Cisco Nexus 4001I and 4005I Switch Module for IBM BladeCenter NX-OS Release Notes, Release 4.1(2)E1(1d)
Available Languages
Table Of Contents
Traffic Routing, Forwarding, and Management
Obtaining Documentation and Submitting a Service Request
Cisco Nexus 4001I and 4005I Switch Module for IBM BladeCenter NX-OS Release Notes, Release 4.1(2)E1(1d)
Date: June 11, 2010Part Number: OL-20701-04 A0This document describes the features, caveats, and limitations for Cisco NX-OS software for use on the Cisco Nexus 4001I and 4005I Switch Module for IBM BladeCenter. Use this document in combination with the documents listed in the "Related Documentation" section.
Note
Release notes are sometimes updated with new information about restrictions and caveats. See the following website for the most recent version of the Cisco Nexus 4001I and 4005I Switch Module for IBM BladeCenter NX-OS Release Notes: http://www.cisco.com/en/US/products/ps10596/tsd_products_support_series_home.html
Table 1 shows the online change history for this document.
Contents
This document includes the following sections:
•
Introduction
The Cisco Nexus 4001I and 4005I Switch Module for IBM BladeCenter (also referred to in this document as the switch) is a Layer 2 device, which runs Cisco NX-OS. The Cisco NX-OS Release 4.1(2)E1(1d) software supports the Cisco Nexus 4001I and 4005I Switch Module for IBM BladeCenter including certain features that are specific to the product. The Cisco NX-OS software also interoperates with any networking operating system that conforms to the IEEE and RFC compliance standards.
The switch is a 10/1-Gb Ethernet switch for the IBM BladeCenter chassis. The switch offers a solution in high-end data centers where server virtualization and I/O consolidation are required.
System Requirements
This section includes the following topics:
Memory Requirements
The Cisco NX-OS software requires 2 GB of memory.
Hardware Supported
The Cisco NX-OS software supports the Cisco Nexus 4001I and 4005I Switch Module for IBM BladeCenter. You can find detailed information about supported hardware in the Cisco Nexus 4001I and 4005I Switch Module for IBM BladeCenter Hardware Installation Guide.
Software Compatibility
This section briefly describes the salient features supported in Cisco NX-OS Release 4.1(2)E1(1d) for the Cisco Nexus 4001I and 4005I Switch Module for IBM BladeCenter. For detailed information about the features listed, see the documents listed in the "Related Documentation" section.
The Cisco NX-OS software provides a unified operating system that is designed to run all areas of the data center network including the LAN and Layer 4 through Layer 7 network services.
The Cisco NX-OS software also supports distributed multithreaded processing on symmetric multiprocessors (SMPs), multi-core CPUs, and distributed data module processors. The Cisco NX-OS software offloads computationally intensive tasks, such as hardware table programming, to dedicated processors distributed across the data modules. The modular processes are created on demand, each in a separate protected memory space. Processes are started and system resources are allocated only when you enable a feature. A real-time preemptive scheduler helps to ensure the timely processing of critical functions.
This section describes the key Cisco NX-OS software and includes the following topics:
•
Serviceability
The Cisco NX-OS software has serviceability functions that allow the device to respond to network trends and events. These features help you with network planning and improving response times.
This section includes the following topics:
Switched Port Analyzer
The Switched Port Analyzer (SPAN) feature allows you to analyze all traffic between ports (called the SPAN source ports) by nonintrusively directing the SPAN session traffic to a SPAN destination port that has an external analyzer attached to it.
Ethanalyzer
Ethanalyzer is a Cisco NX-OS protocol analyzer tool based on the Wireshark (formerly Ethereal) open source code. Ethanalyzer is a command-line version of Wireshark for capturing and decoding packets. You can use Ethanalyzer to troubleshoot your network and analyze the control-plane traffic.
Call Home
The Call Home feature continuously monitors hardware and software components to provide e-mail-based notification of critical system events. A versatile range of message formats is available for optimal compatibility with pager services, standard e-mail, and XML-based automated parsing applications. It offers alert grouping capabilities and customizable destination profiles.You can use this feature, for example, to directly page a network support engineer, send an e-mail message to a network operations center (NOC), and employ Cisco AutoNotify services to directly generate a case with the Cisco Technical Assistance Center (TAC).
