Release Notes for Cisco Catalyst 9500 Series Switches, Cisco IOS XE Everest 16.6.x

Software Install

The Software Install feature facilitates moving from one version of the software to another version in install mode.

See System Management -> Performing Device Setup Configuration.

YANG Data Models

YANG Data Models—For the list of Cisco IOS XE YANG models available with this release, navigate to https://github.com/YangModels/yang/tree/master/vendor/cisco/xe/1662.

Revision statements embedded in the YANG files indicate if there has been a model revision. The README.md file in the same github location highlights changes that have been made in the release.

(Network Essentials)

40-Gigabit Ethernet QSFP and 10-Gigabit Ethernet SFP Switch Models

• C9500-12Q
• C9500-40X-2Q
• C9500-40X
• C9500-48X

These Cisco Catalyst 9500 Series Switches are supported:

• C9500-12Q—12 40-Gigabit Ethernet QSFP ports and two power supply slots
• C9500-40X-2Q—40 10-Gigabit Ethernet SFP ports and a 2-Port 40-Gigabit Ethernet (QSFP) network module on uplink ports; and two power supply slots
• C9500-40X—40 10-Gigabit Ethernet SFP ports and two power supply slots; support for optional network modules on uplink ports — 8-Port 10 Gigabit Ethernet (SFP) and 2-Port 40 Gigabit Ethernet (QSFP)
• C9500-48X—40 10-Gigabit Ethernet SFP ports and an 8-Port 10-Gigabit Ethernet (SFP) network module on uplink ports; and two power supply slots

See the Cisco Catalyst 9500 Series Switches Hardware Installation Guide.

Cisco QSFP to SFP or SFP+ Adapter (Cisco QSA Module) —CVR-QSFP-SFP10G

The Cisco Catalyst 9500 Series Switches support the Cisco QSA Module, which is a pluggable adapter that converts a QSFP port in to an SFP+ port. You can connect only an SFP+ module.

See SFP and QSFP Module Ports.

Cisco Discovery Protocol Bypass

A backward compatible mode, equivalent to not having Cisco Discovery Protocol support. When the feature is enabled, Cisco Discovery Protocol packets are received and transmitted unchanged. Received packets are not processed. No packets are generated. In this mode, 'bump-in-the-wire' behavior is applied to Cisco Discovery Protocol packets.

See Security -> Cisco Discovery Protocol Bypass.

(Network Essentials and Network Advantage)

Cisco Nonstop Forwarding (NSF) Support for IPv6

Cisco NSF is now supported for IPv6 traffic.

Cisco NSF works with the Stateful switchover (SSO) feature to minimize the amount of time a network is unavailable to its users following a switchover.

See High Availability -> Configuring NSF with SSO.

(Network Advantage)

Cisco StackWise Virtual

• Minimum Latency Load Balancing
• Dual-active-detection using Enhanced Port Aggregation Protocol (ePAGP)

A network system virtualization technology that pairs two switches into one virtual switch to simplify operational efficiency with a single control and management plane. The feature supports:

• Minimum Latency Load Balancing—Here, in a Cisco StackWise Virtual setup, Multichassis EtherChannel forwards traffic over the local link, irrespective of the hash result.
• Dual-active-detection using ePAgP—Involves detection of a dual-active scenario using on Multichassis EtherChannel, between the switches in a Cisco StackWise Virtual setup.

Note On the Cisco Catalyst 9500 Series Switches, this feature is supported only on the C9500-24Q switch model

See High Availability -> Configuring Cisco StackWise Virtual.

(Network Advantage)

High Availability— Graceful Insertion and Removal (GIR)

Uses a maintenance mode to isolate the switch from the network in order to perform debugging, or an upgrade.

GIR is supported for Layer 2 interface shutdown and the Intermediate System to Intermediate System (IS-IS) routing protocol.

When you place the switch in maintenance mode, supported protocols are isolated, and Layer 2 interfaces are shut down. When normal mode is restored, the supported protocols and ports are brought back up.

