Home | Skip to Content | Skip to Search | Skip to Navigation | Skip to Footer |
Worldwide [change] |Register |About Cisco
Guest

Hierarchical Navigation

Cisco Catalyst 3750 Series Switches

Release Notes for the Catalyst 3750, 3560, 2970, and 2960 Switches, Cisco IOS Release 12.2(40)SE

Downloads

Table Of Contents

Release Notes for the Catalyst 3750, 3560, 2970, and 2960 Switches, Cisco IOS Release 12.2(40)SE

Contents

System Requirements

Hardware Supported

Device Manager System Requirements

Hardware Requirements

Software Requirements

Cluster Compatibility

CNA Compatibility

Upgrading the Switch Software

Finding the Software Version and Feature Set

Deciding Which Files to Use

Catalyst 3750G Integrated Wireless LAN Controller Switch Software Compatibility

Archiving Software Images

Upgrading a Switch by Using the Device Manager or Network Assistant

Upgrading a Switch by Using the CLI

Recovering from a Software Failure

Installation Notes

New Features

New Hardware Features

New Software Features

Catalyst 3750, 3560, and 2960 switches

Catalyst 3750 and 3560 Switches

Catalyst 2960 switches only

Minimum Cisco IOS Release for Major Features

Limitations and Restrictions

Cisco IOS Limitations

Configuration

Ethernet

Fallback Bridging

HSRP

IP

IP Telephony

MAC Addressing

Management

Multicasting

Power

QoS

Routing

SPAN and RSPAN

Stacking (Catalyst 3750 or Cisco EtherSwitch service module switch stack only)

Trunking

VLAN

Device Manager Limitations

Important Notes

Switch Stack Notes

Cisco IOS Notes

Device Manager Notes

Open Caveats

Resolved Caveats

Documentation Updates

Updates to the Catalyst 3750 and 3560 Switch Software Configuration Guides

EIGRP Routing Note

Configuring Source-Specific Multicast

Configuring Embedded Event Manager (New Chapter)

Configuring Embedded Event Manager

Displaying Embedded Event Manager Information

Unsupported Embedded Event Manager Commands

Updates to the Catalyst 2960 Switch Software Configuration Guide

Updates to the Catalyst 3750 Switch Command Reference Guide

Updates to the Catalyst 2960 Switch Command Reference Guide

Updates to the System Message Guides

New System Messages

Changed System Messages

Updates to the Catalyst 3750, 3560, 2970, and 2960 Hardware Installation Guide

Updates to the Catalyst 3750 Getting Started Guide

Running Express Setup

Update to the Catalyst 3750 Switch Regulatory Compliance and Safety Information

Statement 370—Attaching the Cisco RPS to the RPS Receptacle

Related Documentation

Obtaining Documentation, Obtaining Support, and Security Guidelines


Release Notes for the Catalyst 3750, 3560, 2970, and 2960 Switches, Cisco IOS Release 12.2(40)SE

Revised December 24, 2008

Cisco IOS Release 12.2(40)SE runs on all Catalyst 3750, 3560, 2970, and 2960 switches and on Cisco EtherSwitch service modules.

The Catalyst 3750 switches and the Cisco EtherSwitch service modules support stacking through Cisco StackWise technology. The Catalyst 3560, 2970, and 2960 switches do not support switch stacking. Unless otherwise noted, the term switch refers to a standalone switch and to a switch stack.

These release notes include important information about Cisco IOS Release 12.2(40)SE and later and any limitations, restrictions, and caveats that apply to the releases. Verify that these release notes are correct for your switch:

If you are installing a new switch, see the Cisco IOS release label on the rear panel of your switch.

If your switch is on, use the show version privileged EXEC command. See the "Finding the Software Version and Feature Set" section.

If you are upgrading to a new release, see the software upgrade filename for the software version. See the "Deciding Which Files to Use" section.

For the complete list of Catalyst 3750, 3560, 2970, and 2960 switch documentation and of Cisco EtherSwitch service module documentation, see the "Related Documentation" section.

You can download the switch software from this site (registered Cisco.com users with a login password):

http://www.cisco.com/public/sw-center/sw-lan.shtml

This software release is part of a special release of Cisco IOS software that is not released on the same 8-week maintenance cycle that is used for other platforms. As maintenance releases and future software releases become available, they will be posted to Cisco.com in the Cisco IOS software area.

Contents

This information is in the release notes:

"System Requirements" section

"Upgrading the Switch Software" section

"Installation Notes" section

"New Features" section

"Minimum Cisco IOS Release for Major Features" section

"Limitations and Restrictions" section

"Important Notes" section

"Open Caveats" section

"Resolved Caveats" section

"Documentation Updates" section

"Obtaining Documentation, Obtaining Support, and Security Guidelines" section

System Requirements

The system requirements are described in these sections:

"Hardware Supported" section

"Device Manager System Requirements" section

"Cluster Compatibility" section

"CNA Compatibility" section

Hardware Supported

Table 1 lists the hardware supported on this release.

Table 1 Catalyst 3750, 3560, 2970, and 2960 Switches and Cisco EtherSwitch Service Modules Supported Hardware 

Switch
Description
Supported by Minimum Cisco IOS Release

Catalyst 3750G-24WS-S25

24 10/100/1000 PoE1 ports, 2 SFP2 module slots, and an integrated wireless LAN controller supporting up to 25 access points.

