PDF(379.6 KB) View with Adobe Reader on a variety of devices
ePub(92.1 KB) View in various apps on iPhone, iPad, Android, Sony Reader, or Windows Phone
Mobi (Kindle)(140.3 KB) View on Kindle device or Kindle app on multiple devices
Updated:November 30, 2016
Bias-Free Language
The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
Release Notes for Catalyst 3850 Series Switch, Cisco IOS XE Everest 16.4.1
First Published: November 30, 2016
This release note gives an overview of the features for the Cisco IOS XE Everest 16.4.1 software on the Cisco Catalyst 3850 Series Switches.
Unless otherwise noted, the terms switch and device refer to a standalone switch and to a switch stack.
Note - For information about unsupported features, see Important Notes. - For information about software and hardware restrictions and limitations, see Limitations and Restrictions. - For information about open issues with the software and past opens that are resolved now, see Caveats.
Introduction
Cisco Catalyst 3850 Series Switches are the next generation of enterprise class stackable access layer switches that provide full convergence between wired and wireless networks on a single platform. This convergence is built on the resilience of new and improved 480-Gbps StackWise-480 and Cisco StackPower. Wired and wireless security and wireless application visibility and control are natively built into the switch.
Cisco Catalyst 3850 Series Switches also support full IEEE 802.3 at Power over Ethernet Plus (PoE+), modular and field replaceable network modules, redundant fans, and power supplies. They enhance productivity by enabling applications such as IP telephony, wireless, and video for a true borderless network experience.
Cisco IOS XE represents the continuing evolution of the preeminent Cisco IOS operating system. The Cisco IOS XE architecture and well-defined set of APIs extend the Cisco IOS software to improve portability across platforms and extensibility outside the Cisco IOS environment. The Cisco IOS XE software retains the same look and feel of the Cisco IOS software, while providing enhanced future-proofing and improved functionality.
Whats New in Cisco IOS XE Everest 16.4.1
There are no new hardware or software features in this release.
Important Notes
Starting with Cisco IOS XE Denali 16.3.x, Secure Shell (SSH) Version 1 is deprecated. Use SSH Version 2 instead.
Although visible in the CLI, the following commands are not supported:
– collect flow username
– authorize-lsc-ap (CSCui93659)
The following features available in Cisco IOS XE Release 3.7.3E, are not supported in Cisco IOS XE Everest 16.4.1:
– Cisco Plug-In for OpenFlow (OpenFlow 1.0 and 1.3)
The following feature is available in Cisco IOS XE Release 3.6.3E, but is not supported in Cisco IOS XE Everest 16.4.1:
– Cisco Discovery Protocol (CDP) Bypass
The following features are not supported in Cisco IOS XE Everest 16.4.1:
– IP-in-IP (IPIP) Tunneling
– Mesh, FlexConnect, and OfficeExtend access point deployment
– Wireless Guest Anchor Controller (Cisco Catalyst 3850 Series Switches can be configured as a foreign controller.)
– DVMRP Tunneling
– Port Security on EtherChannel
– 802.1x Configurable username and password for MAB
– IEEE 802.1X-2010 with 802.1AE support
– Command Switch Redundancy
– CNS Config Agent
– Dynamic Access Ports
– IPv6 Ready Logo phase II - Host
– IPv6 IKEv2 / IPSecv3
– Fallback bridging for non-IP traffic
– DHCP snooping ASCII circuit ID
– Protocol Storm Protection
– Per VLAN Policy & Per Port Policer
– Packet Based Storm Control
– Ingress/egress Shared Queues
– Trust Boundary Configuration
– Cisco Group Management Protocol (CGMP)
– Device classifier for ASP
– IPSLA Media Operation
– Passive Monitoring
– Performance Monitor (Phase 1)
– AAA: TACACS over IPv6 Transport
– Auto QoS for Video endpoints
– EX SFP Support (GLC-EX-SMD)
– IPv6 Strict Host Mode Support
– IPv6 Static Route support on LAN Base images
– VACL Logging of access denied
– RFC5460 DHCPv6 Bulk Leasequery
– DHCPv6 Relay Source Configuration
– RFC 4293 IP-MIB (IPv6 only)
– RFC 4292 IP-FORWARD-MIB (IPv6 only)
– RFC4292/RFC4293 MIBs for IPv6 traffic
– Layer 2 Tunneling Protocol Enhancements
– UniDirectional Link Routing (UDLR)
– Pragmatic General Multicast (PGM)
– DAI, IPSG Interoperability
– Ingress Strict Priority Queuing (Expedite)
– Weighted Random Early Detect (WRED)
– Improvements in QoS policing rates
– Fast SSID support for guest access WLANs
Supported Hardware
Catalyst 3850 Switch Models
Table 1 Catalyst 3850 Switch Models
Switch Model
Cisco IOS Image
Description
WS-C3850-24T-L
LAN Base
Cisco Catalyst 3850 Stackable 24 10/100/1000 Ethernet ports, with 350-WAC power supply 1 RU, LAN Base feature set (StackPower cables must be purchased separately)
WS-C3850-48T-L
LAN Base
Cisco Catalyst 3850 Stackable 48 10/100/1000 Ethernet ports, with 350-WAC power supply 1 RU, LAN Base feature set (StackPower cables must be purchased separately)
WS-C3850-24P-L
LAN Base
Cisco Catalyst 3850 Stackable 24 10/100/1000 Ethernet PoE+ ports, with 715-WAC power supply 1 RU, LAN Base feature set (StackPower cables must be purchased separately)
WS-C3850-48P-L
LAN Base
Cisco Catalyst 3850 Stackable 48 10/100/1000 Ethernet PoE+ ports, with 715-WAC power supply 1 RU, LAN Base feature set (StackPower cables must be purchased separately)
WS-C3850-48F-L
LAN Base
Cisco Catalyst 3850 Stackable 48 10/100/1000 Ethernet PoE+ ports, with 1100-WAC power supply 1 RU, LAN Base feature set (StackPower cables must be purchased separately)
WS-C3850-12X48U-L
LAN Base
Stackable 12 100M/1G/2.5G/5G/10G and 36 1G UPoE ports, 1 network module slot, 1100 W power supply
WS-C3850-24XU-L
LAN Base
Stackable 24 100M/1G/2.5G/5G/10G UPoE ports, 1 network module slot, 1100 W AC power supply 1RU
WS-C3850-24T-S
IP Base
Cisco Catalyst 3850 Stackable 24 10/100/1000 Ethernet ports, with 350-WAC power supply 1 RU, IP Base feature set
WS-C3850-48T-S
IP Base
Cisco Catalyst 3850 Stackable 48 10/100/1000 Ethernet ports, with 350-WAC power supply 1 RU, IP Base feature set
WS-C3850-24P-S
IP Base
Cisco Catalyst 3850 Stackable 24 10/100/1000 Ethernet PoE+ ports, with 715-WAC power supply 1 RU, IP Base feature set
WS-C3850-48P-S
IP Base
Cisco Catalyst 3850 Stackable 48 10/100/1000 Ethernet PoE+ ports, with 715-WAC power supply 1 RU, IP Base feature set
WS-C3850-48F-S
IP Base
Cisco Catalyst 3850 Stackable 48 10/100/1000 Ethernet PoE+ ports, with 1100-WAC power supply, 1 RU.
WS-C3850-24PW-S
IP Base
Cisco Catalyst 3850 24-port PoE IP Base with 5-access point license
WS-C3850-48PW-S
IP Base
Cisco Catalyst 3850 48-port PoE IP Base with 5-access point license
Catalyst 3850 12-port SFP+ transceiver, 1 network module slot, support for up to 10 G SFP+, 350 W power supply
WS-C3850-16XS-S
IP Base
Catalyst 3850 16-port SFP+ transceiver, 1 network module slot, support for up to 10 G SFP+, 350 W power supply.
16 ports are available when the C3850-NM-4-10G network module is plugged into the WS-C3850-12XS-S switch.
WS-C3850-24XS-S
IP Base
Catalyst 3850 24-port SFP+ transceiver, 1 network module slot, support for up to 10 G SFP+, 715 W power supply.
WS-C3850-32XS-S
IP Base
Catalyst 3850 32-port SFP+ transceiver, 1 network module slot, support for up to 10 G SFP+, 715 W power supply.
32 ports are available when the C3850-NM-8-10G network module is plugged into the WS-C3850-24XS-S switch.
WS-C3850-48XS-S
IP Base
Standalone Cisco Catalyst 3850 Switch, that supports SFP+ transceivers, 48 ports that support up to 10G, and 4 QSFP ports that support up to 40G, and 750WAC front-to-back power supply. 1 RU.
WS-C3850-48XS-F-S
IP Base
Standalone Cisco Catalyst 3850 Switch that supports SFP+ transceivers, 48 ports that support up to 10G, and 4 QSFP ports that support up to 40G, and 750WAC back-to-front power supply. 1 RU.
WS-C3850-12X48U-S
IP Base
Stackable 12 100M/1G/2.5G/5G/10G and 36 1 G UPoE ports, 1 network module slot, 1100 W power supply
WS-C3850-24XU-S
IP Base
Stackable 24 100M/1G/2.5G/5G/10G UPoE ports, 1 network module slot, 1100 W AC power supply 1RU
WS-C3850-24T-E
IP Services
Cisco Catalyst 3850 Stackable 24 10/100/1000 Ethernet ports, with 350-WAC power supply 1 RU, IP Services feature set
WS-C3850-48T-E
IP Services
Cisco Catalyst 3850 Stackable 48 10/100/1000 Ethernet ports, with 350-WAC power supply 1 RU, IP Services feature set
WS-C3850-24P-E
IP Services
Cisco Catalyst 3850 Stackable 24 10/100/1000 Ethernet PoE+ ports, with 715-WAC power supply 1 RU, IP Services feature set
WS-C3850-48P-E
IP Services
Cisco Catalyst 3850 Stackable 48 10/100/1000 Ethernet PoE+ ports, with 715-WAC power supply 1 RU, IP Services feature set
WS-C3850-48F-E
IP Services
Cisco Catalyst 3850 Stackable 48 10/100/1000 Ethernet PoE+ ports, with 1100-WAC power supply 1 RU, IP Services feature set
Catalyst 3850 12-port SFP+ transceiver, 1 network module slot, support for up to 10 G SFP+, 350 -W power supply
WS-C3850-16XS-E
IP Services
Catalyst 3850 16-port SFP+ transceiver, 1 network module slot, support for up to 10 G SFP+, 350 W power supply
16 ports are available when the C3850-NM-4-10G network module is plugged into the WS-C3850-12XS-E switch.
WS-C3850-24XS-E
IP Services
Catalyst 3850 24-port SFP+ transceiver, 1 network module slot, support for up to 10 G SFP+, 715 W power supply
WS-C3850-32XS-E
IP Services
Catalyst 3850 32-port SFP+ transceiver, 1 network module slot, support for up to 10 G SFP+, 715 W power supply
32 ports are available when the C3850-NM-8-10G network module is plugged into the WS-C3850-24XS-E switch
WS-C3850-12X48U-E
IP Services
Stackable 12 100M/1G/2.5G/5G/10G and 36 1 G UPoE ports, 1 network module slot, 1100 W power supply
WS-C3850-24XU-E
IP Services
Stackable 24 100M/1G/2.5G/5G/10G UPoE ports, 1 network module slot, 1100 W AC power supply 1RU
WS-C3850-48XS-E
IP Services
Standalone Cisco Catalyst 3850 Switch that supports SFP+ transceivers, 48 ports that support up to 10G, and 4 QSFP ports that support up to 40G, and 750 WAC front-to-back power supply. 1 RU.
WS-C3850-48XS-F-E
IP Services
Standalone Cisco Catalyst 3850 Switch that supports SFP+ transceivers, 48 ports that support up to 10G, and 4 QSFP ports that support up to 40G, and 750WAC back-to-front power supply. 1 RU.
Network Modules
Table 2 lists the three optional uplink network modules with 1-Gigabit and 10-Gigabit slots. You should only operate the switch with either a network module or a blank module installed.
Table 2 Supported Network Modules
Network Module
Description
C3850-NM-4-1G
This module has four 1 G SFP module slots. Any combination of standard SFP modules are supported. SFP+ modules are not supported.
If you insert an SFP+ module in the 1G network module, the SFP+ module does not operate, and the switch logs an error message.
Note This is supported on the following switch models:
– WS-C3850-24T/P/U
– WS-C3850-48T/F/P/U
– WS-C3850-12X48U
– WS-C3850-24XU
– WS-C3850-12S
– WS-C3850-24S
C3850-NM-2-10G
This module has four slots:
Two slots (left side) support only 1 G SFP modules and two slots (right side) support either 1 G SFP or 10 G SFP modules.
Note This is supported on the following switch models:
– WS-C3850-24T/P/U
– WS-C3850-48T/F/P/U
– WS-C3850-12X48U
– WS-C3850-24XU
– WS-C3850-12S
– WS-C3850-24S
C3850-NM-4-10G
This module has four 10 G slots or four 1 G slots.
Note This is supported on the following switch models:
– WS-C3850-48T/F/P/U
– WS-C3850-12X48U
– WS-C3850-24XU
– WS-C3850-12XS
– WS-C3850-24XS
C3850-NM-8-10G
This module has eight 10 G slots with an SFP+ port in each slot. Each port supports a 1 G or 10 G connection
Note This is supported on the following switch models:
– WS-C3850-12X48U
– WS-C3850-24XU
– WS-C3850-24XS
C3850-NM-2-40G
This module has two 40 G slots with a QSFP+ connector in each slot.
Note This is supported on the following switch models:
– WS-C3850-12X48U
– WS-C3850-24XU
– WS-C3850-24XS
Optics Modules
Catalyst switches support a wide range of optics. Because the list of supported optics is updated on a regular basis, consult the tables at this URL for the latest (SFP) compatibility information:
2.The Cisco IOS XE Denali 16.2.1 features are not available with 3.0.2, but 3.0.2 is compatible with Cisco IOS XE Denali 16.2.1.
3.Cisco 5700 (with Cisco IOS XE Release 03.06.03E/Cisco IOS XE Release 03.07.02E) inter-operates as a Peer MC with Catalyst 3850 running Cisco IOS XE Denali 16.1.1.
4.Because of SHA-2 certificate implementation, MSE 7.6 is not compatible with Cisco IOS XE Release 3.6E and later. Therefore, we recommend that you upgrade to MSE 8.0.
5.If MSE is deployed on your network, we recommend that you upgrade to Cisco Prime Infrastructure 2.1.2.
6.Cisco WLC Release 7.6 is not compatible with Cisco Prime Infrastructure 2.0.
7.Prime Infrastructure 2.0 enables you to manage Cisco WLC 7.5.102.0 with the features of Cisco WLC 7.4.110.0 and earlier releases. Prime Infrastructure 2.0 does not support any features of Cisco WLC 7.5.102.0 including the new AP platforms.
For more information on the compatibility of wireless software components across releases, see the Cisco Wireless Solutions
– Microsoft Internet Explorer—Versions 10 and later (On Windows)
– Mozilla Firefox—Version 33 and later (On Windows and Mac)
– Safari—Version 7 and later (On Mac)
Finding the Software Version and Feature Set
Table 7 shows the mapping of the Cisco IOS XE version number and the Cisco IOS version number.
Table 7 Cisco IOS XE to Cisco IOS Version Number Mapping
Cisco IOS XE Version
Cisco IOSd Version
Cisco Wireless Control Module Version
Access Point Version
Everest 16.4.1
Not applicable
Everest 16.4.1
15.3(3)JPD
Denali 16.3.2
Not applicable
Denali 16.3.2
15.3(3)JPC2
Denali 16.3.1
Not applicable
Denali 16.3.1
15.3(3)JPC
Denali 16.2.2
Not applicable
Denali 16.2.2
15.3(3)JPB1
Denali 16.2.1
Not applicable
Denali 16.2.1
15.3(3)JPB
Denali 16.1.3
Not applicable
Denali 16.1.3
15.3(3)JNP2
Denali 16.1.2
Not applicable
Denali 16.1.2
15.3(3)JNP1
Denali 16.1.1
Not applicable
Denali 16.1.1
15.3(3)JNP
03.07.03E
15.2(3)E3
10.3.130.0
15.3(3)JNB3
03.07.02E
15.2(3)E2
10.3.100.0
15.3(3)JNB1
03.07.01E
15.2(3)E1
10.3.100.0
15.3(3)JNB1
03.07.00E
15.2(3)E
10.3.100.0
15.3(3)JNB
03.06.04E
15.2(2)E4
10.2.140.0
15.3(3)JN8
03.06.03E
15.2(2)E3
10.2.131.0
15.3(3)JN7
03.06.02aE
15.2(2)E2
10.2.120.0
15.3(3)JN4
03.06.01E
15.2(2)E1
10.2.111.0
15.3(3)JN3
03.06.00E
15.2(2)E
10.2.102.0
15.3(3)JN
03.03.05SE
15.0(1)EZ5
10.1.150.0
15.2(4)JB7
03.03.04SE
15.0(1)EZ4
10.1.140.0
15.2(4)JB6
03.03.03SE
15.0(1)EZ3
10.1.130.0
15.2(4)JB5h
03.03.02SE
15.0(1)EZ2
10.1.121.0
15.2(4)JB5
03.03.01SE
15.0(1)EZ1
10.1.110.0
15.2(4)JB2
03.03.00SE
15.0(1)EZ
10.1.100.0
15.2(4)JN
The package files for the Cisco IOS XE software are stored on the system board flash device (flash:).
You can use the show version privileged EXEC command to see the software version that is running on your switch.
Note Although the show version output always shows the software image running on the switch, the model name shown at the end of this display is the factory configuration and does not change if you upgrade the software license.
You can also use the dir filesystem : privileged EXEC command to see the directory names of other software images that you might have stored in flash memory.
Note You cannot use the Web UI to install, upgrade to, or downgrade from Cisco IOS XE Denali 16.1.x, 16.2.x,16.3.x, or Cisco IOS XE Everest 16.4.1.
Table 8 Software Images
Release
Image
File Name
Cisco IOS XE Everest 16.4.1
Universal
cat3k_caa-universalk9.16.04.01.SPA.bin
Universal without DTLS
cat3k_caa-universalk9ldpe.16.04.01.SPA.bin
Table 9 Changes in Software Installation CLI Commands
Cisco IOS XE 3.xE
Switch#software ?
auto-upgrade
Initiate auto upgrade for switches running incompatible software
clean
Clean unused package files from local media
commit
Commit the provisioned software and cancel the automatic rollback timer
expand
Expand a software bundle to local storage, default location is where the bundle currently resides
install
Install software
rollback
Rollback the committed software
Cisco IOS XE Denali and Everest 16.x.x Commands
Switch#request platform software package ?
clean
Clean unnecessary package files from media
copy
Copy package to media
describe
Describe package content
expand
Expand all-in-one package to media
install
Package installation
uninstall
Package uninstall
verify
Verify ISSU software package compatibility
Automatic Boot Loader Upgrade
When you upgrade from any prior IOS 3.xE release to an IOS XE 16.x.x release for the first time, the boot loader is automatically upgraded and it will take effect on the next reload. For subsequent IOS XE 16.x.x releases, if the boot loader is updated in those releases, it will be automatically upgraded when you load the new release on the switch. If you go back to an IOS 3.xE release, your boot loader will not be downgraded. The updated boot loader supports all previous IOS 3.xE releases.
Caution Do not power cycle your switch during the upgrade.
Scenario
Automatic Boot Loader Response
If you boot Cisco IOS XE Everest 16.4.1 the first time
The boot loader is upgraded to version 4.28. For example:
BOOTLDR: CAT3K_CAA Boot Loader (CAT3K_CAA-HBOOT-M) Version 4.28, RELEASE SOFTWARE (P)
During the automatic boot loader upgrade, while booting Cisco IOS XE Everest 16.4.1, you will see the following on the console:
%IOSXEBOOT-Wed-###: (rp/0): Nov 30 01:17:05 Universal 2016 PLEASE DO NOT POWER CYCLE ### BOOT LOADER UPGRADING%IOSXEBOOT-loader-boot: (rp/0): upgrade successful
If you boot Cisco IOS XE Denali 16.3.2 the first time
The boot loader is upgraded to version 4.28. For example:
BOOTLDR: CAT3K_CAA Boot Loader (CAT3K_CAA-HBOOT-M) Version 4.28, RELEASE SOFTWARE (P)
During the automatic boot loader upgrade, while booting Cisco IOS XE Denali 16.3.2, you will see the following on the console:
%IOSXEBOOT-Wed-###: (rp/0): Nov 2 20:46:19 Universal 2016 PLEASE DO NOT POWER CYCLE ### BOOT LOADER UPGRADING
During an IOS image upgrade or downgrade on a PoE or UPoE switch, the microcode is updated to reflect applicable feature enhancements and bug fixes. Do not restart the switch during the upgrade or downgrade process. With the Cisco IOS XE Denali 16.x.x release, it takes approximately an additional 4 minutes to complete the microcode upgrade in addition to the normal reload time. The microcode update occurs only during an image upgrade or downgrade on PoE or UPoE switches. It does not occur during switch reloads or on non-PoE switches.
The following console messages are displayed during microcode upgrade:
Front-end Microcode IMG MGR: found 4 microcode images for 1 device.
Image for front-end 0: /tmp/microcode_update/front_end/fe_type_6_0
Image for front-end 0: /tmp/microcode_update/front_end/fe_type_6_1
Image for front-end 0: /tmp/microcode_update/front_end/fe_type_6_2
Image for front-end 0: /tmp/microcode_update/front_end/fe_type_6_3
Front-end Microcode IMG MGR: Preparing to program device microcode...
Front-end Microcode IMG MGR: Preparing to program device[0]...594412 bytes....
Skipped[0].
Front-end Microcode IMG MGR: Preparing to program device[0]...381758 bytes.
Front-end Microcode IMG MGR: Microcode programming complete for device 0.
Front-end Microcode IMG MGR: Preparing to program device[0]...86370 bytes....
Skipped[3].
Front-end Microcode IMG MGR: Microcode programming complete in 237 seconds
Upgrading to Cisco IOS XE Everest 16.4.1
This section describes the process you have to follow to upgrade from Cisco IOS XE 3.xE or Cisco IOS XE Denali 16.x.x releases to Cisco IOS XE Everest 16.4.1.
Due to an increase in the Cisco IOS XE Everest 16.4.1 software image size, there may not be sufficient space to perform an upgrade using flash: (See CSCvc26183). The In-Place Package Expansion for Software Image feature was instroduced in prior releases to help with this issue, but the feature is not supported on all releases. Depending on the existing software version you are using you may have to first upgrade to an intermediate release and then then to Cisco IOS XE Everest 16.4.1.
Refer to the table below to know the upgrade proces you have to follow.
Existing Release—This is the software release you are currently using.
Intermediate Release—Indicates the software release you must first upgrade to, before upgrading to the target release. The link provides information about the procedure you have to follow.
Target Release—Provides information about how you can upgrade to Cisco IOS XE Everest 16.4.1. Whether you upgraded to an intermediate release or not, you must complete this step to upgrade to Cisco IOS XE Everest 16.4.1
Existing Release
Intermediate Release
Target Release
Cisco IOS XE 3.xE
Cisco IOS XE Denali 16.3.1 (1GB of flash space reqd.)
In Cisco IOS XE Denali 16.1.1, right-to-use (RTU) licensing has been modified to allow stack members to join a stack without having the same license level as the rest of the existing stack. The mismatched switch will not be put into Lic-Mismatch state. Even though the switch with the mismatched license is allowed to join the stack, the following syslog message is displayed periodically reminding you to fix the RTU license level:
%STACK_RTU_LICENSE-6-IOSD_LIC_MISMATCH:Switch 5 R0/0: stack_mgr: Switch #5: Current IOSd runs on lanbase license while RTU active license is ipservices. Please configure RTU license to current IOSd license.
The EXEC mode Right to Use License command allows you to activate or deactivate feature set licenses or Adder AP Count Licenses. This command provides options to activate or deactivate any license supported on the platform.
Activate IP Base license on all the switches in the stack. EULA will be prompted, accept the EULA by typing ‘yes’.
2
Show license right-to-use
Check the reboot license level is ipbase for all the switches.
3
Reload
Reboot the switch to boot with ipbase.
Changing the License Level of License Mismatch Switch from Active’s Console
If the license mismatch switch has a lower license level than other switches in the stack, and the stack is running at IP Services and the mismatch switch is booted with IP Base license.
Step
Command
Purpose
1
show switch
Get the switch number in license mismatch state.
2
show license right-to-use mismatch
Check the license level of the license mismatch switch.
Activate IP Services license on all the mismatch switches in the stack. EULA will be prompted, accept the EULA by typing ‘yes’.
4
Reload slot <switch-id>
Reboot the license mismatch switch to boot with ipservices and join the stack.
If the license mismatch switch has a higher license level than other switches in the stack, and the stack is running at IP Base and the mismatch switch is booted with IP Services license.
Step
Command
Purpose
1
show switch
Get the switch number in license mismatch state.
2
show license right-to-use mismatch
Check the license level of the license mismatch switch.
Pass the number of AP count licenses to add as count. Pass the switch-id on which the Adder AP count licenses are to be added. EULA is prompted, accept it by typing ‘yes’.
2
Show license right-to-use slot <switch-id>
Check the adder AP count licenses are incremented on the given switch.
3
Show license right-to-use summary
Check the total Adder AP count licenses are incremented and the Total available AP count are incremented.
Deactivates evaluation AP Count licenses on the stack.
2
Show license right-to-use summary
Base and Adder AP Count licenses are displayed. Total available AP Count is sum of Base and Adder AP Count.
Feature Sets
The Catalyst 3850 switch supports three different feature sets:
LAN Base feature set—Provides basic Layer 2+ features, including access control lists (ACLs) and quality of service (QoS), and up to 255 VLANs.
IP Base feature set—Provides Layer 2+ and basic Layer 3 features (enterprise-class intelligent services). These features include access control lists (ACLs), quality of service (QoS), static routing, EIGRP stub routing, IP multicast routing, Routing Information Protocol (RIP), basic IPv6 management, the Open Shortest Path First (OSPF) Protocol (for routed access only), and support for wireless controller functionality. The license supports up to 4094 VLANs.
IP Services feature set—Provides a richer set of enterprise-class intelligent services and full IPv6 support. It includes all IP Base features plus full Layer 3 routing (IP unicast routing, IP multicast routing, and fallback bridging for only IP traffic). The IP Services feature set includes protocols such as the Enhanced Interior Gateway Routing Protocol (EIGRP), the Open Shortest Path First (OSPF) Protocol, and support for wireless controller functionality. The license supports up to 4094 VLANs.
Note A separate access point count license is required to use the switch as a wireless controller.
For more information about the features, see the product data sheet at this URL:
Open, WEP, PSK (WPA and WPA2), 802.1X (WPA-TKIP and WPA2-AES) (LEAP, PEAP, EAP-FAST, EAP-TLS)
RADIUS
ACS 5.3, ISE 1.2
Types of tests
Connectivity, traffic, and roaming between two access points
Table 11 lists the client types on which the tests were conducted. The clients included laptops, handheld devices, and phones.
Table 11 Client Types
Client Type and Name
Version
Laptop
Intel 5100/5300
v14.3.2.1
Intel 6200
15.15.0.1
Intel 6300
15.16.0.2
Intel 6205
15.16.0.2
Intel 1000/1030
v14.3.0.6
Intel 7260
18.33.0.2
Intel 7265
18.40.0.9
Intel 3160
18.33.0.2
Broadcom 4360
6.30.163.2005
Linksys AE6000 (USB)
5.1.2.0
Netgear A6200 (USB)
6.30.145.30
Netgear A6210(USB)
5.1.18.0
D-Link DWA-182 (USB)
6.30.145.30
Engenius EUB 1200AC(USB)
1026.5.1118.2013
Asus AC56(USB)
1027.7.515.2015
Dell 1395/1397/Broadcom 4312HMG(L)
5.30.21.0
Dell 1501 (Broadcom BCM4313)
v5.60.48.35/v5.60.350.11
Dell 1505/1510/Broadcom 4321MCAG/4322HM
5.60.18.8
Dell 1515(Atheros)
8.0.0.239
Dell 1520/Broadcom 43224HMS
5.60.48.18
Dell 1530 (Broadcom BCM4359)
5.100.235.12
Dell 1540
6.30.223.215
Cisco CB21
1.3.0.532
Atheros HB92/HB97
8.0.0.320
Atheros HB95
7.7.0.358
MacBook Pro
OSX 10.11.5
MacBook Air old
OSX 10.11.5
MacBook Air new
OSX 10.11.5
Macbook Pro with Retina Display
OSX 10.11.5
Macbook New 2015
OSX 10.11.5
Tablets
Apple iPad2
iOS 9.3.1(13E238)
Apple iPad3
iOS 9.3.1(13E238)
Apple iPad mini with Retina display
iOS 9.3.1(13E238)
Apple iPad Air
iOS 9.3.1(13E238)
Apple iPad Air 2
iOS 9.3.1(13E238)
Samsung Galaxy Tab Pro SM-T320
Android 4.4.2
Samsung Galaxy Tab 10.1- 2014 SM-P600
Android 4.4.2
Samsung Galaxy Note 3 – SM-N900
Android 5.0
Microsoft Surface Pro 3
Windows 8.1
Driver: 15.68.3073.151
Microsoft Surface Pro 2
Windows 8.1
Driver: 14.69.24039.134
Google Nexus 9
Android 6.0
Google Nexus 7 2nd Gen
Android 5.0
Phones
Cisco 7921G
1.4.5.3.LOADS
Cisco 7925G
1.4.5.3.LOADS
Cisco 8861
Sip88xx.10-2-1-16
Apple iPhone 4S
iOS 9.2(13C75)
Apple iPhone 5
iOS 9.3.1(13E238)
Apple iPhone 5s
iOS 9.3.1(13E238)
Apple iPhone 5c
iOS 9.3.1(13E238)
Apple iPhone 6
iOS 9.3.1(13E238)
Apple iPhone 6 Plus
iOS 9.3.1(13E238)
Apple iPhone SE
iOS 9.3.1(13E238)
HTC One
Android 5.0
OnePlusOne
Android 4.3
Samsung Galaxy S4 – GT-I9500
Android 5.0.1
Sony Xperia Z Ultra
Android 4.4.2
Nokia Lumia 1520
Windows Phone 8.1
Google Nexus 5
Android 5.1
Nexus 6
Android 5.1.1
Samsung Galaxy S5-SM-G900A
Android 4.4.2
Huawei Ascend P7
Android 4.4.2
Samsung Galaxy S III
Android 4.4.2
Google Nexus 9
Android 6.0
Samsung Galaxy Nexus GTI9200
Android 4.4.2
Samsung Galaxy Mega SM900
Android 4.4.2
Samsung Galaxy S6
Android 6.0.1
Samsung Galaxy S5
Android 5.0.1
Xiaomi Mi 4i
Android 5.1.1
Samsung Galaxy S7
Android 6.0.1
Scaling Guidelines
Table 12 Scaling Guidelines
System Feature
Maximum Limit
Number of HTTP session redirections system-wide
Up to 100 clients per second (wired/wireless)
Number of HTTPS session redirections system-wide
Up to 5 clients per second (wireless)
Up to 20 clients per second (wired)
Limitations and Restrictions
Limitations for YANG data modeling—A maximum of 20 simultaneous NETCONF sessions are supported.
Limitations for RF Profiles—Configuration with Cisco Prime Infrastructure is not supported. You must use the CLI to configure the feature.
Limitations for Wired AVC:
– NBAR2 (QOS and Protocol-discovery) configuration is allowed only on wired physical ports. It is not supported on virtual interfaces, for example, VLAN, port channel nor other logical interfaces.
– NBAR2 based match criteria ‘match protocol’ is allowed only with marking or policing actions. NBAR2 match criteria will not be allowed in a policy that has queuing features configured.
– ‘Match Protocol’: up to 256 concurrent different protocols in all policies.
– NBAR2 attributes based QOS is not supported (‘match protocol attribute’).
– NBAR2 and Netflow cannot be configured together at the same time on the same interface.
– Only IPv4 unicast (TCP/UDP) is supported.
– AVC is not supported on management port (Gig 0/0)
– NBAR2 attachment should be done only on physical access ports. Uplink can be attached as long as it is a single uplink and is not part of a port channel.
– Performance—Each switch member is able to handle 500 connections per second (CPS) at less than 50% CPU utilization. Above this rate, AVC service is not guaranteed.
– Scale—Able to handle up to 5000 bi-directional flows per 24 access ports.
Restrictions for QoS:
– When configuring QoS queuing policy, the sum of the queuing buffer should not exceed 100%.
– For QoS policies, only switched virtual interfaces (SVI) are supported for logical interfaces.
– QoS policies are not supported for port-channel interfaces, tunnel interfaces, and other logical interfaces.
Starting with Cisco IOS XE Denali 16.3.1, Centralized Management Mode (CMM) is no longer supported.
MSE 8.x is not supported with Cisco IOS XE Denali 16.x.x.
WIPs is not supported with Cisco IOS XE Denali 16.x.x since the CMX WIPs solution is not available.
You cannot configure NetFlow export using the Ethernet Management port (g0/0).
The maximum committed information rate (CIR) for voice traffic on a wireless port is 132 Mb/sec.
On WS-C3850-48 switches, if the cable plugged into port 1 has a long cable boot, the boot may stay in contact with the mode button and cause the switch to reload and reset the configuration. To workaround this issue, use the no setup express command to disable Express Setup, or remove the cable boot from the cable in port 1.
Flex Links are not supported. We recommend that you use spanning tree protocol (STP) as the alternative.
Outdoor access points are supported only when they are in Local mode.
Restrictions for Cisco TrustSec:
– Dynamic SGACL download is limited to 6KB per destination group tag (DGT).
– Cisco TrustSec 802.1x is not supported.
– Cisco TrustSec Critical Auth is not supported.
– Cisco TrustSec can be configured only on physical interfaces, not on logical interfaces.
– Cisco TrustSec for IPv6 is not supported.
– Cisco TrustSec cannot be configured on a pure bridging domain with IPSG feature enabled. You must either enable IP routing or disable the IPSG feature in the bridging domain.
When a logging discriminator is configured and applied to a device, memory leak is seen under heavy syslog or debug output. The rate of the leak is dependent on the quantity of logs produced. In extreme cases, the device may crash. As a workaround, disable the logging discriminator on the device.
For the WS-C3850-12X48U-L, WS-C3850-12X48U-S and WS-C3850-12X48U-E switch models, a maximum of 28 ports are available for UPoE connections.
Caveats
Caveats describe unexpected behavior in Cisco IOS releases. Caveats listed as open in a prior release are carried forward to the next release as either open or resolved.
The Bug Search Tool (BST), which is the online successor to Bug Toolkit, is designed to improve the effectiveness in network risk management and device troubleshooting. The BST allows partners and customers to search for software bugs based on product, release, and keyword, and aggregates key data such as bug details, product, and version. The tool has a provision to filter bugs based on credentials to provide external and internal bug views for the search input.
Choose Product Support > Switches. Then choose your product and click Troubleshoot and Alerts to find information for the problem that you are experiencing.
Related Documentation
Cisco IOS XE Denali 16.x.x documentation at this URL:
Obtaining Documentation and Submitting a Service Request
For information on obtaining documentation, submitting a service request, and gathering additional information, see the monthly What’s New in Cisco Product Documentation, which also lists all new and revised Cisco technical documentation, at:
Subscribe to the What’s New in Cisco Product Documentation, which lists all new and revised Cisco Technical documentation, as an RSS feed and deliver content directly to your desktop using a read application. The RSS feeds are a free service.
Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this URL: www.cisco.com/go/trademarks. Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1110R)
Any Internet Protocol (IP) addresses and phone numbers used in this document are not intended to be actual addresses and phone numbers. Any examples, command display output, network topology diagrams, and other figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses or phone numbers in illustrative content is unintentional and coincidental.
- For information about unsupported features, see Important Notes.
Feedback