Release Notes for the Catalyst 4500 Series Switch, Cisco IOS, 12.1E
Available Languages
Table Of Contents
Release Notes for Catalyst 4500 Series Switch Cisco IOS Release 12.1E
Catalyst 4500 Series Switch Cisco IOS Release Strategy
Upgrading the Supervisor Engine ROMMON and the Cisco IOS Software
Upgrading the Supervisor Engine ROMMON
Upgrading the Cisco IOS Software
Open Caveats in Software Release 12.1(26)E3
Resolved Caveats in Software Release 12.1(26)E3
Open Caveats in Software Release 12.1(26)E2
Resolved Caveats in Software Release 12.1(26)E2
Open Caveats in Software Release 12.1(26)E1
Resolved Caveats in Software Release 12.1(26)E1
Open Caveats in Software Release 12.1(26)E
Resolved Caveats in Software Release 12.1(26)E
Open Caveats in Software Release 12.1(23)E4
Resolved Caveats in Software Release 12.1(23)E4
Open Caveats in Software Release 12.1(23)E3
Resolved Caveats in Software Release 12.1(23)E3
Open Caveats in Software Release 12.1(23)E1
Resolved Caveats in Software Release 12.1(23)E1
Open Caveats in Software Release 12.1(23)E
Resolved Caveats in Software Release 12.1(23)E
Open Caveats in Software Release 12.1(22)E6
Resolved Caveats in Software Release 12.1(22)E6
Open Caveats in Software Release 12.1(22)E2
Resolved Caveats in Software Release 12.1(22)E2
Open Caveats in Software Release 12.1(20)E6
Resolved Caveats in Software Release 12.1(20)E6
Open Caveats in Software Release 12.1(20)E3
Resolved Caveats in Software Release 12.1(20)E3
Open Caveats in Software Release 12.1(20)E
Resolved Caveats in Software Release 12.1(20)E
Open Caveats in Software Release 12.1(19)E
Resolved Caveats in Software Release 12.1(19)E
Open Caveats in Software Release 12.1(14)E1
Resolved Caveats in Software Release 12.1(14)E1
Recovering from Loss of the Boot Loader Image
Troubleshooting at the System Level
Obtaining Documentation and Submitting a Service Request
Release Notes for Catalyst 4500 Series Switch Cisco IOS Release 12.1E
Current Release
12.1(26)E3—August 22, 2005Previous Releases
12.1(26)E2, 12.1(26)E1,, 12.1(26)E, 12.1(23)E4, 12.1(23)E3, 12.1(23)E1, 12.1(23)E, 12.1(22)E6, 12.1(22)E2, 12.1(20)E6, 12.1(20)E3, 12.1(20)E, 12.1(19)E, 12.1(14)E1Product Numbers:
•
S4KL3-12126E3—Cisco IOS for the Catalyst 4500 series switch Supervisor Engine III and IV, basic Layer 3 software image (RIP, Static Routes, AppleTalk and IPX), Release 12.1(26)E3
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
These release notes describe the features, modifications, and caveats for the Cisco IOS on the Catalyst 4500 series switch. The most current software release is Cisco IOS Release 12.1(26)E3.
Catalyst 4500 Series Switch Cisco IOS Release Strategy
Note
Cisco IOS Release 12.2EW train offers the latest features for the Catalyst 4500 Series supervisor engines. Customers with Catalyst 4500 series supervisor engines who need the latest hardware support and software features should migrate to Cisco IOS Release 12.2(25)EWA.
Cisco IOS Software Release 12.2(18)EW1 and all subsequent 12.2(18)EW maintenance releases have only the feature set based on Cisco IOS Release 12.2(18)EW for the Catalyst 4500 Series supervisor engines. Customers with Catalyst 4500 Series supervisor engines who require the stability of a bug fix maintenance release should stay with the Cisco IOS Software Release 12.2(18)EW maintenance releases.
Cisco IOS Releases 12.1(19)E1 through 12.1(26)E have only the feature set based on Cisco IOS Release 12.1(12c)EW1 for the Catalyst 4500 Series supervisor engines. Customers with Catalyst 4500 Series supervisor engines who require the stability of a maintenance release should migrate from 12.1E releases to the Cisco IOS Release 12.2(18)EW maintenance releases.
For more information on the Catalyst 4500 series switches, visit the following URL: www.cisco.com/univercd/cc/td/doc/product/lan/cat4000/index.htm
Figure 1 shows the Catalyst 4500 series switch Cisco IOS release strategy.
Figure 1 Software Release Strategy
Contents
This publication consists of these sections:
•
•
System Requirements
This section describes the system requirements:
Memory Requirements
These are the minimum required memory configurations for Cisco IOS software on the Catalyst 4500 series switch:
•
•
Supported Hardware
Supported Features
Table 1 lists the software features for the Catalyst 4500 series switch.
Table 1 Feature Set for the Catalyst 4500 Series Switch
10/100/1000BASE-TX half duplex and full duplex
1000BASE-SX,-LX, and long haul (-LX/LH, -ZX) full duplex
Longwave laser single mode GBICs1
Layer 2 transparent bridging2
Layer 2 MAC3 learning, aging, and switching by software
Layer 2 hardware forwarding at 48 Mpps
Layer 2 switch ports and VLAN trunks
Spanning-Tree Protocol (IEEE 802.1D) per VLAN
802.1s and 802.1w
Per-VLAN spanning tree (PVST) and PVST+
Spanning-tree root guard
Spanning-tree loop guard and PortFast BPDU Filtering
Support for 1600-byte frames
Private VLANs
ISL4 -based VLAN encapsulation (excluding blocking ports on WS-X4418-GB and WS-X4412-2GB-T)5
IEEE 802.1Q-based VLAN encapsulation
Multiple VLAN access port
VLAN Trunking Protocol (VTP) and VTP domains
Support for 4096 VLANs per switch
Unidirectional link detection (UDLD) and aggressive UDLD
IP and IP multicast routing and switching between Ethernet ports
Static IP routing
QoS-based forwarding based on IP precedence
CEF6 load balancing
Hardware-based IP CEF routing at 48 Mpps
Up to 128,000 IP routes
Up to 32,000 IP host entries (Layer 3 adjacencies)
Up to 12,000 IP multicast route entries
Multicast flooding suppression for STP changes
Software routing of IPX and AppleTalk
IGMP v1, v2, and v3
DTP7
RIP8 and RIP II
IGRP9
EIGRP10
OSPF11
BGP412
MBGP13
MSDP14
ICMP15 Router Discovery Protocol
PIM16 —sparse and dense mode
Static routes
Classless interdomain routing (CIDR)
DVMRP17
SSM
Cisco EtherChannel, Fast EtherChannel, and Gigabit EtherChannel technology across line cards
Load balancing for routed traffic, based on source and destination IP addresses
Load sharing for bridged traffic based on MAC addresses
ISL on the Fast EtherChannel and Gigabit EtherChannel
IEEE 802.1Q on the Fast EtherChannel and Gigabit EtherChannel
Bundling of up to eight Fast Ethernet ports
Bundling of up to eight Gigabit Ethernet ports
Up to 64 active Fast Ethernet port channels
Up to 64 active Gigabit Ethernet port channels
Secondary addressing
Bootstrap protocol (BOOTP)
Authentication using TACACS+ and RADIUS protocol
Cisco Discovery Protocol (CDP)
Cisco Group Management Protocol (CGMP) server support
HSRP18 over 10/100 Ethernet, Gigabit Ethernet, Fast EtherChannel, and Gigabit EtherChannel
IGMP19 snooping version1 and version 2
IGMP filtering
Port Aggregation Protocol (PagP)
