Allied Telesis 86251-05 User Manual
Size:
232.8 Kb
Download

Patch Release Note

Patch 86251-05

For Rapier Switches and AR800 Series

Modular Switching Routers

Introduction

This patch release note lists the issues addressed and enhancements made in patch 86251-05for Software Release 2.5.1 on existing models of Rapier L3 managed switches and AR800 Series L3 modular switching routers. Patch file details are listed inTable 1.

Table 1: Patch file details for Patch 86251-05.

Base Software Release File

86s-251.rez

 

 

Patch Release Date

15-May-2003

 

 

Compressed Patch File Name

86251-05.paz

 

 

Compressed Patch File Size

320764 bytes

 

 

This release note should be read in conjunction with the following documents:

Release Note: Software Release 2.5.1 for Rapier Switches, and AR800 Series Modular Switching Routers (Document Number C613-10354-00Rev A) available fromwww.alliedtelesyn.co.nz/documentation/documentation.html.

Rapier Switch Documentation Set for Software Release 2.5.1 available on the Documentation and Tools CD-ROMpackaged with your switch, or fromwww.alliedtelesyn.co.nz/documentation/documentation.html.

WARNING: Using a patch for a different model or software release may cause unpredictable results, including disruption to the network. Information in this release note is subject to change without notice and does not represent a commitment on the part of Allied Telesyn International. While every effort has been made to ensure that the information contained within this document and the features and changes described are accurate, Allied Telesyn International can not accept any type of liability for errors in, or omissions arising from the use of this information.

Simply connecting the world

2

Patch Release Note

Some of the issues addressed in this Release Note include a level number. This number reflects the importance of the issue that has been resolved. The levels are:

Level 1 This issue will cause significant interruption to network services, and there is nowork-around.

Level 2 This issue will cause interruption to network service, however there is awork-around.

Level 3 This issue will seldom appear, and will cause minor inconvenience.

Level 4 This issue represents a cosmetic change and does not affect network operation.

Features in 86251-05

Patch 86251-05includes all issues resolved and enhancements released in previous patches for Software Release 2.5.1, and the following enhancements:

PCR: 02583

Module: FIREWALL

Level: 2

UDP packets passed through the firewall by a reverse enhanced NAT rule were getting an incorrect IP checksum. This caused IP to discard the packets. This issue has been resolved.

PCR: 03059

Module: FIREWALL

Level: 2

SMTP proxy was falsely detecting third party relay under some

 

circumstances. This issue has been resolved.

 

PCR: 03095

Module: DHCP

Level: 2

DHCP policies are no longer stored in alphabetical order in the DYNAMIC

CONFIGURATION script because this did not work when the DHCP

INHERIT parameter was used.

PCR: 03148

Module: IPG

Level: 3

If the Gratuitous ARP feature was enabled on an IP interface, and an ARP packet arrived, (either ARP request, or reply) that had a Target IP address that was equal to the SenderIP address, then the ARP cache was not updated with the ARP packet’s source data. This issue has been resolved.

PCR: 03177

Module: IPG

Level: 3

Deleting an IP MVR group range would only delete the last IP address of the range from the multicast table, not the entire range. This issue has been resolved.

PCR: 03199

Module: IPV6

Level: 3

RIPng was receiving invalid routes and packets. This issue has been resolved.

PCR: 03241

Module: FIREWALL

Level: 3

When deleting a list associated with a policy, all rules were being deleted.

Now only the rules associated with the policy and list are deleted.

Patch 86251-05for Software Release 2.5.1C613-10356-00REV F

Patch 86251-05For Rapier Switches and AR800 Series Modular Switching Routers

3

PCR: 03270

Module: SWI

Level: 3

The inter-packetgap has been reduced by 4 bytes on the Rapier 48i stacking link. This allows fornon-blockingoperation with tagged packets.

PCR: 03299

Module: IKMP

Level: 2

Under some circumstances, ISAKMP suffered a fatal error if more than 8 SA proposals were presented. This issue has been resolved.

PCR: 03314

Module: SWI

Level: 2

Layer 3 filters that matched TCP or UDP port numbers were being applied to the second and subsequent fragments of large fragmented packets. This issue has been resolved.

PCR: 03354

Module: FIREWALL

Level: 3

The SET FIREWALL POLICY RULE command was not accepting the value 24:00 (midnight) for the BEFORE parameter. This issue has been resolved.

PCR: 03371 Module: DHCP

Level: 3

A minimum lease time can no longer be specified when creating a DHCP policy. This complies with RFC 2131.

PCR: 03383

Module: IPG

Level: 2

If there were a large number of routes in the route table, and the SHOW IP ROUTE command was executed, the device stopped operating. This issue has been resolved.

PCR: 03390

Module: HTTP

Level: 2

Occasionally a fatal error occurred when the GUI browser started or a page was refreshed. This issue has been resolved.

PCR: 03392

Module: IPSEC, IKMP

Level: 3

IPV4 is the default for the IPVERSION parameter in the CREATE IPSEC POLICY and CREATE ISAKMP POLICY commands. This default was unnecessarily displayed in the SHOW CONFIGURATION DYNAMIC command output. This issue has been resolved.

PCR: 03395

Module: BGP

Level: 3

The amount of time that BGP peers ‘back off’ for after changing from the ESTABLISHED state to the IDLE state has been changed. Previously, this ‘back off‘ time grew exponentially and never decayed. The ‘back off‘ time is now always one second.

PCR: 03396

Module: ETH

Level: 3

Some memory was lost on the AT-AR022ETH PIC when hotswapping. This issue has been resolved.

PCR: 03400

Module: SSL

Level: 3

Sometimes SSL did not allow its TCP session to close properly. This happened if the Fin packet was notpiggy-backedon a data packet, or if the SSL Handshake was never completed with the far end. This meant that the closingAlert was not sent, so the session could not close. Also, SSL leaked memory when it received invalid SSL records. These issues have been resolved.

Patch 86251-05for Software Release 2.5.1C613-10356-00REV F

4

Patch Release Note

PCR: 03402

Module: IPG

Level: 2

IP routes deleted from the route cache occasionally caused a fatal error. This issue has been resolved.

PCR: 03405 Module: STREAM

Level: 2

The reconnection to the stream printing TCP port failed after a single successful connection was made. This issue has been resolved.

PCR: 03407

Module: IPG

Level: 3

The default for the PROXYARP parameter in the SET IP INTERFACE command for a VLAN interface was OFF. The default is now ON.

PCR: 03410 Module: VLAN, CORE

Level: 3

If a patch was running with a major software release, after a VLAN was added at the command line, the VLAN was not shown as UP. This issue has been resolved.

PCR: 03412

Module: FIREWALL

Level: 3

FTP data transfers did not succeed for some types of NAT. Also, the presence of flow control TCP flags meant that some TCP control packets were not recognised. These issues have been resolved.

PCR: 03413

Module: BGP

Level: 2

BGP was updated according to the most recently added route. BGP now updates to reflect the best available route, regardless of when it was added.

PCR: 03415

Module: FIREWALL

Level: 2

When using a policy routing rule, the firewall did not translate the source

IP address of a broadcast packet correctly. This issue has been resolved.

PCR: 03416

Module: SWI

Level: 3

Previously, the ADD SWITCH L3FILTER MATCH command was accepted if the TYPE parameter was not specified. This command now requires the TYPE parameter, and an error message will be returned if the TYPE parameter is not specified.

PCR: 03424 Module: DHCP

Level: 2

When static DHCP was set to the first IP address in a range, that range would stay in the Reclaim mode. This issue has been resolved.

PCR: 03426

Module: IPV6

Level: 3

If the valid and preferred lifetimes of an IPv6 address for a given interface were set to infinity, they were not included in the dynamic configuration. This issue has been resolved.

PCR: 03429 Module: SWI, VLAN

Level: 3

The SHOW VLAN command was displaying a port that did not exist. This issue has been resolved.

Patch 86251-05for Software Release 2.5.1C613-10356-00REV F

Patch 86251-05For Rapier Switches and AR800 Series Modular Switching Routers

5

PCR: 03430

Module: BGP

Level: 3

BGP traps were sent incorrectly when a BGP peer became Established, or moved into a lower state. This issue has been resolved.

PCR: 03432

Module: STP

Level: 2

STP settings were not retained when a port was deleted from the VLAN that the STP belongs to. This issue has been resolved.

PCR: 03436 Module: IP, DHCP

Level: 2

When the device was acting as a DHCP client and the DHCP server provided a gateway address, a statically configured default route was deleted and replaced with a default route with the provided gateway address. The correct behaviour is to only delete a dynamic default route in this situation. This issue has been resolved; the correct behaviour is now applied.

PCR: 03439

Module: IPX

Level: 3

The IPX traffic filter match counter was not incremented if a route was cached. This issue has been resolved.

PCR: 03441

Module: L2TP

Level: 2

PPP configured on a L2TP access concentrator (LAC) should be dynamic. If PPP was incorrectly configured to be static, the static PPP was destroyed when the L2TP tunnel was formed so that only the first connection succeeded. This issue has been resolved so that an L2TP tunnel is not created if the PPP is static.

PCR: 03443 Module: DHCP

Level: 3

When a DHCP entry expired while other DHCP entries in the range were in Reclaim mode, unnecessary ARP packets were generated causing an ARP storm. This issue has been resolved.

PCR: 03444

Module: FR

Level: 3

The CIR and CIRLIMITED parameter in the SET FRAMERELAY DLC command now regulates the behaviour of the transmission rate. Previously, the transmission rate did not reflect changes to the CIR setting if the new CIR was higher than the old CIR (provided that the new CIR is within the physical maximum of the network and the hardware), or changes to the CIRLIMITED setting if CIRLIMITED was turned ON then OFF. This issue has been resolved.

PCR: 03446

Module: SWI

Level: 3

After unplugging a fibre uplink cable and then plugging it back in, a short

Ping timeout occurred. This issue has been resolved.

PCR: 03450

Module: PIM, PIM6

Level: 2

Receiving PIM State Refresh messages now creates and/or maintains PIM forwarding information.

PCR: 03453

Module: FIREWALL

Level: 3

The dropped packets counter for the firewall was not incrementing correctly. This issue has been resolved.

Patch 86251-05for Software Release 2.5.1C613-10356-00REV F

6

Patch Release Note

PCR: 03454

Module: IPV6

Level: 3

Occasionally, removing the cable from an IPv6 interface caused the device to stop responding. This issue has been resolved.

PCR: 03456

Module: PIM

Level: 2

A VLAN interface receiving a PIM Prune message on a port stopped forwarding multicast data to that port too early. This could cause multicast data to arrive after a PIMPrune, so an override PIMJoin message was not sent, leading to a loss of multicast data. This issue has been resolved.

PCR: 03457

Module: OSPF

Level: 2

Disabling OSPF caused a fatal error if there was a large routing table. This issue has been resolved.

PCR: 03459

Module: IPV6

Level: 2

A fatal error sometimes occurred when packets were forwarded via an IPv6 interface, and IPv6 flows were disabled. This issue has been resolved.

PCR: 03461

Module: IPG

Level: 3

The ENABLE IP MVR DEBUG=ALL command was erroneously shown in the output of the SHOW CONFIG DYNAMIC=IP command. This SHOW output no longer includes the ENABLE IP MVR DEBUG=ALL entry.

PCR: 03462

Module: PIM, PIM6

Level: 3

PIM Graft andGraft-Ack counters were not incrementing. This issue has been resolved.

PCR: 03465 Module: DHCP

Level: 3

The IPMTU parameter in the ADD DHCP POLICY command was accepting values in the range 0-4294967295.This parameter now accepts values in the correct range of579-65535.

PCR: 03463

Module: PIM, PIM6

Level: 3

PIM-SMNull register messages did not update the register counter correctly, and did not triggerRegister debug messages. This issue has been resolved.

PCR: 03464

Module: PIM, PIM6

Level: 3

PIM-SMNull register messages fornon-PIM-SMdomain sources did not have theBorder bit set. This issue has been resolved.

PCR: 03467

Module: IPG

Level: 3

An invalid message appeared when the PORT parameter was specified for the ADD IP ROUTE command. This issue has been resolved.

