PDF(598.2 KB) View with Adobe Reader on a variety of devices
Updated:April 29, 2020
Bias-Free Language
The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
Release Notes for Cisco Catalyst 9300 Series Switches, Cisco IOS XE Everest 16.6.x
First Published: July 31, 2017
Last Updated:March 01, 2021
This release note gives an overview of the hardware and software with Cisco IOS XE Everest 16.6.x, on the Cisco Catalyst 9300 Series Switches. Unless otherwise noted, the terms switch and device refer to a standalone switch and to a switch stack.
For information about unsupported features, see Important Notes.
For information about open issues with the software, see Caveats.
Introduction
Cisco Catalyst 9300 Series Switches are Cisco’s lead stackable access platforms for the next-generation enterprise. It has been purpose-built to address emerging trends of Security, IoT, Mobility, and Cloud.
Cisco Catalyst 9300 Series Switches deliver complete convergence in terms of ASIC architecture with a Unified Access Data Plane (UADP) 2.0. The platform runs an Open Cisco IOS XE that supports model driven programmability, has the capacity to host containers, and run 3rd party applications and scripts natively within the switch (by virtue of x86 CPU architecture, local storage, and a higher memory footprint). The series forms the foundational building block for SD-Access, which is Cisco’s lead enterprise architecture.
The series offers 1Gigabit copper Ethernet switches with 80G uplink bandwidth, Multigigabit Ethernet switches, and the industry’s highest 480 Gigabit stacking bandwidth solution. It also provides a highly resilient and efficient power architecture with StackPower that delivers high density of UPoE and PoE+ ports.
Whats New in Cisco IOS XE Everest 16.6.10
There are no new hardware or software features in this release.
Whats New in Cisco IOS XE Everest 16.6.9
There are no new hardware or software features in this release.
Whats New in Cisco IOS XE Everest 16.6.8
There are no new hardware or software features in this release.
Whats New in Cisco IOS XE Everest 16.6.7
There are no new hardware or software features in this release.
Whats New in Cisco IOS XE Everest 16.6.6
There are no new hardware or software features in this release.
Whats New in Cisco IOS XE Everest 16.6.5
There are no new hardware or software features in this release.
Whats New in Cisco IOS XE Everest 16.6.4a
There are no new hardware or software features in this release.
Whats New in Cisco IOS XE Everest 16.6.4
Hardware Features in Cisco IOS XE Everest 16.6.4
Feature Name
Description
Cisco Catalyst 9300 Series Switches—MultiGigabit Ethernet Uplink Network Module (C9300-NM-4M)
This module has four 10G MultiGigabit Ethernet ports that support interface speeds of 100M/1G/2.5G/5G/10G); it can be installed in all models of Cisco Catalyst 9300 Series Switches.
Revision statements embedded in the YANG files indicate if there has been a model revision. The README.md file in the same github location highlights changes that have been made in the release.
(Network Essentials and Network Advantage)
Whats New in Cisco IOS XE Everest 16.6.1
Hardware Features in Cisco IOS XE Everest 16.6.1
Feature Name
Description
Multigigabit Ethernet Switch Model—C9300-24UX
Cisco Catalyst 9300 Series Switches now support C9300-24UX —Stackable 24 Multigigabit Ethernet 100/1000/2500/5000/10000 switch with UPoE ports; PoE budget of 490 W with 1100 WAC power supply; supports StackWise-480 and StackPower.
Cisco QSFP to SFP or SFP+ Adapter (Cisco QSA Module) —CVR-QSFP-SFP10G
Cisco Catalyst 9300 Series Switches support the Cisco QSA Module, which is a pluggable adapter that converts a QSFP port in to an SFP+ port. You can connect only an SFP+ module.
A backward compatible mode, equivalent to not having Cisco Discovery Protocol support. When the feature is enabled, Cisco Discovery Protocol packets are received and transmitted unchanged. Received packets are not processed; no packets are generated. In this mode, 'bump-in-the-wire' behavior is applied to Cisco Discovery Protocol packets.
Cisco NSF works with the Stateful switchover (SSO) feature to minimize the amount of time a network is unavailable to its users following a switchover.
High Availability— Graceful Insertion and Removal (GIR)
Uses a maintenance mode to isolate the switch from the network in order to perform debugging, or an upgrade.
GIR is supported for Layer 2 interface shutdown and the Intermediate System to Intermediate System (IS-IS) routing protocol.
When you place the switch in maintenance mode, supported protocols are isolated, and Layer 2 interfaces are shut down. When normal mode is restored, the supported protocols and ports are brought back up.
Determines the active and standby role for a specific switch in a stack, based on the flash ROMMON variable.
Warning Changing the switch role may result in redundancy mode being configured to 1+1 mode for the stack. If the configured Active or Standby switch does not boot up, then the stack will not be able to boot.
Internet Group Management Protocol (IGMP) Explicit Tracking
Enables a multicast device to explicitly track the membership of all multicast hosts in a particular multiaccess network. The explicit tracking of hosts, groups, and channels enables the device to keep track of each individual host that is joined to a particular group or channel.
Allows a service provider to support two or more VPNs with overlapping IP addresses using one interface. VRF-Lite uses input interfaces to distinguish routes for different VPNs and forms virtual packet-forwarding tables by associating one or more Layer 3 interfaces with each VRF.
Locator ID Separator Protocol (LISP) Extranet Support and Source Group Access Control List (SGACL) Cell Statistics
LISP Extranet Support—Refers to subscriber-to-provider communication across instance IDs in a LISP network. With LISP Extranet support, hosts in VRF “A”, for example, can access shared resources in VRF “B”.
SGACL Cell Statistics—An enhancement in the show cts role-based counters ipv4 command, to display all SGACL enforcement statistics for IPv4, providing visibility at the cell level.
external BGP (eBGP) and internal BGP (iBGP) OR eiBGP
IPv6 Provider Edge over MPLS (6PE)
IPv6 VPN Provider Edge over MPLS (6VPE)
The following MPLS features are introduced in this release:
EoMPLS—One of the Any Transport over MPLS (AToM) transport types. EoMPLS provides a tunneling mechanism for Ethernet traffic through an MPLS-enabled Layer 3 core. It encapsulates Ethernet protocol data units (PDUs) inside MPLS packets and uses label stacking to forward them across the MPLS network.
VPLS—A class of VPN that supports the connection of multiple sites in a single bridged domain over a managed IP/MPLS network. VPLS uses the provider core to join multiple attachment circuits together, to simulate a virtual bridge that connects the multiple attachment circuits together.
EIGRP MPLS VPN PE-CE SoO—Introduces the capability to filter MPLS Virtual Private Network (VPN) traffic on a per-site basis for Enhanced Interior Gateway Routing Protocol (EIGRP) networks. SoO filtering is configured at the interface level and is used to manage MPLS VPN traffic, and to prevent transient routing loops from occurring in complex and mixed network topologies.
Route Target Rewrite—Allows the replacement of route targets on incoming and outgoing Border Gateway Protocol (BGP) updates. Route targets are carried as extended community attributes in BGP Virtual Private Network IP Version 4 (VPNv4) updates. Route target extended community attributes are used to identify a set of sites and VPN routing and forwarding (VRF) instances that can receive routes with a configured route target.
eiBGP— Enables you to configure multipath load balancing with both eBGP and iBGP paths in Border Gateway Protocol (BGP) networks that are configured to use MPLS VPNs. The feature provides improved load balancing deployment and service offering capabilities and is useful for multi-homed autonomous systems and Provider Edge (PE) routers that import both eBGP and iBGP paths from multihomed and stub networks.
6PE—A technique that provides global IPv6 reachability over IPv4 MPLS. It allows one shared routing table for all other devices. 6PE allows IPv6 domains to communicate with one another over the IPv4 without an explicit tunnel setup, requiring only one IPv4 address per IPv6 domain.
6VPE—A mechanism to use the IPv4 backbone to provide VPN IPv6 services. 6VPE is like a regular IPv4 MPLS-VPN provider edge, with an addition of IPv6 support within VRF. It provides logically separate routing table entries for VPN member devices.
Programmability features introduced or enhanced in this release:
ZTP—Now supports HTTP file download along with TFTP file download.
Model-Driven Telemetry—Provides a mechanism to stream data from a Model-Driven Telemetry-capable device, to a destination. The data to be streamed is driven through subscription. The feature is enabled automatically, when NETCONF-YANG is started on a device.
iPXE—An open Preboot eXecution Environment (PXE) client that allows a device to boot from a network boot image. iPXE is supported with IPv4 only.
Revision statements embedded in the YANG files indicate if there has been a model revision. The README.md file in the same github location highlights changes that have been made in the release.
With this feature, when an active switch fails, the standby switch starts up in a fully-initialized state and synchronizes with the persistent configuration and the running configuration of the active switch. The new active switch uses existing Layer 2 switching information to continue forwarding traffic.
The Enterprise Fabric provides end-to-end enterprise-wide segmentation, flexible subnet addressing, and controller-based networking with uniform enterprise-wide policy and mobility. It moves the enterprise network from current VLAN-centric architecture to a user group-based enterprise architecture, with flexible Layer 2 extensions within and across sites.
Features introduced and updated on the Web UI in this release:
DNS Proxy Support
Troubleshooting- Audit Device Configuration
Troubleshooting- Debug Bundle
Important Notes
The following are the unsupported hardware and software features for the Cisco Catalyst 9300 Series Switches. For the list of supported features, go to http://www.cisco.com/go/cfn.
Unsupported Hardware Features
– The rear USB 3.0 port
– Breakout cables
Unsupported Software Features:
– IPsec with FIPS
These features are supported on the Cisco Catalyst 3850 Series Switches, but not on the Cisco Catalyst 9300 Series Switches:
– 128-bit and 256-bit AES MACsec (IEEE 802.1AE) host link encryption (downlinks) with MACsec Key Agreement (MKA)
– Audio Video Bridging (including IEEE802.1AS, IEEE 802.1Qat, and IEEE 802.1Qav)
– Bluetooth
– Cisco TrustSec Network Device Admission Control (NDAC) on Uplinks
If you are downgrading the software version on your device from Cisco IOS XE Gibraltar 16.12.1 or a later release, to any of the following releases, the microcode must be downgraded:
If microcode downgrade does not occur, PoE features will be impacted after downgrading. See the Downgrading in Install Mode section of the Release Notes for Cisco Catalyst 9300 Series Switches, Cisco IOS XE Gibraltar 16.12.x, for more information.
Supported Hardware
Cisco Catalyst 9300 Series Switches—Model Numbers
Table 1 lists the supported hardware models and the default license levels they are delivered with. For information about the available license levels, see section License Levels.
Table 1 Cisco Catalyst 9300 Series Switches—Model Numbers
Stackable 24 10/100/1000 Ethernet ports; 350 WAC power supply; supports StackWise-480 and StackPower.
C9300-24T-A
Network Advantage
C9300-24P-E
Network Essentials
Stackable 24 10/100/1000 PoE+ ports; PoE budget of 437W; 715 WAC power supply; supports StackWise-480 and StackPower.
C9300-24P-A
Network Advantage
C9300-24U-E
Network Essentials
Stackable 24 10/100/1000 UPoE ports; PoE budget of 830W; 1100 WAC power supply; supports StackWise-480 and StackPower.
C9300-24U-A
Network Advantage
C9300-24UX-E
Network Essentials
Stackable 24 Multigigabit Ethernet 100/1000/2500/5000/10000 UPoE ports; PoE budget of 490 W with 1100 WAC power supply; supports StackWise-480 and StackPower
C9300-24UX-A
Network Advantage
C9300-24UXM-E
Network Essentials
Catalyst 9300 48-port (12 mGig + 36x 2.5G) and UPOE
C9300-24UXM-A
Network Advantage
Catalyst 9300 48-port (12 mGig + 36x 2.5G) and UPOE
C9300-48T-E
Network Essentials
Stackable 48 10/100/1000 Ethernet ports; 350 WAC power supply; supports StackWise-480 and StackPower.
C9300-48T-A
Network Advantage
C9300-48P-E
Network Essentials
Stackable 48 10/100/1000 PoE+ ports; PoE budget of 437W; 715 WAC power supply; supports StackWise-480 and StackPower.
C9300-48P-A
Network Advantage
C9300-48U-E
Network Essentials
Stackable 48 10/100/1000 UPoE ports; PoE budget of 822 W; 1100 WAC power supply; supports StackWise-480 and StackPower.
C9300-48U-A
Network Advantage
C9300-48UXM-E
Network Essentials
Stackable 48 (36 2.5G Multigigabit Ethernet and 12 10G Multigigabit Ethernet Universal Power Over Ethernet (UPOE) ports).
Table 2 lists the optional uplink network modules with 1-Gigabit, 10-Gigabit, and 40-Gigabit slots. You should only operate the switch with either a network module or a blank module installed.
2.Supported only on Cisco Catalyst 9300 Series Switches
Optics Modules
Catalyst switches support a wide range of optics. Because the list of supported optics is updated on a regular basis, consult the tables at this URL for the latest (SFP) compatibility information:
– Google Chrome—Version 38 and later (On Windows and Mac)
– Microsoft Internet Explorer—Version 11 or later (On Windows 7 and Windows XP), and Microsoft Edge (On Windows 10)
– Mozilla Firefox—Version 33 and later (On Windows and Mac)
– Safari—Version 7 and later (On Mac)
Finding the Software Version
The package files for the Cisco IOS XE software are stored on the system board flash device (flash:).
You can use the show version privileged EXEC command to see the software version that is running on your switch.
Note Although the show version output always shows the software image running on the switch, the model name shown at the end of this display is the factory configuration and does not change if you upgrade the software license.
You can also use the dir filesystem : privileged EXEC command to see the directory names of other software images that you might have stored in flash memory.