Cisco IOS Release 12.2(25)FZ or Cisco IOS Release 12.2(35)SE

Catalyst 3750G-24WS-S50

24 10/100/1000 PoE ports, 2 SFP module slots, and an integrated wireless LAN controller supporting up to 50 access points

Cisco IOS Release 12.2(25)FZ or Cisco IOS Release 12.2(35)SE

Catalyst 3750-24FS

24 100BASE-FX ports and 2 SFP module slots

Cisco IOS Release 12.2(25)SEB

Catalyst 3750-24PS

24 10/100 PoE ports and 2 SFP module slots

Cisco IOS Release 12.2(18)SE

Catalyst 3750-24TS

24 10/100 Ethernet ports and 2 SFP module slots

Cisco IOS Release 12.2(18)SE

Catalyst 3750-48PS

48 10/100 PoE ports and 4 SFP module slots

Cisco IOS Release 12.2(18)SE

Catalyst 3750-48TS

48 10/100 Ethernet ports and 4 SFP module slots

Cisco IOS Release 12.2(18)SE

Catalyst 3750G-12S

12 SFP module slots

Cisco IOS Release 12.2(18)SE

Catalyst 3750G-16TD

16 10/100/1000 Ethernet ports and 1 XENPAK 10-Gigabit Ethernet module slot

Cisco IOS Release 12.2(18)SE

Catalyst 3750G-24PS

24 10/100/1000 PoE ports and 4 SFP module slots

Cisco IOS Release 12.2(20)SE3

Catalyst 3750G-24T

24 10/100/1000 Ethernet ports

Cisco IOS Release 12.2(18)SE

Catalyst 3750G-24TS

24 10/100/1000 Ethernet ports and 4 SFP module slots

Cisco IOS Release 12.2(18)SE

Catalyst 3750G-24TS-1U

24 10/100/1000 Ethernet ports and 4 SFP module slots

Cisco IOS Release 12.2(20)SE3

Catalyst 3750G-48PS

48 10/100/1000 PoE ports and 4 SFP module slots

Cisco IOS Release 12.2(20)SE3

Catalyst 3750G-48TS

48 10/100/1000 Ethernet ports and 4 SFP module slots

Cisco IOS Release 12.2(20)SE3

Catalyst 3560-8PC

8 10/100 PoE ports and 1 dual-purpose port3 (one 10/100/1000BASE-T copper port and one SFP module slot)

Cisco IOS Release 12.2(35)SE

Catalyst 3560-24PS

24 10/100 PoE ports and 2 SFP module slots

Cisco IOS Release 12.2(18)SE

Catalyst 3560-24TS

24 10/100 ports and 2 SFP module slots

Cisco IOS Release 12.2(20)SE3

Catalyst 3560-48PS

48 10/100 PoE ports and 4 SFP module slots

Cisco IOS Release 12.2(18)SE

Catalyst 3560-48TS

48 10/100 ports and 4 SFP module slots

Cisco IOS Release 12.2(20)SE3

Catalyst 3560G-24PS

24 10/100 PoE ports and 4 SFP module slots

Cisco IOS Release 12.2(20)SE3

Catalyst 3560G-24TS

24 10/100/1000 Ethernet ports and 4 SFP module slots

Cisco IOS Release 12.2(20)SE3

Catalyst 3560G-48PS

48 10/100/1000 PoE ports and 4 SFP module slots

Cisco IOS Release 12.2(20)SE3

Catalyst 3560G-48TS

48 10/100/1000 Ethernet ports and 4 SFP module slots

Cisco IOS Release 12.2(20)SE3

Catalyst 2970G-24T

24 10/100/1000 Ethernet ports

Cisco IOS Release 12.2(18)SE

Catalyst 2970G-24TS

24 10/100/1000 Ethernet ports and 4 SFP module slots

Cisco IOS Release 12.2(18)SE

Catalyst 2960-8TC

8 10/100 Ethernet ports and 1 dual-purpose port (one 10/100/1000BASE-T copper port and one SFP module slot)

Cisco IOS Release 12.2(35)SE

Catalyst 2960G-8TC

7 10/100/1000 Ethernet ports and 1 dual-purpose port (one 10/100/1000BASE-T copper port and one SFP module slot)

Cisco IOS Release 12.2(35)SE

Catalyst 2960-24TC

24 10/100BASE-T Ethernet ports and 2 dual-purpose ports (two 10/100/1000BASE-T copper ports and two SFP module slots)

Cisco IOS Release 12.2(25)FX

Catalyst 2960-48TC

48 10/100BASE-T Ethernet ports and 2 dual-purpose ports (two 10/100/1000BASE-T copper ports and two SFP module slots)

Cisco IOS Release 12.2(25)FX

Catalyst 2960-24TT

24 10/100BASE-T Ethernet ports and 2 10/100/1000BASE-T Ethernet ports

Cisco IOS Release 12.2(25)FX

Catalyst 2960-48TT

48 10/100BASE-T Ethernet ports 2 10/100/1000BASE-T Ethernet ports

Cisco IOS Release 12.2(25)FX

Catalyst 2960G-24TC

24 10/100/1000BASE-T Ethernet ports, including 4 dual-purpose ports (four 10/100/1000BASE-T copper ports and four SFP module slots)

Cisco IOS Release 12.2(25)FX

Catalyst 2960G-48TC

48 10/100/1000BASE-T Ethernet ports, including 4 dual-purpose ports (four 10/100/1000BASE-T copper ports and four SFP module slots)

Cisco IOS Release 12.2(25)SEE

NME-16ES-1G4

16 10/100 ports, 1 10/100/1000 Ethernet port, no StackWise connector ports, single-wide

Cisco IOS Release 12.2(25)SEC

NME-16ES-1G-P4

16 10/100 PoE ports, 1 10/100/1000 Ethernet port, no StackWise connector ports, single-wide

Cisco IOS Release 12.2(25)EZ

NME-X-23ES-1G4

23 10/100 ports, 1 10/100/1000 PoE port, no StackWise connector ports, extended single-wide

Cisco IOS Release 12.2(25)SEC

NME-X-23ES-1G-P4

23 10/100 PoE ports, 1 10/100/1000 PoE port, no StackWise connector ports, extended single-wide

Cisco IOS Release 12.2(25)EZ

NME-XD-24ES-1S-P4

24 10/100 PoE ports, 1 SFP module port, 2 StackWise connector ports, extended double-wide

Cisco IOS Release 12.2(25)EZ

NME-XD-48ES-2S-P4

48 10/100 PoE ports, 2 SFP module ports, no StackWise connector ports, extended double-wide

Cisco IOS Release 12.2(25)EZ

SFP modules (Catalyst 3750, 3560, and 2970)

1000BASE-CWDM5 , -LX, SX, -T, -ZX

100BASE-FX MMF6

Cisco IOS Release 12.2(18)SE

Cisco IOS Release 12.2(20)SE

SFP modules (Catalyst 2960)

1000BASE-BX, -CWDM, -LX/LH, -SX, -ZX

100BASE-BX, FX, -LX

Cisco IOS Release 12.2(25)FX

XENPAK modules7

XENPAK-10-GB-ER, XENPAK-10-GB-LR, and XENPAK-10-GB-SR

Cisco IOS Release 12.2(18)SE

Redundant power systems

Cisco RPS 675 Redundant Power System

Cisco RPS 300 Redundant Power System (supported only on the Catalyst 2960 switch)

Cisco Redundant Power System 2300

Supported on all software releases

Supported on all software releases


Cisco IOS Release 12.2(35)SE and later (not supported on Catalyst 2970 switches)

1 PoE = Power over Ethernet

2 SFP = small form-factor pluggable

3 Each uplink port is considered a single interface with dual front ends (RJ-45 connector and SFP module slot). The dual front ends are not redundant interfaces, and only one port of the pair is active.

4 Cisco EtherSwitch service module

5 CWDM = coarse wavelength-division multiplexer

6 MMF = multimode fiber

7 XENPAK modules are only supported on the Catalyst 3750G-16TD switches.


Device Manager System Requirements

These sections describes the hardware and software requirements for using the device manager:

"Hardware Requirements" section

"Software Requirements" section

Hardware Requirements

Table 2 lists the minimum hardware requirements for running the device manager.

Table 2 Minimum Hardware Requirements 

Processor Speed
DRAM
Number of Colors
Resolution
Font Size

Intel Pentium II1

64 MB2

256

1024 x 768

Small

1 We recommend Intel Pentium 4.

2 We recommend 256-MB DRAM.


Software Requirements

Table 3 lists the supported operating systems and browsers for using the device manager. The device manager verifies the browser version when starting a session to ensure that the browser is supported.

Note The device manager does not require a plug-in.

Table 3 Supported Operating Systems and Browsers 

Operating System
Minimum Service Pack or Patch
Microsoft Internet Explorer1
Netscape Navigator

Windows 2000

None

5.5 or 6.0

7.1

Windows XP

None

5.5 or 6.0

7.1

1 Service Pack 1 or higher is required for Internet Explorer 5.5.


Cluster Compatibility

You cannot create and manage switch clusters through the device manager. To create and manage switch clusters, use the command-line interface (CLI) or the Network Assistant application.

When creating a switch cluster or adding a switch to a cluster, follow these guidelines:

When you create a switch cluster, we recommend configuring the highest-end switch in your cluster as the command switch.

If you are managing the cluster through Network Assistant, the switch with the latest software should be the command switch.

The standby command switch must be the same type as the command switch. For example, if the command switch is a Catalyst 3750 switch, all standby command switches must be Catalyst 3750 switches.

For additional information about clustering, see Getting Started with Cisco Network Assistant and Release Notes for Cisco Network Assistant (not orderable but available on Cisco.com), the software configuration guide, the command reference, and the Cisco EtherSwitch service module feature guide.

CNA Compatibility

Cisco IOS 12.2(40)SE is only compatible with Cisco Network Assistant (CNA) 5.0 and later. You can download Cisco Network Assistant from this URL:

http://www.cisco.com/pcgi-bin/tablebuild.pl/NetworkAssistant

For more information about Cisco Network Assistant, see the Release Notes for Cisco Network Assistant on Cisco.com.

Upgrading the Switch Software

These are the procedures for downloading software. Before downloading software, read this section for important information:

"Finding the Software Version and Feature Set" section

"Deciding Which Files to Use" section

"Catalyst 3750G Integrated Wireless LAN Controller Switch Software Compatibility" section

"Archiving Software Images" section

"Upgrading a Switch by Using the Device Manager or Network Assistant" section

"Upgrading a Switch by Using the CLI" section

"Recovering from a Software Failure" section

Finding the Software Version and Feature Set

The Cisco IOS image is stored as a bin file in a directory that is named with the Cisco IOS release. A subdirectory contains the files needed for web management. The image is stored on the system board flash device (flash:).

You can use the show version privileged EXEC command to see the software version that is running on your switch. The second line of the display shows the version.

Note For Catalyst 3750 and 3560 switches and the Cisco EtherSwitch service modules, although the show version output always shows the software image running on the switch, the model name shown at the end of this display is the factory configuration (IP base image [formerly known as the SMI] or IP services image [formerly known as the EMI]) and does not change if you upgrade the software image.

You can also use the dir filesystem: privileged EXEC command to see the directory names of other software images that you might have stored in flash memory.

