Read thoroughly and enjoy!

Important notes

• After upgrading to this cloud-native IOS XE 17.15, downgrading to any CS version via the dashboard will not be possible. In order to downgrade to the CS version, a factory reset may be required and support assistance will be necessary. Please consider this before upgrading your network to cloud-native IOS XE. Learn more - http://cs.co/9002xhAan.
• Attempting to convert unsupported models such as C9200CX may result in an unusable switch. Please review the list of supported models in the release notes below before proceeding with the upgrade.

Cloud-native ios xe overview

• Cloud-native IOS XE introduces a significant architectural shift from the previous container-based design to a cloud-native framework, unlocking benefits for your cloud-managed Cisco Catalyst switches, including the C9300-M, C9300L-M, C9300X-M, C9200L and MS390 families. These include faster boot and initialization performance, especially for stacks, and the start of a new generation of capabilities as we enable more underlying IOS-XE capabilities, and a Cloud CLI Terminal that introduces the ability to run Show CLI commands directly from the dashboard!
• CS16 or CS17 are prerequisites before initiating this upgrade. We do not recommend attempting to upgrade to IOS XE from other firmware versions.

Release highlights

• In this release, we are excited to support the following features and enhancements. Below are the key highlights:
• Introducing a new onboarding flow for cloud and hybrid operating modes: two powerful ways to manage your Catalyst 9000 switches from the Meraki dashboard. These modes give you the flexibility to choose between a fully cloud-managed experience (cloud operating mode) or a hybrid approach (previously referred to as cloud monitoring), that offers configuration via an embedded cloud CLI while leveraging the cloud for monitoring and troubleshooting. Learn more http://cs.co/9000F98vQ (Note that the new onboarding process for hybrid and cloud operating modes will be rolled out in phases. If you don’t see the new UI while adding your Catalyst switches to a network, please be assured it will be available soon. We appreciate your patience and understanding as we work to bring this feature to all eligible organizations.)
• Management Interface Architecture Change: a dedicated management interface is no longer required.
• Default Network Module: this enhancement simplifies and consolidates network module configuration into 8 default ports that get applied dynamically to any inserted network module.
• Standardized Cisco Logging and Interface Naming
• Configuration Templates
• Adaptive Policy
• Intelligent Capture
• Storm Control
• Radius Multi-Auth (dot1X)
• Device Uptime
• 802.1X Control Direction
• Meraki Authentication (Meraki Auth)
• Alternate Management Interface (AMI)
• Port Schedules
• C9200L Hardware Platform Support (see supported models below)
• SNMPv3
• Encrypted Traffic Analytics
• Energy Efficient Ethernet
• MAC Allow Lists

Before you upgrade or migrate: key considerations

• After migrating CLI/DNA managed switches to cloud operating mode, please note that console and SSH access are no longer available. All management access is only available via the cloud dashboard or the local status page through the rear management port.
• Layer 3 switches with a DHCP management IP address are not supported. Please configure a static IP address for the management interface to avoid network disruptions and improper traffic flow. If the L3 switch’s default route and management interface gateways are NOT the same prior to the upgrade, after the upgrade to IOS XE all switch traffic will use the management interface’s DHCP acquired gateway as a next hop.
• Layer 3 switches cannot run DHCP servers on uplink interfaces. Please note that interfaces that have been designated as a preferred uplink cannot also run a DHCP server. Interfaces with both Preferred Uplink and DHCP server configurations will have the DHCP server configuration disabled on that interface.
• Switches using the Alternative Management Interface (AMI) will require an L3 SVI to be configured for the same vlan assigned to AMI. For AMI to work, your network must have AMI configured and your switch must have an SVI configured matching that AMI vlan.
• After upgrading from CS to cloud-native IOS XE firmware, port mirroring configurations on module ports will not be retained. Users will need to reconfigure port mirroring on module ports following the upgrade.
• To migrate a CLI/DNA-managed switch to the dashboard in cloud mode, claim the switch into a network already configured for cloud-native IOS XE. Claiming into a network configured for CS firmware may have unexpected results.
• The 30-day grace period applies to licensing for Catalyst switches onboarded to Meraki Dashboard, allowing customers to trial cloud mode prior to fully committing. Valid DNA licenses can be converted to Meraki licenses through a qualified promotion process. Refer http://cs.co/9005aw6VH for more details.

Share your post-upgrade feedback!

• We value your feedback on our latest release! Please take a moment to complete this brief 5-minute survey (https://forms.office.com/r/gHuK4bJRZ5) and share your experience with us.

Known issues

• Clients Static DHCP reservation cannot be changed. Workaround requires removing static reservations and recreating them.
• Configuration application fails due to bad-cli errors related to et-analytics during each config push. Changing destination port configuration for encrypted traffic analytics, while active, can corrupt config. As a workaround, disable then re-enable with new port config.
• Client Tracking does not work on 10G MGig interfaces, as well as 25G, 40G and 100G ports.
• Named VLAN column is not displaying any values in the switches client summary table.
• IPv6 route for DNS is set with an empty Gateway IP, leading to configuration application failure.
• Devices lose all configurations after an upgrade from 17.15.2 to 17.15.3. Rebooting or shutting down a switch shortly after upgrade (17.15.2 to 17.15.3) might not preserve “safe-config”. Please wait 30 min after upgrade to ensure configuration is marked ‘safe’.
• MTR live tool does not function from the dashboard.
• 9200L 8-member stack: Stack merge occurs due to incompatibility when installing a new image. 8-member stacks may experience longer boot or upgrade times.
• Issue with upgrading a stack of 8 members on the 9200L series from one cloud-native IOS XE version to another.
• The Default VLAN profile API appends new configurations instead of overwriting existing ones potentially leading to unexpected behavior.
• The device uptime displayed for stack standby members is incorrect.

Fixed issues

• Fixed an issue related to downstream clients may experience packet loss for 60-200 seconds in stacks while the standby switch takes over the active stack member role when the active stack member is powered off.
• Fixed an issue related to Management plane connectivity may be interrupted when there are a large number of LLDP announcements.
• Fixed an issue related to stacks of 5 or more switches may experience a configuration mismatch when making multiple consecutive port configuration changes to several interfaces in a row.
• Port scheduling is supported on this version.
• LACP is not functioning on the network module ports of NM-2Y modules.

Supported models

• NOTE: ATTEMPTING TO CONVERT UNSUPPORTED MODELS SUCH AS C9200CX MAY RESULT IN A UNUSABLE SWITCH. PLEASE REVIEW THE LIST OF SUPPORTED MODELS BEFORE PROCEEDING WITH THE UPGRADE.
• C9200L-24T-4X , C9200L-24P-4X, C9200L-48T-4X , C9200L-48P-4X , C9200L-48PL-4X , C9200L-24PXG-4X , C9200L-48PXG-4X , C9200L-24PXG-2Y , C9200L-48PXG-2Y , C9200L-24T-4G , C9200L-24P-4G , C9200L-48T-4G , C9200L-48P-4G , C9200L-48 PL-4G
• C9300-24T-M, C9300-24P-M, C9300-24U-M , C9300-24UX-M , C9300-48T-M , C9300-48P-M , C9300-48U-M , C9300-48UXM-M , C9300-48UN-M , C9300-24S-M, C9300-48S-M , C9300X-12Y-M, C9300X-24Y-M, C9300X-48HXN-M, C9300X-24HX-M, C9300X-48HX-M, C9300X-48TX-M, C9300L-24P-4X-M, C9300L-24T-4X-M, C9300L-24UXG-4X-M, C9300L-48P-4X-M, C9300L-48PF-4X-M, C9300L-48T-4X-M, C9300L-48UXG-4X-M, and the corresponding Catalyst switch SKUs for migration
• MS390-24-HW, MS390-24P-HW, MS390-24U-HW, MS390-24UX-HW, MS390-48-HW, MS390-48P-HW, MS390-48U-HW, MS390-48UX-HW, MS390-48UX2-HW
• Breakout Cables aren’t supported at this time.

Transitioning from cs to ios xe 17.15: unsupported features

• The following CS features are not supported in this release:
• Sticky MAC
• Gov(Federal), Canada, China, or India Cloud
• Certain features will be added to the IOS XE versions in future releases. Refer to the Cloud-native IOS XE documentation for further details: http://cs.co/9001Q4ALF