the same session, the filter does not work for SPAN.

CSCup83680

The show ip route command does not work if /32 address is provided as an argument.

CSCup88987

Remote ERSPAN packets are spanned when the destination port is a SPAN source.

CSCup93039

An SNMP named trap host configuration does not get restored after a configuration import.

CSCup97404

A vMotion vmk interface requires Arp flooding to be enabled on the inband bridge domain.

CSCuq04897

Pings from the ESX vtep to the ERSPAN destination VM fails.

CSCuq14160

The time between vMotion events for a VM should be greater than five minutes.

CSCuq15965

The show ip route vrf overlay-1 detail command does not work in the ibash shell.

CSCuq20273

A new router MAC address of an external router is not learned on both leaf switches of a vPC pair.

CSCuq21010

If you use the recovery image to reboot the active supervisor module on the Cisco Nexus 9508 switch, the supervisor goes to the loader prompt.

CSCuq21358

After the same tag is configured for two interfaces, a new tag cannot be added or an existing tag associated with a third interface.

CSCuq23255

The following power redundancy modes are supported: non-redundant, redundant, and power output redundancy (N+1).

CSCuq37947

The ACI fabric currently only supports learning 8 IP addresses per 1 MAC address.

Known Behaviors

This section lists caveats that describe known behaviors in Cisco NX-OS Release 11.0(2j). Click a Bug ID shown in Table 6 to access the Bug Search Tool and see additional information about the bug.

Table 6 Known Behaviors
Bug ID
Description

CSCun47041

Configuring the BGP maximum prefix policy is not supported.

CSCuo37016

Layer 3 switched packets that go out of a FEX Hif interface are not spanned.

CSCuo50533

When output span is enabled on a port where the filter is VLAN, multicast traffic in that VLAN that goes out of that port is not spanned.

CSCup92534

Continuous “threshold exceeded” messages are generated from the fabric.

CSCuq39829

Switch rescue user ("admin") can log into fabric switches even when TACACS is selected as the default login realm.

CSCuq46369

An extra 4 bytes is added to the untagged packet with Egress local and remote SPAN.

CSCuq77095

When the command show ip ospf vrf <vrf_name>" is run from bash on the border leaf, the checksum field in the output always shows value of zero.

CSCuq83910

When an IP moves from one MAC behind one ToR to another MAC behind another ToR, even though the VM sends a GARP packet, in ARP unicast mode, this GARP packet is not flooded. As a result, any other host with the original MAC to IP binding sending an L2 packet will send to the original ToR where the IP was in the beginning (based on MAC lookup), and the packet will be sent out on the old port (location). Without flooding the GARP packet in the network, all hosts will not update the MAC-to-IP binding.

CSCuq92447

When modifying the L2Unknown Unicast parameter on a Bridge Domain (BD), interfaces on externally connected devices may bounce. Additionally, the endpoint cache for the BD is flushed and all endpoints will have to be re-learned.

CSCuq93389

If an endpoint has multiple IPs, the endpoint will not be aged until all IPs go silent. If one of the IPs is reassigned to another server/host, fabric detects it as an IP move and forwarding will work as expected.

CSCur01336

PSU not getting detected after OIR with Power input connected.
  • The Cisco Nexus 9508 ACI-mode switch supports warm (stateless) standby where the state is not synched between the active and the standby supervisor modules. For an online insertion and removal (OIR) or reload of the active supervisor module, the standby supervisor module becomes active, but all modules in the switch are reset because the switchover is stateless. In the output of the show system redundancy status command, warm standby indicates stateless mode.
  • When a recommissioned APIC controller rejoins the cluster, GUI and CLI commands can time out while the cluster expands to include the recommissioned APIC controller.
  • If connectivity to the APIC cluster is lost while a switch is being decommissioned, the decommissioned switch may not complete a clean reboot. In this case, the fabric administrator should manually complete a clean reboot of the decommissioned switch.
  • Before expanding the APIC cluster with a recommissioned controller, remove any decommissioned switches from the fabric by powering down and disconnecting them. Doing so will ensure that the recommissioned APIC controller will not attempt to discover and recommission the switch.

IGMP Snooping Known Behaviors:

  • Multicast router functionality is not supported when IGMP queries are received with VxLAN encapsulation.
  • IGMP Querier election across multiple Endpoint Groups (EPGs) or Layer 2 outsides (External Bridged Network) in a given Bridge Domain (BD) is not supported. Only one EPG or Layer 2 outside for a given BD should be extended to multiple multicast routers if any.
  • The rate of the number of IGMP reports sent to a leaf switch should be limited to 1000 reports per second.
  • Unknown IP multicast packets are flooded on ingress leaf switches and border leaf switches, unless “unknown multicast flooding” is set to “Optimized Flood” in a BD. This knob can be set to “Optimized Flood” only for a maximum of 50 BDs per leaf.

If “Optimized Flood” is enabled for more than the supported number of BDs on a leaf, follow these configuration steps to recover:

Set “unknown multicast flooding” to “Flood” for all BDs mapped to a leaf.

Set “unknown multicast flooding” to “Optimized Flood” on needed BDs.

Related Documentation

This section lists the product documentation for the Cisco ACI.

Web-Based Documentation

  • Cisco APIC Management Information Model Reference
  • Cisco APIC Online Help Reference
  • Cisco ACI MIB Support List

Downloadable Documentation

  • Cisco ACI Fundamentals
  • Cisco APIC Getting Started Guide
  • Cisco APIC REST API User Guide
  • Cisco APIC Command Line Interface User Guide
  • Cisco ACI Switch CLI Command Reference, NX-OS Release 11.0
  • Cisco APIC Faults, Events, and Error Messages Guide
  • Cisco ACI System Messages Reference Guide
  • Cisco ACI Troubleshooting Guide
  • Cisco NX-OS to APIC Mapping Guide
  • Cisco APIC Layer 4 to Layer 7 Device Package Development Guide
  • Cisco APIC Layer 4 to Layer 7 Services Deployment Guide
  • Cisco AVS Configuration Guide
  • Cisco AVS Installation and Upgrade Guide
  • Cisco ACI MIB Quick Reference
  • Cisco ACI Fabric Hardware Installation Guide
  • Cisco ACI MIB Quick Reference
  • Cisco APIC Release Notes
  • Cisco Application Centric Infrastructure Release Notes

Hardware Documentation

Cisco Nexus 9336PQ ACI-Mode Switch Hardware Installation Guide

Cisco Nexus 9508 ACI-Mode Switch Hardware Installation Guide

This document is to be used in conjunction with the documents listed in the “Related Documentation” section.

Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this URL: www.cisco.com/go/trademarks. Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1110R)

Any Internet Protocol (IP) addresses and phone numbers used in this document are not intended to be actual addresses and phone numbers. Any examples, command display output, network topology diagrams, and other figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses or phone numbers in illustrative content is unintentional and coincidental.

© 2014 Cisco Systems, Inc. All rights reserved.

 

Was this Document Helpful?

FeedbackFeedback

Contact Cisco

This Document Applies to These Products