Cisco Nexus 5500 Series Release Notes, Release 6.02
Cisco Nexus 2000 Series Fabric Extenders
Online Insertion and Removal Support
New Software Features in Cisco NX-OS Release 6.0(2)N2(7)
New Software Features in Cisco NX-OS Release 6.0(2)N2(6)
New Software Features in Cisco NX-OS Release 6.0(2)N2(5a)
New Software Features in Cisco NX-OS Release 6.0(2)N2(5)
New Software Features in Cisco NX-OS Release 6.0(2)N2(4)
New Software Features in Cisco NX-OS Release 6.0(2)N2(3)
New Software Features in Cisco NX-OS Release 6.0(2)N2(2)
Command Addition: cts role-based batched-programming
New Software Features in Cisco NX-OS Release 6.0(2)N2(1)
Bidirectional Forwarding Detection
Command Update: show lldp system -detail
Embedded Event Manager Support
FEX Host Interface Storm Control
New Software Features in Cisco NX-OS Release 6.0(2)N1(2)
New Software Features in Cisco NX-OS Release 6.0(2)N1(1)
Open Management Infrastructure
New Hardware Features in Cisco NX-OS Release 6.0(2)N2(7)
New Hardware Features in Cisco NX-OS Release 6.0(2)N2(6)
New Hardware Features in Cisco NX-OS Release 6.0(2)N2(5a)
New Hardware Features in Cisco NX-OS Release 6.0(2)N2(5)
New Hardware Features in Cisco NX-OS Release 6.0(2)N2(1b)
New Hardware Features in Cisco NX-OS Release 6.0(2)N2(1)
New Hardware Features in Cisco NX-OS Release 6.0(2)N1(2)
New Hardware Features in Cisco NX-OS Release 6.0(2)N1(1)
Cisco Nexus 2248TP-E Fabric Extender
Cisco Nexus 5000 Series Expansion Modules
New Software Features—Cisco Nexus 5500 Switch
IEEE 1588 Time Synchronization
Support for FCoE on a Dual Homed FEX
New Software Features—Cisco Nexus 5000 Series Switches
Support for Eight Syslog Servers
Upgrading or Downgrading to a New Release
Upgrade and Downgrade Guidelines
Supported Upgrade and Downgrade Paths for Cisco NX-OS Release 6.0(2)N2(7)
Limitations on the Cisco Nexus Device
SPAN Limitations on Fabric Extender Ports
Checkpoint and Configuration Rollback Limitation
Upgrading and Downgrading Limitations
Cisco Nexus 5548P Daughter Card (N55-D160L3)
Resolved Caveats in Cisco NX-OS Release 6.0(2)N2(7)
Resolved Caveats in Cisco NX-OS Release 6.0(2)N2(6)
Resolved Caveats in Cisco NX-OS Release 6.0(2)N2(5a)
Resolved Caveats in Cisco NX-OS Release 6.0(2)N2(5)
Resolved Caveats in Cisco NX-OS Release 6.0(2)N2(4)
Resolved Caveats in Cisco NX-OS Release 6.0(2)N2(3)
Resolved Caveats in Cisco NX-OS Release6.0(2)N2(2)
Resolved Caveats in Cisco NX-OS Release 6.0(2)N2(1)
Resolved Caveats in Cisco NX-OS Release6.0(2)N1(2a)
Resolved Caveats in Cisco NX-OS Release6.0(2)N1(2)
Resolved Caveats in Cisco NX-OS Release6.0(2)N1(1)
Obtaining Documentation and Submitting a Service Request
First Published: January 31, 2013
Date Last Modified: March 20, 2017
Current Release: NX-OS Release 6.0(2)N2(7)
This document describes the features, caveats, and limitations for the Cisco Nexus 5500 devices and the Cisco Nexus 2000 Series Fabric Extenders. Use this document in combination with documents listed in the “Related Documentation” section.
Note Release notes are sometimes updated with new information about restrictions and caveats. See the following website for the most recent version of the Cisco Cisco Nexus 5500 and Cisco Nexus 2000 Series release notes: http://www.cisco.com/en/US/docs/switches/datacenter/nexus5500/sw/release/notes/Nexus_5500_Release_Notes.html
Note Table 1 shows the online change history for this document.
Added information on the maximum IP MTU in the Doing a disruptive upgrade between incompatible images will result in loss of certain configurations such as unified ports, Fibre Channel (FC) ports, breakout, and FEX configurations. See CSCul22703 for details. section. |
|
Added CSCtx42727 to the Resolved Caveats in Cisco NX-OS Release 6.0(2)N1(1)section. |
|
Updated support for additional software features in the New Software Features in Cisco NX-OS Release 6.0(2)N1(1) section. |
|
Added link to the Cisco Nexus 6000 Series MIB Support List in the “MIB Support” section |
|
Added the following item as supported features for the NX-OS Release 6.0(2)N2(1): Added the following items as supported features for the NX-OS Release 6.0(2)N1(2): |
|
Added CSCul27686 to Open Caveats. |
|
Removed 5.0(3) from Table 5 - Supported Upgrade and Downgrade Paths. |
|
Removed NX-OS Release 6.0(2)N2(1b) from the Supported Upgrade and Downgrade Paths section. |
The Cisco NX-OS software is a data center-class operating system built with modularity, resiliency, and serviceability at its foundation. Based on the industry-proven Cisco MDS 9000 SAN-OS software, Cisco NX-OS helps ensure continuous availability and sets the standard for mission-critical data center environments. The highly modular design of Cisco NX-OS makes zero-effect operations a reality and enables exceptional operational flexibility.
Several new hardware and software features are introduced for the Cisco Nexus 5500 Series device and the Cisco Nexus 2000 Series Fabric Extender (FEX) to improve the performance, scalability, and management of the product line. Cisco NX-OS Release 6.0 also supports all hardware and software supported in Cisco NX-OS Release 5.1, Cisco NX-OS Release 5.0.
The Cisco Nexus devices include a family of line-rate, low-latency, lossless 10-Gigabit Ethernet, Cisco Data Center Ethernet, Fibre Channel over Ethernet (FCoE), and native Fibre Channel devices for data center applications.
For information about the Cisco Nexus 5500 Series, see the Cisco Nexus 5500 Series Platform Hardware Installation Guide.
The Cisco Nexus 2000 Series Fabric Extender (FEX) is a highly scalable and flexible server networking solution that works with the Cisco Nexus 5500 Series devices to provide high-density and low-cost connectivity for server aggregation. Scaling across 1-Gigabit Ethernet, 10-Gigabit Ethernet, unified fabric, rack, and blade server environments, the FEX is designed to simplify data center architecture and operations.
The FEX integrates with its parent Cisco Nexus device, which allows zero-touch provisioning and automatic configuration. The FEX provides a single point of management that supports a large number of servers and hosts that can be configured with the same feature set as the parent Cisco Nexus 5500 Series switch, including security and quality of service (QoS) configuration parameters. Spanning Tree Protocol (STP) is not required between the Fabric Extender and its parent switch, because the Fabric Extender and its parent switch allow you to enable a large multi-path, loop-free, active-active topology.
Software is not included with the Fabric Extender. Cisco NX-OS software is automatically downloaded and upgraded from its parent switch. For information about configuring the Cisco Nexus 2000 FEX, see the “Configuring the Fabric Extender” chapter in the Cisco Nexus 5500 Series Layer 2 Switching Configuration Guide.
This section includes the following topics:
The Cisco NX-OS software supports the Cisco Nexus devices. Starting with Cisco NX-OS Release 6.0(2)N1(2), the Cisco Nexus 5010 and 5020 switches are not supported. You can find detailed information about supported hardware in the Cisco Nexus 5500 Series Hardware Installation Guide.
Table 2 shows the hardware supported by Cisco NX-OS Release 6.0(x) software.
Cisco Nexus 5596T switch1 |
|||
Cisco Nexus B22DELL FEX2 |
|||
Cisco Nexus 2248PQ FEX5 |
|||
Cisco Nexus 2232TM-E FEX6 |
|||
Cisco Nexus B22HP FEX7 |
|||
—8 |
—9 |
||
12-port 10GBASE-T GEM10 |
|||
10-Gigabit Ethernet SFP (for Cisco Nexus 2000 Series to Cisco Nexus 6000 Series connectivity) |
|||
Cisco 40GBASE-CR4 QSFP+ to 4 10GBASE-CU SFP+ direct-attach breakout 7-meter cable, active |
|||
Cisco 40GBASE-CR4 QSFP+ to 4 10GBASE-CU SFP+ direct-attach breakout 10-meter cable, active |
|||
Gigabit Ethernet SFP, LX transceiver11 |
|||
Gigabit Ethernet SFP, EX transceiver12 |
|||
Gigabit Ethernet SFP, LC connector SX transceiver (MMF), extended temperature range and DOM |
|||
Gigabit Ethernet SFP, LC connector LX/LH transceiver (SMF), extended temperature range and DOM |
|||
10GBASE CU SFP+ cable13 |
|||
10GBASE CU SFP+ cable14 |
|||
10GBASE CU SFP+ cable15 |
|||
Gigabit Ethernet SFP, LC connector SX transceiver (MMF), extended temperature range and digital optical monitoring (DOM) |
|||
Gigabit Ethernet SFP, LC connector LX/LH transceiver (SMF), extended temperature range and DOM |
|||
Generation-1 (Pre-FIP) CNAs16 |
Cisco Nexus 5596T switch17 |
|||||||
Cisco Nexus B22DELL FEX18 |
|||||||
Cisco Nexus 2248PQ FEX19 |
|||||||
Cisco Nexus 2232TM-E FEX20 |
|||||||
Cisco Nexus B22HP FEX21 |
|||||||
12-port 10GBASE-T GEM22 |
|||||||
10-Gigabit Ethernet SFP (for Cisco Nexus 2000 Series to Cisco Nexus 6000 Series connectivity) |
|||||||
Cisco 40GBASE-CR4 QSFP+ to 4 10GBASE-CU SFP+ direct-attach breakout 7-meter cable, active |
|||||||
Cisco 40GBASE-CR4 QSFP+ to 4 10GBASE-CU SFP+ direct-attach breakout 10-meter cable, active |
|||||||
Gigabit Ethernet SFP, LX transceiver23 |
|||||||
Gigabit Ethernet SFP, EX transceiver24 |
|||||||
Gigabit Ethernet SFP, LC connector SX transceiver (MMF), extended temperature range and DOM |
|||||||
Gigabit Ethernet SFP, LC connector LX/LH transceiver (SMF), extended temperature range and DOM |
|||||||
10GBASE CU SFP+ cable25 |
|||||||
10GBASE CU SFP+ cable26 |
|||||||
10GBASE CU SFP+ cable27 |
|||||||
Gigabit Ethernet SFP, LC connector SX transceiver (MMF), extended temperature range and digital optical monitoring (DOM) |
|||||||
Gigabit Ethernet SFP, LC connector LX/LH transceiver (SMF), extended temperature range and DOM |
|||||||
Generation-1 (Pre-FIP) CNAs28 |
Table 4 shows the hardware and Cisco NX-OS Release 6.x software that supports online insertion and removal (OIR).
