Important Notes

Important Notes

Unsupported Features

  • Cisco TrustSec

    • Cisco TrustSec Network Device Admission Control (NDAC) on Uplinks

  • High Availability

    • Cisco StackWise Virtual

    • Non Stop Forwarding (NSF)

    • Stacking on 9200CX SKUs

  • IP Addressing Services

    • Gateway Load Balancing Protocol (GLBP)

    • Web Cache Communication Protocol (WCCP)

  • Layer 2

    • Audio Video Bridging (including IEEE802.1AS, IEEE 802.1Qat, and IEEE 802.1Qav)

  • Multiprotocol Label Switching

    • Border Gateway Protocol (BGP) on the Cisco Catalyst 9200 Series Switches and Cisco Catalyst 9200L Series Switches

    • Multiprotocol Label Switching (MPLS)

  • Programmability

    • Programmability (Cisco Plug-in for OpenFlow 1.3, Third-Party Application Hosting)

  • Security

    • IPsec VPN

    • MACsec Encryption

      • MACsec configuration on EtherChannel

      • 256-bit AES MACsec (IEEE 802.1AE) host link encryption with MACsec Key Agreement (MKA)

      • MACsec switch-to-host connections in an overlay network.

    • Virtual Routing and Forwarding (VRF)-Aware web authentication

  • System Management

    • Hot patching (for SMUs)

    • Performance Monitoring (PerfMon)

  • VLAN

    • Private VLAN (PVLAN) on Trunks and Portchannels

  • Converged Access for Branch Deployments

  • Fabric Enabled Wireless on C9200L SKUs

  • Network Load Balancing (NLB)

Complete List of Supported Features

For the complete list of features supported on a platform, see the Cisco Feature Navigator.

Accessing Hidden Commands

This section provides information about hidden commands in Cisco IOS XE and the security measures that are in place, when they are accessed. These commands are only meant to assist Cisco TAC in advanced troubleshooting and are not documented.

Hidden commands are available under:

  • Category 1—Hidden commands in privileged or User EXEC mode. Begin by entering the service internal command to access these commands.

  • Category 2—Hidden commands in one of the configuration modes (global, interface and so on). These commands do not require the service internal command.

Further, the following applies to hidden commands under Category 1 and 2:

  • The commands have CLI help. Enter enter a question mark (?) at the system prompt to display the list of available commands.

    Note: For Category 1, enter the service internal command before you enter the question mark; you do not have to do this for Category 2.

  • The system generates a %PARSER-5-HIDDEN syslog message when a hidden command is used. For example: 
    *Feb 14 10:44:37.917: %PARSER-5-HIDDEN: Warning!!! 'show processes memory old-header ' is a hidden command. 
Use of this command is not recommended/supported and will be removed in future.

Apart from category 1 and 2, there remain internal commands displayed on the CLI, for which the system does NOT generate the %PARSER-5-HIDDEN syslog message.


Important

We recommend that you use any hidden command only under TAC supervision.

If you find that you are using a hidden command, open a TAC case for help with finding another way of collecting the same information as the hidden command (for a hidden EXEC mode command), or to configure the same functionality (for a hidden configuration mode command) using non-hidden commands.

Default Behaviour

Beginning from Cisco IOS XE Gibraltar 16.12.5 and later, do not fragment bit (DF bit) in the IP packet is always set to 0 for all outgoing RADIUS packets (packets that originate from the device towards the RADIUS server).