Release Notes for Cisco Catalyst 3850 Series Switches, Cisco IOS XE Gibraltar 16.12.x
Introduction
Cisco Catalyst 3850 Series Switches are the next generation of enterprise class stackable access layer switches, with the new and improved 480-Gbps StackWise-480 and Cisco StackPower. Security and application visibility and control are natively built into the switch.
Cisco Catalyst 3850 Series Switches also support full IEEE 802.3 at Power over Ethernet Plus (PoE+), modular and field replaceable network modules, redundant fans, and power supplies. Cisco Catalyst 3650 Series Switches enhance productivity by enabling applications such as IP telephony and video for a true borderless network experience.
Cisco IOS XE represents the continuing evolution of the preeminent Cisco IOS operating system. The Cisco IOS XE architecture and well-defined set of APIs extend the Cisco IOS software to improve portability across platforms and extensibility outside the Cisco IOS environment. The Cisco IOS XE software retains the same look and feel of the Cisco IOS software, while providing enhanced future-proofing and improved functionality.
Whats New in Cisco IOS XE Gibraltar 16.12.12
There are no new hardware or software features in this release. For the list of open and resolved caveats in this release, see Caveats.
Whats New in Cisco IOS XE Gibraltar 16.12.11
There are no new hardware or software features in this release. For the list of open and resolved caveats in this release, see Caveats.
Whats New in Cisco IOS XE Gibraltar 16.12.10a
There are no new features in this release. This release provides a fix for CSCwh87343: Cisco IOS XE Software Web UI Privilege Escalation Vulnerability. For more information, see Security Advisory: cisco-sa-iosxe-webui-privesc-j22SaA4z.
Whats New in Cisco IOS XE Gibraltar 16.12.10
There are no new hardware or software features in this release. For the list of open and resolved caveats in this release, see Caveats.
Whats New in Cisco IOS XE Gibraltar 16.12.9
Hardware Features in Cisco IOS XE Gibraltar 16.12.9
None.
Software Features in Cisco IOS XE Fuji 16.12.9
Feature Name |
Description |
---|---|
Secure Data Wipe |
Introduces support for performing factory reset by using the keyword all secure in the factory-reset command. This option performs data sanitisation and securely resets the device. |
Whats New in Cisco IOS XE Gibraltar 16.12.8
There are no new hardware or software features in this release. For the list of open and resolved caveats in this release, see Caveats.
Whats New in Cisco IOS XE Gibraltar 16.12.7
There are no new hardware or software features in this release. For the list of open and resolved caveats in this release, see Caveats.
Whats New in Cisco IOS XE Gibraltar 16.12.6
Hardware Features in Cisco IOS XE Gibraltar 16.12.6
There are no new hardware features in this release.
Software Features in Cisco IOS XE Gibraltar 16.12.6
Feature Name |
Description, Documentation Link, and License Level Information |
||
---|---|---|---|
License Status Change for Evaluation and Expired Evaluation Licenses |
To ensure audit compliance for all your licenses, starting with Cisco IOS XE Gibraltar 16.12.6, a device that is not connected to CSSM will see a change in the license status field, only for evaluation and expired evaluation licenses. What was displayed as This change in the license status is effective only under the following conditions:
See System Management → Configuring Smart Licensing, section License Status Change for Evaluation and Expired Evaluation Licenses. See also Specific License Reservation, section License Status Change for Evaluation and Expired Evaluation Licenses.
(A license level does not apply) |
Whats New in Cisco IOS XE Gibraltar 16.12.5b
There are no new hardware or software features in this release. For the list of open and resolved caveats in this release, see Caveats.
Whats New in Cisco IOS XE Gibraltar 16.12.5
There are no new hardware or software features in this release. For the list of open and resolved caveats in this release, see Caveats.
Whats New in Cisco IOS XE Gibraltar 16.12.4
There are no new hardware or software features in this release. For the list of open and resolved caveats in this release, see Caveats.
Whats New in Cisco IOS XE Gibraltar 16.12.3a
There are no new hardware or software features in this release. For the list of open and resolved caveats in this release, see Caveats.
Whats New in Cisco IOS XE Gibraltar 16.12.3
Whats New in Cisco IOS XE Gibraltar 16.12.1
Hardware Features in Cisco IOS XE Gibraltar 16.12.1
None.
Software Features in Cisco IOS XE Gibraltar 16.12.1
Feature Name |
Description, Documentation Link, and License Level Information |
---|---|
Autoconf Device Granularity to PID of Cisco Switch |
Introduces the platform type filter option for class map and parameter map configurations. Use the map platform-type command in parameter map filter configuration mode, to set the parameter map attribute and the match platform-type command in control class-map filter configuration mode, to evaluate control classes.
See Network Management → Configuring Autoconf.
|
Bidirectional Protocol Independent Multicast (PIM) |
Introduces support for bidirectional PIM. This feature is an extension of the PIM suite of protocols that implements shared sparse trees with bidirectional data flow. In contrast to PIM-sparse mode, bidirectional PIM avoids keeping source-specific state in a router and allows trees to scale to an arbitrary number of sources.
See IP Multicast Routing → Configuring Protocol Independent Multicast (PIM).
(IP Base and IP Services) |
Flexlink+ |
Configures a pair of Layer 2 interfaces - one interface is configured to act as a backup for the other interface.
See Layer 2 → Configuring Flexlink+.
(LAN Base, IP Base, and, IP Services) |
IEEE 1588v2, Precision Time Protocol (PTP) support |
Introduces PTP support on native Layer 3 ports.
See Layer 2 → Configuring Precision Time Protocol (PTP).
(IP Base and IP Services) |
IPv4 and IPv6: Object Groups for access control lists (ACLs) |
Enables you to classify users, devices, or protocols into groups and apply them to ACLs, to create access control policies for these groups. With this feature, you use object groups instead of individual IP addresses, protocols, and ports, which are used in conventional ACLs. It allows multiple access control entries (ACEs), and you can use each ACE to allow or deny an entire group of users the access to a group of servers or services.
See Security → Object Groups for ACLs.
(LAN Base, IP Base, and IP Services) |
IPv6: BGP |
IPv6 support is introduced for the following features:
(IP Services ) |
IPv6: Intermediate System to Intermediate System (IS-IS) |
IPv6 support is introduced for the following IS-IS features:
|
IPv6: IP Enhanced IGRP Route Authentication |
IPv6 support is introduced for IP Enhanced IGRP Route Authentication
(IP Services) |
IPv6: IP Service Level Agreements (SLAs) |
IPv6 support is introduced for following IP SLA features:
(IP Base and IP Services) |
IPv6: MIBs for IPv6 Traffic |
IPv6 support is introduced for the following MIBs:
(LAN Base, IP Base and, IP Services) |
IPv6: Multiprotocol Label Switching (MPLS) |
IPv6 support is introduced for the following MPLS features:
(IP Services) |
IPv6: Multicast Routing |
IPv6 support is introduced for the following multicast routing features:
(IP Base and IP Services) |
IPv6: PBR Recursive Next-Hop |
IPv6 support is introduced for PBR Recursive Next-Hop option.
(LAN Base, IP Base and, IP Services) |
IPv6-based Posture Validation |
IPv6 support is introduced for Posture Validation.
(LAN Base, IP Base and, IP Services) |
IPv6: Proxy Mobile |
IPv6 support is introduced for PMIPv6 Hybrid Access.
|
IPv6: Open Shortest Path First (OSPF) |
IPv6 support is introduced for the following OSPF features:
(LAN Base, IP Base and, IP Services) |
IPv6: Services |
IPv6 support is introduced for AAAA DNS Lookups over an IPv6 Transport.
(LAN Base, IP Base and, IP Services) |
IPv6: Time-Based Access Lists Using Time Ranges |
IPv6 support is introduced for Time-Based Access Lists using time ranges.
(LAN Base, IP Base and, IP Services) |
IPv6: Triggered RIP |
IPv6 support is introduced for Triggered Extensions to RIP. |
Programmability
|
The following programmability features are introduced in this release:
See Programmability.
(LAN Base, IP Base, and IP Services) |
Stack troubleshooting optimization |
The output of the show tech-support stack command has been enhanced to include more stack-related information.
(A license level does not apply) |
New on the Web UI |
|
|
Use the WebUI for:
|
Important Notes
Cisco StackWise Virtual - Supported and Unsupported Features
When you enable Cisco StackWise Virtual on the device
-
Layer 2, Layer 3, Security, Quality of Service, Multicast, Application, Monitoring and Management, Multiprotocol Label Switching, High Availability, and VXLAN BGP EVPN are supported.
Contact the Cisco Technical Support Centre for the specific list of features that are supported under each one of these technologies.
-
Resilient Ethernet Protocol, Remote Switched Port Analyzer, and Sofware-Defined Access are NOT supported
Unsupported Features
-
802.1x Configurable username and password for MAC Authentication Bypass (MAB)
-
Cisco Group Management Protocol (CGMP)
-
Cisco Plug-In for OpenFlow (OpenFlow 1.0 and 1.3) is available in Cisco IOS XE Release 3.7.3E, but is not supported in later releases.
-
Cisco TrustSec 802.1x
-
Cisco TrustSec critical authentication
-
Cisco Networking Services (CNS) configuration agent
-
Converged Access (CA) is not supported beyond Cisco IOS XE Denali 16.3.x.
On the Cisco Catalyst 3850 Series Switches, CA is supported in the Cisco IOS XE Denali 16.3.x software release, which has extended support for 40 months.
-
Command Switch Redundancy
-
Device classifier for Auto Smartports (ASP)
-
Dynamic Host Configuration Protocol (DHCP) snooping ASCII circuit ID
-
DHCP version 6 (DHCPv6) relay source configuration
-
Distance Vector Multicast Routing Protocol (DVMRP) tunneling
-
Dynamic access ports
-
Fallback bridging for non-IP traffic
-
IEEE 802.1X-2010 with 802.1AE support
-
Improvements in QoS policing rates
-
Ingress Strict Priority Queuing (Expedite)
-
IPsec
-
IP-in-IP (IPIP) Tunneling
-
IPsec VPN
-
IP SLA Media Operation
-
IPv6 support for Internet Key Exchange (IKE) versoin 2 / IP Security (IPSec) version 3
-
IPv6 ready logo phase II - host
-
IPv6 static route support on LAN Base images
-
IPv6 strict host mode
-
Layer 2 tunneling protocol enhancements
-
Link-state tracking
-
Mesh, FlexConnect, and OfficeExtend access point deployment
-
Medianet
-
MSE 8.x is not supported with Cisco IOS XE Denali 16.x.x.
-
Passive monitoring
-
Per VLAN policer
-
Performance Monitor (Phase 1)
-
Port security on EtherChannels
-
Pragmatic General Multicast (PGM)
-
RFC 4292 IP-FORWARD-MIB (IPv6 only)
-
RFC 4293 IP-MIB (IPv6 only)
-
RFC5460 DHCPv6 Bulk leasequery
-
Trust boundary configuration
-
UniDirectional Link Routing (UDLR)
-
VLAN access control lists (VACL) logging of access denied
-
Virtual Routing and Forwarding (VRF)-Aware web authentication
-
Web-Based Authentication without SVI
-
Weighted Random Early Detection (WRED)
Complete List of Supported Features
For the complete list of features supported on a platform, see the Cisco Feature Navigator at https://www.cisco.com/go/cfn.
Default Behaviour
Beginning from Cisco IOS XE Gibraltar 16.12.5 and later, do not fragment bit (DF bit) in the IP packet is always set to 0 for all outgoing RADIUS packets (packets that originate from the device towards the RADIUS server).
Supported Hardware
Cisco Catalyst 3850 Series Switches—Model Numbers
Switch Model |
Cisco IOS Image |
Description |
---|---|---|
WS-C3850-24T-L |
LAN Base |
Cisco Catalyst 3850 Stackable 24 10/100/1000 Ethernet ports, with 350-WAC power supply 1 RU, LAN Base feature set (StackPower cables must be purchased separately) |
WS-C3850-48T-L |
LAN Base |
Cisco Catalyst 3850 Stackable 48 10/100/1000 Ethernet ports, with 350-WAC power supply 1 RU, LAN Base feature set (StackPower cables must be purchased separately) |
WS-C3850-24P-L |
LAN Base |
Cisco Catalyst 3850 Stackable 24 10/100/1000 Ethernet PoE+ ports, with 715-WAC power supply 1 RU, LAN Base feature set (StackPower cables must be purchased separately) |
WS-C3850-48P-L |
LAN Base |
Cisco Catalyst 3850 Stackable 48 10/100/1000 Ethernet PoE+ ports, with 715-WAC power supply 1 RU, LAN Base feature set (StackPower cables must be purchased separately) |
WS-C3850-48F-L |
LAN Base |
Cisco Catalyst 3850 Stackable 48 10/100/1000 Ethernet PoE+ ports, with 1100-WAC power supply 1 RU, LAN Base feature set (StackPower cables must be purchased separately) |
WS-C3850-24U-L |
LAN Base |
Cisco Catalyst 3850 Stackable 24 10/100/1000 Cisco UPOE ports, 1 network module slot, 1100 W power supply |
WS-C3850-48U-L |
LAN Base |
Cisco Catalyst 3850 Stackable 48 10/100/1000 Cisco UPOE ports, 1 network module slot, 1100 W power supply |
WS-C3850-12X48U-L |
LAN Base |
Cisco Catalyst 3850 Stackable 12 100M/1G/2.5G/5G/10G and 36 1G UPoE ports, 1 network module slot, 1100 W power supply |
WS-C3850-24XU-L |
LAN Base |
Cisco Catalyst 3850 Stackable 24 100M/1G/2.5G/5G/10G UPoE ports, 1 network module slot, 1100 W AC power supply 1RU |
WS-C3850-24T-S |
IP Base |
Cisco Catalyst 3850 Stackable 24 10/100/1000 Ethernet ports, with 350-WAC power supply 1 RU, IP Base feature set |
WS-C3850-48T-S |
IP Base |
Cisco Catalyst 3850 Stackable 48 10/100/1000 Ethernet ports, with 350-WAC power supply 1 RU, IP Base feature set |
WS-C3850-24P-S |
IP Base |
Cisco Catalyst 3850 Stackable 24 10/100/1000 Ethernet PoE+ ports, with 715-WAC power supply 1 RU, IP Base feature set |
WS-C3850-48P-S |
IP Base |
Cisco Catalyst 3850 Stackable 48 10/100/1000 Ethernet PoE+ ports, with 715-WAC power supply 1 RU, IP Base feature set |
WS-C3850-48F-S |
IP Base |
Cisco Catalyst 3850 Stackable 48 10/100/1000 Ethernet PoE+ ports, with 1100-WAC power supply, 1 RU. |
WS-C3850-24U-S |
IP Base |
Cisco Catalyst 3850 Stackable 24 10/100/1000 Cisco UPOE ports, 1 network module slot, 1100 W power supply |
WS-C3850-48U-S |
IP Base |
Cisco Catalyst 3850 Stackable 48 10/100/1000 Cisco UPOE ports, 1 network module slot, 1100 W power supply |
WS-C3850-24PW-S |
IP Base |
Cisco Catalyst 3850 24-port PoE IP Base with 5-access point license |
WS-C3850-48PW-S |
IP Base |
Cisco Catalyst 3850 48-port PoE IP Base with 5-access point license |
WS-C3850-12S-S |
IP Base |
Cisco Catalyst 3850 12 SFP module slots, 1 network module slot, 350-W power supply |
WS-C3850-24S-S |
IP Base |
Cisco Catalyst 3850 24 SFP module slots, 1 network module slot, 350-W power supply |
WS-C3850-12XS-S |
IP Base |
Cisco Catalyst 3850 12-port SFP+ transceiver, 1 network module slot, support for up to 10 G SFP+, 350 W power supply |
WS-C3850-16XS-S |
IP Base |
Cisco Catalyst 3850 16-port SFP+ transceiver, 1 network module slot, support for up to 10 G SFP+, 350 W power supply. 16 ports are available when the C3850-NM-4-10G network module is plugged into the WS-C3850-12XS-S switch. |
WS-C3850-24XS-S |
IP Base |
Cisco Catalyst 3850 24-port SFP+ transceiver, 1 network module slot, support for up to 10 G SFP+, 715 W power supply. |
WS-C3850-32XS-S |
IP Base |
Cisco Catalyst 3850 32-port SFP+ transceiver, 1 network module slot, support for up to 10 G SFP+, 715 W power supply. 32 ports are available when the C3850-NM-8-10G network module is plugged into the WS-C3850-24XS-S switch. |
WS-C3850-48XS-S |
IP Base |
Standalone Cisco Catalyst 3850 Switch, that supports SFP+ transceivers, 48 ports that support up to 10G, and 4 QSFP ports that support up to 40G, and 750WAC front-to-back power supply. 1 RU. |
WS-C3850-48XS-F-S |
IP Base |
Standalone Cisco Catalyst 3850 Switch that supports SFP+ transceivers, 48 ports that support up to 10G, and 4 QSFP ports that support up to 40G, and 750WAC back-to-front power supply. 1 RU. |
WS-C3850-12X48U-S |
IP Base |
Cisco Catalyst 3850 Stackable 12 100M/1G/2.5G/5G/10G and 36 1 G UPoE ports, 1 network module slot, 1100 W power supply |
WS-C3850-24XU-S |
IP Base |
Cisco Catalyst 3850 Stackable 24 100M/1G/2.5G/5G/10G UPoE ports, 1 network module slot, 1100 W AC power supply 1RU |
WS-C3850-24T-E |
IP Services |
Cisco Catalyst 3850 Stackable 24 10/100/1000 Ethernet ports, with 350-WAC power supply 1 RU, IP Services feature set |
WS-C3850-48T-E |
IP Services |
Cisco Catalyst 3850 Stackable 48 10/100/1000 Ethernet ports, with 350-WAC power supply 1 RU, IP Services feature set |
WS-C3850-24P-E |
IP Services |
Cisco Catalyst 3850 Stackable 24 10/100/1000 Ethernet PoE+ ports, with 715-WAC power supply 1 RU, IP Services feature set |
WS-C3850-48P-E |
IP Services |
Cisco Catalyst 3850 Stackable 48 10/100/1000 Ethernet PoE+ ports, with 715-WAC power supply 1 RU, IP Services feature set |
WS-C3850-48F-E |
IP Services |
Cisco Catalyst 3850 Stackable 48 10/100/1000 Ethernet PoE+ ports, with 1100-WAC power supply 1 RU, IP Services feature set |
WS-C3850-24U-E |
IP Services |
Cisco Catalyst 3850 Stackable 24 10/100/1000 Cisco UPOE ports,1 network module slot, 1100-W power supply |
WS-C3850-48U-E |
IP Services |
Cisco Catalyst 3850 Stackable 48 10/100/1000 Cisco UPOE ports,1 network module slot, 1100-W power supply |
WS-C3850-12S-E |
IP Services |
Cisco Catalyst 3850 12 SFP module slots, 1 network module slot, 350-W power supply |
WS-C3850-24S-E |
IP Services |
Cisco Catalyst 3850 24 SFP module slots, 1 network module slot, 350-W power supply |
WS-C3850-12XS-E |
IP Services |
Cisco Catalyst 3850 12-port SFP+ transceiver, 1 network module slot, support for up to 10 G SFP+, 350 -W power supply |
WS-C3850-16XS-E |
IP Services |
Cisco Catalyst 3850 16-port SFP+ transceiver, 1 network module slot, support for up to 10 G SFP+, 350 W power supply 16 ports are available when the C3850-NM-4-10G network module is plugged into the WS-C3850-12XS-E switch. |
WS-C3850-24XS-E |
IP Services |
Cisco Catalyst 3850 24-port SFP+ transceiver, 1 network module slot, support for up to 10 G SFP+, 715 W power supply |
WS-C3850-32XS-E |
IP Services |
Cisco Catalyst 3850 32-port SFP+ transceiver, 1 network module slot, support for up to 10 G SFP+, 715 W power supply 32 ports are available when the C3850-NM-8-10G network module is plugged into the WS-C3850-24XS-E switch |
WS-C3850-12X48U-E |
IP Services |
Cisco Catalyst 3850 Stackable 12 100M/1G/2.5G/5G/10G and 36 1 G UPoE ports, 1 network module slot, 1100 W power supply |
WS-C3850-24XU-E |
IP Services |
Cisco Catalyst 3850 Stackable 24 100M/1G/2.5G/5G/10G UPoE ports, 1 network module slot, 1100 W AC power supply 1RU |
WS-C3850-48XS-E |
IP Services |
Standalone Cisco Catalyst 3850 Switch that supports SFP+ transceivers, 48 ports that support up to 10G, and 4 QSFP ports that support up to 40G, and 750 WAC front-to-back power supply. 1 RU. |
WS-C3850-48XS-F-E |
IP Services |
Standalone Cisco Catalyst 3850 Switch that supports SFP+ transceivers, 48 ports that support up to 10G, and 4 QSFP ports that support up to 40G, and 750WAC back-to-front power supply. 1 RU. |
Network Modules
The following table lists the three optional uplink network modules with 1-Gigabit and 10-Gigabit slots. You should only operate the switch with either a network module or a blank module installed.