Deciding Which Files to Use

The upgrade procedures in these release notes describe how to perform the upgrade by using a combined tar file. This file contains the Cisco IOS image file and the files needed for the embedded device manager. You must use the combined tar file to upgrade the switch through the device manager. To upgrade the switch through the command-line interface (CLI), use the tar file and the archive download-sw privileged EXEC command.

For the Catalyst 3750 and 3560 switches, Cisco IOS Release 12.2(25)SEA and earlier referred to the image that provides Layer 2+ features and basic Layer 3 routing as the standard multilayer image (SMI). The image that provides full Layer 3 routing and advanced services was referred to as the enhanced multilayer image (EMI).

Cisco IOS Release 12.2(25)SEB and later refers to the SMI as the IP base image and the EMI as the IP services image.

Cisco IOS Release 12.2(25)SEB and later refers to the Catalyst 2970 image as the LAN base image.

Table 4 lists the different file-naming conventions before and after Cisco IOS Release 12.2(25)SEB.

Table 4 Cisco IOS Image File Naming Convention  

Cisco IOS 12.2(25)SEA and earlier
Cisco IOS 12.2(25)SEB and later

c3750-i9-mz (SMI1 )

c3750-ipbase-mz

c3750-i9k91-mz (SMI)

c3750-ipbasek9-mz

c3750-i5-mz (EMI2 )

c3750-ipservices-mz

c3750-i5k91-mz (EMI)

c3750-ipservicesk9-mz

c3560-i9-mz (SMI)

c3560-ipbase-mz

c3560-i9k91-mz (SMI)

c3560-ipbasek9-mz

c3560-i5-mz (EMI)

c3560-ipservices-mz

c3560-i5k91-mz (EMI)

c3560-ipservicesk9-mz

c2970-i6l2-mz

c2970-lanbase-mz

c2970-i6k91l2-mz

c2970-lanbasek9-mz

1 SMI = standard multilayer image

2 EMI = enhanced multilayer image


Table 5 lists the filenames for this software release.

Note For IPv6 capability on the Catalyst 3750 or 3560 switch or on the Cisco EtherSwitch service modules, you must order the advanced IP services image upgrade from Cisco.

Table 5 Cisco IOS Software Image Files 

Filename

Description

c3750-ipbase-tar.122-40.SE.tar

Catalyst 3750 IP base image and device manager files.
This image has Layer 2+ and basic Layer 3 routing features.
This image also runs on the Cisco EtherSwitch service modules.

c3750-ipservices-tar.122-40.SE.tar

Catalyst 3750 IP services image and device manager files.
This image has both Layer 2+ and full Layer 3 routing features.
This image also runs on the Cisco EtherSwitch service modules.

c3750-ipbasek9-tar.122-40.SE.tar

Catalyst 3750 IP base cryptographic image and device manager files.
This image has the Kerberos, SSH1 , Layer 2+, and basic Layer 3 routing features.
This image also runs on the Cisco EtherSwitch service modules.

c3750-ipservicesk9-tar.122-40.SE.tar

Catalyst 3750 IP services cryptographic image and device manager files.
This image has the Kerberos, SSH, Layer 2+, and full Layer 3 features.
This image also runs on the Cisco EtherSwitch service modules.

c3750-advipservicesk9-tar.122-40.SE.tar

Catalyst 3750 advanced IP services image, cryptographic file, and device manager files.
This image has all the IP services image (formerly known as the EMI) features and the capability for unicast routing of IPv6 packets.
This image also runs on the Cisco EtherSwitch service modules.

c3560-ipbase-tar.122-40.SE.tar

Catalyst 3560 IP base image file and device manager files.
This image has Layer 2+ and basic Layer 3 routing features.

c3560-ipservices-tar.122-40.SE.tar

Catalyst 3560 IP services image and device manager files.
This image has both Layer 2+ and full Layer 3 routing features.

c3560-ipbasek9-tar.122-40.SE.tar

Catalyst 3560 IP base cryptographic image and device manager files.
This image has the Kerberos, SSH, and Layer 2+, and basic Layer 3 routing features.

c3560-ipservicesk9-tar.122-40.SE.tar

Catalyst 3560 IP services cryptographic image and device manager files. This image has the Kerberos, SSH, Layer 2+, and full Layer 3 features.

c3560-advipservicesk9-tar.122-40.SE.tar

Catalyst 3560 advanced IP services image, cryptographic file, and device manager files.
This image has all the IP services image (formerly known as the EMI) features and the capability for unicast routing of IPv6 packets.

c2970-lanbase.122-40.SE.tar

Catalyst 2970 image file and device manager files.
This image has Layer 2+ features.

c2970-lanbasek9-tar.122-40.SE.tar

Catalyst 2970 cryptographic image file and device manager files.
This image has the Kerberos and SSH features.

c2960-lanbase-tar.122-40.SE.tar

Catalyst 2960 image file and device manager files.
This image has Layer 2+ features.

c2960-lanbasek9-tar.122-40.SE.tar

Catalyst 2960 cryptographic image file and device manager files. This image has the Kerberos and SSH features.

1 SSH = Secure Shell


Catalyst 3750G Integrated Wireless LAN Controller Switch Software Compatibility

The Catalyst 3750 Integrated Wireless LAN Controller Switch is an integrated Catalyst 3750 switch and Cisco 4400 series wireless LAN controller that supports up to 25 or 50 lightweight access points. The switch and the internal controller run separate software versions, which must be upgraded separately. If the image versions are not compatible, the wireless LAN controller switch could stop functioning. Table 6 is the compatibility matrix for Catalyst 3750 and wireless controller.

