The error explanation and action has changed for this system message:. Explanation The aggregation port is down. The port remains standalone until the aggregation port is up.
The first [chars] is the EtherChannel. The second [chars] is the port number. Recommended Action Ensure that the other ports in the bundle have the same configuration. Note This message applies only to the Catalyst and switches. Explanation The inline-power-controller reported an error on an interface. Recommended Action Enter the shutdown and no shutdown interface configuration commands on the affected interfaces.
Cisco Ethernet Switches are equipped with cooling mechanisms, such as fans and blowers. However, these fans and blowers can draw dust and other particles, causing contaminant buildup inside the chassis, which can result in a system malfunction. You must install this equipment in an environment as free as possible from dust and foreign conductive material such as metal flakes from construction activities.
These standards provide guidelines for acceptable working environments and acceptable levels of suspended particulate matter:. This applies to all Cisco Ethernet switches except for these compact models:.
The Express Setup configuration windows were updated in the getting started guide. This is the complete procedure:. When you first set up the switch, you should use Express Setup to enter the initial IP information. This enables the switch to connect to local routers and the Internet. You can then access the switch through the IP address for further configuration.
Power the switch by connecting the supplied AC power cord to the switch power connector and to a grounded AC outlet. When the switch powers on, it begins the power-on self-test POST. Wait for the switch to complete POST, which can take several minutes. POST errors are usually fatal. Press and hold the Mode button for 3 seconds. If the LEDs left of the Mode button begin to blink after you press the button, release it.
Blinking LEDs mean that the switch has already been configured and cannot go into Express Setup mode. Connect the other end of the cable to the Ethernet port on your PC. Start a web browser on your PC.
Enter the IP address The Express Setup page appears. Enter this information in the Network Settings fields:. In the Default Gateway field, enter the IP address for the default gateway router. Enter your password in the Switch Password field. The password can be from 1 to 25 alphanumeric characters, can start with a number, is case sensitive, allows embedded spaces, but does not allow spaces at the beginning or end. In the Confirm Switch Password field, enter your password again.
Optional You can enter the Optional Settings information now or enter it later by using the device manager interface:. Optional Click the Advanced Settings tab on the Express Setup window, and enter the advanced settings now or enter them later by using the device manager interface.
Optional Enter this information in the Advanced Setting fields:. To complete Express Setup, click Submit from the Basic Settings or the Advanced Settings tab to save your settings, or click Cancel to clear your settings. When you click Submit , the switch is configured and exits Express Setup mode.
The PC displays a warning message and tries to connect with the new switch IP address. If you configured the switch with an IP address that is in a different subnet from the PC, connectivity between the PC and the switch is lost. Disconnect the switch from the PC, and install the switch in your production network. These documents provide complete information about the Catalyst , , , and switches and the Cisco EtherSwitch service modules and are available at Cisco. These documents provide complete information about the Catalyst switches and the Cisco EtherSwitch service modules:.
These documents provide complete information about the Catalyst switches:. Note The above getting started guide, orderable in print, provides information in all supported languages. Listed below are online-only getting started guides in the individual languages. For other information about related products, see these documents:. Skip to content Skip to search Skip to footer. Available Languages. Download Options.
Updated: December 24, Hardware Requirements Table 2 lists the minimum hardware requirements for running the device manager. We recommend Intel Pentium 4. Software Requirements Table 3 lists the supported operating systems and browsers for using the device manager.
Microsoft Internet Explorer Cluster Compatibility You cannot create and manage switch clusters through the device manager. When creating a switch cluster or adding a switch to a cluster, follow these guidelines: When you create a switch cluster, we recommend configuring the highest-end switch in your cluster as the command switch.
If you are managing the cluster through Network Assistant, the switch with the latest software should be the command switch. The standby command switch must be the same type as the command switch. For example, if the command switch is a Catalyst switch, all standby command switches must be Catalyst switches. Upgrading the Switch Software These are the procedures for downloading software.
Deciding Which Files to Use The upgrade procedures in these release notes describe how to perform the upgrade by using a combined tar file. Compatible Controller Software Release. To download software, follow these steps: Step 1 Use Table 5 to identify the file that you want to download.
