Cisco Nexus 9000 Series NX-OS Release Notes, Release 9.2(1)
■ Cisco Nexus 3264C-E
Use this document with documents listed in Related Documentation.
Table 1 shows the online change history of this document.
Table 1 Online History Change
January 26, 2020 |
Added CSCvc95008 to Known Behaviors. |
November 15, 2019 |
Updated Limitations section for breakout issue. |
October 6, 2019 |
Updated Transceiver Module Group URL. |
August 1, 2019 |
Added CSCvj18403 to Resolved Caveats. |
July 19, 2019 |
Added fan speed note to Limitations, and Table 3. |
April 23, 2019 |
Updated Transceiver Module Group URL. |
January 4, 2019 |
Updated Supporting Fabric Modules for the N9K-X9736C-FX with N9K-C9508-FM-E2. |
January 3, 2019 |
Updated Upgrade Instructions. |
December 17, 2018 |
Added CSCvn68232 to Open Caveats. |
December 14, 2018 |
Added Licensing Information. |
November 7, 2018 |
Updated the Introduction. |
October 30, 2018 |
Added CSCvm96774 to Open Caveats. |
October 9, 2018 |
Updated the Upgrade Instructions for Enhanced ISSU. |
September 27, 2018 |
Updated System Management Features in the New and Changed Information. |
September 19, 2018 |
Updated the Upgrade Instructions regarding upgrades from Release 7.0(3)I2(2b). |
August 14, 2018 |
■ Updated New and Changed Information for NX-API and OpenConfig YANG. ■ Updated Upgrade Instructions for releases prior to 7.0(3)I2(3). |
August 10, 2018 |
Updated the Upgrade Instructions for 7.0(3)I2(2x). |
August 3, 2018 |
Updated the Transceiver Matrix link. |
July 25, 2018 |
Added N9K-X97160YC-EX, N9K-X9788TC-FX, with N9K-C9508-FM-E2 and N9K-C9516-FM-E2 in Line Cards table. Added CSCuy08187 to Open Caveats. |
July 21, 2018 |
Removed support for NetFlow CE for Cisco Nexus 9200 platform switches. |
July 20.2018 |
Added N9K-C9508-FM-R to the Fabric Modules table. |
July 18, 2018 |
Guidelines and Limitations for Private VLANs
Guidelines and Limitations for Fabric Extenders
Obtaining Documentation and Submitting a Service Request
The Cisco Nexus 3000 Series switches, which includes Cisco Nexus 3100, 3200, 3400-S, 3500, and 3600 platform switches, and Cisco Nexus 9300 and 9500 platform switches run on the same binary image, also called the “unified” image.
Cisco NX-OS Release 9.2(1) is the first release that adopts unified version numbering. As more platforms have been added, there is no need to have a “platform” designator as used in the past.
An example of a previous release number is: 7.0(3)I7(4). In this format, the ‘I’ is the platform designator.
Moving forward for the previously identified platforms, we will be adopting the simplified 3-letter versioning scheme. For example, a release with X.Y(Z) would mean:
X – Unified release major
Y – Major / Minor release
Z – Maintenance release (MR)
Where the Z = 1 is always the first FCS release of a Major/Minor release.
Note: In order to accommodate upgrade compatibility from an older software version that is expecting a platform designator, when the install all command is entered or the show install all impact command is entered, the version string appears as 9.2(1)I9(1). The “I9(1)” portion of the string can be safely ignored. It will later appear as 9.2(1).
Temporary licenses with an expiry date are available for evaluation and lab use purposes. They are strictly not allowed to be used in production. Please use a permanent or subscription license that has been purchased through Cisco for production purposes.
For more information, see the Cisco NX-OS Licensing Guide.
This section includes the following sections:
■ Table 2 lists the Cisco Nexus 9000 Series fabric modules
■ Table 3 lists the Cisco Nexus 9000 Series fans and fan trays
■ Table 4 lists the Cisco Nexus 9500 Series line cards
■ Table 5 lists the Cisco Nexus 9000 Series power supplies
■ Table 6 lists the Cisco Nexus 9500 Series supervisor modules
■ Table 7 lists the Cisco Nexus 9000 Series switches
■ Table 8 lists the Cisco Nexus 9000 Series uplink modules
■ Table 9 lists the Cisco Nexus 9500 Series System Controller
■ Table 10 lists the 3232C and 3264Q switch hardware
■ Table 11 lists the Cisco Nexus 3164Q switch hardware
■ Table 12 lists the Cisco Nexus 31128PQ switch hardware
Table 2 Cisco Nexus 9000 Series Fabric Modules
N9K-C9504-FM-R |
100-Gigabit -R fabric module (for the Cisco Nexus 9504 chassis) that supports the 100-Gigabit (-R) line cards. When used, there must be 4 of these fabric modules installed in fabric slots FM 1, FM 2, FM 3, FM 4, FM 5, and FM 6. |
4 to 6 depending on line cards |
N9K-C9508-FM-E2 |
100-Gigabit –E2 fabric module (for the Cisco Nexus 9508 chassis) that supports the 100-Gigabit (-EX, -FX) line cards. When used, there must be 4 of these fabric modules installed in fabric slots FM 1, FM 2, FM 3, FM 4, FM 5, and FM 6. |
4 5 when using the N9K-X9736C-FX line card. |
N9K-C9508-FM-R |
100-Gigabit -R fabric module (for the Cisco Nexus 9508 chassis) that supports the 100-Gigabit (-R) line cards. When used, there must be 4 of these fabric modules installed in fabric slots FM 1, FM 2, FM 3, FM 4, FM 5, and FM 6. |
4 |
N9K-C9516-FM-E2
|
100-Gb –E2 fabric module (for the Cisco Nexus 9516 chassis that supports the 100-Gb (-EX, -FX) line cards. When used, there must be four of these fabric modules installed in fabric slots FM 1, FM 2, FM 3, FM 4, FM 5, and FM 6. |
3-6 depending on the line cards |
Table 3 Cisco Nexus 9000 Series Fans and Fan Trays
Fan 1 module with port-side intake airflow (burgundy coloring) |
||||
Fan 2 module with port-side intake airflow (burgundy coloring) |
||||
Fan 3 module with port-side intake airflow (burgundy coloring) |
||||
|
||||
|
||||
|
||||
|
||||
Fan module with port-side intake airflow (burgundy coloring) |
|
|||
Fan module with port-side intake airflow (burgundy coloring) |
92160YC-X |
|||
92160YC-X |
||||
|
||||
Fan module with port-side intake airflow (burgundy coloring) |
|
|||
Fan module with port-side exhaust airflow (burgundy coloring) |
1 For specific fan speeds, see the overview section of the Hardware Installation Guide.
Table 4 Cisco Nexus 9500 Series Line Cards
N/A |
|||||
Line card with 48 1/10-Gigabit SFP+ ports and 4 40-Gigabit QSFP+ uplink ports |
|||||
Line card with 48 10GBASE-T (copper) ports and 4 40-Gigabit QSFP+ ports |
|||||
Line card with 48 10GBASE-T (copper) ports and 4 40-Gigabit QSFP+ ports |
|||||
Line card with 48 1-/10-Gigabit SFP+ ports and 4 40-Gigabit QSFP+ ports |
|||||
Line card with 48 1-/10GBASE-T (copper) ports and 4 40-Gigabit QSFP+ ports |
|||||
N9K-X9636C-R |
Line card with 36 100-Gigabit Ethernet QSFP28 ports |
4 |
8 |
N/A |
N9K-C9504-FM-R N9K-C9508-FM-R |
N9K-X9636C-RX |
Line card with 36 100-Gigabit Ethernet QSFP28 ports |
4 |
8 |
N/A |
N9K-C9504-FM-R N9K-C9508-FM-R |
N/A |
|||||
N9K-X9636Q-R |
Line card with 36 40-Gigabit Ethernet QSFP28 ports |
4 |
8 |
N/A |
N9K-C9504-FM-R N9K-C9508-FM-R |
N9K-X96136YC-R |
Line card with 16x1/10-Gigabit Ethernet SPF ports, 32x10/25 Gigabit, and 4x40/100-Gigabit Ethernet QSFP ports |
4 |
8 |
N/A |
N9K-C9504-FM-R |
N9K-C9516-FM-E |
|||||
N9K-X9732C-FX |
Line card with 32 100-Gigabit QSFP28 ports |
4 |
8 |
16 |
N9K-C9504-FM-E N9K-C9516-FM-E, E2 |
N9K-C9508-FM-E2 N9K-C9516-FM-E |
|||||
N9K-C9508-FM-E2 N9K-C9516-FM-E |
|||||
N9K-X9788TC-FX |
Line card with 48 1-/10-G BASE-T (copper) and 4 100-Gigabit QSFP28 ports |
4 |
8 |
16 |
N9K-C9504-FM-E N9K-C9508-FM-E2 N9K-C9516-FM-E N9K-C9516-FM-E2 |
Line card with 48 10-/25-Gigabit SFP28 ports and 4 40-/100-Gigabit QSFP28 ports |
N9K-C9508-FM-E2 N9K-C9516-FM-E N9K-C9516-FM-E2 |
Table 5 Cisco Nexus 9000 Series Power Supplies
Table 6 Cisco Nexus 9500 Series Supervisor Modules
Table 7 Cisco Nexus 9000 Series Switches
N9K-C9336C-FX2 |
1-RU switch with 36 40-/100-Gb Ethernet QSFP28 ports. |
2-RU Top-of-Rack switch with 64 40-/100-Gigabit QSFP28 ports and 2 1-/10-Gigabit SFP+ ports. - Ports 1 to 48 support 40/100-Gigabit speeds. |
|
1-RU Top-of-Rack switch with 48 10GBASE-T (copper) ports and 6 40-/100-Gigabit QSFP28 ports |
|
1-RU Top-of-Rack switch with 48 100M/1/10GBASE-T (copper) ports and 6 40-/100-Gigabit QSFP28 ports |
|
2-RU Top-of-Rack switch with 96 1/10GBASE-T (copper) ports and 6 40-Gigabit QSFP+ ports |
|
1-RU Top-of-Rack switch with 48 10-/25-Gigabit SFP28 fiber ports and 6 40-/100-Gigabit QSFP28 ports |
|
Nexus 9300 with 48p 100M/1 G, 4p 10/25 G SFP+ and 2p 100 G QSFP |
|
1-RU Top-of-Rack switch with 48 1-/10-Gigabit SFP+ ports and 6 40-Gigabit QSFP+ ports |
|
1-RU Top-of-Rack switch with 48 1-/10GBASE-T (copper) ports and 6 40-Gigabit QSFP+ ports |
|
Table 8 Cisco Nexus 9000 Series Uplink Modules
An enhanced version of the Cisco Nexus N9K-M6PQ uplink module. |
|
Cisco Nexus 9300 uplink module with 12 40-Gigabit Ethernet QSPF+ ports. |
Table 9 Cisco Nexus 9500 Series System Controller
Table 10 Cisco Nexus 3232C and 3264Q Switch Hardware
Cisco Nexus 3232C, 32 x 40-Gb/100-Gb 2 x 10-Gb SFP+, 1-RU switch |
||
N3K-C3264C-E |
Cisco Nexus 3264C-E 64 x 100-Gb QSFP28 2 x 10-Gb SFP+, 2-RU switch |
1 |
Table 11 Cisco Nexus 3164Q Switch Hardware
Table 12 Cisco Nexus 31128PQ Switch Hardware
To determine which transceivers and cables are supported by this switch, see the Transceiver Module (TMG) Compatibility Matrix.
To see the transceiver specifications and installation information, see https://www.cisco.com/c/en/us/support/interfaces-modules/transceiver-modules/products-installation-guides-list.html.
Full FEX module support has been added for the following switches:
■ N9K-C9336C-FX2
■ N9K-C93108TC-FX
■ N9K-C93180YC-FX
■ N9K-C93240YC-FX2
For more information, see the Cisco Nexus 9000 Series Switch FEX Support page.
■ Cisco Nexus 9300 platform switches do not support FEXs on uplink modules (ALE).
■ Beginning with Cisco NX-OS Release 9.2(1), dual-homed FEX support is added to Cisco Nexus 93180YC-FX, and 93108TC-FX switches in addition to straight-through FEX support.
■ Beginning with Cisco NX-OS Release 9.2(1), straight-through FEX support is added to Cisco Nexus 93240YC-R and 9336C-FX2 switches.
■ Active-Active FEX and straight-through FEX are not supported on the Cisco Nexus 9348GC-FXP switch.
This section lists the following topics:
■ New Hardware Features in Cisco NX-OS Release 9.2(1)
■ New Software Features in Cisco NX-OS Release 9.2(1)
Cisco NX-OS Release 9.2(1) supports the following new hardware:
■ The Cisco Nexus 9504-FM-R (N9K-C9504-FM-R) is a 100-Gigabit -R fabric module (for the Cisco Nexus 9504 chassis) that supports the 100-Gigabit (-R) line cards. When used, there must be 4 of these fabric modules installed in fabric slots 22, 23, 24, and 26.
■ The Cisco Nexus 9508-FM-E2 (N9K-C9508-FM-E2) is a 100-Gigabit –E2 fabric module (for the Cisco Nexus 9508 chassis) that supports the 100-Gigabit (-EX, -FX) line cards. When used, there must be 4 of these fabric modules installed in fabric slots 22, 23, 24, and 26.
■ The Cisco Nexus 9516-FM-E2 (N9K-C9516-FX-E2) is a 100-Gb –E2 fabric module (for the Cisco Nexus 9516 chassis that supports the 100-Gb (-EX, -FX) line cards. When used, there must be four of these fabric modules installed in fabric slots 22, 23, 24, and 26.
■ The Cisco Nexus 96136YC-R line card (N9K-X96136YC-R) with 52-port 16x1/10-Gigabit, 32x10/25 Gigabit Ethernet SPF, and 4x40/100-Gigabit Ethernet QSFP.
■ The Cisco Nexus 9732C-FX line card (N9K-X9732C-FX) with 32 100-Gigabit QSFP28 ports.
Cisco NX-OS Release 9.2(1) supports the following new software features:
■ Bypass and Drop Mode—Provides the ability to skip a Cisco Nexus device in your configured chain without changing the topology or existing configuration.
■ Failsafe—Allows users the option to add a default VLAN group, port group and chain for an instance, and generate the backend configuration accordingly.
■ Reverse Configuration—Introduces a CLI solution to define the egress interface in the reverse direction for each segment of the chain based on port number or IP address.
For more information, see the Cisco Nexus 9000 Series NX-OS Catena Configuration Guide, Release 9.2(x).
FCoE Features
■ FC Uplinks—Support added for Cisco Nexus 93180YC-FX switches.
■ Host Pinning—All hosts on a FEX are pinned to the same NP link for the Cisco Nexus 93180YC-FX switch.
For more information, see the Cisco Nexus 2000 Series NX-OS Fabric Extender Configuration Guide for Cisco Nexus 9000 Series Switches, Release 9.2(x).
FEX Features
■ FCoE over FEX—Support added on N9K-C93180YC-FX switches in both straight-through and dual-homed mode with N2K-C2348UPQ, N2K-C2232PP, N2K-B22IBM-P and N2K-B22HP-P FEX models. Support added on Cisco Nexus 9300-FX platform switches.
■ NetFlow for FEX Layer-3 Ports—Support added on Cisco Nexus 9300-EX and 9300-FX platform switches.
■ ST-FEX and AA-FEX Modes—Support added on Cisco Nexus 93108TC-FX and Cisco Nexus 93180YC-FX switches.
■ ST-FEX Mode—Support added on Cisco Nexus 9336C-FX2 and Cisco Nexus 93240YC-FX2 switches.
For more information, see the Cisco Nexus 2000 Series NX-OS Fabric Extender Configuration Guide for Cisco Nexus 9000 Series Switches, Release 9.2(x).
■ Scale Monitoring—Provides the ability to verify, detect, and predict your environment against Cisco verified scale numbers.
■ Platform Support—Added support for Cisco Nexus 3164Q, 9300, and 9500 platform switches.
For more information, see the Cisco Nexus 9000 Series NX-OS iCAM Configuration Guide, Release 9.2(x).
Intelligent Traffic Director (ITD) Features
■ ITD—Support added for the Cisco Nexus C9364C, C9336C-FX2, C93240YC-FX2 switches (for IPv4 & IPv6).
For more information, see the Cisco Nexus 9000 Series NX-OS Intelligent Traffic Director Guide, Release 9.2(x).
Interface Features
■ Auto Negotiation for 25G—Support added for auto negotiation on native 25G ports on Cisco Nexus N9K-X97160YC-EX, N9K-C93180YC-FX, N9K-C93240YC-FX2 and N9K-C93240YC-FX2-Z switches.
■ BFD Multihop—Support added for Cisco Nexus 9300-EX, 9300-FX, 9300-FX2, 9300-FXP, 9500-EX, and 9500-FX platform switches in compliance with RFC5883 for IPv4. IPv6 is not supported.
■ GTP load-sharing—Added support for Cisco Nexus 9364C, 93180YC-FX, 93108TC-FX, and 9348GC-FXP switches.
■ IP Dampening—Support added for IP event dampening on Cisco Nexus 9300-EX, 9300-FX, 9300-FX2, 9300-FXP, 9500-EX, and 9500-FX platform switches.
■ IP TCP MSS—Support added for IP TCP MSS. The IP TCP Maximum Segment Size (MSS) feature enables a switch to set a maximum segment size for all TCP connections that originate from or terminate at a Cisco Nexus 9000 Series Switches.
■ Optics Scale—Support added for the Cisco Nexus 9508 switch with N9K-X96136YC-R line cards support 1 Gb speed on all 48 ports.
■ QSFP-40/100-SRBD (also known as QSFP-100G40G-BIDI) comes up in the speed of 100-G and interoperates with other QSFP-40/100-SRBD at either 100-G or 40-G speed and with QSFP-40G-SR-BD at 40-G speed on Cisco Nexus 9500 platform switches with N9K-X9636C-RX line card. See transceiver compatibility documents for both 40-G and 100-G for future module support additions.
■ TCP Aware NAT—Beginning with Cisco NX-OS Release 9.2(1) support is now added for TCP-aware NAT. It enables NAT flow entries to follow the state of TCP sessions and get created and deleted accordingly.
For more information, see the Cisco Nexus 9000 Series NX-OS Interfaces Configuration Guide, Release 9.2(x).
IP SLAs Features
■ TWAMP Responder—Support added for IP SLA TWAMP responder on a Cisco device measuring IP performance between the Cisco device and a non-Cisco TWAMP control device.
For more information, see the Cisco Nexus 9000 Series NX-OS IP SLAs Configuration Guide, Release 9.2(x).
Label Switching Features
■ The following features have been added:
o Segment routing with traffic engineering (on-demand next hop) with XTC integration
o Segment routing with OSPFv2 SID (Prefix/Node SID only for /32 FEC)
o IS-IS distribute link-state
o Layer 3 EVPN and Layer 3 VPN Stitching/interworking. Supported on Cisco Nexus 9300, 9300-FX and 9500 platform switches with 9700-FX line cards.
o Improved MPLS label scale and MPLS ECMP adjacency
■ The following features are supported on the Cisco Nexus 9364C switch:
o Segment routing with BGP LU and IS-IS (Node SID/Prefix SID)
o Layer 3 EVPN over segment routing
o Egress peer engineering
o MPLS label stack imposition
o MPLS OAM
For more information, see the Cisco Nexus 9000 Series NX-OS Label Switching Configuration Guide, Release 9.2(x).
Layer 2 Features
For more information, see the Cisco Nexus 9000 Series NX-OS Layer 2 Switching Configuration Guide, Release 9.2(x).
■ Multicast Network Load Balancing (NLB)—Support added for the ability to distribute client requests across a set of servers. This feature is supported on the Cisco Nexus 9300-EX, 9300-FX, 9300-FX2 platform switches. This feature is not supported on Cisco Nexus 9500 platform switches with 9508-FM-2 or 9516-FM-E2 line cards.
■ MVR knob—Support added to disable forwarding IGMP queries.
For more information, see the Cisco Nexus 9000 Series NX-OS Multicast Routing Configuration Guide, Release 9.2(x).
N9000V Features
■ Software Upgrade as Disruptive ISSU—Added support configuring disruptive ISSU process.
■ VXLAN EVPN Multi-Site—Added support for configuring VXLAN EVPN Multi-Site on Cisco Nexus 9000v switches.
For more information, see the Cisco Nexus 9000v Guide.
NX-API Features
■ NX-API REST Data Paths—See the New and Changed Information section of the Cisco Nexus 3000 and 9000 Series NX-API REST User Guide and API Reference for a detailed list of the updates.
■ Expanded Support for NX-API CLI— See the Cisco Nexus 3500 Series NX-API CLI Reference for examples of show commands supported for NX-API CLI.
■ Expanded Support for NX-API CLI—See the Cisco Nexus 9000 Series NX-API CLI Reference, Release 9.x for examples of show commands supported for NX-API CLI.
■ Cisco NX-OS Release 9.2(1) supports the following commands for NX-API:
o show bfd addrmap [application <appid> discriminator <discr> address-type <addrtype> address <addr>]\
■ The NX-API feature is enabled by default on HTTPS port 443 and HTTP port 80 is disabled.
For more information, see the Cisco Nexus 9000 Series NX-API CLI Reference.
OpenConfig YANG Feature
■ OpenConfig YANG—Support added for the OpenConfig YANG data modeling language. See the Cisco Nexus OpenConfig YANG Reference for examples of configuring and retrieving state data.
Programmability Features
■ Ansible 2.5—Support is added for Ansible 2.5.
■ Docker Containers—Support added for using Docker within the Cisco NX-OS on a switch.
■ gRPC—Support added for gRPC chunking as a part of telemetry.
■ Guest Shell—Guest Shell is running in a separate namespace, which allows the host system to be even better protected from activities within the Guest Shell. The user and the group ID mapping done for the user namespace may require more attention to the file permission settings while sharing files (on bootflash) between the host system and the guest shell.
■ Hardware Telemetry—Support added for hardware telemetry where the Streaming Statistics Export (SSX) module reads statistics from the ASIC.
■ Puppet—Support added for EVPN Multi-Site types and Tenant Routed Multicast types.
■ Streaming Telemetry—Support added for streaming telemetry to IPv6 destinations.
■ Streaming of YANG—Support added for the streaming of YANG models as part of telemetry. Both device YANG and the open-config YANG model are supported.
For more information, see the Cisco Nexus 9000 Series NX-OS Programmability Guide, Release 9.2(x).
■ 802.1x—Support added to multiple authentication, dynamic VLAN, and MAB authentication.
■ MACsec—Support added for the Cisco Nexus 93180YC-FX and 93108TC-FX switches.
■ SSH—Added support for ECDSA, added the show rekey command and the ability to change the default SSHv2 port.
■ Unicast RPF— Support added for Cisco Nexus 9300-EX platform switches (for IPv4 only) and on Cisco Nexus 9300-FX/FX2 platform switches (for IPv4 and IPv6).
For more information, see the Cisco Nexus 9000 Series Security Configuration Guide, Release 9.2(x).
Smart Channel Features
■ Smart Channel—Support added for the Cisco Nexus 93018TC-EX switch.
For more information, see the Cisco Nexus 9000 Series NX-OS Smart Channel Configuration Guide, Release 9.2(x).
Software Upgrade/Downgrade Features
■ Optionality: Added support for modular package management. Cisco NX-OS software now provides the flexibility to add, remove, and upgrade features selectively without changing the base Cisco NX-OS software.
■ vPC topology: Added the upgrade and downgrade procedure for switches in a vPC topology.
For more information, see the Cisco Nexus 9000 Series NX-OS Upgrade and Downgrade Guide, Release 9.2(x)
System Management Features
■ LLDP—Introduced the show qos dcbxp interface command.
■ MIBs—SNMP MIB support has been added for the following:
o cseTcamUsageTable in CISCO-SWITCH-ENGINE-MIB
o cefcFanTable in CISCO-ENTITY-FRU-CONTROL-MIB
o cmnMacMoveNotification in CISCO-MAC-NOTIFICATION-MIB
■ SNMP—Enhanced CISCO-ENTITY-EXT-MIB to support ceExtNVRAMSizeOverflow, ceExtHCNVRAMSize, ceExtNVRAMUsedOverflow, and ceExtHCNVRAMUsed.
■ System Message Logging—Added support to send syslog messages to remote logging servers over a secure TLS transport connection.
For more information, see the Cisco Nexus 9000 Series NX-OS System Management Configuration Guide, Release 9.2(x).
■ Weighted ECMP—Added support for Cisco Nexus 9332PQ, 9396PX, and 9396TX switches.
For more information, see the Cisco Nexus 9000 Series NX-OS Unicast Routing Configuration Guide, Release 9.2(x).
VXLAN Features
■ PIM BiDir—Support added for VXLAN underlay with and without vPC support.
■ Private VLANs with VXLAN— Support added for configuring a vn-segment to a PVLAN.
■ Proportional Multipath for VNF—Enables advertising of all the available next hops to a given network destination.
■ Sampled Flow Export—Support added for Sampled Flow (sFlow) export over VXLAN.
■ TRM with vPC—Supports multicast forwarding between sender/receiver in L3-cloud and send/receive in a VXLAN fabric.
■ VXLAN CLI Simplification—Support added for the reduction of CLI commands.
■ VXLAN Cross Connect—Support for point-to-point tunneling of data and control packets from one VTEP to another.
■ VXLAN Multi-Site with vPC—Support added for border gateways to allow local connectivity of endpoints and the enablement of bridging and routing functions for those endpoints on the border gateways.
■ VXLAN EVPN with vPC—Support added for the Cisco Nexus 9508 with 9636C-RX and 96136YC-R line cards.
For more information, see the Cisco Nexus 9000 Series NX-OS VXLAN Configuration Guide, Release 9.2(x)
This section includes the following topics:
■ Resolved Caveats—Cisco NX-OS Release 9.2(1)
■ Open Caveats—Cisco NX-OS Release 9.2(1)
■ Known Behaviors—Cisco NX-OS Release 9.2(1)
The following table lists the Resolved Caveats in Cisco NX-OS Release 9.2(1). Click the bug ID to access the Bug Search tool and see additional information about the bug.
Table 13 Resolved Caveats in Cisco NX-OS Release 9.2(1)
Bug ID |
Description |
MVR knob to disable forwarding of IGMP queries |
|
Evaluate Red Hat Linux CVE-2017-1000253 Vulnerability |
|
1G copper GLC-TE XCVR LED state is GREEN when link is not connected |
|
Packet tracer does not work on N9K |
|
N9000 SG-hash next-hop-based LB configuration missing after reload |
|
Evaluation of n9k-standalone-sw for CPU Side-Channel Information Disclos |
|
Logs for breakout interfaces seen on a non-breakout port with no breakout configs |
|
100 GbE interface doesn't stop debounce timer after insert cable |
|
Show hardware internal errors improvements - show tech support |
|
Kernel loadable module for additional info on panic and Mammoth Signal Integrity PEX settings |
|
N9k -EX all interface counters stop incrementing |
|
Kernel panic triggered reload due to fast software PSU back-to-back access |
|
PSU: Total Power Available for additional modules displays Negative value |
|
DP:"sh inventory" and "sh env f d" NXA-FAN160CFM-F should be NXA-FAN160CFM-PE |
|
N95R: 7.0(3)F3.x is join/leave dealy is slower than 7.0(3)F2.x |
|
(s,g) not timing out at decap even after data traffic stops. |
|
On SC reload the P40 reloads |
|
icam stats : iCam stats only obtained in the ingress direction |
|
Packet drops on N9K when LACP peer delayed LACP PDU with C bit 1 |
|
With logging level nbm changed to 7, when creating a new SVI, the device is stuck in infinite reboot |
|
"no feature nv overlay" doesn't clean up all state in FM-E's |
|
Tunneling BFD packets on VXLAN is NOT working for T2 platforms |
|
Telnet stuck when Vlan SVI configured as nat inside and physical interface as nat outside |
|
Redirected IP packet not forwarded to destination |
|
XLATE entry missing with > 1 FEX with same commmunity VLAN host |
|
Nexus 9K interface with MACsec enabled stuck in Auth Pending when connected to the vendor device |
|
N9K to continue session w/ primary key on primary keychain when a peer is cfg'd with mismatched key |
|
ssh session not rejected with port 22, on default vrf when the server is with non default ssh port |
|
Account for cable type to choose FEC mode for 25G ports |
|
Elaborate and comprehensive status for each key configured under a keychain (primary and fallback) |
|
n9k LDAP fails to associate correct role when using search-map userprofile attribute "memberOf" |
|
lcnd_tah_inband_decap:3072:Recv invalid src_mod:0,pi:0,svp:0,vp_based_lkup:0 - kernel |
|
orib process still exists after disable relevant feature |
|
Dummy PIM neighbor 0.0.0.0 created after creating (S,G) entry when nbm is enabled |
|
nginx_f process core using NXAPI to remove large EVPN configuration |
|
After ISSU unable to communicate with single vlan |
|
OBFL no partitions mounted on eMMC device |
|
RACL CC doesn't catch label misprogramming on bdstatetable on Cisco ASIC based switches |
|
packets lost at the moment of fex online |
|
SNMP trap not send on power supply failed/recovered on FEX |
|
Generate syslog for repeated 2B Parity Error in MMU table |
|
same_if_uc Drop for ERSPAN Pk When Egress-Intf Is L2 and Same As Original Packet Ingress |
|
N9K-C93108TC-FX: Link flap or down must occur only on eth1/54 using QSFP-100G-AOC1M |
|
[N9K] Match Statements within route-map do not function as AND for table-map |
|
Nexus 9K fatal module reload. |
|
When POAP is done, Maintenance mode profile config lost if switch reload |
|
Unable to make changes via config sync after upgrade |
|
interface stuck inactive after SFP plugge in |
The following table lists the open caveats in the Cisco NX-OS Release 9.2(1). Click the bug ID to access the Bug Search tool and see additional information about the bug.
Table 14 Open Caveats in Cisco NX-OS Release 9.2(1)
If EPLD is not latest, terminate non-disruptive ISSU |
|
OTM URIB Assert Error on Boot |
|
Cisco Nexus 3000 Series switches take more than 10 secs to populate the S,G entry. |
|
PVLAN: Secondary VLAN traffic will not hit ACL on primary VLAN's SVI. |
|
Multicast-heavy:traffic for /64 IPv6 LPM do not work in N9300-EX post ISSU(7.0(3)I6(1)->7.0(3)I7(2)) |
|
VRRP3 fails when enabled as part of CR |
|
After reload license is not checked out despite having "port-license acquire" cli under port. |
|
configure replace fails if macsec policy is associated with an interface |
|
On upgrading w/ ascii replay, no bfd echo command missing from few SVI |
|
After uninstalling feature-set mpls, the configuration replace feature fails. |
|
[NBM] CR fails for host-policy cli |
|
NGMVPN and MRIB entries not cleaned up if Data/IGMP Traffic stopped after triggers |
|
OC ACL: delete ipv4 ace with hop-limit configs fails |
|
After range of vlan delete/add, NGOAM session for couple of vlans down-BGP IMET route missing |
|
After vlan delete, see NGOAM state not cleaned up for few deleted vlans |
|
Delete the *, G policy, OIF is not removed immediately ( removed afer 3 IGMP joins). |
|
NGOAM-dot1qtunnelport down - Error-disabled without any reason |
|
Anycast prefix with label advertised diff areas is not seen as labelled prefix |
|
cevQSFPUnknown for QSFP-40/100-SRBD in entPhysicalVendorType in entPhysicalTable ENTITY-MIB |
|
L2 VNI in delete pending state after L2 vni unconfig and reconfig |
|
Link down/failure logged in syslog but interface is up from show port-channel on N92160 |
|
Syncing images to standby failed during disruptive upgrade |
The following known behaviors are in this release:
Table 4 Known Behaviors in Cisco NX-OS Release 9.2(1)
Bug ID |
Description |
On Cisco Nexus 9300-EX, 9348GC-FXP, 93108TC-FX, 93180YC-FX, 9336C-FX2, and 93240YC-FX2 switches, when 802.1q EtherType has changed on an interface, the EtherType of all interfaces on the same slice will be changed to the configured value. This change is not persistent after a reload of the switch and will revert to the EtherType value of the last port on the slice. |
■ Release 9.2(1) brings in a new kernel and new processes.
■ Interface counter statistics are grouped together in the XML/JSON output. The output for the show interface-counters command in JSON format has changed/
■ NX-API does not support insecure HTTP by default.
■ NX-API does not support weak TLSv1 protocol by default.
■ Stronger ciphers are used in this release.
■ A new command, no service password-recovery is supported.
■ Only one version out of v4 and v6 versions of the uRPF command can be configured on an interface. If one version is configured, all the mode changes must be done by the same version. The other version is blocked on that interface. Cisco Nexus 9300-EX, 9300-FX, and 9300-FX2 platform switches do not have this limitation and you can configure v4 and v6 version of urpf cmd individually.
■ In the NX-API sandbox, whenever XML or JSON output is generated for the show run command or the show startup command, the output contains additional characters.
</nf:source> <============nf: is extra
<namespace> : extra characters are seen with XML and JSON from NX-API.
To perform a software upgrade, follow the installation instructions in the Cisco Nexus 9000 Series NX-OS Software Upgrade and Downgrade Guide, Release 9.2(x).
Note: Enhanced ISSU to Cisco NX-OS Release 9.2(1) is not supported as there are kernel fixes that cannot take effect without reloading the underlying kernel.
■ When upgrading from Cisco NX-OS Releases 7.0(3)I4(8), 7.0(3)I5(3), and 7.0(3)I6(1) to Cisco NX-OS Release 9.2(1) results in a disruptive upgrade. If syncing images to standby SUP failed during the disruptive upgrade from Cisco NX-OS Releases 7.0(3)I4(8), 7.0(3)I5(3,) or 7.0(3)I6(1) to 9.2(1), you should manually copy the image to the standby SUP and perform the disruptive upgrade.
■ When upgrading to Cisco NX-OS Release to 9.2(1) from any release prior to 7.0(3)I2(3) an intermediate upgrade to 7.0(3)I4(x), 7.0(3)I5(x), 7.0(3)I6(x), or 7.0(3)I7(x) is required. We recommend using Cisco NX-OS Release 7.0(3)I4(8) or 7.0(3)I7(4) as the interim release to aid in a smooth migration. For further details, please refer to CSCvk66763.
■ When upgrading from Cisco NX-OS Release 7.0(3)I6(1) or 7.0(3)I7(1) to Cisco NX-OS Release 9.2(1), if the Cisco Nexus 9000 Series switches are running vPC and they are connected to an IOS-based switch via Layer 2 vPC, there is a likelihood that the Layer 2 port channel on the IOS side will become error disabled. The workaround is to disable the spanning-tree etherchannel guard misconfig command on the IOS switch before starting the upgrade process. Once both the Cisco Nexus 9000 Series switches are upgraded, you can re-enable the command. For more information, see defect CSCvg05807.
■ An upgrade performed via the install all command for Cisco NX-OS Release 7.0(3)I2(2b) to Release 9.2(1) might result in the VLANs being unable to be added to the existing FEX HIF trunk ports. To recover from this, the following steps should be performed after all FEXs have come online and the HIFs are operationally up:
1. Enter the copy run bootflash:fex_config_restore.cfg command at the prompt.
2. Enter the copy bootflash:fex_config_restore.cfg running-config echo-commands command at the prompt.
■ In Cisco NX-OS Release 7.0(3)I6(1) and earlier, performing an ASCII replay or running the copy file run command on a FEX HIF configuration requires manually reapplying the FEX configuration after the FEX comes back up.
■ When upgrading to Cisco NX-OS Release 9.2(1) from 7.0(3)I2(x) or before and running EVPN VXLAN configuration, an intermediate upgrade to 7.0(3)I4(x) or 7.0(3)I5(x) or 7.0(3)I6(x) is required. For further details, please refer to CSCvh02777.
■ An ISSU can be performed only from a Cisco NX-OS Release 7.0(3)I4(1) to a later image.
■ While performing an ISSU, VRRP and VRRPv3 displays the following messages:
For additional information, see the Cisco NX-OS ISSU Support application.
The following are the upgrade paths from previous 7.0(3)F3(x) releases:
■ Release 7.0(3)F3(3) -> Release 7.0(3)F3(4) -> Release 9.2(1)
■ Release 7.0(3)F3(3c) -> Release 9.2(1)
■ Release 7.0(3)F3(4) -> Release 9.2(1)
Cisco NX-OS Release 7.0(3)I1(2) Upgrade Patch
https://software.cisco.com/download/special/release.html?config=ea82d4567eeb829ad4f32ae29c627cfc
Cisco NX-OS Release 7.0(3)I1(3) Upgrade Patch
https://software.cisco.com/download/special/release.html?config=e3e68dd1e8db9633978e080b9b715df8
Cisco NX-OS Release 7.0(3)I1(3a) Upgrade Patch
https://software.cisco.com/download/special/release.html?config=0f2015eebc7ea0d606441171b4a3baf2
4. Upgrade using the install all command.
The following table is an example of a patch upgrade:
Disable the Guest Shell if you need to downgrade from Cisco NX-OS Release 9.2(1) to an earlier release.
■ ISSU (non-disruptive) downgrade is not supported.
For information about software maintenance upgrades, see the “Performing Software Maintenance Upgrades” section in the Cisco Nexus 9000 Series NX-OS System Management Configuration Guide, Release 9.2(x).
If you are going to apply the patch for the issue described in CSCvh04723, you must make sure that the ACL is deleted before applying the patch. Otherwise, the issue will be seen again. This issue applies only to the ACL which has the redirect keyword in it.
This section lists limitations related to Cisco NX-OS Release 9.2(1).
■ Due to the design of airflow, back-to-front fans requires fan speed to be run at full speed all the time. You might also see fan speeds increase from 40% to 70% post-upgrade. This applies to the following PIDs: N9K-C9272Q, N9K-C9236C, N9K-C93180YC-FX, N9K-C9364C, N9K-C9336C-FX2. This change is made as of cisco NX-OS Release 7.0(3)I7(3). If your PID is not listed, please contact Cisco TAC for additional verification.
■ Support for NetFlow is not available on FM-E based chassis.
■ PTP is not supported on the 96136YC-R line card or for line cards on the Cisco Nexus 9504 switch.
■ Auto-negotiation is not supported on 25-G Ethernet transceiver modules on Cisco Nexus 9200 and 9300-FX platform switches, and Cisco Nexus 9500 platform switches that use N9K-X9700-EX line cards.
■ On the Cisco Nexus 9364C switches, auto-negotiation might not work on ports 49-64 when bringing up 100G links using the QSFP-100G-CR4 cable. The workaround for this issue is that you must hard code the speed on ports 49-64 and disable auto-negotiation.
■ Software streaming telemetry does not support the TCP protocol. The tcp option is displayed in the Help text, but is not accepted during configuration.
■ Autonegotiation (40 G/100 G) and 1 Gb with QSA is not supported on the following ports:
o Cisco Nexus 9336C-FX2 switch: ports 1-6 and 33-36
o Cisco Nexus 9364C switch: ports 49-66
o Cisco Nexus 93240YC-FX2 switch: ports 51-54
o Cisco Nexus 9788TC line card: ports 49-52
NOTE: Peer speed must be set when using coper cables on these ports.
■ We recommend using multicast heavy template for optimal bandwidth utilization when using multicast traffic flows.
■ IPv6 multicast is not supported on Cisco Nexus 9500 platform switches.
■ Multicast heavy template is recommended for optimal bandwidth utilization when using multicast traffic flows.
■ The following features are not supported on the Cisco Nexus 9364C switch.
o 100 G port cannot support breakout (HW limitation)
■ If the speed group is configured, the default interface command displays the following error:
Error: default interface is not supported as speed-group is configured
■ Line rate cannot be sustained across all 36 ports on the 9736C-EX line card.
■ Q-in-VNI has the following limitations:
switch (config-if-nve)# no overlay-encapsulation vxlan-with-tag
!Command: show running-config interface nve1
!Time: Wed Jul 20 23:26:25 2016
host-reachability protocol bgp
member vni 900001 associate-vrf
o Single tag is not supported on Cisco Nexus 9500 platform switches; only double tag is supported.
■ Configuration replace has following limitations:
o Rollback is not supported in the context of auto configurations. Checkpoints do not store auto configurations. Therefore, after a rollback is performed, the corresponding auto configurations will not be present.
o The configuration replace feature is not supported on port profiles that are inherited on the switch interfaces.
o The configuration replace feature is not supported on switches that include FEX modules.
o The configuration replace feature is not supported for breakout interface configurations.
o The configuration replace feature is supported only for the configure terminal mode commands. The configure profile, configure maintenance mode, configure jobs, and any other modes are not supported.
o The configuration replace feature can fail if there is a change in the macsec policy between the running configuration and the user provided configuration, the configuration replace operation can fail. However, you can add or delete the macsec policy.
o The configuration replace feature is not supported on the hardware profile portmode feature on Cisco
Nexus C92160YC-X (N9K-C93180LC-EX) and Cisco Nexus C93180LC-EX (N9K-C93180LC-EX) switches.
o The configuration replace feature is not supported for the VRRPv3 feature.
■ Resilient hashing (port-channel load-balancing resiliency) and VXLAN configurations are not compatible with VTEPs using ALE uplink ports. Please note that resilient hashing is disabled by default.
■ hardware profile front portmode command is not supported on the Cisco Nexus 9000 Series switches.
■ PV (Port VLAN) configuration through an interface range is not supported.
■ neighbor-down fib-accelerate command is supported in a BGP-only environment.
■ PortLoopback and BootupPortLoopback tests are not supported.
■ Multiple MACsec peers (different SCI values) for the same interface is not supported.
o no speed–Auto negotiates and advertises all speeds (only full duplex).
o speed 1000–Auto negotiates and advertises pause (advertises only for 1000 Mbps full duplex).
■ TCAM resources are not shared when:
o Applying VACL (VLAN ACL) to multiple VLANs
o Routed ACL (Access Control List) is applied to multiple SVIs in the egress direction
■ The following switches support QSFP+ with the QSFP to SFP/SFP+ adapter (40 Gb to 10 Gb):
o N9K-C93180YC-FX
■ Note: The Cisco Nexus 9300 platforms support for the QSFP+ breakout has the following limitations:
■ 1 Gb with QSFP-to-SFP Adapter is not supported.
■ For the Cisco Nexus 9332PQ switch, all ports except 13-14 and 27-32 can support breakout.
■ The following switches support the breakout cable (40 Gb ports to 4x10-Gb ports):
o N9K-C93180LC-EX—last four ports are breakout capable (10x4, 24x4, 50x2)
o N9K-X9732C-FX line card
■ Weighted ECMP (Equal-Cost Multi-Path) is not supported on the Cisco Nexus 9000 Series switches.
■ Limitations for ALE (Application Link Engine) uplink ports are listed at the following URL:
https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus9000/sw/ale_ports/b_Limitations_for_ALE_Uplink_Ports_on_Cisco_Nexus_9000_Series_Switches.html
This section provides guidelines and limitations for configuring private VLANs.
■ Secondary and Primary VLAN Configuration
■ Private VLAN Port Configuration
■ Limitations with Other Features
For more information, see the Cisco Nexus 9000 Series NX-OS Layer 2 Switching Configuration Guide.
Private VLANs have the following configuration guidelines and limitations:
■ Private VLANs must be enabled before the device can apply the private VLAN functionality.
■ VLAN interface feature must be enabled before the device can apply this functionality.
■ PVLANs support port modes as follows:
■ PVLANs are mapped or associated depending on the PVLAN trunk mode.
■ PVLANs support the following:
¯ PACLs (Port Access Control Lists)
¯ PVLAN across switches through a regular trunk port
¯ RACLs (Router Access Control Lists)
■ PVLANs support SVIs as follows:
¯ HSRP (Hot Standby Router Protocol) on the primary SVI
¯ Primary and secondary IPs on the SVI
¯ SVI allowed only on primary VLANs
■ PVLANs support STP as follows:
¯ MST (Multiple Spanning Tree)
¯ RSTP (Rapid Spanning Tree Protocol)
■ PVLANs port mode is not supported on the following:
¯ 40-Gb interfaces of the Cisco Nexus ALE ports on Cisco Nexus 9300 platform switches.
■ PVLANs do not provide support for the following:
¯ DHCP (Dynamic Host Channel Protocol) snooping
¯ IP multicast or IGMP snooping
¯ SPAN (Switch Port Analyzer) when the source is a PVLAN VLAN
■ For more details, see the Cisco Nexus 9000 Series NX-OS Layer 2 Switching Configuration Guide.
Follow these guidelines when configuring secondary or primary VLANs in private VLANs:
■ VLAN configuration (config-vlan) mode must be used to configure PVLANs.
■ For normal trunk ports, note the following:
¯ Separate instances of STP exist for each VLAN in the private VLAN.
¯ STP parameters for the primary and all secondary VLANs must match.
¯ Primary and all associated secondary VLANs should be in the same MST instance.
■ For PVLAN isolated trunk ports, note the following:
■ Before configuring a VLAN as a secondary VLAN, you must shut down the VLAN network interface for the secondary VLAN.
Follow these guidelines when configuring private VLAN ports:
Consider these configuration limitations with other features when configuring PVLAN:
■ After configuring the association between the primary and secondary VLANs:
¯ Static MAC addresses for the secondary VLANs cannot be created.
¯ Dynamic MAC addresses that learned the secondary VLANs are aged out.
■ In PVLANs, STP controls only the primary VLAN.
■ PVLAN host or promiscuous ports cannot be SPAN destination ports.
■ PVLAN ports can be configured as SPAN source ports.
■ vPC pairing between T2 and TH platforms is not recommended.
■ The configuration is purged when:
o Straight-through FEXs are converted to dual-homed
o Dual-homed FEXs are converted to Straight-through.
There are two cases for dual-home to straight-through conversion:
For more information, see the Cisco Nexus 2000 Series NX-OS Fabric Extender Configuration Guide for Cisco Nexus 9000 Series Switches, Release 9.x.
Notes regarding unsupported features:
■ Cisco Nexus 3232C and 3264Q Switches
■ Cisco Nexus 9200, 9300-EX, and 9300-FX Platform Switches
■ Cisco Nexus 9408 Line Card and 9300 Series Switches
■ Cisco Nexus 9732C-EX Line Card
■ VXLAN
The following features are not supported for the Cisco Nexus 3232C and 3264Q switches:
■ 3264Q and 3232C platforms do not support the PXE boot of the NX-OS image from the loader.
■ Automatic negotiation support for 25-Gb and 50-Gb ports on the Cisco Nexus 3232C switch
■ Cisco Nexus 2000 Series Fabric Extenders (FEX)
■ DHCP subnet broadcast is not supported
■ Due to a Poodle vulnerability, SSLv3 is no longer supported
■ Intelligent Traffic Director (ITD)
■ Enhanced ISSU. NOTE: Check the appropriate guide to determine which platforms support Enhanced ISSU.
■ PIM6
■ Virtual port channel (vPC) peering between Cisco Nexus 3232C or 3264Q switches and Cisco Nexus 9300 platform switches or between Cisco Nexus 3232C or 3264Q switches and Cisco Nexus 3100 Series switches
The following features are not supported for the Cisco Nexus 9200 platform switches and the Cisco Nexus 93108TC-EX and 93180YC-EX switches:
■ Cisco Nexus 9272PQ and Cisco Nexus 92160YC platforms do not support the PXE boot of the NXOS image from the loader.
■ ACL filters to span subinterface traffic on the parent interface
■ Egress QoS policer is supported on the Cisco Nexus 9300-EX and 9300-FX platform switches. It is not supported on the Cisco Nexus 9200 platform switch. The only policer action supported is drop. Remark action is not supported on egress policer.
■ FEX (supported for Cisco Nexus 9300-EX platform switches but not for Cisco Nexus 9200 platform switches.)
■ GRE v4 payload over v6 tunnels
■ IP-in-IP on Cisco Nexus 92160 switch
■ ISSU enhanced is not supported on the Cisco Nexus 9300-FX platform switch.
■ Layer 2 Q-in-Q is supported only on Cisco Nexus 9300-EX platform switches (93108TC-EX and 93180YC-EX) and Cisco Nexus 9500 platform switches with the X9732C-EX line card.
■ MTU (Multi Transmission Unit) checks for packets received with an MPLS header
■ NetFlow is not supported on Cisco Nexus 9200 platform switches. It is supported on Cisco Nexus 9300-EX and 9300-FX platform switches.
■ Packet-based statistics for traffic storm control (only byte-based statistics are supported)
■ PVLANs (supported on Cisco Nexus 9300 and 9300-EX platform switches but not on Cisco Nexus 9200 platform switches)
■ Q-in-VNI is not supported on Cisco Nexus 9200 platform switches. Beginning with Cisco NX-OS Release 7.0(3)I5(1), Q-in-VNI is supported on Cisco Nexus 9300-EX platform switches.