Network Module |
Description |
---|---|
C3850-NM-4-1G |
This module has four 1 G SFP module slots. Any combination of standard SFP modules are supported. SFP+ modules are not supported. If you insert an SFP+ module in the 1G network module, the SFP+ module does not operate, and the switch logs an error message. Note the supported switch models:
|
C3850-NM-2-10G |
This module has four slots: Two slots (left side) support only 1 G SFP modules and two slots (right side) support either 1 G SFP or 10 G SFP modules. Note the supported switch models
|
C3850-NM-4-10G |
This module has four 10 G slots or four 1 G slots. Note the supported switch models
|
C3850-NM-8-10G |
This module has eight 10 G slots with an SFP+ port in each slot. Each port supports a 1 G or 10 G connection Note the supported switch models
|
C3850-NM-2-40G |
This module has two 40 G slots with a QSFP+ connector in each slot.
|
Optics Modules
Cisco Catalyst Series Switches support a wide range of optics and the list of supported optics is updated on a regular basis. Use the Transceiver Module Group (TMG) Compatibility Matrix tool, or consult the tables at this URL for the latest transceiver module compatibility information: https://www.cisco.com/en/US/products/hw/modules/ps5455/products_device_support_tables_list.html
Compatibility Matrix
The following table provides software compatibility information.
Catalyst 3850 |
Cisco 5700 WLC |
Cisco 5508 or WiSM2 |
MSE/CMX |
ISE |
ACS |
Cisco PI |
---|---|---|---|---|---|---|
Gibraltar 16.12.11 |
Not applicable |
Not applicable |
Not applicable |
2.6 |
- |
PI 3.9 + PI 3.9 latest maintenance release + PI 3.9 latest device pack See Cisco Prime Infrastructure 3.9 → Downloads. |
Gibraltar 16.12.10a |
Not applicable |
Not applicable |
Not applicable |
2.6 |
- |
PI 3.9 + PI 3.9 latest maintenance release + PI 3.9 latest device pack See Cisco Prime Infrastructure 3.9 → Downloads. |
Gibraltar 16.12.10 |
Not applicable |
Not applicable |
Not applicable |
2.6 |
- |
PI 3.9 + PI 3.9 latest maintenance release + PI 3.9 latest device pack See Cisco Prime Infrastructure 3.9 → Downloads. |
Gibraltar 16.12.9 |
Not applicable |
Not applicable |
Not applicable |
2.6 |
- |
PI 3.9 + PI 3.9 latest maintenance release + PI 3.9 latest device pack See Cisco Prime Infrastructure 3.9 → Downloads. |
Gibraltar 16.12.8 |
Not applicable |
Not applicable |
Not applicable |
2.6 |
- |
PI 3.9 + PI 3.9 latest maintenance release + PI 3.9 latest device pack See Cisco Prime Infrastructure 3.9 → Downloads. |
Gibraltar 16.12.7 |
Not applicable |
Not applicable |
Not applicable |
2.6 |
- |
PI 3.9 + PI 3.9 latest maintenance release + PI 3.9 latest device pack See Cisco Prime Infrastructure 3.9 → Downloads. |
Gibraltar 16.12.6 |
Not applicable |
Not applicable |
Not applicable |
2.6 |
- |
PI 3.9 + PI 3.9 latest maintenance release + PI 3.9 latest device pack See Cisco Prime Infrastructure 3.9 → Downloads. |
Gibraltar 16.12.5b |
Not applicable |
Not applicable |
Not applicable |
2.6 |
- |
PI 3.9 + PI 3.9 latest maintenance release + PI 3.9 latest device pack See Cisco Prime Infrastructure 3.9 → Downloads. |
Gibraltar 16.12.5 |
Not applicable |
Not applicable |
Not applicable |
2.6 |
- |
PI 3.9 + PI 3.9 latest maintenance release + PI 3.9 latest device pack See Cisco Prime Infrastructure 3.9 → Downloads. |
Gibraltar 16.12.4 |
Not applicable |
Not applicable |
Not applicable |
2.6 |
- |
PI 3.8 + PI 3.8 latest maintenance release + PI 3.8 latest device pack See Cisco Prime Infrastructure 3.8 → Downloads. |
Gibraltar 16.12.3a |
Not applicable |
Not applicable |
Not applicable |
2.6 |
- |
PI 3.5 + PI 3.5 latest maintenance release + PI 3.5 latest device pack See Cisco Prime Infrastructure 3.5 → Downloads. |
Gibraltar 16.12.3 |
Not applicable |
Not applicable |
Not applicable |
2.6 |
- |
PI 3.5 + PI 3.5 latest maintenance release + PI 3.5 latest device pack See Cisco Prime Infrastructure 3.5 → Downloads. |
Gibraltar 16.12.1 |
Not applicable |
Not applicable |
Not applicable |
2.6 |
- |
PI 3.5 + PI 3.5 latest maintenance release + PI 3.5 latest device pack See Cisco Prime Infrastructure 3.5 → Downloads. |
Gibraltar 16.11.1 |
Not applicable |
Not applicable |
Not applicable |
2.6 2.4 Patch 5 |
5.4 5.5 |
PI 3.4 + PI 3.4 latest maintenance release + PI 3.4 latest device pack See Cisco Prime Infrastructure 3.4 → Downloads. |
Fuji 16.9.8 |
Not applicable |
Not applicable |
Not applicable |
2.3 Patch 1 2.4 Patch 1 |
5.4 5.5 |
PI 3.9 + PI 3.9 latest maintenance release + PI 3.9 latest device pack See Cisco Prime Infrastructure 3.9 → Downloads. |
Fuji 16.9.7 |
Not applicable |
Not applicable |
Not applicable |
2.3 Patch 1 2.4 Patch 1 |
5.4 5.5 |
PI 3.9 + PI 3.9 latest maintenance release + PI 3.9 latest device pack See Cisco Prime Infrastructure 3.9 → Downloads. |
Fuji 16.9.6 |
Not applicable |
Not applicable |
Not applicable |
2.3 Patch 1 2.4 Patch 1 |
5.4 5.5 |
PI 3.4 + PI 3.4 latest maintenance release + PI 3.4 latest device pack See Cisco Prime Infrastructure 3.4→ Downloads. |
Fuji 16.9.5 |
Not applicable |
Not applicable |
Not applicable |
2.3 Patch 1 2.4 Patch 1 |
5.4 5.5 |
PI 3.4 + PI 3.4 latest maintenance release + PI 3.4 latest device pack See Cisco Prime Infrastructure 3.4→ Downloads |
Fuji 16.9.4 |
Not applicable |
Not applicable |
Not applicable |
2.3 Patch 1 2.4 Patch 1 |
5.4 5.5 |
PI 3.4 + PI 3.4 latest maintenance release + PI 3.4 latest device pack See Cisco Prime Infrastructure 3.4→ Downloads |
Fuji 16.9.3 |
Not applicable |
Not applicable |
Not applicable |
2.3 Patch 1 2.4 Patch 1 |
5.4 5.5 |
PI 3.4 + PI 3.4 latest maintenance release + PI 3.4 latest device pack See Cisco Prime Infrastructure 3.4→ Downloads. |
Fuji 16.9.2 |
Not applicable |
Not applicable |
Not applicable |
2.3 Patch 1 2.4 Patch 1 |
5.4 5.5 |
PI 3.4 + PI 3.4 latest maintenance release + PI 3.4 latest device pack See Cisco Prime Infrastructure 3.4→ Downloads. |
Fuji 16.9.1 |
Not applicable |
Not applicable |
Not applicable |
2.3 Patch 1 2.4 Patch 1 |
5.4 5.5 |
PI 3.4 + PI 3.4 latest device pack See Cisco Prime Infrastructure 3.4→ Downloads. |
Fuji 16.8.1a |
Not applicable |
Not applicable |
Not applicable |
2.3 Patch 1 2.4 |
5.4 5.5 |
PI 3.3 + PI 3.3 latest maintenance release + PI 3.3 latest device pack See Cisco Prime Infrastructure 3.3→ Downloads. |
Everest 16.6.4 |
Not applicable |
Not applicable |
Not applicable |
2.2 2.3 |
5.4 5.5 |
PI 3.1 + PI 3.1 latest maintenance release + PI 3.1 latest device pack See Cisco Prime Infrastructure 3.1→ Downloads. |
Everest 16.6.3 |
Not applicable |
Not applicable |
Not applicable |
2.2 2.3 |
5.4 5.5 |
PI 3.1 + PI 3.1 latest maintenance release + PI 3.1 latest device pack See Cisco Prime Infrastructure 3.1→ Downloads. |
Everest 16.6.2 |
Not applicable |
Not applicable |
Not applicable |
2.2 2.3 |
5.4 5.5 |
PI 3.1 + PI 3.1 latest maintenance release + PI 3.1 latest device pack See Cisco Prime Infrastructure 3.1→ Downloads. |
Everest 16.6.1 |
Not applicable |
Not applicable |
Not applicable |
2.2 |
5.4 5.5 |
PI 3.1 + PI 3.1 latest maintenance release + PI 3.1 latest device pack See Cisco Prime Infrastructure 3.1→ Downloads. |
Everest 16.5.1a |
Not applicable |
Not applicable |
Not applicable |
2.1 Patch 3 |
5.4 5.5 |
PI 3.1 + PI 3.1 latest maintenance release + PI 3.1 latest device pack See Prime Infrastructure 3.1→ Downloads. |
Denali 16.3.6 |
03.07.04E 03.06.05E |
8.2.0, 8.3.0 |
CMX 10.2.2 |
2.2 Patch 2(wired and wireless) |
5.4 5.5 |
PI update PI 3.1 + PI 3.1 latest maintenance release 3.1.7 + PI 3.1 latest device pack 16 (Wired). PI update PI 3.1 + PI 3.1 latest maintenance release 3.1.7 + PI 3.1 latest device pack 14 (Wireless). See Cisco Prime Infrastructure 3.1→ Downloads. |
Denali 16.3.5b |