SNMP20 version 1 and version 2
DHCP server and relay agent
DHCP snooping
802.1X port-based authentication
Router standard and extended ACLs 21 on all ports with no performance penalty
VLAN Access Control Lists
Local Proxy ARP
Per-port QoS22 rate-limiting and shaping
Inline power support for Cisco IP phones
Power redundancy
RPR23
1 GBICs = 1470, 1490, 1510, 1530, 1550, 1570, 1590, and 1610 nm
2 This feature is hardware-based transparent bridging within a VLAN.
3 MAC = Media Access Control
4 ISL = Inter-Switch Link
5 Ports 3 thru 18 on the WS-X4418-GB module and ports 1 thru 12 on the WS-X4412-2GB module
6 CEF = Cisco Express Forwarding
7 DTP = Dynamic Trunking Protocol
8 RIP = Routing Information Protocol
9 IGRP = Interior Gateway Routing Protocol
10 EIGRP = Enhanced Interior Gateway Routing Protocol
11 OSPF = Open Shortest Path First
12 BGP4 = Border Gateway Protocol 4
13 MBGP = Multicast Border Gateway Protocol
14 MSDP = Multicast Source Discovery Protocol
15 ICMP = Internet Control Message Protocol
16 PIM = Protocol Independent Multicast
17 DVMRP = Distance Vector Multicast Routing Protocol
18 HSRP = Hot Standby Router Protocol
19 IGMP = Internet Group Management Protocol
20 SNMP = Simple Network Management Protocol
21 ACLs = Access Control Lists
22 QoS = Quality of Service
23 RPR = Supervisor redundancy
Unsupported Features
These are some of the features that are not supported in Cisco IOS Release 12.1(26)E3 for the Catalyst 4500 series switch:
•
•
–
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
–
–
–
–
New and Changed Information
There are no new hardware or software features because this is an E train release.
Upgrading the System Software
If you have a Catalyst 4500 series switch running Cisco IOS Release 12.1(11b)EW1 or earlier, and you want to upgrade your switch to Cisco IOS Release 12.1(26)E3, you must upgrade the Supervisor Engine III or Supervisor Engine IV ROMMON version at least to Release 12.1(12r)EW, in addition to upgrading the Cisco IOS software.
The following sections describe how to upgrade your switch software:
•
•
•
Upgrading the Supervisor Engine ROMMON and the Cisco IOS Software
This section describes how to upgrade the ROMMON software and the Cisco IOS software on your switch in a single procedure. If this process fails, upgrade your ROMMON software as described in "Upgrading the Supervisor Engine ROMMON" section, and then upgrade your Cisco IOS software as described in the "Upgrading the Cisco IOS Software" section.
Caution
To upgrade the ROMMON software and Cisco IOS software on your switch, follow this procedure:
Step 1
The cat4000-sup3-promupgrade-121_12r_EW programs are available at the same location on Cisco.com from which you download Catalyst 4500 system images.
Step 2
Step 3
If you are using a Compact Flash card, use the slot0: command instead of the bootflash: command.
Step 4
The following example shows how to download the promupgrade image cat4000-sup3-promupgrade-121_12r_EW from the remote host 172.20.58.78 to bootflash:
Switch# copy tftp: bootflash:Address or name of remote host [172.20.58.78]?Source filename [/home/rommon/4014rommon]? cat4000-sup3-promupgrade-121_12r_EWDestination filename [cat4000-sup3-promupgrade-121_12r_EW]?Accessing tftp://172.20.58.78/ cat4000-sup3-promupgrade-121_12r_EW...Loading cat4000-sup3-promupgrade-121_12r_EW from 172.20.58.78 (via FastEthernet2/1):!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!![OK - 2006316/4012032 bytes]2006316 bytes copied in 20.936 secs (100315 bytes/sec)Switch#Step 5
The following example shows how to download the Cisco IOS software image cat4000-is-mz.121-14.E1 from the remote host 172.20.58.78 to bootflash:
Switch# copy tftp: bootflash:Address or name of remote host [172.20.58.78]?Source filename [cat4000-is-mz.121-14.E1]?Destination filename [cat4000-is-mz.121-14.E1]?Accessing tftp://172.20.58.78/cat4000-is-mz.121-14.E1...Loading cat4000-is-mz.121-14.E1 from 172.20.58.78 (via FastEthernet2/1):!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!![OK - 6923388/13846528 bytes]6923388 bytes copied in 72.200 secs (96158 bytes/sec)Switch#Step 6
The following example shows how to display the contents of the BOOT variable:
Switch# show bootvarBOOT variable = bootflash:cat4000-is-mz.121-8a.EWCONFIG_FILE variable does not existBOOTLDR variable does not existConfiguration register is 0x2100Switch#Step 7
The following example shows how to clear the cat4000-is-mz.121-8a.EW file and save the BOOT variable:
Switch# configure terminalSwitch(config)# no boot system flash bootflash:cat4000-is-mz.121-8a.EWSwitch(config)# exitSwitch# writeBuilding configuration...Compressed configuration from 3641 to 1244 bytes [OK]Switch#Step 8
The following example shows an empty the BOOT variable:
Switch# show bootvarBOOT variable does not existCONFIG_FILE variable does not existBOOTLDR variable does not existConfiguration register is 0x2100Switch#Step 9
The following example shows how to add the cat4000-sup3-promupgrade-121_12r_EW program and the cat4000-is-mz.121-14.E1 image to the BOOT variable:
Switch# configure terminalSwitch(config)# boot system flash bootflash:cat4000-sup3-promupgrade-121_12r_EWSwitch(config)# boot system flash bootflash:cat4000-is-mz.121-14.E1Switch(config)# exitSwitch# writeBuilding configuration...Compressed configuration from 3723 to 1312 bytes [OK]Switch#Step 10
The following example shows that the cat4000-sup3-promupgrade-121_12r_EW program and the cat4000-is-mz.121-14.E1 image are in the BOOT variable and that the configuration register is set to 0x21020:
Switch# show bootvarBOOT variable = bootflash:cat4000-sup3-promupgrade-121_12r_EW,1;cat4000-is-mz.121-14.E1,1CONFIG_FILE variable does not existBOOTLDR variable does not existConfiguration register is 0x2102Switch#Step 11
The following example show how to set the second least significant bit in the configuration register:
Switch# configure terminalSwitch(config)# configure-register 0x2102Switch(config)# exitSwitch# writeBuilding configuration...Compressed configuration from 3723 to 1312 bytes [OK]Switch#Step 12
Caution
The following example shows the output from the upgrade and reboot:
Switch# reloadProceed with reload? [confirm]00:02:53:%SYS-5-RELOAD:Reload requested**************************************************** ** Welcome to Rom Monitor for WS-X4014 System. ** Copyright (c) 2002 by Cisco Systems, Inc. ** All rights reserved. ** ****************************************************Rom Monitor Program Version 12.1(8r)EWBoard type 1, Board revision 6Swamp FPGA revision 16, Dagobah FPGA revision 43............***** The system will autoboot in 5 seconds *****Type control-C to prevent autobooting.. .Established physical link 100MB Half DuplexNetwork layer connectivity may take a few seconds. . .******** The system will autoboot now ********config-register = 0x2102Autobooting using BOOT variable specified file.....Current BOOT file is --- bootflash:cat4000-sup3-promupgrade-121_12r_EW......************************************************************** ** Rom Monitor Upgrade Utility For WS-X4014 System ** This upgrades flash Rom Monitor image to the latest ** ** Copyright (c) 2002 by Cisco Systems, Inc. ** All rights reserved. ** **********************************************************......Success! The prom has been upgraded successfully.System will reset itself and reboot in about 15 seconds.0********************************************************* ** Welcome to Rom Monitor for WS-X4014 System. ** Copyright (c) 2002 by Cisco Systems, Inc. ** All rights reserved. ** *********************************************************Rom Monitor Program Version 12.1(12r)EWBoard type 1, Board revision 6Swamp FPGA revision 16, Dagobah FPGA revision 48......