background image

Summary of Contents for 5000

Page 1: ...Nortel Ethernet Routing Switch 5000 Series Release Notes Release 6 0 NN47200 400 ...

Page 2: ...n Nortel Networks Inc software license agreement This Software License Agreement License Agreement is between you the end user Customer and Nortel Networks Corporation and its subsidiaries and affiliates Nortel Networks PLEASE READ THE FOLLOWING CAREFULLY YOU MUST ACCEPT THESE LICENSE TERMS IN ORDER TO DOWNLOAD AND OR USE THE SOFTWARE USE OF THE SOFTWARE CONSTITUTES YOUR ACCEPTANCE OF THIS LICENSE...

Page 3: ...TRACT TORT OR OTHERWISE INCLUDING NEGLIGENCE ARISING OUT OF YOUR USE OF THE SOFTWARE EVEN IF NORTEL NETWORKS ITS AGENTS OR SUPPLIERS HAVE BEEN ADVISED OF THEIR POSSIBILITY The forgoing limitations of remedies also apply to any developer and or supplier of the Software Such developer and or supplier is an intended beneficiary of this Section Some jurisdictions do not allow these limitations or excl...

Page 4: ......

Page 5: ...Nortel Ethernet Routing Switch 5520 phone dongle 17 Ensuring Device Manager Online Help displays correctly 17 Additional information for the feature software license file 18 Upgrading software 18 Supported standards MIBs and RFCs 21 Standards 21 RFCs 21 Resolved issues 25 Issues resolved in release 6 0 25 Known issues and limitations 29 Known issues 29 VLACP issue 44 Port or ifIndex offset issue 4...

Page 6: ...6 Contents Nortel Ethernet Routing Switch 5000 Series Release Notes Release 6 0 NN47200 400 04 01 Standard 6 0 12 December 2008 Copyright 2008 Nortel Networks ...

Page 7: ...ntry scaling page 14 DoS attack prevention package DAPP support page 14 Improved sytem log capabilities exception errors page 14 SMLT enhancements page 14 Other changes See the following sections for information about changes that are not feature related New hardware Nortel Ethernet Routing Switch 5000 Series introduces new switches that complement the Ethernet Routing Switch 5500 Series The new s...

Page 8: ...nt is to support most maintenance builds on the v5 1 stream in v6 0 however there may be instances when there is a v5 1 x that will not be supported because it was not available at the time of integration into the v6 0 stream See Nortel Ethernet Routing Switch Release Notes Software Release 5 1 NN47200 400 for more information on release 5 1 features Document changes This document is reformatted t...

Page 9: ...l Ethernet Routing Switch 5698 TFD Nortel Ethernet Routing Switch 5698 TFD PWR Nortel Ethernet Routing Switch 5650 TD Nortel Ethernet Routing Switch 5650 TD PWR Nortel Ethernet Routing Switch 5632 FD Configurations can vary from a stand alone switch to a stack of up to 8 switches A stack can consist of any combination of switches One of the benefits of operating Nortel Ethernet Routing Switch 5000...

Page 10: ...tel Ethernet Routing Switch 5000 Series Documentation Road Map NN47200 101 The information in these Release Notes supersedes applicable information in other documentation Nortel Ethernet Routing Switch 5000 Series Release Notes Release 6 0 NN47200 400 04 01 Standard 6 0 12 December 2008 Copyright 2008 Nortel Networks ...

Page 11: ...le page 18 Upgrading diagnostic software page 18 Supported standards MIBs and RFCs page 21 New features in release 6 0 Ethernet Routing Switch 5000 Series release 6 0 provides the following new hardware features or feature enhancements New hardware in release 6 0 Release 6 0 introduces the following Ethernet Routing Switch 5600 Series switches Nortel Ethernet Routing Switch 5698 TFD Nortel Etherne...

Page 12: ...ent image to selectively boot the device using either agent specified In addition the ability to specify when one agent image will become the primary immediate next reboot or scheduled reboot will be available IGMPv3 snooping support Release 6 0 supports basic IGMPv3 snooping PIM SM Release 6 0 supports basic multicast routing PIM SM is a licensed feature which has been added to the existing Advan...

Page 13: ...n conventions and has each trap and trap receiver listed The Web page allows you to enter additional trap receivers and modify existing ones The Web page lists all available traps and allows you to selectively enable or disable each one The new MIB Web Page application offers a way to access the SNMP MIB objects for each unit from Web based management with the help of the Get Get Next and Walk but...

Page 14: ...t tables to 800 The previous limit was 150 You can configure RMON entry scaling with NNCLI ACG and Device Manager DoS attack prevention package DAPP support Release 6 0 introduces DAPP on Ethernet Routing Switch 5600 Series switches Ethernet Routing Switch 5600 ASICs have a number of pre configured virus and DoS signatures built in This release provides a method of quickly enabling the preconfigur...

Page 15: ...5x0_600005s img 7 718 252 ERS 5600 Series Diagnostic Image Ethernet Routing Switch 5000 Combo diagnostic software 5xxx_60006_diags bin 2 464 932 ERS 5500 Series Diagnostic Image Ethernet Routing Switch 5500 diagnostic software 55x0_60006_diags bin 830 980 ERS 5500 5600 Series MIBs MIB definition files Ethernet_Routing_Switch_ 5xxx_MIBs_6 0 0 zip 1 392 613 Device Manager software version for Window...

Page 16: ... Spanning Tree and MultiLink Trunking NN47200 502 for more information Nortel SNA VLANs One Red VLAN per switch Nortel recommends a maximum of five Yellow VLANs five Green VLANs and five VoIP VLANs per switch for release 6 0 Nortel SNA ports All ports Note The 5530 has two 10 Gigabit Gb ports You can configure these as uplink ports only You cannot configure these as dynamic ports Aggregation group...

Page 17: ...s the following two browsers for Device Manager Online Help Netscape Internet Explorer If you use Netscape as your Web browser to ensure that the topics and table of contents display correctly when making a context call to on product Help perform the following procedure once before requesting Help on a topic 1 Start the Netscape browser 2 From the Tools menu select Options An Options window opens ...

Page 18: ...ust be as follows ASCII file format One MAC address per line No other characters spaces or special characters allowed MAC must be in hexadecimal capitalized format with each pair of characters separated by colons XX XX XX XX XX XX The file must contain the correct MAC addresses Any incorrect MAC addresses will result in the licensed features not working on designated units The number of MAC addres...

Page 19: ...ation Local Agent Image Agent image in the flash memory of the unit Local Diagnostic Image Diagnostic image in the flash memory of the unit Pre 5 0 Diagnostic Image Diagnostic image released before 5 0 5 0 Diagnostic Image Diagnostic image released in 5 0 6 0 Diagnostic Image Diagnostic image released in 6 0 You can upgrade the Agent Image in your switches from an earlier release image The followi...

Page 20: ...e 5 0 or 5 1 to release 6 0 Step Action 1 Upgrade the diagnostic image from the earlier release to release 6 0 diagnostic image 2 Upgrade the agent image from release 5 0 or 5 1 to release 6 0 agent image End Use the following procedure to upgrade the Agent Image from release 4 x to release 6 0 Upgrading Agent Image from release 4 x to release 6 0 Step Action 1 Upgrade the agent image from release...

Page 21: ...outing Switch 5000 Series IEEE 802 1D Standard for Spanning Tree Protocol IEEE 802 3 Ethernet IEEE 802 1Q VLAN Tagging IEEE 802 1p Prioritizing IEEE 802 1X EAPOL IEEE 802 3u Fast Ethernet IEEE 802 3z Gigabit Ethernet IEEE 802 3ab Gigabit Ethernet over Copper IEEE 802 3x Flow Control IEEE 802 3ad Link Aggregation IEEE 802 1ab Link Layer Discovery Protocol RFCs For more information about networking ...

Page 22: ...M RFC 3412 SNMP Message Processing The following table lists IPv6 specific RFCs Standard Description Compliance RFC 2460 Internet Protocol v6 IPv6 Specification Supported RFC 2461 Neighbor Discovery for IPv6 Supported RFC 2462 IPv6 Stateless Address Auto configuration Auto configuration of link local addresses only RFC 4443 Internet Control Message Protocol ICMPv6 Support earlier version of RFC 24...

Page 23: ...e for TCP Mostly supported RFC 4113 Management Information Base for UDP Mostly supported RFC 1981 Path MTU Discovery for IPv6 Supported RFC 2464 Transmission of IPv6 Packets over Ethernet Networks Supported RFC 4213 Transition Mechanisms for IPv6 Hosts and Routers Supports dual stack No support for tunneling yet RFC 3162 RADIUS and IPv6 Supported RFC 1886 DNS Extensions to support IPv6 Supported N...

Page 24: ...24 Important notices and new features Nortel Ethernet Routing Switch 5000 Series Release Notes Release 6 0 NN47200 400 04 01 Standard 6 0 12 December 2008 Copyright 2008 Nortel Networks ...

Page 25: ...ending on your configuration you may be unable to select the complete list of interface applications on an Ethernet Routing Switch 5520 because of the permitted number of interface IDs Resolved Q01324425 A PC can disappear from the Nortel SNA client list after you perform a Time Domain Reflectometry TDR test on a Nortel SNA dynamic port Workaround Nortel recommends that you avoid running a TDR tes...

Page 26: ... cli password stack read only password cli password stack read write password Resolved Q01402425 01 MAC address security in a stack is limited to the highest port number of the base unit if that unit is a 5510 24T or 5530 24TFD model Port numbers higher than 24 are not allowed when a 5510 24T is the base unit and ports higher than 26 are not allowed when a 5530 24TFD is the base unit For example i...

Page 27: ...uration section for loading the license file Resolved Q01366773 Avoid enabling Nortel SNA on a brouter port the port is not added to the Red VLAN in this case Release 5 0 does not support Nortel SNA on a brouter port Resolved Q01372515 OSPF virtual link is not supported in release 6 0 Any display for this feature is strictly informational Resolved Q01381116 For Release 5 0 ensure you set LACP time...

Page 28: ...ss it may produce unpredictable results Resolved Q01246853 You may receive an error message when performing TDR tests using cable lengths greater than 60 m Resolved Q01927798 You cannot change the management VLAN after the switch or stack IP address is assigned in Layer 2 mode Resolved Nortel Ethernet Routing Switch 5000 Series Release Notes Release 6 0 NN47200 400 04 01 Standard 6 0 12 December 2...

Page 29: ...ure FAI on VR instances set the FAI to 600 ms or higher In general for a large number of VRRP instances Nortel recommends that you use a higher advertisement interval Q01309758 If LACP is enabled on a port that you configure as a Nortel SNA uplink port the switch does not allow you to disable LACP on that port Q01319650 When you have VRRP and traps enabled OSPF convergence may slow down Q01334543 ...

Page 30: ... configured using the CLI JDM and the Web interface Note that the CI allows you to configure only six of the 32 MLT groups Q01379149 You must ensure you set the same speed on link partners That is if the speed for a port is set to 10 Mbps any device connected to that port for example an IP phone must also be running at 10 Mbps Q01380260 You may experience an inconsistency between the base unit BU ...

Page 31: ...it or change the ports status for a stack down up Q01622383 MLT Mac sec Traffic does not recover after reboot on a MLT with mac sec enable until you reboot the standalone Q01618770 To upgrade the SSH from Rel 4 x x to Rel 5 1 you must first upgrade to 5 0 Use the following procedure to upgrade from Rel 4 x x to Rel 5 1 1 Upgrade the agent image from Rel 4 xx to Rel 5 0 2 Upgrade the diag image to ...

Page 32: ...switches to the same network or end device PC or workstation through non SMLT SLT ports When non SMLT SLT ports are connected together on the same VLAN with the IST ports it creates a loop in the network To prevent a loop always assign non SMLT SLT ports to different VLANs For instance if switches A and B are both SMLT aggregation switches and ports 5 on both switches are non SMLT SLT ports and yo...

Page 33: ...s for the funcmac addr parameter When an ASCII configuration file uploaded from a switch running Agent v5 0 0 is downloaded to a switch running Agent v5 1 0 an error Configuration script execution Failed is generated if the vlacp port ALL funcmac addr command in the file is applied to a multicast address After you upgrade the agent from Agent v5 0 0 to Agent v5 1 0 any multicast MAC address previo...

Page 34: ...01736807 To confirm that there are sufficient filter or mask resources available for you to enable IPSG use the show qos diag command to display the filter and mask resource use by a port that is a member of a QoS interface group The number of QoS plus nonQoS masks cannot exceed a total of 15 for each port as there are only 15 available masks on the DUT Also the number of QoS plus nonQos rules can...

Page 35: ...ks all IPs that are not allowed The switch does not show which IP was dropped Q01653932 When you enable IPSG on a list of ports it is enabled one port at a time In addition IPSG will try to setup IP filters with binding entries currently defined for the port In the case of a trunk DHCP binding entries are defined only for the first member of the trunk Workaround Once you enable IPSG on all trunk p...

Page 36: ... After a restart pluggable module information may intermittently display incorrectly through the Console Interface or NNCLI when you view it from another unit in the stack Q01925298 If you try to set a static router port as a Port Monitor from the NNCLI the setting does not save and an error occurs Workaround Use the Port Mirroring menu in the Console Interface Q01915680 You cannot capture SLPP PD...

Page 37: ...IP phone may be displayed as Red after the SNAS reconnects to the switch Q01877773 01 Q01879130 01 For a client that uses a DHCP assigned address If the IP address is assigned while the client is in FO VLAN that address will continue to be used by client until the lease time expires even if during this time the client moves to another NSNA VLAN which requires a new IP address be assigned to client...

Page 38: ...P authentication enabled behind IP phones that are discovered through ADAC the authentication process may fail after stack restart Workaround Disable EAP reboot the stack and then re enable EAP Q01906093 If you upload the ASCII configuration file from the switch with the front panel UI button it may result in a software exception Use a different user interface to upload the ASCII configuration Q01...

Page 39: ...t the stack some NSNA MAC authenticated devices in the green VLAN or green filter may remain with a red IP although the VLAN is green Run the shutdown no shutdown command to resolve the issue Q01865091 NSNA static MAC authenticated clients may not be re authenticated on Base unit after it is restarted Q01440362 If you use DHCP relay on multiple hops Nortel recommends that you configure the DHCP fo...

Page 40: ...the port of the L3 ingress traffic is on the same ASIC with an active trunk member Q01893913 In the PIM mroute table the number of S G entries displayed may exceed the number of supported entries when scaling beyond the supported limits Q01901336 The switch cannot forward multicast traffic through Non Local Static Routes The switch does forward multicast traffic through other route types such as a...

Page 41: ...e value from the MIB Browser tool Q01953968 In a standalone ERS5632FD unit or stack that contains an ERS5632FD unit if the system uses 10 G ports in an MLT configuration do not enable DHCP snooping globally If you enable DHCP globally it could cause the unit to restart If you use this configuration upgrade the stack to the maintenance software release 6 0 1 from the Technical Support site at www n...

Page 42: ... Routing Switch 5000 Series considerations Item Description 1 Some terminal programs can cause the Console Interface to crash if you enter a RADIUS secret containing the character k The issue has been reproduced using Tera Term Pro version 2 3 as well as Minicom version 2 1 on a Linux system 2 Nortel recommends that you avoid using MAC security on a trunk MLT 3 Failed attempts to log in using TACA...

Page 43: ...38 TRP G1H7BC590N4 AA1419039 TRP G1H7BC610N4 AA1419040 7 While downloading the image file you may receive the following error message Error reading image file Workaround Typically this issue can be resolved by simply restarting the image download If this does not resolve the issue Nortel recommends that you try an alternate method to download the image to the switch that is the Web Interface 8 Whe...