Online Diagnostics
The Online Health Management System (OHMS) is a hardware fault detection and recovery feature. It ensures the general health of the switch.
Manageability
This section includes the following topics:
•
•
Simple Network Management Protocol
The Cisco NX-OS software is compliant with Simple Network Management Protocol (SNMP) version 1, version 2, and version 3. A large number of MIBs is supported.
Role-Based Access Control
With role-based access control (RBAC), you can limit access to device operations by assigning roles to users. You can customize access and restrict it to the users who require it.
Cisco NX-OS Device Configuration Methods
You can configure devices using the CLI from a Secure Shell (SSH) session or a Telnet session. SSH provides a secure connection to the switch. You can also configure devices using the XML management interface, which is a programmatic method based on the NETCONF protocol that complements the CLI.
Traffic Routing, Forwarding, and Management
This section includes the following topics:
Ethernet Switching
The Cisco NX-OS software supports high-density, high-performance Ethernet systems and provides the following Ethernet switching features:
•
•
•
•
•
•
IP Multicast
The Cisco NX-OS includes the following multicast protocols and functions:
•
•
•
FCoE Initialization Protocol
The Cisco NX-OS supports the FIP snooping bridge feature. The switch operates as a loss-less Ethernet bridge transparently forwarding FCoE packets.
Quality of Service
The Cisco NX-OS quality of service (QoS) support allows you to classify the network traffic, police and prioritize the traffic flow, and provide congestion avoidance.
Network Security Features
Cisco NX-OS includes the following security features:
•
•
•
•
•
•
Upgrade/Downgrade Caveats
Upgrades and downgrades between Cisco NX-OS Release 4.1(2)E1(1d), Cisco NX-OS Release 4.1(2)E1(1b), and Cisco NX-OS Release 4.1(2)E1(1) will preserve configurations. However, an upgrade will be disruptive.
There are no upgrade or downgrade caveats for Cisco NX-OS Release 4.1(2)E1(1d).
New Software Features
Cisco NX-OS Release 4.1(2)E1(1d) for the Cisco Nexus 4001I and 4005I Switch Module for IBM BladeCenter has no new software features.
Limitations
This section describes the limitations in Cisco NX-OS Release 4.1(2)E1(1d) for the Cisco Nexus 4001I and 4005I Switch Module for IBM BladeCenter.
This section includes the following caveats:
•
Symptom: If you configure a switch with the switchport block unicast command or the switchport block multicast command, the commands have no effect.
Conditions: You may see this symptom because the switch does not support the switchport block unicast command or the switchport block multicast command.
Workaround: Use the storm-control unicast level 100.00 command or the storm-control multicast level 100.00 command instead.
•
Symptom: It is not possible to resequence rules in a VACL.
Conditions: You may see this symptom when you attempt to resequence VACLs. Once the rules are added to a VACL in a sequence, you cannot change the sequence.
Workaround: Delete the entire set of rules in the VACL, and add them again.
If there is a VACL as in the following example, it is not possible to resequence the VACL matching IP ACL to 10 and VACL matching MAC ACL to 20:
switch(config)# vlan access-map vlan1 10switch(config-access-map)# match mac address mac1switch(config-access-map)# action forwardswitch(config-access-map)# statistics per-entryswitch(config)# vlan access-map vlan1 20switch(config-access-map)# match ip address ip1switch(config-access-map)# action dropswitch(config-access-map)# statistics per-entryUse a simple CLI for the workaround as follows:
switch(config)# vlan access-map vlan1 10switch(config-access-map)# no match mac address mac1switch(config-access-map)# no action forwardswitch(config-access-map)# match ip address ip1switch(config-access-map)# action dropswitch(config-access-map)# exitswitch(config)# vlan access-map vlan1 20switch(config-access-map)# no match ip address ip1switch(config-access-map)# no action dropswitch(config-access-map)# match mac address mac1switch(config-access-map)# action forwardswitch(config-access-map)# exit•
Symptom: The bandwidth allocation does not work accurately if the egress traffic for a CoS is only multicast.
