background image

6

Patch Release Note

Patch 86222-22 for Software Release 2.2.2

C613-10319-00 REV U

Features in 86222-20

Patch file details for Patch 86222-20 are listed in Table 3:

Patch 86222-20 includes all issues resolved and enhancements released in 
previous patches for Software Release 2.2.2, and the following enhancements:

The IGMP specific query sent by the router/switch now contains the correct 
default response time of 1 second. Also,

 ifOutOctets

 in the VLAN interface 

MIB now increments correctly. 

If a port did not belong to an ethernet interface, or was not directly 
connected to the seed port it could not receive advertised router numbers. 
This issue has been resolved.

When an interface went down (or was disabled) on an AS border router, the 
external routes were not removed from the routing domain. Such routes are 
now removed by premature aging.

 

Proxy Arp can now be used on VLAN interfaces.

A fatal error sometimes occurred if a TCP session originating on the public 
side of the firewall sent packets before the session was established with the 
host on the private side of the firewall. This issue has been resolved.

Some FTP packets handled by the firewall were forwarded with incorrect 
sequence numbers, causing FTP sessions to fail. This issue has been 
resolved.

When passing 64-bit counters in an SNMP packet, only the lower 32 bits 
were passed. Now the full 64 bits of the counter will be returned if all are 
required.

When a TCP RST/ACK was received by a firewall interface, the packet that 
was passed to the other side of the firewall lost the ACK flag, and had an 
incorrect ACK number. This issue has been resolved.

Table 3: Patch file details for Patch 86222-20.

Base Software Release File

86s-222.rez

Patch Release Date

23-Aug-2002

Compressed Patch File Name

86222-20.paz

Compressed Patch File Size

397708 bytes

PCR: 01226

Module: IGMP

Network affecting: Yes

PCR: 01270

Module: APPLE

Network affecting: No

PCR: 01285

Module: OSPF

Network affecting: No

PCR: 02024

Module: IPG

Network affecting: No

PCR: 02122

Module: FIREWALL

Network affecting: No

PCR: 02128

Module: FIREWALL

Network affecting: No

PCR: 02150

Module: CORE, SNMP

Network affecting: No

PCR: 02158

Module: FIREWALL

Network affecting: No

Содержание Rapier Series

Страница 1: ...m www alliedtelesyn co nz documentation documentation html AR800 Series Modular Switching Router Documentation Set for Software Release 2 2 1 available on the Documentation and Tools CD ROM packaged with your switching router or from www alliedtelesyn co nz documentation documentation html WARNING Using a patch for a different model or software release may cause unpredictable results including dis...

Страница 2: ...isible with a SHOW FFILE command During compaction if the amount of free space was less than two erase blocks including the spare erase block the file system erroneously reported that a large amount of space was available for a new file due to an underflow problem When a new file was written it would corrupt existing data If the file system was completely full and the deletion of a single file led...

Страница 3: ...now shows the number of trigger activations for the Upmaster and Downmaster triggers DHCP RENEW request messages are now unicast as defined in the RFC not broadcast If a problem occurred with NVS some critical files were lost As a result the equipment was forced to load only boot ROM software at boot time This patch combined with the new version of the boot ROM software pr1 1 2 0 for the AR700 ser...

Страница 4: ...ded for the reserved IP address This issue has been resolved Features in 86222 21 Patch file details are listed in Table 2 Patch 86222 21 includes all issues resolved and enhancements released in previous patches for Software Release 2 2 2 and the following enhancements Locally generated ICMP messages that were passed out through a firewall interface because they were associated with another packe...

Страница 5: ...ere corrupted This issue has been resolved IGMP failed to create an automatic IGMP membership with no joining port when it received multicast data that no ports were interested in when IP TimeToLive was set to 1 second Also IGMP erroneously sent a query on an IGMP enabled IP interface even when IGMP was disabled These issues have been resolved In the ADD SWITCH L3FILTER command the EPORT parameter...

Страница 6: ...sent packets before the session was established with the host on the private side of the firewall This issue has been resolved Some FTP packets handled by the firewall were forwarded with incorrect sequence numbers causing FTP sessions to fail This issue has been resolved When passing 64 bit counters in an SNMP packet only the lower 32 bits were passed Now the full 64 bits of the counter will be r...

