Cisco Cisco IOS Software Release 12.2(35)SE
8
Release Notes for the Cisco Catalyst Blade Switch 3020 for HP, Cisco IOS Release 12.2(37)SE and Later
OL-12577-03
Limitations and Restrictions
•
When port security is enabled on an interface in restricted mode and the switchport block unicast
interface command has been entered on that interface, MAC addresses are incorrectly forwarded
when they should be blocked
interface command has been entered on that interface, MAC addresses are incorrectly forwarded
when they should be blocked
The workaround is to enter the no switchport block unicast interface configuration command on
that specific interface. (CSCee93822)
that specific interface. (CSCee93822)
•
A traceback error occurs if a crypto key is generated after an SSL client session.
There is no workaround. This is a cosmetic error and does not affect the functionality of the switch.
(CSCef59331)
(CSCef59331)
Ethernet
This is the Ethernet limitation:
•
Traffic on EtherChannel ports is not perfectly load-balanced. Egress traffic on EtherChannel ports
are distributed to member ports on load balance configuration and traffic characteristics like MAC
or IP address. More than one traffic stream might map to same member ports, based on hashing
results calculated by the ASIC.
are distributed to member ports on load balance configuration and traffic characteristics like MAC
or IP address. More than one traffic stream might map to same member ports, based on hashing
results calculated by the ASIC.
If this happens, traffic distribution is uneven on EtherChannel ports.
Changing the load balance distribution method or changing the number of ports in the EtherChannel
can resolve this problem. Use any of these workarounds to improve EtherChannel load balancing:
can resolve this problem. Use any of these workarounds to improve EtherChannel load balancing:
–
for random source-ip and dest-ip traffic, configure load balance method as src-dst-ip
–
for incrementing source-ip traffic, configure load balance method as src-ip
–
for incrementing dest-ip traffic, configure load balance method as dst-ip
–
Configure the number of ports in the EtherChannel so that the number is equal to a power of 2
(for example, 2, 4, or 8)
(for example, 2, 4, or 8)
For example, with load balance configured as dst-ip with 150 distinct incrementing destination IP
addresses, and the number of ports in the EtherChannel set to either 2, 4, or 8, load distribution is
optimal. (CSCeh81991)
addresses, and the number of ports in the EtherChannel set to either 2, 4, or 8, load distribution is
optimal. (CSCeh81991)
IP
This is the IP limitation:
When the rate of received DHCP requests
exceeds 2,000 packets per minute for a long time, the response
time might be slow when you are using the console. The workaround is to use rate limiting on DHCP
traffic to prevent a denial of service attack from occurring. (CSCeb59166)
traffic to prevent a denial of service attack from occurring. (CSCeb59166)
IP Telephony
These are the IP telephony limitations:
•
Some access point devices are incorrectly discovered as IEEE 802.3af Class 1 devices. These access
points should be discovered as Cisco pre-standard devices. The show power inline user EXEC
command shows the access point as an IEEE Class 1 device. The workaround is to power the access
point by using an AC wall adaptor. (CSCin69533)
points should be discovered as Cisco pre-standard devices. The show power inline user EXEC
command shows the access point as an IEEE Class 1 device. The workaround is to power the access
point by using an AC wall adaptor. (CSCin69533)
•
After you change the access VLAN on a port that has IEEE 802.1x enabled, the IP phone address is
removed. Because learning is restricted on IEEE 802.1x-capable ports, it takes approximately 30
seconds before the address is relearned. No workaround is necessary. (CSCea85312)
removed. Because learning is restricted on IEEE 802.1x-capable ports, it takes approximately 30
seconds before the address is relearned. No workaround is necessary. (CSCea85312)