|
Table Of Contents
Cisco MDS 9000 Family Release Notes
for Cisco MDS SAN-OS Release 3.1(1)Determining the Software Version
Selecting the Correct Software Image for an MDS 9100 Series Switch
Selecting the Correct Software Image for an MDS 9500 Series Switch
Migrating from Supervisor-1 Modules to Supervisor-2 Modules
Configuring Generation 2 Switching Modules
Upgrading Your Cisco MDS SAN-OS Software Image
Reconfiguring SSM Ports Before Upgrading to SAN-OS Release 3.1(1)
Upgrading the SSI Image on Your SSM
Upgrading a Switch with Insufficient Space for Two Images on the Bootflash
Performing a Disruptive Upgrade on a Single Supervisor MDS Family Switch
Downgrading Your Cisco MDS SAN-OS Software Image
General Downgrading Guidelines
Downgrading the SSI Image on Your SSM
New Features in Cisco MDS SAN-OS Release 3.1(1)
Cisco MDS 9124 Multilayer Fabric Switch Support
Nondisruptive Software Upgrades
Increased Oversubscription Ratios
SNMP over TCP Session Authentication
Virtual Router Redundancy Protocol (VRRP) Interfaces
Configuring Default Settings for the Default Zone
Regulatory Compliance and Safety Information
Installation and Configuration Note
Cisco Product Security Overview
Reporting Security Problems in Cisco Products
Product Alerts and Field Notices
Obtaining Technical Assistance
Cisco Technical Support & Documentation Website
Definitions of Service Request Severity
Obtaining Additional Publications and Information
Cisco MDS 9000 Family Release Notes
for Cisco MDS SAN-OS Release 3.1(1)
Release Date: January 12, 2007
Text Part Number: OL-12208-01L0
This document describes the caveats and limitations for switches in the Cisco MDS 9000 Family. Use this document in conjunction with documents listed in the "Related Documentation" section.
Note Release notes are sometimes updated with new information on restrictions and caveats. Refer to the following website for the most recent version of the Cisco MDS 9000 Family Release Notes: http://www.cisco.com/en/ CSCsg19148oducts/hw/ps4159/ps4358/prod_release_notes_list.html
Table 1 shows the online change history for this document.
Table 1 Online History Change
Revision Date DescriptionA0
01/04/2007
Created release notes.
B0
01/11/2007
Added "Upgrading a Switch with Insufficient Space for Two Images on the Bootflash".
Changed the state of DDTS CSCsg22134, CSCsg27527, and CSCsg30429 to Resolved.
C0
02/01/2007
Added DDTS CSCsg03171.
D0
02/27/2007
Added DDTS CSCsg72224, CSCsh17787, CSCsh28390, CSCsh29188, CSCsh29199, CSCsh32426, CSCsh34515, CSCsh40033, CSCsh53560, CSCsh53578, CSCsh59895, CSCsh60422, CSCsh66920, and CSCsh69086.
Changed the state of DDTS CSCsg19148 to Resolved.
E0
03/30/2007
Added DDTS CSCsg29630, CSCsh02602, CSCsh21262, CSCsh24256, CSCsh62126, CSCsh66010, CSCsh66920, CSCsh82676, CSCsh83200, CSCsh85505, CSCsh93540, and CSCsi24128.
Added the section "Performing a Disruptive Upgrade on a Single Supervisor MDS Family Switch".
Added the section "Configuring Default Settings for the Default Zone".
F0
04/05/2007
Revised the description of the Fabric Manager Enhancement, "New Login Procedure".
G0
05/01/2007
Changed the state of DDTS CSCsg52197 to Open.
H0
05/31/2007
Added DDTS CSCsh75149, CSCsi27133, and CSCsi33540.
I0
07/18/2007
Added DDTS CSCsj04224, CSCsj07363, and CSCsj19105.
Removed DDTS CSCei82909.
J0
08/24/2007
Added DDTS CSCsh95415.
K0
09/28/2008
Added DDTS CSCeh35635, CSCsg49151, CSCsg62704, CSCsh05721, CSCsi49231, and CSCsj65565.
L0
10/24/2007
Indicated that DDTS CSCsh31236 was opened in Cisco SAN-OS Release 3.1(1).
Added a Note about Downgrading from Cisco SAN-OS 3.2(1) to the "Downgrading Your Cisco MDS SAN-OS Software Image" section.
Contents
This document includes the following sections:
• Upgrading Your Cisco MDS SAN-OS Software Image
• Downgrading Your Cisco MDS SAN-OS Software Image
• New Features in Cisco MDS SAN-OS Release 3.1(1)
• Limitations and Restrictions
• Caveats
• Cisco Product Security Overview
• Obtaining Technical Assistance
• Obtaining Additional Publications and Information
Introduction
The Cisco MDS 9000 Family of Multilayer Directors and Fabric Switches provides industry-leading availability, scalability, security, and management, allowing you to deploy high performance storage-area networks with lowest total cost of ownership. Layering a rich set of intelligent features onto a high performance, protocol agnostic switch fabric, the Cisco MDS 9000 Family addresses the stringent requirements of large data center storage environments: uncompromising high availability, security, scalability, ease of management, and seamless integration of new technologies.
The Cisco MDS 9000 Family SAN-OS is the underlying system software that powers the Cisco MDS 9500 Series, 9200 Series, and 9100 Series multilayer switches. The Cisco SAN-OS provides intelligent networking features, such as multiprotocol and multitransport integration, virtual SANs (VSANs), advanced security, sophisticated debug analysis tools, and unified SAN management.
Components Supported
Table 2 lists the SAN-OS software part number and hardware components supported by the Cisco MDS 9000 Family.
Note To use the Cisco Storage Services Enabler package, Cisco MDS SAN-OS Release 1.3(5) or later must be installed on the MDS switch.
Table 2 Cisco MDS 9000 Family Supported Software and Hardware Components
Component Part Number Description Applicable ProductSoftware
M95S2K9-3.1.1
MDS 9500 Supervisor/Fabric-2, SAN-OS software.
MDS 9500 Series only
M95S1K9-3.1.1
MDS 9500 Supervisor/Fabric-I, SAN-OS software.
MDS 9500 Series only
M92S1K9-3.1.1
MDS 9216 Supervisor/Fabric-I, SAN-OS software.
MDS 9200 Series only
M91S2K9-3.1.1
MDS 9100 Supervisor/Fabric-2, SAN-OS software.
MDS 9100 Series only
M91S1K9-3.1.1
NDS 9100 Supervisor/Fabric-I, SAN-OS software
MDS 9100 Series only
License
M9500ENT1K9
Enterprise package.
MDS 9500 Series
M9200ENT1K9
Enterprise package.
MDS 9200 Series
M9100ENT1K9
Enterprise package.
MDS 9100 Series
M9500FIC1K9
Mainframe package.
MDS 9500 Series
M9200FIC1K9
Mainframe package.
MDS 9200 Series
M9100FIC1K9
Mainframe package.
MDS 9100 Series
M9500FMS1K9
Fabric Manager Server package.
MDS 9500 Series
M9200FMS1K9
Fabric Manager Server package.
MDS 9200 Series
M9100FMS1K9
Fabric Manager Server package.
MDS 9100 Series
M9500EXT1K9
SAN Extension over IP package for IPS-8 module.
MDS 9500 Series
M9200EXT1K9
SAN Extension over IP package for IPS-8 module.
MDS 9200 Series
M9500EXT14K9
SAN Extension over IP package for IPS-4 module.
MDS 9500 Series
M9200EXT14K9
SAN Extension over IP package for IPS-4 module.
MDS 9200 Series
M9500EXT12K9
SAN Extension over IP package for MPS 14+2 module.
MDS 9500 Series
M9200EXT12K9
SAN Extension over IP package for MPS 14+2 module.
MDS 9200 Series
M9500SSE1K9
Storage Services Enabler package.
MDS 9500 Series with SSM
M9200SSE1K9
Storage Services Enabler package.
MDS 9200 Series with SSM
M9124PL8-4G
On-Demand Ports Activation License
MDS 9124 Switch
Chassis
DS-C9513
MDS 9513 director (13-slot modular chassis with 11 slots for switching modules, and 2 slots reserved for Supervisor 2 modules only—SFPs1 sold separately).
MDS 9513 only
DS-C9509
MDS 9509 director, base configuration (9-slot modular chassis includes 7 slots for switching modules and 2 slots for supervisor modules—SFPs sold separately).
MDS 9509 only
DS-C9506
MDS 9506 director (6-slot modular chassis includes 4 slots for switching modules and 2 slots for supervisor modules—SFPs sold separately).
MDS 9506 only
DS-C9216-K9
MDS 9216 16-port semi-modular fabric switch (includes 16 1-Gbps/2-Gbps Fibre Channel ports, power supply, and expansion slot—SFPs sold separately).
MDS 9216 only
DS-C9216A-K9
MDS 9216A 16-port semi-modular fabric switch (includes 16 1-Gbps/2-Gbps Fibre Channel ports, power supply, and expansion slot—SFPs sold separately).
MDS 9216A only
DS-C9216i-K9
MDS 9216i 16-port semi-modular fabric switch (includes 14 1-Gbps/2-Gbps Fibre Channel ports, 2 Gigabit Ethernet ports, power supply, and expansion slot—SFPs sold separately).
MDS 9216i only
DS-C9140-K9
MDS 9140 fixed configuration (non-modular) fabric switch (includes 8 full rate ports and 32 host-optimized ports).
MDS 9140 only
DS-C9124-K9
MDS 9124 fixed configuration (non-modular) multilayer fabric switch (includes 8 enabled ports; an on-demand ports activation license can enable 8 additional ports, up to 24 ports).
MDS 9124 only
DS-C9120-K9
MDS 9120 fixed configuration, non-modular, fabric switch (includes 4 full rate ports and 16 host-optimized ports).
MDS 9120 only
External crossbar module
DS-13SLT-FAB1
MDS 9513 crossbar fabric module.
MDS 9513 only
Supervisor modules
DS-X9530-SF2-K9
MDS 9500 Supervisor-2, module.
MDS 9500 Series only
DS-X9530-SF1-K9
MDS 9500 Supervisor/Fabric-I module.
Switching modules
DS-X9016
MDS 9000 16-port 1-Gbps/2-Gbps Fibre Channel module (SFPs sold separately).
MDS 9500 Series and 9200 Series
DS-X9032
MDS 9000 32-port 1-Gbps/2-Gbps Fibre Channel module (SFPs sold separately).
DS-X9112
MDS 9000 12-port 4-Gbps Fibre Channel module (SFPs sold separately).
MDS 9500 Series and 9200 Series, except for the MDS 9216
DS-X9124
MDS 9000 24-port 4-Gbps Fibre Channel module (SFPs sold separately).
MDS 9500 Series and 9200 Series, except for the MDS 9216
DS-X9148
MDS 9000 48-port 4-Gbps Fibre Channel module (SFPs sold separately).
MDS 9500 Series and 9200 Series, except for the MDS 9216
DS-X9704
MDS 9000 4-port 10-Gbps Fibre Channel module (SFPs sold separately)
MDS 9500 Series and 9200 Series, except for the MDS 9216
Services modules
DS-X9308-SMIP
8-port Gigabit Ethernet IP Storage services module.
MDS 9500 Series and 9200 Series
DS-X9304-SMIP
4-port Gigabit Ethernet IP Storage services module.
DS-X9032-SSM
MDS 9000 32-port 1-Gbps/2-Gbps Fibre Channel Storage Services Module (SSM).
DS-X9302-14K9
14-port Fibre Channel/2-port Gigabit Ethernet Multiprotocol Services (MPS-14/2) module.
Optics
DS-X2-FC10G-SR
X2/SC optics, 10-Gbps Fibre Channel for Short Reach.
MDS 9500 Series and 9200 Series, except for the MDS 9216
DS-X2-FC10G-LR
X2/SC optics, 10-Gbps Fibre Channel for Long Reach.
DS-X2-FC10G-ER
X2/SC optics, 10-Gbps Fibre Channel for Extended Reach (40 km).
LC-type fiber-optic SFP
DS-SFP-FC-2G-SW
2-Gbps/1-Gbps Fibre Channel—short wavelength SFP.
MDS 9000 Family
DS-SFP-FC-2G-LW
2-Gbps/1-Gbps Fibre Channel—long wavelength SFP.
DS-SFP-FCGE-SW
1-Gbps Ethernet and 1-Gbps/2-Gbps Fibre Channel—short wavelength SFP.
DS-SFP-FCGE-LW
1-Gbps Ethernet and 1-Gbps/2-Gbps Fibre Channel—long wavelength SFP.
