CHANGE HISTORY -------------- 09 August 2006 Version 12.1(22)EA8a - cigesm-i6q4l2-tar.121-22.EA8a.tar This release resolves the following issues: CSCsd74990 When a switch has multiple management VLAN (Virtual Local Area Network) interfaces, the IP (Internet Protocol) addresses for all active interfaces are now reachable from a host or network device. CSCse11516 Configuring the switch for a port monitor session on a remote VLAN no longer causes packet flooding on other interfaces that are not configured for the monitor session. CSCse25863 When you are using a web browser to manage the CIGESM (Cisco Intellegent Gigabit Ethernet Switch Module), Device Manager now correctly requires you to enter username and password, even when the switch is booted without a configuration file or when the configuration file was removed after returning to the manufacturing default configuration. 18 May 2006 Version 12.1(22)EA8 - cigesm-i6q4l2-tar.121-22.EA8.tar This release resolves the following issues: CSCsb82422 The switch does now forwards an IEEE (Institute of Electrical and Electronics Engineers) 802.1x request that has null credentials. CSCsd03880 When the ciscoEnvMonMib is polled, it no longer returns envmom characteristics for the Cisco Intelligent Gigabit Ethernet Switching Module (CIGESM). The module has no envmon characteristics. In previous releases, the MIB displayed envmom information for the CIGESM. CSCsd23228 The output of the show platform summary privileged EXEC command now appears in the output of the show tech privileged EXEC command. CSCsd24154 When forwarding an IGMP (Internet Group Management Protocol) query, the default CoS (Class of Service) value from the incoming packets no longer changes automatically. CSCsd51738 When the switch is reset to the factory default settings, the CIGESM now responds to ping or Telnet requests from external devices. CSCsd6866 When the management module resets the CIGESM to the factory default settings and the preserve IP (Internet Protocol) address for the module is disabled, the CIGESM can now use the default IP address. CSCsb79318 If the re-authentication timer and re-authentication action is downloaded from the RADIUS (Remote authentication dial-in user service) server using the session-Timeout and Termination-Action RADIUS attributes, the switch no longer performs the termination action when the port is not configured with the dot1x timeout reauthenticate server interface configuration command. •CSCsb82422 The switch now forwards an IEEE 802.1x request that has null credentials. •CSCsb99249 A host attached to an authenticated 802.1X port might no longer loses network access after a 802.1X-enabled port mode or host mode is modified. In previous releases, this occurred when the 802.1X control direction was set to In when the configuration was changed. •CSCsc84627 A MAC (Medium Access Control) entry no longer changes from static to dynamic on a switch configured with private VLANs (Virtual Local Area Network). •CSCsc93698 Connectivity failures to the management interface no longer occur if the VLAN used is other than VLAN 1. •CSCsc96385 The switch now sends the NAS-Identifier (Network Attached Storage), attribute 32, to the RADIUS server when you configure the attribute in the running configuration by using these Cisco IOS (Internetwork Operating System) global configuration commands: radius-server attribute 32 include-in-access-req radius-server attribute 32 include-in-accounting-req •CSCsd19470 This error log message no longer randomly appears: %TCAMMGR-3-HANDLE_ERROR: cam handle [hex] is invalid •CSCsd39489 When port-security aging on the switch is set to inactive, CAM (Content-Addressable Memory ) entries no longer time out when there is continuous traffic. CSCsb63404 A switch is accessible by SSH (Secure Shell) or Telnet after it has been running for 4 to 5 days. 03 January 2006 Version 12.1(22)EA6a - cigesm-i6q4l2-tar.121-22.EA6a.tar This release resolves the firmware revision contents displayed by the management module. The management module incorrectly displays the version number of version 12.1(22)AY instead of the correct version of 12.1(22)EA6. This new level of firmware corrects this problem. This release resolves the following DDTS issues: CSCsc73761 Description of resolved issues: CSCsc73761 If the CIGEMS has more than one VLAN interface defined, then one of the physical interfaces could be placed into the shutdown state. This problem occurs when the switch is in VTP client or VTP server mode and when the management interface has been changed to a VLAN ID other than the default VLAN ID = 1. If a reboot is done the physical interface matching the managemenet VLAN ID is placed in the shutdown state. For example, it the management VLAN ID = 7, when a reboot is done, the internal physical port 7 goes into the shutdown state and traffic stops. 03 November 2005 Version 12.1(22)EA6 - cigesm-i6q4l2-tar.121-22.EA6.tar This version of the software includes the updates based on the normally scheduled maintenance release for the entire line of Cisco switch products. Enhancements to the BladeCenter Cisco Intelligent Gigabit Ethernet Switch Module are: 1. Default VLAN of 4095 for Serial over LAN (SOL) traffic 2. Multiple management VLANs 3. IEEE 802.1x with wake on LAN This release also resolves the following DDTS issues: CSCei76358 CSCeg15130 CSCeg53741 CSCeg52581 CSCeg57925 CSCeg05952 CSCeg09791 CSCeg12120 CSCeh28757 CSCeh58797 CSCeh77474 CSCei13927 CSCei77627 CSCei22387 CSCsb79318 Description of resolved issues: CSCei76358 Through normal software maintenance processes, Cisco is removing deprecated functionality from the OS boot routine. These changes have no impact on system operation or feature availability. CSCeg15130 If multiple switches are configured in a multicast television application with Multicast VLAN Registration (MVR) is enabled and MVR ports statically configured, IGMP leave messages are no longer sent to the router, and the multicast stream to the set-top boxes is not disrupted. CSCeg53741 If frame sizes larger than 1518 bytes are received and the system MTU is configured as 1530 bytes, the counters no longer display the packets as giants. CSCeg52581 If you start a session on a switch cluster member by using the rcommand user EXEC command, the allowable commands that you enter in the rcommand session now depend on the respective authorization status. CSCeg57925 The switch no longer stops if a port that is assigned to the management VLAN does not have a corresponding access VLAN. CSCeg58877 If a switch uses rapid per-VLAN spanning tree plus (rapid PVST+), a loop no longer occurs when you reconfigure the allowed VLANs on a trunk and remove VLAN 1 from the trunk. CSCeg05952 When the destination-MAC address for data packets is statically configured in a logical EtherChannel port group, the egress traffic on the EtherChannel group no longer uses the default port instead of following the configured load-balancing scheme. CSCeg09791 When you configure an interface for trust CoS and CoS-to-DSCP mapping, the DSCP values of the untagged IP packets received on the interface are now modified as expected. CSCeg12120 When packets matching the permitted UDP fields are attached on an ingress interface, Layer 4 ACLs no longer fail, and Ethernet packets matching the UDP fields are not dropped. CSCeh28757 CiscoView can now distinguish between the switch deployed in the BladeCenter and the BladeCenter T-type chassis. CSCeh58797 If you connect a router FE port to the external port of the switch and set the router FE port to fixed 100 M and half-duplex, the switch negotiates a link to auto-100 M and auto-half duplex. CSCeh77474 On the external Ethernet interfaces of the switch (Gi0/17 - Gi0/20), the LED no longer remains on when the switch has put the Ethernet interface in a shutdown state. CSCei13927 When the management VLAN for the switch is greater than 255, IP communication is nolonger lost. This only effects the IP communication to the switch, not the Ethernet data being switched from data port to data port. This will occur when the VLAN ID of the management VLAN is changed from some number less than 256 to a number greater than 255. CSCei77627 Server Blades no longer fail to detect an Ethernet link-down event from the switch. This was on the internal Ethernet interfaces (Gi0/1 to Gi0/14). When the switch brings down the Ethernet interface to the Server Blade, the Server Blade can adequately detect this, and keeps the link as Ethernet link-up. CSCei22387 CDP and VTP protocols no longer fail when trunk ports are not members of VLAN 1. CSCsb79318 if the re-authentication timer and re-authentication action is downloaded from the RADIUS server using the Session-Timeout and Termination-Action RADIUS attributes, the switch performs the termination action even when the port is not configured with the dot1x timeout reauth server global configuration command and uses the Termination-Action downloaded from a RADIUS server as part of IEEE 802.1x authorization. 