Table 5 Software Images
Release
Image
File Name
Cisco IOS XE Everest 16.6.10
CAT9K_IOSXE
cat9k_iosxe.16.06.10.SPA.bin
Licensed Data Payload Encryption (LDPE)
cat9k_iosxeldpe.16.06.10.SPA.bin
Cisco IOS XE Everest 16.6.9
CAT9K_IOSXE
cat9k_iosxe.16.06.09.SPA.bin
Licensed Data Payload Encryption (LDPE)
cat9k_iosxeldpe.16.06.09.SPA.bin
Cisco IOS XE Everest 16.6.8
CAT9K_IOSXE
cat9k_iosxe.16.06.08.SPA.bin
Licensed Data Payload Encryption (LDPE)
cat9k_iosxeldpe.16.06.08.SPA.bin
Cisco IOS XE Everest 16.6.7
CAT9K_IOSXE
cat9k_iosxe.16.06.07.SPA.bin
Licensed Data Payload Encryption (LDPE)
cat9k_iosxeldpe.16.06.07.SPA.bin
Cisco IOS XE Everest 16.6.6
CAT9K_IOSXE
cat9k_iosxe.16.06.06.SPA.bin
Licensed Data Payload Encryption (LDPE)
cat9k_iosxeldpe.16.06.06.SPA.bin
Cisco IOS XE Everest 16.6.5
CAT9K_IOSXE
cat9k_iosxe.16.06.05.SPA.bin
Licensed Data Payload Encryption (LDPE)
cat9k_iosxeldpe.16.06.05.SPA.bin
Cisco IOS XE Everest 16.6.4a
CAT9K_IOSXE
cat9k_iosxe.16.06.04a.SPA.bin
Licensed Data Payload Encryption (LDPE)
cat9k_iosxeldpe.16.06.04a.SPA.bin
Cisco IOS XE Everest 16.6.4
CAT9K_IOSXE
cat9k_iosxe.16.06.04.SPA.bin
Licensed Data Payload Encryption (LDPE)
cat9k_iosxeldpe.16.06.04.SPA.bin
Cisco IOS XE Everest 16.6.3
CAT9K_IOSXE
cat9k_iosxe.16.06.03.SPA.bin
Licensed Data Payload Encryption (LDPE)
cat9k_iosxeldpe.16.06.03.SPA.bin
Cisco IOS XE Everest 16.6.2
CAT9K_IOSXE
cat9k_iosxe.16.06.02.SPA.bin
Licensed Data Payload Encryption (LDPE)
cat9k_iosxeldpe.16.06.02.SPA.bin
Cisco IOS XE Everest 16.6.1
CAT9K_IOSXE
cat9k_iosxe.16.06.01.SPA.bin
Licensed Data Payload Encryption (LDPE)
cat9k_iosxeldpe.16.06.01.SPA.bin
Upgrading the Switch Software
Note You cannot use the Web UI to install, upgrade, or downgrade switch software
Note From Cisco IOS XE Everest 16.6.2 onwards, we support new install commands. These install commands are supported along with the previously supported request platform software commands. Both set of commands are supported at present.
Table 6 request platform software commands to Upgrade or Downgrade Switch Software
Switch# request platform software package?
clean
Cleans unnecessary package files from media.
copy
Copies package to media.
describe
Describes package contents.
expand
Expands all-in-one package to media.
install
Installs package.
uninstall
Uninstalls package.
verify
Verifies ISSU software package compatibility.
Table 7 install commands to Upgrade or Downgrade Switch Software
Switch# install add file filename [ activate commit ]—Use this command to install and activate the specified file, and to commit changes to be persistent across reloads.
Switch# install ? —You can also use the install command to separately install, activate, commit, cancel, or remove the installation file.
add file tftp: filename
Copies the install file package from a remote location to the device and performs a compatibility check for the platform and image versions.
activate [ auto-abort-timer ]
Activates the file, and reloads the device.
The auto-abort-timer keyword automatically rolls back the image activation.
commit
Makes changes persistent over reloads.
rollback to committed
Rolls back the update to the last committed version.
abort
Cancels the file activation, and rolls back to the version that was running before the current installation procedure started.
remove
Deletes all unused and inactive software installation files.
Automatic Boot Loader Upgrade
When you upgrade from the existing release on your switch to a later or newer release for the first time, the boot loader may be automatically upgraded, based on the hardware version of the switch. If the boot loader is automatically upgraded, it will take effect on the next reload. If you go back to the older release after this, the boot loader is not downgraded. The updated boot loader supports all previous releases.
For subsequent IOS XE 16.x.x releases, if there is a new bootloader in that release, it may be automatically upgraded based on the hardware version of the switch when you boot up your switch with the new image for the first time.
Caution
Do not power cycle your switch during the upgrade.
Table 8 Automatic Boot Loader Response
Scenario
Automatic Boot Loader Response
If you boot Cisco IOS XE Everest 16.6.2, or Cisco IOS XE Everest 16.6.3, or Cisco IOS XE Everest 16.6.4, or Cisco IOS XE Everest 16.6.4a, or Cisco IOS XE Everest 16.6.5, or Cisco IOS XE Everest 16.6.6, or Cisco IOS XE Everest 16.6.7, or Cisco IOS XE Everest 16.6.8,
or Cisco IOS XE Everest 16.6.9,
or Cisco IOS XE Everest 16.6.10
for the first time
The boot loader may be upgraded to version 16.6.1r [FC1]. For example:
ROM: IOS-XE ROMMON
BOOTLDR: System Bootstrap, Version 16.6.1r [FC1], RELEASE SOFTWARE (P)
If the automatic boot loader upgrade occurs while booting, you will see the following on the console:
%IOSXEBOOT-Wed-###: (rp/0): Jul 26 16:57:44 Universal 2017 PLEASE DO NOT POWER CYCLE ###BOOT LOADER UPGRADING 4
During an IOS image upgrade or downgrade on a PoE or UPoE switch, the microcode is updated to reflect applicable feature enhancements and bug fixes. Do not restart the switch during the upgrade or downgrade process.
It takes approximately an additional 4 minutes to complete the microcode upgrade, in addition to the normal reload time. The microcode update occurs only during an image upgrade or downgrade on PoE or UPoE switches. It does not occur during switch reloads or on non-PoE switches.
The following console messages are displayed during microcode upgrade from Cisco IOS XE Everest 16.6.1 to Cisco IOS XE Everest 16.6.2 or Cisco IOS XE Everest 16.6.3:
MM [1] MCU version 111 sw ver 105
MM [2] MCU version 111 sw ver 105
Front-end Microcode IMG MGR: found 4 microcode images for 1 device.
Image for front-end 0: /tmp/microcode_update/front_end/fe_type_6_0 mismatch: 0
Image for front-end 0: /tmp/microcode_update/front_end/fe_type_6_1 mismatch: 1
Image for front-end 0: /tmp/microcode_update/front_end/fe_type_6_2 mismatch: 1
Image for front-end 0: /tmp/microcode_update/front_end/fe_type_6_3 mismatch: 0
Front-end Microcode IMG MGR: Preparing to program device microcode...
Front-end Microcode IMG MGR: Preparing to program device[0], index=0...594412 bytes.... Skipped[0].
Front-end Microcode IMG MGR: Preparing to program device[0], index=1...393734 bytes.
Front-end Microcode IMG MGR: Microcode programming complete for device 0.
Front-end Microcode IMG MGR: Preparing to program device[0], index=3...86370 bytes.... Skipped[3].
Front-end Microcode IMG MGR: Microcode programming complete in 290 seconds
Upgrading in Install Mode
Follow these instructions to upgrade from one release to another, in install mode.
Note The install commands are available only from Cisco IOS XE Everest 16.6.2.
In Cisco IOS XE Everest 16.6.2, a new set of install commands have been introduced for the installation and upgrade of images in install mode. You can either use the install commands or the request platform software commands for install, upgrade, and downgrade of software images. For more information, about the Software Install feature, see the Performing Device Setup Configuration chapter of the System Management Configuration Guide.
The sample output in this section covers upgrade from Cisco IOS XE Everest 16.5.1a to Cisco IOS XE Everest 16.6.1 and from Cisco IOS XE Everest 16.6.1 to Cisco IOS XE Everest 16.6.2 in Install Mode.
This section provides examples of both request platform software and install commands.
Step 1 Ensure that you have at least 1GB of space in flash to expand a new image. Clean up old installation files in case of insufficient space.The following sample output displays the cleaning up of Cisco IOS XE Everest 16.5.1a files:
Note Use the switch all option to clean up all the switches in your stack.
Switch# request platform software package clean switch all
Note Ignore the hexdump: messages in the CLI when you enter the command; they have no functional impact and will be removed in a later release. You will see this only on Member switches and not on the active or standby. In the sample output below, hexdump messages are seen on switch 3, which is a member switch.
Running command on switch 1
Cleaning up unnecessary package files
No path specified, will use booted path flash:packages.conf
Cleaning flash:
Scanning boot directory for packages... done.
Preparing packages list to delete...
cat9k-cc_srdriver.16.05.01a.SPA.pkg
File is in use, will not delete.
cat9k-espbase.16.05.01a.SPA.pkg
File is in use, will not delete.
cat9k-guestshell.16.05.01a.SPA.pkg
File is in use, will not delete.
cat9k-rpbase.16.05.01a.SPA.pkg
File is in use, will not delete.
cat9k-rpboot.16.05.01a.SPA.pkg
File is in use, will not delete.
cat9k-sipbase.16.05.01a.SPA.pkg
File is in use, will not delete.
cat9k-sipspa.16.05.01a.SPA.pkg
File is in use, will not delete.
cat9k-srdriver.16.05.01a.SPA.pkg
File is in use, will not delete.
cat9k-webui.16.05.01a.SPA.pkg
File is in use, will not delete.
cat9k-wlc.16.05.01a.SPA.pkg
File is in use, will not delete.
packages.conf
File is in use, will not delete.
done.
Running command on switch 2
Cleaning up unnecessary package files
No path specified, will use booted path flash:packages.conf
Cleaning flash:
Scanning boot directory for packages... done.
Preparing packages list to delete...
cat9k-cc_srdriver.16.05.01a.SPA.pkg
File is in use, will not delete.
cat9k-espbase.16.05.01a.SPA.pkg
File is in use, will not delete.
cat9k-guestshell.16.05.01a.SPA.pkg
File is in use, will not delete.
cat9k-rpbase.16.05.01a.SPA.pkg
File is in use, will not delete.
cat9k-rpboot.16.05.01a.SPA.pkg
File is in use, will not delete.
cat9k-sipbase.16.05.01a.SPA.pkg
File is in use, will not delete.
cat9k-sipspa.16.05.01a.SPA.pkg
File is in use, will not delete.
cat9k-srdriver.16.05.01a.SPA.pkg
File is in use, will not delete.
cat9k-webui.16.05.01a.SPA.pkg
File is in use, will not delete.
cat9k-wlc.16.05.01a.SPA.pkg
File is in use, will not delete.
packages.conf
File is in use, will not delete.
done.
Running command on switch 3
Cleaning up unnecessary package files
No path specified, will use booted path flash:packages.conf
Cleaning flash:
Scanning boot directory for packages... done.
Preparing packages list to delete...
hexdump: NVRAM: No such file or directory
hexdump: all input file arguments failed
head: cannot open 'NVRAM' for reading: No such file or directory
NVRAM: No such file or directory
hexdump: NVRAM: No such file or directory
hexdump: stdin: Bad file descriptor
tail: cannot open 'NVRAM' for reading: No such file or directory
You can also use the install remove inactive command to clean up old installation files in case of insufficient space. The following sample output displays the cleaning up of Cisco IOS XE Everest 16.6.1 files:
Switch# install remove inactive
install_remove: START Mon Oct 30 19:51:48 UTC 2017
Step 3 Use the boot system flash:packages.conf command to set the boot variable.
Switch(config)# boot system flash:packages.conf
Switch(config)# exit
Use the write memory command to save boot settings.
Switch# write memory
Use this command to verify BOOT variable = flash:packages.conf
Switch# show boot system
Software Install Image to Flash
Step 4 Use the request platform software package install switch all file flash: auto-copy command to install the target image to flash. We recommend copying the image to a TFTP server or the flash drive of the active switch.
Note If you point to an image on the flash or USB drive of a member switch (instead of the active), you must specify the exact flash or USB drive - otherwise installation fails. For example, if the image is on the flash drive of member switch 3 (flash-3):
Switch# request platform software package install switch all fileflash-3:cat9k_iosxe.16.06.01.SPA.bin auto-copy
[3]: Copying flash-3: cat9k_iosxe.16.06.01.SPA.bin from switch 3 to switch 1 2 4
<output truncated>>
The following example displays the installation of Cisco IOS XE Everest 16.6.1 software image:
Use the switch all option to upgrade all switches in your stack Use the auto-copy option to copy the.bin image from flash: to all other switches in your stack
SUCCESS: Software provisioned. New software will load on reboot.
[1]: Finished install successful on switch 1
[2]: install package(s) on switch 2
--- Starting list of software package changes ---
Old files list:
Removed cat9k-cc_srdriver.16.05.01a.SPA.pkg
Removed cat9k-espbase.16.05.01a.SPA.pkg
Removed cat9k-guestshell.16.05.01a.SPA.pkg
Removed cat9k-rpbase.16.05.01a.SPA.pkg
Removed cat9k-rpboot.16.05.01a.SPA.pkg
Removed cat9k-sipbase.16.05.01a.SPA.pkg
Removed cat9k-sipspa.16.05.01a.SPA.pkg
Removed cat9k-srdriver.16.05.01a.SPA.pkg
Removed cat9k-webui.16.05.01a.SPA.pkg
Removed cat9k-wlc.16.05.01a.SPA.pkg
New files list:
Added cat9k-cc_srdriver.16.06.01.SPA.pkg
Added cat9k-espbase.16.06.01.SPA.pkg
Added cat9k-guestshell.16.06.01.SPA.pkg
Added cat9k-rpbase.16.06.01.SPA.pkg
Added cat9k-rpboot.16.06.01.SPA.pkg
Added cat9k-sipbase.16.06.01.SPA.pkg
Added cat9k-sipspa.16.06.01.SPA.pkg
Added cat9k-srdriver.16.06.01.SPA.pkg
Added cat9k-webui.16.06.01.SPA.pkg
Finished list of software package changes
SUCCESS: Software provisioned. New software will load on reboot.
[2]: Finished install successful on switch 2
[3]: install package(s) on switch 3
--- Starting list of software package changes ---
Old files list:
Removed cat9k-cc_srdriver.16.05.01a.SPA.pkg
Removed cat9k-espbase.16.05.01a.SPA.pkg
Removed cat9k-guestshell.16.05.01a.SPA.pkg
Removed cat9k-rpbase.16.05.01a.SPA.pkg
Removed cat9k-rpboot.16.05.01a.SPA.pkg
Removed cat9k-sipbase.16.05.01a.SPA.pkg
Removed cat9k-sipspa.16.05.01a.SPA.pkg
Removed cat9k-srdriver.16.05.01a.SPA.pkg
Removed cat9k-webui.16.05.01a.SPA.pkg
Removed cat9k-wlc.16.05.01a.SPA.pkg
New files list:
Added cat9k-cc_srdriver.16.06.01.SPA.pkg
Added cat9k-espbase.16.06.01.SPA.pkg
Added cat9k-guestshell.16.06.01.SPA.pkg
Added cat9k-rpbase.16.06.01.SPA.pkg
Added cat9k-rpboot.16.06.01.SPA.pkg
Added cat9k-sipbase.16.06.01.SPA.pkg
Added cat9k-sipspa.16.06.01.SPA.pkg
Added cat9k-srdriver.16.06.01.SPA.pkg
Added cat9k-webui.16.06.01.SPA.pkg
Finished list of software package changes
SUCCESS: Software provisioned. New software will load on reboot.
[3]: Finished install successful on switch 3
Checking status of install on [1 2 3]
[1 2 3]: Finished install in switch 1 2 3
SUCCESS: Finished install: Success on [1 2 3]
You can also use the install add file activate commit command to install the target image to flash. This example displays the installation of Cisco IOS XE Everest 16.6.2:
install_add_activate_commit: START Mon Oct 30 19:54:51 UTC 2017
System configuration has been modified.
Press Yes(y) to save the configuration and proceed.
Press No(n) for proceeding without saving the configuration.
Press Quit(q) to exit, you may save configuration and re-enter the command. [y/n/q]yBuilding configuration...
[OK]Modified configuration has been saved
*Oct 30 19:54:55.633: %IOSXE-5-PLATFORM: Switch 1 R0/0: Oct 30 19:54:55 install_engine.sh: %INSTALL-5-INSTALL_START_INFO: Started install one-shot flash:cat9k_iosxe.16.06.02.SPA.bininstall_add_activate_commit: Adding PACKAGE
This operation requires a reload of the system. Do you want to proceed?
Please confirm you have changed boot config to flash:packages.conf [y/n]y
--- Starting initial file syncing ---
Info: Finished copying flash:cat9k_iosxe.16.06.02.SPA.bin to the selected switch(es)
Finished initial file syncing
--- Starting Add ---
Performing Add on all members
[1] Add package(s) on switch 1
[1] Finished Add on switch 1
Checking status of Add on [1]
Add: Passed on [1]
Finished Add
install_add_activate_commit: Activating PACKAGE
Following packages shall be activated:
/flash/cat9k-wlc.16.06.02.SPA.pkg
/flash/cat9k-webui.16.06.02.SPA.pkg
/flash/cat9k-srdriver.16.06.02.SPA.pkg
/flash/cat9k-sipspa.16.06.02.SPA.pkg
/flash/cat9k-sipbase.16.06.02.SPA.pkg
/flash/cat9k-rpboot.16.06.02.SPA.pkg
/flash/cat9k-rpbase.16.06.02.SPA.pkg
/flash/cat9k-guestshell.16.06.02.SPA.pkg
/flash/cat9k-espbase.16.06.02.SPA.pkg
/flash/cat9k-cc_srdriver.16.06.02.SPA.pkg
This operation requires a reload of the system. Do you want to proceed? [y/n]y
--- Starting Activate ---
Performing Activate on all members
[1] Activate package(s) on switch 1
[1] Finished Activate on switch 1
Checking status of Activate on [1]
Activate: Passed on [1]
Finished Activate
--- Starting Commit ---
Performing Commit on all members
*Oct 30 19:57:41.145: %IOSXE-5-PLATFORM: Switch 1 R0/0: Oct 30 19:57:41 rollback_timer.sh: %INSTALL-5-INSTALL_AUTO_ABORT_TIMER_PROGRESS: Install auto abort timer will expire in 7200 seconds [1] Commit package(s) on switch 1
[1] Finished Commit on switch 1
Checking status of Commit on [1]
Commit: Passed on [1]
Finished Commit
Install will reload the system now!
SUCCESS: install_add_activate_commit Mon Oct 30 19:57:48 UTC 2017
Switch#
Note The system reloads automatically after executing the install add file activate commit command. You do not have to manually reload the system.
Note Old files listed in the logs are not removed from flash.
Step 5 After the software has been successfully installed, verify that the flash partition has nine new .pkg files and three.conf files. See sample output below. The following is sample output from the dir flash: command in Cisco IOS XE Everest 16.6.1:
Step 7 If your switches are configured with auto boot, then the stack will automatically boot up with the new image. If not, you can manually boot flash:packages.conf
Switch: boot flash:packages.conf
When the new image boots up, you can verify the version of the new image, using the show version command:
Note When you boot the new image, it will automatically update the boot loader, but the new bootloader version is not displayed in the output until the next reload.
The following show version command output displays the Cisco IOS XE Everest 16.6.1 image on the device:
Note New switch models that are introduced in a release cannot be downgraded, so if you add a new switch to an existing stack, we recommend upgrading all existing switches. For the list of models introduced in a release, see the list of hardware features in that release.
Follow these instructions to downgrade from one release to another, in install mode. To perform a software image upgrade, you must be booted into IOS via boot flash:packages.conf.
The sample output in this section covers downgrade from Cisco IOS XE Everest 16.6.1 to Cisco IOS XE Everest 16.5.1a and from Cisco IOS XE Everest 16.6.2 to Cisco IOS XE Everest 16.6.1 in Install Mode.
This section provides examples of both request platform software and install commands.
Step 1 Ensure that you have at least 1GB of space in flash to expand a new image. Clean up old installation files in case of insufficient space. The following sample output displays the cleaning up of Cisco IOS XE Everest 16.6.1 files:
Use the switch all option to clean up all the switches in your stack.
Note Ignore the hexdump: messages in the CLI when you enter the command; they have no functional impact and will be removed in a later release. You will see this only on member switches and not on an active or standby. In the sample output below, hexdump messages are seen on switch 3, which is a member switch.
Switch# request platform software package clean switch all
This operation may take several minutes...
Running command on switch 1
Cleaning up unnecessary package files
No path specified, will use booted path flash:packages.conf
Cleaning flash:
Scanning boot directory for packages... done.
Preparing packages list to delete...
cat9k-cc_srdriver.16.06.01.SPA.pkg
File is in use, will not delete.
cat9k-espbase.16.06.01.SPA.pkg
File is in use, will not delete.
cat9k-guestshell.16.06.01.SPA.pkg
File is in use, will not delete.
cat9k-rpbase.16.06.01.SPA.pkg
File is in use, will not delete.
cat9k-rpboot.16.06.01.SPA.pkg
File is in use, will not delete.
cat9k-sipbase.16.06.01.SPA.pkg
File is in use, will not delete.
cat9k-sipspa.16.06.01.SPA.pkg
File is in use, will not delete.
cat9k-srdriver.16.06.01.SPA.pkg
File is in use, will not delete.
cat9k-webui.16.06.01.SPA.pkg
File is in use, will not delete.
packages.conf
File is in use, will not delete.
done.
Running command on switch 2
Cleaning up unnecessary package files
No path specified, will use booted path flash:packages.conf
Cleaning flash:
Scanning boot directory for packages... done.
Preparing packages list to delete...
cat9k-cc_srdriver.16.06.01.SPA.pkg
File is in use, will not delete.
cat9k-espbase.16.06.01.SPA.pkg
File is in use, will not delete.
cat9k-guestshell.16.06.01.SPA.pkg
File is in use, will not delete.
cat9k-rpbase.16.06.01.SPA.pkg
File is in use, will not delete.
cat9k-rpboot.16.06.01.SPA.pkg
File is in use, will not delete.
cat9k-sipbase.16.06.01.SPA.pkg
File is in use, will not delete.
cat9k-sipspa.16.06.01.SPA.pkg
File is in use, will not delete.
cat9k-srdriver.16.06.01.SPA.pkg
File is in use, will not delete.
cat9k-webui.16.06.01.SPA.pkg
File is in use, will not delete.
packages.conf
File is in use, will not delete.
done.
Running command on switch 3
Cleaning up unnecessary package files
No path specified, will use booted path flash:packages.conf
Cleaning flash:
Scanning boot directory for packages... done.
Preparing packages list to delete...
hexdump: NVRAM: No such file or directory
hexdump: all input file arguments failed
head: cannot open 'NVRAM' for reading: No such file or directory
NVRAM: No such file or directory
hexdump: NVRAM: No such file or directory
hexdump: stdin: Bad file descriptor
tail: cannot open 'NVRAM' for reading: No such file or directory
You can also use the install remove inactive command to clean up old installation files in case of insufficient space. The following sample output displays the cleaning up of Cisco IOS XE Everest 16.6.2 files:
Switch# install remove inactive
install_remove: START Mon Oct 30 19:51:48 UTC 2017
Step 4 Use the request platform software package install command, to downgrade your stack. You can point to the source image on your tftp server or in flash if you have it copied to flash. The following example displays the installation of Cisco IOS XE Everest 16.5.1a software image:
Use the switch all option to upgrade all switches in your stack.
Use the auto-copy option to copy the.bin image from flash: to all the other switches in your stack.
SUCCESS: Software provisioned. New software will load on reboot.
[1]: Finished install successful on switch 1
[2]: install package(s) on switch 2
--- Starting list of software package changes ---
Old files list:
Removed cat9k-cc_srdriver.16.06.01.SPA.pkg
Removed cat9k-espbase.16.06.01.SPA.pkg
Removed cat9k-guestshell.16.06.01.SPA.pkg
Removed cat9k-rpbase.16.06.01.SPA.pkg
Removed cat9k-rpboot.16.06.01.SPA.pkg
Removed cat9k-sipbase.16.06.01.SPA.pkg
Removed cat9k-sipspa.16.06.01.SPA.pkg
Removed cat9k-srdriver.16.06.01.SPA.pkg
Removed cat9k-webui.16.06.01.SPA.pkg
New files list:
Added cat9k-cc_srdriver.16.05.01a.SPA.pkg
Added cat9k-espbase.16.05.01a.SPA.pkg
Added cat9k-guestshell.16.05.01a.SPA.pkg
Added cat9k-rpbase.16.05.01a.SPA.pkg
Added cat9k-rpboot.16.05.01a.SPA.pkg
Added cat9k-sipbase.16.05.01a.SPA.pkg
Added cat9k-sipspa.16.05.01a.SPA.pkg
Added cat9k-srdriver.16.05.01a.SPA.pkg
Added cat9k-webui.16.05.01a.SPA.pkg
Added cat9k-wlc.16.05.01a.SPA.pkg
Finished list of software package changes
SUCCESS: Software provisioned. New software will load on reboot.
[2]: Finished install successful on switch 2
[3]: install package(s) on switch 3
--- Starting list of software package changes ---
Old files list:
Removed cat9k-cc_srdriver.16.06.01.SPA.pkg
Removed cat9k-espbase.16.06.01.SPA.pkg
Removed cat9k-guestshell.16.06.01.SPA.pkg
Removed cat9k-rpbase.16.06.01.SPA.pkg
Removed cat9k-rpboot.16.06.01.SPA.pkg
Removed cat9k-sipbase.16.06.01.SPA.pkg
Removed cat9k-sipspa.16.06.01.SPA.pkg
Removed cat9k-srdriver.16.06.01.SPA.pkg
Removed cat9k-webui.16.06.01.SPA.pkg
New files list:
Added cat9k-cc_srdriver.16.05.01a.SPA.pkg
Added cat9k-espbase.16.05.01a.SPA.pkg
Added cat9k-guestshell.16.05.01a.SPA.pkg
Added cat9k-rpbase.16.05.01a.SPA.pkg
Added cat9k-rpboot.16.05.01a.SPA.pkg
Added cat9k-sipbase.16.05.01a.SPA.pkg
Added cat9k-sipspa.16.05.01a.SPA.pkg
Added cat9k-srdriver.16.05.01a.SPA.pkg
Added cat9k-webui.16.05.01a.SPA.pkg
Added cat9k-wlc.16.05.01a.SPA.pkg
Finished list of software package changes
SUCCESS: Software provisioned. New software will load on reboot.
[3]: Finished install successful on switch 3
Checking status of install on [1 2 3]
[1 2 3]: Finished install in switch 1 2 3
SUCCESS: Finished install: Success on [1 2 3]
You can also use the install add file activate commit command to install the target image to flash. This example displays the installation of Cisco IOS XE Everest 16.6.1:
install_add_activate_commit: START Mon Oct 30 19:54:51 UTC 2017
System configuration has been modified.
Press Yes(y) to save the configuration and proceed.
Press No(n) for proceeding without saving the configuration.
Press Quit(q) to exit, you may save configuration and re-enter the command. [y/n/q]yBuilding configuration...
[OK]Modified configuration has been saved
*Oct 30 19:54:55.633: %IOSXE-5-PLATFORM: Switch 1 R0/0: Oct 30 19:54:55 install_engine.sh: %INSTALL-5-INSTALL_START_INFO: Started install one-shot flash:cat9k_iosxe.16.06.01.SPA.bin install_add_activate_commit: Adding PACKAGE
This operation requires a reload of the system. Do you want to proceed?
Please confirm you have changed boot config to flash:packages.conf [y/n]y
--- Starting initial file syncing ---
Info: Finished copying flash:cat9k_iosxe.16.05.01a.SPA.bin to the selected switch(es)
Finished initial file syncing
--- Starting Add ---
Performing Add on all members
[1] Add package(s) on switch 1
[1] Finished Add on switch 1
Checking status of Add on [1]
Add: Passed on [1]
Finished Add
install_add_activate_commit: Activating PACKAGE
Following packages shall be activated:
/flash/cat9k-wlc.16.06.01.SPA.pkg
/flash/cat9k-webui.16.06.01.SPA.pkg
/flash/cat9k-srdriver.16.06.01.SPA.pkg
/flash/cat9k-sipspa.16.06.01.SPA.pkg
/flash/cat9k-sipbase.16.06.01.SPA.pkg
/flash/cat9k-rpboot.16.06.01.SPA.pkg
/flash/cat9k-rpbase.16.06.01.SPA.pkg
/flash/cat9k-guestshell.16.06.01.SPA.pkg
/flash/cat9k-espbase.16.06.01.SPA.pkg
/flash/cat9k-cc_srdriver.16.06.01.SPA.pkg
This operation requires a reload of the system. Do you want to proceed? [y/n]y
--- Starting Activate ---
Performing Activate on all members
[1] Activate package(s) on switch 1
[1] Finished Activate on switch 1
Checking status of Activate on [1]
Activate: Passed on [1]
Finished Activate
--- Starting Commit ---
Performing Commit on all members
*Oct 30 19:57:41.145: %IOSXE-5-PLATFORM: Switch 1 R0/0: Oct 30 19:57:41 rollback_timer.sh: %INSTALL-5-INSTALL_AUTO_ABORT_TIMER_PROGRESS: Install auto abort timer will expire in 7200 seconds [1] Commit package(s) on switch 1
[1] Finished Commit on switch 1
Checking status of Commit on [1]
Commit: Passed on [1]
Finished Commit
Install will reload the system now!
SUCCESS: install_add_activate_commit Mon Oct 30 19:57:48 UTC 2017
Switch#
Note The system reloads automatically after executing the install add file activate commit command. There is no need to manually reload the system.
Reload
Step 5 Reload the switch
Switch# reload
Step 6 If your switches are configured with auto boot, then the stack will automatically boot up with the new image. If not, you can manually boot flash:packages.conf
Switch: boot flash:packages.conf
Note When you downgrade the software image, the boot loader will not automatically downgrade. It will remain updated.
When the new image boots up, you can verify the version of the new image, by checking the show version command.
The following show version command output displays the Cisco IOS XE Everest 16.5.1a image on the device:
This section provides information about the licensing packages for features available on Cisco Catalyst 9000 Series Switches.
License Levels
The software features available on Cisco Catalyst 9300 Series Switches fall under the base or add-on license levels.
Base Licenses
Network Essentials
Network Advantage—Includes features available with the Network Essentials license and more.
Add-On Licenses—Require a Network Essentials or Advantage as a pre-requisite. The features available with add-on license levels provide Cisco innovations on the switch, as well as on the Cisco Digital Network Architecture Center (Cisco DNA Center).
DNA Essentials
DNA Advantage— Includes features available with the DNA Essentials license and more.
To find information about platform support and to know which license levels a feature is available with, use Cisco Feature Navigator. To access Cisco Feature Navigator, go to http://www.cisco.com/go/cfn. An account on Cisco.com is not required.
License Types
The following license types are available:
Permanent—for a license level, and without an expiration date.
Term— for a license level, and for a three, five, or seven year period.
Evaluation—for a license level, preinstalled on the device, and for a 90-day trial period only.
Ordering with Smart Accounts
We recommend that you use Smart Accounts to order devices as well as licenses. Smart Accounts enable you to manage all of your software licenses for switches, routers, firewalls, access-points or tools from one centralized website. To create Smart Accounts, use the Cisco Smart Software Manager (Cisco SSM).
Note This is especially relevant to the term licenses that you order, because information about the expiry of term licenses is available only through the Cisco SSM website.
Right-to-use (RTU) licensing mode—Supported on Cisco Catalyst 9000 Series Switches. See The RTU Licensing Mode.
Smart Licensing mode—Currently not supported on Cisco Catalyst 9000 Series Switches. It is on the roadmap for future releases.
The RTU Licensing Mode
This is the currently supported licensing mode for Cisco Catalyst 9000 Series Switches.
Right-to-use (RTU) licensing allows you to order and activate a specific license type for a given license level, and then to manage license usage on your switch.
Note The RTU licensing structure has been modified to match the packaging model that will be used with Smart Licensing mode in the future. Unified licensing structures across the RTU and Smart Licensing modes, along with usage reports, will simplify migration and reduce the implementation time required for Smart Licensing.
The license right-to-use command (privilege EXEC mode) provides options to activate or deactivate any license supported on the platform.
Licenses may be activated on a standalone device, device stack, or a single device in a stack.
Base licenses (Network Essentials and Network-Advantage) may be ordered only with a permanent license type.
Add-on licenses (DNA Essentials and DNA Advantage) may be ordered only with a term license type.
You can set up Cisco SSM to receive daily e-mail alerts, to be notified of expiring add-on licenses that you want to renew.
You must order an add-on license in order to purchase a switch. On term expiry, you can either renew the add-on license to continue using it, or deactivate the add-on license and then reload the switch to continue operating with the base license capabilities.
When ordering an add-on license with a base license, note the combinations that are permitted and those that are not permitted:
5.For this combination, the DNA-Essentials license must be ordered separately using Cisco SSM.
The following features are currently available only at the Network Advantage license level. However, the correct minimum license level for these features is Network Essentials and the CFN reflects this correct license level.
You will be able to configure the features with a Network Essentials license level after the correction is made in an upcoming release.
– IPv6 Multicast
– IPv6 ACL Support for HTTP Servers
Evaluation licenses cannot be ordered. They can be activated temporarily, without purchase. Warning system messages about the evaluation license expiry are generated 10 and 5 days before the 90-day window. Warning system messages are generated every day after the 90-day period. An expired evaluation license cannot be reactivated after reload.
Cisco TrustSec restrictions—Cisco TrustSec can be configured only on physical interfaces, not on logical interfaces.
Control Plane Policing (CoPP)—Starting with Cisco IOS XE Everest 16.6.4, the show run command does not display information about classes configured under system-cpp policy, when they are left at default values. Use the show policy-map system-cpp-policy or the s how policy-map control-plane commands in privileged EXEC mode instead.
Flexible NetFlow (FNF) limitations
– You cannot configure NetFlow export using the Ethernet Management port (GigabitEthernet0/0)
– You can not configure a flow monitor on logical interfaces, such as switched virtual interfaces (SVIs), port-channel, loopback, tunnels.
– You can not configure multiple flow monitors of same type (ipv4, ipv6 or datalink) on the same interface for same direction.
Hardware limitations:
– For all the devices running Cisco IOS XE Everest 16.6.1 or Cisco IOS XE Everest 16.6.2 or Cisco IOS XE Everest 16.6.3, autonegotiation is disabled by default when you use Cisco 40GBASE-CR4 QSFP Direct-Attach Copper Cables, If the other end of the link has autonegotation enabled, the link does not come up.
Note There is no option to turn on autonegotiation on the ports which connect to Cisco 40GBASE-CR4 QSFP cable.
– For all the Catalyst 9300 Series Switches running Cisco IOS XE Everest 16.6.4 and later, autonegotiation is enabled by default when you use Cisco 40GBASE-CR4 QSFP Direct-Attach Copper Cables. If the other end of the link does not support autonegotiation, the link does not come up. You can turn autonegotiation off on the ports which connect to Cisco 40GBASE-CR4 QSFP cable. Use the speed nonegotiate command at the interface. This command disables autonegotiation and brings the link up. To restore autonegotiation, use the no speed nonegotiation command.
Interoperability limitations:
– If one end of the link has a device running Cisco IOS XE Everest 16.6.1 or Cisco IOS XE Everest 16.6.2 or Cisco IOS XE Everest 16.6.3 and the other end is running Cisco IOS XE Fuji 16.8.1, the link does not come up. To avoid this interoperability issue between releases, it is recommended to use the same image across all the Catalyst 9300 Series Switches and Catalyst 9500 Series Switches in the network.
Memory leak—When a logging discriminator is configured and applied to a device, memory leak is seen under heavy syslog or debug output. The rate of the leak is dependent on the quantity of logs produced. In extreme cases, the device may fail. As a workaround, disable the logging discriminator on the device.
QoS restrictions:
– When configuring a QoS queuing policy, the sum of the queuing buffer should not exceed 100%.
– For QoS policies, only SVIs are supported for logical interfaces.
– QoS policies are not supported for port-channel interfaces, tunnel interfaces, and other logical interfaces.
Secure Shell (SSH)
– Use SSH Version 2. SSH Version 1 is not supported.
– When the device is running SCP (Secure Copy Protocol) and SSH cryptographic operations, expect high CPU until the SCP read process is completed. SCP supports file transfers between hosts on a network and uses SSH for the transfer.
Since SCP and SSH operations are currently not supported on the hardware crypto engine running encryption and decryption process in software causes high CPU. The SCP and SSH processes can show as much as 40 or 50 percent CPU usage, but they do not cause the device to shutdown.
Smart Install—The feature is deprecated starting with Cisco IOS XE Everest 16.5.1a. The commands are visible on the CLI until Cisco IOS XE Everest 16.6.1, but the feature is not supported. Enter the no vstack command in global configuration mode and disable the feature. Starting from Cisco IOS XE Everest 16.6.2, the vstack command is not available on the CLI.
Stacking:
– A switch stack supports up to eight stack members.
– Mixed stacking is not supported. Cisco Catalyst 9300 Series Switches cannot be stacked with Cisco Catalyst 3850 Series Switches.
– Auto upgrade for a new member switch is supported only in the install mode.
VLAN Restriction: It is advisable to have well-defined segregation while defining data and voice domain during switch configuration and to maintain a data VLAN different from voice VLAN across the switch stack. If the same VLAN is configured for data and voice domains on an interface, the resulting high CPU utilization might affect the device.
Wired AVC limitations:
– NBAR2 (QoS and Protocol-discovery) configuration is allowed only on wired physical ports. It is not supported on virtual interfaces, for example, VLAN, port channel nor other logical interfaces.
– NBAR2 based match criteria ‘match protocol’ is allowed only with marking or policing actions. NBAR2 match criteria will not be allowed in a policy that has queuing features configured.
– ‘Match Protocol’: up to 256 concurrent different protocols in all policies.
– NBAR2 attributes based QoS is not supported (‘match protocol attribute’).
– NBAR2 and Legacy NetFlow cannot be configured together at the same time on the same interface. However, NBAR2 and wired AVC Flexible NetFlow can be configured together on the same interface.
– Only IPv4 unicast (TCP/UDP) is supported.
– AVC is not supported on management port (Gig 0/0)
– NBAR2 attachment should be done only on physical access ports. Uplink can be attached as long as it is a single uplink and is not part of a port channel.
– Performance—Each switch member is able to handle 2000 connections per second (CPS) at less than 50% CPU utilization. Above this rate, AVC service is not guaranteed.
– Scale— Able to handle up to 20000 bi-directional flows per 24 access ports and per 48 access ports.
YANG data modeling limitations—A maximum of 20 simultaneous NETCONF sessions are supported.
Caveats
Caveats describe unexpected behavior in Cisco IOS releases. Caveats listed as open in a prior release are carried forward to the next release as either open or resolved.
The Bug Search Tool (BST) allows partners and customers to search for software bugs based on product, release, and keyword, and aggregates key data such as bug details, product, and version. The BST is designed to improve the effectiveness in network risk management and device troubleshooting. The tool has a provision to filter bugs based on credentials to provide external and internal bug views for the search input.
To view the details of a caveat, click on the identifier.
Open Caveats in Cisco IOS XE Everest 16.6.x
The following are the open caveats in this release.
Choose Product Support > Switches. Then choose your product and click Troubleshoot and Alerts to find information for the problem that you are experiencing.
Related Documentation
Cisco Catalyst 9300 Series Switches documentation at this URL:
Obtaining Documentation and Submitting a Service Request
For information on obtaining documentation, submitting a service request, and gathering additional information, see the monthly What’s New in Cisco Product Documentation, which also lists all new and revised Cisco technical documentation, at:
Subscribe to the What’s New in Cisco Product Documentation, which lists all new and revised Cisco Technical documentation, as an RSS feed and deliver content directly to your desktop using a read application. The RSS feeds are a free service.
Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this URL: www.cisco.com/go/trademarks. Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1721R)
Any Internet Protocol (IP) addresses and phone numbers used in this document are not intended to be actual addresses and phone numbers. Any examples, command display output, network topology diagrams, and other figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses or phone numbers in illustrative content is unintentional and coincidental.