Страница 7: ... Static DHCP entries now return to the correct state when timing out DHCP entry hashes now have memory protection to prevent fatal errors DHCP client now retransmits XID correctly Lost OFFER messages on the server are now handled correctly The DHCP server now correctly handles DHCP clients being moved to a different interface on the DHCP server after they ve been allocated an IP address Responses ...

Страница 8: ...l value The entry now shows the CPU s port value Sometimes the Firewall erroneously used NAT This issue has been resolved A dual Ethernet router was incorrectly accepting an IP address from a DHCP server when the offered address was on the same network as the other Ethernet interface An error is now recorded when DHCP offers an address that is in the same subnet as another interface When a n LF ch...

Страница 9: ... fix synchronisation of the software forwarding database with the hardware table Some routes were not added into the OSPF route list and therefore were not added into the IP route table This issue has been resolved The CREATE CONFIG command did not save the SOURCEPORT parameter to the configuration file when the low value of the source port range was set to zero This issue has been resolved Existi...

Страница 10: ... with the best metric This issue has been resolved Also when the two equal cost routes were on the same IP interface but to different next hops the router sent the packets to the wrong MAC address This issue has been resolved STP always transmits untagged packets If a port does not belong to a VLAN as an untagged port then the port must belong to one VLAN as a tagged port In this case STP should t...

Страница 11: ... been added The trap is triggered when a DHCP request cannot be satisfied The gateway address and the interface address are sent as trap variables The range table shows which range was exhausted A debug variable swiDebugBroadcomParityErrors has been added to the SWI module MIB to count the SDRAM parity errors in the packet memory of the Broadcom switch chip Packets traversing in and out of the sam...

Страница 12: ...n the mean time This patch also improves the performance of flow cache updates If the FILE module was required to re write a file the existing file would be deleted before the size of the new file was known This issue has been resolved OSPF virtual links running across a single network segment would accept 0 0 0 0 as the next hop address This was inherited by derivative routes making them unusable...

Страница 13: ...is section of memory and misinterpreted the result as a low Vpp voltage Also errors occurred during FLASH compaction These issues have been resolved Features in 86222 16 Patch file details for Patch 86222 16 are listed in Table 6 Patch 86222 16 includes all issues resolved and enhancements released in previous patches for Software Release 2 2 2 and the following enhancements The SET SWITCH L3 FILT...

Страница 14: ...configuration of other ports was corrupted This issue has been resolved The TickTimer ran one percent slower than it should have This issue has been resolved Static ARPs can now be added to tagged vlans When an IP flow table contained the IP flow structure for a spoofed packet the SHOW IP FLOW command would crash when executed This issue has been resolved PCR 02099 Module DHCP Network affecting No...

Страница 15: ...02011 in Patch 12 sometimes caused a fatal error This issue has been resolved The SHOW IP ROUTE FILTER command output displayed counters for passes and include that were the same This issue has been resolved Counters now increment only when a filter is active and do not count interface routes PCR 02019 permitted the reception of packets by the CPU that should have been discarded This issue has bee...

Страница 16: ...e not correctly decremented This issue has been resolved If a layer 3 hardware filter for a particular packet type e g Netbeui was configured all IP packets destined for the CPU were discarded This issue has been resolved Features in 86222 12 Patch file details for Patch 86222 12 are listed in Table 10 Table 10 Patch file details for Patch 86222 12 Patch 86222 12 includes all issues resolved and e...

Страница 17: ... OSPF packets higher priority to expedite OSPF convergence A new feature permits hardware filtering by the Rapier family based on the Ethernet frame type The TYPE parameter TYPE 802 ETHII SNAP has been added to the following commands ADD SWITCH L3FILTER ENTRY ADD SWITCH L3FILTER MATCH SET SWITCH L3FILTER ENTRY SET SWITCH L3FILTER MATCH SHOW SWITCH L3FILTER A physical port could not be re enabled o...

Страница 18: ...e PPP default of 1500 to 1492 This issue has been resolved IGMP did not send the Start Up Query and the Other Querier Present Timer did not change the Time Out value accordingly if Query Interval was changed IGMP did not notify other registered parties PIM and DVMRP when a port was deleted from a membership group IGMP reported a membership leave to other parties while it was still waiting for a re...

