background image

62

Patch Release Note

Patch SB251-13 for Software Release 2.5.1

C613-10361-00 REV M

SET SWITCH BLADE settings are now only added to the configuration file 
if they differ from the default settings.

Support has been added, to the MIB-2 interface MIB, for the port interface. 
This means that port counters can now be shown.

If a hardware filter was added to the switch, with a source VLAN and a 
destination port of 1, then a host connected to the switch could not PING a 
host on a different port. This issue has been resolved.

An unexpected restart that occurred when upgrading a SwitchBlade from 
Release 2.4.4 to Release 2.5.1 was caused by NVS generating an SNMP trap. 
This issue has been resolved.

Static routes were occasionally not added to all hardware tables across all 
instances. This would affect connectivity if an instance had a default route 
added to its table that pointed out one of its ports. This issue has been 
resolved.

Ports could not be added to the default VLAN after a hotswap, if the default 
VLAN was Protocol, Subnet, MAC address, or Limited protocol based. This 
issue has been resolved.

Incorrect handling of TCP sessions, and poor load balancing performance 
could be caused by TCP virtual balancers not selecting a new resource if 
required. This issue has been resolved.

The ADD IPV6 ND command now has a PORT parameter which means that 
it can be associated with the VLAN parameter.

Changes have been made to the 

SysDescription

.

TCP source and TCP destination ports were swapped when viewed in the 
GUI.   This issue has been resolved.

Packets that were sent out a default route could have an incorrect source IP 
address, if the interface route to the destination IP address existed but was 
down. This issue has been resolved.

PCR: 03060

Module: CORE, SWI

                                  Level: 3

PCR: 03066

Module: SWI

                                  Level: 2

PCR: 03071

Module: CORE

                                  Level: 2

PCR: 03079

Module: IPG, SWI

                                  Level: 1

PCR: 03088

Module: SWI

                                  Level: 2

PCR: 03105

Module: FIREWALL

                                  Level: 3

PCR: 03112

Module: IPV6

                                  Level: 3

PCR: 03118

Module: CORE

                                  Level: 4

PCR: 03119

Module: CLASSIFIER

                                  Level: 4

PCR: 03138

Module: SWI

                                 Level: 2

PCR: 03141

Module: IPG

                                  Level: 3

Summary of Contents for SB251-13

Page 1: ...Series Switches Document Number C613 10354 00 Rev D available on the Documentation and Tools CD ROM packaged with your switch or from www alliedtelesyn co nz documentation documentation html WARNING U...

Page 2: ...and This issue has been resolved Running the PURGE IP command with a multicast address and multiple sources was causing a fatal error This issue has been resolved The value specified for the IP parame...

Page 3: ...lved When CAM segments were full the CAM entries were not being moved correctly and occasionally corrupting on compaction This issue has been resolved The SHOW SYS SYSR SLAVE command did not return a...

Page 4: ...ntExist counter When a user logged on twice thus creating two sessions the user log on time for the second session was overwriting the value recorded for the first This issue has been resolved by disp...

Page 5: ...the file name using the shortened DOS 8 3 format where file names are 8 characters long with extensions of 3 characters This issue has been resolved so that long configuration file names are now displ...

Page 6: ...0 This issue has been resolved MLD and MLD Snooping now require the hop limit to be 1 Packets with bad ACK numbers were sometimes generated by the firewall as part of the proxy TCP setup process These...

Page 7: ...This issue has been resolved A multihomed interface sometimes sent duplicate multicast packets This issue has been resolved The incorrect logical interface was selected for broadcast packets received...

Page 8: ...een resolved A fatal error occurred when the PIM path was recovering This issue has been resolved MLD startup query packets were not being sent correctly due to IPv6 MLD being unaware of the IPv6 inte...

Page 9: ...into one physical interface the RIPng request packet was erroneously transmitted from all interfaces on the switch This issue has been resolved BGP sent Update packets when the local host route table...

Page 10: ...net command line parameter was repeated for example SHOW TELNET TELNET These issues have been resolved Packets were not routed when an IPv6 flow was enabled This issue has been resolved The switch was...

Page 11: ...debug information was returned when an ICMPv6 PacketTooBig message was received This issue has been resolved The IPSec configuration was not created correctly when the RADDRESS and LNAME parameters in...

Page 12: ...ts and interfaces were causing fatal errors due to the excessive number of link state advertisements generated This issue has been resolved by limiting the combined number of routers and hosts within...

Page 13: ...resolved by preventing the configuration being set from files other than those located in the root directory The prune time limit was not being cancelled when an IGMP join was received by the switch T...

Page 14: ...correctly when hot swapping line cards This resulted in links other than the preferred link being selected Also when a layer two data stream was forwarded from one line card the source card to another...

Page 15: ...6 multicast traffic out all ports MLD snooping is independent of the MLD and Layer 3 configuration so an IPv6 interface does not have to be attached to the VLAN and MLD does not have to be enabled or...

Page 16: ...dresses should be avoided if MLD snooping is used MLD snooping is enabled by default To disable it use the command DISABLE MLDSNOOPING Note that IPv6 multicast packets will flood the VLAN when MLD sno...

Page 17: ...W MLDSNOOPING command MLD Snooping Status ENABLED Debugging DISABLED Group Timeout 270 Secs Interface vlan1 Multicast Address ff05 2222 3333 4444 5555 6666 7777 1111 Ports 1 2 4 6 Entry Timeout 120 Se...

Page 18: ...erface Ports The member ports for the multicast group Entry Timeout The number of seconds remaining until this multicast registration will be deleted if no listener joins are received MLD Snooping Cou...

Page 19: ...issue has been resolved In configurations using two switch controller cards the system redundancy feature SYSR could not locate and initialise the second switch control card This issue has been resolv...

Page 20: ...t MAXBANDWIDTH setting regardless of either the configured value or the port speed capability This was resulting in the MAXBANDWIDTH value being too high This issue has been resolved Additional messag...

Page 21: ...mpting to configure port 17 would produce no error message and attempting to configure ports 18 and above would result in an incorrect error message Also the SwitchBlade could be allocated with 17 por...

Page 22: ...s issue has been resolved PIM4 and PIM6 were not sending Hello packets if the HELLOINTERVAL was not a multiple of 10 This is set with the ADD PIM INTERFACE ADD PIM6 INTERFACE SET PIM INTERFACE and SET...

Page 23: ...n the ADD BGP PEER and SET BGP PEER commands were not interacting correctly This issue has been resolved The PURGE IP command did not remove ENABLE IP IGMP from the configuration This issue has been r...

Page 24: ...ts with a TTL greater than 1 will be forwarded The error message for an incorrectly added or removed port now displays both the card and the port identifiers The DELETE SWITCH FILTER command did not w...

Page 25: ...ange of ports This issue has been resolved Entering the command SET SWITCH TRUNK SPEED was returning the inappropriate error message The INSTANCE specified does not exist This issue has been resolved...

Page 26: ...P packets are now dropped by IP The SHOW FIREWALL POLICY was not showing the correct debugging items as set with the ENABLE FIREWALL POLICY DEBUG command This issue has been resolved Firewall rules we...

Page 27: ...g was not updating the L3 multicasting entries for that port This issue has been resolved A log message is now created when a user is forced to logout from an asynchronous port when another user i e s...

Page 28: ...handled as a link parameter Features in SB251 11 Patch SB251 11 includes all issues resolved and enhancements released in previous patches for Software Release 2 5 1 and the following enhancements Af...

Page 29: ...s been resolved SMTP proxy was falsely detecting third party relay under some circumstances This issue has been resolved Previously Get or GetNext port state information could not be obtained from the...

Page 30: ...rtup when SHOW INTERFACE and SHOW ETH STATE had them as down This issue has been resolved The SHOW IPv6 COUNTER command now shows the outAdvert messages in the Total Out Messages counter field DHCP as...

Page 31: ...to module The file format specifier has been altered from DDDD MMMM NNNNNNNN TTT to MMMM NNNNNNNN TTT IGMP Snooping did not use DVMRP messages to identify a port This issue has been resolved The outp...

Page 32: ...ource even if it was used for the last successful connection Sometimes healthcheck pings were not sent to the load balancer resources This issue has been resolved The system became unstable if the ADD...

Page 33: ...DYNAMIC PING command was producing an incorrect output format These issues have been resolved The TRACE command was not working when using an IPv6 link local address This issue has been resolved A me...

Page 34: ...information for ports on the controller card located in bay A The default now displays all external ports for switch instances except for those on the controller card This command no longer displays...

Page 35: ...LAN was changing from the DOWN to UP state Also multicast streams could be received while the VLAN was changing from DOWN to UP causing a PIM Reverse Path Forwarding unicast route lookup failure This...

Page 36: ...ript always contained LQR ON even when the LQR value was not the default This issue has been resolved The EGRESS parameter setting was not displayed by the SHOW CONFIG DYNAMIC command This issue has b...

Page 37: ...LAC attempted to disconnect the call from its tunnel If the tunnel had not been created the device restarted This issue has been resolved PINGING between blades within the same switch failed whenever...

Page 38: ...nk cards AT 9800 Series switches were not sending a temperature trap when the temperature exceeded the threshold of 40 C This issue has been resolved Enabling OSPF via the GUI was sometimes causing fa...

Page 39: ...ue has been resolved Now the VLAN tag is ignored on all devices except Rapier i Series Switches with multiple STPs on the receiving port Multicast Listener Discovery MLD was not setting the filter mod...

Page 40: ...D was being returned for Fan PSU in SNMP v1 trap messages This issue has been resolved Entering a after SET STP stp name at the CLI to request context sensitive help only returned the PORT and DEFAULT...

Page 41: ...GBIC installed This issue has been resolved If IPsec was using PPPoE the initiator continued to keep the IPsec SA even if the PPPoE session failed and the ISAKMP Heartbeat timer expired This issue ha...

Page 42: ...lved The default for the PROXYARP parameter in the SET IP INTERFACE command for a VLAN interface was OFF The default is now ON FTP data transfers did not succeed for some types of NAT Also the presenc...

Page 43: ...ORY was used to set a non existent or invalid directory This issue has been resolved When the device was acting as a DHCP client and the DHCP server provided a gateway address a statically configured...

Page 44: ...t incrementing correctly This issue has been resolved In rare circumstances removing the cable from an IPv6 interface was resulting in fatal errors This issue has been resolved A VLAN interface receiv...

Page 45: ...xecuting the DISABLE SYSTEM SECURITY command This issue has been resolved A fatal error sometimes occurred when forwarding traffic over an IPv6 tunnel This issue has been resolved The SMTP proxy did n...

Page 46: ...a HTTP This issue has been resolved If the firewall was enabled when BGP was in use outgoing BGP data packets would have IP header errors and incorrect checksums This problem has been resolved If in a...

Page 47: ...are similar to the following swiCXeVirtCamTranslateAddress ulEntryNo 4294967254 entries 8192 last 106495 An error was not returned if the SET FIREWALL POLICY RULE command was executed with PROTOCOL 1...

Page 48: ...ent with the correct source IP address When the device was acting as a DNS relay agent a fatal error occurred after approximately 3 hours of heavy load This issue has been resolved HTTP proxy was not...

Page 49: ...ncreased from 40 C to 60 C Disabling and then enabling IPv6 made the CREATE IPV6 INTERFACE VLAN command appear twice in the configuration script This issue has been resolved A fatal error sometimes oc...

Page 50: ...Previously when the ADD FIREWALL POLICY INTERFACE command activated software routing the static IP ARP entries were removed automatically Static IP ARP entries now remain and the following message is...

Page 51: ...The operation of the ADD IPV6 ROUTE command METRIC parameter has changed and now applies differently for statically and non statically defined routes Previously an interface failure would cause this p...

Page 52: ...en the PROTOCOL parameter was not TCP The SESSION parameter specifies the type of TCP packet to match This issue has been resolved The MIB object dot1dStpTimeSinceTopologyChange has been implemented t...

Page 53: ...st 10 seconds This issue has been resolved IGMP Query messages were sent over an interface even if IGMP had been disabled on that interface This issue has been resolved SwitchBlade port numbers were d...

Page 54: ...re deleted the corresponding IP flow cache was not invalidated This issue has been resolved If the firewall received a packet with an incorrect TCP checksum and ACK number the packet was sent to the c...

Page 55: ...timeout is changed Fatal errors occurred on occasions when mirroring was enabled This issue has been resolved The output of the SHOW DVMRP FORWARDING command did not display the forwarding ports This...

Page 56: ...d STP ports were not remaining in the disabled state This issue has also been resolved When changing from RSTP to STP mode the STPCOMPATIBLE option for the RSTPTYPE parameter incorrectly appeared in t...

Page 57: ...n unrelated port to stop forwarding packets or learn new MAC addresses This issue has been resolved so that unrelated ports are not affected by the trunk group port deletion All IP routes were being a...

Page 58: ...hcost for the trunk group ports to be less than the default value for a single port STP reconfigures if the Master port in a trunk group goes link down If the Master port in a trunk group goes link do...

Page 59: ...eature An enhancement has been made to the Test module to optimise the reception of the loopbacked packets that are used to confirm operation of the switch ports Features in SB251 06 Patch file detail...

Page 60: ...llowing enhancements An internal misconfiguration of memory occurred when an M3 control card and an M5 control card were installed and the M3 control card was acting as the Master This could cause une...

Page 61: ...listed in Table 7 Patch SB251 03 includes all issues resolved and enhancements released in previous patches for Software Release 2 5 1 and the following enhancements The SwitchBlade mirror port field...

Page 62: ...ld not be added to the default VLAN after a hotswap if the default VLAN was Protocol Subnet MAC address or Limited protocol based This issue has been resolved Incorrect handling of TCP sessions and po...

Page 63: ...ue has been resolved When the Built In Self Test was run a fault would occasionally be reported which said that a MAC address was not learnt during the loopback test The ports in the BIST loopback tes...

Page 64: ...of the port bandwidth used when the default traffic class percentage bandwidth is set on a QoS Policy Adding a layer 2 filter on a SwitchBlade did not block traffic to the end host as intended This i...

Page 65: ...FLOW PAUSE command was executed on a port or ports they would still appear to be enabled at a higher level This issue has been resolved DHCP RENEW request messages are now unicast as defined in the R...

Page 66: ...d was inserted in the left hand slot to act as a slave has been resolved Support has been added to allow for multicasting to any number of overlapping VLANs up to the maximum number of multicast forwa...

Reviews: