Release Notes for the Catalyst 2960-C and 2960-Plus Switches, Cisco IOS Release 15.2(6)E and Later
Device Manager System Requirements
Finding the Software Version and Feature Set
Upgrading a Switch by Using the Device Manager or Network Assistant
Upgrading a Switch by Using the CLI
Recovering from a Software Failure
Features Introduced in Cisco IOS Release 15.2(6)E2
Features Introduced in Cisco IOS Release 15.2(6)E1
Features Introduced in Cisco IOS Release 15.2(6)E
Minimum Cisco IOS Release for Major Features
Caveats Resolved in Cisco IOS Release 15.2(6)E2
Caveats Resolved in Cisco IOS Release 15.2(6)E1
Caveats Resolved in Cisco IOS Release 15.2(6)E
Obtaining Documentation and Submitting a Service Request
First Published: 08 Aiugust, 2017
Last Updated: 14 September, 2018
Cisco IOS Release 15.2(6)E runs on Catalyst 2960-C and 2960-Plus switches and on Cisco EtherSwitch service modules.
These release notes include important information about Cisco IOS Release 15.2(6)E, any limitations, restrictions, and caveats that apply to the releases.Verify that these release notes are correct for your switch:
You can download the switch software from this site (registered Cisco.com users with a login password):
http://www.cisco.com/cisco/web/download/index.html
The device manager verifies the browser version when starting a session and does not require a plug-in.
You cannot create and manage switch clusters through the device manager. To create and manage switch clusters, use the command-line interface (CLI) or the Network Assistant application.
When creating a switch cluster or adding a switch to a cluster, follow these guidelines:
For additional information about clustering, see Getting Started with Cisco Network Assistant and Release Notes for Cisco Network Assistant (not orderable but available on Cisco.com), the software configuration guide, the command reference, and the Cisco EtherSwitch service module feature guide.
Cisco IOS Release 15.2(6)E and later is only compatible with Cisco Network Assistant (CNA) 5.0 and later. You can download Cisco Network Assistant from this URL:
http://www.cisco.com/pcgi-bin/tablebuild.pl/NetworkAssistant
For more information about Cisco Network Assistant, see the Release Notes for Cisco Network Assistant on Cisco.com.
The Cisco IOS image is stored as a bin file in a directory that is named with the Cisco IOS release. A subdirectory contains the files needed for web management. The image is stored on the system board flash device (flash:).
You can use the show version privileged EXEC command to see the software version that is running on your switch. The second line of the display shows the version.
You can also use the dir filesystem : privileged EXEC command to see the directory names of other software images that you might have stored in flash memory.
The upgrade procedures in these release notes describe how to perform the upgrade by using a combined tar file. This file contains the Cisco IOS image file and the files needed for the embedded device manager. You must use the combined tar file to upgrade the switch through the device manager. To upgrade the switch through the command-line interface (CLI), use the tar file and the archive download-sw privileged EXEC command.
Before upgrading your switch software, make sure that you have archived copies of the current Cisco IOS release and the Cisco IOS release to which you are upgrading. You should keep these archived images until you have upgraded all devices in the network to the new Cisco IOS image and until you have verified that the new Cisco IOS image works properly in your network.
Cisco routinely removes old Cisco IOS versions from Cisco.com. See Product Bulletin 2863 for more information:
http://www.cisco.com/en/US/prod/collateral/iosswrel/ps8802/ps6969/ps1835/
prod_bulletin0900aecd80281c0e.html
You can copy the bin software image file on the flash memory to the appropriate TFTP directory on a host by using the copy flash: tftp: privileged EXEC command.
Note Although you can copy any file on the flash memory to the TFTP server, it is time consuming to copy all of the HTML files in the tar file. We recommend that you download the tar file from Cisco.com and archive it on an internal host in your network.
You can also configure the switch as a TFTP server to copy files from one switch to another without using an external TFTP server by using the tftp-server global configuration command. For more information about the tftp-server command, see the “Basic File Transfer Services Commands” section of the Cisco IOS Configuration Fundamentals Command Reference, Release 12.2 :
http://www.cisco.com/en/US/docs/ios/fundamentals/command/reference/cf_t1.html
You can upgrade switch software by using the device manager or Network Assistant. For detailed instructions, click Help.
Note When using the device manager to upgrade your switch, do not use or close your browser session after the upgrade process begins. Wait until after the upgrade process completes.
This procedure is for copying the combined tar file to the switch. You copy the file to the switch from a TFTP server and extract the files. You can download an image file and replace or keep the current image.
To download software, follow these steps:
Step 1 Use Table 3 to identify the file that you want to download.
Step 2 Download the software image file:
a. If you are a registered customer, go to this URL and log in.
http://www.cisco.com/cisco/web/download/index.html
b. Navigate to Switches > LAN Switches - Access.
c. Navigate to your switch model.
d. Click IOS Software, then select the latest IOS release.
Download the image you identified in Step 1.
Step 3 Copy the image to the appropriate TFTP directory on the workstation, and make sure that the TFTP server is properly configured.
For more information, see Appendix B in the software configuration guide for this release.
Step 4 Log into the switch through the console port or a Telnet session.
Step 5 (Optional) Ensure that you have IP connectivity to the TFTP server by entering this privileged EXEC command:
For more information about assigning an IP address and default gateway to the switch, see the software configuration guide for this release.
Step 6 Download the image file from the TFTP server to the switch. If you are installing the same version of software that is currently on the switch, overwrite the current image by entering this privileged EXEC command:
The /overwrite option overwrites the software image in flash memory with the downloaded one.
The /reload option reloads the system after downloading the image unless the configuration has been changed and not saved.
The / allow-feature-upgrade option allows installation of an image with a different feature set (for example, upgrade from the IP base image to the IP services image).
For // location, specify the IP address of the TFTP server.
For / directory / image-name .tar, specify the directory (optional) and the image to download. Directory and image names are case sensitive.
This example shows how to download an image from a TFTP server at 198.30.20.19 and to overwrite the image on the switch:
You can also download the image file from the TFTP server to the switch and keep the current image by replacing the /overwrite option with the /leave-old-sw option.
Use these methods to assign IP information to your switch:
Table 4 lists the minimum software release required to support the major features of the Catalyst 2960-C and 2960-Plus switches and the Cisco EtherSwitch service modules.
You should review this section before you begin working with the switch. These are known limitations that will not be fixed, and there is not always a workaround. Some features might not work as documented, and some features could be affected by recent changes to the switch hardware or software.
Unless otherwise noted, these limitations apply to the Catalyst 2960-C and 2960-Plus switches:
The workaround is to configure the port for 10 Mb/s and half duplex or to connect a hub or a nonaffected device to the switch. (CSCed39091)
The workaround is to enter the no switchport block unicast interface configuration command on that specific interface. (CSCee93822)
There is no workaround. This is a cosmetic error and does not affect the functionality of the switch. (CSCef59331)
The workaround is to configure aggressive UDLD. (CSCsh70244).
The workaround is to always enter a non zero value for the timeout value when you enter the boot host retry timeout timeout-value command. (CSCsk65142)
The workaround is to disable authorization and accounting or to enter the configuration change for one interface at a time. (CSCsg80238, CSCti76748)
If this happens, uneven traffic distribution will happen on EtherChannel ports.
Changing the load balance distribution method or changing the number of ports in the EtherChannel can resolve this problem. Use any of these workarounds to improve EtherChannel load balancing:
– for random source-ip and dest-ip traffic, configure load balance method as src-dst-ip
– for incrementing source-ip traffic, configure load balance method as src-ip
– for incrementing dest-ip traffic, configure load balance method as dst-ip
– Configure the number of ports in the EtherChannel so that the number is equal to a power of 2 (i.e. 2, 4, or 8)
For example, with load balance configured as dst-ip with 150 distinct incrementing destination IP addresses, and the number of ports in the EtherChannel set to either 2, 4, or 8, load distribution is optimal.(CSCeh81991)
The workaround is to ensure that the ports on the standby cluster members are not in the spanning-tree blocking state. To verify that these ports are not in the blocking state, see the “Configuring STP” chapter in the software configuration guide. (CSCec76893)
The workaround is to use rate limiting on DHCP traffic to prevent a denial of service attack from occurring. (CSCeb59166)
No workaround is necessary. (CSCea85312)
The workaround is to power the access point by using an AC wall adaptor. (CSCin69533)
The workaround is to enable PoE and to configure the switch to recover from the PoE error-disabled state. (CSCsf32300)
The workaround is to reduce the number of multicast routes and IGMP snooping groups to less than the maximum supported value. (CSCdy09008)
There is no workaround. (CSCdy82818)
– If the ALLOW_NEW_SOURCE record is before the BLOCK_OLD_SOURCE record, the switch removes the port from the group.
– If the BLOCK_OLD_SOURCE record is before the ALLOW_NEW_SOURCE record, the switch adds the port to the group.
There is no workaround. (CSCec20128)
The switchport block multicast interface configuration command is only applicable to non-IP multicast traffic.
There is no workaround. (CSCee16865)
– You disable IP multicast routing or re-enable it globally on an interface.
– A switch mroute table temporarily runs out of resources and recovers later.
The workaround is to enter the clear ip mroute privileged EXEC command on the interface. (CSCef42436)
After you configure a switch to join a multicast group by entering the ip igmp join-group group-address interface configuration command, the switch does not receive join packets from the client, and the switch port connected to the client is removed from the IGMP snooping forwarding table.
– Cancel membership in the multicast group by using the no ip igmp join-group group-address interface configuration command on an SVI.
– Disable IGMP snooping on the VLAN interface by using the no ip igmp snooping vlan vlan-id global configuration command. (CSCeh90425)
The workaround is to enter the shutdown and the no shutdown interface configuration commands on the Fast Ethernet interface of a new IP phone that is attached to the service module port after the internal link is brought up. (CSCeh45465)
The workaround is to choose compatible buffer sizes and threshold levels. (CSCea76893)
The workaround is to use an on-demand upgrade to upgrade switches in a stack by entering the vstack download config and vstack download image commands. (CSCta64962)
When you upgrade the director to Cisco IOS Release 12.2(55)SE, the workaround is to also modify the configuration to include all built-in, custom, and default groups. You should also configure the tar image name instead of the image-list file name in the stored images. (CSCte07949)
The workaround is to use the TFTP utility of another server instead of a Windows server or to manually delete the existing backup file before backing up again. (CSCte53737)
– If client needs to upgrade using an image and configuration file configured in the DHCP server options, you should remove the client from the Smart Install network during the upgrade.
– In a network using Smart Install, you should not configure options for image and configuration in the DHCP server. For clients to upgrade using Smart Install, you should configure product-id specific image and configuration files in the director. (CSCte99366)
There is no workaround. (CSCtg98656)
– When you select the NONE option in the director CLI, the upgrade should be allowed and is successful on client switches running Cisco IOS Release 12.2(25)SE through 12.2(46)SE, but fails on clients running Cisco IOS Release 12.2(50)SE through 12.2(50)SEx.
– When you enter any password in the director CLI, the upgrade should not be allowed, but it is successful on client switches running Cisco IOS Release 12.2(25)SE through 12.2(46)SE, but fails on clients running Cisco IOS Release 12.2(50)SE through 12.2(50)SEx.
This is a hardware limitation. The workaround is to disable CDP on all interfaces carrying the RSPAN VLAN on the device connected to the switch. (CSCeb32326)
When a switch or switch stack running Multiple Spanning Tree (MST) is connected to a switch running Rapid Spanning Tree Protocol (RSTP), the MST switch acts as the root bridge and runs per-VLAN spanning tree (PVST) simulation mode on boundary ports connected to the RST switch. If the allowed VLAN on all trunk ports connecting these switches is changed to a VLAN other than VLAN 1 and the root port of the RSTP switch is shut down and then enabled, the boundary ports connected to the root port move immediately to the forward state without going through the PVST+ slow transition.
There is no workaround. (CSCdz42909).
The workaround is to reduce the number of VLANs or trunks. (CSCeb31087)
The workaround is to enter the switchport access vlan dynamic interface configuration command separately on each port. (CSCsi26392)
The workaround is to remove unnecessary VLANs to reduce CPU utilization when many links are flapping. (CSCtl04815)
If this message appears, check that there is network connectivity between the switch and the ACS. You should also check that the switch has been properly configured as an AAA client on the ACS
If this happens, enter the no auto qos voip cisco-phone interface command on all interface with this configuration to delete it. Then enter the auto qos voip cisco-phone command on each of these interfaces to reapply the configuration.
From Microsoft Internet Explorer:
1. Choose Tools > Internet Options.
2. Click Settings in the “Temporary Internet files” area.
3. From the Settings window, choose Automatically.
5. Click OK to exit the Internet Options window.
If you are not using the default method of authentication (the enable password), you need to configure the HTTP server interface with the method of authentication used on the switch
Beginning in privileged EXEC mode, follow these steps to configure the HTTP server interface:
The device manager uses the HTTP protocol (the default is port 80) and the default method of authentication (the enable password) to communicate with the switch through any of its Ethernet ports and to allow switch management from a standard web browser.
If you change the HTTP port, you must include the new port number when you enter the IP address in the browser Location or Address field (for example, http://10.1.126.45:184 where 184 is the new HTTP port number). You should write down the port number through which you are connected. Use care when changing the switch IP information.
The Bug Search Tool (BST), which is the online successor to Bug Toolkit, is designed to improve the effectiveness in network risk management and device troubleshooting. The BST allows partners and customers to search for software bugs based on product, release, and keyword, and aggregates key data such as bug details, product, and version. The tool has a provision to filter bugs based on credentials to provide external and internal bug views for the search input.
To view the details of a caveat listed in this document:
1. Access the BST (use your Cisco user ID and password) at https://tools.cisco.com/bugsearch/.
Table 6 Resolved Caveats for Cisco IOS Release 15.2(6)E1
Table 7 Resolved Caveats for Cisco IOS Release 15.2(6)E
User documentation in HTML format includes the latest documentation updates and might be more current than the complete book PDF available on Cisco.com.
These documents provide more information about the 2960-C and 2960-Plus switches and are available at Cisco.com:
http://www.cisco.com/en/US/products/hw/switches/ps5023/tsd_products_support_series_home.html
http://www.cisco.com/en/US/products/hw/switches/ps5528/tsd_products_support_series_home.html
http://www.cisco.com/en/US/products/ps10081/tsd_products_support_series_home.html
http://www.cisco.com/en/US/products/ps6406/tsd_products_support_series_home.html
These documents provide complete information about the Catalyst 2960 and 2960-S switches and are available on Cisco.com:
For other information about related products, see these documents:
SFP compatibility matrix documents are available from this Cisco.com site:
http://www.cisco.com/en/US/products/hw/modules/ps5455/products_device_support_tables_list
.html
For information on obtaining documentation, submitting a service request, and gathering additional information, see the monthly What’s New in Cisco Product Documentation, which also lists all new and revised Cisco technical documentation:
http://www.cisco.com/en/US/docs/general/whatsnew/whatsnew.html
Subscribe to the What’s New in Cisco Product Documentation as a Really Simple Syndication (RSS) feed and set content to be delivered directly to your desktop using a reader application. The RSS feeds are a free service and Cisco currently supports RSS version 2.0.
Any Internet Protocol (IP) addresses and phone numbers used in this document are not intended to be actual addresses and phone numbers. Any examples, command display output, network topology diagrams, and other figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses or phone numbers in illustrative content is unintentional and coincidental.