According to Cisco
Known Fixed Releases:
No release planned to fix this bug
What are our options? We purchased over 100+ of these 2960L's for our environment. And we use auto qos for all our Cisco phones. We need some help!
... View more
Just letting anyone looking to purchase the IE-1000's (any variant) about the product and its platform. We have about 80 IE-1000's so far and this is our impressions.
1) The IE-1000's DO NOT support AAA/TACACS+ (As of code 1.6). Oddly, the configuration shows up in the CLI, but it's not activated. (We have asked for a feature request, but we're not holding our breath)
Problem description: IE-1000-8P2S-LM authentication assistance.
-Informed that by architecture, these switches doesn’t support radius/tacacs authentications.
-They support only local authentications.
IE1000# sh aaa
console : local
telnet : no
ssh : local
http : local
console : no, commands disabled
telnet : no, commands disabled
ssh : no, commands disabled
console : no, commands disabled, exec disabled
telnet : no, commands disabled, exec disabled
ssh : no, commands disabled, exec disabled
IE1000# sh tacacs-server
Global TACACS+ Server Timeout : 5 seconds
Global TACACS+ Server Deadtime : 0 minutes
Global TACACS+ Server Key : 3689...<removed>...b61b7
No servers configured!
2) The IE-1000's DO NOT support CDP.
Problem description: IE-1000 does not speak CDP.
Indeed, as the IE-1K documentation specifies, it is only CDP aware:
CDP-aware means that the IE1K can read CDP but does not send CDP advertisements. Upstream devices will not find the IE1K via CDP.
In the other hand, as same document specifies, it is LLDP capable, so I went to my IE-1K and configured LLDP, I was able to see it in my upstream switch after it:
C9300_lab#show lldp ne
(R) Router, (B) Bridge, (T) Telephone, (C) DOCSIS Cable Device
(W) WLAN Access Point, (P) Repeater, (S) Station, (O) Other
Device ID Local Intf Hold-time Capability Port ID
IE1K1 Gi2/0/21 120 B 1
So it is determined that IE-1K CDP capability is limited to “aware” and it fully supports LLDP. So as a workaround the use of LLDP is suggested in order to be able to visualize the IE-1K from the upstream devices.
3) The IE-1000's don't seem to have a way to enter domain names other the hostname. Not the end of the world, but annoying.
4) When monitoring these devies in SolarWinds Orion we have found that when we 'discover' the resources within the device we see the 'interfaces' counter on Orion go into the thousands! We thought this was an error until we finally just let it finish. What we found was Orion seems to discover ALL 4096 VLAN's! So when you bring these into monitoring and they show as having 4,000+ interfaces it's normal (I guess).
Other than these glaring issues, we are still happy overall with the IE-1000 platform. We operate in environments that need lots of industrial/outdoor environmental equipment and having a low cost industrial switch from Cisco has been great.
If Cisco can fix the first 2 big issues we would be very appreciative.
... View more