PCR: 03471

Module: IPV6

Level: 2

A fatal error sometimes occurred when forwarding traffic over an IPv6 tunnel. This issue has been resolved.

Patch 86251-05for Software Release 2.5.1C613-10356-00REV F

Patch 86251-05For Rapier Switches and AR800 Series Modular Switching Routers

7

PCR: 03473

Module: PIM, PIM6

Level: 3

The SET LAPD MODE=NONAUTOMATIC command did not change the LAPD mode from automatic to non-automatic.This issue has been resolved.

PCR: 03474

Module: FIREWALL

Level: 3

The SMTP proxy did not correctly allow outgoing (private to public) SMTP sessions when the DIRECTION parameter was set to OUT or BOTH in the ADD FIREWALL PROXY command. This issue has been resolved.

PCR: 03475

Module: NTP

Level: 3

The PURGE NTP command did not change the UTC offset to the initialised value. This issue has been resolved.

PCR: 03476

Module: IPV6

Level: 3

RIPng was showing routes to interfaces that were DOWN as being UP. This issue has been resolved.

PCR: 03478

Module: PIM, PIM6

Level: 3

The message format for PIM-SMperiodic (*,*,RP)Join messages was incorrect when the message contained more than one joined RP address. This issue has been resolved.

PCR: 03484

Module: FIREWALL

Level: 3

The firewall was not denying an ICMP packet, even if ICMP Forwarding was disabled when using Standard NAT. This issue has been resolved.

PCR: 03492 Module: HTTP, LOAD

Level: 2

Some memory loss occurred when loading a file via HTTP. This issue has been resolved.

PCR: 03494

Module: BGP, FIREWALL

Level: 2

If the firewall was enabled when BGP was in use outgoing BGP data packets would have IP header errors and incorrect checksums. This problem has now been fixed.

PCR: 03497

Module: PIM, PIM6

Level: 2

In a network with an alternative path, if the link connected to the interface where a Candidate Rendezvous Point (CRP) advertised its RP candidacy was down, the CRP did not re-advertiseits RP candidacy on other available interfaces (the alternative path). This meant that the CRP did not update its PIM routes, which was necessary tore-establishthe PIM tree in order for multicast data to flow again. This issue has been resolved.

PCR: 03498

Module: SWI

Level: 3

The SHOW SWITCH FDB command showed a number of irrelevant entries.

This issue has been resolved.

Patch 86251-05for Software Release 2.5.1C613-10356-00REV F

8

Patch Release Note

PCR: 03502

Module: IPG

Level: 3

The ENTRY parameter from the ADD IP FILTER command was not included in the output of the SHOW CONFIG DYNAMIC command. This issue has been resolved.

PCR: 03513

Module: IPG

Level: 3

An enhancement allows for the creation of static IGMP group memberships that do not time out. For details on this feature, see “Static IGMP” on page 24.

PCR: 03515 Module: DHCP

Level: 3

DHCP was offering network and broadcast addresses to clients. This issue has been resolved.

PCR: 03517

Module: FIREWALL

Level: 3

An error was not returned if the SET FIREWALL POLICY RULE command was executed with PROTOCOL=1 when ICMP forwarding was turned on. This issue has been resolved so that an error is now displayed.

PCR: 03523

Module: FIREWALL

Level: 2

In some circumstances the checksum for the TCP header was set to zero.

This issue has been resolved.

PCR: 03526

Module: SWI

Level: 3

The Switch MIB did not show the correct dot1StpPriority value. This issue has been resolved.

PCR: 03531

Module: SWI

Level: 3

After creating a trunk group, the activity LEDs did not flash unless the configuration was used at reboot. This issue has been resolved so that the LEDs flash correctly whenever a trunk group is created.

PCR: 03468

Module: PIM

Level: 3

The source IP address in a PIM Register message was not the DR interface’s

IP address. This issue has been resolved.

PCR: 03533

Module: PIM

Level: 3

A forwarded PIM-DMstateRefresh message did not update the metric and preference values. This issue has been resolved.

PCR: 03535

Module: IPG

Level: 2

IGMP Query messages were not sent after IGMP was disabled and then reenabled. This issue has been resolved.

Patch 86251-05for Software Release 2.5.1C613-10356-00REV F