Page 44: ...ormed if there has been no intervention to remove disable the ports participating in the IST Therefore Nortel recommends that upon receiving the first trap that the administrator begin to manually disable that feature and ensure that any cabling loop is removed 11 When you configure IPFIX to work with NetQoS Nortel recommends that you disable the SNMP polling by NetQoS device To do this remove the...

Page 45: ...ach unit That means that port 129 is unit 2 port 1 At the SNAS for 6 0 stacks or switches use switch_type ERS5500 If you restart the switch or stack after the stack is up and stable SNAS may display incorrect unit and port numbers with a 64 offset instead of a 128 offset This is only a display issue and the unit and port numbers are correct at the switch To correct the display at the SNAS disable ...

Page 46: ...MP Non QoS 2 10 Port Mirroring MAC based Non QoS 2 2 EAP Authetication EAPoL packet filter Non QoS 1 1 BaySecure ERS5520 30 only Non QoS 1 32 EAP MHMA Allowed Clients 5520 30 Non QoS 1 32 IPFix Non QoS 1 1 QoS Interface Applications QoS 17 17 NSNA MAC Intruder Non QoS 1 32 NSNA R Y G filters QoS 5 8 ADAC Non QoS 1 1 RIP Non QoS 1 1 UDP Bcast Non QoS 1 1 VRRP Non QoS 1 3 OSPF Non QoS 1 3 IP Source ...

Page 47: ...ving 15 available masks and 127 available filters for QoS and other non QoS applications to configure dynamically On the Ethernet Routing Switch 5600 Series switches the resources are shared across group of ports Each group of ports has 16 masks and 256 filters available for each mask By default the system statically consumes one mask and one filter for ARP filtering on all ports leaving 15 availa...

Page 48: ...or a specific mask determine the available filters for that mask for all ports from that group On the Ethernet Routing Switch 5600 Series switches you can determine the number of the filters available for a mask from a group of ports by adding the total number of QoS and Non QoS filters in use and subtracting that number from 256 If the number of filters in use for a mask is equal to 256 that mask...

Page 49: ...mask and 11 filters To verify that IP Source Guard can be enabled on port 5 you can view the show qos diag output display and determine that port 5 is currently using a total of 4 masks QoS plus non QoS IP Source Guard uses the next available mask and from the output display you can see that there are 256 filters available for mask 14 Nortel Ethernet Routing Switch 5000 Series Release Notes Releas...

Page 50: ... before enabling IP Source Guard on port 5 Figure 3 show qos diag before Figure 4 show qos diag before continued The following figures show the show qos diag display after enabling IP Source Guard on port 5 Nortel Ethernet Routing Switch 5000 Series Release Notes Release 6 0 NN47200 400 04 01 Standard 6 0 12 December 2008 Copyright 2008 Nortel Networks ...

Page 51: ...vice DoS attacks Xmas TCP SynFinScan TCP FtpPort and TCP DnsPort Due to the lack of filter resources i e masks to enable the QoS Interface Security application as a whole you can select individual security applications This application only runs on the Ethernet Routing Switch 5500 Series switches The following table summarizes the mask and filter resource requirements for individual QoS Interface ...

Page 52: ...ofing Prevention 5 5 DHCP Snooping 1 1 DHCP Spoofing Prevention 2 2 DoS SQL Slam 1 1 DoS Nachia 1 1 DoS Xmas 1 1 DoS TCP SynFinScan 1 1 DoS TCP FtpPort 2 2 Dos TCP DnsPort 2 2 QoS BPDU blocker interface 1 1 Nortel Ethernet Routing Switch 5000 Series Release Notes Release 6 0 NN47200 400 04 01 Standard 6 0 12 December 2008 Copyright 2008 Nortel Networks ...

Page 53: ......

Page 54: ...vide feedback or report a problem in this document go to www nortel com documentfeedback Sourced in Canada and the United States of America The information in this document is subject to change without notice Nortel Networks reserves the right to make changes in design or components as progress in engineering and manufacturing may warrant Nortel Nortel Networks the Nortel logo and the Globemark ar...

Reviews: