Table of Contents
Release Notes for Catalyst 4000 Family Software Release 5.x
Current Releases (September 11, 2000)
5.2(7), 5.5(3), 5.4(3)
Previous Releases
5.5(2), 5.5(1), 5.2(6), 5.4(2), 5.4(1)-Deferred, 5.2(5), 5.2(4), 5.2(2), 5.2(1), 5.1(2a), 5.1(1a), 5.1(1)
These release notes describe the features, modifications, and caveats for Catalyst 4000 family supervisor engine software release 5.x and all 5.x maintenance releases. The latest 5.x release is supervisor engine software release 5.2(7). These release notes apply to Catalyst 4000 family switches as well as to Catalyst 2948G and 2980G switches running Catalyst 4000 family supervisor engine software.
 |
Note Always back up the switch configuration file before upgrading or downgrading the switch software to avoid losing all or part of the configuration stored in nonvolatile RAM (NVRAM). Use the copy config tftp command to back up your configuration to a Trivial File Transfer Protocol (TFTP) server. Use the copy config flash command to back up the configuration to a Flash device. |
This document consists of these sections:
All versions of the Catalyst 4000 family supervisor engine software are Year 2000 compliant.
For more information on Cisco's Year 2000 compliance, visit this URL:
- http://www.cisco.com/warp/public/752/2000/
 |
Caution Catalyst 4000 family supervisor engine software release 5.1(1) was deferred due to caveat CSCdm09827. When you upgrade the switch software to release 5.1(1) from any 4.x release, the switch configuration is lost. This problem is resolved in software release 5.1(1a). |
If you intend to upgrade to release 5.x from any 4.x release, we strongly recommend that you upgrade directly to release 5.1(1a) or later, skipping release 5.1(1). Always back up the switch configuration file before upgrading or downgrading the switch software to avoid losing all or part of the configuration.
If you are already running software release 5.1(1), there is no need to upgrade to 5.1(1a).
The Catalyst 4006 switch requires dual power supplies.
Release 5.x Memory Requirements
Table 1 shows the specific memory requirements for running software release 5.x on the Catalyst 4000 family Supervisor Engine I.
Table 1: Software Release 5.x Supervisor Engine Memory Requirements
| Software Release
| Supervisor Engine I Memory Requirements
| Supervisor Engine II Memory Requirements
|
|---|
Software release 5.1(2a) and earlier
| 32-MB RAM
| N/A
|
Software release 5.2(1) and later
| 64-MB RAM
| N/A
|
Software release 5.4(1) and later
| 64-MB RAM
| 64-MB RAM
|
If your Supervisor Engine I has less than 64-MB RAM, you can add more memory by ordering the 32-MB DIMM RAM upgrade (Cisco product number MEM-C4K-32-RAM=) for the Catalyst 4000 family Supervisor Engine I.
This section contains configuration matrixes to help you order Catalyst 4000 family products. Table 2 lists the minimum supervisor engine version and the current recommended supervisor engine version for Catalyst 4000 family modules and chassis.
Table 2: Product and Supervisor Engine Software Version Matrix
| Product Number
append with "=" for spares
| Product Description
| Minimum Supervisor Software Version
| Recommended Supervisor Software Version
|
|---|
| Supervisor Engine
|
WS-X4012
| Catalyst 4000 family Supervisor Engine I module
| 4.4(1)
| 4.5(X)
|
WS-X4013
| Catalyst 4006 Supervisor Engine module
| 5.4(2)
| 5.5(1)
|
| Ethernet, Fast Ethernet, and Gigabit Ethernet
|
WS-X4148-RJ
| 48-port 10/100 Fast Ethernet RJ-45
| 4.4(1)
| 4.5(X)
|
WS-X4232-GB-RJ
| 32-port 10/100 Fast Ethernet RJ-45, plus two-port 1000BASE--X (GBIC) Gigabit Ethernet
|
WS-X4232-RJ-XX
| 32-port 10/100 Fast Ethernet RJ-45
| 5.1(1)
| 5.2(3)
|
WS-X4306-GB
| Six-port 1000BASE-X (GBIC) Gigabit Ethernet
| 4.4(1)
| 4.5(X)
|
WS-X4418-GB
| 18-port server switching 1000BASE-X (GBIC) Gigabit Ethernet
| 4.5.(1)
| 4.5(X)
|
WS--4412-2GB-TX
| 12-port 1000BASE-T Gigabit Ethernet Switching Module
| 5.4(2)
| 5.5(1)
|
WS-X4124-FX-MT
| 24-port 100BASE-FX Fast Ethernet Switching Module
| 5.4(2)
| 5.5(1)
|
WS-X4148-RJ21
| 48-port 10/100-Mbps Fast Ethernet Switching Module
| 5.4(2)
| 5.5(1)
|
| Uplink Modules
|
WS-U4504-FX-MT
| 4-port 100BASE-FX MT-RJ
| 5.1(1)
| 5.2(3)
|
| Gigabit Interface Converters (GBICs)
|
WS-G5484=
| 1000BASE-SX GBIC
| 4.4(1)
| 4.5(X)
|
WS-G5486=
| 1000BASE-LX/LH GBIC
|
WS-G5487=
| 1000BASE-ZX GBIC
| 4.5(1)
| 4.5(X)
|
| Modular Chassis
|
WS-C4003
| Catalyst 4003 chassis (3-slot)
| 4.4(1)
| 4.5(X)
|
WS-C4006-S2
| Catalyst 4006 chassis (6-slot)
| 5.4(2)
| 5.5(1)
|
| Fixed-Configuration Chassis
|
WS-C2948G
| Catalyst 2948G with two 1000BASE-X (GBIC) Gigabit Ethernet uplinks and 48 10/100 Fast Ethernet ports
| 4.4(1)
| 4.5(X)
|
WS-C4912G
| Catalyst 4912G with 12 1000BASE-X (GBIC) Gigabit Ethernet ports
| 4.5(1)
| 4.5(X)
|
WS-C2980G
| Catalyst 2980G with 80 10/100 and 2 1000BASE-X ports
| 5.4(2)
| 5.5(1)
|
Release 5.x Orderable Software Images
Table 3 lists the software versions and applicable ordering information for supervisor engine software release 5.x.
Table 3: Software Version and Orderable Product Number Matrix
| Software Version
| Filename
| Orderable Product Number
Flash on System
| Orderable Product Number
Spare Upgrade (Floppy Media)
|
|---|
| Supervisor Engine I
|
5.1(1)
| cat4000.5-1-1.bin
| —
| —
|
5.1(1a)
| cat4000.5-1-1a.bin
| SFC4K-SUP-5.1.1
| SFC4K-SUP-5.1.1=
|
5.1(2a)
| cat4000.5-1-2a.bin
| SFC4K-SUP-5.1.2
| SFC4K-SUP-5.1.2=
|
5.2(1)
| cat4000.5-2-1.bin
| SFC4K-SUP-5.2.1
| SFC4K-SUP-5.2.1=
|
5.2(2)
| cat4000.5-2-2.bin
| SFC4K-SUP-5.2.2
| SFC4K-SUP-5.2.2=
|
5.2(4)
| cat4000.5-2-4.bin
| SFC4K-SUP-5.2.4
| SFC4K-SUP-5.2.4=
|
5.2(5)
| cat4000.5-2-5.bin
| SFC4K-SUP-5.2.5
| SFC4K-SUP-5.2.5=
|
5.2(6)
| cat4000.5-2-6.bin
| SFC4K-SUP-5.2.6
| SFC4K-SUP-5.2.6=
|
5.2(7)
| cat4000.5-2-7.bin
| SFC4K-SUP-5.2.7
| SFC4K-SUP-5.2.7=
|
5.4(1)
| cat4000.5-4-1.bin
| SFC4K-SUP-5.4.1
| SFC4K-SUP-5.4.1=
|
5.4(2)
| cat4000.5-4-2.bin
| SC4K-SUP-5.4.2
| SC4K-SUP-5.4.2=
|
5.4(2) CiscoView
| cat4000-cv.5-4-1.bin
| SC4K-SUPCV-5.4.2
| SC4K-SUPCV-5.4.2=
|
5.4(3)
| cat4000.5-4-3.bin
| SC4K-SUP-5.4.3
| SC4K-SUP-5.4.3=
|
5.5(1)
| cat4000.5-5-1.bin
| SC4K-SUP-5.5.1
| SC4K-SUP-5.5.1=
|
5.5(2)
| cat4000.5-5-2.bin
| SC4K-SUP-5.5.2
| SC4K-SUP-5.5.2=
|
5.5(2) CiscoView
| cat4000-cv.5-5-2.bin
| SC4K-SUPCV-5.5.2
| SC4K-SUPCV-5.5.2=
|
5.5(3)
| cat4000.5-5-3.bin
| SC4K-SUP-5.5.3
| SC4K-SUP-5.5.3=
|
5.5(3) CiscoView
| cat4000-cv.5-5-3.bin
| SC4K-SUPCV-5.5.3
| SC4K-SUPCV-5.5.3=
|
| Supervisor Engine II
|
5.4(1)
| cat4000.5-4-1.bin
| SFC4K-SUP-5.4.1
| SFC4K-SUP-5.4.1=
|
5.4(2)
| cat4000.5-4-2.bin
| SC4K-SUP-5.4.2
| SC4K-SUP-5.4.2=
|
5.4(2) CiscoView
| cat4000-cv.5-4-1.bin
| SC4K-SUPCV-5.4.2
| SC4K-SUPCV-5.4.2=
|
5.4(3)
| cat4000.5-4-3.bin
| SC4K-SUP-5.4.3
| SC4K-SUP-5.4.3=
|
5.5(1)
| cat4000.5-5-1.bin
| SC4K-SUP-5.5.1
| SC4K-SUP-5.5.1=
|
5.5(1) CiscoView
| cat4000-cv.5-5-1.bin
| SC4K-SUPCV-5.5.1
| SC4K-SUPCV-5.5.1=
|
5.5(2)
| cat4000.5-5-2.bin
| SC4K-SUP-5.5.2
| SC4K-SUP-5.5.2=
|
5.5(2) CiscoView
| cat4000-cv.5-5-2.bin
| SC4K-SUPCV-5.5.2
| SC4K-SUPCV-5.5.2=
|
5.5(3)
| cat4000.5-5-3.bin
| SC4K-SUP-5.5.3
| SC4K-SUP-5.5.3=
|
5.5(3) CiscoView
| cat4000-cv.5-5-3.bin
| SC4K-SUPCV-5.5.3
| SC4K-SUPCV-5.5.3=
|
This section describes the new features available in software release 5.5.
This section describes the new hardware features available in software release 5.5.
- Catalyst 4003 and 4006 Layer 3 Services Module—WS-X4232-L3
- Catalyst 4000 Backplane Channel Module—WS-X4019
- Catalyst 4006 DC Power Supply—WS-X4008
This section describes the new software features available in software release 5.5.
- Support for auxiliary VLANs
- Layer 3 support with the Catalyst 4003 and 4006 Layer 3 Services Module
- Switch Acceleration
This section describes the new features available in software release 5.4.
This section describes the new hardware features available in software release 5.4.
- WS-C4006-S2—Catalyst 4006 chassis
- WS-X4013—Catalyst 4006 Supervisor Engine
- WS-C2980G—Catalyst 2980G 80-port 10/100/1000 Fixed Configuration Switch
- WS-X4124-FX-MT—24-port 100BASE-FX Fast Ethernet Switching Module
- WS-X4148-RJ21—48-port 10/100-Mbps Fast Ethernet Switching Module
- WS-4412-2GB-TX—12-port 1000BASE-T Gigabit Ethernet Switching Module
This section describes the new software features available in software release 5.4.
- UDLD enhancements—With supervisor engine software releases 5.4(3) and later, you can specify the message interval between UDLD messages. Previously, the message interval was fixed at 60 seconds. With a configurable message interval, UDLD reacts much faster to link failures.
- Additionally, releases 5.4(3) and later have UDLD aggressive mode. UDLD aggressive mode is disabled by default and its use is recommended only for point-to-point links between Cisco switches running software release 5.4(3) or later. With aggressive mode enabled, when a port on a bidirectional link stops receiving UDLD packets, UDLD tries to reestablish the connection with the neighbor. After eight failed retries, the port is put into errdisable state.
- In order to prevent spanning tree loops, normal UDLD with the message interval of 15 seconds is fast enough to shut down a unidirectional link before a blocking port transitions to forwarding state (when default spanning tree parameters are used).
- Enabling UDLD aggressive mode provides additional benefits in the following cases:
- One side of a link has a port stuck (both tx and rx)
- One side of a link remains up while the other side of the link has gone down
- In these cases UDLD aggressive mode errordisables one of the ports on the link and stops the blackholing of traffic. Even with aggressive mode disabled, there would have been no risk for a broadcast storm due to a spanning tree loop in this situation, as one port is unable to pass traffic in both directions.
- For detailed information on configuring the message interval and UDLD aggressive mode, refer to the online version of the Software Configuration Guide—Catalyst 5000 Family, 4000 Family, 2928G Series, 2948G, and 2980G Switches, Release 5.4.
- The Catalyst Web Interface (CWI) is a browser-based tool that you can use to configure the Catalyst 6000, 5000, and 4000 family switches. It consists of a graphical user interface (GUI) that runs on the client (a Catalyst version of CiscoView 5.0) and a Hypertext Transfer Protocol (HTTP) server that runs on the switch. A GUI alternative to the CLI and SNMP interfaces, the CWI provides a real-time graphical representation of the switch and detailed information such as port status, module status, type of chassis, and modules. The CWI uses HTTP to download CiscoView from the server to the client.
- For information on installing and using the CWI, refer to the Catalyst 6000, 5000, and 4000 Family Switches Web Interface Installation and Configuration Note publication.
- RADIUS authorization and accounting—Provides client-server authentication and accounting for users attempting to connect to the switch.
- TACACS+ authorization and accounting—Provides client-server authentication and accounting for access to network devices.
- Generic summertime—Allows you to configure non-US summertime.
- ErrDisabletTimeout—Allows you to automatically enable or reset a port minutes after a port is disabled by the software due to excessive errors.
- Case-sensitive password—Allows you to set case-sensitive passwords.
- IP Permit List enhancements—Increases the number of IP entries allowed.
- Banner Improvement—Increases the banner string to 3,070 characters long, and includes a tab character.
- Scheduled reset—Allows you to reset the switch at a specified date and time.
- Permanent ARP entries—Allows you to save a static APR entry in the NVRAM (or Flash) configuration file so a reset or power cycle does not clear the entry.
- show tech-support command—Allows you to capture all of the information and statistics required by Cisco TAC for the entire device.
- VLAN 1 disable on trunks—Allows you to disable VLAN 1 on any individual VLAN trunk link.
- Portfast guard—Provides a way to shut the port down when any received BPDUs are detected.
- SNMPv3—Provides security and remote configuration capabilities of SNMPv3.
This section describes the new features available in software release 5.2.
- QoS—Allows the switch to set the 802.1p CoS value for incoming unmarked frames on the Catalyst 4000 family and 2948G switches.
- DHCP client—Allows the switch to obtain its IP configuration automatically from a DHCP server.
- Configure from Flash at startup—Allows the switch to execute one or more configuration files stored in Flash memory when the switch is powered on or reset.
- Flexible PAgP—Provides enhancements and new functionality to existing EtherChannel port bundling features, including non-contiguous port bundles, port bundles of up to eight ports, and port bundles across multiple modules.
- Port security enhancements—Provides additional port security features, such as restricting traffic on a secure port instead of shutting down the port, and allowing multiple secure addresses on a port.
- UDLD on copper—Provides support for the UniDirectional Link Detection (UDLD) protocol on copper media.
- Kerberos Telnet—Provides support for encrypted Telnet sessions on the switch using Kerberos.
- rcp support—Provides an alternative method for copying system software image files and configuration files over the network, using remote copy (rcp).
- SPAN enhancements—Provides a "don't learn" option to prevent a SPAN destination port with the inpkts enable option set from learning addresses from the incoming traffic.
- Command completion—Provides new command-line options such as keyword completion using the Tab key and context-sensitive help using ?.
- New and enhanced commands:
- show config, write terminal, copy config—Now display only changes to the default switch configuration by default. Use the all keyword to display both the default and non-default configuration.
- set port host—Provides a command macro that optimizes a port for host connections by enabling spanning tree PortFast mode and setting the trunking mode and EtherChannel mode to off.
This section describes the new features available in Catalyst 4000 family software release 5.1.
- Support for the following hardware:
- 32-port 10/100BASE-TX RJ-45 switching module with uplink module support
- 4-port 100BASE-FX MT-RJ uplink module
- VMPS and dynamic VLANs—Provides VMPS client and dynamic VLAN membership support on the Catalyst 4000 family switches.
- RADIUS authentication—Provides client-server authentication for users attempting to connect to the switch.
- SPAN enhancements—Provides more flexibility in configuring SPAN sessions, including multiple SPAN sources independent of VLAN membership.
- CDP Version 2—Provides additional information on connected Cisco devices, including native VLAN and port duplex mismatches.
- IEEE 802.1Q to ISL VLAN mapping—Allows you to map 802.1Q VLANs that are greater than VLAN 1000 to ISL VLANs.
- IEEE GVRP— GARP application that provides 802.1Q-compliant VLAN pruning and dynamic VLAN creation on 802.1Q trunk ports.
- IEEE GMRP—GARP application that provides a constrained multicast flooding facility similar to IGMP snooping and CGMP.
- CIDR IP routes—Allows you to specify classless IP routes for IP traffic originating on the switch.
- UniDirectional Link Detection (UDLD)—Detects unidirectional connections on fiber-optic links.
- NTP authentication—Prevents the switch from accepting NTP updates from untrusted sources, as described in RFC 1305.
- 64-bit counters for mini-RMON groups.
- Support for RFC 2021 RMON2 User History group.
- Support for the following SNMP MIBs:
- ENTITY-MIB
- CISCO-SYSLOG-MIB
- CISCO-PROCESS-MIB
- CISCO-STP-EXTENSIONS-MIB
- Cisco Switch TopN MIB
- Cisco Trace Route MIB
- Cisco Show Port Capabilities MIB
- Cisco Config. File Management MIB
- Cisco Multiple Default Gateways MIB
These sections describe the open and resolved caveats in supervisor engine software release 5.5(3):
This section describes open caveats in software release 5.5(3).
- Multicast and broadcast traffic on the WS-X4013 module may experience lost packets when hosts are in the process of joining or leaving a multicast/broadcast group. (CSCdp38859)
- It may take up to two minutes for 1000BASE-T ports on the WS-4412-2GB-TX and WS-4416-2GB-TX modules to come up.
- Workaround: Connect the port to another device and then reconnect to the desired device. As a final option, you can reset the linecard. (CSCdp90760)
- On Catalyst 4000 family modules that contain 10/100 Fast Ethernet ports, the Carri-Sen counter (in the output of the show port command) might erroneously show a value of 1 indicating an error occurred, a carrier sense error usually does not occur. (CSCdk69054)
- Some Sun Gigabit Ethernet NICs do not reliably autonegotiate flow control with certain ports on the Catalyst 4000 family oversubscribed Gigabit Ethernet modules. The 18-port server switching 1000BASE-X (GBIC) Gigabit Ethernet module (WS-X4418) is affected.
- These Sun Gigabit Ethernet NICs are affected:
- X1140A Sun Gigabit Ethernet Sbus Adapter 2.0
- X1141A PCI Gigabit Ethernet PCI Adapter 2.0
- Workaround: Use the following configuration:
| Catalyst 4000 Family Ports
| Sun Gigabit Ethernet NIC
|
|---|
Configuration
| Command
| Configuration
| Command
|
|---|
Autonegotiation disabled
| set port negotiation mod_num/port_num disable
| Autonegotiation disabled
| ndd -set /dev/ge adv_1000autoneg_cap 0
|
N/A
| N/A
| Half-duplex off
| ndd -set /dev/ge adv_1000hdx_cap 0
|
Send flow control on1
| set port flowcontrol mod_num/port_num send on
| Send flow control off
| ndd -set /dev/ge adv_pauseTX 0
|
Receive flow control desired1.
| set port flowcontrol mod_num/port_num receive desired
| Receive flow control on
| ndd -set /dev/gs adv_pauseRX 1
|
- (CSCdm38405)
- If a reverse Telnet session to the switch times out, press the space bar to reactivate the session, and you will be able to see the configuration of the switch. This situation affects the Catalyst 4000 family modules with a console port connected to a modem, communication server or PC. (CSCds08837)
- On IEEE 802.1Q trunk ports with a large number of active VLANs (several hundred), spanning-tree convergence time when the last trunk goes down or the first trunk comes up can be delayed up to several minutes, depending on the number of active VLANs. The 802.1Q trunk port will eventually enter the correct spanning-tree state for each active VLAN. (CSCds06965 )
This section describes caveats resolved in software release 5.5(3).
- SNMP requests for specific dynamically learned MAC addresses returns the same information as if the MAC address has never been learned by the switch. (CSCdr09715)
- If there is loopback cabling on forced half-duplex, a particular traffic pattern may cause the following message to be generated inadvertently:
2000 Jun 02 00:20:30 cet +02:00 %SYS-4-P2_WARN: 1/Blocked queue on gigaport 2
- (CSCdr77637)
- The output of the show tech command sometimes gets corrupted and Telnet session stalls. A new Telnet session must be opened to regain control of the switch. (CSCds04631)
- The switch might display "Out of memory" messages resulting in VMPS becoming inactive. This could be due to duplicate MAC addresses in the VMPS database. The workaround was to reboot the switch. This problem is resolved in software release 5.5(3). (CSCdr95115)
- The switch might run out of memory if a large number of RMON- related entries are created. This problem might exist in releases 5.4(x), 5.5(1), and 5.5(2). This problem is resolved in software release 5.5(3). (CSCdr99175)
- Newly learned secure MAC addresses intermittently do not show up after Port Security feature is turned off, and then on again, on a port. The workaround is to set Port Security off, clear it, and then turn it on again. This problem is resolved in software release 5.5(3) and 6.1(1). (CSCds13570)
- TACACS+ command authorization fails if the switch is configured through the TFTP configuration file (copy tftp config command).
- Workaround: Use the configure host file command. This problem is resolved in software release 5.5(3). (CSCdr85581)
- The hcRMONCapabilities MIB object is not implemented in the switch. This results in some applications failing to recognize the HCRMON capability of the devices. This issue also affects the TrafficDirector application. This problem is resolved in software release 5.5(3). (CSCdr89597)
These sections describe the open and resolved caveats in supervisor engine software release 5.5(2):
This section describes open caveats in software release 5.5(2).
- For normal UDLD, the recommended default interval is 15 seconds. Caveat CSCdr50206 requires that you follow these configuration recommendations:
- When enabling aggressive UDLD, the recommended default is 30 seconds.
- It is recommended not to use UDLD with the ON - AUTO trunk combination. UDLD can be used with any other valid trunk combination. (CSCdr50206)
- On IEEE 802.1Q trunk ports with a large number of active VLANs (several hundred), spanning-tree convergence time when the last trunk goes down or the first trunk comes up can be delayed up to several minutes, depending on the number of active VLANs. The 802.1Q trunk port will eventually enter the correct spanning-tree state for each active VLAN. (CSCds06965 )
- SNMP get requests for specific dynamically learned MAC addresses will respond as if the MAC address was not learned by the switch.
- Workaround: Performing an SNMP walk of the address table will return the proper results. (CSCdr09715)
- Multicast and broadcast traffic on the WS-X4013 module may experience lost packets when hosts are in the process of joining or leaving a multicast/broadcast group. (CSCdp38859)
- It may take up to two minutes for 1000BASE-T ports on the WS-4412-2GB-TX and WS-4416-2GB-TX modules to come up.
- Workaround: Connect the port to another device and then reconnect to the desired device. As a final option, you can reset the linecard. (CSCdp90760)
- On Catalyst 4000 family modules that contain 10/100 Fast Ethernet ports, the Carri-Sen counter (in the output of the show port command) might erroneously show a value of 1 indicating an error occurred, a carrier sense error usually does not occur. (CSCdk69054)
- Some Sun Gigabit Ethernet NICs do not reliably autonegotiate flow control with certain ports on the Catalyst 4000 family oversubscribed Gigabit Ethernet modules. The 18-port server switching 1000BASE-X (GBIC) Gigabit Ethernet module (WS-X4418) is affected.
- These Sun Gigabit Ethernet NICs are affected:
- X1140A Sun Gigabit Ethernet Sbus Adapter 2.0
- X1141A PCI Gigabit Ethernet PCI Adapter 2.0
- Workaround: Use the following configuration:
| Catalyst 4000 Family Ports
| Sun Gigabit Ethernet NIC
|
|---|
Configuration
| Command
| Configuration
| Command
|
|---|
Autonegotiation disabled
| set port negotiation mod_num/port_num disable
| Autonegotiation disabled
| ndd -set /dev/ge adv_1000autoneg_cap 0
|
N/A
| N/A
| Half-duplex off
| ndd -set /dev/ge adv_1000hdx_cap 0
|
Send flow control on1
| set port flowcontrol mod_num/port_num send on
| Send flow control off
| ndd -set /dev/ge adv_pauseTX 0
|
Receive flow control desired1.
| set port flowcontrol mod_num/port_num receive desired
| Receive flow control on
| ndd -set /dev/gs adv_pauseRX 1
|
- (CSCdm38405)
- In some cases, a switch port connected to an Intel Pro100+ management adapter might lose and regain a link independent of any action that would cause such behavior. The problem occurs intermittently and for a short period. There is no workaround. (CSCdm76616)
This section describes caveats resolved in software release 5.5(2).
- UDLD may disable a port connected, directly or indirectly, to the VTP server on a switch that is configured in VTP client mode due to a timing issue. This condition applies to trunking ports. (CSCdr60391)
- When a Catalyst 4000 family or 2948G series has a large number (greater than 5000) of active paths packets sometimes get reordered. An active path is a SA, DA pair. Reordered packets may cause SNA sessions to drop. There is no workaround. (CSCdr68833)
- On a switch configured in VTP client mode, UDLD may disable a port configured for trunking in on/desirable/auto mode. (CSCdr60391)
- When running version 4.5.6 on a Supervisor Engine III the show top utility report may display errors on trunks though no errors are detected on the port. (CSCdr23551)
- UDLD configuration guidelines are:
- Normal UDLD message interval is 15 seconds.
- When enabling aggressive UDLD, the recommended default message interval is 30 seconds.
- Do not use UDLD or aggressive UDLD with the ON - AUTO trunk combination. UDLD and aggressive UDLD can be used with any other valid trunk combination.
- (CSCdr50206)
- After upgrading from a pre-5.2(1) software release to release 5.2(1) and later, EtherChannel configurations might be broken, or two 2-port channels might be combined into one 4-port channel. This problem affects all modules and is resolved in software release 5.5(2).(CSCdr74463)
- Catalyst 4000 family switches are unable to resolve DNS name if the DNS server has more than 7 entries. (CSCdr80835)
- The switch may encounter exceptions in process SWPoll64bCnt. The problem exists in Catalyst software release 4.4(X), 4.5(1-7), 5.4(X). This problem has been fixed in software release 4.5(8), 5.4(3) and later releases. (CSCdr41609)
- When cutting and pasting in an inbound or outbound Telnet session, some characters disappear and Telnet may hang. This problem has been fixed in 4.5(8), 5.4(4), 5.5(2), and 6.1(1). (CSCdr40184)
- An invalid packet with length less than 64 bytes received on a 10/100 port will cause both the Runts and FCS-Error counters to increment on the port. In order to determine the actual number of FCS-Errors on valid length packets received on the port, subtract the value of the port Runts counter from the value of the port FCS-Error counter. (CSCdr37645)
These sections describe the open and resolved caveats in supervisor engine software release 5.2(7):
This section describes open caveats in software release 5.2(7).
- After a user enters the clear config rmon and clear counters commands in sequence, the counter values in etherStats (tokenRingMLStats and tokenRingPStats) might show negative values. (CSCdp79498)
- On Catalyst 4000 family modules that contain 10/100 Fast Ethernet ports, the Carri-Sen counter (in the output of the show port command) might erroneously show a value of 1 indicating an error occurred, a carrier sense error usually does not occur. (CSCdk69054)
- Some Sun Gigabit Ethernet NICs do not reliably autonegotiate flow control with certain ports on the Catalyst 4000 family oversubscribed Gigabit Ethernet modules. The 18-port server switching 1000BASE-X (GBIC) Gigabit Ethernet module (WS-X4418) is affected.
- These Sun Gigabit Ethernet NICs are affected:
- X1140A Sun Gigabit Ethernet Sbus Adapter 2.0
- X1141A PCI Gigabit Ethernet PCI Adapter 2.0
- The workaround is to use the following configuration:
| Catalyst 4000 Family Ports
| Sun Gigabit Ethernet NIC
|
|---|
Configuration
| Command
| Configuration
| Command
|
|---|
Autonegotiation disabled
| set port negotiation mod_num/port_num disable
| Autonegotiation disabled
| ndd -set /dev/ge adv_1000autoneg_cap 0
|
N/A
| N/A
| Half-duplex off
| ndd -set /dev/ge adv_1000hdx_cap 0
|
Send flow control on1
| set port flowcontrol mod_num/port_num send on
| Send flow control off
| ndd -set /dev/ge adv_pauseTX 0
|
Receive flow control desired1.
| set port flowcontrol mod_num/port_num receive desired
| Receive flow control on
| ndd -set /dev/gs adv_pauseRX 1
|
- (CSCdm38405)
- In some cases, a switch port connected to a Intel Pro100+ management adapter might lose and regain link independent of any action that would cause such behavior. The problem occurs intermittently and for a short period. There is no workaround. (CSCdm76616)
This section describes caveats resolved in software release 5.2(7).
- In the presence of loopback cabling on ports forced to half-duplex mode, particular traffic patterns may cause the following message to be generated inadvertantly (CSCdr77637):
2000 Jun 02 00:20:30 cet +02:00 %SYS-4-P2_WARN:1/Blocked queue on gigaport 2
These sections describe the open and resolved caveats in supervisor engine software release 5.2(6):
This section describes open caveats in software release 5.2(6).
- After a user enters the clear config rmon and clear counters commands in sequence, the counter values in etherStats (tokenRingMLStats and tokenRingPStats) might show negative values. (CSCdp79498)
- On Catalyst 4000 family modules that contain 10/100 Fast Ethernet ports, the Carri-Sen counter (in the output of the show port command) might erroneously show a value of 1 indicating an error occurred, a carrier sense error usually does not occur. (CSCdk69054)
- Some Sun Gigabit Ethernet NICs do not reliably autonegotiate flow control with certain ports on the Catalyst 4000 family oversubscribed Gigabit Ethernet modules. The 18-port server switching 1000BASE-X (GBIC) Gigabit Ethernet module (WS-X4418) is affected.
- These Sun Gigabit Ethernet NICs are affected:
- X1140A Sun Gigabit Ethernet Sbus Adapter 2.0
- X1141A PCI Gigabit Ethernet PCI Adapter 2.0
- The workaround is to use the following configuration:
| Catalyst 4000 Family Ports
| Sun Gigabit Ethernet NIC
|
|---|
Configuration
| Command
| Configuration
| Command
|
|---|
Autonegotiation disabled
| set port negotiation mod_num/port_num disable
| Autonegotiation disabled
| ndd -set /dev/ge adv_1000autoneg_cap 0
|
N/A
| N/A
| Half-duplex off
| ndd -set /dev/ge adv_1000hdx_cap 0
|
Send flow control on1
| set port flowcontrol mod_num/port_num send on
| Send flow control off
| ndd -set /dev/ge adv_pauseTX 0
|
Receive flow control desired1.
| set port flowcontrol mod_num/port_num receive desired
| Receive flow control on
| ndd -set /dev/gs adv_pauseRX 1
|
- (CSCdm38405)
- In some cases, a switch port connected to a Intel Pro100+ management adapter might lose and regain link independent of any action that would cause such behavior. The problem occurs intermittently and for a short period. There is no workaround. (CSCdm76616)
This section describes caveats resolved in software release 5.2(6).
- On a loaded system, UDLD negotiation with a neighbor device might result in an inconsistent state with one end reporting "undetermined" and the other reporting "bidirectional." (CSCdr52866)
- This caveat occurs on Catalyst 2948G switches that run 5.2(2) code.
- The switch sends a configuration change trap every time NTP is updated. The trap arrives with this message:
%SYS-6-CFG_CHG:Global block changed by sntp_recd//
-
- The reason for this behavior is unknown. The logging level for sys is set to 4 and should not display these messages. The workaround is to disable NTP in the switch so the traps are not sent to the SNMP workstation or to the show logging buffer. This problem does not impact the functionality of the switch.(CSCdp87485)
- On a switch configured in VTP client mode, UDLD may disable a port configured for trunking in on/desirable/auto mode. (CSCdr60391)
These sections describe the open and resolved caveats in supervisor engine software release 5.5(1):
This section describes open caveats in software release 5.5(1).
- For normal UDLD, the recommended default interval is 15 seconds. Caveat CSCdr50206 requires that you follow these configuration recommendations:
- When enabling aggressive UDLD, the recommended default is 30 seconds.
- It is recommended not to use UDLD with the ON - AUTO trunk combination. UDLD can be used with any other valid trunk combination. (CSCdr50206)
- On IEEE 802.1Q trunk ports with a large number of active VLANs (several hundred), spanning-tree convergence time when the last trunk goes down or the first trunk comes up can be delayed up to several minutes, depending on the number of active VLANs. The 802.1Q trunk port will eventually enter the correct spanning-tree state for each active VLAN. (CSCds06965 )
- When an invalid packet with a length of less than 64 bytes is received on a 10/100 port, both the Runts and FCS-Error counters increment on the port. The correct behavior is to only increment the Runt counter upon reception of an undersized, bad packet. In order to determine the actual number of FCS-Errors on valid-length packets received on the port, subtract the value of the port Runts counter from the value of the port FCS-Error counter.(CSCdr37645)
- SNMP get requests for specific dynamically learned MAC addresses will respond as if the MAC address was not learned by the switch.
- Workaround: Performing an SNMP walk of the address table will return the proper results. (CSCdr09715)
- Multicast and broadcast traffic on the WS-X4013 module may experience lost packets when hosts are in the process of joining or leaving a multicast/broadcast group. (CSCdp38859)
- It may take up to two minutes for 1000BASE-T ports on the WS-4412-2GB-TX and WS-4416-2GB-TX modules to come up. The workaround is to connect the port to another device and then reconnect to the desired device. As a final option, you can reset the linecard. (CSCdp90760)
- On Catalyst 4000 family modules that contain 10/100 Fast Ethernet ports, the Carri-Sen counter (in the output of the show port command) might erroneously show a value of 1 indicating an error occurred, a carrier sense error usually does not occur. (CSCdk69054)
- Some Sun Gigabit Ethernet NICs do not reliably autonegotiate flow control with certain ports on the Catalyst 4000 family oversubscribed Gigabit Ethernet modules. The 18-port server switching 1000BASE-X (GBIC) Gigabit Ethernet module (WS-X4418) is affected.
- These Sun Gigabit Ethernet NICs are affected:
- X1140A Sun Gigabit Ethernet Sbus Adapter 2.0
- X1141A PCI Gigabit Ethernet PCI Adapter 2.0
- The workaround is to use the following configuration:
| Catalyst 4000 Family Ports
| Sun Gigabit Ethernet NIC
|
|---|
Configuration
| Command
| Configuration
| Command
|
|---|
Autonegotiation disabled
| set port negotiation mod_num/port_num disable
| Autonegotiation disabled
| ndd -set /dev/ge adv_1000autoneg_cap 0
|
N/A
| N/A
| Half-duplex off
| ndd -set /dev/ge adv_1000hdx_cap 0
|
Send flow control on1
| set port flowcontrol mod_num/port_num send on
| Send flow control off
| ndd -set /dev/ge adv_pauseTX 0
|
Receive flow control desired1.
| set port flowcontrol mod_num/port_num receive desired
| Receive flow control on
| ndd -set /dev/gs adv_pauseRX 1
|
- (CSCdm38405)
- In some cases, a switch port connected to an Intel Pro100+ management adapter might lose and regain a link independent of any action that would cause such behavior. The problem occurs intermittently and for a short period. There is no workaround. (CSCdm76616)
There are no new resolved caveats in software release 5.5(1).
These sections describe the open and resolved caveats in supervisor engine software release 5.4(3):
This section describes open caveats in software release 5.4(3).
- If the switch displays this error message:
2000 Feb 15 16:15:28 %SYS-4-P2_WARN: 1/Internal Event: ScxSwitchMan - Protocol
Table Packet on address 00:00:01:76:01:00 arrived on unexpected port 2/37
- contact Cisco's Technical Assistance Center (TAC) at 800 553-2447, 408 526-7209, or tac@cisco.com. (CSCdp93187)
- When an invalid packet with length less than 64 bytes is received on a 10/100 port, both the Runts and FCS-Error counters increment on the port. The correct behavior is to only increment the Runts counter upon reception of an undersized packet. In order to determine the actual number of FCS-Errors on valid-length packets received on the port, subtract the value of the port Runts counter from the value of the port FCS-Error counter.(CSCdr37645)
- For normal UDLD, the recommended default interval is 15 seconds. Caveat CSCdr50206 requires that you follow these configuration recommendations:
- When enabling aggressive UDLD, the recommended default is 30 seconds.
- It is recommended not to use UDLD with the ON - AUTO trunk combination. UDLD can be used with any other valid trunk combination. (CSCdr50206)
- SNMP get requests for specific dynamically learned MAC addresses will respond as if the MAC address was not learned by the switch.
- Workaround: Performing an SNMP walk of the address table will return the proper results. (CSCdr09715)
- Multicast and broadcast traffic on the WS-X4013 module may experience lost packets when hosts are in the process of joining or leaving a multicast/broadcast group. (CSCdp38859)
- It may take up to two minutes for 1000BASE-T ports on the WS-4412-2GB-TX and WS-4416-2GB-TX modules to come up.
- Workaround: Connect the port to another device and then reconnect to the desired device. As a final option, you can reset the linecard. (CSCdp90760)
- On Catalyst 4000 family modules that contain 10/100 Fast Ethernet ports, the Carri-Sen counter (in the output of the show port command) might erroneously show a value of 1 indicating an error occurred, a carrier sense error usually does not occur. (CSCdk69054)
- Some Sun Gigabit Ethernet NICs do not reliably autonegotiate flow control with certain ports on the Catalyst 4000 family oversubscribed Gigabit Ethernet modules. The 18-port server switching 1000BASE-X (GBIC) Gigabit Ethernet module (WS-X4418) is affected. (CSCdm38405)
- These Sun Gigabit Ethernet NICs are affected:
- X1140A Sun Gigabit Ethernet Sbus Adapter 2.0
- X1141A PCI Gigabit Ethernet PCI Adapter 2.0
- The workaround is to use the following configuration:
| Catalyst 4000 Family Ports
| Sun Gigabit Ethernet NIC
|
|---|
Configuration
| Command
| Configuration
| Command
|
|---|
Autonegotiation disabled
| set port negotiation mod_num/port_num disable
| Autonegotiation disabled
| ndd -set /dev/ge adv_1000autoneg_cap 0
|
N/A
| N/A
| Half-duplex off
| ndd -set /dev/ge adv_1000hdx_cap 0
|
Send flow control on1
| set port flowcontrol mod_num/port_num send on
| Send flow control off
| ndd -set /dev/ge adv_pauseTX 0
|
Receive flow control desired1.
| set port flowcontrol mod_num/port_num receive desired
| Receive flow control on
| ndd -set /dev/gs adv_pauseRX 1
|
- In some cases, a switch port connected to an Intel Pro100+ management adapter might lose and regain a link independent of any action that would cause such behavior. The problem occurs intermittently and for a short period. There is no workaround. (CSCdm76616)
This section describes caveats resolved in software release 5.4(3).
- Under certain conditions, after closing a Telnet session, the switch still shows the session as open. Using the disconnect ip_address command to disconnect a user and manually close the session does not close the session. This problem is fixed in software release 5.4(3). (CSCdp33649)
- If the SNMP PDU size is greater than 1300 bytes, memory corruption occurs and the system might reset. This problem is resolved in software release 5.4(3). (CSCdr33785)
- A system reset might occur during SNMP polling of the switch ports (SWPoll64bCnt) if a module goes on- and off-line frequently. This problem is resolved in software release 5.4(3). (CSCdr41609)
- In software release 5.4(1) and later, for authentication retries TACACS+ prompts for a password only but not for a user name. This problem is resolved in software release 5.4(3). (CSCdr44356)
- When you upgrade from 5.4(1) or 5.4(2) to 5.4(3), 5.5(1) and newer software releases, the local snmpEngineID will automatically be converted from 10 bytes to 12 bytes if there is no local user configured in usmUserTable. If there are any local users in the usmUserTable, the 10 byte snmpEngineID will still remain unless you do one of the following:
- Delete all the local users from usmUserTable and then reset the system.
- Enter the clear config snmp or clear config all commands.
- This problem is resolved in software release 5.4(3). (CSCdr22335)
- The clear config all command does not clear a port's UDLD configuration. For example, if UDLD and aggressive UDLD are enabled on port 3/3, the clear config all command is entered, and system-wide UDLD is enabled, the show udld port 3/3 command will still display UDLD as enabled on port 3/3. The clear config all command should have disabled the port's UDLD configuration. This problem is resolved in software release 5.4(3). (CSCdr35885)
- When an EtherChannel is configured between two switches and the Spanning Tree protocol is disabled, under some circumstances (such as a reboot or the presense of a lot of broadcasts on the sc0 VLAN), the EtherChannel might take a long time to come up. The workaround is to enable the Spanning Tree protocol. This problem is resolved in software release 5.4(3). (CSCdr16565)
- If two switches are connected by two 802.1Q trunk links and both switches are reset at the same time, a topology loop might occur. The workaround is to disable and enable the links after both the systems come up. This problem is resolved in software release 5.4(3). (CSCdr33260)
- Packets that have non-default CoS bits in their 802.1Q tags on VLAN 1 might be dropped by a WS-X4013 switch engine running software versions 5.4(1) and 5.4(2). This problem is resolved in software release 5.4(3). (CSCdr23164)
- If the HTTP server is enabled, subsequent resets may cause the HTTP configuration to be lost. This problem is resolved in software release 5.4(3). (CSCdr49769)
These sections describe the open and resolved caveats in supervisor engine software release 5.4(2):
This section describes open caveats in software release 5.4(2).
- Multicast and broadcast traffic on the WS-X4013 module may experience lost packets when hosts are in the process of joining or leaving a multicast/broadcast group. (CSCdp38859)
- It may take up to two minutes for 1000BASE-T ports on the WS-4412-2GB-TX and WS-4416-2GB-TX modules to come up.
- Workaround: Connect the port to another device and then reconnect to the desired device. As a final option, you can reset the linecard. (CSCdp90760)
- On Catalyst 4000 family modules that contain 10/100 Fast Ethernet ports, the late collision counter does not increment when late collisions occur. Late collisions are handled correctly, but the collision counter does not increment. As a result, a late collision counter value of zero does not indicate that late collisions are not present. (CSCdp71818)
- If you reset the switch three or more times in rapid succession while the system is bringing the modules online, the switch might fail to boot the system image and remains in the ROM monitor.
- Workaround: Boot the system image from the ROM monitor using the boot command. This problem is resolved in software release 5.4(1). (CSCdm80016)
- On Catalyst 4000 family modules that contain 10/100 Fast Ethernet ports, the Carri-Sen counter (in the output of the show port command) might erroneously show a value of 1 indicating an error occurred, a carrier sense error usually does not occur. (CSCdk69054)
- If the HTTP server is enabled, subsequent resets may cause the HTTP configuration to be lost.
- Workaround: Back up your configuration to TFTP (or filesys) and set up auto-config to prevent prolonged outage on the next reboot. You can achieve this on switches with Flash file systems running 5.4(x) and beyond using the following commands: (CSCdr49769)
- copy config bootflash:switch.cfg
- set boot auto-config bootflash:switch.cfg
- set boot config-register non-recurring
- Some Sun Gigabit Ethernet NICs do not reliably autonegotiate flow control with certain ports on the Catalyst 4000 family oversubscribed Gigabit Ethernet modules. The 18-port server switching 1000BASE-X (GBIC) Gigabit Ethernet module (WS-X4418) is affected. (CSCdm38405)
- These Sun Gigabit Ethernet NICs are affected:
- X1140A Sun Gigabit Ethernet Sbus Adapter 2.0
- X1141A PCI Gigabit Ethernet PCI Adapter 2.0
- The workaround is to use the following configuration:
| Catalyst 4000 Family Ports
| Sun Gigabit Ethernet NIC
|
|---|
Configuration
| Command
| Configuration
| Command
|
|---|
Autonegotiation disabled
| set port negotiation mod_num/port_num disable
| Autonegotiation disabled
| ndd -set /dev/ge adv_1000autoneg_cap 0
|
N/A
| N/A
| Half-duplex off
| ndd -set /dev/ge adv_1000hdx_cap 0
|
Send flow control on1
| set port flowcontrol mod_num/port_num send on
| Send flow control off
| ndd -set /dev/ge adv_pauseTX 0
|
Receive flow control desired1.
| set port flowcontrol mod_num/port_num receive desired
| Receive flow control on
| ndd -set /dev/gs adv_pauseRX 1
|
- In some cases, a switch port connected to an Intel Pro100+ management adapter might lose and regain a link independent of any action that would cause such behavior. The problem occurs intermittently and for a short period. There is no workaround. (CSCdm76616)
This section describes caveats resolved in software release 5.4(2).
- After a user enters the clear config rmon and clear counters commands in sequence, the counter values in etherStats (tokenRingMLStats and tokenRingPStats) might show negative values. (CSCdp79498)
- Summertime start and end dates are not calculated correctly when using the generic summertime rule if the start and end rules span across year-end (southern hemisphere rule).
- Workaround: Use a fixed date for the southern hemisphere. (CSCdp91755)
- This caveat occurs on Catalyst 2948G switches that run 5.2(2) code.
- The switch sends a configuration change trap every time NTP is updated. The trap arrives with this message:
%SYS-6-CFG_CHG:Global block changed by sntp_recd//
-
- The reason for this behavior is unknown. The logging level for sys is set to 4 and should not display these messages.
- Workaround: Disable NTP in the switch so the traps are not lsent to the SNMP workstation or to the show logging buffer. This problem does not impact the functionality of the switch. (CSCdp87485)
- This caveat occurs in CATOS software release 5.4(1).
- ciscoFlashCopyStatus always shows copyOperationSuccess(2) for entries in ciscoFlashCopyTable if the value of the corresponding instance of ciscoFlashCopyProtocol is rcp(2). (CSCdr06755)
- The problem occurs as follows:
- Config net creates a new process (tftp_request) that downloads the file and runs the commands in the file as a batch.
- For each command, an acct_send_bkg_proc is created that does the actual send of the accounting packets. This process depends on userstruct in the tftp_request process.
- Because there is a yield_cpu in the commands run by tftp_request, some of the accounting records are send out correctly when the acct_send_bkg_proc gets scheduled. Some acct_send_bkg_procs are left for some commands when tftp_request process is destroyed after having run all of the commands. As a result the userstruct of the tftp_request process is no longer valid.
- The fix is to make a malloc of the userstruct in tftp_request instead of storing a pointer to it. (CSCdp98284)
These sections describe the open and resolved caveats in supervisor engine software release 5.2(5):
This section describes open caveats in software release 5.2(5).
- After a user enters the clear config rmon and clear counters commands in sequence, the counter values in etherStats (tokenRingMLStats and tokenRingPStats) might show negative values. (CSCdp79498)
- On Catalyst 4000 family modules that contain 10/100 Fast Ethernet ports, the Carri-Sen counter (in the output of the show port command) might erroneously show a value of 1 indicating an error occurred, a carrier sense error usually does not occur. (CSCdk69054)
- Some Sun Gigabit Ethernet NICs do not reliably autonegotiate flow control with certain ports on the Catalyst 4000 family oversubscribed Gigabit Ethernet modules. The 18-port server switching 1000BASE-X (GBIC) Gigabit Ethernet module (WS-X4418) is affected. (CSCdm38405)
- These Sun Gigabit Ethernet NICs are affected:
- X1140A Sun Gigabit Ethernet Sbus Adapter 2.0
- X1141A PCI Gigabit Ethernet PCI Adapter 2.0
- The workaround is to use the following configuration:
| Catalyst 4000 Family Ports
| Sun Gigabit Ethernet NIC
|
|---|
Configuration
| Command
| Configuration
| Command
|
|---|
Autonegotiation disabled
| set port negotiation mod_num/port_num disable
| Autonegotiation disabled
| ndd -set /dev/ge adv_1000autoneg_cap 0
|
N/A
| N/A
| Half-duplex off
| ndd -set /dev/ge adv_1000hdx_cap 0
|
Send flow control on1
| set port flowcontrol mod_num/port_num send on
| Send flow control off
| ndd -set /dev/ge adv_pauseTX 0
|
Receive flow control desired1.
| set port flowcontrol mod_num/port_num receive desired
| Receive flow control on
| ndd -set /dev/gs adv_pauseRX 1
|
- In some cases, a switch port connected to a Intel Pro100+ management adapter might lose and regain link independent of any action that would cause such behavior. The problem occurs intermittently and for a short period. There is no workaround. (CSCdm76616)
This section describes caveats resolved in software release 5.2(5).
- In the presence of loopback cabling on ports forced to half-duplex mode, it is possible for related ports to experience permanent recieve or transmit failure. (CSCdp68027)
These sections describe the open and resolved caveats in supervisor engine software release 5.4(1):
This section describes open caveats in software release 5.4(1).
- After a user enters the clear config rmon and clear counters commands in sequence, the counter values in etherStats (tokenRingMLStats and tokenRingPStats) might show negative values. (CSCdp79498)
- Summertime start and end dates are not calculated correctly when using the generic summertime rule if the start and end rules span across year-end (southern hemisphere rule).
- Workaround: Use a fixed date for the southern hemisphere. (CSCdp91755)
- Multicast and broadcast traffic on the WS-X4013 module may experience lost packets when hosts are in the process of joining or leaving a multicast/broadcast group. (CSCdp38859)
- It may take up to two minutes for 1000BASE-T ports on the WS-4412-2GB-TX and WS-4416-2GB-TX modules to come up.
- Workaround: Connect the port to another device and then reconnect to the desired device. As a final option, you can reset the linecard. (CSCdp90760)
- On Catalyst 4000 family modules that contain 10/100 Fast Ethernet ports, the late collision counter does not increment when late collisions occur. Late collisions are handled correctly, but the collision counter does not increment. As a result, a late collision counter value of zero does not indicate that late collisions are not present. (CSCdp71818)
- If you reset the switch three or more times in rapid succession while the system is bringing the modules online, the switch might fail to boot the system image and remains in the ROM monitor.
- Workaround: Boot the system image from the ROM monitor using the boot command. This problem is resolved in software release 5.4(1). (CSCdm80016)
- On Catalyst 4000 family modules that contain 10/100 Fast Ethernet ports, the Carri-Sen counter (in the output of the show port command) might erroneously show a value of 1 indicating an error occurred, a carrier sense error usually does not occur. (CSCdk69054)
- If the HTTP server is enabled, subsequent resets may cause the HTTP configuration to be lost.
- Workaround: Back up your configuration to TFTP (or filesys) and set up auto-config to prevent prolonged outage on the next reboot. You can achieve this on switches with Flash file systems running 5.4(x) and beyond using the following commands: (CSCdr49769)
- copy config bootflash:switch.cfg
- set boot auto-config bootflash:switch.cfg
- set boot config-register non-recurring
- Some Sun Gigabit Ethernet NICs do not reliably autonegotiate flow control with certain ports on the Catalyst 4000 family oversubscribed Gigabit Ethernet modules. The 18-port server switching 1000BASE-X (GBIC) Gigabit Ethernet module (WS-X4418) is affected. (CSCdm38405)
- These Sun Gigabit Ethernet NICs are affected:
- X1140A Sun Gigabit Ethernet Sbus Adapter 2.0
- X1141A PCI Gigabit Ethernet PCI Adapter 2.0
- The workaround is to use the following configuration:
| Catalyst 4000 Family Ports
| Sun Gigabit Ethernet NIC
|
|---|
Configuration
| Command
| Configuration
| Command
|
|---|
Autonegotiation disabled
| set port negotiation mod_num/port_num disable
| Autonegotiation disabled
| ndd -set /dev/ge adv_1000autoneg_cap 0
|
N/A
| N/A
| Half-duplex off
| ndd -set /dev/ge adv_1000hdx_cap 0
|
Send flow control on1
| set port flowcontrol mod_num/port_num send on
| Send flow control off
| ndd -set /dev/ge adv_pauseTX 0
|
Receive flow control desired1.
| set port flowcontrol mod_num/port_num receive desired
| Receive flow control on
| ndd -set /dev/gs adv_pauseRX 1
|
- In some cases, a switch port connected to an Intel Pro100+ management adapter might lose and regain a link independent of any action that would cause such behavior. The problem occurs intermittently and for a short period. There is no workaround. (CSCdm76616)
This section describes caveats resolved in software release 5.4(1).
- Pressing Control-C at the "More" prompt (for example, when a show command is displaying multiple pages of output) does not interrupt the output and return to the Console> prompt.
- Workaround: Press the q key instead. This problem is resolved in software release 5.4(1). (CSCdm11604)
- In some cases, the switch might choose an inactive default gateway as the primary if the primary gateway goes down. The problem occurs when the inactive gateway is reachable only through either the me1 or the sc0 interface and that interface is configured down.
- Workaround: Do not configure a default gateway that is reachable only through an interface that is configured down. Alternatively, do not configure multiple default gateways. This problem is resolved in software release 5.4(1). (CSCdm32625)
- If you set the in-band (sc0) interface IP address to 0.0.0.0 (or if you clear the switch configuration using the clear config all command), the sc0 entry in the switch IP routing table might be replaced by a second entry for the SLIP (sl0) interface if the sl0 IP address is set to 0.0.0.0 (the default).
- Workaround: Set the sl0 interface IP address to a value other than 0.0.0.0. This problem is resolved in software release 5.4(1). (CSCdm78466)
- In some cases, if you release a DHCP lease using the set interface sc0 dhcp release command and then attempt to obtain a new address using the set interface sc0 dhcp renew command, the switch might fail to obtain an IP address from the DHCP server. This problem is resolved in software release 5.4(1). (CSCdm78813)
- If you configure a SPAN session, reset the switch, and then disable SPAN, the former SPAN destination port remains in a not-connected state even when an active device is attached to the port. The workaround is to disable and reenable the affected port. This problem is resolved in software release 5.4(1). (CSCdp02036)
- In some cases, the spanning tree port-VLAN cost for a port might not be changed when you change the overall spanning tree port cost for that port. In addition, if you create an EtherChannel from ports experiencing this problem, the port-VLAN costs (not the port costs) for the member ports are used to calculate the EtherChannel port cost, which might result in an unexpected EtherChannel cost. The workaround is to manually set the correct port-VLAN cost for the ports using the set spantree portvlancost command. This problem is resolved in software release 5.4(1). (CSCdp01070)
These sections describe the open and resolved caveats in supervisor engine software release 5.2(4):
This section describes open caveats in software release 5.2(4).
- If you disconnect the link between trunk ports with 100 or more active VLANs, one of the ports might fail to become a non-trunk port and an error message might be generated. When you reconnect the link, the trunk might not re-form. In this situation, disconnect and reconnect the link until the trunk comes up. (CSCdm60737)
- On Catalyst 4000 family modules that contain 10/100 Fast Ethernet ports, the Carri-Sen counter (in the output of the show port command) might erroneously show a value of 1 indicating an error occurred, a carrier sense error usually does not occur. (CSCdk69054)
- Some Sun Gigabit Ethernet NICs do not reliably autonegotiate flow control with certain ports on the Catalyst 4000 family oversubscribed Gigabit Ethernet modules. The 18-port server switching 1000BASE-X (GBIC) Gigabit Ethernet module (WS-X4418) is affected. (CSCdm38405)
- These Sun Gigabit Ethernet NICs are affected:
- X1140A Sun Gigabit Ethernet Sbus Adapter 2.0
- X1141A PCI Gigabit Ethernet PCI Adapter 2.0
- The workaround is to use the following configuration:
| Catalyst 4000 Family Ports
| Sun Gigabit Ethernet NIC
|
|---|
Configuration
| Command
| Configuration
| Command
|
|---|
Autonegotiation disabled
| set port negotiation mod_num/port_num disable
| Autonegotiation disabled
| ndd -set /dev/ge adv_1000autoneg_cap 0
|
N/A
| N/A
| Half-duplex off
| ndd -set /dev/ge adv_1000hdx_cap 0
|
Send flow control on1
| set port flowcontrol mod_num/port_num send on
| Send flow control off
| ndd -set /dev/ge adv_pauseTX 0
|
Receive flow control desired1.
| set port flowcontrol mod_num/port_num receive desired
| Receive flow control on
| ndd -set /dev/gs adv_pauseRX 1
|
- In some cases, a switch port connected to a Intel Pro100+ management adapter might lose and regain link independent of any action that would cause such behavior. The problem occurs intermittently and for a short period. There is no workaround. (CSCdm76616)
This section describes caveats resolved in software release 5.2(4).
- The Catalyst 4000 family switches do not allow the user to set or clear the 00:00:00:00:00:00 Ethernet Mac Address when using the set cam or clear cam commands.This problem is resolved in software release 5.2(4). (CSCdp30216)
- The system resets unexpectedly and an analysis of the dump by TAC indicates a reset cause consistent with that of CSCdp41038. This problem is resolved in software release 5.2(4). (CSCdp41038)
- If you reset the switch three or more times in rapid succession while the system is bringing the modules online, the switch might fail to boot the system image and remains in the ROM monitor.
- Workaround: Boot the system image from the ROM monitor using the boot command. This problem is resolved in software release 5.4(1). (CSCdm80016)
- If the port configuration process exits unexpectedly, the show port command may display port status that is inconsistent with the physical port status. This problem is resolved in software release 5.2(4). (CSCdp15151)
- Due to missing MIB objects, it is not possible to set a URT server as a VMPS server on a Catalyst 4000 family switch. This problem is resolved in software release 5.2(4). (CSCdp52403)
These sections describe the open and resolved caveats in supervisor engine software release 5.2(2):
This section describes open caveats in software release 5.2(2).
- If you reset the switch three or more times in rapid succession while the system is bringing the modules online, the switch might fail to boot the system image and remains in the ROM monitor.
- Workaround: Boot the system image from the ROM monitor using the boot command. (CSCdm80016)
- Pressing Control-C at the "More" prompt (for example, when a show command is displaying multiple pages of output) does not interrupt the output and return the Console> prompt.
- Workaround is to press the q key instead. (CSCdm11604)
- If you disconnect the link between trunk ports with 100 or more active VLANs, one of the ports might fail to become a non-trunk port and an error message might be generated. When you reconnect the link, the trunk might not re-form. In this situation, disconnect and reconnect the link until the trunk comes up. (CSCdm60737)
- On Catalyst 4000 family modules that contain 10/100 Fast Ethernet ports, the Carri-Sen counter (in the output of the show port command) might erroneously show a value of 1 indicating an error occurred, a carrier sense error usually does not occur. (CSCdk69054)
- In some cases, the switch might choose an inactive default gateway as the primary if the primary gateway goes down. The problem occurs when the inactive gateway is reachable only through either the me1 or the sc0 interface and that interface is configured down.
- Workaround: Do not configure a default gateway that is reachable only through an interface that is configured down. Alternatively, do not configure multiple default gateways. (CSCdm32625)
- Some Sun Gigabit Ethernet NICs do not reliably autonegotiate flow control with certain ports on the Catalyst 4000 family oversubscribed Gigabit Ethernet modules. The 18-port server switching 1000BASE-X (GBIC) Gigabit Ethernet module (WS-X4418) is affected. (CSCdm38405)
- These Sun Gigabit Ethernet NICs are affected:
- X1140A Sun Gigabit Ethernet Sbus Adapter 2.0
- X1141A PCI Gigabit Ethernet PCI Adapter 2.0
- The workaround is to use the following configuration:
| Catalyst 4000 Family Ports
| Sun Gigabit Ethernet NIC
|
|---|
Configuration
| Command
| Configuration
| Command
|
|---|
Autonegotiation disabled
| set port negotiation mod_num/port_num disable
| Autonegotiation disabled
| ndd -set /dev/ge adv_1000autoneg_cap 0
|
N/A
| N/A
| Half-duplex off
| ndd -set /dev/ge adv_1000hdx_cap 0
|
Send flow control on1
| set port flowcontrol mod_num/port_num send on
| Send flow control off
| ndd -set /dev/ge adv_pauseTX 0
|
Receive flow control desired1.
| set port flowcontrol mod_num/port_num receive desired
| Receive flow control on
| ndd -set /dev/gs adv_pauseRX 1
|
- If you reset the switch three or more times in rapid succession while the system is bringing the modules online, the switch might fail to boot the system image and remains in the ROM monitor.
- Workaround: Boot the system image from the ROM monitor using the boot command. (CSCdm80016)
- In some cases, a switch port connected to a Intel Pro100+ management adapter might lose and regain link independent of any action that would cause such behavior. The problem occurs intermittently and for a short period. There is no workaround. (CSCdm76616)
- If you set the in-band (sc0) interface IP address to 0.0.0.0 (or if you clear the switch configuration using the clear config all command), the sc0 entry in the switch IP routing table might be replaced by a second entry for the SLIP (sl0) interface if the sl0 IP address is set to 0.0.0.0 (the default).
- Workaround: Set the sl0 interface IP address to a value other than 0.0.0.0. (CSCdm78466)
- In some cases, if you release a DHCP lease using the set interface sc0 dhcp release command and then attempt to obtain a new address using the set interface sc0 dhcp renew command, the switch might fail to obtain an IP address from the DHCP server. (CSCdm78813)
- If you configure a SPAN session, reset the switch, and then disable SPAN, the former SPAN destination port remains in a not-connected state even when an active device is attached to the port. The workaround is to disable and reenable the affected port. (CSCdp02036)
- In some cases, the spanning tree port-VLAN cost for a port might not be changed when you change the overall spanning tree port cost for that port. In addition, if you create an EtherChannel from ports experiencing this problem, the port-VLAN costs (not the port costs) for the member ports are used to calculate the EtherChannel port cost, which might result in an unexpected EtherChannel cost.
- Workaround: Manually set the correct port-VLAN cost for the ports using the set spantree portvlancost command. (CSCdp01070)
This section describes caveats resolved in software release 5.2(2).
- Trunk connections may go up and down when the channel mode is on and the trunk mode is non-negotiate.
- Workaround: Ensure that the ports are trunking before the channel is formed. (CSCdp32703)
- In some cases, power cycling or resetting the switch erases permanent CAM entries. The correct behavior is that permanent entries remain in the CAM through a power cycle or system reset.
- Workaround: Reenter permanent entries after power cycling or resetting the switch. (CSCdm25544)
- When you enable spanning tree PortFast on a port connected to a PC when the port is in the notconnect state (for example, when the PC is powered down), if the first subsequent link-up received on the port is an IPX client attempting to autosense the frame type, the operation will fail.
- Workaround: Reset the module after you enable PortFast on the desired ports. (CSCdm62783)
- In some cases, on a Catalyst 4000 family switch with an extremely heavy traffic load (such as from a traffic generator), modules that contain 10/100 Fast Ethernet ports might not come online after being reset.
- Workaround: Reduce the traffic load and reset the module. (CSCdk74166)
- When you configure SPAN for a port or VLAN, neither transmitted nor received spanning tree BPDUs are mirrored to the SPAN destination port. (CSCdm47129)
- You cannot clear a specific user-configured dynamic CAM entry using the clear cam mac_addr command. There is no workaround. However, you can clear all dynamic CAM entries (including user-configured dynamic entries) using the clear cam dynamic command. In addition, unused user-configured dynamic entries are aged out by the normal mechanisms. (CSCdm76686)
- Kerberos authentication fails if the Kerberos server is accessible only through the out-of-band management Ethernet (me1) interface.
- Workaround: Verify the Kerberos server can be reached through the in-band (sc0) interface, or configure the sc0 interface down and set the sc0 IP address with the same address as the me1 interface. (CSCdm82831)
- If you configure a Kerberos server using the set kerberos server kerberos-realm {hostname | ip-address} port-number command without specifying the port number, the Kerberized Telnet session fails.
- Workaround: Specify the port number. (CSCdm83742)
- If you set the spanning tree port cost of an EtherChannel port bundle using the set channel cost command, the configured value might change if you reset the switch or the module on which the channel is configured. (CSCdm89834)
- Under certain conditions, when you perform a MIB walk on the switch, this message might appear on the console if you poll the cpmProcessTable object:
%SYS-3-LLC_SCPSTATNOTOK:Send scp message to module 1 status 255
- This problem does not affect the normal operation of the switch and the correct values for the cpmProcessTable object are returned. (CSCdm91242)
- In some cases, if you change the SPAN source port of a SPAN session from a single switch port to an EtherChannel port using the same destination SPAN port, the following error message is displayed on the console:
Invalid port number in SPAN source ports
- However, all of the ports in the EtherChannel are set correctly as the SPAN source ports and the traffic on the EtherChannel is mirrored properly to the SPAN destination port. (CSCdp00873)
- On a switch with trunk links configured, if a VLAN is cleared by any method (CLI, SNMP, or learned through VTP) while CGMP fast-leave is enabled, CGMP fast-leave stops functioning on the remaining VLANs (ports are not pruned from the multicast tree until all multicast receivers leave the group).
- Workaround: Disable and reenable CGMP (using the set cgmp {enable | disable} command) after the VLAN is cleared. (CSCdm08960)
- If you configure a permanent multicast CAM entry for multiple ports and you then change the port-VLAN membership of two or more of those ports, the switch might reset. Only the first port specified in the list retains the new VLAN membership, and that port is removed from the permanent CAM entry.
- Workaround: Assign each port to the new VLAN individually. (CSCdm91321)
These sections describe the open and resolved caveats in supervisor engine software release 5.2(1):
This section describes open caveats in software release 5.2(1).
- Pressing Control-C at the "More" prompt (for example, when a show command is displaying multiple pages of output) does not interrupt the output and return the Console> prompt.
- Workaround: Press the q key instead. (CSCdm11604)
- Spanning tree convergence on 802.1Q trunks on a switch with a large number of active VLANs (several hundred) can be delayed up to several minutes. (CSCdk70821)
- In some cases, power cycling or resetting the switch erases permanent CAM entries. The correct behavior is that permanent entries remain in the CAM through a power cycle or system reset.
- Workaround: Reenter permanent entries after power cycling or resetting the switch. (CSCdm25544)
- If you disconnect the link between trunk ports with 100 or more active VLANs, one of the ports might fail to become a non-trunk port and an error message might be generated. When you reconnect the link, the trunk might not re-form. In this situation, disconnect and reconnect the link until the trunk comes up. (CSCdm60737)
- When you enable spanning tree PortFast on a port connected to a PC when the port is in the notconnect state (for example, when the PC is powered down), if the first subsequent link-up received on the port is an IPX client attempting to autosense the frame type, the operation will fail.
- Workaround: Reset the module after you enable PortFast on the desired ports. (CSCdm62783)
- In some cases, on a Catalyst 4000 family switch with an extremely heavy traffic load (such as from a traffic generator), modules that contain 10/100 Fast Ethernet ports might not come online after being reset.
- Workaround: Reduce the traffic load and reset the module. (CSCdk74166)
- On Catalyst 4000 family modules that contain 10/100 Fast Ethernet ports, the Carri-Sen counter (in the output of the show port command) might erroneously show a value of 1 indicating an error occurred, a carrier sense error usually does not occur. (CSCdk69054)
- In some cases, the switch might choose an inactive default gateway as the primary if the primary gateway goes down. The problem occurs when the inactive gateway is reachable only through either the me1 or the sc0 interface and that interface is configured down.
- Workaround: Do not configure a default gateway that is reachable only through an interface that is configured down. Alternatively, do not configure multiple default gateways. (CSCdm32625)
- When you configure SPAN for a port or VLAN, neither transmitted nor received spanning tree BPDUs are mirrored to the SPAN destination port. (CSCdm47129)
- Some Sun Gigabit Ethernet NICs do not reliably autonegotiate flow control with certain ports on the Catalyst 4000 family oversubscribed Gigabit Ethernet modules. The 18-port server switching 1000BASE-X (GBIC) Gigabit Ethernet module (WS-X4418) is affected. (CSCdm38405)
- These Sun Gigabit Ethernet NICs are affected:
- X1140A Sun Gigabit Ethernet Sbus Adapter 2.0
- X1141A PCI Gigabit Ethernet PCI Adapter 2.0
- The workaround is to use the following configuration:
| Catalyst 4000 Family Ports
| Sun Gigabit Ethernet NIC
|
|---|
Configuration
| Command
| Configuration
| Command
|
|---|
Autonegotiation disabled
| set port negotiation mod_num/port_num disable
| Autonegotiation disabled
| ndd -set /dev/ge adv_1000autoneg_cap 0
|
N/A
| N/A
| Half-duplex off
| ndd -set /dev/ge adv_1000hdx_cap 0
|
Send flow control on1
| set port flowcontrol mod_num/port_num send on
| Send flow control off
| ndd -set /dev/ge adv_pauseTX 0
|
Receive flow control desired1.
| set port flowcontrol mod_num/port_num receive desired
| Receive flow control on
| ndd -set /dev/gs adv_pauseRX 1
|
- The link on a Gigabit Ethernet port with a 1000BASE-SX GBIC might go up and down even when there is no cable attached. You can disable the port when it is not in use to prevent the link from going up and down. (CSCdm63410)
- You cannot clear a specific user-configured dynamic CAM entry using the clear cam mac_addr command. There is no workaround. However, you can clear all dynamic CAM entries (including user-configured dynamic entries) using the clear cam dynamic command. In addition, unused user-configured dynamic entries are aged out by the normal mechanisms. (CSCdm76686)
- If you reset the switch three or more times in rapid succession while the system is bringing the modules online, the switch might fail to boot the system image and remains in the ROM monitor.
- Workaround: Boot the system image from the ROM monitor using the boot command. (CSCdm80016)
- In some cases, a switch port connected to a Intel Pro100+ management adapter might lose and regain link independent of any action that would cause such behavior. The problem occurs intermittently and for a short period. There is no workaround. (CSCdm76616)
- If you set the in-band (sc0) interface IP address to 0.0.0.0 (or if you clear the switch configuration using the clear config all command), the sc0 entry in the switch IP routing table might be replaced by a second entry for the SLIP (sl0) interface if the sl0 IP address is set to 0.0.0.0 (the default).
- Workaround: Set the sl0 interface IP address to a value other than 0.0.0.0. (CSCdm78466)
- Kerberos authentication fails if the Kerberos server is accessible only through the out-of-band management Ethernet (me1) interface.
- Workaround: Verify the Kerberos server can be reached through the in-band (sc0) interface, or configure the sc0 interface down and set the sc0 IP address with the same address as the me1 interface. (CSCdm82831)
- In some cases, if you release a DHCP lease using the set interface sc0 dhcp release command and then attempt to obtain a new address using the set interface sc0 dhcp renew command, the switch might fail to obtain an IP address from the DHCP server. (CSCdm78813)
- If you configure a Kerberos server using the set kerberos server kerberos-realm {hostname | ip-address} port-number command without specifying the port number, the Kerberized Telnet session fails.
- Workaround: Specify the port number. (CSCdm83742)
- If you set the spanning tree port cost of an EtherChannel port bundle using the set channel cost command, the configured value might change if you reset the switch or the module on which the channel is configured. (CSCdm89834)
- Under certain conditions, when you perform a MIB walk on the switch, this message might appear on the console if you poll the cpmProcessTable object:
%SYS-3-LLC_SCPSTATNOTOK:Send scp message to module 1 status 255
- This problem does not affect the normal operation of the switch and the correct values for the cpmProcessTable object are returned. (CSCdm91242)
- If you configure a SPAN session, reset the switch, and then disable SPAN, the former SPAN destination port remains in a not-connected state even when an active device is attached to the port.
- Workaround: Disable and reenable the affected port. (CSCdp02036)
- In some cases, if you change the SPAN source port of a SPAN session from a single switch port to an EtherChannel port using the same destination SPAN port, the following error message is displayed on the console:
Invalid port number in SPAN source ports
- However, all of the ports in the EtherChannel are set correctly as the SPAN source ports and the traffic on the EtherChannel is mirrored properly to the SPAN destination port. (CSCdp00873)
- In some cases, the spanning tree port-VLAN cost for a port might not be changed when you change the overall spanning tree port cost for that port. In addition, if you create an EtherChannel from ports experiencing this problem, the port-VLAN costs (not the port costs) for the member ports are used to calculate the EtherChannel port cost, which might result in an unexpected EtherChannel cost.
- Workaround: Manually set the correct port-VLAN cost for the ports using the set spantree portvlancost command. (CSCdp01070)
- On a switch with trunk links configured, if a VLAN is cleared by any method (CLI, SNMP, or learned through VTP) while CGMP fast-leave is enabled, CGMP fast-leave stops functioning on the remaining VLANs (ports are not pruned from the multicast tree until all multicast receivers leave the group).
- Workaround: Disable and reenable CGMP (using the set cgmp {enable | disable} command) after the VLAN is cleared. (CSCdm08960)
- In certain redundant network topologies, if a spanning tree topology change (route flap) causes the IP MLS entry for an HSRP router interface to be removed from the MLS cache, the entry might not be added back to the MLS cache properly when the link comes back up. (CSCdm90511)
- If you configure a permanent multicast CAM entry for multiple ports and you then change the port-VLAN membership of two or more of those ports, the switch might reset. Only the first port specified in the list retains the new VLAN membership, and that port is removed from the permanent CAM entry.
- Workaround: Assign each port to the new VLAN individually. (CSCdm91321)
This section describes caveats resolved in software release 5.2(1).
- In some cases, attempts fail to set the primary VMPS server using SNMP.
- Workaround: Set the primary VMPS server using the CLI. This problem is resolved in software release 5.2(1). (CSCdm31717)
- If you configure RMON alarm entries, if the value of the sampled alarmVariable overflows during the configured alarmInterval, alarmValue will be reported as a negative value. If the alarmValue is reported as a negative value, you can use the following calculation to determine the correct value:
- (alarmValue + 232-1).
- This problem is resolved in software release 5.2(1). (CSCdm27392)
- In some cases, autonegotiation fails when connecting some 10/100-Mbps Fast Ethernet modules to a Compaq 4000 system with the Netflex 3 NIC. This problem is resolved in software release 5.2(1). (CSCdk87853)
- In some cases, entering the show cdp neighbors detail command causes the switch to generate "alignment correction" syslog messages. These messages do not affect the functionality of the switch. This problem is resolved in software release 5.2(1). (CSCdk85671)
- If DNS is enabled and none of the configured DNS servers are reachable, local password authentication can be excessively slow. This problem is resolved in software release 5.2(1). (CSCdm14239)
- In some cases, when the active link of an UplinkFast link pair is disconnected, the switch does not transmit broadcast frames on the secondary link. This problem is resolved in software release 5.2(1). (CSCdm23587)
- In some cases, on a switch with both BackboneFast and UplinkFast enabled, the show spantree mod_num/port_num output shows that a port is in forwarding mode, but the port actually is in listening mode. As a result, all data traffic received on the port is discarded.
- Workaround: Disable and reenable the affected port. This problem is resolved in software release 5.2(1). (CSCdm08504)
- In some cases, UplinkFast does not function correctly between a Catalyst 5000 family switch and a Catalyst 4000 family switch, a Catalyst 2948G switch, or a Catalyst 5000 family Gigabit EtherChannel module (WS-X5410). This problem is resolved in software release 5.2(1). (CSCdm34341)
- In some cases, if a Telnet session to the switch closes abnormally while the switch is authenticating a user with the TACACS+ server, the switch might not close the session to the server properly, eventually causing the server to reach the maximum number of supported sessions. Subsequent attempts to authenticate with the server will fail. This problem is resolved in software release 5.2(1). (CSCdk79831)
- When you configure dynamic VLAN membership for any EtherChannel-capable port, spanning tree convergence time is 7 to 8 seconds longer than usual for those ports. This problem is resolved in software release 5.2(1). (CSCdm40338)
- A syslog message for a given facility is not sent to the syslog server if the syslog server severity level is set to a value equal to or greater than the message severity but the default severity level for that facility is set to a value less than the message severity.
- Workaround: Set the default facility severity level to a value equal to or greater than the configured syslog severity level. In release 5.2(1), syslog messages are sent to the syslog server if the syslog server severity level is equal to or greater than the message severity and the default facility severity level is equal to or greater than the message severity. (CSCdm71889)
- In some cases, when you clear the configuration using the clear config all command, not all routes are removed from the IP routing table.
- Workaround: Configure the in-band (sc0), out-of-band management Ethernet (me1), and SLIP (sl0) interfaces down using the set interface {sc0 | me1 | sl0} down command before clearing the configuration. This problem is resolved in software release 5.2(1). (CSCdm56746)
- If you configure an RMON threshold alarm on the switch and that alarm is triggered while a MIB walk is in progress, the MIB walking application might loop back to the first leaf of the MIB branch it is currently walking.
- Workaround: Disable RMON, not configure any RMON alarms on the switch, or increase the polling interval of the alarm (such as one poll every five minutes). This problem is resolved in software release 5.2(1). (CSCdm34091)
- In some cases, the following message appears on the supervisor engine console:
%SYS-1-MOD_INVALIDSEQ:Bus asic invalid sequence occurred on module
- This message has no effect on the functionality of the system and can be safely ignored. This problem is resolved in software release 5.2(1). (CSCdm32301)
- In some cases, port utilization is reported incorrectly. This problem is resolved in software release 5.2(1). (CSCdm18211)
- When powering a Catalyst 4912G or a Catalyst 2948G switch using only the Cisco Redundant Power System (RPS) (without plugging in the AC power supply on the switch), the switch will report the AC supply as faulty. This problem is resolved in software release 5.2(1). (CSCdm68030)
- If you configure the port-VLAN cost of a port using the set spantree portvlancost command and then reset the module to which the port belongs, the port-VLAN cost for all of the ports on that module except the port you configured will be set to an incorrect value. This problem can occur on any Catalyst 4000 family module as well as ports on the Catalyst 4912G and 2948G switches. This problem is resolved in software release 5.2(1). (CSCdm93868)
- In some cases, the spanning tree convergence time is not decreased when UplinkFast is enabled on a Catalyst 4003 switch. If the uplink port is on one module (for example, module 2), hosts connected to the other module (for example, module 3) will not notice a decrease in convergence time. This problem is resolved in software release 5.2(1). (CSCdm54393)
These sections describe the open and resolved caveats in supervisor engine software release 5.1(2a):
This section describes open caveats in software release 5.1(2a).
- Pressing Control-C at the "More" prompt (for example, when a show command is displaying multiple pages of output) does not interrupt the output and return the Console> prompt.
- Workaround: Press the q key instead. (CSCdm11604)
- Spanning tree convergence on 802.1Q trunks on a switch with a large number of active VLANs (several hundred) can be delayed up to several minutes. (CSCdk70821)
- In some cases, power cycling or resetting the switch erases permanent CAM entries. The correct behavior is that permanent entries remain in the CAM through a power cycle or system reset.
- Workaround: Reenter permanent entries after power cycling or resetting the switch. (CSCdm25544)
- In some cases, attempts to set the primary VMPS server using SNMP fail.
- Workaround: Set the primary VMPS server using the CLI. (CSCdm31717)
- If you configure RMON alarm entries, and the value of the sampled alarmVariable overflows during the configured alarmInterval, alarmValue will be reported as a negative value. If the alarmValue is reported as a negative value, you can use the following calculation to determine the correct value:
- (alarmValue + 232-1). (CSCdm27392)
- In some cases, on a Catalyst 4000 family switch with an extremely heavy traffic load (such as from a traffic generator), modules that contain 10/100 Fast Ethernet ports might not come online after being reset.
- Workaround: Reduce the traffic load and reset the module. (CSCdk74166)
- On Catalyst 4000 family modules that contain 10/100 Fast Ethernet ports, the Carri-Sen counter (in the output of the show port command) might erroneously show a value of 1 indicating an error occurred, a carrier sense error usually does not occur. (CSCdk69054)
- In some cases, the switch might choose an inactive default gateway as the primary if the primary gateway goes down. The problem occurs when the inactive gateway is reachable only through either the me1 or the sc0 interface and that interface is configured down.
- Workaround: Do not configure a default gateway that is reachable only through an interface that is configured down. Alternatively, do not configure multiple default gateways. (CSCdm32625)
- When you configure SPAN for a port or VLAN, neither transmitted nor received spanning tree BPDUs are mirrored to the SPAN destination port. (CSCdm47129)
- If you disconnect the link between trunk ports with 100 or more active VLANs, one of the ports might fail to become a non-trunk port and an error message might be generated. When you reconnect the link, the trunk might not re-form. In this situation, disconnect and reconnect the link until the trunk comes up. (CSCdm60737)
- When you enable spanning tree PortFast on a port connected to a PC when the port is in the notconnect state (for example, when the PC is powered down), if the first subsequent link-up received on the port is an IPX client attempting to autosense the frame type, the operation will fail.
- Workaround: Reset the module after you enable PortFast on the desired ports. (CSCdm62783)
- Some Sun Gigabit Ethernet NICs do not reliably autonegotiate flow control with certain ports on the Catalyst 4000 family oversubscribed Gigabit Ethernet modules. The 18-port server switching 1000BASE-X (GBIC) Gigabit Ethernet module (WS-X4418) is affected. (CSCdm38405)
- These Sun Gigabit Ethernet NICs are affected:
- X1140A Sun Gigabit Ethernet Sbus Adapter 2.0
- X1141A PCI Gigabit Ethernet PCI Adapter 2.0
- The workaround is to use the following configuration:
| Catalyst 4000 Family Ports
| Sun Gigabit Ethernet NIC
|
|---|
Configuration
| Command
| Configuration
| Command
|
|---|
Autonegotiation disabled
| set port negotiation mod_num/port_num disable
| Autonegotiation disabled
| ndd -set /dev/ge adv_1000autoneg_cap 0
|
N/A
| N/A
| Half-duplex off
| ndd -set /dev/ge adv_1000hdx_cap 0
|
Send flow control on1
| set port flowcontrol mod_num/port_num send on
| Send flow control off
| ndd -set /dev/ge adv_pauseTX 0
|
Receive flow control desired1.
| set port flowcontrol mod_num/port_num receive desired
| Receive flow control on
| ndd -set /dev/gs adv_pauseRX 1
|
- If you configure the port-VLAN cost of a port using the set spantree portvlancost command and then reset the module to which the port belongs, the port-VLAN cost for all of the ports on that module except the port you configured will be set to an incorrect value. This problem can occur on any Catalyst 4000 family module as well as ports on the Catalyst 4912G and 2948G switches. (CSCdm93868)
- If you reset the switch three or more times in rapid succession while the system is bringing the modules online, the switch might fail to boot the system image and remains in the ROM monitor.
- Workaround: Boot the system image from the ROM monitor using the boot command. (CSCdm80016)
This section describes caveats resolved in software release 5.1(2a).
- If you delete the RMON alarmEntry or if you modify the alarmVariable of the RMON alarmEntry while that alarmVariable is being sampled, the switch might reset. This problem is resolved in software release 5.1(2a). (CSCdm49575)
- If you disconnect a Telnet session to the switch when the switch is at the "More" prompt (such as with show command output) or is waiting for user input (such as a "Yes/No" prompt), future Telnet sessions might stop accepting user input. This problem is resolved in software release 5.1(2a). (CSCdk83562)
- After entering the configure network command, do not interrupt the configuration using Control-C. You might prevent the current command from completely executing, causing unexpected results. This problem is resolved in software release 5.1(2a). (CSCdm27473)
- In some cases, autonegotiation with some Sun NICs might result in a non-optimal configuration (such as 10-Mbps half-duplex instead of 100-Mbps full-duplex).
- Workaround: Disconnect and reconnect the cable connecting the workstation to the switch port. This problem is resolved in software release 5.1(2a). (CSCdm51653)
- In some situations, the "RxBPDUThresholdDrop" counter does not show the actual number of dropped frames. This problem is resolved in software release 5.1(2a). (CSCdm56862)
- When you configure a port with a connected workstation as the SPAN destination port (with the inpkts option enabled) for a SPAN source port configured as a VLAN trunk, attempts to ping other devices in the network from the workstation fail. This problem is resolved in software release 5.1(2a). (CSCdm48998)
- A PC equipped with a 3C905 NIC might fail to connect to Novell servers if the PC is configured for IPX auto-frame detection and the Novell servers do not use 802.2 framing. The problem only occurs on PCs when IPX is the only protocol stack bound to the NIC (the PC does not use IP or NetBEUI, for example).
- Workaround: Verify the Novell servers use 802.2 framing, or manually configure the PC to use the appropriate IPX framing. This problem is resolved in software release 5.1(2a). However, a related caveat (CSCdm62783) is still open in software release 5.1(2a). For more information, see the "Open Caveats in Software Release 5.1(2a)" section. (CSCdm53125)
- If you enable both UplinkFast and protocol filtering on the switch, when a spanning tree topology change occurs that activates UplinkFast, UplinkFast multicast frames (using destination MAC address 0x0100 0CCD CDCD) might be transmitted on access ports.
- Workaround: Do not use UplinkFast if protocol filtering is enabled. This problem is resolved in software release 5.1(2a). (CSCdm31699)
- In some cases, one or more ports on the 32-port 10/100 Fast Ethernet RJ-45 switching module (WS-X4232-RJ-XX) might fail power-on self-test (POST).
- Workaround: Reset the switch. This problem is resolved in software release 5.1(2a). (CSCdm36338)
- For ports on the 32-port 10/100 Fast Ethernet RJ-45 switching module (WS-X4232-RJ-XX), SNMP might report the flow control state as "disagree" even though these ports do not support flow control. This problem has no effect on the normal operation of the switch ports. This problem is resolved in software release 5.1(2a). (CSCdm41797)
These sections describe the open and resolved caveats in supervisor engine software release 5.1(1a):
This section describes open caveats in software release 5.1(1a).
- If you disconnect a Telnet session to the switch when the switch is at the "More" prompt (such as with show command output) or is waiting for user input (such as a "Yes/No" prompt), future Telnet sessions might stop accepting user input. (CSCdk83562)
- Pressing Control-C at the "More" prompt (for example, when a show command is displaying multiple pages of output) does not interrupt the output and return the Console> prompt.
- Workaround: Press the q key instead. (CSCdm11604)
- Spanning tree convergence on 802.1Q trunks on a switch with a large number of active VLANs (several hundred) can be delayed up to several minutes. (CSCdk70821)
- In some cases, on a Catalyst 4000 family switch with an extremely heavy traffic load (such as from a traffic generator), modules that contain 10/100 Fast Ethernet ports might not come online after being reset.
- Workaround: Reduce the traffic load and reset the module. (CSCdk74166)
- On Catalyst 4000 family modules that contain 10/100 Fast Ethernet ports, the Carri-Sen counter (in the output of the show port command) might erroneously show a value of 1 indicating an error occurred, a carrier sense error usually does not occur. (CSCdk69054)
- In some cases, power cycling or resetting the switch erases permanent CAM entries. The correct behavior is that permanent entries remain in the CAM through a power cycle or system reset.
- Workaround: Reenter permanent entries after power cycling or resetting the switch. (CSCdm25544)
- If you enable both UplinkFast and protocol filtering on the switch, when a spanning tree topology change occurs that activates UplinkFast, UplinkFast multicast frames (using destination MAC address 0x0100 0CCD CDCD) might be transmitted on access ports.
- Workaround: Do not use UplinkFast if protocol filtering is enabled. (CSCdm31699)
- In some cases, the switch might choose an inactive default gateway as the primary if the primary gateway goes down. The problem occurs when the inactive gateway is reachable only through either the me1 or the sc0 interface and that interface is configured down.
- Workaround: Do not configure a default gateway that is reachable only through an interface that is configured down. Alternatively, do not configure multiple default gateways. (CSCdm32625)
- In some cases, one or more ports on the 32-port 10/100 Fast Ethernet RJ-45 switching module (WS-X4232-RJ-XX) might fail power-on self-test (POST).
- Workaround: Reset the switch. (CSCdm36338)
- For ports on the 32-port 10/100 Fast Ethernet RJ-45 switching module (WS-X4232-RJ-XX), SNMP might report the flow control state as "disagree" even though these ports do not support flow control. This problem has no effect on the normal operation of the switch ports. (CSCdm41797)
- In some cases, attempts to set the primary VMPS server using SNMP fail.
- Workaround: Set the primary VMPS server using the CLI. (CSCdm31717)
- After entering the configure network command, do not interrupt the configuration using Control-C. You might prevent the current command from completely executing, causing unexpected results. (CSCdm27473)
- If you configure RMON alarm entries, if the value of the sampled alarmVariable overflows during the configured alarmInterval, alarmValue will be reported as a negative value. If the alarmValue is reported as a negative value, you can use the following calculation to determine the correct value:
- (alarmValue + 232-1). (CSCdm27392)
- Some Sun Gigabit Ethernet NICs do not reliably autonegotiate flow control with certain ports on the Catalyst 4000 family oversubscribed Gigabit Ethernet modules. The 18-port server switching 1000BASE-X (GBIC) Gigabit Ethernet module (WS-X4418) is affected. (CSCdm38405)
- These Sun Gigabit Ethernet NICs are affected:
- X1140A Sun Gigabit Ethernet Sbus Adapter 2.0
- X1141A PCI Gigabit Ethernet PCI Adapter 2.0
- The workaround is to use the following configuration:
| Catalyst 4000 Family Ports
| Sun Gigabit Ethernet NIC
|
|---|
Configuration
| Command
| Configuration
| Command
|
|---|
Autonegotiation disabled
| set port negotiation mod_num/port_num disable
| Autonegotiation disabled
| ndd -set /dev/ge adv_1000autoneg_cap 0
|
N/A
| N/A
| Half-duplex off
| ndd -set /dev/ge adv_1000hdx_cap 0
|
Send flow control on1
| set port flowcontrol mod_num/port_num send on
| Send flow control off
| ndd -set /dev/ge adv_pauseTX 0
|
Receive flow control desired1.
| set port flowcontrol mod_num/port_num receive desired
| Receive flow control on
| ndd -set /dev/gs adv_pauseRX 1
|
- When you configure SPAN for a port or VLAN, neither transmitted nor received spanning tree BPDUs are mirrored to the SPAN destination port. (CSCdm47129)
- If you configure the port-VLAN cost of a port using the set spantree portvlancost command and then reset the module to which the port belongs, the port-VLAN cost for all of the ports on that module except the port you configured will be set to an incorrect value. This problem can occur on any Catalyst 4000 family module as well as ports on the Catalyst 4912G and 2948G switches. (CSCdm93868)
This section describes caveats resolved in software release 5.1(1a).
- When you upgrade the switch software to release 5.1(1) from any 4.x release, the switch configuration is lost. This problem is resolved in software release 5.1(1a). (CSCdm09827)
- If you reset the switch three or more times in rapid succession while the system is bringing the modules online, the switch might fail to boot the system image and remains in the ROM monitor.
- Workaround: Boot the system image from the ROM monitor using the boot command. (CSCdm80016)
This section describes open caveats in software release 5.1(1).
- When you upgrade the switch software to release 5.1(1) from any 4.x release, the switch configuration is lost. (CSCdm09827)
- If you disconnect a Telnet session to the switch when the switch is at the "More" prompt (such as with show command output) or is waiting for user input (such as a "Yes/No" prompt), future Telnet sessions might stop accepting user input. (CSCdk83562)
- Pressing Control-C at the "More" prompt (for example, when a show command is displaying multiple pages of output) does not interrupt the output and return the Console> prompt.
- Workaround: Press the q key instead. (CSCdm11604)
- Spanning tree convergence on 802.1Q trunks on a switch with a large number of active VLANs (several hundred) can be delayed up to several minutes. (CSCdk70821)
- In some cases, on a Catalyst 4000 family switch with an extremely heavy traffic load (such as from a traffic generator), modules that contain 10/100 Fast Ethernet ports might not come online after being reset.
- Workaround: Reduce the traffic load and reset the module. (CSCdk74166)
- On Catalyst 4000 family modules that contain 10/100 Fast Ethernet ports, the Carri-Sen counter (in the output of the show port command) might erroneously show a value of 1 indicating an error occurred, a carrier sense error usually does not occur. (CSCdk69054)
- In some cases, power cycling or resetting the switch erases permanent CAM entries. The correct behavior is that permanent entries remain in the CAM through a power cycle or system reset.
- Workaround: Reenter permanent entries after power cycling or resetting the switch. (CSCdm25544)
- If you enable both UplinkFast and protocol filtering on the switch, when a spanning tree topology change occurs that activates UplinkFast, UplinkFast multicast frames (using destination MAC address 0x0100 0CCD CDCD) might be transmitted on access ports.
- Workaround: Do not use UplinkFast if protocol filtering is enabled. (CSCdm31699)
- In some cases, the switch might choose an inactive default gateway as the primary if the primary gateway goes down. The problem occurs when the inactive gateway is reachable only through either the me1 or the sc0 interface and that interface is configured down.
- Workaround: Do not configure a default gateway that is reachable only through an interface that is configured down. Alternatively, do not configure multiple default gateways. (CSCdm32625)
- In some cases, one or more ports on the 32-port 10/100 Fast Ethernet RJ-45 switching module (WS-X4232-RJ-XX) might fail power-on self-test (POST).
- Workaround: Reset the switch. (CSCdm36338)
- For ports on the 32-port 10/100 Fast Ethernet RJ-45 switching module (WS-X4232-RJ-XX), SNMP might report the flow control state as "disagree" even though these ports do not support flow control. This problem has no effect on the normal operation of the switch ports. (CSCdm41797)
- In some cases, attempts to set the primary VMPS server using SNMP fail.
- Workaround: Set the primary VMPS server using the CLI. (CSCdm31717)
- After entering the configure network command, do not interrupt the configuration using Control-C. You might prevent the current command from completely executing, causing unexpected results. (CSCdm27473)
- If you configure RMON alarm entries, if the value of the sampled alarmVariable overflows during the configured alarmInterval, alarmValue will be reported as a negative value. If the alarmValue is reported as a negative value, you can use the following calculation to determine the correct value:
- (alarmValue + 232-1). (CSCdm27392)
- Some Sun Gigabit Ethernet NICs do not reliably autonegotiate flow control with certain ports on the Catalyst 4000 family oversubscribed Gigabit Ethernet modules. The 18-port server switching 1000BASE-X (GBIC) Gigabit Ethernet module (WS-X4418) is affected. (CSCdm38405)
- These Sun Gigabit Ethernet NICs are affected:
- X1140A Sun Gigabit Ethernet Sbus Adapter 2.0
- X1141A PCI Gigabit Ethernet PCI Adapter 2.0
- The workaround is to use the following configuration:
| Catalyst 4000 Family Ports
| Sun Gigabit Ethernet NIC
|
|---|
Configuration
| Command
| Configuration
| Command
|
|---|
Autonegotiation disabled
| set port negotiation mod_num/port_num disable
| Autonegotiation disabled
| ndd -set /dev/ge adv_1000autoneg_cap 0
|
N/A
| N/A
| Half-duplex off
| ndd -set /dev/ge adv_1000hdx_cap 0
|
Send flow control on1
| set port flowcontrol mod_num/port_num send on
| Send flow control off
| ndd -set /dev/ge adv_pauseTX 0
|
Receive flow control desired1.
| set port flowcontrol mod_num/port_num receive desired
| Receive flow control on
| ndd -set /dev/gs adv_pauseRX 1
|
- When you configure SPAN for a port or VLAN, neither transmitted nor received spanning tree BPDUs are mirrored to the SPAN destination port. (CSCdm47129)
- If you configure the port-VLAN cost of a port using the set spantree portvlancost command and then reset the module to which the port belongs, the port-VLAN cost for all of the ports on that module except the port you configured will be set to an incorrect value. This problem can occur on any Catalyst 4000 family module as well as ports on the Catalyst 4912G and 2948G switches. (CSCdm93868)
- If you reset the switch three or more times in rapid succession while the system is bringing the modules online, the switch might fail to boot the system image and remains in the ROM monitor.
- Workaround: Boot the system image from the ROM monitor using the boot command. (CSCdm80016)
These sections provide usage guidelines, restrictions, and troubleshooting information for Catalyst 4000 family switch hardware and software:
This section contains usage guidelines, restrictions, and troubleshooting information that apply to the supervisor engine and to the switch at the system level.
- The Catalyst 4006 switch requires dual power supplies. Refer to the Catalyst 4003 and 4006 Switch Installation Guide for detailed information about power requirements for the Catalyst 4006.
- In supervisor engine software release 5.2 and later, the show config, write terminal, and copy config commands return only the non-default configuration (that is, only commands entered that change the default configuration are displayed). Use the all keyword to display both the default and non-default configuration (for example, show config all).
- If you need to download configuration files to many switches in a network topology with redundant EtherChannel links, download the configuration at each switch manually using the configure network command. Otherwise, in some situations, a broadcast storm can occur.
- Under certain conditions, etherHistoryUtilization is not reported correctly if the counter value wraps between the two consecutive samples. The workaround is to reduce the sample interval.
- If your configuration produces thousands of CAM entries, ensure that your screen length is set to a value greater than 0 before entering the show cam dynamic command.
- The LrnDiscard counter (displayed by entering the show mac command) indicates the number of times a CAM entry is replaced with a newly learned address when the CAM table is full. The counter value is not maintained for each port; instead, the value is maintained for the entire switch.
- Although the show spantree command displays the PortFast feature as enabled on a trunk port, spanning tree PortFast has no effect on trunk ports. Do not use the set portfast command on a trunk port. In addition, designating a port as a trunk port ignores the PortFast feature for the port.
- The CLI command show cam dynamic and the SNMP query "getmany community@vlan dot1dTpFdbAddress" are sometimes out of sync.
This section contains usage guidelines, restrictions, and troubleshooting information that apply to modules and switch ports.
- This message indicates a problem with hardware:
2000 Feb 15 16:15:28 %SYS-4-P2_WARN: 1/Blocked queue on gigaport 5 ( 15 : 1 )
- In this case, the gigaport number is 5. If you receive this message, contact your technical support representative.
- When connecting end stations (such as Windows 95/98/NT workstations) to Catalyst 4000 family 10/100-Mbps switch ports, use the following configuration if the end stations are using DHCP or IPX. If you use a different configuration, you might have problems obtaining an IP address using BOOTP/DHCP or getting an IPX login using IPX.
- Spanning tree PortFast enabled
- Trunking off
- Channeling off
- In supervisor engine software release 5.2 and later you can use the set port host command to optimize the port configuration for host connections. This command automatically enables PortFast and sets the trunking and channeling modes to off.
- In software releases prior to release 5.2, you can optimize the port configuration for host connections as follows:
- Use the set spantree portfast mod_num/port_num enable command to enable PortFast
- on a port.
- Use the set trunk mod_num/port_num off command to disable trunking on a port.
- Use the set port channel port_list off command to disable channeling on a port.
|
Note You must specify a valid port range when entering the set port channel command. You cannot specify a single port. |
This example shows how to configure a port for end station connectivity using the set port host command:
Console> (enable) set port host 2/1
Warning: Span tree port fast start should only be enabled on ports connected to a single host. Connecting hubs, concentrators, switches, bridges, etc. to a fast start port can cause temporary spanning tree loops. Use with caution.
Spantree port 2/1 fast start enabled.
Port(s) 2/1 trunk mode set to off.
Port(s) 2/1 channel mode set to off.
Console> (enable)
This example shows how to manually configure a port for end station connectivity:
Console> (enable) set spantree portfast 2/2 enable
Warning: Spantree port fast start should only be enabled on ports connected
to a single host. Connecting hubs, concentrators, switches, bridges, etc. to
a fast start port can cause temporary spanning tree loops. Use with caution.
Spantree port 2/2 fast start enabled.
Console> (enable) set trunk 2/2 off
Port(s) 2/2 trunk mode set to off.
Console> (enable) set port channel 2/1-2 off
Port(s) 2/1-2 channel mode set to off.
Console> (enable)
- When hot inserting a module into a Catalyst 4000 family chassis, be sure to use the ejector levers on the front of the module to seat the backplane pins properly. Incorrectly inserting a module can cause unexpected behavior. For proper module installation instructions, refer to the Catalyst 4003 Series Installation Guide.
- When you replace a module (other than the supervisor engine) with a module of a different type, or when you insert a module (other than the supervisor engine) in an empty slot, enter the command clear config mod_num to clear the module configuration information in the supervisor engine and obtain the correct spanning tree parameters.
- If a module fails to come online, reset the module by entering the reset mod_num command.
- If a port fails the physical-medium-dependent (PMD) loopback test (port LED is flashing orange) after the Catalyst 4000 family switch is reset, you must reset the affected module to recover.
- If the Catalyst 4000 family switch detects a port-duplex misconfiguration, the misconfigured switch port is disabled and placed in the "errdisable" state. Reconfigure the port-duplex setting and use the set port enable command to reenable the port.
- If you have a port whose port speed is set to auto connected to another port whose speed is set to a fixed value, configure the port whose speed is set to a fixed value for half duplex. Alternately, you can configure both ports to a fixed-value port speed and full duplex.
- Whenever you connect a Catalyst 4000 family port that is set to autonegotiate to an end station or another networking device, make sure that the other device is configured for autonegotiation as well. If the other device is not set to autonegotiate, the Catalyst 4000 autonegotiating port will remain in half-duplex mode, which can cause a duplex mismatch resulting in packet loss, late collisions, and line errors on the link.
- Do not enable protocol filtering on the switch if you have configured port security on any ports and set the violation mode to restrict. There is no restriction if the violation mode is set to shutdown (you can enable protocol filtering on the switch).
- The following restrictions apply when configuring port security:
- You cannot configure dynamic, static, or permanent CAM entries on a secure port
- When you enable port security on a port, any static or dynamic CAM entries associated with the port are cleared; any currently configured permanent CAM entries are treated as secure
- If you configure a secure port in restrictive mode, and a station is connected to the port whose MAC address is already configured as a secure MAC address on another port on the switch, the port in restrictive mode will shut down rather than restrict traffic from that station. For example, if you configure MAC-1 as the secure MAC address on port 2/1 and MAC-2 as the secure MAC address on port 2/2, if you then connect the station with MAC-1 to port 2/2 when port 2/2 is configured for restrictive mode, port 2/2 will shut down instead of restricting traffic from MAC-1.
The Spanning Tree Protocol (STP) blocks certain ports to prevent physical loops in a redundant topology. On a blocked port, the Catalyst 4000 family switch receives spanning tree bridge protocol data units (BPDUs) periodically from the neighboring device. You can configure the frequency with which BPDUs are received by entering the set spantree hello command (the default frequency is set to two seconds). If a Catalyst 4000 family switch does not receive a BPDU in the time defined by the set spantree maxage command (20 seconds by default), the blocked port transitions to the listening state, the learning state, and to the forwarding state. As it transitions, the switch waits for the time period specified by the set spantree fwddelay command (15 seconds by default) in each of these intermediate states. Therefore, a blocked spanning tree port moves into the forwarding state if it does not receive BPDUs from its neighbor within approximately 50 seconds.
This section contains usage guidelines, restrictions, and troubleshooting information that apply to spanning tree.
- If the Spanning Tree Protocol parameters are reduced in value, ensure that the number of instances Spanning Tree Protocol are also reduced proportionally in order to avoid spanning tree loops in the network.
- On your Catalyst 4000 family switch, ensure that the total number of logical ports across all instances of spanning tree for different VLANs does not exceed the number allowed for your supervisor engine.
- You can use the show spantree summary command and this formula to compute the sum of logical ports on the switch:
- (number of trunks on the switch * number of active VLANs on those trunks) + number of non-trunking port on the switch
- The sum of all logical ports, as calculated with the formula above, should be less than or equal to 1500 for the Catalyst 4000 family Supervisor Engine I and II.
|
Caution If you enable numerous memory-intensive features concurrently (such as VTP pruning, VMPS, EtherChannel, and RMON), or if there is switched data traffic on the management VLAN, the maximum number of supported logical ports is reduced. |
|
Note Count each port in an EtherChannel port bundle independently (do not count the bundle as a single port). |
- A Catalyst family switch should be the root for all VLANs, especially VLAN 1. In order to recover from an extended broadcast storm caused by a faulty device in a network, Catalyst family switches reset blocked ports. To ensure recovery, all Catalyst family switches in the network should perform this function at the same time by sending synchronization packets on VLAN 1. These synchronization packets are only sent by a Catalyst family switch if it is the root bridge.
- Disabling spanning tree on the native VLAN of an IEEE 802.1Q trunk can potentially cause spanning tree loops. We recommend that you leave spanning tree enabled on the native VLAN of an 802.1Q trunk. If you plan to disable spanning tree in an 802.1Q environment, disable spanning tree on every VLAN in the network and ensure a loop-free topology exists.
- Use these commands to monitor blocked spanning tree ports:
- show port—Check to see if the port has registered a lot of alignment, FCS, or any other type of line errors. If these errors are incrementing continuously, the port might drop input BPDUs.
- show mac—If the Inlost counter is incrementing continuously, the port is losing input packets because of a lack of receive buffers. This problem can also cause the port to drop incoming BPDUs.
- On a blocked spanning tree port, make sure that the Rcv-Frms and Rcv-Multi counters are incrementing continuously. If the Rcv-Frms counter stops incrementing, the port is not receiving any frames, including BPDUs. If the Rcv-Frms counter is incrementing but the Rcv-Multi counter is not, then this port is receiving nonmulticast frames but is not receiving any BPDUs.
- On a blocked spanning tree port, check the duplex configuration to ensure that the port duplex is set to the same type as the port of the neighboring device.
- On trunk ports, make sure that the trunk configuration is set properly on both sides of the link.
- On trunk ports, make sure that the duplex is set to full on both sides of the link to prevent any collisions under heavy traffic conditions.
- Do not use spanning tree PortFast on a trunk port. Although the show spantree command displays PortFast as enabled on a trunk port, PortFast has no effect on trunk ports.
This section contains usage guidelines, restrictions, and troubleshooting information that apply to VTP, VLANs, and VLAN trunks.
- Although the Dynamic Trunk Protocol (DTP) is a point-to-point protocol, some internetworking devices might forward DTP frames. To avoid connectivity problems, follow these guidelines:
- For ports connected to non-Catalyst family devices in which trunking is not being used, configure trunk-capable Catalyst 4000 family switch ports to off by entering the set trunk mod_num/port_num off command.
- When trunking to a Cisco router, use the set trunk mod_num/port_num nonegotiate command. The nonegotiate keyword transitions a link into trunking mode without sending DTP frames.
- With Cisco IOS software release 12.0, the Catalyst 8510 campus switch router (CSR) does not process untagged packets (packets on the native VLAN) received on an IEEE 802.1Q trunked interface (all such packets are dropped). If you configure Catalyst 8510 CSR subinterfaces to trunk using 802.1Q encapsulation, traffic cannot be carried successfully on the native VLAN for the trunk configured on the Catalyst 4000 family switch.
- The workaround is to create an unused VLAN and assign that VLAN as the native VLAN for the 802.1Q trunk on the Catalyst 4000 family switch. Verify the native VLAN assignment for the trunk using the show trunk command.
- This problem is tracked as a defect against the Catalyst 8510 CSR software (CSCdk77676).
- A VTP transparent switch with no VTP domain name configured might not relay VTP requests received from VTP client and server switches. Therefore, VTP client and server switches might not synchronize if they are separated by a VTP transparent switch with no domain name configured. The workaround is to configure a VTP domain name on the VTP transparent switch.
This section contains usage guidelines, restrictions, and troubleshooting information that apply to Fast and Gigabit EtherChannel.
- When using Fast EtherChannel, if a "SPANTREE-2: Channel misconfig - x/x-x will be disabled" or similar syslog message is displayed, it indicates a mismatch of Fast EtherChannel modes on the connected ports. We recommend that you correct the configuration and reenable the ports by entering the set port enable command. The following are valid EtherChannel configurations:
Port Channel Mode
| Valid Neighbor Port Channel Modes
|
|---|
desirable
| desirable or auto
|
auto
| desirable or auto1
|
on
| on
|
off
| off
|
1If both the local and neighbor ports are in auto mode, an EtherChannel bundle will not form.
|
- With a large number of channels, trunks, or VLANs, or a change of channel configuration (for example, off to auto), or upon Fast EtherChannel module reboot, ports might take up to five minutes to form a channel and to participate in spanning tree. (During this interval, the port does not appear in show spantree command output.) If it takes more than ten minutes for a channel to form and appear on spanning tree, disable and reenable the ports. In addition, it might take up to two minutes to unbundle a channel after changing the channel mode.
This section contains usage guidelines, restrictions, and troubleshooting information that apply to the Switch Port Analyzer (SPAN).
- Incoming traffic on the SPAN destination port is disabled by default. You can enable it using the set span command with the inpkts enable keywords. However, while the port receives traffic for its assigned VLAN, it does not participate in spanning tree for that VLAN. To avoid creating spanning tree loops with incoming traffic enabled, assign the SPAN destination port to an unused VLAN.
- A SPAN destination port receives flooded unicasts and broadcasts for the VLAN of the source SPAN port.
This section contains usage guidelines, restrictions, and troubleshooting information that apply to multicast protocols and traffic on the switch.
- Due to a conflict with the Hot Standby Router Protocol (HSRP), Cisco Group Management Protocol (CGMP) leave processing is disabled by default.
- To enable CGMP leave processing, enter the set cgmp leave enable command.
|
Note If both HSRP and CGMP leave processing are enabled, you might experience some unicast packet flooding. |
- When CGMP leave processing is enabled, the Catalyst 4000 family switch learns router ports through PIM-v1, HSRP, and CGMP self-join messages. When CGMP leave processing is disabled, the Catalyst 4000 family switch learns router ports through CGMP self-join messages only.
- CGMP does not prune multicast traffic for any IP multicast address that maps into the Media Access Control (MAC) address range of 01-00-5E-00-00-00 to 01-00-5E-00-00-FF. The reserved IP multicast addresses, in the range 224.0.0.0 to 224.0.0.255, are used to forward local IP multicast traffic in a single Layer 3 hop.
This section describes caveats for the Catalyst 5000 family software release 5.2 documentation.
- CSCdm60737 was incorrectly listed as open in the release notes for software releases 5.1(2a) through 5.2(4).
- CSCdm80016 was incorrectly listed as resolved in the release notes for software release 5.2(4).
This section describes caveats for the Catalyst 5000 family software release 5.2 documentation. These changes will be included in the next update to the documentation.
- The printed version of the Command Reference for software release 5.2 incorrectly includes the show tech-support command. This command is not supported in software release 5.2.
This section describes caveats for the Catalyst 4000 family software release 5.1 documentation. These changes will be included in the next update to the documentation.
- In the Software Configuration Guide for software release 5.1, the following description of GMRP was omitted:
- GMRP software components run on both the switch and on the host (Cisco is not a source for GMRP host software). On the host, GMRP is typically used with IGMP: the host GMRP software creates Layer 2 GMRP versions of the host's Layer 3 IGMP control packets. The switch receives both the Layer 2 GMRP and the Layer 3 IGMP traffic from the host. The switch uses the received GMRP traffic to constrain multicasts at Layer 2 in the host's VLAN.
|
Note In all situations, you can use CGMP or IGMP snooping to constrain multicasts at Layer 2 without installing or configuring software on hosts. |
- When a host wants to join an IP multicast group, it sends an IGMP join message, which creates a GMRP join message.
- When the swtch receives the GMRP join message, it adds the port through which the join message was received to the appropriate multicast group. The switch propagates the GMRP join message to all other hosts in the VLAN, one of which is typically the multicast source. When the source is multicasting to the group, the switch forwards the multicast only to the ports from which it received join messages for the group.
- The switch sends periodic GMRP queries. If a host wants to remain in a multicast group, it responds to the query. In this case, the switch does nothing. If a host does not want to remain in the multicast group, it can either send a leave message or not respond to the periodic queries from the switch. If the switch receives a leave message or receives no response from the host for the duration of the leaveall timer, the switch removes the host from the multicast group.
|
Note To use GMRP in a routed environment, enable the GMRP forwardall option on all ports where routers are attached. |
The following documents are available for Catalyst 4000 family switches:
- Catalyst 4003 Installation Guide
- Catalyst 4912G Installation Guide
- Software Configuration Guide—Catalyst 4000 Family, 2948G, and 2980 Switches
- Layer 3 Switching Software Configuration Guide - Catalyst 5000 Family, 4000 Family, 2926G Series, and 2948G Switches
- Command Reference—Catalyst 4000 Family, 2948G, and 2980 Switches
- System Message Guide—Catalyst 6000 Family, Catalyst 5000 Family, 4000 Family, 2926G Series, and 2948G Switches
- Troubleshooting Tips—Catalyst 5000 Family, 4000 Family, 2926G Series, and 2948G Switches
- Enterprise MIB User Quick Reference (online only)
You can access the most current Cisco documentation on the World Wide Web at http://www.cisco.com, http://www-china.cisco.com, or http://www-europe.cisco.com.
Cisco documentation and additional literature are available in a CD-ROM package, which ships with your product. The Documentation CD-ROM is updated monthly. Therefore, it is probably more current than printed documentation. The CD-ROM package is available as a single unit or as an annual subscription.
Registered CCO users can order the Documentation CD-ROM and other Cisco Product documentation through our online Subscription Services at http://www.cisco.com/cgi-bin/subcat/kaojump.cgi.
Nonregistered CCO users can order documentation through a local account representative by calling Cisco's corporate headquarters (California, USA) at 408 526-4000 or, in North America, call 800 553-NETS (6387).
Cisco provides Cisco Connection Online (CCO) as a starting point for all technical assistance. Warranty or maintenance contract customers can use the Technical Assistance Center. All customers can submit technical feedback on Cisco documentation using the web, e-mail, a self-addressed stamped response card included in many printed docs, or by sending mail to Cisco.
Cisco continues to revolutionize how business is done on the Internet. Cisco Connection Online is the foundation of a suite of interactive, networked services that provides immediate, open access to Cisco information and resources at anytime, from anywhere in the world. This highly integrated Internet application is a powerful, easy-to-use tool for doing business with Cisco.
CCO's broad range of features and services helps customers and partners to streamline business processes and improve productivity. Through CCO, you will find information about Cisco and our networking solutions, services, and programs. In addition, you can resolve technical issues with online support services, download and test software packages, and order Cisco learning materials and merchandise. Valuable online skill assessment, training, and certification programs are also available.
Customers and partners can self-register on CCO to obtain additional personalized information and services. Registered users may order products, check on the status of an order and view benefits specific to their relationships with Cisco.
You can access CCO in the following ways:
- WWW: www.cisco.com
- Telnet: cco.cisco.com
- Modem using standard connection rates and the following terminal settings: VT100 emulation; 8 data bits; no parity; and 1 stop bit.
- From North America, call 408 526-8070
- From Europe, call 33 1 64 46 40 82
You can e-mail questions about using CCO to cco-team@cisco.com.
The Cisco Technical Assistance Center (TAC) is available to warranty or maintenance contract customers who need technical assistance with a Cisco product that is under warranty or covered by a maintenance contract.
To display the TAC web site that includes links to technical support information and software upgrades and for requesting TAC support, use www.cisco.com/techsupport.
To contact by e-mail, use one of the following:
Language
| E-mail Address
|
|---|
English
| tac@cisco.com
|
Hanzi (Chinese)
| chinese-tac@cisco.com
|
Kanji (Japanese)
| japan-tac@cisco.com
|
Hangul (Korean)
| korea-tac@cisco.com
|
Spanish
| tac@cisco.com
|
Thai
| thai-tac@cisco.com
|
In North America, TAC can be reached at 800 553-2447 or 408 526-7209. For other telephone numbers and TAC e-mail addresses worldwide, consult the following web site: http://www.cisco.com/warp/public/687/Directory/DirTAC.shtml.
If you are reading Cisco product documentation on the World Wide Web, you can submit technical comments electronically. Click Feedback in the toolbar and select Documentation. After you complete the form, click Submit to send it to Cisco.
You can e-mail your comments to bug-doc@cisco.com.
To submit your comments by mail, for your convenience many documents contain a response card behind the front cover. Otherwise, you can mail your comments to the following address:
Cisco Systems, Inc.
Document Resource Connection
170 West Tasman Drive
San Jose, CA 95134-9883
We appreciate and value your comments..
Posted: Mon Sep 11 14:51:07 PDT 2000
Copyright 1989-2000©Cisco Systems Inc.
