Manualshelf

Datasheet

ManualsBrandsCisco ManualsSoftwareSC4K-SUPK8-7.6.2=
51525354555657585960
58
Release Notes for Catalyst 4500 Series Software Release 7.x
OL-1983-28
Usage Guidelines, Restrictions, and Troubleshooting
Multicast
This section contains usage guidelines, restrictions, and troubleshooting information that apply to
multicast protocols and traffic on the switch:
Because of a conflict with the Hot Standby Router Protocol (HSRP), Cisco Group Management
Protocol (CGMP) leave processing is disabled by default. To enable CGMP leave processing, enter
the set cgmp leave enable command.
Note If both HSRP and CGMP leave processing are enabled, you might experience some unicast
packet flooding.
When CGMP leave processing is enabled, the Catalyst 4500 series switch learns router ports
through PIM-v1, HSRP, and CGMP self-join messages. When CGMP leave processing is disabled,
the Catalyst 4500 series switch learns router ports through CGMP self-join messages only.
CGMP does not prune multicast traffic for any IP multicast address that maps into the MAC address
range of 01-00-5E-00-00-00 to 01-00-5E-00-00-FF. The reserved IP multicast addresses, in the
range 224.0.0.0 to 224.0.0.255, are used to forward local IP multicast traffic in a single Layer 3 hop.
MIBs
For information on MIBs, RMON groups, and traps, refer to the Cisco public MIB directory
(http://www.cisco.com/public/mibs/). For information on the specific MIBs supported by the
Catalyst 4500 series switches, refer to the Catalyst 4000 MIB Support List located at
ftp://ftp.cisco.com/pub/mibs/supportlists/wsc4000/wsc4000-supportlist.html.
Authentication, Authorization, and Accounting
This section contains usage guidelines, restrictions, and troubleshooting information for authentication,
authorization, and accounting (AAA):
For login authentication, starting with software releases 5.5(15), 6.3(7), and 7.3(1), if you press the
Enter key and then type your password, the ACS TACACS+ server will respond as if you are
attempting to change your password. This behavior is related to CSCdx08395. Before the
CSCdx08395 fix, the user privilege level was hard coded to 15 in the TACACS+ authentication
request packet. With the CSCdx08395 fix, the user privilege level is set based on the privilege level
at which the user is authenticated. For example, if a user attempts a login authentication, the
privilege level is 1. If the user attempts an enable authentication, the privilege level is 15.
The Cisco ACS TACACS+ server behaves differently when you press the Enter key and then type
your password. When you press the Enter key and then type your password with the user priv-lvl
hard coded to 15, the switch responds as if this is a login authentication as a regular password
attempt. When you press the Enter key and then type your password with the user priv-lvl hard
coded to 11, the switch responds as if you are changing your password. The latter case is a behavior
consistent with TACACS+ enable authentication and Cisco IOS software handling when you press
the Enter key and then type your password. (CSCdy35129)