***** The system will autoboot in 5 seconds *****Type control-C to prevent autobooting.. .Established physical link 100MB Half DuplexNetwork layer connectivity may take a few seconds. . .******** The system will autoboot now ********config-register = 0x2102Autobooting using BOOT variable specified file.....Current BOOT file is --- bootflash:cat4000-is-mz.121-14.E1Rommon reg:0x300041A8Running diags...Decompressing the image#######################################################################################################################[OK]k2diags version 1.6prod:WS-X4014 part:73-6854-06 serial:JAB05450C57Power-on-self-test for Module 1: WS-X4014Status:(. = Pass, F = Fail)....Module 1 PassedExiting to ios...Rommon reg:0x300001A8Running IOS...Decompressing the image###################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################[OK]Restricted Rights LegendUse, duplication, or disclosure by the Government issubject to restrictions as set forth in subparagraph(c) of the Commercial Computer Software - RestrictedRights clause at FAR sec. 52.227-19 and subparagraph(c) (1) (ii) of the Rights in Technical Data and ComputerSoftware clause at DFARS sec. 252.227-7013.Cisco Systems, Inc.170 West Tasman DriveSan Jose, California 95134-1706Cisco Internetwork Operating System SoftwareIOS (tm) Catalyst 4000 L3 Switch Software (cat4000-IS-M), Version......Uncompressed configuration from 1033 bytes to 3204 bytesPress RETURN to get started!.....Cisco Internetwork Operating System SoftwareIOS (tm) Catalyst 4000 L3 Switch Software (cat4000-IS-M), Version......Switch#Step 13
In the following example, the ROMMON release is 12.1(12r)EW, and the Cisco IOS release is 12.1(23)E1:
Switch# show versionCisco Internetwork Operating System SoftwareIOS (tm) Catalyst 4000 L3 Switch Software (cat4000-IS-M), Version12.1(23)E1, RELEASE SOFTWARE (fc1)TAC Support:http://www.cisco.com/tacCopyright (c) 1986-2002 by cisco Systems, Inc.Compiled Tue 30-Apr-02 17:34 by ccaiImage text-base:0x00000000, data-base:0x00AA2B8CROM:12.1(12r)EWSwitch uptime is 6 minutesSystem returned to ROM by reloadSystem image file is "slot0:fcsboot"cisco WS-C4006 (MPC8245) processor (revision 6) with 262144K bytes of memory.Processor board IDLast reset from Reload48 FastEthernet/IEEE 802.3 interface(s)2 Gigabit Ethernet/IEEE 802.3 interface(s)467K bytes of non-volatile configuration memory.Configuration register is 0x2102Switch#Step 14
The following example shows how to delete the cat4000-sup3-promupgrade-121_12r_EW image from bootflash: and reclaim unused space:
Switch# delete bootflash:cat4000-sup3-promupgrade-121_12r_EWSwitch# squeeze bootflash:All deleted files will be removed, proceed (y/n) [n]? ySqueeze operation may take some time, proceed (y/n) [n]? ySwitch#Step 15
The following example shows how to delete the cat4000-sup3-promupgrade-121_12r_EW image from the BOOT variable:
Switch# configure terminalSwitch(config)# no boot system flash cat4000-sup3-promupgrade-121_12r_EWSwitch(config)# exitSwitch# writeBuilding configuration...Compressed configuration from 3620 to 1236 bytes [OK]Switch#Step 16
The following example shows that the BOOT variable contains the Cisco IOS image cat4000-is-mz.121-14.E1 only:
Switch# show bootvarBOOT variable = bootflash:cat4000-is-mz.121-14.E1,1CONFIG_FILE variable does not existBOOTLDR variable does not existConfiguration register is 0x2102Switch#Upgrading the Supervisor Engine ROMMON
Caution
If you have a Catalyst 4500 series switch running Cisco IOS Release 12.1(11b)EW1 or earlier, and you want to upgrade your switch to Cisco IOS Release 12.1(26)E3, you must upgrade the Supervisor Engine ROMMON to Release 12.1(12r)EW or higher. When you upgrade and boot the Cisco IOS software to Release 12.1(26)E3, the field programmable gate array (FPGA) is automatically upgraded.
Follow this procedure to upgrade your Supervisor Engine ROMMON to Release 12.1(12r)EW:
Step 1
Note
Step 2
The cat4000-sup3-promupgrade-121_12r_EW programs are available at the same location on Cisco.com where you download Catalyst 4500 series switch system images.
Step 3
If you are using a Compact Flash card, use slot0: instead of bootflash:.
Step 4
The following example shows how to download the promupgrade image cat4000-sup3-promupgrade-121_12r_EW from the remote host 172.20.58.78 to bootflash:
Switch# copy tftp: bootflash:Address or name of remote host [172.20.58.78]?Source filename [cat4000-sup3-promupgrade-121_12r_EW]?Destination filename [cat4000-sup3-promupgrade-121_12r_EW]?Accessing tftp://172.20.58.78/ cat4000-sup3-promupgrade-121_12r_EW...Loading cat4000-sup3-promupgrade-121_12r_EW from 172.20.58.78 (viaFastEthernet2/1):!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!![OK - 2006316/4012032 bytes]2006316 bytes copied in 20.936 secs (100315 bytes/sec)Switch#Step 5
The following example shows the output after a reset into ROMMON:
Switch# reloadProceed with reload? [confirm]03:57:16:%SYS-5-RELOAD:Reload requested*********************************************************** ** Welcome to Rom Monitor for WS-X4014 System. ** Copyright (c) 2002 by Cisco Systems, Inc. ** All rights reserved. ** ************************************************************Rom Monitor Program Version 12.1(8r)EW..(output truncated).Established physical link 100MB Half DuplexNetwork layer connectivity may take a few secondsrommon 1 >Step 6
Caution
The following example shows the output from a successful upgrade followed by a system reset:
rommon 2 > boot bootflash:cat4000-sup3-promupgrade-121_12r_EWRommon reg:0x300001A8Decompressing the image############################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################## [OK]Restricted Rights Legend************************************************************ ** Rom Monitor Upgrade Utility For WS-X4014 System ** This upgrades flash Rom Monitor image to the latest ** ** Copyright (c) 2002 by Cisco Systems, Inc. ** All rights reserved. ** ************************************************************Image size = 431.476 KBytesMaximum allowed size = 511.75 KBytesUpgrading your PROM... DO NOT RESET the systemunless instructed or upgrade of PROM will fail !!!Beginning erase of 0x80000 bytes at offset 0x3f80000... Done!Beginning write of prom (0x6bddc bytes at offset 0x3f80000)...This could take as little as 30 seconds or up to 2 minutes.Please DO NOT RESET!Success! The prom has been upgraded successfully.System will reset itself and reboot in about 15 seconds.0Step 7
Step 8
The following example shows how to delete the cat4000-sup3-promupgrade-121_12r_EW image from bootflash and reclaim unused space:
Switch# delete bootflash:cat4000-sup3-promupgrade-121_12r_EWSwitch# squeeze bootflash:All deleted files will be removed, proceed (y/n) [n]? ySqueeze operation may take some time, proceed (y/n) [n]? ySwitch#
The ROMMON is now upgraded.
See the "Upgrading the Cisco IOS Software" section for instructions on upgrading the Cisco IOS software on your switch.
Upgrading the Cisco IOS Software
You can upgrade the Cisco IOS software on your Catalyst 4500 series switch using the following procedure.
If you have Cisco IOS Release 12.1(8a)EW loaded on your switch, you must upgrade the ROMMON before upgrading your switch software. For more information, see the "Upgrading the Supervisor Engine ROMMON" section.
Caution
Step 1
Step 2
If you are using a Compact Flash card, use slot0: instead of bootflash:.
Step 3
The following example shows how to download the Cisco IOS software image cat4000-is-mz.121-14.E1 from the remote host 172.20.58.78 to bootflash:
Switch# copy tftp: bootflash:Address or name of remote host [172.20.58.78]?Source filename [cat4000-is-mz121_14.E1]?Destination filename [cat4000-is-mz.121-14.E1]?Accessing tftp://172.20.58.78/cat4000-is-mz.121-14.E1Loading cat4000-is-mz.121-14.E1 from 172.20.58.78 (viaFastEthernet2/1):!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!![OK - 6923388/13846528 bytes]6923388 bytes copied in 72.200 secs (96158 bytes/sec)Switch#Step 4
The following example shows how to clear the BOOT variable:
Switch# configure terminalSwitch(config)# no boot system flashSwitch(config)# exitSwitch# writeBuilding configuration...Compressed configuration from 3641 to 1244 bytes [OK]Switch#Step 5
The following example shows how to add the cat4000-is-mz.121-14.E1 image to the BOOT variable:
Switch# configure terminalSwitch(config)# boot system flash bootflash:cat4000-is-mz.121-14.E1Switch(config)# exitSwitch# writeBuilding configuration...Compressed configuration from 3641 to 1244 bytes [OK]Switch#Step 6
The following example show how to set the second least significant bit in the configuration register:
Switch# configure terminalSwitch(config)# configure-register 0x2102Switch(config)# exitSwitch# writeBuilding configuration...Compressed configuration from 3723 to 1312 bytes [OK]Switch#Step 7
Caution
The following example shows the output from a successful upgrade followed by a system reset:
Switch# resetRommon reg: 0x2B004180Upgrading FPGA...Decompressing the image############## [OK]******************************************************** ** WS-X4014 FPGA Upgrade Utility For WS-X4014 Machines ** ** Copyright (c) 2002 by Cisco Systems, Inc. ** All rights reserved. ** ***********************************************************Image size = 483.944 KBytesMaximum allowed size = 1023.75 KBytesUpgrading your FPGA image... DO NOT RESET the systemunless instructed or upgrade of FPGA will fail !!!Beginning erase of 0x100000 bytes at offset 0x3d00000... Done!Beginning write of fpga image (0x78fb0 bytes at offset 0x3d00000)...This could take as little as 30 seconds or up to 2 minutes.Please DO NOT RESET!Success! FPGA image has been upgraded successfully.System will reset itself and reboot in about 15 seconds.0*********************************************************** ** Welcome to Rom Monitor for WS-X4014 System. ** Copyright (c) 2002 by Cisco Systems, Inc. ** All rights reserved. ** ***********************************************************Rom Monitor Program Version 12.1(12r)EWBoard type 1, Board revision 5Swamp FPGA revision 16, Dagobah FPGA revision 47MAC Address : 00-30-85-XX-XX-XXIP Address : 10.10.10.91Netmask : 255.255.255.0Gateway : 10.10.10.1TftpServer : Not set.Main Memory : 256 MBytes***** The system will autoboot in 5 seconds *****Type control-C to prevent autobooting.Switch#Step 8
Limitations and Restrictions
These sections list the limitations and restrictions for the current release of Cisco IOS software on the Catalyst 4500 series switch:
•
–
–
•
–
–
•
Workaround: Display the configuration with the show standby command, and remove the CLI. Here is a sample output of the
[no standby group# name] show standby GigabitEthernet1/1 command:GigabitEthernet1/1 - Group 0Local state is Active, priority 105, may preemptHellotime 1 sec, holdtime 3 secNext hello sent in 0.642Virtual IP address is 131.241.2.6 configuredSecondary virtual IP address 131.241.2.7Active router is localStandby router is 131.241.2.2 expires in 2.872Virtual mac address is 0000.0c07.ac002 state changes, last state change 00:00:41IP redundancy name is "hsrp-Gi1/1-0" (default) <====== this line should be removedPriority tracking 1 interface, 1 up:Interface Decrement StateGigabitEthernet1/2 10 Up•
Workaround: Since the problem is caused by mismatched MTUs, the solution is to change the MTU on either to match the neighbor MTU.
•
Workaround: Contact your technical support representative for a replacement.
•
•
•
•
•
•
•
•
•
•
•
•
•
•
Caveats
Caveats describe unexpected behavior in Cisco IOS releases. Caveats listed as open in a prior release are carried forward to the next release as either open or resolved.
Open Caveats in Software Release 12.1(26)E3
This section lists open caveats in Release 12.1(26)E3:
•
Workaround: None. (CSCec43960)
•
Workaround: Configure fewer switch virtual interfaces (SVIs) in the startup configuration file. (CSCdx91258)
•
Workaround: Detach the ACL from one interface at a time (without deleting the ACL), and then reattach the ACL to that interface. (CSCdw28603)
Resolved Caveats in Software Release 12.1(26)E3
This section lists resolved caveats in Release 12.1(26)E3.
•
This symptom is observed when a Cisco router that peers with other routers receives an Autonomous System (AS) path with a length that is equal to or greater than 255.
Workaround: Configure the <CmdBold>bgp maxas limit<noCmdBold> command in such as way that the maximum length of the AS path is a value below 255. When the router receives an update with an excessive AS path value, the prefix is rejected and recorded the event in the log. (CSCeh13489)
•
Cisco has made free software available that includes the additional integrity checks for affected customers.
Open Caveats in Software Release 12.1(26)E2
This section lists open caveats in Release 12.1(26)E2:
•
Workaround: None. (CSCec43960)
•
Workaround: Configure fewer switch virtual interfaces (SVIs) in the startup configuration file. (CSCdx91258)
•
Workaround: Detach the ACL from one interface at a time (without deleting the ACL), and then reattach the ACL to that interface. (CSCdw28603)
Resolved Caveats in Software Release 12.1(26)E2
This section lists resolved caveats in Release 12.1(26)E2.
•
In this situation, the router does not populate the RPF interface into the outgoing interface list (OIL) (that is, the OIL remains null) because the old SP-tree has already been pruned by the downstream router. When the RPF interface of the router changes to the new path, it does not trigger a Join message toward the multicast source until the router receives the next periodic Join message from the downstream router and populates the OIL. Consequently, multicast traffic stops temporarily but no longer than the periodic Join message interval.
Workaround: None. (CSCef60452)
Open Caveats in Software Release 12.1(26)E1
This section lists open caveats in Release 12.1(26)E1:
•
Workaround: None. (CSCec43960)
•
Workaround: Configure fewer switch virtual interfaces (SVIs) in the startup configuration file. (CSCdx91258)
•
Workaround: Detach the ACL from one interface at a time (without deleting the ACL), and then reattach the ACL to that interface. (CSCdw28603)
Resolved Caveats in Software Release 12.1(26)E1
This section lists resolved caveats in Release 12.1(26)E1.
•
The serializer/deserializer (SerDes) on the supervisor engine were not initialized correctly, causing the link to fail after a reload. This caveat has been fixed in Releases 12.2(18)EW3, 12.1(26)E1 and 12.2(25)EWA.
Workaround: None (CSCeg86853).
•
Dec 21 01:13:46 EST: %C4K_IOSMODPORTMAN-4-FANTRAYBAD: Fan tray has failedDec 21 01:13:46 EST: %C4K_CHASSIS-2-INSUFFICIENTFANSDETECTED: Too few working fans in fantray, the chassis will overheat. If not resolved, in 5 minutes all line cards will beplaced into Reset-ModeDec 21 01:13:51 EST: %C4K_IOSMODPORTMAN-6-FANTRAYGOOD: Fan tray is okayDec 21 01:47:21 EST: %C4K_IOSMODPORTMAN-4-FANTRAYBAD: Fan tray has failedDec 21 01:47:21 EST: %C4K_CHASSIS-2-INSUFFICIENTFANSDETECTED: Too few working fans in fantray, the chassis will overheat. If not resolved, in 5 minutes all line cards will beplaced into Reset-ModeDec 21 01:47:26 EST: %C4K_IOSMODPORTMAN-6-FANTRAYGOOD: Fan tray is okayDec 21 04:00:16 EST: %C4K_IOSMODPORTMAN-4-FANTRAYBAD: Fan tray has failedDec 21 04:00:16 EST: %C4K_CHASSIS-2-INSUFFICIENTFANSDETECTED: Too few working fans in fantray, the chassis will overheat. If not resolved, in 5 minutes all line cards will beplaced into Reset-ModeDec 21 04:00:21 EST: %C4K_IOSMODPORTMAN-6-FANTRAYGOOD: Fan tray is okayWorkaround: None. This is a software bug and the fix is integrated in the releases mentioned for this bug. Do not RMA or EFA the fan-trays. (CSCeg70330)
Open Caveats in Software Release 12.1(26)E
This section lists open caveats in Release 12.1(26)E:
•
Workaround: None. (CSCec43960)
•
Workaround: Configure fewer switch virtual interfaces (SVIs) in the startup configuration file. (CSCdx91258)
•
Workaround: Detach the ACL from one interface at a time (without deleting the ACL), and then reattach the ACL to that interface. (CSCdw28603)
Resolved Caveats in Software Release 12.1(26)E
This section lists resolved caveats in Release 12.1(26)E:
•
If a misformed packet is received and queued up on the interface, this bug may also be triggered by other means which are not considered remotely exploitable such as the use of the command `show ip bgp neighbors' or running the command `debug ip bgp <neighbor> updates' for a configured bgp neighbor.
Cisco has made free software available to address this problem.
(CSCee67450)
•
Workaround: None. (CSCeg38623)
•
Workaround: Allow the trunk to carry VLAN 1. (CSCee31879)
Open Caveats in Software Release 12.1(23)E4
This section lists open caveats in Release 12.1(23)E4:
•
Workaround: None. (CSCec43960)
•
Workaround: Configure fewer switch virtual interfaces (SVIs) in the startup configuration file. (CSCdx91258)
•
Workaround: Detach the ACL from one interface at a time (without deleting the ACL), and then reattach the ACL to that interface. (CSCdw28603)
Resolved Caveats in Software Release 12.1(23)E4
This section lists resolved caveats in Release 12.1(23)E4:
•
This symptom is observed when a Cisco router that peers with other routers receives an Autonomous System (AS) path with a length that is equal to or greater than 255.
Workaround: Configure the <CmdBold>bgp maxas limit<noCmdBold> command in such as way that the maximum length of the AS path is a value below 255. When the router receives an update with an excessive AS path value, the prefix is rejected and recorded the event in the log. (CSCeh13489)
•
Cisco has made free software available that includes the additional integrity checks for affected customers.
(CSCei61732)
Open Caveats in Software Release 12.1(23)E3
This section lists open caveats in Release 12.1(23)E3:
•
Workaround: None. (CSCec43960)
•
Workaround: Configure fewer switch virtual interfaces (SVIs) in the startup configuration file. (CSCdx91258)
•
Workaround: Detach the ACL from one interface at a time (without deleting the ACL), and then reattach the ACL to that interface. (CSCdw28603)
Resolved Caveats in Software Release 12.1(23)E3
This section lists resolved caveats in Release 12.1(23)E3:
•
This symptom is very similar to CSCdx92093, but this happen with nativeIOS.
traffic 1Gbps about 256kbps-------------> (policing to 256kbps) -------------->+----------------------+g1/1| |g3/15smartbits --------| Cat6509 |------- smartbits| |+----------------------+Workaround: None. (CSCee78451)
Open Caveats in Software Release 12.1(23)E1
This section lists open caveats in Release 12.1(23)E1:
•
Workaround: None. (CSCec43960)
•
Workaround: Configure fewer switch virtual interfaces (SVIs) in the startup configuration file. (CSCdx91258)
•
Workaround: Detach the ACL from one interface at a time (without deleting the ACL), and then reattach the ACL to that interface. (CSCdw28603)
Resolved Caveats in Software Release 12.1(23)E1
This section lists resolved caveats in Release 12.1(23)E1:
•
These attacks, which only affect sessions terminating or originating on a device itself, can be of three types:
1. Attacks that use ICMP "hard" error messages
2. Attacks that use ICMP "fragmentation needed and Don't Fragment (DF) bit set" messages, also known as Path Maximum Transmission Unit Discovery (PMTUD) attacks
3. Attacks that use ICMP "source quench" messagesSuccessful attacks may cause connection resets or reduction of throughput in existing connections, depending on the attack type.
Multiple Cisco products are affected by the attacks described in this Internet draft.
Cisco has made free software available to address these vulnerabilities. In some cases there are workarounds available to mitigate the effects of the vulnerability.
The disclosure of these vulnerabilities is being coordinated by the National Infrastructure Security Coordination Centre (NISCC), based in the United Kingdom. NISCC is working with multiple vendors whose products are potentially affected. (CSCed78149)
•
Workaround: Disable PMTU discovery. (CSCed78149)
•
All other device services will operate normally. Services such as packet forwarding, routing protocols and all other communication to and through the device are not affected.
Cisco will make free software available to address this vulnerability.
Workarounds, identified below, are available that protect against this vulnerability.
Open Caveats in Software Release 12.1(23)E
This section lists open caveats in Release 12.1(23)E:
•
Workaround: None. (CSCec43960)
•
Workaround: Configure fewer switch virtual interfaces (SVIs) in the startup configuration file. (CSCdx91258)
•
Workaround: Detach the ACL from one interface at a time (without deleting the ACL), and then reattach the ACL to that interface. (CSCdw28603)
Resolved Caveats in Software Release 12.1(23)E
This section lists resolved caveats in Release 12.1(23)E:
•
Cisco has made free software available to address these vulnerabilities for all affected customers. There are workarounds available to mitigate the effects of the vulnerability (see the "Workarounds" section of the full advisory for details.)
(CSC65285)•
Workaround: Replace the supervisor engine with packet memory errors. (CSCed61591)
Open Caveats in Software Release 12.1(22)E6
This section lists open caveats in Release 12.1(22)E6:
•
Workaround: None. (CSCec43960)
•
Workaround: Configure fewer switch virtual interfaces (SVIs) in the startup configuration file. (CSCdx91258)
•
Workaround: Detach the ACL from one interface at a time (without deleting the ACL), and then reattach the ACL to that interface. (CSCdw28603)
Resolved Caveats in Software Release 12.1(22)E6
This section lists resolved caveats in Release 12.1(22)E6:
•
Open Caveats in Software Release 12.1(22)E2
This section lists open caveats in Release 12.1(22)E2:
•
Workaround: None. (CSCec43960)
•
Workaround: Configure fewer switch virtual interfaces (SVIs) in the startup configuration file. (CSCdx91258)
•
Workaround: Detach the ACL from one interface at a time (without deleting the ACL), and then reattach the ACL to that interface. (CSCdw28603)
Resolved Caveats in Software Release 12.1(22)E2
This section lists resolved caveats in Release 12.1(22)E2:
•
show tech-support command, entering the latter command may also cause the switch to fail.Workaround: Avoid using both the show tech-support and show platform software interface all commands.
Release 12.1(22)E1 has been deferred for the Catalyst 4500 series switch because of this problem. (CSCee61402)
•
Support for the H.323 protocol was introduced in Cisco IOS software Release 11.3T, and all later Cisco IOS releases are affected if configured for various types of Voice/Multimedia Application support. The vulnerabilities can be exploited repeatedly to produce a denial of service (DoS).
There are workarounds available that may mitigate the impact, but these techniques may not be appropriate for use in all customer networks.
(CSCea46342, CSCin56408, CSCdx40184, CSCec76776, CSCdx76632, and CSCeb78836)
•
2d07h: %SYS-3-CPUHOG: Task ran for 8692 msec (0/0), process = Exec, PC = 128790.2d07h: %C4K_EBM-4-HOSTFLAPPING: Host 00:10:0B:10:B9:20 in vlan 200 is flapping between port Po2 and port Po1Workaround: None. (CSCdy21031)
•
Workaround: Use the SNMP GetNext command to retrieve the dot1dBridge MIB table entries, and specify a larger timeout value in the network management application. (CSCec02843)
•
Workaround: None. (CSCec59154)
•
Workaround: None. (CSCdz60995)
•
%C4K_CHASSIS-2-INSUFFICIENTFANSDETECTED: Too few working fans, the chassis will overheatIf the situation persists for five minutes, all modules are reset.
Workaround: Replace the fan tray within five minutes to avoid resetting the modules. (CSCdz50817)
•
Workaround: None. (CSCdz55274)
•
Workaround: None. (CSCea89330)
•
For example, you might want to set a boot variable to point to the cat4000-is-mz.121-12c.EW image, but you mistakenly type the first letter as an uppercase "C" instead of a lowercase "c" (for example,
boot system flash bootflash: Cat4000-is-mz.121-12c.EW). When you try to reload the switch, it will not boot because the boot variable is pointing to a nonexistent image.You will not be able to add the correct boot variable because the software perceives that it already exists and will not add it to the configuration.
Workaround: Remove the invalid boot variable, and add the correct one. (CSCeb05517)
•
Workaround: Disable or enable the port. (CSCeb06811)
Open Caveats in Software Release 12.1(20)E6
This section lists open caveats in Release 12.1(20)E6:
•
Workaround: None. (CSCec43960)
•
Workaround: Use the SNMP GetNext request to retrieve the dot1dBridge MIB table entries, and specify a larger timeout value in the network management application. (CSCec02843)
•
Workaround: None. (CSCec59154)
•
Workaround: Configure fewer switch virtual interfaces (SVIs) in the startup configuration file. (CSCdx91258)
•
Workaround: Detach the ACL from one interface at a time (without deleting the ACL), and then reattach the ACL to that interface. (CSCdw28603)
Resolved Caveats in Software Release 12.1(20)E6
This section lists resolved caveats in Release 12.1(20)E6:
•
These attacks, which only affect sessions terminating or originating on a device itself, can be of three types:
–
–
–
Successful attacks may cause connection resets or reduction of throughput in existing connections, depending on the attack type.
Multiple Cisco products are affected by the attacks described in this Internet draft.
Cisco has made free software available to address these vulnerabilities. In some cases there are workarounds available to mitigate the effects of the vulnerability.
The disclosure of these vulnerabilities is being coordinated by the National Infrastructure Security Coordination Centre (NISCC), based in the United Kingdom. NISCC is working with multiple vendors whose products are potentially affected. (CSCef60659)
•
These attacks, which only affect sessions terminating or originating on a bdevice itself, can be of three types:
–
–
–
Successful attacks may cause connection resets or reduction of throughput in existing connections, depending on the attack type.
Multiple Cisco products are affected by the attacks described in this Internet draft.
Cisco has made free software available to address these vulnerabilities. In some cases there are workarounds available to mitigate the effects of the vulnerability.
The disclosure of these vulnerabilities is being coordinated by the National Infrastructure Security Coordination Centre (NISCC), based in the United Kingdom. NISCC is working with multiple vendors whose products are potentially affected. Its posting can be found at:
http://www.niscc.gov.uk/niscc/docs/re-20050412-00303.pdf?lang=en. (CSCef44225)
•
These attacks, which only affect sessions terminating or originating on a device itself, can be of three types:
1. Attacks that use ICMP "hard" error messages
2. Attacks that use ICMP "fragmentation needed and Don't Fragment (DF) bit set" messages, also known as Path Maximum Transmission Unit Discovery (PMTUD) attacks
3. Attacks that use ICMP "source quench" messagesSuccessful attacks may cause connection resets or reduction of throughput in existing connections, depending on the attack type.
Multiple Cisco products are affected by the attacks described in this Internet draft.
Cisco has made free software available to address these vulnerabilities. In some cases there are workarounds available to mitigate the effects of the vulnerability.
The disclosure of these vulnerabilities is being coordinated by the National Infrastructure Security Coordination Centre (NISCC), based in the United Kingdom. NISCC is working with multiple vendors whose products are potentially affected. (CSCsa59600)
•
These attacks, which only affect sessions terminating or originating on a device itself, can be of three types:
–
–
–
Successful attacks may cause connection resets or reduction of throughput in existing connections, depending on the attack type.
Multiple Cisco products are affected by the attacks described in this Internet draft.
Cisco has made free software available to address these vulnerabilities. In some cases there are workarounds available to mitigate the effects of the vulnerability.
The disclosure of these vulnerabilities is being coordinated by the National Infrastructure Security Coordination Centre (NISCC), based in the United Kingdom. NISCC is working with multiple vendors whose products are potentially affected. (CSCef44699)
•
If your router configuration does not currently contain the command
ip flow-cache feature-accelerate, this change does not affect you.The removal of NetFlow Feature Acceleration does not affect any other aspects of Netflow operation, for example Access-list processing. The features are separate and distinct.
Cisco Express Forwarding (CEF) supercedes the deprecated NetFlow Feature Acceleration.
Additionally, the following MIB objects and OIDs have been deprecated and removed from the netflow mib (CISCO-NETFLOW-MIB):
cnfFeatureAcceleration 1.3.6.1.4.1.9.9.99999.1.3cnfFeatureAccelerationEnable 1.3.6.1.4.1.9.9.99999.1.3.1cnfFeatureAvailableSlot 1.3.6.1.4.1.9.9.99999.1.3.2cnfFeatureActiveSlot 1.3.6.1.4.1.9.9.99999.1.3.3cnfFeatureTable 1.3.6.1.4.1.9.9.99999.1.3.4cnfFeatureEntry 1.3.6.1.4.1.9.9.99999.1.3.4.1cnfFeatureType 1.3.6.1.4.1.9.9.99999.1.3.4.1.1cnfFeatureSlot 1.3.6.1.4.1.9.9.99999.1.3.4.1.2cnfFeatureActive 1.3.6.1.4.1.9.9.99999.1.3.4.1.3cnfFeatureAttaches 1.3.6.1.4.1.9.9.99999.1.3.4.1.4cnfFeatureDetaches 1.3.6.1.4.1.9.9.99999.1.3.4.1.5cnfFeatureConfigChanges 1.3.6.1.4.1.9.9.99999.1.3.4.1.6(CSCsa81379)
Open Caveats in Software Release 12.1(20)E3
This section lists open caveats in Release 12.1(20)E3:
•
Workaround: None. (CSCec43960)
•
Workaround: Use the SNMP GetNext request to retrieve the dot1dBridge MIB table entries, and specify a larger timeout value in the network management application. (CSCec02843)
•
Workaround: None. (CSCec59154)
•
Workaround: Configure fewer switch virtual interfaces (SVIs) in the startup configuration file. (CSCdx91258)
•
Workaround: Detach the ACL from one interface at a time (without deleting the ACL), and then reattach the ACL to that interface. (CSCdw28603)
Resolved Caveats in Software Release 12.1(20)E3
This section lists resolved caveats in Release 12.1(20)E3:
•
Cisco has made free software available to address these vulnerabilities for all affected customers. There are workarounds available to mitigate the effects of the vulnerability (see the "Workarounds" section of the full advisory for details.)
(CSCed65778)•
All Cisco products which contain TCP stack are susceptible to this vulnerability. (CSCed27956, CSCed38527, CSCed93836, CSCdz84583, and CSCeb52066)
vulnerability as it applies to Cisco products that run Cisco IOS® software.
•
The vulnerability is only present in certain IOS releases on Cisco routers and switches. This behavior was introduced via a code change and is resolved with CSCed68575.
This vulnerability can be remotely triggered. A successful exploitation of this vulnerability may cause a reload of the device and could be exploited repeatedly to produce a Denial of Service (DoS). (CSCed68575 and CSCed68573)
•
Conditions: This symptom is observed on a device that runs Cisco IOS software and that supports SNMP operations. In addition, the SNMP request must contain a valid community string.
Workaround: Protect the SNMP community strings with good password management. Permit SNMP traffic only from trusted devices. (CSCeb22276)
•
Conditions: This symptom is observed after ACLs have been updated dynamically or after the router has responded dynamically to an IDS signature.
Workaround: Disable IP Inspect and IDS. (CSCed35253)
Open Caveats in Software Release 12.1(20)E
This section lists open caveats in Release 12.1(20)E:
•
Workaround: None. (CSCec43960)
•
Workaround: Use the SNMP GetNext request to retrieve the dot1dBridge MIB table entries, and specify a larger timeout value in the network management application. (CSCec02843)
•
Workaround: None. (CSCec59154)
•
Workaround: Configure fewer switch virtual interfaces (SVIs) in the startup configuration file. (CSCdx91258)
•
Workaround: Detach the ACL from one interface at a time (without deleting the ACL), and then reattach the ACL to that interface. (CSCdw28603)
Resolved Caveats in Software Release 12.1(20)E
This section lists resolved caveats in Release 12.1(20)E:
•
•
Support for the H.323 protocol was introduced in Cisco IOS software Release 11.3T, and all later Cisco IOS releases are affected if configured for various types of Voice/Multimedia Application support. The vulnerabilities can be exploited repeatedly to produce a denial of service (DoS).
There are workarounds available that may mitigate the impact, but these techniques may not be appropriate for use in all customer networks.
(CSCea46342, CSCin56408, CSCdx40184, CSCec76776, CSCdx76632, and CSCeb78836)
•
2d07h: %SYS-3-CPUHOG: Task ran for 8692 msec (0/0), process = Exec, PC = 128790.2d07h: %C4K_EBM-4-HOSTFLAPPING: Host 00:10:0B:10:B9:20 in vlan 200 is flapping between port Po2 and port Po1Workaround: None. (CSCdy21031)
•
Workaround: None. (CSCdz60995)
•
%C4K_CHASSIS-2-INSUFFICIENTFANSDETECTED: Too few working fans, the chassis will overheatIf the situation persists for five minutes, all modules are reset.
Workaround: None. Do not leave a chassis operational without a fan tray for more than 5 minutes. (CSCdz50817)
•
Workaround: None. (CSCdz55274)
•
Workaround: None. (CSCea89330)
•
For example, you might want to set a boot variable to point to the cat4000-is-mz.121-12c.EW image, but you mistakenly type the first letter as an uppercase "C" instead of as lowercase "c" (for example,
boot system flash bootflash: Cat4000-is-mz.121-12c.EW). When you try to reload the switch, it will not boot because the boot variable is pointing to a nonexistent image.You will not be able to add the correct boot variable because the software perceives that it already exists and will not add it to the configuration.
Workaround: Remove the invalid boot variable, and add the correct one. (CSCeb05517)
•
Workaround: Disable or enable the port. (CSCeb06811)
Open Caveats in Software Release 12.1(19)E
This section lists open caveats in Release 12.1(19)E.
•
Workaround: Configure fewer switch virtual interfaces (SVIs) in the startup configuration file. (CSCdx91258)
•
2d07h: %SYS-3-CPUHOG: Task ran for 8692 msec (0/0), process = Exec, PC = 128790.2d07h: %C4K_EBM-4-HOSTFLAPPING: Host 00:10:0B:10:B9:20 in vlan 200 is flapping between port Po2 and port Po1Workaround: None. (CSCdy21031)
•
Workaround: Detach the ACL from one interface at a time (without deleting the ACL), and then reattach the ACL to that interface. (CSCdw28603)
•
Workaround: None. (CSCdz60995)
•
%C4K_CHASSIS-2-INSUFFICIENTFANSDETECTED: Too few working fans, the chassis will overheatIf the situation persists for 5 minutes, all modules are reset.
Workaround: None. Do not leave a chassis operational without a fan tray for more than 5 minutes. (CSCdz50817)
•
Workaround: None. (CSCdz55274)
•
Workaround: None. (CSCea89330)
•
For example, you may want to set a boot variable to point to the cat4000-is-mz.121-12c.EW image, but you mistakenly type the first letter as upper case C instead of as lowercase c (for example,
boot system flash bootflash: Cat4000-is-mz.121-12c.EW). When you try to reload the switch it will not boot because the boot variable is pointing to a nonexistent image.You will not be able to add the correct boot variable because the software perceives that it already exists and will not add it to the configuration.
Workaround: Remove the invalid boot variable, and add the correct one. (CSCeb05517)
•
Workaround: Disable or enable the port. (CSCeb06811)
Resolved Caveats in Software Release 12.1(19)E
This section lists resolved caveats in Release 12.1(19)E.
•
Workaround: Cisco has made software available, free of charge, to correct the problem. (CSCdz71127, CSCea02355)
•
Workaround: Use the spanning-tree bpduguard enable interface command to enable BPDU guard, which will detect any BPDUs received on private VLAN trunk ports. (CSCdx62226)
•
Workaround: Do not use the VLAN configuration shutdown and no shutdown commands to disable secondary VLANs. To disable secondary VLANs, delete and recreate the secondary VLAN with the proper VLAN type and association configuration. (CSCdy22082)
•
Workaround: If IP packets can be fragmented in your network, program ACLs in the VLAN map without any Layer 4 information. (CSCdx84696)
•
Workaround: None. (CSCdz89143)
•
Workaround: Wait at least 5 seconds, and then delete an existing user-configured VLAN and enter the no shut command on the Layer 3 physical interface. (CSCdz56613)
•
Workaround: None. (CSCdz49171)
•
Workaround: None. (CSCdz89123)
•
Workaround: None. (CSCdy80025)
Open Caveats in Software Release 12.1(14)E1
This section lists open caveats in Release 12.1(14)E1.
•
Workaround: Configure fewer switch virtual interfaces (SVIs) in the startup configuration file. (CSCdx91258)
•
2d07h: %SYS-3-CPUHOG: Task ran for 8692 msec (0/0), process = Exec, PC = 128790.2d07h: %C4K_EBM-4-HOSTFLAPPING: Host 00:10:0B:10:B9:20 in vlan 200 is flapping between port Po2 and port Po1Workaround: None. (CSCdy21031)
•
Workaround: Use the spanning-tree bpduguard enable interface command to enable BPDU guard, which will detect any BPDUs received on private VLAN trunk ports. (CSCdx62226)
•
Workaround: Do not use the shutdown and no shutdown VLAN configuration command to disable secondary VLANs. To disable secondary VLANs, delete and recreate the secondary VLAN with the proper VLAN type and association configuration. (CSCdy22082)
•
Workaround: If IP packets can be fragmented in your network, program ACLs in the VLAN map, without any Layer 4 information. (CSCdx84696)
•
Workaround: Detach the ACL from one interface at a time (without deleting the ACL), and then reattach the ACL to that interface. (CSCdw28603)
•
Workaround: None. (CSCdy80025)
•
Workaround: None. (CSCdz89143)
•
Workaround: Wait at least 5 seconds, delete an existing user-configured VLAN, and then enter the no shut command on the Layer 3 physical interface.(CSCdz56613)
•
Workaround: None. (CSCdz60995)
•
%C4K_CHASSIS-2-INSUFFICIENTFANSDETECTED: Too few working fans, the chassis will overheatIf the situation persists for five minutes, all modules are reset.
Workaround: None. Do not leave a chassis operational without a fan tray for more than 5 minutes. (CSCdz50817)
•
Workaround: None. (CSCdz55274)
•
Workaround: None. (CSCdz49171)
•
Workaround: None. (CSCdz89123)
Resolved Caveats in Software Release 12.1(14)E1
This section lists resolved caveats in Release 12.1(14)E1.
•
Workaround: To ensure that the ports operate as normal trunks, enter the shutdown and no shutdown commands after configuring the ports as normal trunks. (CSCdy40311)
•
If this situation occurs, the following message is displayed on the active supervisor engine:
C4K_REDUNDANCY-4-CONFIGSYNCFAIL: Persistent-config Sync to Standby Supervisor failedThe following messages are displayed on the standby supervisor engine:
C4k_REDUNDANCY-6-SWITCHOVER: Switchover activity detected, changing role from STANDBY to ACTIVEC4K_REDUNDANCY-6-INIT: Initializing as ACTIVE supervisorWorkaround: Keep your startup-config file small. (CSCdy02031)
•
Workaround: Do not configure 802.1X on PVLAN ports. (CSCdy23098)
•
Workaround: None. (CSCdz37046)
•
Workaround: To add the VLAN interface to the routing table, either enter the clear ip route command or the shutdown and the noshutdown command on the VLAN interface. (CSCdz46944)
•
Workaround: None. (CSCdz24084)
•
Workaround: None. (CSCdz56298)
•
Workaround: Enter the shutdown and the shutdown commands on the port. (CSCdy17476)
•
Workaround: Ensure that some VLANs are available when you enable routed port channels. (CSCdz39541)
•
Nov 15 14:33:22 EST: %C4K_EBM-4-HOSTFLAPPING: Host 00:09:11:3D:7F:FC in vlan 204 is flapping between port Fa5/18 and port Gi1/1Nov 15 14:33:36 EST: %SPANTREE-2-RECV_PVID_ERR: Received BPDU with inconsistent peer vlan id 204 on FastEthernet5/18 VLAN4.Nov 15 14:33:36 EST: %SPANTREE-2-BLOCK_PVID_PEER: Blocking FastEthernet5/18 on VLAN204. Inconsistent peer vlan.Nov 15 14:33:36 EST: %SPANTREE-2-BLOCK_PVID_LOCAL: Blocking FastEthernet5/18 on VLAN4. Inconsistent local vlan.Workaround: Apply external power to the phone. (CSCdz34648)
Troubleshooting
These sections provide troubleshooting guidelines for the Catalyst 4006 with Supervisor Engine III:
•
•
Recovering from Loss of the Boot Loader Image
If you lose the boot loader image, you can recover it by using one of the following methods:
1.
rommon 1> boot slot0:<bootable_image>2.
The ROMMON TFTP boot is similar to the BOOTLDR TFTP boot, except for the following:
–
–
To boot from the ROMMON, perform the following tasks while in ROMMON mode:
a.
b.
c.
For example, to set the supervisor Ethernet port with an IP address 172.16.1.5 and IP mask 255.255.255.0.0, enter the following command:
rommon 2> set interface fa1 172.16.1.5 255.255.0.0d.
e.
f.
For example, to boot the image name cat4000-is-mz.160 located on the TFTP server 172.16.1.8, enter the following command:
rommon 3> boot tftp://172.16.1.8/tftpboot/cat4000-is-mzTroubleshooting at the System Level
The following guidelines are for troubleshooting system-level problems on the Catalyst 4500 series switches:
•
•
Troubleshooting Modules
The following guidelines are for troubleshooting modules on the Catalyst 4500 series switches:
•
•
Troubleshooting MIBs
For general information on MIBs, RMON groups, and traps, refer to the Cisco public MIB directory (http://www.cisco.com/public/sw-center/netmgmt/cmtk/mibs.shtml). For information on the specific MIBs supported by the Catalyst 4500 series switches, refer to the Catalyst 4000 IOS MIB Support List located at ftp://ftp.cisco.com/pub/mibs/supportlists/cat4000/cat4000-supportlist.html.
Documentation Updates
Because this is an E train release there are no documentation updates for this and all prior releases on the train.
Related Documentation
Although their Release Notes are unique, the 4 platforms (Catalyst 4500, Catalyst 4900, Catalyst ME 4900, and Catalyst 4900M) use the same Software Configuration Guide, Command Reference Guide, and System Message Guide. Refer to the following home pages for additional information:
•
http://www.cisco.com/go/cat4500/docs
•
m
•
http://www.cisco.com/en/US/products/ps7009/tsd_products_support_series_home.html
Hardware Documents
Installation guides and notes including specifications and relevant safety information are available at the following URLs:
•
•
•
http://www.cisco.com/en/US/products/hw/switches/ps4324/prod_installation_guides_list.html
•
•
http://www.cisco.com/en/US/products/hw/switches/ps4324/prod_installation_guides_list.html
•
http://www.cisco.com/en/US/products/ps6021/prod_installation_guides_list.html
•
http://www.cisco.com/en/US/products/ps7009/prod_installation_guides_list.html
Software Documentation
Software release notes, configuration guides, command references, and system message guides are available at the following URLs:
•
http://www.cisco.com/en/US/products/hw/switches/ps4324/prod_release_notes_list.html
•
http://www.cisco.com/en/US/products/ps6021/prod_release_notes_list.html
•
http://www.cisco.com/en/US/docs/switches/lan/catalyst4500/release/note/OL_11511.html
Software documents for the Catalyst 4500 Classic, Catalyst 4500 E-Series, Catalyst 4900, and
Cisco ME 4900 Series Ethernet Switches are available at the following URLs:•
•
http://www.cisco.com/en/US/products/hw/switches/ps4324/prod_command_reference_list.html
•
http://www.cisco.com/en/US/products/hw/switches/ps4324/products_system_message_guides_list.html
Cisco IOS Documentation
Platform-independent Cisco IOS documentation may also apply to the Catalyst 4500 and 4900 switches. These documents are available at the following URLs:
•
http://www.cisco.com/en/US/products/ps6350/products_installation_and_configuration_guides_list.html
•
http://www.cisco.com/en/US/products/ps6350/prod_command_reference_list.html
You can also use the Command Lookup Tool at:
http://tools.cisco.com/Support/CLILookup/cltSearchAction.do
•
http://www.cisco.com/en/US/products/ps6350/products_system_message_guides_list.html
You can also use the Error Message Decoder tool at:
http://www.cisco.com/pcgi-bin/Support/Errordecoder/index.cgi
•
http://www.cisco.com/public/sw-center/netmgmt/cmtk/mibs.shtml
Obtaining Documentation and Submitting a Service Request
For information on obtaining documentation, using the Cisco Bug Search Tool (BST), submitting a service request, and gathering additional information, see What's New in Cisco Product Documentation at: http://www.cisco.com/en/US/docs/general/whatsnew/whatsnew.html.
Subscribe to What's New in Cisco Product Documentation, which lists all new and revised Cisco technical documentation, as an RSS feed and deliver content directly to your desktop using a reader application. The RSS feeds are a free service.
This document is to be used in conjunction with the documents listed in the "Related Documentation" section.
Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this URL: www.cisco.com/go/trademarks. Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1110R)
Release Notes for Catalyst 4500 Series Switch Cisco IOS Release 12.1E
Copyright © 2005. Cisco Systems, Inc. All rights reserved.
FeedbackContact Cisco
- Open a Support Case
- (Requires a Cisco Service Contract)