The bootloader can take up to 1 minute to upgrade the first time that the new software is loaded. Do not power cycle the switch during the bootloader upgrade. Switch ping tftp-server-address. Installation Notes You can assign IP information to your switch by using these methods: The Express Setup program , as described in the switch getting started guide.
The CLI-based setup program, as described in the switch hardware installation guide. The DHCP-based autoconfiguration, as described in the switch software configuration guide. Manually assigning an IP address, as described in the switch software configuration guide. Catalyst and Switches These are the new features for the Catalyst and switches. Minimum Cisco IOS Release for Major Features Table 7 lists the minimum software release required to support the major features of the Catalyst , , , and switches and the Cisco EtherSwitch service modules.
Limitations and Restrictions You should review this section before you begin working with the switch. This problem occurs under these conditions: — When the switch is booted up without a configuration no config.
CSCec Catalyst or switches and Cisco EtherSwitch service modules When you change a port from a nonrouted port to a routed port or the reverse, the applied auto-QoS setting is not changed or updated when you verify it by using the show running interface or show mls qos interface user EXEC commands. These are the workarounds: 1. Disable auto-QoS on the interface. This is a hardware limitation. The problem is observed only when the switch is receiving frames.
Any log entries that are still in the log buffer have not been output as a system message on a switch that fails are lost. CSCed When port security is enabled on an interface in restricted mode and the switchport block unicast interface command has been entered on that interface, MAC addresses are incorrectly forwarded when they should be blocked The workaround is to enter the no switchport block unicast interface configuration command on that specific interface.
The switch rejects a CLI command to change the baud rate. Packets arriving at these ports before the switch software is completely loaded are lost. This is a hardware limitation when the switch uses small form-factor pluggable SFP modules with copper connections.
CSCeh When the logging event-spanning-tree interface configuration command is configured and logging to the console is enabled, a topology change might generate a large number of logging messages, causing high CPU utilization.
CPU utilization can increase with the number of spanning-tree instances and the number of interfaces configured with the logging event-spanning-tree interface configuration command. This condition adversely affects how the switch operates and could cause problems such as STP convergence delay. Use one of these workarounds: — Disable logging to the console. If the internal Gigabit Ethernet interface on a Cisco EtherSwitch service module connected to the router is configured as a switch port in access mode or in trunk mode, the internal link is not operational until it reaches the STP forwarding state.
Therefore, the PoE that comes from the host router is also not available until the internal Gigabit Ethernet link reaches the STP forwarding state. This is due to STP convergence time. This problem does not occur on routed ports. Traffic on EtherChannel ports is not perfectly load-balanced. Egress traffic on EtherChannel ports are distributed to member ports on load balance configuration and traffic characteristics like MAC or IP address.
More than one traffic stream may map to same member ports based on hashing results calculated by the ASIC. Use any of these workarounds to improve EtherChannel load balancing: — for random source-ip and dest-ip traffic, configure load balance method as src-dst-ip — for incrementing source-ip traffic, configure load balance method as src-ip — for incrementing dest-ip traffic, configure load balance method as dst-ip — Configure the number of ports in the EtherChannel so that the number is equal to a power of 2 i.
CSCdw Catalyst or switches and Cisco EtherSwitch service modules Known unicast secured addresses are flooded within a bridge group if secure addresses are learned or configured on a port and the VLAN on this port is part of a bridge group.
Non-IP traffic destined to the secure addresses is flooded within the bridge group. The workaround is to disable fallback bridging or to disable port security on all ports in all VLANs participating in fallback bridging. To remove an interface from a bridge group and to remove the bridge group, use the no bridge-group bridge-group interface configuration command.
To disable port security on all ports in all VLANs participating in fallback bridging, use the no switchport port-security interface configuration command. The workaround is to not set an ARP timeout value lower than seconds. CSCea When the rate of received DHCP requests exceeds 2, packets per minute for a long time, the response time might be slow when you are using the console.
The workaround is to use rate limiting on DHCP traffic to prevent a denial of service attack from occurring. These access points should be discovered as Cisco pre-standard devices. The workaround is to power the access point by using an AC wall adaptor. Because learning is restricted on IEEE No workaround is necessary. The switch grants power only when the maximum wattage configured on the port is less than or equal to the IEEE class maximum. This ensures that the switch power budget is not oversubscribed.
There is no such mechanism in Cisco prestandard powered devices. Multicasting These are the multicasting limitations: Catalyst or switches and Cisco EtherSwitch service modules The switch does not support tunnel interfaces for unicast routed traffic. Because unnecessary traffic is sent on the trunk port, it reduces the bandwidth of the port. There is no workaround for this problem because non-RPF traffic is continuous in certain topologies.
CSCdu If the number of multicast routes and Internet Group Management Protocol IGMP groups are more than the maximum number specified by the show sdm prefer global configuration command, the traffic received on unknown groups is flooded in the received VLAN even though the show ip igmp snooping multicast-table privileged EXEC command output shows otherwise. The workaround is to reduce the number of multicast routes and IGMP snooping groups to less than the maximum supported value.
It is not applied to packets that are forwarded through software. Hence, with multicast routing enabled, the first few packets are sent from a port even when IGMP filtering is set to deny those groups on that port. This provides reachability to directly connected clients, if any, in the VLAN. CSCdz Catalyst switch stack If the stack master is power cycled immediately after you enter the ip mroute global configuration command, there is a slight chance that this configuration change might be lost after the stack master changes.
This occurs because the stack master did not have time to propagate the running configuration to all the stack members before it was powered down. This problem might also affect other configuration commands. IP PIM is not supported on tunnel interfaces. CSCee Incomplete multicast traffic can be seen under either of these conditions: — You disable IP multicast routing or re-enable it globally on an interface.
CSCef After you configure a switch to join a multicast group by entering the ip igmp join-group group-address interface configuration command, the switch does not receive join packets from the client, and the switch port connected to the client is removed from the IGMP snooping forwarding table. Use one of these workarounds: — Cancel membership in the multicast group by using the no ip igmp join-group group-address interface configuration command on an SVI.
The remaining power shown is available for allocation to switching ports on all Cisco EtherSwitch service modules in the router. To display the total power used by a specific EtherSwitch service module, enter the show power inline command on the router. This output appears: Router show power inline. PowerSupply SlotNum. Maximum Allocated Status.
INT-PS 0 QoS These are the quality of service QoS limitations: Some switch queues are disabled if the buffer size or threshold level is set too low with the mls qos queue-set output global configuration command. The ratio of buffer size to threshold level should be greater than 10 to avoid disabling the queue. The workaround is to choose compatible buffer sizes and threshold levels. Instead, the switch uses shaped round robin SRR as the queuing mechanism.
The auto-QoS feature is designed on each platform based on the feature set and hardware limitations, and the queuing mechanism supported on each platform might be different. Routing These are the routing limitations: Catalyst or switches and Cisco EtherSwitch service modules The switch does not support tunnel interfaces for unicast routed traffic. The switch rejects this configuration and displays a message that the route map is unsupported.
This limitation does not apply to bridged packets. The workaround for local SPAN is to use the replicate option. For a remote SPAN session, there is no workaround. This problem does not appear with local SPAN when the encapsulation replicate option is used. The workaround is to use the encapsulate replicate keywords in the monitor session global configuration command. Otherwise, there is no workaround.
The amount of degradation depends on the processor loading. Typically, the switch can egress SPAN at up to 40, packets per second byte packets. As long as the total traffic being monitored is below this limit, there is no degradation. However, if the traffic being monitored exceeds the limit, only a portion of the source stream is spanned.
In all cases, normal traffic is not affected; the degradation limits only how much of the original source stream can be egress spanned.
If fallback bridging and multicast routing are disabled, egress SPAN is not degraded. If possible, disable fallback bridging and multicast routing. If possible, use ingress SPAN to observe the same traffic.