DS-SFP-GE-T
1-Gbps Ethernet SFP.
DS-SFP-FC4G-SW
4-Gbps/2-Gbps/1-Gbps Fibre Channel—short wavelength SFP for DS-X91xx switching modules.
MDS 9500 Series and 9200 Series, except for the MDS 9216
DS-SFP-FC4G-MR
4-Gbps/2-Gbps/1-Gbps Fibre Channel—long wavelength SFP for DS-X91xx switching modules only. Supports distances up to 4 km.
DS-SFP-FC4G-LW
4-Gbps/2-Gbps/1-Gbps Fibre Channel—long wavelength SFP for DS-X91xx switching modules only. Supports distances up to 10 km.
CWDM2
DS-CWDM-xxxx
Gigabit Ethernet and 1-Gbps/2-Gbps Fibre Channel SFP LC interface xxxx nm, where xxxx = 1470, 1490, 1510, 1530, 1550, 1570, 1590, or 1610 nm.
MDS 9000 Family
DS-CWDM-MUX-4
Add/drop multiplexer for four CWDM wavelengths.
DS-CWDM-MUX-8
Add/drop multiplexer for eight CWDM wavelengths.
DS-CWDMCHASSIS
Two slot chassis for CWDM add/drop multiplexers.
Power supplies
DS-CAC-6000W
6000-W AC power supply.
MDS 9513 only
DS-CAC-2500W
2500-W AC power supply.
MDS 9509 only
DS-CDC-2500W
2500-W DC power supply.
DS-CAC-3000W
3000-W AC power supply.
DS-CAC-4000W-US
4000-W AC power supply for US (cable attached).
DS-CAC-4000W-INT
4000-W AC power supply international (cable attached).
DS-CAC-1900W
1900-W AC power supply.
MDS 9506 only
DS-CDC-1900W
1900-W DC power supply.
DS-CAC-845W
845-W AC power supply.
MDS 9200 Series only
DS-CAC-300W
300-W3 AC power supply.
MDS 9100 Series only
CompactFlash
MEM-MDS-FLD512M
MDS 9500 supervisor CompactFlash disk, 512 MB.
MDS 9500 Series only
Port analyzer adapter
DS-PAA-2, DS-PAA
A standalone Fibre Channel-to-Ethernet adapter that allows for simple, transparent analysis of Fibre Channel traffic in a switched fabric.
MDS 9000 Family
CD-ROM
M90FM-CD-212=
MDS 9000 Management Software and Documentation CD-ROM, spare.
MDS 9000 Family
1 SFP = small form-factor pluggable
2 CWDM = coarse wavelength division multiplexing
3 W = Watt
Software Download Process
Use the software download procedure to upgrade to a later version, or downgrade to an earlier version, of an operating system. This section describes the software download process for the Cisco MDS SAN-OS and includes the following topics:
• Determining the Software Version
• Selecting the Correct Software Image for an MDS 9500 Series Switch
• Migrating from Supervisor-1 Modules to Supervisor-2 Modules
• Configuring Generation 2 Switching Modules
Determining the Software Version
To determine the version of Cisco MDS SAN-OS software currently running on a Cisco MDS 9000 Family switch using the CLI, log in to the switch and enter the show version EXEC command.
To determine the version of Cisco MDS SAN-OS software currently running on a Cisco MDS 9000 Family switch using the Fabric Manager, view the Switches tab in the Information pane, locate the switch using the IP address, logical name, or WWN, and check its version in the Release column.
Note We strongly recommend that you use the latest available software release supported by your vendor for all Cisco MDS 9000 Family products.
Downloading Software
The Cisco MDS SAN-OS software is designed for mission-critical high availability environments. To realize the benefits of nondisruptive upgrades on the Cisco MDS 9500 Directors, we highly recommend that you install dual supervisor modules.
To download the latest Cisco MDS SAN-OS software, access the Software Center at this URL:
http://www.cisco.com/public/sw-center
See the following sections in this release note for details on how you can nondisruptively upgrade your Cisco MDS 9000 switch. Issuing the install all command from the CLI, or using Fabric Manager to perform the downgrade, enables the compatibility check. The check indicates if the upgrade can happen nondisruptively or disruptively depending on the current configuration of your switch and the reason.
Compatibility check is done:
Module bootable Impact Install-type Reason
------ -------- -------------- ------------ ------
1 yes non-disruptive rolling
2 yes disruptive rolling Hitless upgrade is not supported
3 yes disruptive rolling Hitless upgrade is not supported
4 yes non-disruptive rolling
5 yes non-disruptive reset
6 yes non-disruptive reset
At a minimum, you need to disable the default device alias distribution feature using the no device-alias distribute command in global configuration mode. The show incompatibility system bootflash:1.3(x)_filename command determines which additional features need to be disabled.
Note Refer to the "Determining Software Compatibility" section of the Cisco MDS 9000 Family CLI Configuration Guide for more details.
Selecting the Correct Software Image for an MDS 9100 Series Switch
The system and kickstart image that you use for an MDS 9100 series switch depends on which switch you use, as shown in Table 3.
Table 3 Software Image for MDS 9100 Series Switch
Switch ImageMDS 9120 or MDS 9140
Filename begins with m9100-s1ek9
MDS 9124
Filename begins with m9100-s2ek9
Selecting the Correct Software Image for an MDS 9500 Series Switch
The system and kickstart image that you use for an MDS 9500 Series switch depends on whether the switch is based on a Supervisor-1 module or a Supervisor-2 module, as shown in Table 4.
Use the show module command to display the type of supervisor module in the switch.
For a Supervisor-1 module, the output might look like this:
switch# show module
Mod Ports Module-Type Model Status
--- ----- -------------------------------- ------------------ ------------
...
...
5 0 Supervisor/Fabric-1 DS-X9530-SF1-K9 active*
6 0 Supervisor/Fabric-1 DS-X9530-SF1-K9 ha-standby
For a Supervisor-2 module, the output might look like this:
switch# show module
Mod Ports Module-Type Model Status
--- ----- -------------------------------- ------------------ ------------
...
...
7 0 Supervisor/Fabric-2 DS-X9530-SF2-K9 active *
8 0 Supervisor/Fabric-2 DS-X9530-SF2-K9 ha-standby
Migrating from Supervisor-1 Modules to Supervisor-2 Modules
As of Cisco MDS SAN-OS Release 3.0(1), the Cisco MDS 9509 and 9506 Directors support both Supervisor-1 and Supervisor-2 modules. Supervisor-1 and Supervisor-2 modules cannot be installed in the same switch, except during migration. Both the active and standby supervisor modules must be of the same type, either Supervisor-1 or Supervisor-2 modules. For Cisco MDS 9513 Directors, both supervisor modules must be Supervisor-2 modules.
Caution Migrating your supervisor modules is a disruptive operation.
Note Migrating from Supervisor-2 modules to Supervisor-1 modules is not supported.
To migrate from a Supervisor-1 module to a Supervisor-2 module, refer to the step-by-step instructions in the Cisco MDS 9000 Family CLI Configuration Guide.
Configuring Generation 2 Switching Modules
The Cisco MDS 9500 Multilayer Directors are designed to operate with any combination of Cisco MDS 9000 Generation 1 and Generation 2 modules. However, there are limitations to consider when combining the various modules and supervisors in the Cisco MDS 9500 Series platform chassis. The references listed in this section provide specific information about configurations that combine different modules and supervisors.
For information on configuring Generation 2 switching modules, refer to:
http://www.cisco.com/en/US/products/ps5989/products_configuration_guide_chapter09186a0080664c6b.html
For information on port index availability, refer to:
http://www.cisco.com/en/US/products/ps5990/products_installation_guide_chapter09186a0080419599.html
For information on Cisco MDS 9000 hardware and software compatibility, refer to:
http://www.cisco.com/en/US/products/ps5989/products_device_support_table09186a00805037ee.html
Upgrading Your Cisco MDS SAN-OS Software Image
This section lists the guidelines recommended for upgrading your Cisco MDS SAN-OS software image and contains the following sections:
• General Upgrading Guidelines
• Reconfiguring SSM Ports Before Upgrading to SAN-OS Release 3.1(1)
• Upgrading the SSI Image on Your SSM
• Performing a Disruptive Upgrade on a Single Supervisor MDS Family Switch
Note If you would like to request a copy of the source code under the terms of either GPL or LGPL, please send an e-mail to mds-software-disclosure@cisco.com.
General Upgrading Guidelines
Use the following guidelines when upgrading to Cisco MDS SAN-OS Release 3.1(1):
•Install and configure dual supervisor modules.
•Issue the show install all impact upgrade-image CLI command to determine if your upgrade will be nondisruptive.
•Be aware that some features impact whether an upgrade is disruptive or nondisruptive:
•Follow the guidelines for upgrading a single supervisor switch as described in "Performing a Disruptive Upgrade on a Single Supervisor MDS Family Switch" section.
–Fibre Channel Ports: Traffic on Fibre Channel ports can be nondisruptively upgraded. See Table 5 for the nondisruptive upgrade path for all SAN-OS releases.
–SSM: Intelligent services traffic on the SSM, such as SANTap, NASB, and FC write acceleration, is disrupted during an upgrade. SSM Fibre Channel traffic is not.
–Gigabit Ethernet Ports: Traffic on Gigabit Ethernet ports is disrupted during an upgrade or downgrade. This includes IPS modules and the Gigabit Ethernet ports on the MPS-14/2 module. Those nodes that are members of VSANs traversing an FCIP ISL are impacted, and a fabric reconfiguration occurs. iSCSI initiators connected to the Gigabit Ethernet ports lose connectivity to iSCSI targets while the upgrade is in progress.
–IVR: With IVR enabled, you must follow additional steps if you are upgrading from Cisco SAN-OS Release 2.1.(1a), 2.1(1b), or 2.1.(2a). See the "Upgrading with IVR Enabled" section for these instructions.
–FICON: If you have FICON enabled, the upgrade path is different. See Table 6.
Use Table 5 to determine your nondisruptive upgrade path to Cisco SAN-OS Release 3.1(1). Find the image release number you are currently using in the Current column of the table and use the path recommended.
Note The software upgrade information in Table 5 applies only to Fibre Channel switching traffic. Upgrading system software disrupts IP traffic and SSM intelligent services traffic.
Use Table 6 to determine your nondisruptive upgrade path to Cisco MDS SAN-OS Release 3.1(1). Find the image release number you are currently using in the Current Release with FICON Enabled column of the table and use the path recommended.
Note Cisco MDS SAN-OS Release 3.1(1) is not FICON certified.
Upgrading with IVR Enabled
An Inter-Switch Link (ISL) flap resulting in fabric segmentation or a merge during or after an upgrade from Cisco MDS SAN-OS Release 2.0(x) to a later image where IVR is enabled might be disruptive. Some possible scenarios include the following:
•FCIP connection flapping during the upgrade process resulting in fabric segmentation or merge.
•ISL flap results in fabric segmentation or merge because of hardware issues or a software bug.
•ISL port becomes part of PCP results in fabric segmentation or merge because of a port flap.
If this problem occurs, syslogs indicate a failure and the flapped ISL could remain in a down state because of a domain overlap.
This issue was resolved in Cisco SAN-OS Release 2.1(2b); therefore, you must upgrade to Release 2.1(2b) before upgrading to Release 3.1(1). An upgrade from Cisco SAN-OS Releases 2.1(1a), 2.1(1b), or 2.1(2a) to Release 2.1(2b) when IVR is enabled requires that you follow the procedure below, and then follow the upgrade guidelines listed in the "General Upgrading Guidelines" section. If you have VSANs in interop mode 2 or 3, you must issue an IVR refresh for those VSANs.
To upgrade from Cisco SAN-OS Releases 2.1(1a), 2.1(1b), or 2.1(2a) to Release 2.1(2b) for all other VSANs with IVR enabled, follow these steps:
Step 1 Configure static domains for all switches in all VSANs where IVR is enabled. Configure the static domain the same as the running domain so that there is no change in domain IDs. Make sure that all domains are unique across all of the IVR VSANs. We recommend this step as a best practice for IVR-non-NAT mode. Issue the fcdomain domain id static vsan vsan id command to configure the static domains.
Note Complete Step 1 for all switches before moving to Step 2.
Step 2 Issue the no ivr virtual-fcdomain-add vsan-ranges vsan-range command to disable RDI mode on all IVR enabled switches. The range of values for a VSAN ID is 1 to 4093. This can cause traffic disruption.
Note Complete Step 2 for all IVR enabled switches before moving to Step 3.
Step 3 Check the syslogs for any ISL that was isolated.
2005 Aug 31 21:52:04 switch %FCDOMAIN-2-EPORT_ISOLATED:
%$VSAN 2005%$ Isolation of interface
port-channel 52 (reason: unknown failure)
2005 Aug 31 21:52:04 switch %FCDOMAIN-2-EPORT_ISOLATED: %$VSAN 2005%$
Isolation of interface port-channel 51
(reason: domain ID assignment failure)
Step 4 Issue the following commands for the isolated switches in Step 3:
switch(config)# vsan database
switch(config-vsan-db)# vsan vsan-id suspend
switch(config-vsan-db)# no vsan vsan-id suspend
Step 5 Issue the ivr refresh command to perform an IVR refresh on all the IVR enabled switches.
Step 6 Issue the copy running-config startup-config command to save the RDI mode in the startup configuration on all of the switches.
Step 7 Follow the normal upgrade guidelines for Release 2.1(2b). If you are adding new switches running Cisco MDS SAN-OS Release 2.1(2b) or later, upgrade all of your existing switches to Cisco SAN-OS Release 2.1(2b) as described in this workaround. Then follow the normal upgrade guidelines for Release 3.1(1).
Note RDI mode should not be disabled for VSANs running in interop mode 2 or interop mode 3.
Reconfiguring SSM Ports Before Upgrading to SAN-OS Release 3.1(1)
Starting with Cisco MDS SAN-OS Release 3.0(1), the SSM front panel ports can no longer be configured in auto mode, which is the default for releases prior to Release 3.0(1).
Note To avoid any traffic disruption, modify the configuration of the SSM ports as described below, before upgrading a SAN-OS software image prior to Release 3.1(1).
For more information on upgrading SAN-OS software, see the "Upgrading Your Cisco MDS SAN-OS Software Image" section.
If the configuration is not updated before the upgrade, the installation process for the new image will automatically convert all ports configured in auto mode to Fx mode. This change in mode might cause a disruption if the port is currently operating in E mode.
To upgrade the image on your SSM without any traffic disruption, follow these steps:
Step 1 Verify the operational mode for each port on the SSM using the show interface command:
switch# show interface fc 2/1 - 32
fc2/1 is up
Hardware is Fibre Channel, SFP is short wave laser w/o OFC (SN)
Port WWN is 20:4b:00:0d:ec:09:3c:00
Admin port mode is auto <-------- shows port is configured in auto mode
snmp traps are enabled
Port mode is F, FCID is 0xef0300 <-------- shows current port operational mode is F
Port vsan is 1
Speed is 2 Gbps
Transmit B2B Credit is 3
Step 2 Change the configuration for the first port of the quad when the admin port mode is auto. (A quad is a group of four ports, supported by a data path processor (DPP). The groups are 1 to 4, 5 to 8, 9 to 12, and so on.) Do not leave the port mode set to auto.
a. Set the port admin mode to E or Fx if the current operational port mode is E, TE, F or FL.
switch# config t
switch(config)# interface fc 2/1
switch(config-if)# switchport mode fx
b. Set the port admin mode to E if the current operational port mode is E:
switch# config t
switch(config)# interface fc 2/5
switch(config-if)# switchport mode e
Step 3 Change the configuration for ports 2, 3, and 4 of the quad:
a. Set the admin port mode to Fx if the admin port mode of these ports is E, TE, or auto.
switch# config t
switch(config)# interface fc 2/2
switch(config-if)# switchport mode fx
b. If the first port in the port group has admin mode E or if the port is operational in E port mode, change the admin state of ports 2, 3, and 4 to shutdown.
switch# config t
switch(config)# interface fc 2/2
switch(config-if)# shutdown
switch# copy running-config startup-config
Upgrading the SSI Image on Your SSM
Use the following guidelines to nondisruptively upgrade the SSI image on your SSM:
•Install and configure dual supervisor modules.
•SSM intelligent services traffic on SSM ports is disrupted during upgrades. Fibre Channel switching traffic is not disrupted under the following conditions:
–Upgrade the SSI boot images on the SSMs on the switch to a release version supported by your Cisco SAN-OS release. Refer to the Cisco MDS SAN-OS Release Compatibility Matrix for Storage Service Interface Images.
–All SSM applications are disabled. Use the show ssm provisioning CLI command to determine what applications are configured. Use the no ssm enable feature CLI command to disable these applications.
–No SSM ports are in auto mode. See the "Reconfiguring SSM Ports Before Upgrading to SAN-OS Release 3.1(1)" section.
–The EPLD version on the SSM is at 0x07 or higher. Use the show version module slot epld CLI command to determine your EPLD version. Refer to the Cisco MDS 9000 Family Release Notes for Cisco MDS 9000 EPLD Images to upgrade your EPLD image.
–Refer to the Cisco MDS Storage Services Module Interoperability Support Matrix and the "Managing Modules" chapter in the Cisco MDS 9000 Family CLI Configuration Guide, Release 3.x, for information on upgrading your SSM.
Caution Upgrading from Cisco MDS SAN-OS Release 2.1(1b) or earlier to Release 2.1.2 or later can disrupt traffic on any SSM installed on your MDS switch
Upgrading a Switch with Insufficient Space for Two Images on the Bootflash
To upgrade the SAN-OS image on a Cisco MDS 9000 Family switch requires enough space on the internal CompactFlash (also referred to as bootflash) to accommodate both the old software image and the new software image.
As of Cisco MDS SAN-OS Release 3.1(1), on MDS switches with a 256-MB CompactFlash, it is possible in some scenarios that a user might be unable to fit two images on the bootflash. This lack of space on the bootflash might cause the upgrade process to fail because new images are always copied onto the bootflash during an upgrade.
The following MDS switches are affected by this issue:
•MDS 9216 and MDS 9216i
•MDS 9120 and MDS 9140
•MDS 9500 Series switches with a Supervisor 1 module
To work around an image upgrade failure caused by a lack of space on the bootflash, follow these steps:
Step 1 Prior to installing the new image, copy the old (existing) system image file to an external server. You may need to reinstall this file later.
Step 2 Delete the old system image file from the bootflash by using either the Fabric Manager install utility or the CLI delete bootflash: command. The system image file does not contain the word "kickstart" in the filename.
switch# delete bootflash:m9200-ek9-mz.3.0.3.bin
Note On MDS 9500 Series switches, you also need to delete the image file from the standby supervisor after deleting it from the active supervisor.
switch# delete bootflash://sup-standby/m9500-sf1ek9-mz.3.0.3.bin
Step 3 Start the image upgrade or installation process using the Fabric Manager install utility or the CLI install all command.
Step 4 If the new installation or upgrade fails while copying the image and you want to keep the old (existing) image, then copy the old image (that you saved to an external server in Step 1) to the bootflash using either Fabric Manager or the copy command.
Step 5 If the switch fails to boot, then follow the recovery procedure described in the "Troubleshooting Installs, Upgrades, and Reboots" section of the Cisco MDS 9000 Family Troubleshooting Guide, Release 3.x.
Performing a Disruptive Upgrade on a Single Supervisor MDS Family Switch
Cisco MDS SAN-OS software upgrades are disruptive on the following single supervisor Cisco MDS Family switches:
•MDS 9120 switch
•MDS 9140 switch
•MDS 9216i switch
If you are performing an upgrade on one of those switches, you should follow the nondisruptive upgrade path shown in Table 5, even though the upgrade is disruptive. Following the nondisruptive upgrade path ensures that the binary startup configuration remains intact.
If you do not follow the upgrade path, (for example, you upgrade directly from SAN-OS Release 2.1(2b) to SAN-OS Release 3.1(2b)), the binary startup configuration is deleted because it is not compatible with the new image, and the ASCII startup configuration file is applied when the switch comes up with the new upgraded image. When the ASCII startup configuration file is applied, there may be errors. Because of this, we recommend that you follow the nondisruptive upgrade path.
Downgrading Your Cisco MDS SAN-OS Software Image
This section lists the guidelines recommended for downgrading your Cisco MDS SAN-OS software image and contains the following sections:
• General Downgrading Guidelines
• Downgrading the SSI Image on Your SSM
General Downgrading Guidelines
Use the following guidelines to nondisruptively downgrade your Cisco MDS SAN-OS Release 3.1(1):
•Install and configure dual supervisor modules.
•Issue the system no acl-adjacency-sharing execute command to disable acl adjacency usage on Generation 2 modules. If this command fails, reduce the number of zones, IVR zones, TE ports, or a combination of these in the system and issue the command again.
•Disable all features not supported by the downgrade release. Use the show incompatibility system downgrade-image CLI command to determine what you need to disable.
•Layer 2 switching traffic is not disrupted when downgrading to Cisco SAN-OS Release 2.1(2) or later.
•Use the show install all impact downgrade-image CLI command to determine if your downgrade will be nondisruptive.
•Be aware that some features impact whether a downgrade is disruptive or nondisruptive:
–Fibre Channel Ports: Traffic on Fibre Channel ports can be nondisruptively downgraded. See Table 7 for the nondisruptive downgrade path for all SAN-OS releases.
–SSM: Intelligent services traffic on the SSM, such as SANTap, NASB, and FC write acceleration, is disrupted during a downgrade. SSM Fibre Channel traffic is not.
–Gigabit Ethernet Ports: Traffic on Gigabit Ethernet ports is disrupted during a downgrade. This includes IPS modules and the Gigabit Ethernet ports on the MPS-14/2 module. Those nodes that are members of VSANs traversing an FCIP ISL are impacted, and a fabric reconfiguration occurs. iSCSI initiators connected to the Gigabit Ethernet ports lose connectivity to iSCSI targets while the downgrade is in progress.
–iSCSI: If you are downgrading from SAN-OS version 3.0(x) to a lower version of SAN-OS, enable iSCSI if an IPS module or a MPS-14/2 module is online in the switch. Otherwise, the downgrade will disrupt traffic.
–IVR: With IVR enabled, you must follow additional steps if you are downgrading from Cisco SAN-OS Release 2.1.(1a), 2.1(1b), or 2.1.(2a). See the "Upgrading with IVR Enabled" section for these instructions.
–FICON: If you have FICON enabled, the downgrade path is different. See Table 8.
–iSNS: The iSNS feature does not support a graceful downgrade from Cisco MDS SAN-OS Release 3.1(1) to any earlier SAN-OS release. Prior to a downgrade from Cisco SAN-OS 3.1(1), disable the MDS iSNS server and remove all configurations associated with the MDS iSNS client.
Use Table 7 to determine your nondisruptive downgrade path from Cisco SAN-OS Release 3.1(1). Find the SAN-OS image you want to downgrade to in the To SAN-OS Release column of the table and use the path recommended.
Note The software downgrade information in Table 7 applies only to Fibre Channel switching traffic. Downgrading system software disrupts IP and SSM intelligent services traffic.
Use Table 8 to determine your nondisruptive downgrade path from Cisco SAN-OS Release 3.1(1). Find the image release number you are currently using in the Current Release with FICON Enabled column of the table and use the path recommended.
Note Cisco MDS SAN-OS Release 3.1(1) is not FICON certified.
Downgrading the SSI Image on Your SSM
Use the following guidelines when downgrading your SSI image on your SSM.
•On a system with at least one SSM installed, the install all command might fail on an SSM when you downgrade from Cisco SAN-OS Release 3.1(1) to any SAN-OS 2.x release earlier than SAN-OS Release 2.1(2e). Power down the SSM and perform the downgrade. Bring up the SSM with the new bootvar set to the 2.x SSI image.
•Downgrade the SSI boot images on the SSMs on the switch to a release version supported by your Cisco SAN-OS release. Refer to the Cisco MDS SAN-OS Release Compatibility Matrix for Storage Service Interface Images.
•SSM intelligent services traffic switching on SSM ports is disrupted on upgrades or downgrades.
•Fibre Channel switching traffic on SSM ports is not disrupted under the following conditions:
–All SSM applications are disabled. Use the show ssm provisioning CLI command to determine if any applications are provisioned on the SSM. Use the no ssm enable feature configuration mode CLI command to disable these features.
–The EPLD version on the SSM is at 0x07 or higher. Use the show version module slot epld CLI command to determine your EPLD version. Refer to the Cisco MDS 9000 Family Release Notes for Cisco MDS 9000 EPLD Images to upgrade your EPLD image.
–Refer to the Cisco MDS Storage Services Module Interoperability Support Matrix and to the "Managing Modules" chapter in the Cisco MDS 9000 Family CLI Configuration Guide, Release 3.x for information on downgrading your SSM.
Note Following a downgrade from Cisco MDS SAN-OS Release 3.2(1) to an earlier SAN-OS release that does not support the Data Mobility Manager (DMM) feature that is offered from SAN-OS Release 3.2(1) onwards, you might have stale configuration information on the switch, if you had provisioned DMM on the SSM. In this situation, you can remove the stale configuration from the SSM by entering the following commands:
switch(config)#
poweroff module slot
switch# purge module slot running-config
New Features in Cisco MDS SAN-OS Release 3.1(1)
This section briefly describes the new features introduced in this release. For detailed information about the features listed, refer to the Cisco MDS 9000 Family CLI Configuration Guide and the Cisco MDS 9000 Family Fabric Manager Configuration Guide.
Note These release notes are specific to this release. For the complete Release 3.x documentation set, see the "Related Documentation" section.
Cisco MDS 9124 Multilayer Fabric Switch Support
Cisco MDS SAN-OS 3.1(1) supports the new Cisco MDS 9124 Multilayer Fabric Switch. The Cisco MDS 9124 Switch has 24 1-, 2-, and 4-Gbps auto-sensing Fibre Channel ports. It includes an on-demand port activation license feature that allows 8-port, 16-port, and 24-port configurations to optimize price and scalability.
Note By default, the first 8 ports on the Cisco MDS 9124 Switch are licensed.
The Cisco MDS 9124 Switch also provides a Quick Configuration Wizard with an easy-to-use interface that allows you to quickly enable server access to storage devices.
The Cisco MDS 9124 Switch does not support the following Cisco MDS SAN-OS features:
•IVR
•Remote SPAN
•Translative loop support
•FCC - no generation, quench reaction only
In addition, the following Cisco MDS SAN-OS features are limited on the Cisco MDS 9124 Switch:
•VSANs - 16 maximum
•SPAN - 1 session maximum
On-Demand Ports
The Cisco MDS 9124 Switch comes with 8 ports enabled. SAN connectivity can be expanded as needed using on-demand ports. The on-demand ports activation license enables 8 additional ports, for up to a total of 24 ports.
Nondisruptive Software Upgrades
Cisco SAN-OS 3.1(1) provides nondisruptive software upgrades for the Cisco MDS 9124 Switch.
Note This feature does not apply to the Cisco MDS 9120, Cisco MDS 9140, and Cisco MDS 9200 Series fabric switches.
Increased Oversubscription Ratios
When using port bandwidth reservation, the 24-port and 48-port 4-Gbps Fibre Channel switching modules might create oversubscription ratios greater than 5:1 on shared bandwidth ports in a group. The Cisco SAN-OS 3.0(x) software limits the maximum oversubscription ratios to 4:1 and 5:1 on the 24-port and 48-port modules, respectively.
Cisco SAN-OS Release 3.1(1) removes the restrictions on maximum oversubscription ratios allowed for shared 4-Gbps ports. If a customer chooses to downgrade from Cisco SAN-OS Release 3.1(1) and the configuration exceeds oversubscription limits allowed by Cisco SAN-OS Release 3.0(x), it is necessary to change the switch configuration prior to downgrading to meet release 3.0(x) limitations.
Device Alias Enhancements
As of Cisco SAN-OS Release 3.1(1), you can specify that aliases operate in basic or enhanced modes. When operating in basic mode, which is the default mode, the device alias is immediately expanded to a pWWN.
When operating in enhanced mode, applications accept a device alias name in its native format.Instead of expanding the device alias to a pWWN, the device alias name is stored in the configuration and distributed in its native device alias format. So applications such as zone server, IVR, PSM or DPVM can automatically keep track of the device alias membership changes and enforce them accordingly.
SNMP over TCP Session Authentication
Typical SNMP operations use UDP for transport, but SNMP over TCP is an option that was defined primarily as a more efficient bulk transfer mechanism within the SNMP framework (RFC3430). Unlike UDP, TCP also offers connection management and sessions at the transport layer. Cisco Fabric Manager uses SNMP over TCP for Cisco MDS 9000 Family switch management, because it provides more efficient and robust transport.
It is not practical to perform AAA server based authentication for every SNMP protocol data unit (PDU) request. To address this challenge, SNMP user credentials are cached for one hour in a Cisco MDS 9000 switch after successfully authenticating a SNMP request. On expiry of cached user credentials, SNMP PDU re-authentication is performed. This is not an issue when using SNMP over UDP, but it can be problematic when using SNMP over TCP because connection/session parameters are expected to remain intact throughout an entire session.
If a user's credentials are changed in the AAA server while a SNMP over TCP session/connection is active, SNMP authentication failures occur. This scenario adversely impacts Cisco Fabric Manager and is most prevalent when Secure-ID password systems are used, causing passwords to change frequently.
To address this challenge in Cisco SAN-OS Release 3.1(1), user credentials are captured at the beginning of an SNMP over TCP session. These credentials are used for authentication and privacy (encryption) of SNMP PDUs for an entire session. When an SNMP connection/session is closed, the user credentials for that session are cleaned up. This approach ensures user credentials changes do not disrupt management sessions already in progress, enabling the use of Secure-ID with Cisco Fabric Manager.
IP Network Simulator
The IP Network Simulator tool allows users to simulate a variety of IP data network conditions, including the ability to test the impact of network latency for Fibre Channel over IP (FCIP) or Internet Small Computer Systems Interface (iSCSI). The IP Network Simulator is a generic tool, so it can provide the simulation features for any Ethernet traffic; it is not limited to FCIP and iSCSI traffic to or from the Cisco MDS 9000 Family. The simulation handles full duplex Gigabit Ethernet traffic at full line rate.
The IP Network Simulator provides the following functions:
•Adding delay (150 milliseconds maximum)
•Limiting maximum throughput
•Dropping packets
•Reordering packets
The feature is only available for the Cisco 4-port and 8-port IP Storage Services modules and is managed using a command-line interface (CLI). A pair of Gigabit Ethernet ports must be dedicated for each Ethernet path requiring simulation; these ports cannot provide FCIP or iSCSI while in the network simulator mode.
Over Temperature Test Trap
A CLI command has been added to generate an over temperature trap. This trap can be used to verify that trap destinations are configured properly without resorting to removing switch power supplies, fan trays, and so on to trigger an alert. One potential use of this feature is to test a Call Home application that relies on Cisco MDS 9000 Family traps to trigger a trouble ticket without risking adverse impact to a production SAN.
FICON Tape Acceleration
FICON tape acceleration over FCIP provides the following advantages:
•Efficiently uses the tape device by decreasing idle time.
•Provides more sustained throughput as latency increases.
•Behaves similarly to FCP tape acceleration, and does not conflict with it.
FIPS Capabilities
The Federal Information Processing Standards (FIPS) Publication 140-2, Security Requirements for Cryptographic Modules, details the U.S. Government requirements for cryptographic modules. FIPS 140-2 specifies that a cryptographic module shall be a set of hardware, software, firmware, or some combination thereof that implements cryptographic functions or processes, including cryptographic algorithms and, optionally, key generation, and is contained within a defined cryptographic boundary.
Cisco MDS SAN-OS Release 3.1(1) implements FIPS features and is currently in the certification process with the U.S. Government. Cisco MDS SAN-OS Release 3.1(1) is not FIPS-compliant at this time.
Fabric Manager Enhancements
New Login Procedure
As of Cisco SAN-OS Release 3.1(1), logging into Fabric Manger is a two-part process that involves entering your username and password twice, in two different dialog boxes. To successfully complete the login process, you must:
•Log in to Fabric Manger Server by entering admin and password in the Fabric Manager Server dialog box.
•Enter your username, password, and seed switch address in the Discover New Fabric dialog box and then open the fabric.
To log in to Fabric Manger Server, follow these steps:
Step 1 Double-click the Fabric Manager Client icon on your workstation.
Step 2 Enter admin, the default username, and password, the default password, in the Fabric Manager Server Login dialog box.
Step 3 Enter the the IP address of the Fabric Manger Server or set it to it to localhost if you installed Fabric Manager Server on your local workstation.
Step 4 Click Login.
To discover new fabrics, follow these steps:
Step 1 In the Discover New Fabric dialog box, enter the IP address of the Cisco MDS 9000 Family seed switch that you want Fabric Manager to use.
Step 2 Enter your username and password.
Step 3 Choose the Auth-Privacy option MD5-DES (default) when you log in.
Step 4 Click Discover.
The Open Fabric dialog box displays.
Step 5 Check the check box(es) next to the fabric(s) you want to open in the Select column, or click Discover to add a new fabric.
Step 6 Click Open to open the fabric.
For additional information about logging in to Fabric Manager and setting the seed switch, refer to "Setting the Seed Switch in Cisco SAN-OS Release 3.1(1) and Later" in the Cisco MDS 9000 Family Fabric Manager Configuration Guide.
Off-line Provisioning with Device Aliases
When deploying new servers, it is common to preconfigure zoning and other features before they are attached to a storage network. Prior to unpacking and setting up servers, the pWWNs of the host bus adapters are not known. Using a device alias enables SAN configuration to be created ahead of time, then updated quickly by assigning the pWWNs to the aliases once the servers are available.
Cisco MDS Fabric Manager Release 3.1(1) can pre-provision the following switch features using the following device alias enhancements:
•Zoning and Inter-VSAN Routing (IVR)
•Dynamic Port VSAN Membership (DPVM)
•Port Security
Quick Configuration Wizard
A quick configuration wizard is included with Cisco MDS Device Manager to simplify zoning and VSAN configuration on very small SAN fabrics. When combined with the other Cisco MDS Device Manager capabilities, this tool allows users to perform all essential Cisco MDS 9000 Family fabric switch configuration; customers do not need to install and use Cisco MDS Fabric Manager unless they choose to.
JDBC Support
Support for the industry standard JDBC API is being included in Cisco Fabric Manager for improved scalability with larger fabrics and for configurations with extremely large zoning requirements. Initially only Oracle Database 10g Express Edition (Oracle Database XE) is supported as an alternative database through this API, but the range of supported databases will expand in future releases.
Note This is an optional feature that requires separate Oracle Database installation and additional Cisco FM configuration.
Report Generation with Third-Party Tools
Third-party report generation tools like Crystal Reports can access the Cisco Fabric Manager relational database to create fully customized reports. The database schema is being documented and published to facilitate use. For additional information, see the Cisco MDS 9000 Family Fabric Manager Server Database Schema Guide.
Note No third-party tools are packaged with Cisco Fabric Manager or are resold as add-ons.
Gigabit Ethernet Performance Monitoring
Transmit and receive throughput statistics on Gigabit Ethernet ports used for iSCSI and FCIP can be monitored by Cisco Fabric Manager Server. In addition to throughput, Cisco Fabric Manager Server calculates a compression ratio for the port's aggregate transmit traffic. This is useful for trending FCIP compression ratios.
Note Gigabit Ethernet performance statistics are not captured for the management port on Supervisor modules.
Performance>Others Report
The Performance>Others Report allows users to collect throughput and error statistics for any MIB variable. This report can be set up quickly to collect supervisor CPU utilization and memory utilization. It presents the description the user enters, the switch the statistic was collected from, and an average of the value over the reporting period. All of these "other" statistics are listed in a single table.
The configuration dialog box includes presets that simplify setup for these more commonly used values. The table entries can also be graphed like the standard performance statistics collected by Cisco Fabric Manager Server.
Note No performance thresholds are provided for these values in Cisco Fabric Manager Server. RMON in the switch needs to be used if a user requires an alert if a threshold is crossed.
User Defined Sampling Interval
Statistics for host connections, storage connections, and flows are sampled at a fixed, 5-minute interval. In Cisco MDS Fabric Manager Server Release 3.1(1), added flexibility has been provided for ISLs. Users may configure the sampling interval for ISLs to provide increased resolution for these critical links. The ISL sampling interval can be set between 30 seconds and 5 minutes (for example, 30seconds, 1 minute, 1.5 minutes, 2 minutes, and so on).
Limitations and Restrictions
This section lists the limitations and restrictions for this release.
CWDM SFPs
The 2-Gbps CWDM SFPs do not have have a maximum speed set in memory and they negotiate to 4-Gbps on modules that support the higher speed. As a result, the link comes up and appears to work, but then becomes disabled and connectivity problems occur. To correct this problem, both sides of the connection must have their speed hard coded to 2-Gbps.
Fabric Manager
Observe the following limitations or restrictions for the Cisco SAN-OS Release 3.1(1) for Fabric Manager:
•The Microsoft Security Patch MS06-040 is known to break applications with a large heap memory. If you increase any Java application's heap (including Fabric Manager) beyond 64 M, we recommend you do not apply this patch.
•If port 80 on the switch is blocked and you are using VPN, FM cannot detect NAT addresses. The timeout for URL connections is set for 500ms.
iSNS
Observe the following behaviors regarding the iSNS server and client:
•The iSNS feature does not support a graceful downgrade from Cisco MDS SAN-OS Release 3.1(1) to any earlier SAN-OS release. Prior to a downgrade from Cisco SAN-OS 3.1(1), disable the MDS iSNS server and remove all configurations associated with the MDS iSNS client.
•The Cisco MDS 9000 switches iSNS server does not support registration, query, or state change information from an actual iSCSI target.
•The iSNS client registers all targets outside the permitted VSAN if you configure the iSCSI interface and targets to be part of different VSANs.
•The iSNS client functionality on Cisco MDS 9000 switches does not work on VRRP interfaces.
•The iSNS client functionality on Cisco MDS 9000 switches does not support registration of iSLB initiators.
Interop Mode 4 Support
Cisco MDS SAN-OS Release 3.1(1) does not support interop mode 4 on the Cisco MDS 9124 Switch.
MTU Size Limitation
The Cisco MDS 9216i switch and MPS-14/2 module do not support an MTU size greater than 8000 bytes. An attempt to set the MTU size greater than 8000 bytes will result in an error. As a workaround, reset the value of the MTU size (576 to 8000 bytes) and issue the no shutdown command on the interface for normal operation.
Reconfiguring SSM Ports
Starting with Cisco MDS SAN-OS Release 3.0(1), the SSM front panel ports can no longer be configured in auto mode, which is the default for releases prior to Release 3.1(1). For instructions about how to modify the configuration of the ports before upgrading to SAN-OS Release 3.1(1), see the "Reconfiguring SSM Ports Before Upgrading to SAN-OS Release 3.1(1)" section.
Virtual Router Redundancy Protocol (VRRP) Interfaces
When a switchover occurs on a switch that is the master for Virtual Router Redundancy Protocol (VRRP) interfaces, the switchover may cause a minor delay. As a result, the VRRP backup (occurring elsewhere) may assume the role of the VRRP master. As a workaround, increase the VRRP advertisement interval for these interfaces.
Configuring Default Settings for the Default Zone
Following an upgrade from any Cisco SAN-OS 2.x release to any Cisco SAN-OS 3.x release, the configuration defined by the zone default-zone permit vsan vsan-id command is applied only to the active VSAN. The configuration does not apply to unconfigured VSANs. In SAN-OS 3.x, you can apply the configuration to unconfigured VSANs by issuing the system default zone default-zone permit command.
Similarly, the zoneset distribute full vsan vsan-id command applies only to the active VSAN following an upgrade from any Cisco SAN-OS 2.x release to any Cisco SAN-OS 3.x release.
Although you can configure the default-zone settings in the setup script, these settings do not take effect for VSAN 1, because VSAN 1 already exits prior to running the setup script. To configure the default settings for the default-zone in VSAN 1, you must explicitly enter the zone default-zone permit command.
Caveats
This section lists the open and resolved caveats for this release. Use Table 9 to determine the status of a particular caveat. In the table, "O" indicates an open caveat and "R" indicates a resolved caveat.
Table 9 Open Caveats and Resolved Caveats Reference
DDTS Number Software Release (Open or Resolved) 3.0(3) 3.1(1)Severity 2
O
R
O
R
O
R1
O
R
O
R
-
O
O
O
O
O
-
R
-
O
-
R
O
R
-
O
-
O
-
O
O
O
O
O
O
O
O
O
O
O
Severity 3
O
O
O
O
O
O
O
O
O
R
O
R
O
R
O
R
O
R
O
R
O
R
O
R
O
O
O
R 1
O
R
O
R 1
O
R
O
O
O
R
-
O
O
R
O
R
O
R
O
R
O
R
O
R
O
R
O
R
O
R
O
R
O
R
O
R
O
O
-
O2
-
O
-
O
-
O
-
O
-
O
-
O
-
O
-
O
-
O
-
O
-
O
-
O
-
O
O
O
-
O
-
O
-
O
-
O
O
O
-
O
O
O
O
O
O
O
O
O
Severity 4
O
R
O
R
Severity 6
O
O
-
R
O
R
-
O
1 This issue is resolved in the Cisco MDS 9000 Family Fabric Manager Release 3.0(3a). For more information, refer to the Release Notes for Cisco MDS 9000 Family Fabric Manager Release 3.0(3a).
2 This caveat was opened in Cisco MDS 9000 Family Fabric Manager Release 3.0(3a).
Resolved Caveats
•CSCsd97376
Symptom: On the Cisco MDS 9000 4-port 10-Gbps Fibre Channel module, one of the applications would crash during port flaps because of a memory corruption in the application.
Workaround: None. This issue is resolved.
•CSCsg17437
Symptom: On the Cisco MDS 9000 Family 12-port, 24-port and 48-port 4-Gbps Fibre Channel modules and the Cisco MDS 9000Family 4-port 10-Gbps Fibre Channel module, the communications component that communicates with the Supervisor modules has an issue where its receiver erroneously indicates an available frame when there is none. As a result, the software might attempt to access a memory location, which could lead to a kernel crash. This situation is extremely rare.
Workaround: None. This issue is resolved.
•CSCsg22134
Symptom: When the server.hostname parameter is set to an IP address in the server.properties file, the Fabric Manager Server restart message repeatedly displays in the Fabric Manager Client open dialog box.
Workaround: None. This issue is resolved in the Cisco MDS 9000 Family Fabric Manager Release 3.0(3a). For more information, refer to the Release Notes for Cisco MDS 9000 Family Fabric Manager Release 3.0(3a).
•CSCsg35972
Symptom: Under rare conditions, it is possible that a Cisco MDS9216i Switch or an MPS-14/2 module running FCIP might experience port software failures, causing a flap on the Gigabit Ethernet interface. You may see messages like the following:
2006 Sep 7 23:13:20 mdspd1 %ETHPORT-5-IF_DOWN_SOFTWARE_FAILURE: Interface GigabitEthernet1/1 is down (Port software failure)
2006 Sep 7 23:13:20 mdspd1 %KERN-3-SYSTEM_MSG: Sibyte: Error: CoreId 1 out of range
2006 Sep 7 23:13:20 mdspd1 %PORT-5-IF_DOWN_INITIALIZING: %$VSAN 2%$ Interface fcip1 is down (Initializing)
2006 Sep 7 23:13:20 mdspd1 %PORT-5-IF_DOWN_SOFTWARE_FAILURE: %$VSAN 4094%$ Interface iscsi1/1 is down (Port software failure)
2006 Sep 7 23:13:26 mdspd1 %IPS_SB_MGR-SLOT1-2-PORT_SOFTWARE_FAILURE: Port software failure, module 1 port 1
2006 Sep 7 23:13:26 mdspd1 %IPS_SB_MGR-SLOT1-2-PORT_SOFTWARE_FAILURE: Port software failure, module 1 port 1
2006 Sep 7 23:13:37 mdspd1 %PORT-5-IF_DOWN_ADMIN_DOWN: %$VSAN 4094%$ Interface iscsi1/1 is down (Administratively down)
2006 Sep 7 23:13:46 mdspd1 %ETHPORT-5-IF_UP: Interface GigabitEthernet1/1 is up
2006 Sep 7 23:13:49 mdspd1 %PORT-5-IF_UP: %$VSAN 2%$ Interface fcip1 is up in mode TE
2006 Sep 7 23:13:49 mdspd1 %PORT-5-IF_UP: %$VSAN 2%$ Interface fcip1 is up in mode TE
Workaround: None. This issue is resolved.
•CSCsg37901
Symptom: When fabric binding is enabled on a third-party switch in a fabric in interop mode 4, the zone server process on the MDS switch shuts down.
Workaround: None. This issue is resolved.
•CSCsg93617
Symptom: When an MDS switch is configured in interop mode 1 or interop mode 4 in a multi-switch fabric, a third-party switch cannot send an RSCN to the connected devices when an ISL link goes down in the fabric.
Workaround: None. This issue is resolved.
•CSCsh25050
Symptom: In interop mode 4, a third-party switch would not properly interpret the SW-RSCN sent by the MDS switch. As a result, the third-party switch would not send an RSCN to the connected devices when a device on an MDS switch went offline or online. A fix has been made to send the appropriate value in the SW-RSCN suitable for the third-party switch to interpret properly the SW-RSCN and then send the RSCN to the attached devices.
Workaround: None. This issue is resolved.
•CSCsh27840
Symptom: While using an FCIP link for remote SPAN, it is possible that the FCIP link may flap.
Workaround: None. This issue is resolved.
•CSCse70275
Symptom: The Qlogic 2460 HBA fails to remote boot when it connects to a VT instantiated by SANTap on the SSM because the Qlogic 2460 BIOS sends a test ready unit with an invalid command reference number (CRN) and task attribute field. This same HBA can boot when SANTap and the SSM are not part of the configuration.
Workaround: None. This issue is resolved.
•CSCse99087
Symptom: A user called snmp-user can successfully log into an MDS switch through the CLI, but cannot log in through Fabric Manager or Device Manager. The login attempt fails with this error:
SNMP: Unknown username
Workaround: None. This issue is resolved.
•CSCsf27608
Symptom: Following an upgrade from Cisco SAN-OS 2.1(2b) to Cisco SAN-OS 3.0(2), a VSAN carrying FICON traffic was not trunking and the remote Domain Manager was not responding.
Workaround: None. This issue is resolved.
•CSCsf30937
Symptom: On rare occasions following an upgrade from Cisco MDS SAN-OS 2.1(2b) to Cisco SAN-OS 3.0(2a), module configurations might be removed.
Workaround: None. This issue is resolved.
•CSCsg03171
Symptom: The dynamic port VSAN membership (DPVM) failed after the number of F ports exceeded 64 and a port flap occurred.
Workaround: None. This issue is resolved
•CSCsg05037
Symptom: Cisco Fabric Manager shows read-write community strings for other communities when a user is logged in with a read-only community string.
Workaround: None. This issue is resolved.
•CSCsg12096
Symptom: When in-order delivery (IOD) is disabled, an entry in the accounting log is posted showing that it is enabled.
Workaround: None. This issue is resolved.
•CSCsg19148
Symptom: Time zone changes that are executed on an MDS switch do not take effect on the 12-port, 24-port, and 48 port 1-Gbps/2-Gbps/4-Gbps Fibre Channel modules, and on the 4-port 10-Gbps module. This issue occurs in SAN-OS Releases 3.0(1), 3.0(2), 3.0(2a), and 3.0(3).
Time zone changes that are executed on an MDS switch do not take effect on the 16-port or 32-port 1-Gbps/2-Gbps module, on the 4-port or 8-port Gigabit Ethernet IP services module, the MPS 14/2 module, and on the SSM. This issue occurs in SAN-OS Release 3.0(3).
This issue has no effect on functionality. However, debug messages and syslogs from the MDS switching modules will have incorrect timestamps if the time zone is configured on an MDS switch.
Workaround: None. This issue is resolved.
•CSCsg27527
Symptom: Following an upgrade of the Fabric Manager to Cisco MDS SAN-OS 3.0(3), some hosts have a status of "not in fabric" in the VSAN local zone. In addition, the hosts do not appear in the VSAN host table or in the IVR device database. As a result, Fabric Manager cannot be used to configure zones or IVR zones for these hosts.
Workaround: None. This issue is resolved in the Cisco MDS 9000 Family Fabric Manager Release 3.0(3a). For more information, refer to the Release Notes for Cisco MDS 9000 Family Fabric Manager Release 3.0(3a).
•CSCsg29400
Symptom: If you use Device Manager to create a target initiator and then you select Edit, Device Manager allows the entry to be a host address with a /24 mask, but it should only allow a /32 mask for a host address.
Workaround: None. This issue is resolved.
•CSCsg30429
Symptom: If you click the Dump FM Server popup menu item, or use the Fabric Manager Server info command, the Fabric Manager Server displays an error message.
Workaround: None. This issue is resolved in the Cisco MDS 9000 Family Fabric Manager Release 3.0(3a). For more information, refer to the Release Notes for Cisco MDS 9000 Family Fabric Manager Release 3.0(3a).
•CSCsg41556
Symptom: Following an upgrade from Cisco SAN-OS 2.0(2b) to Cisco SAN-OS 3.0(2) on a switch where Fabric Binding is enabled, the switch displays this message:
%LICMGR-3-LOG_LIC_NO_LIC: No license(s) present for feature ENTERPRISE_PKG. Application(s) shutdown in xx days.