Страница 19: ... enhancements When a Rapier CPU was handling a large amount of traffic and a busy egress port went down it was possible for the transmission of packets by the CPU to cease This issue has been resolved When trunking was in operation in some instances the switch transmitted tagged packets on untagged trunk ports This issue has been resolved When a switch port was forced to half duplex mode and the l...

Страница 20: ... STP forwarding is enabled all STP forwarding is ignored and all BDPUs received on a port are forwarded on all other ports The switch now delays sending link traps immediately after a restart to give the link to the trap host time to come up A similar change has been made for the cold start trap After a 10s delay all interfaces which are UP have a link trap generated for them After that link traps...

Страница 21: ... was not possible to select the T1 mode of operation regardless of the jumper setting This issue has been resolved A fatal error occurred when the firewall discarded disallowed multicast packets This issue has been resolved Features in 86222 08 Patch file details for Patch 86222 08 are listed in Table 14 Patch 86222 08 includes all issues resolved and enhancements released in previous patches for ...

Страница 22: ...rrectly handles request messages containing request list options not supported by the router The router would accept TCP sessions with destination address the same as the subnet broadcast address for one of the router s interfaces Firewall generated packets destined for a subnet broadcast address on one of the routers interfaces would cause a fatal error These issues have been resolved A watchdog ...

Страница 23: ...ation conforms to RFC 1541 ISAKMP quick mode exchanges are now committed if any traffic is received over the newly generated SA This improves stability in very lossy networks where the commit message may get lost ISAKMP debugging caused a fatal error when the debugging mode was set to ALL and PFS was enabled This issue has been resolved PPPoE interfaces with IDLE set to ON would not retry active d...

Страница 24: ...essage in the message age of the BDPU it transmitted Also the message age of the message transmitted BDPU could be less than that of the received BDPU which contravenes IEEE 802 3d This issue has been resolved Reception of incorrectly tagged packets was causing corruption of the ARL table eventually causing the switch to lock up This issue has been resolved Tagged packets with invalid VLAN identif...

Страница 25: ...ase 2 2 2 and the following enhancements The power supply voltages of the base board PHYs on a Rapier G6 are controlled by a PHY register value which was incorrectly set This issue has been resolved In PIM Dense Mode if a data stream started before PIM hello messages were exchanged the receiver did not get the data stream This issue has been resolved The Rapier G6 base ports sometimes experienced ...

Страница 26: ...rom a configuration script are now processed correctly A fatal error occurred if an IPv6 interface was deleted while packets were being transmitted The number of current interfaces was not being updated correctly when a new IPv6 interface was added As a result after multiple additions and deletions no more IPv6 interfaces could be added These issues have been resolved The CREATE CONFIG command now...

Страница 27: ...resolved Features in 86222 04 Patch file details for Patch 86222 04 are listed in Table 18 Patch 86222 04 includes all issues resolved and enhancements released in previous patches for Software Release 2 2 2 and the following enhancements Message protection validation failures would occur intermittently This issue has been resolved ISAKMP now interoperates with other vendor s products in aggressiv...

Страница 28: ... been resolved RSA encryption is now periodically suspended to ensure other processes get some CPU time during large RSA calculations The CREATE ISAKMP command now checks that the key specified by the LOCALRSAKEY parameter actually exists in the ENCO module The INTERFACE parameter of the CREATE TRIGGER and SET TRIGGER commands now supports Ethernet interfaces Ethernet interface events can now gene...

Страница 29: ... corrected The VALID parameter specifies the life of the address and defaults to INFINITE The address is deleted when the lifetime expires The PREF parameter specifies the time that the address is the preferred address of the interface and defaults to INFINITE PREF must be less than or equal to VALID IPV6 now checks and ensures that if either PREF or VALID is specified PREF is less than or equal t...

Страница 30: ...are Release 2 2 2 C613 10319 00 REV U Availability Patches can be downloaded from the Software Updates area of the Allied Telesyn web site at www alliedtelesyn co nz support updates patches html A licence or password is not required to use a patch ...

Отзывы: