Release Notes for Cisco Catalyst Blade Switch 3120 for HP, Cisco IOS Release 12.2(52)SE Revised November 2, 2009 Cisco IOS Release 12.2(52)SE runs on the Cisco Catalyst Blade Switch 3120 for HP switches. These switches support stacking through Cisco StackWise Plus technology. Unless otherwise noted, the term switch refers to a standalone switch and to a switch stack. These release notes include important information about Cisco IOS Release 12.
Contents Contents These sections provide information about this release: • System Requirements, page 2 • Upgrading the Switch Software, page 4 • Installation Notes, page 7 • New Features, page 7 • Minimum Cisco IOS Release for Major Features, page 9 • Limitations and Restrictions, page 11 • Important Notes, page 18 • Open Caveats, page 21 • Resolved Caveats, page 21 • Documentation Updates, page 25 • Related Documentation, page 34 • Obtaining Documentation and Submitting a Service Re
System Requirements Table 1 Cisco Catalyst Blade Switch 3120 for HP Supported Hardware (continued) Supported by Minimum Cisco IOS Release Switch Hardware Description Cisco X2 transceiver modules (supported only on the CBS3120X-S model) X2-10GB-SR V02 or later X2-10GB-CX4 V03 or later X2-10GB-LRM V03 or later X2-10GB-LX4 V03 or later Cisco IOS Release 12.2(40)EX1 10 Gigabit Ethernet X2 ZR optical modules Cisco IOS Release 12.
Upgrading the Switch Software Software Requirements These are the supported operating systems and browsers for the device manager: • Windows 2000, XP, Vista, and Windows Server 2003. • Internet Explorer 5.5, 6.0, 7.0, Firefox 1.5, 2.0 or later. The device manager verifies the browser version when starting a session, and it does not require a plug-in. Cisco Network Assistant Compatibility Cisco IOS 12.2(40)EX1 and later is only compatible with Cisco Network Assistant 5.3 and later.
Upgrading the Switch Software Deciding Which Files to Use The upgrade procedures in these release notes describe how to perform the upgrade by using a combined tar file. This file contains the Cisco IOS image file and the files needed for the embedded device manager. You must use the combined tar file to upgrade the switch through the device manager. To upgrade the switch through the command-line interface (CLI), use the tar file and the archive download-sw privileged EXEC command.
Upgrading the Switch Software You can also configure the switch as a TFTP server to copy files from one switch to another without using an external TFTP server by using the tftp-server global configuration command. For more information about the tftp-server command, see the “Basic File Transfer Services Commands” section of the Cisco IOS Configuration Fundamentals Command Reference, Release 12.2, at this URL: http://www.cisco.com/en/US/docs/ios/12_2/configfun/command/reference/ffun_r.
Installation Notes The /reload option reloads the system after downloading the image unless the configuration has been changed and not saved. For //location, specify the IP address of the TFTP server. For /directory/image-name.tar, specify the directory (optional) and the image to download. Directory and image names are case sensitive. This example shows how to download an image from a TFTP server at 198.30.20.19 and to overwrite the image on the switch: Switch# archive download-sw /overwrite tftp://198.
New Features New Software Features • Full QoS support for IPv6 traffic. • Smart Install to allow a single point of management (director) in a network. You can use Smart Install to provide zero touch image and configuration upgrade of newly deployed switches and image and configuration downloads for any client switches. • Cisco Medianet to enable intelligent services in the network infrastructure for a wide variety of video applications.
Minimum Cisco IOS Release for Major Features Minimum Cisco IOS Release for Major Features Table 4 lists the minimum software release (after the first release) required to support the major features of the Catalyst Blade Switch 3120 for HP. Features not listed are supported in all releases. Table 4 Features Introduced After the First Release and the Minimum Cisco IOS Release Required Feature Minimum Cisco IOS Release Required Catalyst Blade Switch Support Full QoS support for IPv6 traffic. 12.
Minimum Cisco IOS Release for Major Features Table 4 Features Introduced After the First Release and the Minimum Cisco IOS Release Required (continued) Minimum Cisco IOS Release Required Catalyst Blade Switch Support 12.2(52)SE 3120 Support for VTP version 3 that includes support for configuring extended range 12.
Limitations and Restrictions Table 4 Features Introduced After the First Release and the Minimum Cisco IOS Release Required (continued) Minimum Cisco IOS Release Required Feature Catalyst Blade Switch Support IPv6 default router preference (DRP) for improving the ability of a host to select 12.2(46)SE an appropriate router. 3120 Generic message authentication support with the SSH Protocol and compliance with RFC 4256. 3120 12.
Limitations and Restrictions • When a MAC access list is used to block packets from a specific source MAC address, that MAC address is entered in the switch MAC-address table. The workaround is to block traffic from the specific MAC address by using the mac address-table static mac-addr vlan vlan-id drop global configuration command.
Limitations and Restrictions Configuration • If a half-duplex port running at 10 Mb/s receives frames with Inter-Packet Gap (IPG) that do not conform to Ethernet specifications, the switch might stop sending packets. There is no workaround.
Limitations and Restrictions The EtherChannel ports are put in the error-disabled state because the switches in the partitioned stacks send STP BPDUs. The switch or stack at the other end of the EtherChannel receiving the multiple BPDUs with different source MAC addresses detects an EtherChannel misconfiguration. After the partitioned stacks merge, ports in the suspended state should automatically recover.
Limitations and Restrictions Multicasting • Multicast packets with a time-to-live (TTL) value of 0 or 1 are flooded in the incoming VLAN when all of these conditions are met: – Multicast routing is enabled in the VLAN. – The source IP address of the packet belongs to the directly connected network. – The TTL value is either 0 or 1. The workaround is to not generate multicast packets with a TTL value of 0 or 1, or disable multicast routing in the VLAN.
Limitations and Restrictions • Egress shaped round robin (SRR) sharing weights do not work properly with system jumbo MTU frames. There is no workaround. (CSCsc63334) • In a hierarchical policy map, if the VLAN-level policy map is attached to a VLAN interface and the name of the interface-level policy map is the same as that for another VLAN-level policy map, the switch rejects the configuration, and the VLAN-level policy map is removed from the interface.
Limitations and Restrictions • When the logging event-spanning-tree interface configuration command is configured and logging to the console is enabled, a topology change might generate a large number of logging messages, causing high CPU utilization. CPU utilization can increase with the number of spanning-tree instances and the number of interfaces configured with the logging event-spanning-tree interface configuration command.
Important Notes You can use one of these workarounds: – Enter the shutdown and the no shutdown interface configuration commands to reset the port. – Remove and reconfigure the VLAN. (CSCsi26444) • When you use the switch renumber global configuration command to renumber a member switch in a switch stack and then reload the switch, the internal server-facing ports do not have the required default of spanning-tree portfast enabled.
Important Notes Cisco IOS Notes These notes apply to Cisco IOS software: • If the switch requests information from the Cisco Secure Access Control Server (ACS) and the message exchange times out because the server does not respond, a message similar to this appears: 00:02:57: %RADIUS-4-RADIUS_DEAD: RADIUS server 172.20.246.206:1645,1646 is not responding. If this message appears, make sure that there is network connectivity between the switch and the ACS.
Important Notes Beginning in privileged EXEC mode, follow these steps to configure the HTTP server interface: Command Purpose Step 1 configure terminal Enter global configuration mode. Step 2 ip http authentication {aaa | enable | local} Configure the HTTP server interface for the type of authentication that you want to use. • aaa—Enable the authentication, authorization, and accounting feature. You must enter the aaa new-model interface configuration command for the aaa keyword to appear.
Open Caveats Open Caveats • CSCsy85676 When you configure an ACL and enter the access-group interface configuration command to apply it to an interface for web authentication, the output from the show epm session ip-address or show ip access_list interface interface-id privileged EXEC command does not show any web authentication filter ID. There is no workaround. • CSCsz18634 On a switch running Cisco IOS release 12.
Resolved Caveats • CSCsi65551 In certain situations during master switch failover, a VLAN that has been error disabled on a port might be re-enabled after the master switch failover, even though the port has not been configured for automatic recovery. There is no workaround. • CSCsi73653 After a stack-master failover, switch ports in the stack cannot detect new devices. This only affects new devices connected to the switch ports.
Resolved Caveats • CSCsw68528 On switches running Cisco IOS Release 12.2(44)SE or 12.2(46)SE, when you enter the show mvr interface interface-id members privileged EXEC command to see status of an MVR port, an MVR member port that is not connected always shows as ACTIVE. The workaround is to use the show mvr interface interface-id or the show mvr members privileged EXEC command. These command outputs show the correct status of an MVR port.
Resolved Caveats • CSCsy90265 If you repeatedly enter the show tech-support privileged EXEC command, the switch might leak memory and, in some cases, shut down. The workaround is to reload the switch to clear the memory after repeated use of the show tech-support command. • CSCsz66428 When flow control is enabled on a port-channel interface and you enter the flowcontrol receive on interface configuration command, the bundle is not enabled after the switch restarts.
Documentation Updates • CSCta53893 If the host is in multiple-authentication (multiauth) mode and you configure the fallback authentication process as IEEE 802.1x or MAc authentication bypass, the per-user ACL does not work when the port uses web authentication as the fallback method and then uses 802.1x or MAC authentication bypass as the fallback method. The workaround is to restart the switch.
Documentation Updates Updates to the Software Documentation • The switch does not support ISL trunking. Update to the “Configuring IEEE 802.1x Port-Based Authentication” Chapter Common Session ID Authentication manager uses a single session ID (referred to as a common session ID) for a client no matter which authentication method is used. This ID is used for all reporting purposes, such as the show commands and MIBs. The session ID appears with all per-session syslog messages.
Documentation Updates EEM 3.2 introduces the following new event detectors: • Neighbor Discovery—Neighbor Discovery event detector provides the ability to publish a policy to respond to automatic neighbor detection when: – a Cisco Discovery Protocol (CDP) cache entry is added, deletedn or updated. – a Link Layer Discovery Protocol (LLDP) cache entry is added, deleted, or updated. – an interface link status changes. – an interface line status changes.
Documentation Updates Updates for the System Message Guide These messages were added: Error Message DOT1X-5-FAIL: Authentication failed for client ([chars]) on Interface [chars] AuditSessionID [chars] Explanation The authentication was unsuccessful. The first [chars] is the client ID, the second [chars] is the interface, and the third [chars] is the session ID. Recommended Action No action is required. Error Message DOT1X-4-MEM_UNAVAIL: Memory was not available to perform the 802.1X action.
Documentation Updates Error Message DOT1X_SWITCH-5-ERR_INVALID_SEC_VLAN: Attempt to assign invalid secondary VLAN [dec] to PVLAN host 802.1x port [chars] AuditSessionID [chars] Explanation An attempt was made to assign a nonsecondary VLAN to a private VLAN host IEEE 802.1x port. [dec] is the VLAN, the first [chars] is the port, and the second [chars] is the session ID. Recommended Action Change the mode of the port so that it is no longer a PVLAN host port or use a valid secondary VLAN.
Documentation Updates Error Message DOT1X_SWITCH-5-ERR_VLAN_EQ_VVLAN: Data VLAN [dec] on port [chars] cannot be equivalent to the Voice VLAN AuditSessionID [chars] Explanation An attempt was made to assign a data VLAN to an IEEE 802.1x port that is the same as the voice VLAN. [dec] is the VLAN, the first [chars] is the port, and the second [chars] is the session ID. Recommended Action Change either the voice VLAN or the IEEE 802.1x-assigned VLAN on the interface so that they are not the same.
Documentation Updates Error Message DOT1X-5-SUCCESS: Authentication successful for client ([chars]) on Interface [chars] Explanation Authentication was successful. [chars] is the interface. Recommended Action No action is required. Error Message DOT1X_SWITCH-5-ERR_ADDING_ADDRESS: Unable to add address [enet] on [chars] Explanation The client MAC address could not be added to the MAC address table because the hardware memory is full or the address is a secure address on another port.
Documentation Updates Error Message DOT1X_SWITCH-5-ERR_SPAN_DST_PORT: Attempt to assign VLAN [dec] to 802.1x port [chars], which is configured as a SPAN destination Explanation An attempt was made to assign a VLAN to an IEEE 802.1x port that is configured as a Switched Port Analyzer (SPAN) destination port. [dec] is the VLAN, and [chars] is the port.
Documentation Updates Error Message DOT1X_SWITCH-5-ERR_VLAN_NOT_FOUND: Attempt to assign non-existent or shutdown VLAN [dec] to 802.1x port [chars] Explanation An attempt was made to assign a VLAN to an IEEE 802.1x port, but the VLAN was not found in the VLAN Trunking Protocol (VTP) database. [dec] is the VLAN, and [chars] is the port. Recommended Action Make sure that the VLAN exists and is not shut down, or use another VLAN.
Related Documentation Related Documentation These documents provide complete information about the Cisco Catalyst 3120 for HP Blade Switch and are available from this Cisco.com site: http://www.cisco.com/en/US/products/ps6748/tsd_products_support_series_home.
Obtaining Documentation and Submitting a Service Request Obtaining Documentation and Submitting a Service Request For information on obtaining documentation, submitting a service request, and gathering additional information, see the monthly What’s New in Cisco Product Documentation, which also lists all new and revised Cisco technical documentation, at: http://www.cisco.com/en/US/docs/general/whatsnew/whatsnew.
Obtaining Documentation and Submitting a Service Request This document is to be used in conjunction with the documents listed in the “Related Documentation” section.