Cisco Cisco IOS Software Releases 12.2 MC 집계 된 데이터

Page 1 of 8

Product Bulletin No. 3228

New Cisco IOS Software Release 12.2(25)SEE for Cisco
Catalyst 3750, Catalyst 3560, Catalyst 3550, Catalyst 2970,
and Catalyst 2960 Series Switches

Cisco Systems

announces Cisco IOS

Software updates for Cisco

Catalyst

3750, Catalyst 3560, Catalyst 3550, Catalyst

2970, and Catalyst 2960 series Intelligent Ethernet switches. This new release furthers Cisco leadership in providing secure,

reliable, and feature-rich LAN switching solutions.

This product bulletin contains content and delivery information for Cisco IOS Software Release 12.2(25)SEE.

The following new features are available with Cisco IOS Software Release 12.2(25)SEE:

•

IPv6 neighbor discovery throttling—Implements the mechanism to drop in hardware of any additional IPv6 packets whose next hop is the same

neighbor the switch is actively resolving. Performing this drop in hardware will avoid adding further load on the switch.

•

Cisco Discovery Protocol support for IPv6—Cisco Discovery Protocol support for an IPv6 address adds the ability to transfer IPv6 addressing

information between two Cisco devices using Cisco Discovery Protocol, providing IPv6 information to network management products and
troubleshooting tools.

•

Secure Shell (SSH) Protocol over IPv6—SSH connections can be made to and from the switch. SSH connections to the switch are accepted over

IPv6 transport with no command-line interface (CLI) implications. When making connections from the switch, the CLI is identical to the existing
SSH CLI except that either an IPv4 or an IPv6 address can be used where previously only an IPv4 address was allowed. A hostname that resolves
to an IPv6 address can also be used

•

IPv6 MIBs

–

CISCO-IETF-IP-MIB maps to

http://www.ietf.org/internet-drafts/draft-ietf-ipv6-rfc2011-update-11.txt

. This draft describes managed

objects used for implementations of IP in a version-independent manner.

–

CISCO-IETF-IP-FORWARD-MIB maps to

http://www.ietf.org/internet-drafts/draft-ietf-ipv6-rfc2096-update-08.txt

. This draft describes

managed objects related to the forwarding of IP packets in a version-independent manner.

•

IEEE 802.1x MAC-Authentication-Bypass—This feature allows clientless end users (with no 802.1x supplicant) to authenticate to the network,

utilizing the MAC address of the device. The switch will initiate an Extensible Authentication Protocol (EAP) conversation with an
authentication, authorization, and accounting (AAA) server on behalf of a device to authenticate the MAC address itself. This process is
transparent to the end user and utilizes a prepopulated database.

•

IEEE 802.1x inaccessible authentication bypass—Provides a way for the network administrator to configure “critical” ports that are allowed

access to the network if the 802.1x authentication process cannot reach any of the configured AAA servers. This feature is also known as “Critical
Auth” or “AAA-Down.”

•

LAN port IP inaccessible authentication bypass—As with 802.1X, failure of the AAA server to respond can prevent network access to hosts

in a Network Admissions Control (NAC) Layer 2 IP environment. The LAN Port IP AAA-Down feature uses the same AAA infrastructure as
“802.1x inaccessible authentication bypass” to detect when all configured servers are unavailable. During this period, a per-port local policy can
be applied until the servers become available again.