Fabric Binding incorrectly causes the ENTERPRISE_PKG to start the grace period even if Fabric Binding is being used solely for FICON VSANs under the installed MAINFRAME_PKG license.
Workaround: None. This issue is resolved.
•CSCsg62359
Symptom: If a user attempts to log in using TACACS+ authentication to an MDS switch or an SSH server configured on the switch, the login might fail if password-authentication is the first login method the user tries.
Workaround: None. This issue is resolved.
•CSCsg62816
Symptom: On all Cisco MDS Fibre Channel modules, remote spanning does not work if the size of the spanned packet is more than 2112 octets. Remote spanning works normally for packet sizes less than or equal to 2112 octets.
Workaround: None. This issue is resolved.
•CSCsg80637
Symptom: Files placed on the volatile: partition cannot be copied or viewed by a user with the network-admin role.
Workaround: None. This issue is resolved.
•CSCsg81220
Symptom: On the Cisco MDS 9000 Family 12-port, 24-port and 48-port 4-Gbps Fibre Channel modules and the Cisco MDS 9000 Family 4-port 10-Gbps Fibre Channel module, it is possible during port flaps to have a credits overrun or underrun situation that might bring down all or some of the ports, or possibly cause the module to reboot in some rare cases.
Workaround: None. This issue is resolved
•CSCsg82792
Symptom: When trying to copy a core file from an MDS switch to a location such as a TFTP server, the system asks for the core filename, but the actual filename is not visible in the CLI.
Workaround: None. This issue is resolved.
•CSCsg90318
Symptom: When you use the run-script command in conjunction with conditional services such as TACACS+ and IVR, the script fails with command parse errors.
Workaround: None. This issue is resolved.
•CSCsg91838
Symptom: The Fabric Manager Configuration Analysis Tool shows mismatches when there are none.
Workaround: None. This issue is resolved.
•CSCsg93198
Symptom: A single SSH login attempt from Fabric Manager causes the MDS switch to make seven authentication requests to the TACACS+ server. If user lockout is configured, this may cause the user account to be locked.
Workaround: None. This issue is resolved.
•CSCsg94749
Symptom: If an MDS switch running Cisco SAN-OS 3.0(x) is configured so that the default gateway is on the FCIP network and there is a static route for the management LAN, then the FCIP tunnel might go down.
Workaround: None. This issue is resolved.
•CSCsg95021
Symptom: Following a reboot of a SAN Volume Controller (SVC) node, all SVC Nx port registers are Fibre Channel 4 in the native VSAN, but some of them are not exported in the IVR VSAN.
Workaround: None. This issue is resolved.
•CSCsg96497
Symptom: Following an upgrade to Cisco SAN-OS 3.x in a chassis where Generation 2 modules are present and FC flows are present, if you create and delete FC flows several times, then FC flows might not be able to be created anymore. You might see the following message in Fabric Manager when you click Finish after creating an FC flow:
Snmp: acltcam: Unable to allocate memory
Workaround: None. This issue is resolved.
•CSCsg99049
Symptom: Fabric Manager does not allow you to create more than 2048 flows per switch. The actual limitation is 2048 flows for a Generation 2 module and 024 flows for a Generation 1 module.
Workaround: None. This issue is resolved.
•CSCsg99790
Symptom: When an SSH session is opened for only a brief period, an MDS switch may send the following kinds of messages, indicating that the local tty is not available:
%DAEMON-3-SYSTEM_MSG: error: ioctl(TIOCSCTTY): Input/output error
%DAEMON-3-SYSTEM_MSG: error: open /dev/tty failed - could not set controlling tty: No such device or address
%DAEMON-3-SYSTEM_MSG: error: /dev/pts/0: No such file or directory
Workaround: None. This issue is resolved.
•CSCsg31247
Symptom: If the startup configuration and the running configuration contain the same configuration items, but have differences in terms of format (spaces or empty lines), then the output of the show running-config diff command will not be blank.
Workaround: None. This issue is resolved.
•CSCsg31334
Symptom: When you create a user with the name user, only the snmp-user is created and not the corresponding CLI user. There is no warning message about this.
Workaround: None. This issue is resolved.
•CSCse92334
Symptom: Interop mode 4 did not work properly with an i10k switch.
Workaround: None. This issue is resolved.
•CSCsd92433
Symptom: Additional information is needed from the show tech-support command.
Workaround: None. This issue is resolved through the addition of the following new commands:
–show tech-support port-channel
–show tech-support fcdomain
–show tech-support fcns
–show tech-support rscn
–show tech-support issu
–show tech-support device-alias
–show tech-support span
–show install all failure-reason
Open Caveats
•CSCsg49151
Symptom: If you bring up more than one link at a time between two VSANs that have overlapping domains and at least one of the switches is SDV enabled, one link will become isolated. The other links will come up, even though the domains are overlapping. In addition, the SDV virtual domains will change, causing traffic disruption on all devices associated with their old value.
Workaround: Bring up multiple links between two switches one at a time. Verify that the first link came up correctly before attempting to bring up the next link. If the first link fails to come up because of a domain ID overlap, resolve the domain conflict and then try again to bring up the links.
•CSCsg50263
Symptom: Due to possible differences in parts per million between the MAC ASICs on both sides of an ISL link, there is a potential throughput issue when running QoS over an ISL on an MDS 48-port Fibre Channel module. Specifically, the user may not see traffic throughput that follows the programmed QoS ratios. The throughput ratio on the high and/or medium priority class of service (COS) relative to the low priority COS, may not be as high as the actual programmed ratio.
Workaround: If you experience this issue, try one of the following:
–Move the ISL to a port on a different port group on one and/or both sides of the link.
–Move the ISL to a port on a lower-density card if you require accurate QoS ratios.
•CSCsg72224
Symptom: The fabric login (FLOGI) process fails while new hosts are initializing. The show flogi internal event error command shows that a module is not present.
Workaround: Re-install the module.
•CSCsh02602
Symptom: On large fabrics with many PortChannels, the Fabric Manager Server may consume 99-100% of the CPU for extended periods of time.
Workaround: Restart the Fabric Manager Server.
•CSCsh27851
Symptom: If you create a PortChannel with a number higher than 128, IP over Fibre Channel (IPFC) ping does not work.
Workaround: Renumber the PortChannel with a number in the range 1 to 128.
•CSCsh31236
Symptom: On a Cisco MDS 9513 Switch, when there are more than 512 ports on a single chassis, some ports with indexes between 0x200 and 0x20f may not come up. In addition, some ports with indexes between 0x0 and 0xf may show unexpected behavior when the ports with indexes between 0x200 and 0x20f are brought up. To display the port indexes, issue the show system internal fcfwd idxmap port-to-interface command. The port indexes appear in the column with the heading "glob idx."
Workaround: Do not bring up more than 512 ports. To ensure that the port indexes between 0x0 and 0xf behave correctly, follow these steps:
1. Issue the shut command for ports with indexes 0x200 to 0x20f.
2. Issue the shut command for the ports with indexes 0x0 to 0xf, followed by the no shut command for the same port indexes.
•CSCsi24128
Symptom: If you are using a Cisco MDS 16-port or 32-port 2-Gbps Fibre Channel switching module, a 4-port or 8-port Gigabit Ethernet IP Storage services module, the Storage Services Module (SSM), or the 14/2-port Multiprotocol Services (MPS-14/2) module and you perform a nondisruptive upgrade to Cisco SAN-OS 3.1(1), 3.1(2), or 3.1(2a), the modules do not correctly route traffic to any new modules that you insert following the upgrade.
Workaround: To workaround this issue, do one of the following:
–Reload the Cisco MDS 16-port or 32-port 2-Gbps Fibre Channel switching module, the 4-port or 8-port Gigabit Ethernet IP Storage services module, the Storage Services Module (SSM), or the 14/2-port Multiprotocol Services (MPS-14/2) module
–Reload the standby supervisor module (in slot 6/9 only)
–Perform a supervisor switchover
–Upgrade to Cisco SAN-OS Release 3.1(2b)
•CSCsi33540
Symptom: On a 4-Gbps Fibre Channel module, PLOGI accepts were discarded because the port was initially an F port, but had been changed to an E port.
Workaround: To resolve this issue, follow these steps:
1. Remove the E port from the PortChannel.
2. Reconfigure the port as an F port.
3. Issue the shut command on the port.
4. Change the port to an E port
5. Add the port to the PortChannel.
6. Enter the no shut command on the port.
•CSCsi49231
Symptom: 100% CPU utilization was seen on an MDS switch. It was caused by repeated fabric logins (FLOGIs) on a particular port. This situation can occur if a host cannot log in because the allocation of the FC ID fails, and keeps re-trying using a specific pattern of Source FC IDs (S_IDs) for the FLOGI frame.
Workaround: The interface will now be error-disabled for too many FLOGI failures.
To troubleshoot the configuration and find the reason for the FC ID allocation failure, examine the messages in the syslog. Refer to the Cisco MDS 9000 Family CLI Configuration Guide for detailed information about FLOGI, FC IDs, and FC ID allocation for HBAs.
•CSCsj04224
Symptom: If you install a feature license on any module, then the storage services module (SSM) with the SCSI flow feature will be reprovisioned and write acceleration on the flows will be affected.
Workaround: To work around this issue, please contact Cisco TAC. They can help you recover from this problem by guiding you through the following steps:
1. Enter the shutdown command to shut the host and storage ports that are using the SCSI flow.
2. Enter the no scsi-flow flow-id flow-id command to remove the SCSI flow.
3. Enter the no ssm enable feature scsi-flow force module slot-number command to unprovision the SCSI flow. This will reload the module.
4. When the module is up, enter the ssm enable feature scsi-flow module slot-number command to enable the SCSI flow feature.
5. Reconfigure the SCSI flow.
•CSCsj19105
Symptom: A crash might occur in the intelligent line card (ILC) helper process when provisioning or deprovisioning a storage application on the SSM card.
Workaround: If the ILC helper dumps core memory three times, reboot the switch for it to function normally. Use the show cores command to determing if the ILC helper has dumped core memory.
•CSCsj65565
Symptom: Spectra Logic tape drives require a unique area ID.
Workaround: Add the company OUI ID to the swtich database so that the switch can assign unique area IDs to the Spectra Logic tape drives.
•CSCin95789
Symptom: When you configure Cisco Traffic Analyzer to capture traffic on one or more interfaces on a Windows platform, the configuration web page might not show that the interface has been selected for traffic capture even though traffic capture on that interface is enabled.
Workaround: Check the logs to clarify that the correct interface has been selected.
•CSCsd15794
Symptom: If the iSNS Client has registered with the iSNS server, and does not send any protocol messages to the server, the iSNS Server might not time out idle sessions from the iSNS client.
Workaround: Clear the session explicitly from the iSNS Client side.
•CSCsd21187
Symptom: If an iSNS client tries to register a portal separately after registering the network entity and storage node object with the Cisco MDS iSNS server, the portal registration might fail.
Workaround: Register the portal at the same time as the network entity and storage node object registration.
•CSCse31881
Symptom: If there are IPFC interfaces configured on an SSM, you might experience issues if you downgrade from SAN-OS Release 3.x to Release 2.x.
Workaround: Before downgrading, remove the IPFC interface on the module and then recreate the IPFC interface after the downgrade is complete.
•CSCsg19303
Symptom: Graceful shutdowns of ISLs are not supported for IVR traffic.
Workaround: Increase the fspf cost on the link before it is shut down, so that traffic will flow through an alternate path.
•CSCsg52197
Symptom: After you install an MPS-14/2 module, the power capacity level on the switch might be incorrect.
Workaround: To correct the power capacity level, switch the power capacity from Redundant to Combined and then back to Redundant again.
•CSCsg62704
Symptom: On an MDS switch with dual supervisor modules, the bootflash on the standby supervisor is replaced with a new bootflash. Then there is a system switchover. Then the bootflash on the new standby supervisor (which was previously the active supervisor) is replaced. The copy running-config startup-config command is used to save the configuration, but the console speed does not get saved. Instead, the console speed is reset to 9600.
Workaround: After you replace the bootflash and the standby supervisor boots up, issue the copy running-config startup-config command to synchronize the configuration from the active supervisor to the standby supervisor.
•CSCsh05721
Symptom: An association call from a VSAN to its logical switch returns a particular WWN, but an association call from the physical system to the virtual system does not return the same WWN, which indicates that the logical switch is not associated to the physical switch.
Workaround: None.
•CSCsh17787
Symptom: If you are using Fabric Manager Web Services to generate a Custom Report for End Devices, you might not be able to see the devices connected to the different port groups on the MDS 9000 48-port 4-Gbps Fibre Channel module. However, the same report shows the devices connected to the port groups on the MDS 9000 32-port 1-Gbps/2-Gbps Fibre Channel Storage Services Module (SSM).
Workaround: None.
•CSCsh21262
Symptom: Changing fabric credentials from a local SNMP user to a TACACS+ user in Cisco Fabric Manager using server > admin results in a Fabric Manager Server error.
Workaround: Close the fabric and then reopen it using the new TACACS+ user credentials, with Accelerate Discover unchecked.
•CSCsh24256
Symptom: It is possible for the hardware interface that is used to access SFPs and temperature sensors on modules to lock up. This inhibits the detection of a subsequent removal or insertion of an SFP and results in the failure to read a module's temperature sensors.
Workaround: Reload the module to recover the sensor.
•CSCsh28390
Symptom: Dynamic port VSAN membership (DPVM) entries are configured and activated in the DPVM database, but the output of the show dpvm ports vsan command is null. This occurs only with ports that are assigned a dynamic VSAN based on a device alias configuration in the DPVM, as opposed to ports that have a dynamic VSAN assigned based on nWWN or pWWN configuration.
Workaround: None, although a device can be configured using its pWWN instead of a device alias.
•CSCsh29188
Symptom: The Type field in the DPVM active database displays incorrectly in Fabric Manager.
Workaround: Look at the information through the command-line interface (CLI).
•CSCsh29199
Symptom: The WWN/Name value in the DPVM active database displays incorrectly in Fabric Manager.
Workaround: Look at the information through CLI.
•CSCsh32426
Symptom: During a downgrade to a Cisco MDS SAN-OS software image, any activity that requires hardware programming results in a standby supervisor being reset and the downgrade being terminated.
Workaround: Make sure that there are no port up or down events, and no configuration changes during the downgrade. Then retry the downgrade operation.
•CSCsh34515
Symptom: Occassionally, follwing an IVR zone set activation, IVR fails to export some devices to other VSANs. (For scalability reasons, IVR maintains a run-time cache of all devices in IVR zones that have been successfully activated. If activation fails in a VSAN and later succeeds, then devices that are members of that VSAN are not added to the cache.)
Workaround: None.
•CSCsh40033
Symptom: When a device is removed from remote switch, the device might still appear in the name server database, and the fcns refresh command might fail to remove the stale entry.
Workaround: To remove the state entry from the name server database, follow these steps:
1. Connect a device on the remote switch which is not part of the active zone set.
2. Apply the refresh fcns command required by Cisco.
3. Use the show fcns database command to verify that the stale entry was removed.
4. Shut down the new device or add it to the active zone set if needed.
•CSCsh53560
Symptom: Volatile memory might get full because captured IVR PLOGI records are not deleted after the PLOGIs are released. This situation occurs when one or more hosts send unexpectedly large numbers of PLOGIs in a short time, such as when a VMware host sends PLOGIs to disks with no LUNs exposed to the host SAN volume controller (SVC) environment.
Workaround: Identify the host-disk pairs that are involved in the frequent PLOGIs and remove them from IVR zones.
•CSCsh53578
Symptom: During a Cisco MDS SAN-OS software upgrade, the ACLTCAM process may restart if an unexpected value is read from an unused hardware TCAM location. As a result, the upgrade of this module and subsequent modules may be terminated.
Workaround: Retry the upgrade operation.
•CSCsh59895
Symptom: During an upgrade to Cisco MDS SAN-OS Release 3.1(2) when IVR is configured, an access control list (ACL) process may exit in some cases if it encounters a specific error condition. This scenario causes a module to reload.
Workaround: None.
•CSCsh60422
Symptom: IVR zone activation and deactivation may fail in VSANs that are in interop mode 4, if a user-configured IVR VSAN topology is used.
Workaround: Use IVR auto topology mode.
•CSCsh62126
Symptom: When compression is enabled on an FCIP link, the throughput on the GigabitEthernet interface may be reduced, as compared to uncompressed throughput. Depending on the data pattern, this may or may not impact application throughput.
Workaround: If application throughput is reduced, disable compression on the FCIP link.
•CSCsh66010
Symptom: If the limit of 5000 iSCSI sessions is reached and new initiators try create sessions, a memory leak may occur.
Workaround: Do not exceed the 5000 session limit.
•CSCsh66920
Symptom: In Cisco Fabric Manager Release 3.1(1), some tables in the database are cleared after a fabric is persisted to the database. This causes Fabric Manager Client to show empty ISLs or end ports in the Inventory page, as well as zero ISLs, zero end ports, or zero flows in the Performance page.
Workaround: None.
•CSCsh69086
Symptom: Zone member configuration based on interface domain does not work correctly in Cisco MDS SAN-OS 3.1(1) and3.1(2) when you use CLI commands to configure interface-domain zones.
Workaround: Use Cisco Fabric Manager to configure interface-domain zones.
•CSCsh75149
Symptom: In rare situations, an upgrade to Cisco MDS SAN-OS 3.0(3) or higher may cause an MDS 9000 16-port Fibre Channel switching module to reload during the upgrade process. After the upgrade image is loaded on the module, a memory manager process reads the hardware to restore itself to its pre-upgrade state. While doing so, it finds an invalid entry in memory and then crashes while trying to process that entry. As a result, the module reloads, which clears the invalid entry and the module then comes up fully operational. However, the module reload may abort the upgrade process and the remaining modules may require manual upgrades.
You may see syslog messages similar to the following:
2007 Apr 2 11:15:35 MDS1 %IMAGE_DNLD-SLOT1-2-IMG_DNLD_STARTED: Module image
download process. Please wait until completion...
2007 Apr 2 11:15:49 MDS1 %IMAGE_DNLD-SLOT1-2-IMG_DNLD_COMPLETE: Module image
download process. Download successful.
2007 Apr 2 11:16:59 MDS1 %ACL-2-ACL_LINECARD_STATUS: Status from
linecard: 0, for module: acltcam(ID: 0), status : 0, error_id: 0x40320002,
catastrophic: FALSE, restart count: 0.
2007 Apr 2 11:17:48 MDS1 %ACL-2-ACL_LINECARD_STATUS: Status from
linecard: 0, for module: acltcam(ID: 0), status : 0, error_id: 0x40320002,
catastrophic: TRUE, restart count: 2.
2007 Apr 2 11:17:48 MDS1 %MODULE-5-MOD_REINIT: Re-initializing module 1(serial: xyz)
2007 Apr 2 11:18:07 MDS1 %PLATFORM-5-MOD_DETECT: Module 1 detected (Serial number xyz)
2007 Apr 2 11:18:07 MDS1 %PLATFORM-5-MOD_PWRUP: Module 1 powered up (Serial number xyz) ..
2007 Apr 2 11:18:53 MDS1 %MODULE-5-MOD_OK: Module 1 is online (serial: xyz)Workaround: Upgrade to Cisco MDS SAN-OS Release 3.1(3). Alternatively, check for invalid hardware entries before attempting an upgrade. If no such entries are found, then the upgrade process will not encounter this issue. The following example shows the commands you can use to check for invalid entries on a module:
switch#
attach module <module number>
module-<n>#
show process acltcam luxor 0 input dump | exclude e00000000000000000 | include ": e"
module-<n># show process acltcam luxor 0 input dump | exclude e00000000000000000 | include ": f"
module-<n>#
show process acltcam luxor 0 output dump | exclude e00000000000000000 | include ": e"
module-<n>#
show process acltcam luxor 0 output dump | exclude e00000000000000000 | include ": f"
module-<n>#
show process acltcam luxor 1 input dump | exclude e00000000000000000 | include ": e"
module-<n>#
show process acltcam luxor 1 input dump | exclude e00000000000000000 | include ": f"
module-<n>#
show process acltcam luxor 1 output dump | exclude e00000000000000000 | include ": e"
module-<n>#
show process acltcam luxor 1 output dump | exclude e00000000000000000 | include ": f"•CSCsh82676
Symptom: Cisco Fabric Manager may display a licensed fabric as unlicensed in the Open Fabric dialog box.
Workaround: Click the Refresh button to update the license information.
•CSCsh83200
Symptom: If you remove a fan tray module from an MDS 9500 series switch that is running Cisco MDS SAN-OS Release 3.0(1), 3.0(2), 3.0(2a) 3.0(2b), 3.0(3), 3.1(1), 3.1(2) or 3.1(2a), the switch shuts down if you do not replace the fan tray module within 170 seconds. (In all other SAN-OS releases, you have 250 seconds to replace it.)
Workaround: None.
•CSCsh85505
Symptom: The SNMP Getbulk request in Cisco SAN-OS 3.1(1) does not work correctly when the non-repeaters argument is set to a number other than zero. This results in an erroneous error.
Workaround: Set the non-repeaters argument to zero when issuing SNMP Getbulk requests.
•CSCsh93540
Symptom: If the Fabric Manager client loses connectivity to the Fabric Manager server, the client displays the error "no such object in table." The user is then unable to manage the fabric.
Workaround: Close the Fabric Manager client and restart it.
•CSCsh95415
Symptom: After setting the clock from Fabric Manager (using SNMP), I/O timeouts were observed. The network time protocol (NTP) was not sending the notification that the clock had changed.
Workaround: Set the clock through the CLI.
•CSCsi27133
Symptom: If an interface index map is not programmed correctly, the Port Manager continues to bring up the port, which results in an ACL programming failure and the following error message:
%ZONE-2-ZS_TCAM_PROGRAMMING_FAILED: %$VSAN xxx%$ TCAM operation failed : Unknown, Reason: idxmap ioctl failure
Because of the programming failure, the port is effectively useless, even though it is up.
Workaround: None.
•CSCsj07363
Symptom: An SNMP Get-Next Request for the MIB object ip.ipAddrTable.ipAddrEntry.ipAdEntIfIndex on an MDS 9000 switch resolves by asking ifIndex for a loopback address. Because there is no hardware (ifIndex) for a loopback address, the ifIndex reply for this interface is skipped and the next possible instance of the object, which is IP-MIB::ipAdEntNetMask, is returned.
Workaround: There are two ways you can work around this issue. Do one of the following:
–Use the CISCO-IP-IF-MIB, which has richer vocabulary than the standard MIB. The same information along with more details can be derived.
–Use the Get-Next request in a series for ipAdEntAddr to learn about the all the address instances. Then do a series of specific Get Request requests for respective instances of ipAdEntIfIndex and ignore the loopback address.
•CSCeh35635
Symptom: For passwords authenticated by an AAA server, the MDS switch should inform the user when their password is about to expire.
Workaround: This is an enhancement. It is available only for CLI logins. Fabric Manager and Device currently do not support this feature.
•CSCsg29630
Symptom: During a Fabric Manager upgrade, the following files were not preserved: AAA.properties and emccallhome.properties.
Workaround: None.
Related Documentation
The documentation set for the Cisco MDS 9000 Family includes the following documents. To find a document online, use the Cisco MDS SAN-OS Documentation Locator at this URL: http://www.cisco.com/en/US/customer/products/ps5989/products_documentation_roadmap09186a00804500c1.html
For information on IBM TotalStorage SAN Volume Controller Storage Software for the Cisco MDS 9000 Family, refer to the IBM TotalStorage Support website: http://www.ibm.com/storage/support/2062-2300/Release Notes
•Cisco MDS 9000 Family Release Notes for Cisco MDS SAN-OS Releases
•Cisco MDS 9000 Family Release Notes for Storage Services Interface Images
•Cisco MDS 9000 Family Release Notes for Cisco MDS SVC Releases
•Cisco MDS 9000 Family Release Notes for Cisco MDS 9000 EPLD Images
Compatibility Information
•Cisco MDS 9000 SAN-OS Hardware and Software Compatibility Information
•Cisco MDS 9000 Family Interoperability Support Matrix
•Cisco MDS Storage Services Module Interoperability Support Matrix
•Cisco MDS SAN-OS Release Compatibility Matrix for IBM SAN Volume Controller Software for Cisco MDS 9000
•Cisco MDS SAN-OS Release Compatibility Matrix for Storage Service Interface Images
Regulatory Compliance and Safety Information
•Regulatory Compliance and Safety Information for the Cisco MDS 9000 Family
Hardware Installation
•Cisco MDS 9500 Series Hardware Installation Guide
•Cisco MDS 9200 Series Hardware Installation Guide
•Cisco MDS 9100 Series Hardware Installation Guide
•Cisco MDS 9020 Fabric Switch Hardware Installation Guide
Cisco Fabric Manager
•Cisco MDS 9000 Family Fabric Manager Quick Configuration Guide
•Cisco MDS 9000 Family Fabric Manager Configuration Guide
•Cisco MDS 9000 Fabric Manager Online Help
•Cisco MDS 9000 Fabric Manager Web Services Online Help
•Cisco MDS 9000 Family Fabric Manager Database Schema
Command-Line Interface
•Cisco MDS 9000 Family Software Upgrade and Downgrade Guide
•Cisco MDS 9000 Family Storage Services Module Software Installation and Upgrade Guide
•Cisco MDS 9000 Family CLI Quick Configuration Guide
•Cisco MDS 9000 Family CLI Configuration Guide
•Cisco MDS 9000 Family Command Reference
•Cisco MDS 9000 Family Quick Command Reference
•Cisco MDS 9020 Fabric Switch Configuration Guide and Command Reference
•Cisco MDS 9000 Family SAN Volume Controller Configuration Guide
Troubleshooting and Reference
•Cisco MDS 9000 Family Troubleshooting Guide
•Cisco MDS 9000 Family MIB Quick Reference
•Cisco MDS 9020 Fabric Switch MIB Quick Reference
•Cisco MDS 9000 Family SMI-S Programming Reference
•Cisco MDS 9000 Family System Messages Reference
•Cisco MDS 9020 Fabric Switch System Messages Reference
Installation and Configuration Note
•Cisco MDS 9000 Family SSM Configuration Note
•Cisco MDS 9000 Family Port Analyzer Adapter Installation and Configuration Note
•Cisco 10-Gigabit Fibre Channel X2 Transceiver Module Installation Note
•
Obtaining Documentation
Cisco documentation and additional literature are available on Cisco.com. This section explains the product documentation resources that Cisco offers.
Cisco.com
You can access the most current Cisco documentation at this URL:
http://www.cisco.com/techsupport
You can access the Cisco website at this URL:
You can access international Cisco websites at this URL:
http://www.cisco.com/public/countries_languages.shtml
Product Documentation DVD
The Product Documentation DVD is a library of technical product documentation on a portable medium. The DVD enables you to access installation, configuration, and command guides for Cisco hardware and software products. With the DVD, you have access to the HTML documentation and some of the PDF files found on the Cisco website at this URL:
http://www.cisco.com/univercd/home/home.htm
The Product Documentation DVD is created and released regularly. DVDs are available singly or by subscription. Registered Cisco.com users can order a Product Documentation DVD (product number DOC-DOCDVD= or DOC-DOCDVD=SUB) from Cisco Marketplace at the Product Documentation Store at this URL:
http://www.cisco.com/go/marketplace/docstore
Ordering Documentation
You must be a registered Cisco.com user to access Cisco Marketplace. Registered users may order Cisco documentation at the Product Documentation Store at this URL:
http://www.cisco.com/go/marketplace/docstore
If you do not have a user ID or password, you can register at this URL:
http://tools.cisco.com/RPF/register/register.do
Documentation Feedback
You can provide feedback about Cisco technical documentation on the Cisco Technical Support & Documentation site area by entering your comments in the feedback form available in every online document.
Cisco Product Security Overview
Cisco provides a free online Security Vulnerability Policy portal at this URL:
http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html
From this site, you will find information about how to do the following:
•Report security vulnerabilities in Cisco products
•Obtain assistance with security incidents that involve Cisco products
•Register to receive security information from Cisco
A current list of security advisories, security notices, and security responses for Cisco products is available at this URL:
To see security advisories, security notices, and security responses as they are updated in real time, you can subscribe to the Product Security Incident Response Team Really Simple Syndication (PSIRT RSS) feed. Information about how to subscribe to the PSIRT RSS feed is found at this URL:
http://www.cisco.com/en/US/products/products_psirt_rss_feed.html
Reporting Security Problems in Cisco Products
Cisco is committed to delivering secure products. We test our products internally before we release them, and we strive to correct all vulnerabilities quickly. If you think that you have identified a vulnerability in a Cisco product, contact PSIRT:
•For emergencies only — security-alert@cisco.com
An emergency is either a condition in which a system is under active attack or a condition for which a severe and urgent security vulnerability should be reported. All other conditions are considered nonemergencies.
•For nonemergencies — psirt@cisco.com
In an emergency, you can also reach PSIRT by telephone:
•1 877 228-7302
•1 408 525-6532
Tip We encourage you to use Pretty Good Privacy (PGP) or a compatible product (for example, GnuPG) to encrypt any sensitive information that you send to Cisco. PSIRT can work with information that has been encrypted with PGP versions 2.x through 9.x.
Never use a revoked encryption key or an expired encryption key. The correct public key to use in your correspondence with PSIRT is the one linked in the Contact Summary section of the Security Vulnerability Policy page at this URL:
http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html
The link on this page has the current PGP key ID in use.
If you do not have or use PGP, contact PSIRT to find other means of encrypting the data before sending any sensitive material.
Product Alerts and Field Notices
Modifications to or updates about Cisco products are announced in Cisco Product Alerts and Cisco Field Notices. You can receive Cisco Product Alerts and Cisco Field Notices by using the Product Alert Tool on Cisco.com. This tool enables you to create a profile and choose those products for which you want to receive information.
To access the Product Alert Tool, you must be a registered Cisco.com user. (To register as a Cisco.com user, go to this URL: http://tools.cisco.com/RPF/register/register.do) Registered users can access the tool at this URL: http://tools.cisco.com/Support/PAT/do/ViewMyProfiles.do?local=en
Obtaining Technical Assistance
Cisco Technical Support provides 24-hour-a-day award-winning technical assistance. The Cisco Technical Support & Documentation website on Cisco.com features extensive online support resources. In addition, if you have a valid Cisco service contract, Cisco Technical Assistance Center (TAC) engineers provide telephone support. If you do not have a valid Cisco service contract, contact your reseller.
Cisco Technical Support & Documentation Website
The Cisco Technical Support & Documentation website provides online documents and tools for troubleshooting and resolving technical issues with Cisco products and technologies. The website is available 24 hours a day at this URL:
http://www.cisco.com/techsupport
Access to all tools on the Cisco Technical Support & Documentation website requires a Cisco.com user ID and password. If you have a valid service contract but do not have a user ID or password, you can register at this URL:
http://tools.cisco.com/RPF/register/register.do
Note Use the Cisco Product Identification Tool to locate your product serial number before submitting a request for service online or by phone. You can access this tool from the Cisco Technical Support & Documentation website by clicking the Tools & Resources link, clicking the All Tools (A-Z) tab, and then choosing Cisco Product Identification Tool from the alphabetical list. This tool offers three search options: by product ID or model name; by tree view; or, for certain products, by copying and pasting show command output. Search results show an illustration of your product with the serial number label location highlighted. Locate the serial number label on your product and record the information before placing a service call.
Tip Displaying and Searching on Cisco.com
If you suspect that the browser is not refreshing a web page, force the browser to update the web page by holding down the Ctrl key while pressing F5.
To find technical information, narrow your search to look in technical documentation, not the entire Cisco.com website. On the Cisco.com home page, click the Advanced Search link under the Search box and then click the Technical Support & Documentation radio button.
To provide feedback about the Cisco.com website or a particular technical document, click Contacts & Feedback at the top of any Cisco.com web page.Submitting a Service Request
Using the online TAC Service Request Tool is the fastest way to open S3 and S4 service requests. (S3 and S4 service requests are those in which your network is minimally impaired or for which you require product information.) After you describe your situation, the TAC Service Request Tool provides recommended solutions. If your issue is not resolved using the recommended resources, your service request is assigned to a Cisco engineer. The TAC Service Request Tool is located at this URL:
http://www.cisco.com/techsupport/servicerequest
For S1 or S2 service requests, or if you do not have Internet access, contact the Cisco TAC by telephone. (S1 or S2 service requests are those in which your production network is down or severely degraded.) Cisco engineers are assigned immediately to S1 and S2 service requests to help keep your business operations running smoothly.
To open a service request by telephone, use one of the following numbers:
Asia-Pacific: +61 2 8446 7411
Australia: 1 800 805 227
EMEA: +32 2 704 55 55
USA: 1 800 553 2447For a complete list of Cisco TAC contacts, go to this URL:
http://www.cisco.com/techsupport/contacts
Definitions of Service Request Severity
To ensure that all service requests are reported in a standard format, Cisco has established severity definitions.
Severity 1 (S1)—An existing network is "down" or there is a critical impact to your business operations. You and Cisco will commit all necessary resources around the clock to resolve the situation.
Severity 2 (S2)—Operation of an existing network is severely degraded, or significant aspects of your business operations are negatively affected by inadequate performance of Cisco products. You and Cisco will commit full-time resources during normal business hours to resolve the situation.
Severity 3 (S3)—Operational performance of the network is impaired while most business operations remain functional. You and Cisco will commit resources during normal business hours to restore service to satisfactory levels.
Severity 4 (S4)—You require information or assistance with Cisco product capabilities, installation, or configuration. There is little or no effect on your business operations.
Obtaining Additional Publications and Information
Information about Cisco products, technologies, and network solutions is available from various online and printed sources.
•The Cisco Online Subscription Center is the website where you can sign up for a variety of Cisco e-mail newsletters and other communications. Create a profile and then select the subscriptions that you would like to receive. To visit the Cisco Online Subscription Center, go to this URL:
http://www.cisco.com/offer/subscribe
•The Cisco Product Quick Reference Guide is a handy, compact reference tool that includes brief product overviews, key features, sample part numbers, and abbreviated technical specifications for many Cisco products that are sold through channel partners. It is updated twice a year and includes the latest Cisco channel product offerings. To order and find out more about the Cisco Product Quick Reference Guide, go to this URL:
•Cisco Marketplace provides a variety of Cisco books, reference guides, documentation, and logo merchandise. Visit Cisco Marketplace, the company store, at this URL:
http://www.cisco.com/go/marketplace/
•Cisco Press publishes a wide range of general networking, training, and certification titles. Both new and experienced users will benefit from these publications. For current Cisco Press titles and other information, go to Cisco Press at this URL:
•Internet Protocol Journal is a quarterly journal published by Cisco Systems for engineering professionals involved in designing, developing, and operating public and private internets and intranets. You can access the Internet Protocol Journal at this URL:
•Networking products offered by Cisco Systems, as well as customer support services, can be obtained at this URL:
http://www.cisco.com/en/US/products/index.html
•Networking Professionals Connection is an interactive website where networking professionals share questions, suggestions, and information about networking products and technologies with Cisco experts and other networking professionals. Join a discussion at this URL:
http://www.cisco.com/discuss/networking
•"What's New in Cisco Documentation" is an online publication that provides information about the latest documentation releases for Cisco products. Updated monthly, this online publication is organized by product category to direct you quickly to the documentation for your products. You can view the latest release of "What's New in Cisco Documentation" at this URL:
http://www.cisco.com/univercd/cc/td/doc/abtunicd/136957.htm
•World-class networking training is available from Cisco. You can view current offerings at this URL:
http://www.cisco.com/en/US/learning/index.html
This document is to be used in conjunction with the documents listed in the "Related Documentation" section.
CCVP, the Cisco Logo, and the Cisco Square Bridge logo are trademarks of Cisco Systems, Inc.; Changing the Way We Work, Live, Play, and Learn is a service mark of Cisco Systems, Inc.; and Access Registrar, Aironet, BPX, Catalyst, CCDA, CCDP, CCIE, CCIP, CCNA, CCNP, CCSP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, Cisco Press, Cisco Systems, Cisco Systems Capital, the Cisco Systems logo, Cisco Unity, Enterprise/Solver, EtherChannel, EtherFast, EtherSwitch, Fast Step, Follow Me Browsing, FormShare, GigaDrive, GigaStack, HomeLink, Internet Quotient, IOS, iPhone, IP/TV, iQ Expertise, the iQ logo, iQ Net Readiness Scorecard, iQuick Study, LightStream, Linksys, MeetingPlace, MGX, Networking Academy, Network Registrar, Packet, PIX, ProConnect, RateMUX, ScriptShare, SlideCast, SMARTnet, StackWise, The Fastest Way to Increase Your Internet Quotient, and TransPath are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the United States and certain other countries.
All other trademarks mentioned in this document or Website are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (0612R)
© 2007 Cisco Systems, Inc. All rights reserved.
Posted: Wed Oct 24 11:27:17 PDT 2007
All contents are Copyright © 1992--2007 Cisco Systems, Inc. All rights reserved.
Important Notices and Privacy Statement.