Table of Contents
Cisco Nexus 1000V Release Notes, Release 4.2(1)SV1(5.2)
Software Compatibility with VMware
Software Compatibility with Cisco Nexus 1000V
Single VMware Data Center Support
Cisco NX-OS Commands Might Differ from Cisco IOS
DHCP Not Supported for the Management IP
VM Name Display Length Limitation
Copy Running-Config Startup-Config Command
Platform, Infrastructure, Ports, Port Channel, and Port Profiles
Cisco Virtual Security Gateway
Obtaining Documentation and Submitting a Service Request
Cisco Nexus 1000V Release Notes, Release 4.2(1)SV1(5.2)
Part Number: OL-27571-01
Current Release: NX-OS Release 4.2(1)SV1(5.2)This document describes the features, limitations, and caveats for the Cisco Nexus 1000V Release 4.2(1)SV1(5.2) software. Use this document in combination with documents listed in the “Related Documentation” section. The following is the change history for this document.
Added new software feature information for Release 4.2(1)SV1(5.2).
Added note for VSG solution not supporting VMware vSphere 5.1
Updated the “LACP” section and added the “Upstream Switch Ports” section.
Added a note for the change in the vn-service command to vservice command.
Introduction
The Cisco Nexus 1000V provides a distributed, Layer 2 virtual switch that extends across many virtualized hosts. The Cisco Nexus 1000V manages a data center defined by the vCenter Server. Each server in the data center is represented as a line card in the Cisco Nexus 1000V and can be managed as if it were a line card in a physical Cisco switch.
The Cisco Nexus 1000V consists of the following two components:
Software Compatibility
This section includes the following topics:
Software Compatibility with VMware
Note The Cisco VSG solution is not supported with VMware vSphere 5.1.
The servers that run the Cisco Nexus 1000V VSM and VEM must be in the VMware Hardware Compatibility list. This release of the Cisco Nexus 1000V supports vSphere 4.1.0, 5.0.0, and 5.1.0 release trains. For additional compatibility information, see the Cisco Nexus 1000V Compatibility Information, Release 4.2(1)SV1(5.2) .
Note All virtual machine network adapter types that VMware vSphere supports are supported with the Cisco Nexus 1000V. Refer to the VMware documentation when choosing a network adapter. For more information, see the VMware Knowledge Base article #1001805.
New and Changed Information
This section provides the following information about Cisco Nexus 1000V Release 4.2(1)SV1(5.2):
Changed Software Features
The following software features were changed in Cisco Nexus 1000V Release 4.2(1)SV1(5.2):
Installer Enhancements
Starting with Cisco Nexus 1000V Release 4.2(1)SV1(5.1), the Cisco Nexus 1000V Installation Management Center is now a standalone Java application that can install the Cisco Nexus1000V VSM or VEM.
The Cisco Nexus 1000V Installation Management Center supports a single pane for invoking the Cisco Nexus1000V VSM installer and VEM installer.
For more information, see the Cisco Nexus 1000V Installation and Upgrade Guide, Release 4.2(1)SV1(5.2).
New Software Features
The following software features were added in Cisco Nexus 1000V Release 4.2(1)SV1(5.2):
Combined Upgrade
Starting with Cisco Nexus 1000V Release 4.2(1)SV1(5.1), combined upgrades are supported. A combined upgrade is a simultaneous upgrade of both the ESX and the VEM software versions in a host. You can perform the combined upgrading using VMware Update Manager (VUM) or manually.
Note Combined upgrades with VUM require vCenter Server 5.0 Update 1 or later releases.
Note The vn-service command is changed to the vservice command on the VSM port-profile in Nexus 1000V Release 4.2(1)SV1(5.2).
Limitations and Restrictions
The Cisco Nexus 1000V has the following limitations and restrictions:
- Configuration Limits
- Single VMware Data Center Support
- VMotion of VSM
- Access Lists
- NetFlow
- Port Security
- Port Profiles
- Telnet Enabled by Default
- SSH Support
- Cisco NX-OS Commands Might Differ from Cisco IOS
- Layer 2 Switching
- Cisco Discovery Protocol
- DHCP Not Supported for the Management IP
- LACP
- Upstream Switch Ports
- DNS Resolution
- Interfaces
- Layer 3 VSG
- VM Name Display Length Limitation
- ISSU Upgrades
Configuration Limits
Table 1 shows the Cisco Nexus 1000V configuration limits:
2 in an HA Pair (active-standby hosted in the same datacenter)
2 in an HA Pair (active-standby hosted in the same datacenter)
Distributed Virtual Switches (DVS) per vCenter with VMware vCloud Director (vCD)
Distributed Virtual Switches (DVS) per vCenter without VMware vCloud Director (vCD)
1 per VSM HA Pair1
162
128 2
1.Only one connection to vCenter server is permitted at a time.
Single VMware Data Center Support
The Cisco Nexus 1000V can be connected to a single VMware vCenter Server datacenter object. Note that this virtual datacenter can span across multiple physical data centers.
VMotion of VSM
VMotion of the VSM has the following limitations and restrictions:
- VMotion of a VSM is supported for both the active and standby VSM VMs. For high availability, we recommend that the active VSM and standby VSM reside on separate hosts.
- If you enable Distributed Resource Scheduler (DRS), you must use the VMware anti-affinity rules to ensure that the two virtual machines are never on the same host, and that a host failure cannot result in the loss of both the active and standby VSM.
- VMware VMotion does not complete when using an open virtual appliance (OVA) VSM deployment if the CD image is still mounted. To complete the VMotion, either click Edit Settings on the VM to disconnect the mounted CD image, or power off the VM. No functional impact results from this limitation.
- If you are adding one host in a DRS cluster that is using vSwitch to a VSM, you must move the remaining hosts in the DRS cluster to the VSM. Otherwise, the DRS logic does not work, the VMs that are deployed on the VEM could be moved to a host in the cluster that does not have a VEM, and the VMs lose network connectivity.
For more information about VMotion of VSM, see the Cisco Nexus 1000V Software Installation Guide, Release 4.2(1)SV1(5.1) .
Access Lists
NetFlow
The NetFlow configuration has the following support, limitations, and restrictions:
- Layer 2 match fields are not supported.
- NetFlow Sampler is not supported.
- NetFlow Exporter format V9 is supported
- NetFlow Exporter format V5 is not supported.
- The multicast traffic type is not supported. Cache entries are created for multicast packets, but the packet/byte count does not reflect replicated packets.
- NetFlow is not supported on port channels.
The NetFlow cache table has the following limitation:
Note The cache size that is configured using the CLI defines the number of entries, not the size in bytes. The configured entries are allocated for each processor in the ESX host and the total memory allocated depends on the number of processors.
Port Security
Port security has the following support, limitations, and restrictions:
• Port security is enabled globally by default.
The feature/no feature port-security command is not supported.Port Profiles
Port profiles have the following restrictions or limitations:
- There is a limit of 255 characters in a port-profile command attribute.
- We recommend that you save the configuration across reboots, which will shorten the VSM bringup time.
- We recommend that if you are altering or removing a port channel, you should migrate the interfaces that inherit the port channel port profile to a port profile with the desired configuration, rather than editing the original port channel port profile directly.
- If you attempt to remove a port profile that is in use, that is, one that has already been auto-assigned to an interface, the Cisco Nexus 1000V generates an error message and does not allow the removal.
- When you remove a port profile that is mapped to a VMware port group, the associated port group and settings within the vCenter Server are also removed.
- Policy names are not checked against the policy database when ACL/NetFlow policies are applied through the port profile. It is possible to apply a nonexistent policy.
Telnet Enabled by Default
The Telnet server is enabled by default.
For more information about Telnet, see the Cisco Nexus 1000V Security Configuration Guide, Release 4.2(1)SV1(5.1) .
SSH Support
Only SSH version 2 (SSHv2) is supported.
For more information, see the Cisco Nexus 1000V Security Configuration Guide, Release 4.2(1)SV1(5.1) .
Cisco NX-OS Commands Might Differ from Cisco IOS
Be aware that the Cisco NX-OS CLI commands and modes might differ from those commands and modes used in the Cisco IOS software.
For information about CLI commands, see the Cisco Nexus 1000V Command Reference, Release 4.2(1)SV1(5.1) .
Layer 2 Switching
This section lists the Layer 2 switching limitations and restrictions and includes the following topics:
For more information about Layer 2 switching, see the Cisco Nexus 1000V Layer 2 Switching Configuration Guide, Release 4.2(1)SV1(5.1) .
No Spanning Tree Protocol
The Cisco Nexus 1000V forwarding logic is designed to prevent network loops so it does not need to use the Spanning Tree Protocol. Packets that are received from the network on any link connecting the host to the network are not forwarded back to the network by the Cisco Nexus 1000V.
Cisco Discovery Protocol
The Cisco Discovery Protocol (CDP) is enabled globally by default.
CDP runs on all Cisco-manufactured equipment over the data link layer and does the following:
• Advertises information to all attached Cisco devices.
• Discovers and views information about those Cisco devices.
– CDP can discover up to 256 neighbors per port if the port is connected to a hub with 256 connections.
If you disable CDP globally, CDP is also disabled for all interfaces.
For more information about CDP, see the Cisco Nexus 1000V System Management Configuration Guide, Release 4.2(1)SV1(5.1) .
DHCP Not Supported for the Management IP
DHCP is not supported for the management IP. The management IP must be configured statically.
LACP
The Link Aggregation Control Protocol (LACP) is an IEEE standard protocol that aggregates Ethernet links into an EtherChannel.
The Cisco Nexus 1000V has the following restrictions for enabling LACP on ports carrying the control and packet VLANs:
Note These restrictions do not apply to other data ports using LACP.
Note This restriction is not applicable if LACP offload is enabled. You can check the LACP offload status by using the show lacp offload status command.
- The upstream switch ports must be configured in spanning-tree port type edge trunk mode. For more information about this restriction, see Upstream Switch Ports.
Upstream Switch Ports
All upstream switch ports must be configured in spanning-tree port type edge trunk mode.
Without spanning-tree PortFast on upstream switch ports, it takes approximately 30 seconds to recover these ports on the upstream switch. Because these ports are carrying control and packet VLANs, the VSM loses connectivity to the VEM.
The following commands are available to use on Cisco upstream switch ports in interface configuration mode:
DNS Resolution
The Cisco Nexus 1010 (1000V) cannot resolve a domain name or hostname to an IP address.
Interfaces
When the maximum transmission unit (MTU) is configured on an operationally up interface, the interface goes down and comes back up.
Layer 3 VSG
When a VEM communicates with Cisco VSG in Layer 3 mode, an additional header with 94 bytes is added to the original packet. You must set the MTU to a minimum of 1594 bytes to accommodate this extra header for any network interface through which the traffic passes between the Cisco Nexus 1000V and the Cisco VSG. These interfaces can include the uplink port profile, the proxy ARP router, or a virtual switch.
VM Name Display Length Limitation
VM names for VMs on ESX 4.1 hosts that exceed 21 characters are not displayed properly on the VSM. When you use a show vservice command that displays the port profile name, for example, the show vservice port brief port-profile port-profile-name command, only VMs with names that are 21 characters or less are displayed correctly. Longer VM names may cause the VM name to be truncated, or extra characters to be appended to the VM name. Depending on the network adapter, the name length limitation may vary. For example:
- The E1000 or VMXNET 2 network adapters allow 26-character names. At 27 characters, the word ‘.eth’ is appended to the VM name. With each addition to the VM name, a character is truncated from the word ‘.eth’. After 31 characters, the VM name is truncated.
- The VMXNET 3 network adapters allow 21-character names. At 22 characters, the word ‘ ethernet’ is appended to the VM name. With each addition to the VM name, a character is truncated from the word ‘ ethernet’. After 30 characters, the VM name is truncated.
Workaround: This is a display issue with ESX Release 4.1 only. Use VM names of 21 characters or less to avoid this issue.
Caveats
This section includes the following topics:
Open Caveats
The following are descriptions of the caveats in Cisco Nexus 1000V Release 4.2(1)SV1(5.2). The ID links you into the Cisco Bug Toolkit.
Platform, Infrastructure, Ports, Port Channel, and Port Profiles
Quality of Service
Features
VMware
Cisco Virtual Security Gateway
Resolved Caveats
The following are descriptions of caveats that were resolved in Cisco Nexus 1000V Release 4.2(1)SV1(5.2). The ID links you into the Cisco Bug Toolkit.
MIB Support
The Cisco Management Information Base (MIB) list includes Cisco proprietary MIBs and many other Internet Engineering Task Force (IETF) standard MIBs. These standard MIBs are defined in Requests for Comments (RFCs). To find specific MIB information, you must examine the Cisco proprietary MIB structure and related IETF-standard MIBs supported by the Cisco Nexus 1000V Series switch.
The MIB Support List is available at the following FTP site:
ftp://ftp.cisco.com/pub/mibs/supportlists/nexus1000v/Nexus1000VMIBSupportList.html
Related Documentation
This section lists the documents used with the Cisco Nexus 1000V and available on Cisco.com at the following URL:
http://www.cisco.com/en/US/products/ps9902/tsd_products_support_series_home.html
General Information
Cisco Nexus 1000V Documentation Roadmap, Release 4.2(1)SV1(5.1)
Cisco Nexus 1000V Release Notes, Release 4.2(1)SV1(5.2)
Cisco Nexus 1000V Compatibility Information, Release 4.2(1)SV1(5.2)
Cisco Nexus 1010 Management Software Release Notes, Release 4.2(1)SP1(4a)
Install and Upgrade
Cisco Nexus 1000V Installation and Upgrade Guide, Release 4.2(1)SV1(5.2)
Cisco Nexus 1010 Virtual Services Appliance Hardware Installation Guide
Cisco Nexus 1010 Software Installation and Upgrade Guide, Release 4.2(1)SP1(4a)
Configuration Guides
Cisco Nexus 1000V High Availability and Redundancy Configuration Guide, Release 4.2(1)SV1(5.1)
Cisco Nexus 1000V Interface Configuration Guide, Release 4.2(1)SV1(5.1)
Cisco Nexus 1000V Layer 2 Switching Configuration Guide, Release 4.2(1)SV1(5.1)
Cisco Nexus 1000V License Configuration Guide, Release 4.2(1)SV1(5.1)
Cisco Nexus 1000V Network Segmentation Manager Configuration Guide, Release 4.2(1)SV1(5.1)
Cisco Nexus 1000V Port Profile Configuration Guide, Release 4.2(1)SV1(5.1)
Cisco Nexus 1000V Quality of Service Configuration Guide, Release 4.2(1)SV1(5.2)
Cisco Nexus 1000V Security Configuration Guide, Release 4.2(1)SV1(5.1)
Cisco Nexus 1000V System Management Configuration Guide, Release 4.2(1)SV1(5.1)
Cisco Nexus 1000V VXLAN Configuration Guide, Release 4.2(1)SV1(5.1)
Cisco Nexus 1010 Software Configuration Guide, Release 4.2(1)SP1(4)
Programming Guide
Cisco Nexus 1000V XML API User Guide, Release 4.2(1)SV1(5.1)
Reference Guides
Cisco Nexus 1000V Command Reference, Release 4.2(1)SV1(5.1)
Troubleshooting and Alerts
Cisco Nexus 1000V Troubleshooting Guide, Release 4.2(1)SV1(5.1)
Virtual Security Gateway Documentation
Cisco Virtual Security Gateway for Nexus 1000V Series Switch
Network Analysis Module Documentation
Cisco Prime Network Analysis Module Software Documentation Guide, 5.1
Cisco Prime Network Analysis Module (NAM) for Nexus 1010 Installation and Configuration Guide, 5.1
Cisco Prime Network Analysis Module Command Reference Guide 5.1
Cisco Prime Network Analysis Module Software 5.1 Release Notes
Obtaining Documentation and Submitting a Service Request
For information on obtaining documentation, submitting a service request, and gathering additional information, see What’s New in Cisco Product Documentation at: http://www.cisco.com/en/US/docs/general/whatsnew/whatsnew.html .
Subscribe to What’s New in Cisco Product Documentation , which lists all new and revised Cisco technical documentation, as an RSS feed and deliver content directly to your desktop using a reader application. The RSS feeds are a free service.
This document is to be used in conjunction with the documents listed in the “Related Documentation” section.
Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this URL: www.cisco.com/go/trademarks . Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1110R)