■ Q-in-Q for VXLAN is not supported on Cisco Nexus 9200 and 9300-EX platform switches
■ Q-in-VNI is not supported on Cisco Nexus 9200 platform switches (supported on Cisco Nexus 9300-EX platform switches)
■ Resilient hashing for ECMP on the Cisco Nexus 9200 platform switches.
■ Resilient hashing for port-channel
■ Rx SPAN for multicast if the SPAN source and destination are on the same slice and no forwarding interface is on the slice
■ SVI uplinks with Q-in-VNI are not supported with Cisco Nexus 9300-EX platform switches
■ Traffic storm control for copy-to-CPU packets
■ Traffic storm control with unknown multicast traffic
■ Tx SPAN for multicast, unknown multicast, and broadcast traffic
■ VACL redirects for TAP aggregation
The following features are not supported for the Cisco Nexus 9500 platform N9K-X9408PC-CFP2 line card and Cisco Nexus 9300 platform switches with generic expansion modules (N9K-M4PC-CFP2):
■ FEX (this applies to the N9K-X9408PC-CFP2 and –EX switches, not all Cisco Nexus 9300 platform switches)
■ MCT (Multichassis EtherChannel Trunk)
■ PTP (Precision Time Protocol)
■ PVLAN (supported on Cisco Nexus 9300 platform switches)
■ Shaping support on 100g port is limited
■ SPAN destination/ERSPAN destination IP
The following features are not supported for the N9K-X96136YC-R line card:
■ Breakout is not supported.
■ PTP and gPTP are not supported.
The following features are not supported for Cisco Nexus 9508 switches with an N9K-X9732C-EX line card:
■ IPv6 support for policy-based routing
■ SPAN port-channel destinations
DHCP subnet broadcast is not supported.
■ Cisco Nexus 9300 platform switches do not support FEX on uplink modules (ALE).
■ FEX is supported only on the Cisco Nexus 9332PQ, 9372PX, 9372PX-E, 9396PX, 93180YC-EX, 93108TC-EX, 93180YC-FX, 92108TC-FX, 93240YC-FX2, 9336C-FX2, and 9500 platform switches (FEX is not supported on the N9K-X9732C-EX line card, and Cisco Nexus 9200 platforms).
■ FEX vPC is not supported between any model of FEX and the Cisco Nexus 9500 platform switches as the parent switches.
■ IPSG (IP Source Guard) is not supported on FEX ports.
■ VTEP connected to FEX host interface ports is not supported.
The following lists other features not supported in the current release:
■ Cisco Nexus 9300 platform switches do not support the 64-bit ALPM routing mode.
■ Due to a Poodle vulnerability, SSLv3 is no longer supported.
■ IPSG is not supported on the following:
¯ The last six 40-Gb physical ports on the Cisco Nexus 9372PX, 9372TX, and 9332PQ switches
¯ All 40G physical ports on the Cisco Nexus 9396PX, 9396TX, and 93128TX switches
This section lists PVLAN features that are not supported.
· PVLAN PO/VPC PO is not supported on Cisco Nexus N9K-X9632PC-QSFP100, N9K-X9432C-S.
This section lists VXLAN features that are not supported.
■ Consistency checkers are not supported for VXLAN tables.
■ DHCP snooping and DAI features are not supported on VXLAN VLANs.
■ IPv6 for VXLAN EVPN ESI MH is not supported.
■ Native VLANs for VXLAN are not supported. All traffic on VXLAN Layer 2 trunks needs to be tagged.
■ QoS buffer-boost is not applicable for VXLAN traffic.
■ QoS classification is not supported for VXLAN traffic in the network-to-host direction as ingress policy on uplink interface.
■ Static MAC pointing to remote VTEP (VXLAN Tunnel End Point) is not supported with BGP EVPN (Ethernet VPN).
■ TX SPAN (Switched Port Analyzer) for VXLAN traffic is not supported for the access-to-network direction.
■ VXLAN routing and VXLAN Bud Nodes features on the 3164Q platform are not supported.
■ The following ACL related features are not supported:
■ Egress RACL that is applied on an uplink Layer 3 interface that matches on the inner or outer payload in the access-to-network direction (encapsulated path).
■ Ingress RACL that is applied on an uplink Layer 3 interface that matches on the inner or outer payload in the network-to-access direction (decapsulated path).
The entire Cisco Nexus 9000 Series NX-OS documentation set is available at the following URL:
https://www.cisco.com/c/en/us/support/switches/nexus-9000-series-switches/tsd-products-support-series-home.html
Cisco Nexus 9000 Series Software Upgrade and Downgrade Guide URL:
https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus9000/sw/92x/upgrade/guide/b-cisco-nexus-9000-nx-os-software-upgrade-downgrade-guide-92x.html
The Cisco Nexus 3164Q Switch - Read Me First is available at the following URL:
https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus3164/sw/6x/readme/b_Cisco_Nexus_3164Q_Switch_Read_Me_First.html
The Cisco Nexus 31128PQ Switch - Read Me First is available at the following URL:
https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus31128/sw/readme/b_Cisco_Nexus_31128PQ_Switch_Read_Me_First.html
The Cisco Nexus 3232C/3264Q Switch - Read Me First is available at the following URL:
https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus3232and3264/sw/7x/readme/b_Cisco_Nexus_3232C_and_3264Q_Switch_Read_Me_First.html
The Cisco Nexus 3000 and 9000 Series NX-API REST SDK User Guide and API Reference is available at the following URL:
https://developer.cisco.com/site/nx-os/docs/n3k-n9k-api-ref/
The Cisco NX-OS Supported MIBs URL:
ftp://ftp.cisco.com/pub/mibs/supportlists/nexus9000/Nexus9000MIBSupportList.html
The Cisco Nexus 9000 Series FPGA/EPLD Upgrade Release Notes, Release 9.2(1) is available at the following URL.
https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus9000/sw/92x/epld-rn/nxos_n9K_epldRN_921.html
https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus9000/sw/9-x/scalability/guide_921/b_Cisco_Nexus_9000_Series_NX-OS_Verified_Scalability_Guide_921.html
To provide technical feedback on this document, or to report an error or omission, please send your comments to nexus9k-docfeedback@cisco.com. We appreciate your feedback.
For information on obtaining documentation and gathering additional information, see the monthly What’s New in Cisco Product Documentation, which also lists all new and revised Cisco technical documentation, at:
https://www.cisco.com/en/US/docs/general/whatsnew/whatsnew.html
Open a service request online at:
https://tools.cisco.com/ServiceRequestTool/create/launch.do
Subscribe to the What’s New in Cisco Product Documentation as a Really Simple Syndication (RSS) feed and set content to be delivered directly to your desktop using a reader application. The RSS feeds are a free service and Cisco currently supports RSS version 2.0.
This product includes cryptographic software written by Eric Young (eay@cryptsoft.com). This product includes software developed by the OpenSSL Project for use in the OpenSSL Toolkit. (http://www.openssl.org/). This product includes software written by Tim Hudson (tjh@cryptsoft.com).
Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this URL: www.cisco.com/go/trademarks. Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1110R)