Table 6 Catalyst 3750G Wireless LAN Controller Switch Software Compatibility

Switch Software Release
Compatible Controller Software Release

Cisco IOS Release 12.2(25)FZ

Cisco Software Release 4.0.x.0

Cisco IOS Release 12.2(35)SE

Cisco Software Release 4.0.x.0

Cisco IOS Release 12.2(37)SE

Cisco Software Release 4.1.x.0


For information about this controller software release, see the Release Notes for Cisco Wireless LAN Controllers and Lightweight Access Point, Release 4.0.x.0. For controller software upgrade procedure, see the Cisco Wireless LAN Controller Configuration Guide Release 4.0.

Archiving Software Images

Before upgrading your switch software, make sure that you have archived copies of the current Cisco IOS release and the Cisco IOS release to which you are upgrading. You should keep these archived images until you have upgraded all devices in the network to the new Cisco IOS image and until you have verified that the new Cisco IOS image works properly in your network.

Cisco routinely removes old Cisco IOS versions from Cisco.com. See Product Bulletin 2863 for more information:

http://www.cisco.com/en/US/products/sw/iosswrel/ps5187/prod_bulletin0900aecd80281c0e.html

You can copy the bin software image file on the flash memory to the appropriate TFTP directory on a host by using the copy flash: tftp: privileged EXEC command.

Note Although you can copy any file on the flash memory to the TFTP server, it is time consuming to copy all of the HTML files in the tar file. We recommend that you download the tar file from Cisco.com and archive it on an internal host in your network.

You can also configure the switch as a TFTP server to copy files from one switch to another without using an external TFTP server by using the tftp-server global configuration command. For more information about the tftp-server command, see the "Basic File Transfer Services Commands" section of the Cisco IOS Configuration Fundamentals Command Reference, Release 12.2 at this URL:

http://www.cisco.com/en/US/products/sw/iosswrel/ps1835/products_command_reference_chapter09186a00800ca744.html

Upgrading a Switch by Using the Device Manager or Network Assistant

You can upgrade switch software by using the device manager or Network Assistant. For detailed instructions, click Help.

Note When using the device manager to upgrade your switch, do not use or close your browser session after the upgrade process begins. Wait until after the upgrade process completes.

Upgrading a Switch by Using the CLI

This procedure is for copying the combined tar file to the switch. You copy the file to the switch from a TFTP server and extract the files. You can download an image file and replace or keep the current image.

To download software, follow these steps:

Step 1 Use Table 5 to identify the file that you want to download.

Step 2 Download the software image file. If you have a SmartNet support contract, go to this URL, and log in to download the appropriate files:

http://www.cisco.com/public/sw-center/sw-lan.shtml

To download the image for a Catalyst 2960 switch, click Catalyst 2960 software. To obtain authorization and to download the cryptographic software files, click Catalyst 2960 3DES Cryptographic Software.

To download the image for a Catalyst 2970 switch, click Catalyst 2970 software. To obtain authorization and to download the cryptographic software files, click Catalyst 2970 3DES Cryptographic Software.

To download the IP services image (formerly known as the EMI) or IP base image (formerly known as the SMI) files for a Catalyst 3560 switch, click Catalyst 3560 software. To obtain authorization and to download the cryptographic software files, click Catalyst 3560 3DES Cryptographic Software.

To download the IP services image (formerly known as the EMI) or IP base image (formerly known as the SMI) files for a Catalyst 3750 switch, click Catalyst 3750 software. To obtain authorization and to download the cryptographic software files, click Catalyst 3750 3DES Cryptographic Software.

Caution If you are upgrading a Catalyst 3750 or a Catalyst 2970 switch that is running a release earlier than Cisco IOS Release 12.1(19)EA1c, this release includes a bootloader upgrade. The bootloader can take up to 1 minute to upgrade the first time that the new software is loaded. Do not power cycle the switch during the bootloader upgrade.

Step 3 Copy the image to the appropriate TFTP directory on the workstation, and make sure that the TFTP server is properly configured.

For more information, see Appendix B in the software configuration guide for this release.

Step 4 Log into the switch through the console port or a Telnet session.

Step 5 (Optional) Ensure that you have IP connectivity to the TFTP server by entering this privileged EXEC command: 

Switch# ping tftp-server-address

For more information about assigning an IP address and default gateway to the switch, see the software configuration guide for this release.

Step 6 Download the image file from the TFTP server to the switch. If you are installing the same version of software that is currently on the switch, overwrite the current image by entering this privileged EXEC command: 

Switch# archive download-sw /overwrite /reload 
tftp:[[//location]/directory]/image-name.tar

The /overwrite option overwrites the software image in flash memory with the downloaded one.

The /reload option reloads the system after downloading the image unless the configuration has been changed and not saved.

For //location, specify the IP address of the TFTP server.

For /directory/image-name.tar, specify the directory (optional) and the image to download. Directory and image names are case sensitive.

This example shows how to download an image from a TFTP server at 198.30.20.19 and to overwrite the image on the switch: 

Switch# archive download-sw /overwrite 
tftp://198.30.20.19/c3750-ipservices-tar.122-37.SE.tar

You can also download the image file from the TFTP server to the switch and keep the current image by replacing the /overwrite option with the /leave-old-sw option.

Recovering from a Software Failure

For additional recovery procedures, see the "Troubleshooting" chapter in the software configuration guide for this release.

Installation Notes

You can assign IP information to your switch by using these methods:

The Express Setup program, as described in the switch getting started guide.

The CLI-based setup program, as described in the switch hardware installation guide.

The DHCP-based autoconfiguration, as described in the switch software configuration guide.

Manually assigning an IP address, as described in the switch software configuration guide.

Note If you are upgrading a Catalyst 3750 or a 2950 switch running Cisco IOS Release 12.1(11)AX, which uses the IEEE 802.1x feature, you must re-enable IEEE 802.1x after upgrading the software. For more information, see the "Cisco IOS Notes" section.

Note When upgrading or downgrading from Cisco IOS Release 12.2(18)SE, you might need to reconfigure the switch with the same password that you were using when running Cisco IOS Release 12.2(18)SE. This problem only occurs when changing from Cisco IOS Release 12.2(18)SE to any other release. (CSCed88768)

New Features

These sections describe the new supported hardware and the new and updated software features provided in this release:

"New Hardware Features" section

"New Software Features" section

New Hardware Features

There are no new hardware features for this release. For a list of all supported hardware, see the "Hardware Supported" section.

New Software Features

These sections describe the new software features for this release:

"Catalyst 3750, 3560, and 2960 switches" section

"Catalyst 3750 and 3560 Switches" section

"Catalyst 2960 switches only" section

Catalyst 3750, 3560, and 2960 switches

These are the new features for the Catalyst 3750, 3560, 2970, and 2960 switches:

Configuration replacement and rollback to replace the running configuration on a switch with any saved Cisco IOS configuration file

Support for the Link Layer Discovery Protocol Media Extensions (LLDP-MED) location TLV that provides location information from the switch to the endpoint device

Support for the Cisco MAC Notification MIB.

Catalyst 3750 and 3560 Switches

These are the new features for the Catalyst 3750 and 3560 switches.

Automatic quality of service (QoS) Voice over IP (VoIP) enhancement for port -based trust of DSCP and priority queuing for egress traffic

Dynamic voice virtual LAN (VLAN) for multidomain authentication (MDA) to allow a dynamic voice VLAN on an MDA-enabled port

Embedded event manager (EEM) for device and system management to monitor key system events and then act on them though a policy (IP services image only)

Internet Group Management Protocol (IGMP) Helper to allow the switch to forward a hosts request to join a multicast stream to a specific IP destination address

IP Service Level Agreements (IP SLAs) support to measure network performance by using active traffic monitoring

IP SLAs EOT to use the output from IP SLAs tracking operations triggered by an action such as latency, jitter, or packet loss for a standby router failover takeover

Multicast virtual routing and forwarding (VRF) Lite for configuring multiple private routing domains for network virtualization and virtual private multicast networks

Support for Enhanced Interior Gateway Routing Protocol (EIGRP) IPv6, an enhanced version of IGRP. It utilizes IPv6 transport, communicates with IPv6 peers, and advertises IPv6 routes

Support for the SSM PIM protocol to optimize multicast applications, such as video

Support for these IP services, making them VRF aware so that they can operate on multiple routing instances: HSRP, uRPF, ARP, SNMP, IP SLA, TFTP, FTP, syslog, traceroute, and ping

Catalyst 2960 switches only

IP Service Level Agreements (IP SLAs) responder support that allows the switch to be a target device for IP SLAs active traffic monitoring (Catalyst 2960 switches)

IPv6 host support for basic IPv6 management of the Catalyst 2960 switch (Catalyst 2960 switches)

Multicast Listener Discovery (MLD) snooping to enable distribution of IP version 6 (IPv6) multicast data to clients and routers in a switched network (Catalyst 2960 switches)

Minimum Cisco IOS Release for Major Features

Table 7 lists the minimum software release required to support the major features of the Catalyst 3750, 3560, 2970, and 2960 switches and the Cisco EtherSwitch service modules.

Table 7 Catalyst 3750, 3560, 2970, and 2960 Switches and Cisco EtherSwitch Service Module Features and the Minimum Cisco IOS Release Required 

Feature
Minimum Cisco IOS Release Required
Catalyst Switch Support

Configuration replacement and rollback

12.2(40)SE

3750, 3560, 2960

Embedded event manager (EEM) for device and system management (IP services image only)

12.2(40)SE

3750, 3560

Link Layer Discovery Protocol Media Extensions (LLDP-MED)

12.2(40)SE

3750, 3560, 2960

Support for Enhanced Interior Gateway Routing Protocol (EIGRP) IPv6

12.2(40)SE

3750, 3560

Automatic quality of service (QoS) Voice over IP (VoIP)

12.2(40)SE

3750, 3560, 2960

Dynamic voice virtual LAN (VLAN) for multidomain authentication (MDA)-enabled ports

12.2(40)SE

3750, 3560

Internet Group Management Protocol (IGMP) helper

12.2(40)SE

3750, 3560

IP Service Level Agreements (IP SLAs)

12.2(40)SE

3750, 3560

IP SLAs EOT

12.2(40)SE

3750, 3560

Multicast virtual routing and forwarding (VRF) lite

12.2(40)SE

3750, 3560

SSM PIM protocol

12.2(40)SE

3750, 3560

VRF-aware support for these IP services: HSRP, uRPF, ARP, SNMP, IP SLA, TFTP, FTP, syslog, traceroute, and ping

12.2(40)SE

3750, 3560

MLD snooping

12.2(40)SE

2960

IPv6 host

12.2(40)SE

2960

IP phone detection enhancement

12.2(37)SE

3750, 3560, 2970, 2960

Link Layer Discovery Protocol (LLDP) and LLDP Media Endpoint Discovery (LLDP-MED)

12.2(37)SE

3750, 3560, 2970, 2960

PIM stub routing

12.2(37)SE

3750, 3560

Port security on a PVLAN host

12.2(37)SE

3750, 3560

VLAN aware port security option

12.2(37)SE

3750, 3560, 2970, 2960

Support for auto rendezvous point (auto-RP) for multicast

12.2(37)SE

3750. 3560

VLAN Flex Links load balancing

12.2(37)SE

3750, 3560, 2960

Web Cache Communication Protocol (WCCP)

12.2(37)SE

3750. 3560

Multidomain authentication (MDA)

12.2(35)SE

3750, 3560

Web authentication

12.2(35)SE

3750, 3560, 2960

MAC inactivity aging

12.2(35)SE

3750, 3560, 2960

Support for IPv6 with Express Setup

12.2(35)SE

3750, 3560

Generic online diagnostics to test the hardware functionality of the supervisor engine

12.2(35)SE

3560

Stack MAC persistent timer and archive download enhancements

12.2(35)SE

3750

HSRP enhanced object tracking

12.2(35)SE

3750, 3560

OSPF and EIGRP Nonstop forwarding capability (IP services image only)

12.2(35)SE

3750

IPv6 router ACLs for inbound Layer 3 management traffic in the IP base and IP services image

12.2(35)SE

3750, 3560

Generic online diagnostics to test the hardware functionality of the supervisor engine

12.2(25)SEE

3750

DHCP Option 82 configurable remote ID and circuit ID

12.2(25)SEE

3750, 3560, 2970, 2960

EIGRP stub routing in the IP base image

12.2(25)SEE

3750, 3560

/31 bit mask support for unicast traffic

12.2(25)SEE

3750, 3560

Access SDM templates

12.2(25)SED

3750, 3560

Cisco EtherSwitch service modules

IPv6 ACLs

12.2(25)SED

3750, 3560

Cisco EtherSwitch service modules

IPv6 Multicast Listener Discovery (MLD) snooping

12.2(25)SED

3750, 3560

Cisco EtherSwitch service modules

QoS hierarchical policy maps on a port

12.2(25)SED

3750, 3560, and 2970

Cisco EtherSwitch service modules

NAC Layer 2 IEEE 802.1x validation

12.2(25)SED

3750, 3560, 2970, and 2960

Cisco EtherSwitch service modules

NAC Layer 2 IP validation

12.2(25)SED

3750, 3560

Cisco EtherSwitch service modules

IEEE 802.1x inaccessible authentication bypass.

12.2(25)SED

12.2(25)SEE

3750, 3560

Cisco EtherSwitch service module

2960 and 2970

IEEE 802.1x with restricted VLAN

12.2(25)SED

3750, 3560, 2970, and 2960

Cisco EtherSwitch service modules

Budgeting power for devices connected to PoE ports

12.2(25)SEC

3750 and 3560

Cisco EtherSwitch service modules

Multiple spanning-tree (MST) based on the IEEE 802.1s standard

12.2(25)SEC

12.2(25)SED

3750, 3560, and 2970
Cisco EtherSwitch service modules

2960

Unique device identifier (UDI)

12.2(25)SEC

12.2(25)SED

3750, 3560, and 2970

Cisco EtherSwitch service modules

2960

VRF Lite

12.2(25)SEC

3750, 3560

Cisco EtherSwitch service modules

IEEE 802.1x with wake-on-LAN

12.2(25)SEC

12.2(25)SED

3750, 3560, 2970

2960, Cisco EtherSwitch service modules

Nonstop forwarding (NSF) awareness

12.2(25)SEC

3750 and 3560

Cisco EtherSwitch service modules

Configuration logging

12.2(25)SEC

12.2(25)SED

3750, 3560, 2970

2960, Cisco EtherSwitch service modules

Secure Copy Protocol

12.2(25)SEC

12.2(25)SED

3750, 3560, 2970

2960, Cisco EtherSwitch service modules

Cross-stack EtherChannel

12.2(25)SEC

3750

Cisco EtherSwitch service modules

Support for configuring private-VLAN ports on interfaces that are configured for dynamic ARP inspection (IP base image [formerly known as the SMI] only)

12.2(25)SEB

3750 and 3560

Support for IP source guard on private VLANs (IP base image [formerly known as the SMI] only)

12.2(25)SEB

3750 and 3560

Support for configuring an IEEE 802.1x restricted VLAN

12.2(25)SED

3750, 3560, 2970, and 2960

IGMP leave timer

12.2(25)SEB

12.2(25)SED

3750, 3560, and 2970

2960

IGMP snooping querier

12.2(25)SEA

12.2(25)FX

3750, 3560, 2970, and 2960

Advanced IP services

12.2(25)SEA

3750, 3560

Support for DSCP transparency

12.2(25)SE

12.2(25)FX

3750, 3560, 2970, and 2960

Support for VLAN-based QoS1 and hierarchical policy maps on SVIs2

12.2(25)SE

3750, 3560, 2970

Device manager

12.2(25)SE

12.2(25)FX

3750, 3560, 2970, and 2960

IEEE 802.1Q tunneling and Layer 2 protocol tunneling

12.2(25)SE

3750, 3560

Layer 2 point-to-point tunneling and Layer 2 point-to-point tunneling bypass

12.2(25)SE

3750, 3560

Support for SSL version 3.0 for secure HTTP communication (cryptographic images only)

12.2(25)SE

12.2(25)FX

3750, 3560, 2970, and 2960

Support for configuring private-VLAN ports on interfaces that are configured for dynamic ARP inspection (IP services image [formerly known as the EMI] only)

12.2(25)SE

3750 and 3560

Support for IP source guard on private VLANs (IP services image [formerly known as the EMI] only)

12.2(25)SE

3750 and 3560

Cisco intelligent power management to limit the power allowed on a port, or pre-allocate (reserve) power for a port.

12.2(25)SE

3750 and 3560

IEEE 802.1x accounting and MIBs (IEEE 8021-PAE-MIB and CISCO-PAE-MIB)

12.2(20)SE

12.2(25)FX

3750, 3560, 2970, and 2960

Dynamic ARP inspection

12.2(20)SE

3750 and 3560

Flex Links

12.2(20)SE

12.2(25)FX

3750, 3560, 2970, and 2960

Software upgrade (device manager or Network Assistant only)

12.2(20)SE

12.2(25)FX

3750, 3560, 2970, and 2960

IP source guard

12.2(20)SE

3750, 3560

Private VLAN (IP services image [formerly known as the EMI] only)

12.2(20)SE

3750, 3560

SFP module diagnostic management interface

12.2(20)SE

12.2(25)FX

3750, 3560, 2970, and 2960

Switch stack offline configuration

12.2(20)SE

3750

Stack-ring activity statistics

12.2(20)SE

3750

Smartports macros

12.2(18)SE

12.2(25)FX

3750, 3560, 2970, and 2960

Generic online diagnostics (GOLD)

12.2(25)SEE

3750

Flex Links Preemptive Switchover

12.2(25)SEE

3750, 3560, 2970, and 2960

1 QoS = quality of service

2 SVIs = switched virtual interfaces


Limitations and Restrictions

You should review this section before you begin working with the switch. These are known limitations that will not be fixed, and there is not always a workaround. Some features might not work as documented, and some features could be affected by recent changes to the switch hardware or software.

This section contains these limitations:

"Cisco IOS Limitations" section

"Device Manager Limitations" section

Cisco IOS Limitations

Unless otherwise noted, these limitations apply to the Catalyst 3750, 3560, 2970, and 2960 switches and the Cisco EtherSwitch service modules:

"Configuration" section

"Ethernet" section

"Fallback Bridging" section

"HSRP" section

"IP" section

"IP Telephony" section

"MAC Addressing" section

"MAC Addressing" section

"Multicasting" section

"Power" section

"QoS" section

"Routing" section

"SPAN and RSPAN" section

"Stacking (Catalyst 3750 or Cisco EtherSwitch service module switch stack only)" section

"Trunking" section

"VLAN" section

Configuration

These are the configuration limitations:

A static IP address might be removed when the previously acquired DHCP IP address lease expires.

This problem occurs under these conditions:

When the switch is booted up without a configuration (no config.text file in flash memory).

When the switch is connected to a DHCP server that is configured to give an address to it (the dynamic IP address is assigned to VLAN 1).

When an IP address is configured on VLAN 1 before the dynamic address lease assigned to VLAN 1 expires.

The workaround is to reconfigure the static IP address. (CSCea71176 and CSCdz11708)

(Catalyst 3750 or 3560 switches and Cisco EtherSwitch service modules) When the show interface privileged EXEC is entered on a port that is running IEEE 802.1Q, inconsistent statistics from ports running IEEE 802.1Q might be reported. The workaround is to upgrade to Cisco IOS Release 12.1(20)EA1. (CSCec35100)

(Catalyst 3750 or 3560 switches and Cisco EtherSwitch service modules) When you change a port from a nonrouted port to a routed port or the reverse, the applied auto-QoS setting is not changed or updated when you verify it by using the show running interface or show mls qos interface user EXEC commands. These are the workarounds:

1. Disable auto-QoS on the interface.

2. Change the routed port to a nonrouted port or the reverse.

3. Re-enable auto-QoS on the interface. (CSCec44169)

The DHCP snooping binding database is not written to flash memory or a remote file in any of these situations:

(Catalyst 3750 switch and Cisco EtherSwitch service modules) When the Network Time Protocol (NTP) is configured, but the NTP clock is not synchronized. You can check the clock status by entering the show NTP status privileged EXEC command and verifying that the network connection to the NTP server and the peer work correctly.

(Catalyst 3750, 3560, or 2970 switches and Cisco EtherSwitch service modules) The DHCP snooping database file is manually removed from the file system. After enabling the DHCP snooping database by configuring a database URL, a database file is created. If the file is manually removed from the file system, the DHCP snooping database does not create another database file. You need to disable the DHCP snooping database and enable it again to create the database file.

(Catalyst 3750, 3560, or 2970 switches and Cisco EtherSwitch service modules) The URL for the configured DHCP snooping database was replaced because the original URL was not accessible. The new URL might not take effect after the timeout of the old URL.

No workaround is necessary; these are the designed behaviors. (CSCed50819)

(Catalyst 3750 or 3560 switches and Cisco EtherSwitch service modules) When dynamic ARP inspection is enabled on a switch or switch stack, ARP and RARP packets greater than 2016 bytes are dropped by the switch or switch stack. This is a hardware limitation.

However, when dynamic ARP inspection is not enabled and a jumbo MTU is configured, ARP and RARP packets are correctly bridged in hardware. (CSCed79734)

When connected to some third-party devices that send early preambles, a switch port operating at 100 Mb/s full duplex or 100 Mb/s half duplex might bounce the line protocol up and down. The problem is observed only when the switch is receiving frames.

The workaround is to configure the port for 10 Mb/s and half duplex or to connect a hub or a nonaffected device to the switch. (CSCed39091)

(Catalyst 3750 switches and Cisco EtherSwitch service modules) Dynamic ARP inspection log entries might be lost after a switch failure. Any log entries that are still in the log buffer (have not been output as a system message) on a switch that fails are lost.

When you enter the show ip arp inspection log privileged EXEC command, the log entries from all switches in the stack are moved to the switch on which you entered the command.

There is no workaroun