Conditions: You may see this symptom when the multicast traffic is to be transmitted on multiple ports. The symptom only occurs if destination ports are in the same port group.
Workaround: Distribute the destination ports among different port groups. Use the command show hardware internal ele-fwd driver-info to locate the front port and ASIC port mapping. There are four port groups in our system: (0-4), (5-9), (10-14), and 15-19). The numbering is indicated in terms of the ASIC ports in the output following the command.
•
Symptom: Actions on VACL with no rules affect the traffic matching credible VACL rule.
Conditions: A single VLAN access map can have different actions for different ACLs. The commands used to configure it follows:
switch(config)# vlan access-map vacl1 10switch(config-access-map)# action forwardswitch(config-access-map)# match mac address mac-acl-oneswitch(config-access-map)# vlan access-map vacl1 20switch(config-access-map)# action dropswitch(config-access-map)# match mac address mac-acl-twoswitch(config-access-map)# vlan access-map vacl1 30switch(config-access-map)# action redirect eth1/10switch(config-access-map)# match mac address mac-acl-threeThe three VACLs in the preceding example are part of one VLAN access map. Any change to any one of the access maps will result in reprogramming the entire access map (of all the sequence numbers). The reprogramming might result in traffic disruption.
Workaround: To prevent traffic disruption, define the VLAN access map in separate VLAN access maps (with different names).
•
Symptom: Outgoing CPU generated traffic cannot be spanned.
Conditions: You may see this symptom when an interface is configured as a source port of a SPAN session (the direction being transmit only or transmit and receive). The CPU generated traffic could be for SoL, CDP, STP and so on.
Workaround: No workaround is available.
•
Symptom: The switch can be configured with the same IP address on the front panel management port mgmt 0 and using the AMM on the management port mgmt 1. This configuration is not considered an error and both the interfaces remain operational.
Conditions: You may see this symptom when you configure the same IP address on management port mgmt 0 and management port mgmt 1.
Workaround: Do not configure the same IP address on management port mgmt 0 and management port mgmt 1.
•
Symptom: Users see a "port not compatible [speed]" error message while adding the downlink ports to a port-channel.
Conditions: You may see this symptom under the default configuration setting, when a downlink port is added as a member of port-channel interface.
Workaround: Enter the speed 10000 command on the member port before adding it to the port-channel interface. As the show interface brief command displays the running speed of the downlink port, there may be some confusion in identifying the mismatch in speed. The default speed for the downlink interface is "auto" which does not match the default speed of the port-channel interface which is "10 G".
•
Symptom: If you configure a switch port speed to auto by entering the speed auto command under the interface sub-command, the port may not link up.
Conditions: You may see this symptom when the blade server has the NetXen NIC installed.
Workaround: Configure the port speed to 10 G by entering the speed 10000 command.
•
Symptom: A monitor port cannot be the destination port for more than one SPAN session.
Conditions: You may see this symptom when the destination port of one session is configured as the destination port for the second session.
Workaround: No workaround is available.
Caveats
This section describes caveats and includes the following topics:
Open Caveats
This section describes the open caveats in Cisco NX-OS Release 4.1(2)E1(1d) for the Cisco Nexus 4001I and 4005I Switch Module for IBM BladeCenter.
This section includes the following open caveats:
•
Symptom: The version of the Network Time Protocol (NTP) software used on the switch is 4.2.0a. Therefore, it is vulnerable to CVE-2009-0159.
Conditions: This symptom occurs when you operate the switch.
Workaround: No workaround is available.
•
Symptom: The SSH becomes disabled while applying the "ssh key rsa 2048" line after a reload.
Conditions: You may see this symptom upon reloading, when the ASCII configuration containing the line "ssh key rsa 2048" is copied to the running configuration.
Workaround: If you lose access to the switch, use the serial console to enable it.
•
Symptom: FIP sessions do not come up even though it appears as though enabling FIP snooping on a VLAN has succeeded when the ACL table is full.
Conditions: You may see this symptom because the ACL table is full and attempts to install ACLs when FIP is enabled on a VLAN fail.
Workaround: Whenever it is possible to do so, reduce the number of ACLs in use, save the configuration, and reload.