Ingress-spanning of such packets is not accurate and can vary with the traffic rate. Typically, very few or none of these packets are spanned. Stacking Catalyst or Cisco EtherSwitch service module switch stack only These are the Catalyst and Cisco EtherSwitch service module switch stack limitations: If the stack master is immediately reloaded after adding multiple VLANs, the new stack master might fail. The workaround is to wait a few minutes after adding VLANs before reloading the stack master.
CSCea If the console speed is changed on a stack, the configuration file is updated, but the baud rate is not. When the switch is reloaded, meaningless characters might appear on the console during bootup before the configuration file is parsed and the console speed is set to the correct value. If manual bootup is enabled or the startup configuration is deleted after you change the console speed, you cannot access the console after the switch reboots. CSCed If a stack member is removed from a stack and either the configuration is not saved or another switch is added to the stack at the same time, the configuration of the first member switch might be lost.
The workaround is to save the stack configuration before removing or replacing any switch in the stack. CSCed When the switchport and no switchport interface configuration commands are entered more than 20, times on a port of a Catalyst switch or on a Cisco EtherSwitch service module, all available memory is used, and the switch halts.
This only impacts traffic that will be routed through the switch that is being reloaded. CSCee Port configuration information is lost when changing from switchport to no switchport modes on Catalyst switches. CSCee If one switch in a stack of Catalyst switches requires more time than the other switches to find a bootable image, it might miss the stack master election window.
However, even if the switch does not participate in the stack master election, it will join the stack as a member. CSCei When the path cost to the root bridge is equal from a port on a stacked root and a port on a non stack root, the BLK port is not chosen correctly in the stack when the designated bridge priority changes. CSCsd When a stack of switches is configured with a Cross-Stack EtherChannel and one of the physical ports in the EtherChannel has a link-up or a link-down event, the stack might transmit duplicate packets across the EtherChannel.
The problem occurs during the very brief interval while the switch stack is adjusting the EtherChannel for changing conditions and adapting the load balance algorithm to the new set of active physical ports. CSCse If a new member switch joins a switch stack within 30 seconds of a command to copy the switch configuration to the running configuration of the stack master being entered, the new member might not get the latest running configuration and might not operate properly.
If a Catalyst switch stack is connected to a designated bridge and the root port of the switch stack is on a different switch than the alternate root port, changing the port priority of the designated ports on the designated bridge has no effect on the root port selection for the Catalyst switch stack. Valid IEEE Enable port security on one or more of the ports affected by the private VLAN configuration. Device Manager Limitations These are the device manager limitations: When you are prompted to accept the security certificate and you click No , you only see a blank screen, and the device manager does not launch.
The Catalyst and switches do not support switch stacking. However, the show processes privileged EXEC command still lists stack-related processes. This occurs because these switches share common code with other switches that do support stacking. Catalyst switches and Cisco EtherSwitch service modules can be in the same switch stack. Failure to re-enable IEEE AutoQoS Error: ciscophone input service policy was not properly applied. Device Manager Notes These notes apply to the device manager: You cannot create and manage switch clusters through the device manager.
When the switch is running a localized version of the device manager, the switch displays settings and status only in English letters. Input entries on the switch can only be in English letters. For device manager session on Internet Explorer, popup messages in Japanese or in simplified Chinese can appear as garbled text. We recommend this browser setting to speed up the time needed to display the device manager from Microsoft Internet Explorer. From Microsoft Internet Explorer: 1. Click OK. The HTTP server interface must be enabled to display the device manager.
By default, the HTTP server is enabled on the switch. Open Caveats This section describes the open caveats with possible unexpected activity in this software release. Unless otherwise noted, these severity 3 Cisco IOS configuration caveats apply to the Catalyst , , , and switches and to Cisco EtherSwitch service modules: CSCef Cisco EtherSwitch service modules Phone detection events that are generated by many IEEE phones connected to the switch ports can consume a significant amount of CPU time if the switch ports cannot power the phones because the internal link is down.
CSCeh Cisco EtherSwitch service modules When connected to the router through an auxiliary port in a session to a Cisco EtherSwitch service module, the service module session fails when you enter the shutdown and the no shutdown interface configuration commands on the service module router interface.
These are the workarounds: — Reload the router. Resolved Caveats This section describes the caveats that have been resolved in this release: Unless otherwise noted, these resolved caveats apply to the Catalyst , , , and switches and the Cisco EtherSwitch service modules. SSM Components Overview SSM is a datagram delivery model that best supports one-to-many applications, also known as broadcast applications.
Incoming messages related to RPT operations are ignored or rejected, and incoming PIM register messages are immediately answered with register-stop messages. Address Management Restrictions Address management is still necessary to some degree when SSM is used with Layer 2 switching mechanisms. Configuring Embedded Event Manager New Chapter This chapter describes how to use the embedded event manager EEM to monitor and manage the Catalyst or switch and how to configure it.
Understanding Embedded Event Manager The embedded event manager EEM monitors key system events and then acts on them though a set policy. EEM supports these actions: Modifying a named counter. Publishing an application-specific event. Generating an SNMP trap. Generating prioritized syslog messages. Reloading the Cisco IOS software. Reloading the switch stack. Catalyst only Reloading the active switch in the event of a changeover of the active switch.
If this occurs, a new active switch is elected. Embedded Event Manager Policies EEM can monitor events and provide information, or take corrective action when the monitored events occur or a threshold is reached. This process is transparent to the end user and utilizes a prepopulated database.
During this period, a per-port local policy can be applied until the servers become available again. Table 1. Supported Features. The user will be able to control GOLD on all units in a stack from the primary switch. Table 2. MIB Object Type. Object Description. Access lists can be used to control which broadcasts are forwarded. This image has the Kerberos and SSH 1 features. You can upgrade switch software by using CMS. For detailed instructions, click Help. This procedure is for copying the combined tar file to the switch.
You copy the file to the switch from a TFTP server and extract the files. You can download an image file and replace or keep the current image. Step 1 Use Table 3 to identify the file that you want to download. Step 2 Download the software image file. To download the image for a Catalyst switch, select Catalyst software. To obtain authorization and to download the cryptographic software files, select Catalyst 3DES Cryptographic Software.
For more information, refer to Appendix B in the software configuration guide for this release. Step 4 Log into the switch through the console port or a Telnet session.
For more information about assigning an IP address and default gateway to the switch, refer to the software configuration guide for this release. If you are installing the same version of software that is currently on the switch, overwrite the current image by using the archive download privileged EXEC command:. Directory and image names are case sensitive.
This example shows how to download an image from a TFTP server at For detailed recovery procedures, refer to the "Troubleshooting" chapter in the software configuration guide for this release. These sections describe the new supported hardware and the new software features provided in this release:. For a list of all supported hardware, see the "Hardware Supported" section. For a list of default settings after initial switch configuration, including default settings that are changed in Cisco IOS Release Note Smartports macros are referred to as SmartPort macros in the software configuration guide and in the command reference.
Table 4 lists the minimum software release required to support the major features of the Catalyst and switches. You should review this section before you begin working with the switch. These are known limitations that will not be fixed, and there is not always a workaround.
Some features might not work as documented, and some features could be affected by recent changes to the switch hardware or software. The workaround is to reconfigure the static IP address.
In Table 1 , No means that port security cannot be enabled on a port on the referenced switch if the referenced feature is also running on the same port. Yes means that both port security and the referenced feature can be enabled on the same port on a switch at the same time. A dash means not applicable. DTP 1 port 2. When the active switch fails in a switch cluster that uses HSRP redundancy, the new active switch might not contain a full cluster member list.
The workaround is to ensure that the ports on the standby cluster members are not in the Spanning Tree Protocol STP blocking state. To verify that these ports are not in the blocking state, refer to the "Configuring STP" chapter in the software configuration guide.
There is no workaround. The link activates correctly, but might subsequently stop exchanging data. This is an Intel product defect. You can also use the speed interface configuration command to force the speed of the port to Mbps. When the rate of received DHCP requests exceeds 2, packets per minute for a long time, the response time might be slow when you are using the console. The workaround is to use rate limiting on DHCP traffic to prevent a denial of service attack from occurring.
MAC addresses are deleted manually or automatically when a topology occurs or when port security or an Because learning is restricted on No workaround is necessary. The workaround is to reduce the number of multicast routes and IGMP snooping groups to less than the maximum supported value. It is not applied to packets that are forwarded through software. Hence, with multicast routing enabled, the first few packets are sent from a port even when IGMP filtering is set to deny those groups on that port.
Some switch queues are disabled if the buffer size or threshold level is set too low with the mls qos queue-set output global configuration command. The ratio of buffer size to threshold level should be greater than 10 to avoid disabling the queue. The workaround is to choose compatible buffer sizes and threshold levels.
Valid If the number of VLANs times the number of trunk ports exceeds the recommended limit of 13,, the switch can fail. The workaround is to reduce the number of VLANs or trunks. These are the workarounds:. Disable auto-QoS on the interface. Change the routed port to a nonrouted port or the reverse. Re-enable auto-QoS on the interface. The workaround is to not set an ARP timeout value lower than seconds. Non-IP traffic destined to the secure addresses is flooded within the bridge group. The workaround is to disable fallback bridging or to disable port security on all ports in all VLANs participating in fallback bridging.
To remove an interface from a bridge group and to remove the bridge group, use the no bridge-group bridge-group interface configuration command. To disable port security on all ports in all VLANs participating in fallback bridging, use the no switchport port-security interface configuration command. Because unnecessary traffic is sent on the trunk port, it reduces the bandwidth of the port.
There is no workaround for this problem because non-RPF traffic is continuous in certain topologies. This provides reachability to directly connected clients, if any, in the VLAN. This occurs because the stack master did not have time to propagate the running configuration to all the stack members before it was powered down. This problem might also affect other configuration commands.
The Catalyst rejects this configuration and displays the following an error message that the route map is unsupported. This error message means there is a temporary memory shortage which normally recovers by itself.
You can verify that the switch stack has recovered by entering the show cef line user EXEC command and verifying that the line card states are up and sync. No workaround is required because the problem is self-correcting. This limitation does not apply to bridged packets. The workaround for local SPAN is to use the replicate option.
For a remote SPAN session, there is no workaround. This is a hardware limitation. This problem does not appear with local SPAN when the encapsulation replicate option is used. The workaround is to use the encapsulate replicate keywords in the monitor session global configuration command. Otherwise, there is no workaround. The amount of degradation depends on the processor loading.
Typically, the switch can egress SPAN up to 40, packets per second byte packets. As long as the total traffic being monitored is below this limit, there is no degradation. However, if the traffic being monitored exceeds the limit, only a portion of the source stream is spanned. In all cases, normal traffic is not affected; the degradation limits only how much of the original source stream can be egress spanned.
If fallback bridging and multicast routing are disabled, egress SPAN is not degraded. If possible, disable fallback bridging and multicast routing. If possible, use ingress SPAN to observe the same traffic.
Ingress-spanning of such packets is not accurate and can vary with traffic rate. Typically, very few or none of these packets are spanned. If a Catalyst switch stack is connected to a designated bridge and the root port of the switch stack is on a different switch than the alternate root port, changing the port priority of the designated ports on the designated bridge has no effect on the root port selection for the Catalyst switch stack.
The workaround is to wait a few minutes after adding VLANs before reloading the stack master. This occurs because the switch running the cryptographic EMI takes 10 seconds longer to start than does the switch running the SMI. The switch running the EMI is excluded from the master election process that lasts 10 seconds. The workaround is to save the stack configuration before removing or replacing any switch in the stack.
When the switch is reloaded, meaningless characters might appear on the console during bootup before the configuration file is parsed and the console speed is set to the correct value. If manual boot is enabled or the startup configuration is deleted after you change the console speed, you cannot access the console after the switch reboots. These limitations apply to cluster configuration on the Catalyst and Catalyst switches:. You must manually add these switches back to the cluster. You must add the Catalyst or the switch to the cluster.
You can then see any cluster candidates connected to it.
0コメント