Patch Release Note
For Rapier Switches
This patch release note lists the issues addressed and enhancements made in patch
Table 1: Patch file details for Patch
Base Software Release File
Patch Release Date
Compressed Patch File Name
Compressed Patch File Size
This release note should be read in conjunction with the following documents:
■Release Note: Software Release 2.4.1 for Rapier Switches, (Document Number
■Rapier Switch Documentation Set for Software Release 2.4.1 available on the Documentation and Tools
WARNING: Using a patch for a different model or software release may cause unpredictable results, including disruption to the network. Information in this release note is subject to change without notice and does not represent a commitment on the part of Allied Telesyn International. While every effort has been made to ensure that the information contained within this document and the features and changes described are accurate, Allied Telesyn International can not accept any type of liability for errors in, or omissions arising from the use of this information.
Some of the issues addressed in this Release Note include a level number. This number reflects the importance of the the issue that has been resolved. For details on level numbers, please contact your authorised distributor or reseller.
Simply connecting the world
Patch Release Note
When more than two firewall policies were configured, an unexpected switch restart sometimes occurred. This issue has been resolved.
Dynamic Port Security allows for dynamic MAC address learning on a switch port. If a MAC address is unused for a period of time, it will be aged from the database of currently accepted MAC addresses. This allows the learning of new MAC addresses. Dynamic Port Security is useful because port security allows the number of devices that are connected to a particular switch port to be limited.
For more information on Dynamic Port Security, see “Dynamic Port
Security” on page 29 of this patch release note.
PIM join messages were being sent by a switch connected to an upstream and a downstream switch or router in the same VLAN when a multicast group had no members. This issue has been resolved.
The switch did not always advertise its preferred routes to destinations that were affected by flapping routes. In these conditions, a BGP network does not run efficiently. This issue has been resolved.
A switch port belonging to an enabled STP instance would not respond to ARP requests if the port had been disabled from STP operation. This prevented the flow of some types of traffic into affected switch ports. This issue has been resolved.
PCR: 03054 Module: TTY, TACPLUS
When a connection is made by Telnet, or directly through the ASYN port, a
TTY session is created with:
■an idle timeout time. The default idle time is zero, which means the TTY session will not time out if there is a lack of activity. If a TACACS+ server is configured on the switch, and the idle timeattribute value pair (AVP) is configured on the TACACS+ server and is received by the switch, the value of the idle time from the TACACS+ server is used to set the TTY session.
■a timeout of zero, which means that the TTY session will not time out. If a TACACS+ server is configured on the switch, and the timeoutattribute value pair (AVP) is configured on the TACACS+ server and received by the switch, the value of the timeout from the TACACS+ server is used to set the TTY session timeout. After the timeout period has elapsed, the user will either be disconnected by termination of their TTY connection (the default setting), or have their privilege level reduced to USER (the lowest privilege level). If the user’s privilege level is already at the lowest level, then the user will be disconnected by termination of their TTY connection. If the user’s privilege level is reduced, the TTY session timeout count is reset to its initial value.
PCR: 03056 Module: SSH Level: 3
During an SSH session between the switch and the Secure CRT client, the client did not receive a reply to its
PCR: 03064 Module: SNMP
The MIB objects ifTestTable andifRcvAddressTable were incorrectly included in the switch’s SNMP implementation. These have been removed.
When the TX cable was unplugged from a fibre port the operating status was incorrectly reported as UP. This issue has been resolved.
When BGP imported other route types, it would advertise routes that had nexthops of the BGP peers themselves. The BGP peers would reject these routes and close the peering session, thus preventing the exchange of routing information between BGP peers. This issue has been resolved.
The Import parameter of the ADD, SET, DELETE and SHOW BGP commands now has an INTERFACE type. INTERFACE routes were previously grouped with STATIC routes.
If the CREATE QOS POLICY command was executed with a range that had a number more than four characters long, for example, CREATE QOS
The SET USER command now requires the PASSWORD option if a PRIVILEGE is specified. This enables privilege levels to be lowered from a higher level (MANAGER, or SECURITY OFFICER), to USER.
An untagged packet would occasionally be sent on a tagged port. This issue has been resolved.
When PIM was enabled, IGMP snooping would occasionally work incorrectly. This issue has been resolved.
When interfaces with IGMP proxies were deleted, a software restart could sometimes occur. This issue has been resolved.
4 Patch Release Note
PCR: 03100 Module: DHCP Level:
DHCP was assigning incorrect IP addresses to clients when they moved from a relayed to a
Deriving the originating VLAN from incoming packets could, in some circumstances, cause a software restart. This issue has been resolved.
The PING command when executed with the LENGTH and PATTERN parameters could produce an ICMP echo packet with an incorrect ICMP checksum. This issue has been resolved.
When an IP packet with an invalid TOTAL LENGTH field was received by the CPU routing process, subsequent valid packets were dropped. This issue has been resolved.
Module: FR, PPP
The mechanism for freeing discarded packets in Frame Relay and PPP could, in some circumstances, cause a software restart. This issue has been resolved.
PCR: 03108 Module: MLDS
The DISABLE MLDS command appeared twice in configuration files. This issue has been resolved.
The ADD IP MVR command could cause a software restart. This issue has been resolved.
The ADD IP MVR command parameter GROUP now only accepts multicast addresses.
PCR: 03113 Module: DVMRP
With DVMRP configured, the switch did not forward multicast data to downstream interfaces on the same VLAN. This issue has been resolved.
PCR: 03114 Module: DHCP
DHCP clients that shifted between relayed ranges were not always recognised, and were occasionally allocated incorrect addresses. This issue has been resolved.
PCR: 03121 Module: DVMRP
Invalid DVMRP prune messages could cause a software restart. This issue has been resolved.
Adding a static ARP entry to a trunk group could cause a software restart.
This issue has been resolved.
PCR: 03123 Module: DHCP Level: 3
After sending a DHCP NAK in response to a client’s DHCP REQUEST with a bad lease time, the switch would fail to age out its corresponding DHCP OFFER entry. This issue has been resolved.
The switch would disassert the AIS, IDLE, LOF and LOS alarms if the defect conditions that had caused the alarm were disasserted, then reasserted before the alarms had been disasserted. This issue has been resolved.
When a static link local address was configured using the ADD IPV6 INT=xxx IP=yyy command, it was not reflected in the switch’s dynamic configuration. Consequently, the command would be absent from the switch’s configuration after CREATE CONFIG and switch RESTART commands were executed. This issue has been resolved.
The ADD BGP PEER command MAXPREFIX parameter now has a default of 24000, instead of OFF. Previously, with no maximum prefix checking by default, if the switch received a very large number of prefixes from a BGP peer, buffer exhaustion could result in a software restart.
The SHOW OSPF NEIGHBOUR command did not reflect a change made to the router priority on a dynamic OSPF interface of a neighbouring router. This issue has been resolved.
PCR: 03035 Module: OSPF
Link state advertisements could incorrectly show an area as a stub area. This happened during the time when a Direct Route (DR) was removed from a configuration and before a Direct Backup Route (BDR), or an Other Direct Route (Other DR) was elected. This issue has been resolved.
Module: IPG, SWI
The switch would flood DVMRP unicast messages to all ports in the VLAN.
This issue has been resolved.
ICMP packets originating from the switch used the wrong Equal Cost Multiple Path route. This issue has been resolved. Also, improvements have been made to ensure that the ICMP packet will be transmitted over the best available route. If the best route becomes unavailable, a new route will be found, if available, so that the ICMP packet continues to reach the destination address.
The ECPAC card was not working correctly. This issue has been resolved.