03.07.04E 03.06.05E |
8.2.0, 8.3.0 |
CMX 10.2.2 |
2.2 Patch 2(wired and wireless) |
5.4 5.5 |
PI update PI 3.1 + PI 3.1.5 + PI 3.1.5 update 1 + PI 3.1 latest device pack (Wired) PI 3.1 + PI 3.1 maintenance release 7+ PI 3.1 latest device pack (Wireless) See Cisco Prime Infrastructure 3.1→ Downloads. |
Denali 16.3.5 |
03.07.04E 03.06.05E |
8.2.0, 8.3.0 |
CMX 10.2.2 |
2.2 Patch 2(wired and wireless) |
5.4 5.5 |
PI update PI 3.1 + PI 3.1.5 + PI 3.1.5 update 1 + PI 3.1 latest device pack (Wired) PI 3.1 + PI 3.1 maintenance release 7+ PI 3.1 latest device pack (Wireless) See Cisco Prime Infrastructure 3.1→ Downloads. |
Denali 16.3.3 |
03.07.04E 03.06.05E |
8.2.0, 8.3.0 |
CMX 10.2.2 |
2.1 Patch 1 (Wired and Wireless) |
5.4 5.5 |
PI update PI 3.1 + PI 3.1.5 + PI 3.1.5 update 1 + PI 3.1 latest device pack (Wired) PI 3.1 + PI 3.1 latest maintenance release + PI 3.1 latest device pack (Wireless) See Cisco Prime Infrastructure 3.1→ Downloads. |
Denali 16.3.2 |
03.07.04E 03.06.05E |
8.2.0, 8.3.0 |
CMX 10.2.2 |
2.1 Patch 1 (Wired and Wireless) |
5.4 5.5 |
PI 3.1 + PI 3.1 latest maintenance release + PI 3.1 latest device pack (Wired and Wireless) See Cisco Prime Infrastructure 3.1→ Downloads. |
Denali 16.3.1 |
03.07.04E 03.06.05E |
8.2.0, 8.3.0 |
CMX 10.2.2 |
2.0 Patch 3 1.4 Patch 7 1.3 Patch 6 (Wired and Wireless) |
5.4 5.5 |
PI 3.1 + PI 3.1 latest maintenance release + PI 3.1 latest device pack (Wired and Wireless) See Cisco Prime Infrastructure 3.1→ Downloads. |
Denali 16.2.2 |
03.07.02E 03.06.03E |
8.1.0, 8.2.0 |
CMX 10.2.2 |
1.3 Patch 5 (Wired and Wireless) |
5.3 5.4 |
3.1.0 + Device Pack 1 (Wired and Wireless) See Cisco Prime Infrastructure 3.1→ Downloads. |
Denali 16.2.1 |
03.07.03E 03.06.03E |
8.1.0 8.2.0 |
CMX 10.2.2 |
1.3 Patch 5 (Wired and Wireless) |
5.3 5.4 |
3.1.0 (Wired) 3.1.0, 3.0.21 + Device Pack 4 + PI 3.0 Technology Pack (Wireless) See Cisco Prime Infrastructure 3.1→ Downloads. |
Denali 16.1.3 |
03.07.02E 03.06.03E |
8.1.0 |
CMX 10.2.0 |
1.3 Patch 3 (Wired) 1.4 (Wireless) |
5.3 5.4 |
3.0.2 + Device Pack 5+ PI 3.0 Technology Pack See Cisco Prime Infrastructure 3.0 → Downloads |
Denali 16.1.2 |
03.07.02E 03.06.03E |
8.1.0 |
CMX 10.2.0 |
1.3 Patch 3 (Wired) 1.4 (Wireless) |
5.3 5.4 |
3.0.2 + Device Pack 4 + PI 3.0 Technology Pack See Cisco Prime Infrastructure 3.0 → Downloads |
Denali 16.1.1 |
03.07.02E 03.06.03E |
8.1.0 |
CMX 10.2.0 |
1.3 Patch 3 (Wired) 1.4 (Wireless) |
5.3 5.4 |
3.0.2 + PI 3.0 Device Pack 2 + PI 3.0 Technology Pack See Cisco Prime Infrastructure 3.0 → Downloads. |
03.07.03E 03.07.02E 03.07.01E 03.07.00E |
03.07.03E 03.07.02E 03.07.01E 03.07.00E |
8.0 8.0 8.0 7.6 |
8.03 |
1.3 |
5.2 5.3 |
2.2 See Cisco Prime Infrastructure 2.2 → Downloads. |
03.06.04E 03.06.03E 03.06.02aE 03.06.01E 03.06.00E |
03.06.04E 03.06.02aE 03.06.01E 03.06.00E |
8.0 8.0 - 7.6 |
8.0 |
1.3 1.2 |
5.2 5.3 |
2.2 2.2, 2.1.2, or 2.1.1 if MSE is also deployed4 2.1.0 if MSE is not deployed See Cisco Prime Infrastructure 2.2 → Downloads and Cisco Prime Infrastructure 2.1 → Downloads |
03.03.03SE 03.03.02SE 03.03.01SE 03.03.00SE |
03.03.03SE 03.03.02SE 03.03.01SE 03.03.00SE |
7.65 7.5 |
7.5 |
1.2 |
5.2, 5.3 |
2.0 See Cisco Prime Infrastructure 2.0 → Downloads |
Web UI System Requirements
The following subsections list the hardware and software required to access the Web UI:
Minimum Hardware Requirements
Processor Speed |
DRAM |
Number of Colors |
Resolution |
Font Size |
---|---|---|---|---|
233 MHz minimum7 |
512 MB8 |
256 |
1280 x 800 or higher |
Small |
Software Requirements
Operating Systems
-
Windows 10 or later
-
Mac OS X 10.9.5 or later
Browsers
-
Google Chrome—Version 59 or later (On Windows and Mac)
-
Microsoft Edge
-
Mozilla Firefox—Version 54 or later (On Windows and Mac)
-
Safari—Version 10 or later (On Mac)
Upgrading the Switch Software
This section covers the various aspects of upgrading or downgrading the device software.
Note |
You cannot use the Web UI to install, upgrade, or downgrade device software. |
Finding the Software Version
The package files for the Cisco IOS XE software are stored on the system board flash device (flash:).
You can use the show version privileged EXEC command to see the software version that is running on your switch.
Note |
Although the show version output always shows the software image running on the switch, the model name shown at the end of this display is the factory configuration and does not change if you upgrade the software license. |
You can also use the dir filesystem: privileged EXEC command to see the directory names of other software images that you might have stored in flash memory.
Software Images
Release |
Image Type |
File Name |
---|---|---|
Cisco IOS XE Gibraltar 16.12.11 |
Universal |
cat3k_caa-universalk9.16.12.11.SPA.bin |
Universal without Datagram Transport Layer Service (DTLS) |
cat3k_caa-universalk9ldpe.16.12.11.SPA.bin |
|
Cisco IOS XE Gibraltar 16.12.10a |
Universal |
cat3k_caa-universalk9.16.12.10a.SPA.bin |
Universal without Datagram Transport Layer Service (DTLS) |
cat3k_caa-universalk9ldpe.16.12.10a.SPA.bin |
|
Cisco IOS XE Gibraltar 16.12.10 |
Universal |
cat3k_caa-universalk9.16.12.10.SPA.bin |
Universal without Datagram Transport Layer Service (DTLS) |
cat3k_caa-universalk9ldpe.16.12.10.SPA.bin |
|
Cisco IOS XE Gibraltar 16.12.9 |
Universal |
cat3k_caa-universalk9.16.12.09.SPA.bin |
Universal without Datagram Transport Layer Service (DTLS) |
cat3k_caa-universalk9ldpe.16.12.09.SPA.bin |
|
Cisco IOS XE Gibraltar 16.12.8 |
Universal |
cat3k_caa-universalk9.16.12.08.SPA.bin |
Universal without Datagram Transport Layer Service (DTLS) |
cat3k_caa-universalk9ldpe.16.12.08.SPA.bin |
|
Cisco IOS XE Gibraltar 16.12.7 |
Universal |
cat3k_caa-universalk9.16.12.07.SPA.bin |
Universal without Datagram Transport Layer Service (DTLS) |
cat3k_caa-universalk9ldpe.16.12.07.SPA.bin |
|
Cisco IOS XE Gibraltar 16.12.6 |
Universal |
cat3k_caa-universalk9.16.12.06.SPA.bin |
Universal without Datagram Transport Layer Service (DTLS) |
cat3k_caa-universalk9ldpe.16.12.06.SPA.bin |
|
Cisco IOS XE Gibraltar 16.12.5b |
Universal |
cat3k_caa-universalk9.16.12.05b.SPA.bin |
Universal without Datagram Transport Layer Service (DTLS) |
cat3k_caa-universalk9ldpe.16.12.05b.SPA.bin |
|
Cisco IOS XE Gibraltar 16.12.5 |
Universal |
cat3k_caa-universalk9.16.12.05.SPA.bin |
Universal without Datagram Transport Layer Service (DTLS) |
cat3k_caa-universalk9ldpe.16.12.05.SPA.bin |
|
Cisco IOS XE Gibraltar 16.12.4 |
Universal |
cat3k_caa-universalk9.16.12.04.SPA.bin |
Universal without Datagram Transport Layer Service (DTLS) |
cat3k_caa-universalk9ldpe.16.12.04.SPA.bin |
|
Cisco IOS XE Gibraltar 16.12.3a |
Universal |
cat3k_caa-universalk9.16.12.03a.SPA.bin |
Universal without Datagram Transport Layer Service (DTLS) |
cat3k_caa-universalk9ldpe.16.12.03a.SPA.bin |
|
Cisco IOS XE Gibraltar 16.12.3 |
Universal |
cat3k_caa-universalk9.16.12.03.SPA.bin |
Universal without Datagram Transport Layer Service (DTLS) |
cat3k_caa-universalk9ldpe.16.12.03.SPA.bin |
|
Cisco IOS XE Gibraltar 16.12.1 |
Universal |
cat3k_caa-universalk9.16.12.01.SPA.bin |
Universal without Datagram Transport Layer Service (DTLS) |
cat3k_caa-universalk9ldpe.16.12.01.SPA.bin |
Automatic Boot Loader Upgrade
When you upgrade from any prior Cisco IOS XE 3.x.xE release to a Cisco IOS XE Denali 16.x.x, or Cisco IOS XE Everest 16.x.x, or Cisco IOS XE Fuji 16.x.x release for the first time, the boot loader may be automatically upgraded, based on the hardware version of the switch. If the boot loader is automatically upgraded, it will take effect on the next reload. If you go back to a Cisco IOS XE Release 3.x.xE, your boot loader will not be downgraded. The updated boot loader supports all previous releases.
For subsequent Cisco IOS XE Denali 16.x.x, or Cisco IOS XE Everest 16.x.x, or Cisco IOS XE Fuji 16.x.x, or Cisco IOS XE Gibraltar 16.x.x releases, if there is a new bootloader in the release, it may be automatically upgraded based on the hardware version of the switch when you boot up your switch with the new image for the first time.
Caution |
Do not power cycle your switch during the upgrade. |
Scenario |
Automatic Boot Loader Response |
---|---|
If you boot Cisco IOS XE Gibraltar 16.12.9 or Cisco IOS XE Gibraltar 16.12.10 or Cisco IOS XE Gibraltar 16.12.10a or Cisco IOS XE Gibraltar 16.12.11 the first time |
The boot loader may be upgraded to version 6.08. For example:
If the automatic boot loader upgrade occurs, while booting Cisco IOS XE Gibraltar 16.12.9 or Cisco IOS XE Gibraltar 16.12.10 or Cisco IOS XE Gibraltar 16.12.10a or Cisco IOS XE Gibraltar 16.12.11, you will see the following on the console:
|
If you boot Cisco IOS XE Gibraltar 16.12.7 or Cisco IOS XE Gibraltar 16.12.8 the first time |
The boot loader may be upgraded to version 5.08. For example:
If the automatic boot loader upgrade occurs, while booting Cisco IOS XE Gibraltar 16.12.7 or Cisco IOS XE Gibraltar 16.12.8, you will see the following on the console:
|
If you boot Cisco IOS XE Gibraltar 16.12.3 or Cisco IOS XE Gibraltar 16.12.3a or Cisco IOS XE Gibraltar 16.12.4 or Cisco IOS XE Gibraltar 16.12.5 or Cisco IOS XE Gibraltar 16.12.5b or Cisco IOS XE Gibraltar 16.12.6 the first time |
The boot loader may be upgraded to version 4.78. For example:
If the automatic boot loader upgrade occurs, while booting Cisco IOS XE Gibraltar 16.12.3 or Cisco IOS XE Gibraltar 16.12.3a or Cisco IOS XE Gibraltar 16.12.4 or Cisco IOS XE Gibraltar 16.12.5 or Cisco IOS XE Gibraltar 16.12.6, you will see the following on the console:
|
If you boot Cisco IOS XE Gibraltar 16.12.1 first time |
The boot loader may be upgraded to version 4.68. For example:
If the automatic boot loader upgrade occurs, while booting Cisco IOS XE Gibraltar 16.12.1, you will see the following on the console:
|
Automatic Microcode Upgrade
During a Cisco IOS image upgrade or downgrade on a PoE or UPoE switch, microcode is upgraded to reflect applicable feature enhancements and bug fixes. A microcode upgrade occurs only during an image upgrade or downgrade, on PoE or UPoE switches. It does not occur during switch reloads or on non-PoE switches.
Depending on the release you are upgrading from, microcode upgrade can occur during the install operation or during bootup:
-
If the release you are upgrading from does not support microcode updates during the course of installation, microcode is updated during boot up, and an additional 4 minutes (approximately) are required to complete the microcode upgrade, in addition to the normal reload time. Data traffic is not forwarded when microcode is upgraded during bootup.
-
When using install commands to upgrade, microcode is upgraded during the install operation, and no additional time is required during bootup. Here microcode is updated before the reload that occurs as part of the image upgrade process. Data traffic continues to be forwarded during the upgrade.
Do not restart the switch during the upgrade or downgrade process.
MM [1] MCU version 111 sw ver 105
MM [2] MCU version 111 sw ver 105
Front-end Microcode IMG MGR: found 4 microcode images for 1 device.
Image for front-end 0: /tmp/microcode_update/front_end/fe_type_6_0 update needed: no
Image for front-end 0: /tmp/microcode_update/front_end/fe_type_6_1 update needed: yes
Image for front-end 0: /tmp/microcode_update/front_end/fe_type_6_2 update needed: yes
Image for front-end 0: /tmp/microcode_update/front_end/fe_type_6_3 update needed: no
Front-end Microcode IMG MGR: Preparing to program device microcode...
Front-end Microcode IMG MGR: Preparing to program device[0], index=0 ...594412 bytes.... Skipped[0].
Front-end Microcode IMG MGR: Preparing to program device[0], index=1 ...395790 bytes.
Front-end Microcode IMG MGR: Programming device 0...rwRrrrrrrw..
0%.........................................................................
10%..........................................................................
20%........................................................................
30%..........................................................................
40%..........................................................................
50%.......................................................................
60%..........................................................................
70%..........................................................................
80%.........................................................................
90%..........................................................................
100%
Front-end Microcode IMG MGR: Preparing to program device[0], index=2 ...25186 bytes.
Front-end Microcode IMG MGR: Programming device 0...rrrrrrw..0%....10%....20%......30%...40%......50%....60%......70%...80%......90%....100%wRr!
Front-end Microcode IMG MGR: Microcode programming complete for device 0.
Front-end Microcode IMG MGR: Preparing to program device[0], index=3 ...86370 bytes.... Skipped[3].
Front-end Microcode IMG MGR: Microcode programming complete in 242 seconds
Software Installation Commands
This table of commands is supported in the Cisco IOS XE Release 3.x.xE release train. |
|
---|---|
|
|
auto-upgrade |
Initiates auto upgrade for switches running incompatible software |
clean |
Cleans unused package files from local media |
commit |
Commits the provisioned software and cancels the automatic rollback timer |
expand |
Expands a software bundle to local storage, default location is where the bundle currently resides |
install |
Installs software |
rollback |
Rolls back the committed software |
This table of commands is supported starting from Cisco IOS XE Denali 16.x.x |
|
---|---|
|
|
clean |
Cleans unnecessary package files from media |
copy |
Copies package to media |
describe |
Describes package content |
expand |
Expands all-in-one package to media |
install |
Installs the package |
uninstall |
Uninstalls the package |
verify |
Verifies In Service Software Upgrade (ISSU) software package compatibility |
This table of commands is supported starting from Cisco IOS XE Fuji 16.8.1a |
|
---|---|
To install and activate the specified file, and to commit changes to be persistent across reloads— To separately install, activate, commit, cancel, or remove the installation file— |
|
add file tftp: filename |
Copies the install file package from a remote location to the device and performs a compatibility check for the platform and image versions. |
activate [ auto-abort-timer] |
Activates the file, and reloads the device. The auto-abort-timer keyword automatically rolls back image activation. |
commit |
Makes changes persistent over reloads. |
rollback to committed |
Rolls back the update to the last committed version. |
abort |
Cancels file activation, and rolls back to the version that was running before the current installation procedure started. |
remove |
Deletes all unused and inactive software installation files. |
Upgrading with In Service Software Upgrade (ISSU) with Cisco StackWise Virtual
Follow these instructions to perform In Service Software Upgrade (ISSU) to Cisco IOS XE Gibraltar 16.12.1 with Cisco StackWise Virtual, in install mode.
Before you begin
Note that you can use this procedure for the following upgrade scenarios:
When upgrading from ... |
To... |
---|---|
Cisco IOS XE Fuji 16.9.3 or Cisco IOS XE Fuji 16.9.4 |
Cisco IOS XE Gibraltar 16.12.x |
Note |
Downgrade with ISSU is not supported. To downgrade, follow the instructions in the Downgrading from Cisco IOS XE Gibraltar 16.12.1 in Install Mode section. |
For more information about ISSU release support and recommended releases, see Technical References → In-Service Software Upgrade (ISSU).
Procedure
Step 1 |
enable Enables privileged EXEC mode. Enter your password if prompted.
|
Step 2 |
install add file activate issu commit Use this command to automate the sequence of all the upgrade procedures, including downloading the images to both the switches, expanding the images into packages, and upgrading each switch as per the procedures.
The following sample output displays installation of Cisco IOS XE Gibraltar 16.12.1 software image with ISSU procedure.
|
Step 3 |
show version Use this command to verify the version of the new image.
The following sample output of the show version command displays the Cisco IOS XE Gibraltar 16.12.1 image on the device:
|
Step 4 |
show issu state [detail] Use this command to verify that no ISSU process is in pending state.
|
Step 5 |
exit Exits privileged EXEC mode and returns to user EXEC mode. |
Upgrading from Cisco IOS XE Release 3.x.xE in Install Mode
Follow these instructions to upgrade from Cisco IOS XE Release 3.x.xE in install mode:
Before you begin
Note that you can use this procedure for the following upgrade scenarios:
When upgrading from ... |
Use these commands... |
To upgrade to... |
---|---|---|
Any Cisco IOS XE Release 3.x.xE |
Only software commands |
Cisco IOS XE Gibraltar 16.x.x or Cisco IOS XE Fuji 16.x.x or Cisco IOS XE Everest 16.x.x or Cisco IOS XE Denali 16.x.x |
The sample output shows upgrade from Cisco IOS XE Release 3.7.3E to Cisco IOS XE Gibraltar 16.12.1 in install mode.
Procedure
Step 1 |
Copy new image to stack When you expand the image, if you point to the source image on your TFTP server, you can skip this section and go to Step 2: Software install image to flash |
Step 2 |
Software install image to flash |
Step 3 |
Reload If you said ‘Yes’ to the prompt in software install and your switches are configured with auto boot, the stack will automatically boot up with the new image. If not, you can manually boot flash:packages.conf |
Upgrading from Cisco IOS XE Release 3.x.xE in Bundle Mode
Follow these instructions to upgrade from Cisco IOS XE Release 3.x.xE in bundle mode:
Before you begin
Note that you can use this procedure for the following upgrade scenarios:
When upgrading from ... |
Use these commands... |
To upgrade to... |
---|---|---|
Any Cisco IOS XE Release 3.x.xE |
Only request platform software commands |
Cisco IOS XE Gibraltar 16.x.x or Cisco IOS XE Fuji 16.x.x or Cisco IOS XE Everest 16.x.x or Cisco IOS XE Denali 16.x.x |
The sample output shows upgrade from Cisco IOS XE Release 3.7.3E to Cisco IOS XE Gibraltar 16.12.1
Procedure
Step 1 |
Copy new image to stack
|
||
Step 2 |
Edit the boot variable |
||
Step 3 |
Reload |
||
Step 4 |
Move from bundle mode to install mode Ensure you have enough space in flash to expand a new image by cleaning up old installation files. This command will erase your Cisco IOS XE Gibraltar 16.12.1 bin image file, so ensure that you copy it to your Active again. |
||
Step 5 |
Edit the boot variable |
||
Step 6 |
Reload |
Upgrading from Cisco IOS XE Denali 16.x.x in Install Mode
Follow these instructions to upgrade from a Cisco IOS XE Denali 16.x.x release to a later release in install mode. In order to perform a software image upgrade, you must be booted into IOS using boot flash:packages.conf .
Before you begin
Note that you can use this procedure for the following upgrade scenarios:
When upgrading from ... |
Use these commands... |
To upgrade to... |
---|---|---|
Cisco IOS XE Denali 16.x.x or Cisco IOS XE Everest 16.x.x |
Only request platform software commands. |
Cisco IOS XE Gibraltar 16.x.x or Cisco IOS XE Fuji 16.x.x or Cisco IOS XE Everest 16.x.x or Cisco IOS XE Denali 16.x.x |
The sample output shows upgrade from Cisco IOS XE Denali 16.3.5 to Cisco IOS XE Gibraltar 16.12.1 in install mode.
Procedure
Step 1 |
Clean Up |
Step 2 |
Copy new image to stack Copy the new image to flash: (If you point to the source image on a TFTP server you can skip this section and go to: Software install image to flash). |
Step 3 |
Software install image to flash |
Step 4 |
Reload |
Downgrading to Cisco IOS XE 3.x.xE in Bundle Mode
Follow these instructions to downgrade to older Cisco IOS XE Release 3.x.xE releases in bundle mode.
Before you begin
Note that you can use this procedure for the following downgrade scenarios:
When downgrading from ... |
Use these commands... |
To downgrade to... |
---|---|---|
Cisco IOS XE Denali 16.x.x or Cisco IOS XE Everest 16.x.x |
Only request platform software commands. |
Cisco IOS XE Release 3.x.xE |
The sample output shows downgrade from Cisco IOS XE Gibraltar 16.12.1 to Cisco IOS XE Release 3.7.2E.
Procedure
Step 1 |
Copy new image to stack |
Step 2 |
Edit the boot variable |
Step 3 |
Reload |
Step 4 |
Move from Cisco IOS XE 3.xE Bundle Mode to Install Mode |
Step 5 |
Edit the boot variable |
Step 6 |
Reload |
Downgrading to Cisco IOS XE 3.x.xE in Install Mode
Follow these instructions to downgrade to older Cisco IOS XE Release 3.x.xE releases in install mode.
Before you begin
Note that you can use this procedure for the following downgrade scenarios:
When downgrading from ... |
Use these commands... |
To downgrade to... |
---|---|---|
Cisco IOS XE Denali 16.x.x or Cisco IOS XE Everest 16.x.x |
Only request platform software commands. |
Cisco IOS XE Release 3.x.xE |
The sample output shows downgrade from Cisco IOS XE Gibraltar 16.12.1 to Cisco IOS XE Release 3.7.2E.
Procedure
Step 1 |
Clean Up |
Step 2 |
Copy new image to stack Copy the target Cisco IOS XE 3.x.xE image to flash: (you can skip this step if you want to use the image from your TFTP server). |
Step 3 |
Downgrade Software Image |
Step 4 |
Reload |
Upgrading from Cisco IOS XE Gibraltar 16.12.1 in Install Mode
Follow these instructions to upgrade from one release to another, in install mode. To perform a software image upgrade, you must be booted into IOS through boot flash:packages.conf.
Before you begin
Note that you can use this procedure for the following upgrade scenarios:
When upgrading from ... |
Use these commands... |
To upgrade to... |
---|---|---|
Cisco IOS XE Fuji 16.x.x or Cisco IOS XE Gibraltar 16.12.x |
Either install commands or request platform software commands |
A later Cisco IOS XE 16.x.x release |
The sample output in this section displays upgrade from Cisco IOS XE Fuji 16.8.1a to Cisco IOS XE Gibraltar 16.12.1, by using install commands. It also provides information about the corresponding request platform software command, but not the sample output.
Procedure
Step 1 |
Clean Up Ensure that you have at least 1GB of space in flash to expand a new image. Clean up old installation files in case of insufficient space.
The following sample output displays the cleaning up of unused files, by using the install remove inactive command:
|
||
Step 2 |
Copy new image to flash |
||
Step 3 |
Set boot variable |
||
Step 4 |
Software install image to flash
The following sample output displays installation of the Cisco IOS XE Gibraltar 16.12.1 software image to flash, by using the install add file activate commit command:
|
||
Step 5 |
dir flash: After the software has been successfully installed, use this command to verify that the flash partition has five new The following is sample output of the dir flash: command:
The following sample output displays the .conf files in the flash partition; note the two .conf files:
|
||
Step 6 |
Reload |
Downgrading from Cisco IOS XE Gibraltar 16.12.1 in Install Mode
Follow these instructions to downgrade from one release to another, in install mode. To perform a software image downgrade, you must be booted into IOS through boot flash:packages.conf .
Before you begin
Note that you can use this procedure for the following downgrade scenarios:
When downgrading from ... |
Use these commands... |
To downgrade to... |
---|---|---|
Cisco IOS XE Fuji 16.x.x or Cisco IOS XE Gibraltar 16.12.x |
Either install commands or request platform software commands |
An earlier Cisco IOS XE 16.x.x release |
The sample output in this section shows downgrade from Cisco IOS XE Gibraltar 16.12.1 to Cisco IOS XE Fuji 16.9.2, by using install commands. It also provides information about the corresponding request platform software command, but not the sample output.
Important |
New switch models that are introduced in a release cannot be downgraded. The release in which a switch model is introduced is the minimum software version for that model. If you add a new switch model to an existing stack, we recommend upgrading all existing switches to the latest release.
|
Procedure
Step 1 |
Clean Up Ensure that you have at least 1GB of space in flash to expand a new image. Clean up old installation files in case of insufficient space.
The following sample output displays the cleaning up of Cisco IOS XE Gibraltar 16.12.1 files using the install remove inactive command:
|
||
Step 2 |
Copy new image to flash |
||
Step 3 |
Downgrade software image
The following example displays the installation of the Cisco IOS XE Fuji 16.9.2 software image to flash, by using the install add file activate commit command.
|
||
Step 4 |
Reload |
Licensing
This section provides information about the licensing packages for features available on Cisco Catalyst 3850 Series Switches.
License Levels
The software features available on Cisco Catalyst 3850 Series Switches fall under these base or add-on license levels.
Base Licenses
-
LAN Base—Provides basic Layer 2+ features, including access control lists (ACLs) and quality of service (QoS), up to 255 VLANs, support for routing protocols (Routing Information Protocol (RIP), Open Shortest Path First (OSPF), Policy-Based Routing (PBR), Protocol Independent Multicast Stub Routing (PIM Stub Routing) with IPv4 and IPv6, and routed access with IPv4 and IPv6 (OSPF — up to 1000 routes, Multicast — up to 1000 routes).
-
IP Base—Provides Layer 2+ and basic Layer 3 features (enterprise-class intelligent services). These features include access control lists (ACLs), quality of service (QoS), static routing, Enhanced Interior Gateway Routing Protocol (EIGRP) stub routing, IP multicast routing, RIP, basic IPv6 management, the OSPF Protocol (for routed access only). The license supports up to 4094 VLANs.
-
IP Services—Provides a richer set of enterprise-class intelligent services and full IPv6 support. It includes all IP Base features plus full Layer 3 routing (IP unicast routing and IP multicast routing). The IP Services feature set includes protocols such as the EIGRP, OSPF Protocol. The license supports up to 4094 VLANs.
Add-On Licenses
The features available with add-on license levels provide Cisco innovations on the switch, as well as on the Cisco Digital Network Architecture Center (Cisco DNA Center).
-
DNA Advantage
To find information about platform support and to know which license levels a feature is available with, use Cisco Feature Navigator. To access Cisco Feature Navigator, go to https://cfnng.cisco.com. An account on cisco.com is not required.
License Types
The following license types are available:
-
Permanent—for a license level, and without an expiration date.
-
Evaluation—a license that is not registered.
License Levels - Usage Guidelines
-
A permanent license can be moved from one device to another.
-
A switch stack cannot contain mixed license levels. Also, the switches must be of the same platform.
-
Evaluation licenses cannot be ordered. They are not tracked via Cisco Smart Software Manager and expire after a 90-day period. Evaluation licenses can be used only once on the switch and cannot be regenerated. Warning system messages about an evaluation license expiry are generated only 275 days after expiration and every week thereafter. An expired evaluation license cannot be reactivated after reload.
Cisco Smart Licensing
Cisco Smart Licensing is a flexible licensing model that provides you with an easier, faster, and more consistent way to purchase and manage software across the Cisco portfolio and across your organization. And it’s secure – you control what users can access. With Smart Licensing you get:
-
Easy Activation: Smart Licensing establishes a pool of software licenses that can be used across the entire organization—no more PAKs (Product Activation Keys).
-
Unified Management: My Cisco Entitlements (MCE) provides a complete view into all of your Cisco products and services in an easy-to-use portal, so you always know what you have and what you are using.
-
License Flexibility: Your software is not node-locked to your hardware, so you can easily use and transfer licenses as needed.
To use Smart Licensing, you must first set up a Smart Account on Cisco Software Central (http://software.cisco.com).
Important |
Cisco Smart Licensing is the default and the only available method to manage licenses. |
For a more detailed overview on Cisco Licensing, go to cisco.com/go/licensingguide.
Deploying Smart Licensing
Procedure
Step 1 |
Begin by establishing a connection from your network to Cisco Smart Software Manager on cisco.com. |
Step 2 |
Create and activate your Smart Account, or login if you already have one. To create and activate Smart Account, go to Cisco Software Central → Create Smart Accounts. Only authorized users can activate the Smart Account. |
Step 3 |
Complete the Cisco Smart Software Manager set up. |
What to do next
Converting Traditional Licenses to Smart Licenses
For Cisco Catalyst 3850 Series Switches, after you have upgraded the software image and deployed Smart Licensing, all traditional licenses on the device must be migrated, to Cisco Smart Software Manager. This is a one-time migration process that you must complete on each device.
Procedure
Step 1 |
Register the device Generate the registration token in the Cisco Smart Software Manager portal and register your device with the token. In the software configuration guide of the required release, see System Management → Configuring Smart Licensing → Registering a Device in CSSM. |
Step 2 |
Migrate base licenses The system converts traditional licenses to smart licenses and sends migration data to Cisco Smart Software Manager, which
in turn Cisco Smart Software Manager creates license entitlements and deposits them in your user account. In the software configuration guide of the required release, see System Management → Configuring Smart Licensing → Migrating a License with License Conversion..
|
With this
-
The device is now in an authorized state and ready to use.
-
The licenses that you have purchased are displayed in your Smart Account.
How Upgrading or Downgrading Software Affects Smart Licensing
Starting from Cisco IOS XE Fuji 16.9.1, Smart Licensing is the default and only license management solution; all licenses are managed as Smart Licenses.
Important |
Starting from Cisco IOS XE Fuji 16.9.1, the Right-To-Use (RTU) licensing mode is deprecated, and the associated license right-to-use command is no longer available on the CLI. |
Note how upgrading to a release that supports Smart Licensing or moving to a release that does not support Smart Licensing affects licenses on a device:
-
When you upgrade from an earlier release to one that supports Smart Licensing—all existing licenses remain in evaluation mode until registered in Cisco Smart Software Manager and then converted. After conversion, they are made available in your Smart Account.
In the software configuration guide of the required release, see System Management → Configuring Smart Licensing → Registering a Device in CSSM.
-
When you downgrade to a release where Smart Licensing is not supported—all smart licenses on the device are converted to traditional licenses and all smart licensing information on the device is removed.
Using Smart Licensing on an Out-of-the-Box Device
Scaling Guidelines
System Feature |
Maximum Limit |
---|---|
Number of HTTP session redirections system-wide |
Up to 100 clients per second |
Number of HTTPS session redirections system-wide |
Up to 20 clients per second |
Limitations and Restrictions
-
Control Plane Policing (CoPP)—The show run command does not display information about classes configured under
system-cpp policy
, when they are left at default values. Use the show policy-map system-cpp-policy or the show policy-map control-plane commands in privileged EXEC mode instead. -
Cisco TrustSec restrictions:
-
Cisco TrustSec can be configured only on physical interfaces, not on logical interfaces.
-
Cisco TrustSec cannot be configured on a pure bridging domain with the IPSG feature enabled. You must either enable IP routing or disable the IPSG feature in the bridging domain.
-
Dynamic SGACL download is limited to 6KB per destination group tag (DGT)
-
-
DHCP Client—Starting with Cisco IOS XE Denali 16.1.x, a DHCP client that includes option 61 (used by DHCP clients to specify their unique client identifier) in their DHCP discover/offer packet must accept the response message with option 61 from the DHCP server/relay. A client that fails to accept the response message with option 61, is not in compliance with RFC 6842 and requires a firmware upgrade.
-
Centralized Management Mode (CMM)—Starting with Cisco IOS XE Denali 16.3.1, CMM is not supported.
-
Flexible NetFlow—You cannot configure NetFlow export using the Ethernet Management port (GigabitEthernet0/0).
-
Flex Links are not supported. We recommend that you use spanning tree protocol (STP) as the alternative.
-
In-Service Software Upgrade (ISSU)
-
While performing ISSU from Cisco IOS XE Fuji 16.9.x to Cisco IOS XE Gibraltar 16.12.x, if interface-id snmp-if-index command is not configured with OSPFv3, packet loss can occur. Configure the interface-id snmp-if-index command either during the maintenance window or after isolating the device (by using maintenance mode feature) from the network before doing the ISSU.
-
ISSU from Cisco IOS XE Fuji 16.9.x to Cisco IOS XE Gibraltar 16.12.x is not supported in the FIPs mode of operation.
-
While ISSU allows you to perform upgrades with zero downtime, we recommend you to do so during a maintenance window only.
-
If a new feature introduced in a software release requires a change in configuration, the feature should not be enabled during ISSU.
-
If a feature is not available in the downgraded version of a software image, the feature should be disabled before initiating ISSU.
-
-
QoS restrictions
-
When configuring QoS queuing policy, the sum of the queuing buffer should not exceed 100%.
-
Policing and marking policy on sub interfaces is supported.
-
Marking policy on switched virtual interfaces (SVI) is supported.
-
QoS policies are not supported for port-channel interfaces, tunnel interfaces, and other logical interfaces.
-
-
Secure Shell (SSH)
-
Use SSH Version 2. SSH Version 1 is not supported.
-
When the device is running SCP and SSH cryptographic operations, expect high CPU until the SCP read process is completed. SCP supports file transfers between hosts on a network and uses SSH for the transfer.
Since SCP and SSH operations are currently not supported on the hardware crypto engine, running encryption and decryption process in software causes high CPU. The SCP and SSH processes can show as much as 40 or 50 percent CPU usage, but they do not cause the device to shutdown.
-
-
Stack ports buffer is not shared as part of the shared pool. The dedicated buffer for stack ports can only be used by stack ports.
-
TACACS legacy command: Do not configure the legacy tacacs-server host command; this command is deprecated. If the software version running on your device is Cisco IOS XE Gibraltar 16.12.2 or a later release, using the legacy command can cause authentication failures. Use the tacacs server command in global configuration mode.
-
UPoE connections—On the WS-C3850-12X48U-L, WS-C3850-12X48U-S and WS-C3850-12X48U-E switch models, a maximum of 28 ports are available for UPoE connections.
-
VLAN Restriction—It is advisable to have well-defined segregation while defining data and voice domain during switch configuration and to maintain a data VLAN different from voice VLAN across the switch stack. If the same VLAN is configured for data and voice domains on an interface, the resulting high CPU utilization might affect the device.
-
YANG data modeling limitation—A maximum of 20 simultaneous NETCONF sessions are supported.
-
Embedded Event Manager—Identity event detector is not supported on Embedded Event Manager.
-
Secure Password Migration—Autoconversion to password type 6 is supported from Cisco IOS XE Gibraltar 16.12.1 and later releases.
If the startup configuration has a type 6 password and you downgrade to a version in which type 6 password is not supported, you can/may be locked out of the device.
Caveats
Caveats describe unexpected behavior in Cisco IOS-XE releases. Caveats listed as open in a prior release are carried forward to the next release as either open or resolved.
Cisco Bug Search Tool
The Cisco Bug Search Tool (BST) allows partners and customers to search for software bugs based on product, release, and keyword, and aggregates key data such as bug details, product, and version. The BST is designed to improve the effectiveness in network risk management and device troubleshooting. The tool has a provision to filter bugs based on credentials to provide external and internal bug views for the search input.
To view the details of a caveat, click on the identifier.
Open Caveats in Cisco IOS XE Gibraltar 16.12.12
There are no open caveats in this release.
Resolved Caveats in Cisco IOS XE Gibraltar 16.12.12
Identifier |
Headline |
---|---|
Cisco IOS and IOS XE Software Resource Reservation Protocol Denial of Service Vulnerabilit |
|
Cisco IOS and IOS XE Software Web UI Cross-Site Request Forgery Vulnerability |
|
Cisco IOS XE Software for Wireless Controllers CWA Pre-Auth ACL Bypass Vulnerability |
|
Cisco IOS XE Software SD-Access Fabric Edge Node Denial of Service Vulnerability |
|
Cisco IOS and IOS XE Software SNMP Extended Named Access Control List Bypass Vulnerability |
Resolved Caveats in Cisco IOS XE Gibraltar 16.12.11
Identifier |
Description |
---|---|
C3650-12X48UQ | PSUs may show bad/disabled status randomly which can affect PoE |
|
Cisco IOS and IOS XE Software IS-IS Denial of Service Vulnerability |
|
Cisco IOS XE Software SD-Access Fabric Edge Node Denial of Service Vulnerability |
|
CISCO-CONFIG-COPY-MIB: Files not copied to stby-nvram |
|
Cisco IOS XE Software Web UI Privilege Escalation Vulnerability |
|
Cisco IOS XE Software Layer 2 Tunneling Protocol Denial of Service Vulnerability |
Resolved Caveats in Cisco IOS XE Gibraltar 16.12.10a
Identifier |
Description |
---|---|
Cisco IOS XE Software Web UI Privilege Escalation Vulnerability. For more information, see Security Advisory: cisco-sa-iosxe-webui-privesc-j22SaA4z |
Resolved Caveats in Cisco IOS XE Gibraltar 16.12.10
Identifier |
Description |
---|---|
Inactive flows do not age and remain stale in the flow table after 1yr+ system uptime. |
|
Cisco IOS XE Software for Catalyst 3650 & 3850 Switches Denial of Service Vulnerability |
Resolved Caveats in Cisco IOS XE Gibraltar 16.12.9
Identifier |
Description |
---|---|
WS-C3850-48XS-E Can't configure SVL with 40G port |
Resolved Caveats in Cisco IOS XE Gibraltar 16.12.8
Identifier |
Description |
---|---|
Cisco IOS XE Software for Catalyst Switches MPLS Denial of Service Vulnerability |
Resolved Caveats in Cisco IOS XE Gibraltar 16.12.7
There are no resolved caveats in this release.
Resolved Caveats in Cisco IOS XE Gibraltar 16.12.6
Identifier |
Description |
---|---|
Cat 9K & 3K: Unexpected reload caused by the FED process. |
|
Radius protocol generate jumbo frames for dot1x packets |
|
SNMP: ifHCInOctets - snmpwalk on sub-interface octet counter does not increase |
Resolved Caveats in Cisco IOS XE Gibraltar 16.12.5b
Identifier |
Description |
---|---|
Session not getting authenticated via MAB after shut/no shut of interface |
|
Cat 9K & 3K fed crash when running 16.12.5 |
|
Cisco IOx for IOS XE Software Command Injection Vulnerability |
Resolved Caveats in Cisco IOS XE Gibraltar 16.12.5
Identifier |
Description |
---|---|
CLI should be auto-upgraded from "tacacs-server" cli to newer version while upgrading |
|
Catalyst Switch: SISF Crash due to a memory leak |
|
MKA MACSEC don't support GCM-AES-256 after upgrading to 16.12.3a |
|
CAT3K intermittently not responding to SNMP |
|
FAN OID value "EnvMonFanStatusEntry" can't be obtained |
|
Cat3850 : PoE doesn't work - Power given, but State Machine Power Good wait timer timed out |
|
SNMP: After OIR of PSU, PSU entities are missing from cefcFRUPowerStatusTable |
|
ZTP failing with error in creating downloaded_script.py |
Resolved Caveats in Cisco IOS XE Gibraltar 16.12.4
Identifier |
Description |
---|---|
C3850 24 of 48 ports stop working after upgrade |
|
Device crash when upgrading via ISSU |
|
No Log on the switch when removing power cable. |
|
DHCPv6 RELAY-REPLY packet is being dropped |
|
"show mac address-table" does not show remote EIDs when vlan filter used |
|
Critical auth failing to apply DEFAULT_CRITICAL_DATA_TEMPLATE |
|
QoS ACL matching incorrectly when udp range is used |
|
Power allocation issue in 16.9.x/16.12.x |
|
Cat3k/9k Switch running 16.12.3 is not processing superior BPDUs for non-default native vlan |
|
16.12.3 not creating system-reports on crashes |
|
Crash when invalid input interrupts a role-based access-list policy installation |
Resolved Caveats in Cisco IOS XE Gibraltar 16.12.3a
Identifier |
Description |
---|---|
Unexpected reload (or boot loop) caused by Smart Agent (SASRcvWQWrk2) |
|
Switch running 16.12.3 is not processing superior BPDUs for non-default native vlan |
Resolved Caveats in Cisco IOS XE Gibraltar 16.12.3
Identifier |
Description |
---|---|
DHCP snooping may drop dhcp option82 packets w/ ip dhcp snooping information option allow-untrusted |
|
CRC error incrementing with GLC-TE SFPs with speed 10 |
|
DNA - LAN Automation doesn't configure link between Peer Device and PnP Agent due CDP limitation |
|
STP TCN is generated on etherchannel port during a switchover in a stack |
|
DACL not properly enforced when pre auth acl present for some phone |
|
PD's not getting PoE on multiple interfaces in 3850 stack |
|
Cat3k take 1~2 hours to boot. |
|
Private-vlan mapping XXX configuration under SVI is lost from run config after switch reload |
|
Switches are adding Device SGT to proxy generated IGMP leave messages while keeping End host src IP |
|
Imax error on adjacent interfaces in port-group |
|
Cat3k/9k Flow-based SPAN(FSPAN) can only work in one direction when mutilple session configured |
|
Cat3k/9k crash on running show platform software fed switch 1 fss abstraction |
|
Cat3k/Cat9k incorrectly set more-fragment flag for double fragmentation |
|
Layer 2 flooding floods IGMP queries causing network outage |
|
OSPF External Type-1 Route Present in OSPF Database but not in RIB |
|
After valid ip conflict, SVI admin down responds to GARP |
|
DHCP snooping causing mac flaps when connecting IE-3200 |
|
"login authentication VTY_authen" is missing on "line vty 0 4" only |
|
Standby crashes on multiple port flaps |
|
Block overrun crash due to Corrupted redzone |
|
qos softmax setting doesn't take effect on Catalyst switch in Openflow mode |
|
CTS Environmental Data download request triggered before PAC provisioned |
|
Netconf incorrectly activate IPv4 address-family for IPv6 BGP peer. |
|
Cat3k: MCU is generating fault events, causing PDs to be reported off after reload in case of PPoE |
|
When port security applied mac address not learned on hardware |
|
Crash during authentication failure of client |
|
Memory exhaustion in sessmgrd process due to EAPoL announcement |
|
FED crash when premature free of SG element |
|
Fed memory leak in 16.9.X related to netflow |
|
Cat3k/Cat9k- OBJ_DWNLD_TO_DP_FAILED after exceeding hardware capacity for adjacency table |
|
In COPP policy, ARP traffic should be classified under the "system-cpp-police-forus" class |
|
Traceback seen when IS-IS crosses LSP boundary and tries to add information in new LSP |
|
Memory leak in fed main event qos |
|
cat3k Switch with 1.6GB flash size unable to do SWIM upgrade between 16.12.x images |
Resolved Caveats in Cisco IOS XE Gibraltar 16.12.1
Identifier |
Description |
---|---|
port LED may turn to amber |
|
cat 9300 | span destination interface not dropping ingress traffic |
|
IP Source Guard blocks traffic after host IP renewal |
|
Catalyst 3k/9k: Slow memory leak in linux_iosd-imag |
|
Missing/incorrect FED entries for IGMP Snooping on Cat9300/Cat3850/Cat3650 |
|
MACSEC Portchannel member interface stays permanently down after link flap |
|
Switch crashed at mcprp_pak_add_l3_inject_hdr with dhcp snooping |
|
Default ACL being enforced even dACL is applied after Reload |
|
FED_QOS_ERRMSG-3-POLICER_HW_ERROR on Catalysts 3650/3850 running 16.6 releases |
|
Hardware MAC address programming issue for remote client catalyst 9300 |
|
Cat9k not updating checksum after DSCP change |
|
multiple CTS sessions stuck in HELD/SAP_NE |
|
Memory leak in MACSec seen during SAP scale longevity |
|
High CPU Due To Looped Packet and/or Unicast DHCP ACK Dropped |
|
Mcast traffic loss seen looks due to missing fed entries during IGMP/MLD snooping. |
|
3850 stack SFP cannot be recognized on some port and the port link also do not up |
|
Cat9500 - Interface in Admin shutdown showing incoming traffic and interface Status led in green. |
|
NetFlow issue 3850 switch not sending TCP flags |
|
Cat3K | Cat9K - SVI becomes inaccesible upon reboot |
|
QinQ tunnels causing L2 loop in specific topology of Cat3850 |
|
Cat3k / Cat9k Gateway routes DHCP offer incorrectly after DHCP snooping |
|
Cat9300 | First packet not forwarded when (S,G) needs to be built |
|
MAC Access List Blocks Unintended Traffic |
|
DHCP SNOOPING DATABASE IS NOT REFRESHED AFTER RELOAD |
|
Authentication sessions does not come up on configuring dot1x when there is active client traffic . |
|
crash at sisf_show_counters after entering show device-tracking counters command |
|
Sessmgr CPU is going high due to DB cursor is not disabled after switchover |
Troubleshooting
For the most up-to-date, detailed troubleshooting information, see the Cisco TAC website at this URL:
https://www.cisco.com/en/US/support/index.html
Go to Product Support and select your product from the list or enter the name of your product. Look under Troubleshoot and Alerts, to find information for the problem that you are experiencing.
Related Documentation
Information about Cisco IOS XE at this URL: https://www.cisco.com/c/en/us/products/ios-nx-os-software/ios-xe/index.html
All support documentation for Cisco Catalyst 3850 Series Switches is at this URL: https://www.cisco.com/go/cat3850_docs
Cisco Validated Designs documents at this URL: https://www.cisco.com/go/designzone
To locate and download MIBs for selected platforms, Cisco IOS releases, and feature sets, use Cisco MIB Locator found at the following URL: https://cfnng.cisco.com/mibs
Communications, Services, and Additional Information
-
To receive timely, relevant information from Cisco, sign up at Cisco Profile Manager.
-
To get the business impact you’re looking for with the technologies that matter, visit Cisco Services.
-
To submit a service request, visit Cisco Support.
-
To discover and browse secure, validated enterprise-class apps, products, solutions and services, visit Cisco DevNet.
-
To obtain general networking, training, and certification titles, visit Cisco Press.
-
To find warranty information for a specific product or product family, access Cisco Warranty Finder.
Cisco Bug Search Tool
Cisco Bug Search Tool (BST) is a web-based tool that acts as a gateway to the Cisco bug tracking system that maintains a comprehensive list of defects and vulnerabilities in Cisco products and software. BST provides you with detailed defect information about your products and software.