See High Availability -> Configuring Graceful Insertion and Removal (GIR).

(Network Advantage)

Internet Group Management Protocol (IGMP) Explicit Tracking

Enables a multicast device to explicitly track the membership of all multicast hosts in a particular multiaccess network. The explicit tracking of hosts, groups, and channels enables the device to keep track of each individual host that is joined to a particular group or channel.

See IP Multicast Routing -> IGMP Explicit Tracking.

(Network Essentials and Network Advantage)

IPv6 Multicast with Virtual Private Networks (VPN) Routing Forwarding Table (VRF-Lite)

Allows a service provider to support two or more VPNs with overlapping IP addresses using one interface. VRF-Lite uses input interfaces to distinguish routes for different VPNs and forms virtual packet-forwarding tables by associating one or more Layer 3 interfaces with each VRF.

See IP Multicast Routing -> Configuring VRF-lite.

(Network Advantage)

Locator ID Separator Protocol (LISP) Extranet Support and Source Group Access Control List (SGACL) Cell Statistics

• LISP Extranet Support—Refers to subscriber to provider communication across instance IDs in a LISP network. With LISP Extranet support, hosts in VRF “A”, for example, can access shared resources in VRF “B”. 
• SGACL Cell Statistics—An enhancement in the show cts role-based counters ipv4 command, to display all SGACL enforcement statistics for IPv4, providing visibility at the cell level.

See Campus Fabric.

(DNA Advantage)

Multiprotocol Label Switching

• Ethernet over MPLS (EoMPLS)
• Virtual Private LAN Services (VPLS)
• EIGRP MPLS VPN PE-CE Site of Origin (SoO)
• Route Target Rewrite
• external BGP (eBGP) and internal BGP (iBGP) OR eiBGP
• IPv6 Provider Edge over MPLS (6PE)
• IPv6 VPN Provider Edge over MPLS (6VPE)

The following MPLS features are introduced in this release:

• EoMPLS—One of the Any Transport over MPLS (AToM) transport types. EoMPLS provides a tunneling mechanism for Ethernet traffic through an MPLS-enabled Layer 3 core. It encapsulates Ethernet protocol data units (PDUs) inside MPLS packets and uses label stacking to forward them across the MPLS network.
• VPLS—A class of VPN that supports the connection of multiple sites in a single bridged domain over a managed IP/MPLS network. VPLS uses the provider core to join multiple attachment circuits together, to simulate a virtual bridge that connects the multiple attachment circuits together.
• EIGRP MPLS VPN PE-CE SoO—Introduces the capability to filter MPLS Virtual Private Network (VPN) traffic on a per-site basis for Enhanced Interior Gateway Routing Protocol (EIGRP) networks. SoO filtering is configured at the interface level and is used to manage MPLS VPN traffic, and to prevent transient routing loops from occurring in complex and mixed network topologies.
• Route Target Rewrite—Allows the replacement of route targets on incoming and outgoing Border Gateway Protocol (BGP) updates. Route targets are carried as extended community attributes in BGP Virtual Private Network IP Version 4 (VPNv4) updates. Route target extended community attributes are used to identify a set of sites and VPN routing and forwarding (VRF) instances that can receive routes with a configured route target.
• eiBGP— Enables you to configure multipath load balancing with both eBGP and iBGP paths in Border Gateway Protocol (BGP) networks that are configured to use MPLS VPNs. The feature provides improved load balancing deployment and service offering capabilities and is useful for multi-homed autonomous systems and Provider Edge (PE) routers that import both eBGP and iBGP paths from multihomed and stub networks.
• 6PE—A technique that provides global IPv6 reachability over IPv4 MPLS. It allows one shared routing table for all other devices. 6PE allows IPv6 domains to communicate with one another over the IPv4 without an explicit tunnel setup, requiring only one IPv4 address per IPv6 domain.
• 6VPE—A mechanism to use the IPv4 backbone to provide VPN IPv6 services. 6VPE is like a regular IPv4 MPLS-VPN provider edge, with an addition of IPv6 support within VRF. It provides logically separate routing table entries for VPN member devices.

See Multiprotocol Label Switching.

(Network Advantage)

Programmability

• Zero-Touch Provisioning (ZTP): HTTP Download.
• Model-Driven Telemetry
• Preboot Execution Environment Client (iPXE)
• YANG Data Models

Programmability features introduced or enhanced in this release:

• ZTP—Now supports HTTP file download along with TFTP file download.
• Model-Driven Telemetry—Provides a mechanism to stream data from a Model-Driven Telemetry-capable device, to a destination. The data to be streamed is driven through subscription. The feature is enabled automatically, when NETCONF-YANG is started on a device.
• iPXE—An open Preboot eXecution Environment (PXE) client that allows a device to boot from a network boot image. iPXE is supported with IPv4 only.
• YANG Data Models—For the list of Cisco IOS XE YANG models available with this release, navigate to https://github.com/YangModels/yang/tree/master/vendor/cisco/xe/1661.

Revision statements embedded in the YANG files indicate if there has been a model revision. The README.md file in the same github location highlights changes that have been made in the release.

See the Programmability Configuration Guide, Cisco IOS XE Everest 16.6.1.

(Network Essentials and Network Advantage)

Software Maintenance Upgrade (SMU)

SMU is a package that can be installed on a system, to provide a patch fix or security resolution to a released image.

See System Management -> Software Maintenance Upgrade.

(DNA Advantage)

Stateful Switchover (SSO) Support for IPv6

SSO is now supported for IPv6 traffic.

With this feature, when an active switch fails, the standby switch starts up in a fully-initialized state and synchronizes with the persistent configuration and the running configuration of the active switch. The new active switch uses existing Layer 2 switching information to continue forwarding traffic.

See High Availability -> Configuring NSF with SSO.

(Network Essentials and Network Advantage)

Virtual Private Network Routing and Forwarding- Aware (VRF-Aware) Generic Routing Encapsulation (GRE)

Enables you to configure the source and destination of a GRE IP tunnel to belong to any VRF table.

See Routing -> Configuring Generic Routing Encapsulation (GRE) Tunnel IP Source and Destination VRF Membership.

(Network Advantage)

Web UI support for DNS Proxy and troubleshooting

Features introduced and updated on the Web UI in this release:

• DNS Proxy Support
• Troubleshooting- Audit Device Configuration
• Troubleshooting- Debug Bundle

C9500-12Q-E

Network Essentials

12 40-Gigabit Ethernet QSFP ports and two power supply slots

C9500-12Q-A

Network Advantage

C9500-24Q-E

Network Essentials

Cisco Catalyst 9500 Series 24-Port 40 Gigabit Ethernet.

C9500-24Q-A

Network Advantage

C9500-40X-E

Network Essentials

40 10-Gigabit Ethernet SFP ports and two power supply slots; support for optional network modules on uplink ports — 8-Port 10 Gigabit Ethernet(SFP) and 2-Port 40 Gigabit Ethernet(QSFP)

C9500-40X-A

Network Advantage

C9500-40X-2Q-E

Network Essentials

40 10-Gigabit Ethernet SFP ports and a 2-Port 40-Gigabit Ethernet (QSFP) network module on uplink ports; and two power supply slots

C9500-40X-2Q-A

Network Advantage

C9500-48X-E

Network Essentials

40 10-Gigabit Ethernet SFP ports and an 8-Port 10-Gigabit Ethernet (SFP) network module on uplink ports; and two power supply slots

C9500-48X-E

Network Advantage

233 MHz minimum²

512 MB³

256

1024 x 768

Small

If you boot Cisco IOS XE Everest 16.6.2,
or Cisco IOS XE Everest 16.6.3,
or Cisco IOS XE Everest 16.6.4,
or Cisco IOS XE Everest 16.6.4a,
or Cisco IOS XE Everest 16.6.5,
or Cisco IOS XE Everest 16.6.6,
or Cisco IOS XE Everest 16.6.7,
or Cisco IOS XE Everest 16.6.8,

or Cisco IOS XE Everest 16.6.9,

or Cisco IOS XE Everest 16.6.10

for the first time

The boot loader may be upgraded to version 16.6.1r [FC1]. For example:

If the automatic boot loader upgrade occurs while booting, you will see the following on the console:

If you boot Cisco IOS XE Everest 16.6.1 the first time

The boot loader may be upgraded to version 16.6.1r [FC1]. For example:

If the automatic boot loader upgrade occurs while booting Cisco IOS XE Everest 16.6.1, you will see the following on the console:

DNA Essentials

DNA Advantage

Network Essentials

Yes

No

Network Advantage

Yes⁴

Yes

CSCvh72186

ROMMON: HTTP booting does not allow specified port number

CSCvk60809

Wrong Time-Stamp is saved in pcap.

CSCvq13053

NAT translation entry not cleared after fin-rst time-out

CSCvq72713

Cat3k/Cat9k can't forwarding traffic follow the rule of EIGRP unequal cost load-balancing

CSCvr21001

QoS with policing traffic that do not match the ACL on the class-map

CSCvt53563

Cisco IOS XE Software NETCONF and RESTCONF Authentication Bypass Vulnerability

CSCvw25564

Cisco IOS and IOS XE Software IKEv2 AutoReconnect Feature Denial of Service Vulnerability

CSCvw46194

IOS and IOS XE Software UDLD Denial of Service Vulnerability

CSCvx41294

High CPU usage caused by "TCP Timer" process

CSCvx66699

Cisco IOS and IOS XE Software TrustSec CLI Parser Denial of Service Vulnerability

CSCvf75522

Traffic incorrectly matches an ACL-based class-map that contains 'range' operations

CSCvo67790

Switch crash seen when unconfig/defaulting MACSec session over a range of interfaces

CSCvt30243

Connectivity issue after moving client from dot1x enable port to non dot1x port

CSCvu30597

Cisco IOS XE Software Ethernet Frame Denial of Service Vulnerability

CSCvv48305

Route not fully programmed in the hardware for MACSec enabled end-point

CSCvm40582

Crash when entering username with aaa common-criteria policy password

CSCvo78608

DOM SFP sensor entries are not available and cannot be polled via SNMP

CSCvp73666

DNA - LAN Automation doesn't configure link between Peer Device and PnP Agent due CDP limitation

CSCvp81958

Cat9x00 hitting "No connections to Shell Manager available for processing the command"

CSCvq39840

CiscoFlashFile - Get-Next request takes longer time for last file on directory.

CSCvr03905

Memory Leak on FED due to IPv6 Source Guard

CSCvr20522

Cat3k/9k BOOTREPLY dropped when DHCP snooping is enabled

CSCvr46931

ports remain down/down object-manager (fed-ots-mo thread is stuck)

CSCvr59959

Cat3k/9k Flow-based SPAN(FSPAN) can only work in one direction when multiple session configured

CSCvq72181

Seeing 100% CPU with FED on SVL setup

CSCvf42299

User defined System MTU is not taking effect on PO and SVI

CSCvj16691

port LED may turn to amber

CSCvm89543

StackWise-Virtual Ping fails momentarily due to GLC-T optics Link goes up during reboots

CSCvn30230

Slow memory leak in linux_iosd-imag

CSCvn81334

Default ACL being enforced even when dACL is applied after Reload

CSCvo65974

QinQ tunnels causing L2 loop in specific topology.

CSCvo71264

Gateway routes DHCP offer incorrectly after DHCP snooping

CSCvo83305

MAC Access List Blocks Unintended Traffic

CSCvo85183

Uplinkfast take time when recovery from link failure

CSCvo85422

Directly connected IPv4/IPv6 hosts not programmed in HW - %FMFP-3-OBJ_DWNLD_TO_DP_FAILED

CSCvo94058

URPF packet drop despite "rx allow-default" option

CSCvp00026

No audio during first few seconds of voice call between 2 Fabric Edge

CSCvp15389

Port security configuration on interface causing connectivity issue

CSCvp26792

Control plane impacted when > 1Gbps multicast passes through and no entry in IGMP snooping

CSCvp30239

Memory leak when there are constant changes in REP ring

CSCvp33294

Asic 0 Core 0 buffer stuck, rwePbcStall seen

CSCvp43131

Mgmt port "speed 1000" and "negotiation auto" in show run

CSCvp54779

[SDA] 1st ARP Reply is dropped at remote Fabric Edge

CSCvp69629

Authentication sessions does not come up on configuring dot1x when there is active client traffic.

CSCvp75221

Modules shows faulty status when specific MAC ACL is applied on interfaces

CSCvp89755

VPN label is wrongly derived as explicit-null in Cat9k for L3 VPN traffic

CSCvp90279

ADV and REP DHCPv6 packets are sent to SISF when source udp port is not 547

CSCvq01185

SNMP-3-RESPONSE_DELAYED: and timeout when polling ent Sensor Value Entry

CSCvq22011

ARP replies are dropped when IPDT gleans from ARP

CSCvq30316

[SDA] 1st ARP fix for CSCvp00026 is eventually failing after longevity

CSCvq30460

SYS-2-BADSHARE: Bad refcount in datagram_done - messages seen during system churn

CSCvq40137

Mac address not being learnt when "auth port-control auto" command is present

CSCvq44397

ospf down upon switchover with aggressive timers "hello-interval 1" and "dead-interval 4"

CSCvn08296

DNA Center 1.2.5 - SDA Border as RP incorrectly resolving RPF next-hop as LISP interface

CSCvo32446

High CPU Due To Looped Packet and/or Unicast DHCP ACK Dropped

CSCuw36080

SNMP with Extended ACL

CSCvg73991

PBR adjacency not getting updated correctly after shut/no shut on interface

CSCvm07353

Router may crash when a SSH session is closed after configure TACACS

CSCvm48084

Remark in DACL causes Authorization failure

CSCvm77197

C9300/9500:%IOSXE-2-PLATFORM: Switch 1 R0/0: kernel: EXT2-fs (sda1): error:

CSCvm89086

SPAN destination interface not dropping ingress traffic

CSCvn01822

cmnMacMoveNotification is generated when a MAC address is moved between same Port-channel interface

CSCvn23706

no mac address-table notification mac-move can't be saved after reload device

CSCvn31477

Layer 2 SSM Multicast traffic hitting the CPU when SVI is configured with PIM Spare Mode

CSCvn46517

some sgacl were not installed after update a Cell in ISE

CSCvn56579

MQIPC memory corruption resulting dot1x/MAB not working for wired clients

CSCvn72973

Device is getting crashed on the "cts role-based enforcement"

CSCvn74807

Cisco TrustSec crash while processing CoA update

CSCvn79221

MAC ADDRESS LEARNING FAILURE ON PORT CONFIGURED WITH PORT-SECURITY

CSCvo15594

MATM programming issue for remote client

CSCvo42353

SDA; Cat3K,Cat9K:-External border creating incorrect CEF/map-cache entry due to multicast

CSCvh85885

IPv6 stale entries not expiring

CSCvi48988

SNMP timeout when querying entSensorValueEntry

CSCvi96965

Radius Automate Tester probe on feature is not working as expected.

CSCvj79694

sgt-map gets cleared for some of the end points for unknown reason

CSCvj92201

16.6.4:Device-tracking does not consistenly show DH4 for DHCP clients

CSCvk20003

Polaris: Host limit of 32 for session monitoring sessions

CSCvk30813

MAB fails to start negotiation after device moves to another layer 2 adjacent switch

CSCvk32866

SISF probing behavior should be changed from broadcast to unicast

CSCvk33369

Stack-merge on Stby and CONN_ERR_CONN_TIMEOUT_ERR on Active with multiple SWO

CSCvk33624

SFF8472-3-READ_ERROR message seen for SVL ports

CSCvk34927

DHCP snooping table not updated from DHCP snooping DB file upon reload.

CSCvk39041

SDA: IP phone latency in fabric is close to 4 sec's

CSCvk60752

DHCP offer with Option 82 but no Remote ID suboption dropped by CAT9K relay agent

CSCvk63089

show logging onboard switch active uptime detail shows 133 years as uptime

CSCvm00765

BFD crash on imitating traffic loss

CSCvm01064

PE stops VPLS traffic forwarding after xconnect flap

CSCvm33622

WCCP redirection to proxy server breaks in certain scenarios.

CSCvm35904

16.6.3: Access Tunnel Create Interface code is considered to be update request in FMAN_FP

CSCvm36333

MAC address programming issue

CSCvm39894

False authorizations and authentications even without radius server for dot1x/mab

CSCvm43071

[IBNS 2.0] aaa-available event is not being triggered when using authentication/authorization list

CSCvm43200

Traffic is not forward out on standby switch over SVL after SSO

CSCvm46814

session management process smd crash at cts_sga due to TDL memory depletion.

CSCvm60720

Broadcast Gratuitous ARP changed to unicast by switch leading to DHCP decline from client

CSCvm62274

Multicast traffic is software switched when switch is provisioned as Edge in Fabric - SDA Deployment

CSCvm63651

Memory leak due to authentication mac-move permit

CSCvm75378

Cat9x00: IPv6 SPAN filter still applied in hardware when removing entire monitor session

CSCvm81361

3850 stack SVL link status incorrect

CSCvm86135

SMD crash after removing access-session attributes filter-list

CSCvm89005

Packets looped internally during VXLAN decap in SD-Access environment

CSCvm95352

uRPF TCAM Resources exhausted even without uRPF configured on the switch

CSCvm97660

C9300 reflects back traffic on the same interface

CSCvn08672

DHCP packets cause unknown protocol drops on 16.6.x

CSCvn36398

WCCP Access-list might not be removed from interface after a WCCP loss of service

CSCvn46171

Rapid Memory Leak in "FED Main Event" Process due to Modifying Adjacencys

CSCvj83551

SISF crash in IPV6 neighbor discovery packets

CSCvm36748

FED crash at expired "FED MAC AGING TIMER" or "unknown" timer without a stack trace.

CSCvm35904

16.6.3: Access Tunnel Create Interface code is considered to be update request in FMAN_FP

CSCvk60752

DHCP offer with Option 82 but no Remote ID suboption dropped by CAT9K relay agent

CSCvk32774

ACE entry with *established or range * in ACL drops TCP/UDP packets.

CSCvk31115

Device-sensor doesn't send data off initial boot

CSCvj86644

SDA: DHCP does not remove option 82 when sending packets to end-hosts

CSCvk39041

SDA: IP phone latency in fabric is close to 4 sec's

CSCvk02589

Connectivity is lost every four hours when ipv4 and ipv6 dual stack is configured.

CSCvk22204

stackwise virtual will blackhole traffic on standby unit after switchover, NIF is stuck

CSCvm09611

C9x00 crashed with multicast memory corruption.

CSCvj33865

Clearing mac address table should not delete entries created by control plane/remote entries

CSCvk07070

Observing bmalloc smd leaks at OBJ_WEBAUTH_LOGOUT_URL with webauth

CSCvk16813

DHCP client traffic dropped with DHCP snooping and port-channel or cross stack uplinks.

CSCvk46664

DNA Center SWIM Upgrade fails and unable to upgrade manually

CSCvk50734

Device Tracking - Memory leak observed with IPv6 NS/NA Packets.

CSCvk53444

Packets with Fragment Offset not forwarded with DHCP Snooping Enabled in 16.6.4

CSCvm01064

PE stops VPLS traffic forwarding after xconnect flap

CSCvm09121

Evaluation of IOS-XE for CVE-2018-5391 (FragmentSmack)

CSCvk00115

Uplink FRU module hardware authentication failed

CSCvi69699

9400 - 9300: 40G copper QSFP interoperability broken (link down)

CSCvi83373

Repetitive logs show up 47K times in fed tracelogs

CSCvj52681

dynamic vlan assignment causes all sisf entires under the port to be deleted

CSCvi91714

IPv6 address not assigned or delayed when RA Guard is enabled

CSCvi76084

Device-tracking entry stuck in TENTATIVE for certain Mac Pro hosts configured with static IP

CSCvi38916

Persistent Telnet and SSH crashes when configured in 16.6.2

CSCvi26398

"%LISP-4-LOCAL_EID_RLOC_INCONSISTENCY" should be supporessed in SDA context

CSCvi20882

Netconf IP-SLA udp-jitter case missing leaf codec

CSCvi11970

Abnormal output for show pnp tech-support

CSCvh85772

Switch not responding to ARP request for GW Anycast IP

CSCvh79942

Chunk corruption crash related to PNP or Guestshell

CSCvh21909

LISP: Overlapping prefix causes "probe-down" for map-cache entry

CSCvh09334

SDA-IPV6::SISF traceback @ar_relay_create_entry - L2 Binding tbl entry insertion failed

CSCvg45950

packet drop seen intermittently if 40G traffic sent via cts interface

CSCvb69966

Memory leak under LLDP Protocol process

CSCvg41950

Cisco IOS XE Software Diagnostic Shell Path Traversal Vulnerability

CSCvg53159

%SNMP-3-RESPONSE_DELAYED: processing GetNext of cafSessionEntry.2 seen on catalyst switch

CSCvg95580

interface speed config went lost after same FRU OIR with "write mem"

CSCvh48397

create_directory_cache: failed to stat flash message see when device managed by dnac

CSCvh66763

crash is seen at fed_l3_aal_delete_adj

CSCvh71539

Command "show aaa servers" reloads the switch

CSCvh84345

IOS CLI "show platform software fed switch active punt cause summary" may display negative counts

CSCvh87131

TRACEBACK: OID cefcModuleEntry crashes the box

CSCvh87270

StackWise Virtual not forwarding IGMP traffic over the standby switch.

CSCvi08459

set different words for username and password, but username shown the same as password

CSCvi09054

Stackwise Virtual: Routing Neighborships on Standby dont come up with MTU > 9116

CSCvi19809

Memory leak in TMS process

CSCvi38191

Memory leak in lman process due to "ld_license_ext.dat" build-up.

CSCvi39202

DHCP fails when DHCP snooping trust is enabled on uplink etherchannel

CSCvi70528

Cat9K- 40G QSFP Tx/Rx power out of valid range

CSCvi87106

Cat9K - 40G QSA adaptor, Rx power invalid.

CSCvi93137

Voice domain not forwarding for certain clients

CSCvj49476

Telnet Sessions Hang/Become unavailable at execution of "show run"

CSCvh31431

Memory leak in linux_iosd-image on 16.6 releases.

CSCvh52882

Memory Leak due to nbar config.

CSCvh69402

Dot1x specific configuration applied but not working on the interface.

CSCvh81152

Local SVI IP is registered as dynamic-eid.

CSCvh06383

16.6.x: Intermittent traffic loss for MAB devices after successful intial authentication.

CSCvg58682

Stackwise SNMP OID for cswDistrStackPhyPort and cswDistrStackPhyPortNbr not working.

CSCvg56727

Crashes with 'server-key' command using key of 128 characters or more.

CSCve32330

%UTIL-6-RANDOM: A pseudo-random number was generated twice in succession.

CSCvg22515

After upgrade of IOS, SSH passwords longer than 25 characters do not work.

CSCvg60288

Device IP address AV pair replaced with 192.168.1.5.

CSCvh32416

Evaluation of all for CPU Side-Channel Information Disclosure Vulnerability.

CSCvh55578

To add recovery mechanism for glean entry.

CSCvf84349

Router crash on polling cEigrpPeerEntry.

CSCvf36657

Catalyst 9500: Interface not coming up after shut/no-shut.

CSCvf75518

Controller port error interface.

CSCve29216

9500-WebUI: Upon hovering an interface, status description is incorrectly displayed as no link