for Cisco Catalyst 9300 Series Switches

Software Improvements

• BGP EVPN VXLAN

Tenant Routed Multicast over BGP EVPN VXLANv6
The following BGP EVPN VXLAN features are introduced in this release:
Tenant Routed Multicast over BGP EVPN VXLANv6 enables the delivery of IPv4 and IPv6 multicast host traffic in BGP EVPN overlay multi-tenant fabric in an efficient and resilient manner. The new software capability enables IPv4 and IPv6 multicast in overlay with underlay network infrastructure natively running single-stack IPv6. The Tenant Routed Multicast over BGP EVPN VXLANv6 is supported over IPv6 Default MDT group.

• Bonjour Apple AirDrop Service

Introduces a new service definition apple air-drop.

• Flexible Netflow Record for SGACL Permit and Deny Actions

A new collect parameter for flexible netflow is introduced. Use the collect policy firewall event command to enable collection of information on traffic that is denied or permitted by SGACL.

• IPsec Scale Enhancement for supported SVTIs

The number of supported IPsec IPv4 Static Virtual Tunnel Interfaces (SVTIs) is increased to 480 and the number of supported IPsec IPv6 SVTIs supported is increased to 240. This applies only to Cisco Catalyst 9300X Series Switches.

• IPv6 Neighbor Discovery Proxy

IPv6 Neighbor Discovery (ND) Proxy facilitates communication between two different hosts that are restricted from communicating directly with each other. IPv6 Routing Proxy and IPv6 DAD Proxy variations of IPv6 ND Proxy are introduced.

• Management Traffic Control

Management traffic control allows traffic to enter through a user-defined physical interface and restricts traffic to any other interface that is not defined by the user.

• Modified License Level for Unicast mDNS

Unicast mDNS is now supported with DNA Advantage license.

• Programmability:

YANG Data Models
The following programmability feature is introduced in this release:
YANG Data Models: For the list of Cisco IOS XE YANG models available with this release, navigate to: https://github.com/YangModels/yang/tree/master/vendor/cisco/xe/17131.

• Removal of Service Types from the Default Service List

Multifunction-printer and home sharing service types are removed from the default service list.

• show ip eigrp topology and show ip eigrp accounting command output

The show ip eigrp topology and show ip eigrp accounting command outputs are modified.
The output of show ip eigrp topology command displays a message that provides information about the EIGRP state and the action required.
The output of show ip eigrp accounting does not display any message when the EIGRP is in adjacency state.

• VLAN RADIUS Attributes in Access Requests

Enhances security for access switches with the use of VLAN RADIUS attributes - VLAN name and ID in access requests.

• VRF-aware GRE over IPsec

Introduces support for GRE over IPsec tunnels. This allows you to map IPsec tunnels to VRF instances using a single public-facing address. This feature is introduced on Cisco Catalyst 9300X Series Switches.

Notice

• SISF-Based Device Tracking: Deprecation of the udp keyword

The udp keyword, which was available as one of the options with the protocol keyword in the device-tracking configuration mode, was deprecated. There is no replacement keyword.

Open Bugs

CSCwf62551 - interop:Ports are not coming up between 9300X-Uplink and 9500X with "100G QSFP 100G CU3M"
CSCwh35728 - Need switch to host macsec support in Sda overlay network

Resolved Bugs

CSCwe89814 - Unexpected reboot due to FED process heldown with Netflow
CSCwe91069 - Unexpected reload upon removing netflow commands.