Layer 3 GEM 1 |
N55-M160L3-V229 |
|||||||
Version 2 Layer 3 daughter card 1 |
N55-D160L3-V2 1 |
|||||||
8-port SFP+ Ethernet ports and 8-port SFP+ Fibre Channel ports |
||||||||
N5596 Layer 3 GEM 1 |
N55-M160L3(=) 1 |
|||||||
N5548 Layer 3 daughter card 1 |
N55-D160L3(=) 1 |
This section describes the new features introduced in Cisco NX-OS Release 6.x. This section includes the following topics:
Cisco NX-OS Release 6.0(2)N2(2) is a maintenance release that includes bug fixes and the following software features and enhancements:
Enabling CTS Batch Programming by entering the cts role-based batched-programming command enables faster programming on SGACLs associated with large numbers of SGT,DGT pairs.
Cisco NX-OS Release 6.0(2)N2(1) is a maintenance release that includes bug fixes and the following software features and enhancements:
Bidirectional Forwarding Detection (BFD) is a detection protocol designed to provide fast forwarding-path failure detection times for media types, encapsulations, topologies, and routing protocols. Starting with Release 6.0(2)N2(1), the Cisco Nexus 5500 supports BFD for BGP, EIGRP, OSPF, PIM, HSRP, VRRP, and static routes.
The show lldp command now includes an optional keyword for displaying system details.
You can use the default interface command to clear the existing configuration of multiple interfaces and return them to default settings. The command can be used for interfaces such as Ethernet, loopback, VLAN network, port-channel, and tunnel interfaces. You can use the checkpoint keyword with the command to create a copy of the interface configuration before clearing it so that you can restore it later.
The Embedded Event Manager (EEM) monitors events that occur on your device and takes action to recover from or troubleshoot these events, based on your configuration. You can use EEM to create policies that consist of a set of actions to be taken in response to a specific event. EEM can be controlled through CLI commands or Vsh scripts.
A Cisco Nexus 5500 switch can use the Network Time Protocol (NTP) to synchronize the network. Other devices can be configured to use the switch as an NTP time server. In an isolated network, the switch can be configured as an authoritative NTP clock source.
An NTP server usually receives its time from an authoritative time source, such as a radio clock or an atomic clock attached to a time server, and then distributes this time across the network. NTP is extremely efficient; no more than one packet per minute is necessary to synchronize two devices to within a millisecond of each other.
The Cisco Nexus 5500 now supports policy-based routing (PBR). PBR allows you to configure a defined policy for IPv4 and IPv6 traffic flows, lessening reliance on routes derived from routing protocols.
Up to 32 DHCP server addresses can now be configured on an interface. Previously, the maximum number of configurable server addresses was 16.
HIF Storm control allows ingress traffic suppression for unknown multicast, broadcast, and unknown unicast traffic on Fabric Extender (FEX) Host Interface (HIF) ports and port channels.
As documented in the release specific Verified Scalability for Cisco Nexus 5500 Series documents, configuration limits (verified scalability) for several Layer 2 switching functions has increased. Verified and maximum limits have changed for some features, including:
You can use the vPC shutdown command to isolate a switch from the vPC complex. The switch can then be debugged, reloaded, or removed physically, without affecting the vPC traffic going through the nonisolated switch.
Cisco NX-OS Release 6.0(2)N1(2) is a maintenance release that includes bug fixes and the following software features and enhancements:
Support added for the IEEE 802.1X, which provides a client-server-based access control and authentication protocol that restricts unauthorized devices from connecting to a LAN through publicly accessible ports. The authentication server authenticates each client connected to a switch port before making available any services offered by the switch or the LAN.
The NIF Storm Control feature allows configuration on a Satellite Fabric port to all the pinned FEX HIF ports regardless of whether it is a logical or a physical HIF. In addition, a new syslog message informs the user when a switch port that has a Storm Control configuration is starting to see a storm of broadcast, multicast, or unicast when it starts dropping packets. You see another syslog message when the storm stops.
You can use an IP-directed broadcast to send a broadcast from a device that is not directly connected to the destination IP subnet. An ACL name can be specified for the broadcast. (This resolves caveat CSCuh1963.)
As documented in the Cisco Nexus 5500 Series NX-OS SAN Switching Configuration Guide, Release 6.x, NICs and converged network adapters connected to a Cisco Nexus 5500 Series switch can use iSCSI as a storage protocol and can be programmed to accept the configuration values sent by the switch leveraging data center bridging exchange protocol (DCBX). DCBX negotiates configuration and settings between the switch and the adapter through a variety of type-length-values (TLV) and sub-TLVs. This process allows the switch to distribute configuration values to all attached adapters from a centralized location instead of having to manually program CoS markings on each individual server and adapter.
Added support to configure a minimum number of links for the port channel so that when a certain number of port-channel member ports go down, the host-facing interfaces are suspended.
Cisco NX-OS Release 6.0(2)N1(1) includes bug fixes and the following software features and enhancements:
Policing allows you to monitor the data rates for a particular class of traffic. When the data rate exceeds user-configured values, the switch drops packets immediately. Because policing does not buffer the traffic, transmission delays are not affected. When traffic exceeds the data rate, you instruct the system to drop the packets. You can define single-rate and two-color ingress policing.
When forwarding an incoming IP packet in a line card, if the Address Resolution Protocol (ARP) request for the next hop is not resolved, the line card forwards the packets to the supervisor, referred to as glean throttling. The supervisor resolves the MAC address for the next hop and programs the hardware.
The Cisco Nexus 5500 Series device hardware has glean rate limiters to protect the supervisor from the glean traffic. If the maximum number of entries is exceeded, the packets for which the ARP request is not resolved continues to be processed in the software instead of getting dropped in the hardware.
When an ARP request is sent, the software adds a /32 drop adjacency in the hardware to prevent the packets to the same next-hop IP address from being forwarded to the supervisor. When the ARP entry is resolved, the hardware entry is updated with the correct MAC address. If the ARP entry is not resolved before a timeout period, the entry is removed from the hardware.
The ACL logging feature allows the logging of packets that hit the IPv4 ACLs. The log messages are displayed on a flow basis. The flow is identified using a combination of the IP source address, destination address, L4 protocol, and the L4 source/destination ports on an interface. The log message is generated under the following conditions:
The log keyword is not supported with any permit statement for PACL or RACL. The log keyword is supported only with deny statements.
Note When the number of flows exceed a threshold in the given interval, a warning message is logged, and that flow is not added to the logging cache.
POAP enhancements include hostname- and MAC address-based configuration file selection, TCL or Python script logging, and a remote syslog facility.
BGP enhancements include BGP Allow-AS-in, local-AS, prefix-peering, AS-path relax, and remove-private-AS.
Support for VRF route leaking enables the sharing of routes that were previously visible and available only in segmented networks.
FCoE configuration is supported over 10GBASE-T using Cat6a and Cat7 cables up to a distance of 30 m.
The Open Management Infrastructure (OMI) agent is a web server that runs on the Cisco Nexus switch. It is based on the Common Infrastructure Model (CIM) standard, which is an open standard that defines a schema for representing managed resources (for example, CPUs, disks, networks, processes, and so on.). The OMI agent enables you to perform the following operations:
No new hardware features have been introduced with this release.
No new hardware features have been introduced with this release.
No new hardware features have been introduced with this release.
Cisco NX-OS Release 6.0(2)N2(5) supports the following new hardware:
Cisco NX-OS Release 6.0(2)N2(1b) supports the following new hardware:
No new hardware features have been introduced with this release.
Cisco NX-OS Release 6.0(2)N1(2) supports the following new hardware:
– Cisco Nexus 1100 W AC front-to-back power supply (PID: NXA-PAC-1100W)
– Cisco Nexus 1100 W AC back-to-front power supply (PID: NXA-PAC-1100W-B)
– Cisco Nexus 1100 W DC front-to-back power supply (PID: N55-PDC-1100W)
Cisco NX-OS Release 6.0(2)N1(1) supports the following new hardware:
The new Cisco Nexus 2248TP-E Fabric Extender is a 1-RU, general purpose 100-Mb/1-G FEX that is optimized for specialized data center workloads such as data, distributed storage, distributed computing, market data, and video editing. The Cisco Nexus 2248TP-E FEX has 48x1 Gigabit Ethernet host ports and 4x10 Gigabit Ethernet uplinks. It supports all of the existing features and topologies as the Cisco Nexus 2248 and the Cisco Nexus 2148 support. In addition, the Cisco Nexus 2248TP-E offers rich counters for troubleshooting and capacity monitoring. It has a user-configurable shared buffer, and it has a per-port ingress and egress queue limit.
For detailed information about the Cisco Nexus 2248TP-E FEX, see the Cisco Nexus 2000 Series Hardware Installation Guide.
The 10-Gigabit Ethernet, extended range SFP+ module (SFP-10G-ER) supports a link length of up to 40 kilometers on standard single-mode fiber (SMF, G.652). All Cisco Nexus 5500 switches and all Cisco FEX models support the new SFP-10G-ER optic.
Note Cisco Nexus 2232 FEX does not support the SFP+ module on the HIF port.
Cisco NX-OS Release 5.1(3)N1(1) supports the following new software features only on the Cisco Nexus 5500 switch:
Cisco FabricPath is a set of multipath Ethernet technologies that combine the reliability and scalability benefits of Layer 3 routing with the flexibility of Layer 2 networks, which enables it to build scalable data centers. Cisco FabricPath offers a topology-based Layer 2 routing mechanism that provides an equal-cost multipath (ECMP) forwarding model. Cisco NX-OS Release 5.1(3)N1(1) supports one FabricPath topology.
The FabricPath feature provides the following:
The FabricPath network uses the Layer 2 Intermediate System-to-Intermediate System (IS-IS) protocol to forward traffic in the network using the FabricPath headers. Layer 2 IS-IS is different than Layer 3 IS-IS; the two protocols work independently. Layer 2 IS-IS requires no configuration and becomes operational when you enable FabricPath on the device. The frames carry the same FTag that is assigned at ingress throughout the FabricPath network, and Layer 2 IS-IS allows all devices to have the same view of all the trees built by the system. Known unicast traffic uses the Equal Cost Multipath Protocol (ECMP) to forward traffic throughout the network. The system automatically load balances traffic throughout the FabricPath network by using ECMP and the trees.
Cisco FabricPath is supported on all Cisco Nexus 5500 switches (N5K-C5596UP-FA, N5K-C5548UP-FA, and N5K-C5548P-FA). The switch must be running Cisco NX-OS Release 5.1(3)N1(1). In addition, Cisco FabricPath requires the Enhanced Layer 2 license. For licensing information, see the License and Copyright Information for Cisco NX-OS Software document.
For detailed information about Cisco FabricPath, see the Cisco Nexus 5000 Series NX-OS FabricPath Configuration Guide.
The Cisco TrustSec security architecture builds secure networks by establishing clouds of trusted network devices. Cisco TrustSec also uses the device information acquired during authentication for classifying, or coloring, the packets as they enter the network. This packet classification is maintained by tagging packets on ingress to the Cisco TrustSec network so that they can be properly identified for the purpose of applying security and other policy criteria along the data path. The tag, also called the security group tag (SGT), allows the network to enforce the access control policy by enabling the endpoint device to act upon the SGT to filter traffic.
For more information about Cisco TrustSec, see the Cisco Nexus 5000 Series NX-OS Security Configuration Guide.
IEEE 1588 or Precision Time Protocol (PTP) is a time synchronization protocol for nodes distributed across a network. Its hardware timestamp feature provides greater accuracy than other time synchronization protocols such as Network Time Protocol (NTP).
A PTP system can consist of a combination of PTP and non-PTP devices. PTP devices include ordinary clocks, boundary clocks, and transparent clocks. Non-PTP devices include ordinary network switches, routers, and other infrastructure devices.
PTP is a distributed protocol that specifies how real-time PTP clocks in the system synchronize with each other. These clocks are organized into a master-member synchronization hierarchy with the grandmaster clock, the clock at the top of the hierarchy, determining the reference time for the entire system. Synchronization is achieved by exchanging PTP timing messages, with the members using the timing information to adjust their clocks to the time of their master in the hierarchy. PTP operates within a logical scope called a PTP domain.
Cisco is introducing Adapter-FEX support on the Cisco Nexus 5500 platform and on Cisco Nexus 2200 FEXes that are connected to a Cisco Nexus 5500 parent switch. The Cisco NX-OS Adapter-FEX feature provides the advantages of the FEX Link architecture with that of server I/O virtualization to create multiple virtual interfaces over a single Ethernet interface. This allows the deployment of a dual port NIC on the server and the ability to configure more than two virtual interfaces that the server sees as a regular Ethernet interface. The advantage of this approach is a reduction of power and cooling requirements and a reduction of the number of network ports.
The Adapter-FEX implementation is designed to work on a variety of FEX-capable adapters including the Cisco adapter for Cisco UCS C-Series Platform (UCS P81E VIC) and third-party adapters that implement VNTag technology. For additional, see Cisco UCS C-Series documentation.
Adapter-FEX supports FCoE when a VIC-enabled adapter is attached to a Cisco Nexus 2000 FEX or directly to a Cisco Nexus 5000 Series switch.
Adapter-FEX at the access layer needs a FEX-enabled adapter in a server that connects to a parent switch that supports Adapter-FEX functionality. There are two adapters that support Adapter-FEX functionality:
Note Adapter FEX does not support SPAN and cannot be used as a SPAN source.
For detailed information about Adapter-FEX, see the Cisco Nexus 5000 Series NX-OS Adapter-FEX Configuration Guide.
The VM-FEX is an extension of the FEX that extends to the VIC virtual interface card (VIC) in the server. It simulates ports and enables a high-speed link between the switch and the server. The VM-FEX consolidates the virtual and physical network. Each VM gets a dedicated port on the switch. In addition, the VM-FEX provides for vCenter management of Adapter-FEX interfaces.
The VM-FEX solution provides the following benefits:
VM-FEX does not support SPAN and cannot be used as a SPAN source.
VM-FEX does not support FCoE in NPV mode. Support for this feature will be available when CSCts09434 is resolved, which is expected in the next maintenance release of VMware ESX 5.0.
For more information about VM-FEX, see the Cisco Nexus 5000 Series NX-OS Layer2 Switching Configuration Guide.
The Cisco Adapter FEX with FCoE feature allows you to create an FCoE connection to a Cisco Nexus 2000 Series Fabric Extender (FEX), which can then establish an FCoE connection to a server with a virtual interface card (VIC) adapter. The switch connects to the FEX through a virtual port channel (vPC) while the FEX connects to the server using a standard FCoE link between the FEX and the VIC adapter.
If you are using Enhanced vPC, the FEX can be associated with one and only one Cisco Nexus 5000 fabric for FCoE forwarding.
If you are using FabricPath, you must use a dedicated link for FCoE traffic.
If you are using a Cisco UCS C-Series Rack-Mount Server with a Cisco UCS P81E Virtual Interface Card (VIC):
For more information about support for FCoE on Dual Homed FEX, see the Cisco Nexus 5000 Series NX-OS Fibre Channel over Ethernet Configuration Guide.
Control Plane Policing (CoPP) provides QoS-based prioritization and protection of control plane traffic that arrives at the switch in the data plane, which ensures network stability, reachability, and packet delivery.
Cisco NX-OS Release 5.1(3)N1(1) provides several predefined CoPP policies that administrators can deploy for different environments. In these predefined CoPP policies, the classification of flows is predetermined and the policing rates for the flows is fixed. In addition, there is one flexible CoPP policy for cases where predefined policies do not address the needs of the deployment.
The CoPP implementation on Cisco Nexus 5500 Series switches provides three predefined COPP policies for different deployment environments.
The CoPP policies can be changed at run time like any other QoS configuration. Classification of flows is predetermined and cannot be modified. Policing rates for the flows is fixed and cannot be modified.
For additional information about CoPP, see the Cisco Nexus 5000 Series NX-OS Security Configuration Guide.
Enhanced vPC (EvPC) provides a uniform access layer for any server to any FEX in hybrid deployments. In addition, EvPC provides data, control plane, and management plane redundancy. A new vPC option allows port channel connectivity to dual-homed FEXes.
The Cisco Nexus 2000 Series Fabric Extender (FEX) that contains the port assigned to the vPC must be associated with the Cisco Nexus switch.
The CNA must be attached to the Cisco Nexus 2000 Series FEX rather than directly to the Cisco Nexus 5000 Series switch.
If you want to ensure backward compatibility for all previous configurations and supported topologies, you must configure the FEX in a straight-through FEX topology that does not use Enhanced vPC.
Note Enhanced vPC does not support SPAN and cannot be used as a SPAN source.
For more information about EvPC, see the Cisco Nexus 5000 Layer 2 Switching Configuration Guide.
Cisco NX-OS Release 5.1(3)N1(1) introduces the ip arp synchronize command.When this command is enabled, faster convergence of address tables between the vPC peers is possible. This convergence is designed to overcome the delay involved in ARP table restoration when the peer-link port channel flaps or when a vPC peer comes back online.
Enabling ARP synchronization improves convergence times during the restart of a vPC peer when a Cisco Nexus 5000 Series switch acts as a default gateway. By default, ARP synchronization is not enabled.
For more information about IP ARP sync, see the Cisco Nexus 5000 Series NX-OS Layer 2 Switching Configuration Guide.
A switch virtual interface (SVI) is a VLAN of switch ports represented by one interface to a routing or bridging system. The SVI can be configured for routing, in which case it supports Layer 3 protocols for processing packets from all switch ports associated with the VLAN, or for in-band management of the switch.
Starting with Release 5.1(3)N1(1), the NX-OS switch has specific support for management SVIs. Having different SVIs for routing and management separates data traffic from management traffic, which can reduce competition for routing resources. If you are using an SVI for management purposes, we recommend that you specifically configure your SVI for management using the management command so that you can take advantage of this added functionality.
With this change, there are new guidelines and limitations for routed SVIs:
For more information about management SVIs, see the Cisco Nexus 5000 Series NX-OS Layer 2 Switching Configuration Guide.
Cisco NX-OS Release 5.1(3)N1(1) supports the following new software features on all Cisco Nexus 5000 Series switches:
Encapsulated Remote Switched Port Analyzer (ERSPAN) introduces an additional level of flexibility to the powerful network monitoring capabilities of SPAN and RSPAN. ERSPAN allows the analyzer to be placed on one location and multiple switches can send mirrored traffic to this analyzer. Traffic from any port on the network on any remote switch can be analyzed without physically moving the analyzer tool.
For more information about ERSPAN, see the Cisco Nexus 5000 Series NX-OS System Management Configuration Guide.
Multicast VLAN Registration (MVR) allows a Layer 2 switch to deliver a multicast packet received from one VLAN to multiple receivers that reside in different VLANs, without Layer 3 replication.
MVR offers the following advantages:
All models of Cisco Nexus 5000 Series switches support MVR.
For more information about MVR, see the Cisco Nexus 5000 Series NX-OS Layer 2 Switching Configuration Guide.
Port security is a simple Ethernet MAC-based security feature that can restrict input to an interface by limiting and identifying MAC addresses of the end host that are allowed to access the port. Cisco NX-OS Release 5.1(3)N1(1) adds port security to the Cisco Nexus 5000 Series and Cisco Nexus 2000 Series, and it is available on both Cisco Nexus 5000 and Nexus 5500 switches. Port security supports the following features:
A device maximum of 8192 secure MAC addresses in addition to one MAC address per port is supported. The interface maximum is 1025 MAC addresses per interface.
For additional information about the port security feature, see the Cisco Nexus 5000 NX-OS Security Configuration Guide.
Beginning with the Cisco NXOS Release 5.1(3)N1(1) release, Cisco Nexus 5000 switches support FCoE on Enhanced vPC (eVPC). In a topology that uses FCoE with eVPC, the SAN fabrics must remain isolated. Therefore, each Cisco Nexus 2000 Fabric Extender in the system must be associated with one and only one Cisco Nexus 5000 Series switch. This guarantees that every time a Fabric Extender forwards FCoE traffic, it forwards it to the same Nexus 5000 switch.
For more information about FCoE over Enhanced vPC, see the Cisco Nexus 5000 Series NX-OS Fibre Channel over Ethernet Configuration Guide.
Cisco Nexus Series 5000 switches support SAN boot with vPC. A VFC interface must be bound to a vPC member physical interface (and not to the vPC port-channel interface itself) for a SAN boot to occur.
For more information about SAN boot with vPC, see the Cisco Nexus 5000 Series NX-OS Fibre Channel over Ethernet Configuration Guide.
Config-sync allows you to synchronize the configuration between a pair of vPC switches. It eliminates downtime due to vPC inconsistencies, simplifies vPC operations, and reduces administrative overhead.
The enhancements to config-sync in Cisco NX-OS Release 5.1(3)N1(1) remove the port channel configuration restriction that previously existed. All port channels and member interfaces should be configured inside a switch profile.
For more information about config-sync enhancements, see the Cisco Nexus 5000 Series NX-OS Layer 2 Switching Configuration Guide.
Cisco NX-OS Release 5.1(3)N1(1) supports SNMP over IPv6.
For more information, see the Cisco Nexus 5000 Series NX-OS System Management Configuration Guide.
In Cisco NX-OS Release 5.1(3)N1(1), you can configure up to eight syslog servers. You use the Cisco Fabric Services (CFS) to distribute the syslog server configuration; however, CFS distribution of the syslog server configuration is limited to three servers.
For more information, see the Cisco Nexus 5000 Series NX-OS System Management Configuration Guide.
This section describes the upgrade and downgrade paths that are supported for Cisco NX-OS Release 6.0(2)N2(7) on the Cisco Nexus device.
The section includes the following topics:
The following guidelines apply to Cisco NX-OS Release 6.0(2)N2(7) for Cisco Nexus devices:
Table 6 shows the upgrade and downgrade possibilities for Cisco NX-OS Release 6.0(2)N2(7). For more information, see the Cisco Nexus 5500 Series NX-OS Software Upgrade and Downgrade Guide, Release 6.0(2)N2(7).
For other 6.0 releases, see the Cisco Nexus 5500 Series NX-OS Software Upgrade and Downgrade Guide specific for that release at: http://www.cisco.com/c/en/us/support/switches/nexus-5000-series-switches/products-installation-guides-list.html.
Note If a supported upgrade or downgrade path is not taken, then certain configurations, especially related to unified ports, Fibre Channel (FC) ports, breakout, and FEX may be lost.
Note Doing a disruptive upgrade between incompatible images will result in loss of certain configurations such as unified ports, Fibre Channel (FC) ports, breakout, and FEX configurations. See CSCul22703 for details.
Note An upgrade from Cisco NX-OS release 5.2(1)N1(7) to 6.0(2)N2(3) or 6.0(2)N2(4) is disruptive and not supported. It is recommended to upgrade from Cisco NX-OS release 5.2(1)N1(6) to 6.0(2)N2(3) or 6.0(2)N2(4).
Note If you want to upgrade from a release, that is not listed in the “Current Cisco NX-OS Release” column of Table 6 to the latest Cisco NX-OS release version, then you must first upgrade to a release that is listed in the “Current Cisco NX-OS Release” column and then to the latest release version.
This section describes the limitations for Cisco NX-OS Release 6.0(2)N1(7).
no speed —Autonegotiates and advertises all speeds (only full duplex).
speed 1000 —Autonegotiates only for an 802.3x pause.
speed 100 —Does not autonegotiate; pause cannot be advertised. The peer must be set to not autonegotiate and to fix at 100 Mbps (similar to the N2248TP)
GS queries are sent for IP address: 224.1.14.1 to 224.1.14.100 [0100.5E01.0E01 to 0100.5E01.0E64]
These are not link-local addresses. By default, they are not flooded by the hardware into the VLAN. They are sent only to the ports that have joined this group.
This is expected behavior during an ISSU.
In another scenario, the IGMP global queries [dest IP 224.0.0.1] get flooded correctly in the VLAN.
Group-specific queries are not forwarded to ports other than the one that joined the group during ISSU. The reason to forward group-specific queries toward hosts is to avoid having them leave the group. However, if a port has not joined the group, then this is not an issue. If there is an interface that has joined the group, the queries are expected to make it to the host. While the behavior is different when ISSU is not occurring, it is sufficient and works as expected and there is no impact to the traffic. For details, see CSCtf94558.
These messages are informational only and result in no loss of functionality.
