Table Of Contents
Traffic Routing, Forwarding, and Management
Obtaining Documentation and Submitting a Service Request
Cisco Nexus 4001I and 4005I Switch Module for IBM BladeCenter NX-OS Release Notes, Release 4.1(2)E1(1d)
Date: June 11, 2010Part Number: OL-20701-04 A0This document describes the features, caveats, and limitations for Cisco NX-OS software for use on the Cisco Nexus 4001I and 4005I Switch Module for IBM BladeCenter. Use this document in combination with the documents listed in the "Related Documentation" section.
![]()
Note
Release notes are sometimes updated with new information about restrictions and caveats. See the following website for the most recent version of the Cisco Nexus 4001I and 4005I Switch Module for IBM BladeCenter NX-OS Release Notes: http://www.cisco.com/en/US/products/ps10596/tsd_products_support_series_home.html
Table 1 shows the online change history for this document.
Contents
This document includes the following sections:
•
Obtaining Documentation and Submitting a Service Request
Introduction
The Cisco Nexus 4001I and 4005I Switch Module for IBM BladeCenter (also referred to in this document as the switch) is a Layer 2 device, which runs Cisco NX-OS. The Cisco NX-OS Release 4.1(2)E1(1d) software supports the Cisco Nexus 4001I and 4005I Switch Module for IBM BladeCenter including certain features that are specific to the product. The Cisco NX-OS software also interoperates with any networking operating system that conforms to the IEEE and RFC compliance standards.
The switch is a 10/1-Gb Ethernet switch for the IBM BladeCenter chassis. The switch offers a solution in high-end data centers where server virtualization and I/O consolidation are required.
System Requirements
This section includes the following topics:
Memory Requirements
The Cisco NX-OS software requires 2 GB of memory.
Hardware Supported
The Cisco NX-OS software supports the Cisco Nexus 4001I and 4005I Switch Module for IBM BladeCenter. You can find detailed information about supported hardware in the Cisco Nexus 4001I and 4005I Switch Module for IBM BladeCenter Hardware Installation Guide.
Software Compatibility
This section briefly describes the salient features supported in Cisco NX-OS Release 4.1(2)E1(1d) for the Cisco Nexus 4001I and 4005I Switch Module for IBM BladeCenter. For detailed information about the features listed, see the documents listed in the "Related Documentation" section.
The Cisco NX-OS software provides a unified operating system that is designed to run all areas of the data center network including the LAN and Layer 4 through Layer 7 network services.
The Cisco NX-OS software also supports distributed multithreaded processing on symmetric multiprocessors (SMPs), multi-core CPUs, and distributed data module processors. The Cisco NX-OS software offloads computationally intensive tasks, such as hardware table programming, to dedicated processors distributed across the data modules. The modular processes are created on demand, each in a separate protected memory space. Processes are started and system resources are allocated only when you enable a feature. A real-time preemptive scheduler helps to ensure the timely processing of critical functions.
This section describes the key Cisco NX-OS software and includes the following topics:
•
Traffic Routing, Forwarding, and Management
Serviceability
The Cisco NX-OS software has serviceability functions that allow the device to respond to network trends and events. These features help you with network planning and improving response times.
This section includes the following topics:
Switched Port Analyzer
The Switched Port Analyzer (SPAN) feature allows you to analyze all traffic between ports (called the SPAN source ports) by nonintrusively directing the SPAN session traffic to a SPAN destination port that has an external analyzer attached to it.
Ethanalyzer
Ethanalyzer is a Cisco NX-OS protocol analyzer tool based on the Wireshark (formerly Ethereal) open source code. Ethanalyzer is a command-line version of Wireshark for capturing and decoding packets. You can use Ethanalyzer to troubleshoot your network and analyze the control-plane traffic.
Call Home
The Call Home feature continuously monitors hardware and software components to provide e-mail-based notification of critical system events. A versatile range of message formats is available for optimal compatibility with pager services, standard e-mail, and XML-based automated parsing applications. It offers alert grouping capabilities and customizable destination profiles.You can use this feature, for example, to directly page a network support engineer, send an e-mail message to a network operations center (NOC), and employ Cisco AutoNotify services to directly generate a case with the Cisco Technical Assistance Center (TAC).
Online Diagnostics
The Online Health Management System (OHMS) is a hardware fault detection and recovery feature. It ensures the general health of the switch.
Manageability
This section includes the following topics:
•
Simple Network Management Protocol
•
Cisco NX-OS Device Configuration Methods
Simple Network Management Protocol
The Cisco NX-OS software is compliant with Simple Network Management Protocol (SNMP) version 1, version 2, and version 3. A large number of MIBs is supported.
Role-Based Access Control
With role-based access control (RBAC), you can limit access to device operations by assigning roles to users. You can customize access and restrict it to the users who require it.
Cisco NX-OS Device Configuration Methods
You can configure devices using the CLI from a Secure Shell (SSH) session or a Telnet session. SSH provides a secure connection to the switch. You can also configure devices using the XML management interface, which is a programmatic method based on the NETCONF protocol that complements the CLI.
Traffic Routing, Forwarding, and Management
This section includes the following topics:
Ethernet Switching
The Cisco NX-OS software supports high-density, high-performance Ethernet systems and provides the following Ethernet switching features:
•
IEEE 802.1D-2004 Rapid and Multiple Spanning Tree Protocols (802.1w and 802.1s)
•
IEEE 802.1Q VLANs and trunks
•
512-subscriber VLANs
•
IEEE 802.3ad link aggregation
•
Private VLANs
•
Unidirectional Link Detection (UDLD) in aggressive and standard modes
IP Multicast
The Cisco NX-OS includes the following multicast protocols and functions:
•
Internet Group Management Protocol (IGMP) Versions 1, 2, and 3 router role
•
IGMPv2 host mode
•
IGMP snooping
FCoE Initialization Protocol
The Cisco NX-OS supports the FIP snooping bridge feature. The switch operates as a loss-less Ethernet bridge transparently forwarding FCoE packets.
Quality of Service
The Cisco NX-OS quality of service (QoS) support allows you to classify the network traffic, police and prioritize the traffic flow, and provide congestion avoidance.
Network Security Features
Cisco NX-OS includes the following security features:
•
Authentication, authorization, and accounting (AAA)
•
RADIUS and TACACS+
•
SSH Protocol Version 2
•
SNMPv3
•
Policies based on MAC and IPv4 addresses supported by named ACLs (port-based ACLs [PACLs], VLAN-based ACLs [VACLs])
•
Traffic storm control (unicast, multicast, and broadcast)
Upgrade/Downgrade Caveats
Upgrades and downgrades between Cisco NX-OS Release 4.1(2)E1(1d), Cisco NX-OS Release 4.1(2)E1(1b), and Cisco NX-OS Release 4.1(2)E1(1) will preserve configurations. However, an upgrade will be disruptive.
There are no upgrade or downgrade caveats for Cisco NX-OS Release 4.1(2)E1(1d).
New Software Features
Cisco NX-OS Release 4.1(2)E1(1d) for the Cisco Nexus 4001I and 4005I Switch Module for IBM BladeCenter has no new software features.
Limitations
This section describes the limitations in Cisco NX-OS Release 4.1(2)E1(1d) for the Cisco Nexus 4001I and 4005I Switch Module for IBM BladeCenter.
This section includes the following caveats:
•
CSCsy59059
Symptom: If you configure a switch with the switchport block unicast command or the switchport block multicast command, the commands have no effect.
Conditions: You may see this symptom because the switch does not support the switchport block unicast command or the switchport block multicast command.
Workaround: Use the storm-control unicast level 100.00 command or the storm-control multicast level 100.00 command instead.
•
CSCsz85289
Symptom: It is not possible to resequence rules in a VACL.
Conditions: You may see this symptom when you attempt to resequence VACLs. Once the rules are added to a VACL in a sequence, you cannot change the sequence.
Workaround: Delete the entire set of rules in the VACL, and add them again.
If there is a VACL as in the following example, it is not possible to resequence the VACL matching IP ACL to 10 and VACL matching MAC ACL to 20:
switch(config)# vlan access-map vlan1 10
switch(config-access-map)# match mac address mac1
switch(config-access-map)# action forward
switch(config-access-map)# statistics per-entry
switch(config)# vlan access-map vlan1 20
switch(config-access-map)# match ip address ip1
switch(config-access-map)# action drop
switch(config-access-map)# statistics per-entry
Use a simple CLI for the workaround as follows:
switch(config)# vlan access-map vlan1 10
switch(config-access-map)# no match mac address mac1
switch(config-access-map)# no action forward
switch(config-access-map)# match ip address ip1
switch(config-access-map)# action drop
switch(config-access-map)# exit
switch(config)# vlan access-map vlan1 20
switch(config-access-map)# no match ip address ip1
switch(config-access-map)# no action drop
switch(config-access-map)# match mac address mac1
switch(config-access-map)# action forward
switch(config-access-map)# exit
•
CSCta26017
Symptom: The bandwidth allocation does not work accurately if the egress traffic for a CoS is only multicast.
Conditions: You may see this symptom when the multicast traffic is to be transmitted on multiple ports. The symptom only occurs if destination ports are in the same port group.
Workaround: Distribute the destination ports among different port groups. Use the command show hardware internal ele-fwd driver-info to locate the front port and ASIC port mapping. There are four port groups in our system: (0-4), (5-9), (10-14), and 15-19). The numbering is indicated in terms of the ASIC ports in the output following the command.
•
CSCta28309
Symptom: Actions on VACL with no rules affect the traffic matching credible VACL rule.
Conditions: A single VLAN access map can have different actions for different ACLs. The commands used to configure it follows:
switch(config)# vlan access-map vacl1 10
switch(config-access-map)# action forward
switch(config-access-map)# match mac address mac-acl-one
switch(config-access-map)# vlan access-map vacl1 20
switch(config-access-map)# action drop
switch(config-access-map)# match mac address mac-acl-two
switch(config-access-map)# vlan access-map vacl1 30
switch(config-access-map)# action redirect eth1/10
switch(config-access-map)# match mac address mac-acl-three
The three VACLs in the preceding example are part of one VLAN access map. Any change to any one of the access maps will result in reprogramming the entire access map (of all the sequence numbers). The reprogramming might result in traffic disruption.
Workaround: To prevent traffic disruption, define the VLAN access map in separate VLAN access maps (with different names).
•
CSCta48031
Symptom: Outgoing CPU generated traffic cannot be spanned.
Conditions: You may see this symptom when an interface is configured as a source port of a SPAN session (the direction being transmit only or transmit and receive). The CPU generated traffic could be for SoL, CDP, STP and so on.
Workaround: No workaround is available.
•
CSCtb40514
Symptom: The switch can be configured with the same IP address on the front panel management port mgmt 0 and using the AMM on the management port mgmt 1. This configuration is not considered an error and both the interfaces remain operational.
Conditions: You may see this symptom when you configure the same IP address on management port mgmt 0 and management port mgmt 1.
Workaround: Do not configure the same IP address on management port mgmt 0 and management port mgmt 1.
•
CSCtb68736
Symptom: Users see a "port not compatible [speed]" error message while adding the downlink ports to a port-channel.
Conditions: You may see this symptom under the default configuration setting, when a downlink port is added as a member of port-channel interface.
Workaround: Enter the speed 10000 command on the member port before adding it to the port-channel interface. As the show interface brief command displays the running speed of the downlink port, there may be some confusion in identifying the mismatch in speed. The default speed for the downlink interface is "auto" which does not match the default speed of the port-channel interface which is "10 G".
•
CSCtb99418
Symptom: If you configure a switch port speed to auto by entering the speed auto command under the interface sub-command, the port may not link up.
Conditions: You may see this symptom when the blade server has the NetXen NIC installed.
Workaround: Configure the port speed to 10 G by entering the speed 10000 command.
•
CSCtc01560
Symptom: A monitor port cannot be the destination port for more than one SPAN session.
Conditions: You may see this symptom when the destination port of one session is configured as the destination port for the second session.
Workaround: No workaround is available.
Caveats
This section describes caveats and includes the following topics:
Open Caveats
This section describes the open caveats in Cisco NX-OS Release 4.1(2)E1(1d) for the Cisco Nexus 4001I and 4005I Switch Module for IBM BladeCenter.
This section includes the following open caveats:
•
CSCsz81239
Symptom: The version of the Network Time Protocol (NTP) software used on the switch is 4.2.0a. Therefore, it is vulnerable to CVE-2009-0159.
Conditions: This symptom occurs when you operate the switch.
Workaround: No workaround is available.
•
CSCta41968
Symptom: The SSH becomes disabled while applying the "ssh key rsa 2048" line after a reload.
Conditions: You may see this symptom upon reloading, when the ASCII configuration containing the line "ssh key rsa 2048" is copied to the running configuration.
Workaround: If you lose access to the switch, use the serial console to enable it.
•
CSCtb28328
Symptom: FIP sessions do not come up even though it appears as though enabling FIP snooping on a VLAN has succeeded when the ACL table is full.
Conditions: You may see this symptom because the ACL table is full and attempts to install ACLs when FIP is enabled on a VLAN fail.
Workaround: Whenever it is possible to do so, reduce the number of ACLs in use, save the configuration, and reload.
•
CSCtb99161
Symptom: Whenever a type qos policy is applied on a port channel, the show commands do not show that policy on the member interfaces of that port channel.
Conditions: You may see this symptom when a type qos policy is applied on a port channel and you type a show command to show that policy.
Workaround: In the hardware, the policy is applied correctly to the member interfaces, and whenever a policy is applied on a port channel, any existing policy on the member interface is overridden by the policy on the port channel.
•
CSCth14602
Symptom: When the user disables the external management from AMM, all the switch virtual interfaces (SVIs) on the switch are disabled.
Conditions: This symptom occurs when SVIs configured on the switch are administratively brought up from the CLI and enabled from AMM. If users want to disable the SVIs later, they must do so using the AMM or the switch CLI. If the user disables external management using AMM, and then reloads the switch, this configuration is lost and the SVIs are enabled on the switch.
Workaround: To permanently disable external management, always disable SVIs from the CLI using the interface vlan CLI commands.
Resolved Caveats
All the caveats listed in this section are resolved in Cisco NX-OS Release 4.1(2)E1(1d) for the Cisco Nexus 4001I and 4005I Switch Module for IBM BladeCenter. They were open in Cisco NX-OS Release 4.1(2)E1(1b).
This section includes the following caveats:
•
CSCth05183
Symptom: SVI configuration is lost on changing the management interface (mgmt1) IP Address from AMM.
Conditions: You may see this symptom when you create an SVI IP address on the switch, and then change the management interface (mgmt1) IP address through the AMM. The SVI configuration on the switch is lost after a reload.
Workaround: This issue is resolved.
•
CSCth05266
Symptom: The management interface (mgmt1) IP Address is not reachable after reloading the switch.
Conditions: You may see this symptom after reloading the switch when SVI is configured in the system.
Workaround: This issue is resolved.
•
CSCth05293
Symptom: A memory leak in the Netstack process causes the switch to crash.
Conditions: You may see this symptom when any traffic is directed to the control plane, using ping, ssh, or Simple Network Management Protocol (SNMP). This symptom was observed in release 4.1(2)E1(1b).
Workaround: This issue is resolved.
•
CSCtg78861
Symptom: After a Spanning Tree Protocol (STP) state change, SVI traffic on the affected ports does not egress from the switch.
Conditions: You may see this symptom when during the STP state change, the physical port information changes for a SVI interface. Since the Adjmgr database is not updated to the new "fwd" physical interface, the packet is sent to the STP blocked port, resulting in the packets being dropped. This results in a failure to ping the SVI after the STP state change.
Workaround: This issue is resolved.
•
CSCtf91116
Symptom: The Simple Network Management Protocol (SNMP) process on a switch that runs Cisco NX-OS Release 4.1(2)E1(1b) slowly leaks memory causing the SNMP agent process (snmpd) to crash and the switch to reload.
Conditions: You may see this symptom when you poll the ifEntry (1.3.6.1.2.1.2.2.1) Management Information Base (MIB) object.
Workaround: This issue is resolved.
Related Documentation
Cisco Nexus 4001I and 4005I Switch Module for IBM BladeCenter NX-OS documentation is available at the following URL:
http://www.cisco.com/en/US/products/ps10596/tsd_products_support_series_home.html
The following are related documents:
•
Cisco Nexus 4001I and 4005I Switch Module for IBM BladeCenter NX-OS Command Reference
•
Cisco Nexus 4001I and 4005I Switch Module for IBM BladeCenter NX-OS Configuration Guide
•
Cisco NX-OS System Messages Reference
•
Cisco Nexus 4001I and 4005I Switch Module for IBM BladeCenter Getting Started Guide
•
Cisco Nexus 4001I and 4005I Switch Module for IBM BladeCenter Hardware Installation Guide
•
Regulatory Compliance and Safety Information for the Cisco Nexus 4001I and 4005I Switch Module for IBM BladeCenter
Obtaining Documentation and Submitting a Service Request
For information on obtaining documentation, submitting a service request, and gathering additional information, see the monthly What's New in Cisco Product Documentation, which also lists all new and revised Cisco technical documentation, at:
http://www.cisco.com/en/US/docs/general/whatsnew/whatsnew.html
Subscribe to the What's New in Cisco Product Documentation as a Really Simple Syndication (RSS) feed and set content to be delivered directly to your desktop using a reader application. The RSS feeds are a free service and Cisco currently supports RSS Version 2.0.
![]()
![]()
Cisco and the Cisco Logo are trademarks of Cisco Systems, Inc. and/or its affiliates in the U.S. and other countries. A listing of Cisco's trademarks can be found at www.cisco.com/go/trademarks. Third party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1005R)
Cisco Nexus 4001I and 4005I Switch Module for IBM BladeCenter NX-OS Release Notes, Release 4.1(2)E1(1d)
© 2010 Cisco Systems, Inc. All rights reserved.