3 April 2005 Version 12.1(22)AY1 - Build ID cigesm-i6q4l2-tar.121-22.AY1.tar This is the GA-version for the Cisco Intelligent Fiber Ethernet Switch Module. It is also an update to the CIGESM software. This version of the software includes the updates based on the normally scheduled maintenance release for the entire line of Cisco switch products. Enhancements to the BladeCenter Cisco Intelligent Gigabit Ethernet Switch Module are: 1. Jumbo frame support for Ethernet frames up to 9162 bytes 2. Ability to force link on the from the Cisco Switch Module to the internal blades as specified in the Retain tip H183647 3. Common image for both the CIGESM and the Cisco Intelligent Fiber Gigabit Ethernet Switch Module. The following Cisco DDTS problems were corrected by this release: CSCeh10012 Multicast flooding within VLAN when no receiver joins Two or more physical port can be combined together to form one EtherChannel. The EtherChannel is treated as one logical port with multiple physical ports to increase bandwidth and provide redundancy. For multicast traffic to the logical EtherChannel port, only one port should transmit the traffic. However, the same multicast traffic is flooded on all the ports, and the other side ends up with multiple copies of the same packet. CSCeh34702 Stop u-multicast packet going to the CPU when no mrouter configured IGMP snooping prevents unnecessary broadcast of multicast traffic if the switch detects (or statically told) the location of a multicast driver in the network. If a multicast router is present, any multicast data stream coming to the switch, switch learns the multicast mac address, and configures a hardware port table so that the packet goes to appropriate port connected to the mrouter. The packet floods for a short time taken for snooping program to learn and program the multicast mac address. Once learned the flooding should stop until this entry aged out. However, the multicase packet flooding never stopped. 3 January 2005 Version 12.1(14)AY4 - Build ID cigesm-i6q4l2-tar.121-14.AY4.tar No DDTS problems have been corrected in this release. This version adds the following features to the Cisco IOS software: 1. Link state tracking to mirror the state of the external ports on the internal BaldeCenter Ethernet links. This allows the Cisco switch to bring down internal link groups if all the external links in the group are inoperative. With the appropriate NIC driver software on the processor blade, the processor blade traffic fails-over to an operational external link on a separate Cisco Ethernet switch. 2. Source IP/Destination IP (SIP/DIP) address routing balances traffic loads across links in an EtherChannel connection based on either the source IP address, destination IP address, or both IP addresses. This mode of operation applies to all EtherChannels configured on the Cisco Ethernet switch. 3. Includes feature for re-establishment of configured default gateway by issuing an icmp ping packet when a chassis Management Module switchover is detected. 17 November 2004 Version 12.1(14)AY3 - Build ID cigesm-i6q4l2-tar.121-14.AY3.tar This version corrects the following Cisco software problems from those noted in the June version of the Cisco Release Notes Version AY1. No additional features are included with this release. The Release Notes will not be updated for this version of software. CSCef46191 CSCin67568 CSCdz32659 CSCed40563 CSCec25430 CSCef85910 CSCeg16833 Problem descriptions CSCef46191 A specifically crafted Transmission Control Protocol (TCP) connection to a telnet or reverse telnet port of a Cisco device running Internetwork Operating System (IOS) may block further telnet, reverse telnet, Remote Shell (RSH), Secure Shell (SSH), and in some cases Hypertext Transport Protocol (HTTP) access to the Cisco device. Telnet, reverse telnet, RSH and SSH sessions established prior to exploitation are not affected. All other device services will operate normally. Services such as packet forwarding, routing protocols and all other communication to and through the device are not affected. CSCin67568 Symptoms: A Cisco device experiences a memory leak in the CDP process. Conditions: The device sending CDP packets sends a hostname that is 256 or more characters. There are no problems with a hostname of 255 or fewer characters. CSCdz32659 Symptoms: Many memory allocation failure (MALLOCFAIL) messages may occur for a Cisco Discovery Protocol (CDP) process: %SYS-2-MALLOCFAIL: Memory allocation of -1732547824 bytes failed from x605111F0, pool Processor, alignment 0 -Process= "CDP Protocol", ipl= 0, pid= 42 -Traceback= 602D5DF4 602D78A0 605111F8 60511078 6050EC88 6050E684 602D0E2C 602D0E18 CSCed40563 Symptoms: Depending upon configuration, issuing The show cdp entry * protocol command may cause a reload of the device. Conditions: This symptom occurs on Cisco products that are speaking CDP with configurable interface MTU. CSCec25430 Symptoms: A Cisco device reloads on receipt of a corrupt CDP packet. One possible scenario is: Reloading a faulty Cisco IP conference station 7935 or 7936 may cause a connected Cisco switch or router to reload. A CDP message may appear on the terminal, such as the following one: %CDP-4-DUPLEX_MISMATCH duplex mismatch discovered on FastEthernet5/1 (not half duplex), with SEP00e0752447b2 port 1 (half duplex). CSCef85910 Symptoms: Originally all external ports default to VLAN 1 in access mode unless they are connected to an external Cisco switch which implements the Cisco proprietary trunking protocol. The configuration allowed the user the ease of managing and configuring the CIGESM "on-site" with an external laptop. However, if the ports are connected to an external Cisco switch, the ports are reconfigured to VLAN 2 in trunk mode. This mode of operation did not allow for the Cisco switch to be "plug-and-play" because the processor blades are on VLAN 1. In other words an external client could not establish a connection with a BladeCenter processor blade because of the VLAN mismatch. With this new software load, all ports default to VLAN 2. Any external client can be "plug-and-play" with the BladeCenter processor blades. On-site configuration can now be done over the serial interface. CSCeg16833 Symptoms: After 49.7 days, the internal BladeCenter processor blades will drop link any time a processor blade is restarted for any reason. A 32-bit counter took 49.7 days to reach its maximum value. After this time, the software compare did not work properly. This problem manifested itself whenever any processor blade was restarted for any reason. No DDTS number assigned Duplicate UUID On some switches a UUID assigned to one CIGESM was inadvertently assigned to another CIGESM during the manufacturing process. This software performs a check on the UUID to ensure that it is unique. 16 July 2004 Version 12.1(14)AY1 - Build ID cigesm-i6q4l2-tar.121-14.ay1.tar This version corrects four Cisco software problems as noted in the June version of the Cisco Release Notes. CSCee42900 CSCee53625 CSCee22478 CSCee34374 CSCee42900 When the external ports of the switch are forced into a non-autonegotiation mode, this can sometimes cause data flow to cease. It is a problem with the receive path on the CIGESM. The external port of the switch will not receive packets. The workaround is to put the port into auto-negotiation mode. CSCee53625 Configuring RSPAN on the IGESM can cause it to create a data storm for both unicast and multicast traffic similar in behavior to a broadcast storm. When this occurs, the Ethernet traffic of the port being analyzed is duplicated by the configured reflector port and simultaneously transmitted on the RSPAN VLAN causing a continuous loop. This traffic floods the VLAN of both the RSPAN port, and the port being analyzed. All other VLANs are unaffected. This condition does not occur every time RSPAN is configured. It occurs whenever the reflector port is changed while an RSPAN session is already active. The workaround is to disable the RSPAN session as soon as possible after this error occurs. If the IGESM cannot be contacted, disable the ports on the upstream switch connection to the IGESM. Another alternative is to use a local SPAN to analyze the port. CSCee24478 If the user has already configured the administrative mode to dynamic and is trying to trunk desirable, he won't be able to make that change. Also if the user has configured the mode to be trunk desirable then he won't be able to change it to dynamic. However if the user has configured the mode to be static acces, then there is no issue in changing the mode. The workaround is to change the administrative mode to static access first. Apply the configuration and then change again to other desired mode. Note that changing the vlan configuration may result in loss of connectivity to the switch. If you are changing the configuration on a link through which you are connected to the ESM, then make sure you have alternate connection to the switch, otherwisee you may lose the connectivity. CSCee34374 The unique product identifier MIBs for the IGESM are not correct in the original software release - Version 12.1(14)AY. The following MIBs are in error: CISCO-PRODUCT-MIB.my (should be 592) CISCO-ENTITY-VENDORTYP-OID-MIB.my (should be 446) OLD-CISCO-CHASSIS-MIB.my (should be 422) There is no workaround. Go to the IBM web site for the latest level of software which corrects these MIBs. 14 June 2004 Version 12.1(14)AY - Build ID cigesm-i6q4l2-tar.121-14.ay.tar This is the GA-level of the Cisco Switch Module firmware