To avoid this issue, upgrade the peer switch that is running Cisco NX-OS Release 5.0(3)N2(1) to Cisco NX-OS Release 5.1(3)N2(1) or later release and then enable feature-set FabricPath on the switch or switches. If you accidentally enable feature-set FabricPath in Cisco NX-OS Release 5.1(3)N2(1) when the peer vPC switch is running Cisco NX-OS Release 5.0(3)N2(1), disable the feature-set FabricPath and the vPC will resume the STP forwarding state for all VLANs.
– Use a dedicated front panel port as a vPC+ keepalive. The port should be in CE mode.
– Use a dedicated VLAN to carry the keepalive interface. The VLAN should be a CE VLAN.
– Add the management keyword to the corresponding SVI so that the failure of a Layer 3 module will not bring down the SVI interface.
– Enter the dual-active exclude interface-vlan keepalive-vlan command to prevent the SVI from going down on the secondary when a peer-link goes down.
– SPAN is rate limited to 5 Gbps per ASIC (every 8 ports share one ASIC).
– SPAN is rate limited to 0.71 Gbps per monitor source port when the RX traffic on the port exceeds 5 Gbps.
The limitations on the Cisco Nexus device 5500 Series devices are as follows:
The SPAN limitations on Fabric Extender ports are as follows:
If two ports on the same FEX are enabled to be tx-source, the ports need to be in the same session. If you configure a FEX port as a tx-source and another port belonging to the same FEX is already configured as a tx-source on a different SPAN session, an error is displayed on the CLI.
In the following example, Interface Ethernet100/1/1 on a FEX 100 is already configured as a tx-source on SPAN session-1:
If you add an interface Ethernet100/1/2 as a tx-source to a different SPAN session (session-2) the following error appears:
If you configure SPAN Tx on port 100/1/1, although the multicast traffic does not egress out of port 100/1/1, the SPAN destination does receive that multicast traffic, which is due to a design limitation.
When FCoE is enabled, the checkpoint and configuration rollback functionality is disabled.
When upgrading and downgrading between Release 5.1(3)N2(1), Release 5.2(1)N1(1), and Release 5.2(1)N1(1a), you might see the following issues in switch profile mode:
If you previously used the switchport access vlan command, the switchport trunk allowed vlan command, or the switchport trunk native vlan command to configure the switch profile mode, the configurations you created are not visible.
Note This problem is a configuration display issue only, and there is no traffic disruption.
Table 6 lists the situations where you might experience switchport command configuration issues and the workarounds.
When in switch profile mode, the following commands are not visible:
Table 8 lists the situations where you might experience fex associate command issues and the workarounds.
In a vPC topology, two Cisco Nexus devices configured as vPC peer switches need to be configured symmetrically for Layer 3 configurations such as SVIs, the peer gateway, routing protocol and policies, and RACLs.
Note The vPC consistency check does not include Layer 3 parameters.
When a Layer 3 module goes offline, all non-management SVIs are shut down. An SVI can be configured as a management SVI by entering the interface vlan command and configuring management. This configuration allows traffic to the management SVIs to not go through the Layer 3 module which maintains connectivity in case of a Layer 3 module failure.
This section includes the open and resolved caveat record numbers for this release. Links are provided to the Bug Toolkit where you can find details about each caveat.
This section includes the following topics:
Table 9 lists descriptions of open caveats in Cisco NX-OS Release 6.x.
The record ID links to the Cisco Bug Toolkit where you can find details about the caveat.
Table 18 lists the caveats that are resolved in Cisco NX-OS Release 6.0(2)N1(2a). The caveats might be open in previous Cisco NX-OS releases.
Table 19 lists the caveats that are resolved in Cisco NX-OS Release 6.0(2)N1(2). The caveats might be open in previous Cisco NX-OS releases.
Table 20 lists the caveats that are resolved in Cisco NX-OS Release 6.0(2)N1(1). The caveats might be open in previous Cisco NX-OS releases.
The Cisco Management Information Base (MIB) list includes Cisco proprietary MIBs and many other Internet Engineering Task Force (IETF) standard MIBs. These standard MIBs are defined in Requests for Comments (RFCs). To find specific MIB information, you must examine the Cisco proprietary MIB structure and related IETF-standard MIBs supported by the Cisco Nexus 5500 Series switch.
The MIB Support List is available at the following FTP site:
ftp://ftp.cisco.com/pub/mibs/supportlists/nexus5000/Nexus5000MIBSupportList.html
Documentation for Cisco Nexus 5500 Series Switches and Cisco Nexus 2000 Series Fabric Extenders is available at the following URL
http://www.cisco.com/en/US/products/ps9670/tsd_products_support_series_home.html
The documentation set includes the following types of documents:
To provide technical feedback on this document or to report an error or ommission, please send your comments to nexus5k-docfeedback@cisco.com. We appreciate your feedback.
For information on obtaining documentation, using the Cisco Bug Search Tool (BST), submitting a service request, and gathering additional information, see What’s New in Cisco Product Documentation at: http://www.cisco.com/c/en/us/td/docs/general/whatsnew/whatsnew.html.
Subscribe to What’s New in Cisco Product Documentation, which lists all new and revised Cisco technical documentation as an RSS feed and delivers content directly to your desktop using a reader application. The RSS feeds are a free service.
Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this URL: www.cisco.com/go/trademarks. Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1110R)