•
Symptom: Whenever a type qos policy is applied on a port channel, the show commands do not show that policy on the member interfaces of that port channel.
Conditions: You may see this symptom when a type qos policy is applied on a port channel and you type a show command to show that policy.
Workaround: In the hardware, the policy is applied correctly to the member interfaces, and whenever a policy is applied on a port channel, any existing policy on the member interface is overridden by the policy on the port channel.
•
Symptom: When the user disables the external management from AMM, all the switch virtual interfaces (SVIs) on the switch are disabled.
Conditions: This symptom occurs when SVIs configured on the switch are administratively brought up from the CLI and enabled from AMM. If users want to disable the SVIs later, they must do so using the AMM or the switch CLI. If the user disables external management using AMM, and then reloads the switch, this configuration is lost and the SVIs are enabled on the switch.
Workaround: To permanently disable external management, always disable SVIs from the CLI using the interface vlan CLI commands.
Resolved Caveats
All the caveats listed in this section are resolved in Cisco NX-OS Release 4.1(2)E1(1d) for the Cisco Nexus 4001I and 4005I Switch Module for IBM BladeCenter. They were open in Cisco NX-OS Release 4.1(2)E1(1b).
This section includes the following caveats:
•
Symptom: SVI configuration is lost on changing the management interface (mgmt1) IP Address from AMM.
Conditions: You may see this symptom when you create an SVI IP address on the switch, and then change the management interface (mgmt1) IP address through the AMM. The SVI configuration on the switch is lost after a reload.
Workaround: This issue is resolved.
•
Symptom: The management interface (mgmt1) IP Address is not reachable after reloading the switch.
Conditions: You may see this symptom after reloading the switch when SVI is configured in the system.
Workaround: This issue is resolved.
•
Symptom: A memory leak in the Netstack process causes the switch to crash.
Conditions: You may see this symptom when any traffic is directed to the control plane, using ping, ssh, or Simple Network Management Protocol (SNMP). This symptom was observed in release 4.1(2)E1(1b).
Workaround: This issue is resolved.
•
Symptom: After a Spanning Tree Protocol (STP) state change, SVI traffic on the affected ports does not egress from the switch.
Conditions: You may see this symptom when during the STP state change, the physical port information changes for a SVI interface. Since the Adjmgr database is not updated to the new "fwd" physical interface, the packet is sent to the STP blocked port, resulting in the packets being dropped. This results in a failure to ping the SVI after the STP state change.
Workaround: This issue is resolved.
•
Symptom: The Simple Network Management Protocol (SNMP) process on a switch that runs Cisco NX-OS Release 4.1(2)E1(1b) slowly leaks memory causing the SNMP agent process (snmpd) to crash and the switch to reload.
Conditions: You may see this symptom when you poll the ifEntry (1.3.6.1.2.1.2.2.1) Management Information Base (MIB) object.
Workaround: This issue is resolved.
Related Documentation
Cisco Nexus 4001I and 4005I Switch Module for IBM BladeCenter NX-OS documentation is available at the following URL:
http://www.cisco.com/en/US/products/ps10596/tsd_products_support_series_home.html
The following are related documents:
•
•
•
•
•
•
Obtaining Documentation and Submitting a Service Request
For information on obtaining documentation, submitting a service request, and gathering additional information, see the monthly What's New in Cisco Product Documentation, which also lists all new and revised Cisco technical documentation, at:
http://www.cisco.com/en/US/docs/general/whatsnew/whatsnew.html
Subscribe to the What's New in Cisco Product Documentation as a Really Simple Syndication (RSS) feed and set content to be delivered directly to your desktop using a reader application. The RSS feeds are a free service and Cisco currently supports RSS Version 2.0.
Cisco and the Cisco Logo are trademarks of Cisco Systems, Inc. and/or its affiliates in the U.S. and other countries. A listing of Cisco's trademarks can be found at www.cisco.com/go/trademarks. Third party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1005R)
Cisco Nexus 4001I and 4005I Switch Module for IBM BladeCenter NX-OS Release Notes, Release 4.1(2)E1(1d)
© 2010 Cisco Systems, Inc. All rights reserved.
FeedbackLet Us Help
- Open a Support Case
- (Requires a Cisco Service Contract)