Cisco Cisco IOS XE 3.5E

Cisco TrustSec for IPv6 is not supported.

Dynamic binding of IP-SGT is not supported for hosts on Layer 3 physical routed interfaces 
because the IP Device Tracking feature for Layer 3 physical interfaces is not supported.

Cisco TrustSec cannot be configured on a pure bridging domain with IPSG feature enabled. You 
must either enable IP routing or disable the IPSG feature in the bridging domain.

Cisco TrustSec on the switch supports up to 255 security group destination tags for enforcing 
security group ACLs.

Cisco TrustSec VLAN-to-SGT binding cannot be enabled in pure bridging domain. You have to 
either manually enable IP device tracking on the ports in the VLAN, or enable SVI interface for 
the VLAN.

For Cisco IOS Release 3.7E and later, Cisco TrustSec VLAN-to-SGT binding cannot be enabled 
in pure bridging domain. You have to either manually enable IP device tracking on the ports in 
the VLAN, or enable SVI interface for the VLAN.

When a logging discriminator is configured and applied to a device, memory leak is seen under 
heavy syslog or debug output. The rate of the leak is dependent on the quantity of logs produced. In 
extreme cases, the device may crash. As a workaround, disable the logging discriminator on the 
device.

Restrictions for Cisco Plug-in for OpenFlow:

STRIP VLAN cannot work for L2 packets that do not have a payload.

The Bug Search Tool (BST), which is the online successor to Bug Toolkit, is designed to improve the 
effectiveness in network risk management and device troubleshooting. The BST allows partners and 
customers to search for software bugs based on product, release, and keyword, and aggregates key data 
such as bug details, product, and version. The tool has a provision to filter bugs based on credentials to 
provide external and internal bug views for the search input.

To view the details of a caveat listed in this document:

Access the BST (use your Cisco user ID and password) at 

Enter the bug ID in the Search For: field.