Allied Telesis 86222-27 User Manual
Patch Release Note
Patch 86222-27
For Rapier Switches
Introduction
This patch release note lists the issues addressed and enhancements made in
patch 86222-27 for Software Release 2.2.2 on existing models of Rapier L3
managed switches. Patch file details are listed in Table 1.
Table 1: Patch file details for Patch 86222-27.
Base Software Release File
Patch Release Date
Compressed Patch File Name
Compressed Patch File Size
This release note should be read in conjunction with the following documents:
■ Release Note: Software Release 2.2.2 for Rapier Switches, AR300 and
AR700 Series Routers, and AR800 Series Modular Switching Routers
(Document Number C613-10313-00 Rev A) available from
www.alliedtelesyn.co.nz/documentation/documentation.html
■ Rapier Switch Documentation Set for Software Release 2.2.1 available on
the Documentation and Tools CD-ROM packaged with your switch, or
from www.alliedtelesyn.co.nz/documentation/documentation.html
WARNING: Using a patch for a different model or software release may cause
unpredictable results, including disruption to the network. Information in this
release note is subject to change without notice and does not represent a
commitment on the part of Allied Telesyn International. While every effort has
been made to ensure that the information contained within this document and
the features and changes described are accurate, Allied Telesyn International
can not accept any type of liability for errors in, or omissions arising from the
use of this information.
86s-222.rez
13-June-2003
86222-27.paz
1036828 bytes
.
.
Simply connecting the world
2 Patch Release Note
Some of the issues addressed in this Release Note include a level number. This
number reflects the importance of the issue that has been resolved. The levels
are:
Level 1 This issue will cause significant interruption to network services, and
there is no work-around.
Level 2 This issue will cause interruption to network service, however there
is a work-around.
Level 3 This issue will seldom appear, and will cause minor inconvenience.
Level 4 This issue represents a cosmetic change and does not affect network
operation.
Features in 86222-27
Patch 86222-27 includes all issues resolved and enhancements released in
previous patches for Software Release 2.2.2, and the following enhancements:
PCR: 03501 Module: IPG Level: 1
A fatal error occurred when DNS relay received a query if the transaction
ID was zero. This issue has been resolved.
PCR: 03616 Module: IPG Level: 4
Three new commands have been added to enable and disable transmission
of the following ICMP messages: Network Unreachable, Host Unreachable, and
all Redirect messages.
The commands are:
DISABLE IP
ICMPREPLY[={ALL|NETUNREACH|HOSTUNREACH|REDIRECT}]
ENABLE IP
ICMPREPLY[={ALL|NETUNREACH|HOSTUNREACH|REDIRECT}]
SHOW IP ICMPREPLY
For details, see “Enable and Disable ICMP Messages” on page 40.
PCR: 03579 Module: IPG Level: 1
When IGMP memberships were created at layer 3 from multicast data,
sending an IGMP Membership Leave message incorrectly removed all ports
from the specified group. This issue has been resolved.
PCR: 03615 Module: LOAD Level: 3
Zmodem uploads to some terminal emulators did not succeed because the
16-bit checksum was incorrect. This issue has been resolved.
PCR: 03625 Module: STP, SWI Level: 4
The MIB object dot1dStpTimeSinceTopologyChange has been implemented to
record when a topology change is detected by the bridge.
Patch 86222-27 for Software Release 2.2.2
C613-10319-00 REV Z
Patch 86222-27 For Rapier Switches 3
Features in 86222-26
Patch file details are listed in Table 2:
Table 2: Patch file details for Patch 86222-26.
Base Software Release File
Patch Release Date
Compressed Patch File Name
Compressed Patch File Size
86s-222.rez
30-May-2003
86222-26.paz
1028794 bytes
Patch 86222-26 includes all issues resolved and enhancements released in
previous patches for Software Release 2.2.2, and the following enhancements:
PCR: 02498 Module: VLAN Network affecting: No
The correct protocol number is now returned by VLAN Relay.
PCR: 03172 Module: FIREWALL Level: 3
Telnet access from a public interface to another public interface was not
denied. This issue has been resolved.
PCR: 03241 Module: FIREWALL Level: 2
When deleting a list associated with a policy, all rules were being deleted.
Now only the rules associated with the policy and list are deleted.
PCR: 03412 Module: FIREWALL Level: 3
FTP data transfers did not succeed for some types of NAT. Also, the
presence of flow control TCP flags meant that some TCP control packets
were not recognised. These issues have been resolved.
PCR: 03415 Module: FIREWALL Level: 2
When using a policy routing rule, the firewall did not translate the source
IP address of a broadcast packet correctly. This issue has been resolved.
PCR: 03416 Module: SWI Level: 3
Previously, the ADD SWITCH L3FILTER MATCH command was accepted
if the TYPE parameter was not specified. This command now requires the
TYPE parameter, and an error message will be returned if the TYPE
parameter is not specified.
PCR: 03420 Module: IPG, SWI Level: 3
It is now possible to prevent specified ports from acting as IGMP all-group
ports, and specify which ports are allowed to behave as all-group entry
ports. This is enabled with the ENABLE IP IGMP ALLGROUP command,
and disabled with the DISABLE IP IGMP ALLGROUP command.
For details, see “IGMP Snooping All-Group Entry” on page 42.
Patch 86222-27 for Software Release 2.2.2
C613-10319-00 REV Z
4 Patch Release Note
PCR: 03438 Module: DHCP Level: 3
A warning message will now appear if the DESTROY DHCP POLICY
command is executed for a DHCP policy that has been used by one or more
policies as the source of their configuration information. A parent policy can
be destroyed with no affect on its child policies.
The new message is:
The destroyed policy <policy-name> has been used by another policy as a source of
configuration information.
PCR: 03446 Module: SWI Level: 3
After unplugging a fibre uplink cable and then plugging it back in, a short
Ping timeout occurred. This issue has been resolved.
PCR: 03457 Module: OSPF Level: 2
Disabling OSPF caused a fatal error if there was a large routing table. This
issue has been resolved.
PCR: 03458 Module: IPG Level: 3
The route information for ipRouteEntry of ipGroup in the MIB-II MIB was not
correct. This issue has been resolved.
PCR: 03465 Module: DHCP Level: 2
The IPMTU parameter in the ADD DHCP POLICY command was
accepting values in the range 0-4294967295. This parameter now accepts
values in the correct range of 579-65535.
PCR: 03475 Module: NTP Level: 3
The PURGE NTP command did not change the UTC offset to the initialised
value. This issue has been resolved.
PCR: 03482 Module: SWI Level: 3
When a Rapier using switch silicon received a multicast packet, the
ifOutError port counter was erroneously incremented. This issue has been
resolved.
PCR: 03484 Module: FIREWALL Level: 3
The firewall was not denying an ICMP packet, even if ICMP Forwarding
was disabled when using Standard NAT. This issue has been resolved.
PCR: 03496 Module: IPG Level: 2
Sometimes CPU utilisation reached its maximum limit when an IGMP
Membership Report was received. This issue has been resolved.
PCR: 03499 Module: IPG Level: 2
The SET TIME command caused an error on Refresh timers for IGMP
groups. This issue has been resolved.
PCR: 03506 Module: DHCP Level: 2
When receiving a request from a client in the Renewing state, the DHCP
server incorrectly added an ARP entry for that client’s IP address. Also, the
DHCP server allocated an entry while the entry was being reclaimed, and
this interrupted the reclaim process. These issues have been resolved.
Patch 86222-27 for Software Release 2.2.2
C613-10319-00 REV Z
Patch 86222-27 For Rapier Switches 5
PCR: 03526 Module: SWI Level: 3
The Switch MIB did not show the correct dot1StpPriority value. This issue
has been resolved.
PCR: 03531 Module: SWI Level: 3
After creating a trunk group, the activity LEDs did not flash unless the
configuration was used at reboot. This issue has been resolved so that the
LEDs flash correctly whenever a trunk group is created.
PCR: 03572 Module: STP Level: 3
The dot1dStpPortForwardTransitions value in the dot1dBridge MIB was not
incremented correctly when STP transitioned a port to the Forwarding state.
This issue has been resolved.
PCR: 03574 Module: STP Level: 3
The dot1dStpInfoTopChanges value in the dot1dBridge MIB was not
incremented correctly when a topology change was detected by the bridge.
This issue has been resolved.
PCR: 03576 Module: IPG Level: 2
When the device received a route from two separate sources to the same
destination network, RIP only used the metric value when selecting the best
route. RIP now selects the route by lowest preference value, or if they are the
same, by the metric.
Features in 86222-25
Patch file details are listed in Table 3:
Table 3: Patch file details for Patch 86222-25.
Base Software Release File
Patch Release Date
Compressed Patch File Name
Compressed Patch File Size
Patch 86222-25 includes all issues resolved and enhancements released in
previous patches for Software Release 2.2.2, and the following enhancements:
86s-222.rez
15-April-2003
86222-25.paz
443760 bytes
Patch 86222-27 for Software Release 2.2.2
C613-10319-00 REV Z
PCR: 02300 Module: Firewall Network affecting: No
If the command ADD FIREWALL POLICY RULE SOURCEPORT=ALL was
executed, a value of “65535” was incorrectly displayed for the
SOURCEPORT parameter for that rule in the SHOW FIREWALL POLICY
command. This issue has been resolved.
PCR: 02400 Module:
Network affecting: No
CORE,FFS,FILE,INSTALL,SCR
If a problem occurred with NVS, some critical files were lost. As a result, the
equipment was forced to load only boot ROM software at boot time. This
patch combined with the new version of the boot ROM software (pr1-1.2.0
for the AR700 series) resolves this issue.
6 Patch Release Note
PCR: 02530 Module: FIREWALL Network affecting: No
The GBLIP parameter in the ADD FIREWALL POLICY RULE
ACTION=NONAT command is optional. However, if the command was
executed without the GBLIP parameter set, the command erroneously
failed after a CREATE CONFIGURATION command was executed. This
issue has been resolved.
PCR: 03111 Module: FIREWALL Level: 1
TCP sessions could fail if the public side of the firewall was using Kerberos
and the private side had a very slow connection to the firewall. This issue
has been resolved.
PCR: 03134 Module: TCP Level: 2
When using the SET TELNET LISTENPORT command, a fatal error
sometimes occurred. This issue has been resolved.
PCR: 03135 Module: SWI Level: 2
The TYPE parameter in the SET SWITCH L3FILTER command was not
written to the script file correctly if MATCH was set to NONE. This issue
has been resolved.
PCR: 03143 Module: VRRP Level:
When the PRIORITY parameter in the SET VRRP command was changed,
it was not set correctly when a link was reset. This issue has been resolved.
PCR: 03145 Module: IPG Level: 4
The SET IP ROUTE FILTER command was not processing some parameters.
This issue has been resolved.
PCR: 03148 Module: IPG Level: 3
If the Gratuitous ARP feature was enabled on an IP interface, and an ARP
packet arrived, (either ARP request, or reply) that had a Target IP address
that was equal to the SenderIP address, then the ARP cache was not
updated with the ARP packet’s source data. This issue has been resolved.
PCR: 03160 Module: STP Level: 2
Executing the PURGE STP command caused fatal error. This issue has been
resolved.
PCR: 03171 Module: DVMRP, IPG Level: 3
DVMRP was erroneously forwarding packets to a VLAN with a
downstream neighbour. This issue has been resolved.
PCR: 03173 Module: CORE, NTP Level: 3
The default NTP polling interval was set to 64 seconds, not the correct
interval of 128 seconds. This issue has been resolved.
PCR: 03174 Module: IPG Level: 2
This PCR corrects issues that arose with PCR 02203. When the DNS request
forwarding queue failed to accept a new DNS request message (possibly
due to overloading), an attempt was made to close the UDP sessions for
both the primary and secondary name servers. This caused a restart if either
Patch 86222-27 for Software Release 2.2.2
C613-10319-00 REV Z
Patch 86222-27 For Rapier Switches 7
one of these servers did not exist, or the UDP session had failed to open.
This issue has been resolved.
PCR: 03180 Module: IPG Level: 3
If all 32 VLAN interfaces had IP addresses attached, only 31 VLANs could
be multihomed. Now all 32 VLAN interfaces with IP addresses can be
multihomed.
PCR: 03202 Module: CORE Level: 3
There are two sources of time kept in the device. The real time clock, and the
milliseconds since midnight (msSinceMidnight). The msSinceMidnight can
reach midnight slightly before the real time clock which means that the
value of the msSince Midnight is larger than the number of milliseconds in
a day. This meant that at midnight, the elapsed time since the time-to-live
value for the Firewall and IP-NAT TCP sessions appeared very large and
Firewall and IP-NAT sessions were prematurely aged out. This issue has
been resolved by pausing the msSince Midnight variable at midnight to
wait for the real time clock to catch up.
PCR: 03217 Module: DVMRP Level: 2
If a DVMRP interface was deleted and then added again, DVMRP routes
associated with this interface were not reactivated. This issue has been
resolved.
PCR: 03218 Module: DVMRP Level: 2
Some issues with DVMRP forwarding have been resolved.
PCR: 03236 Module: IPG Level: 3
IGMP queries were being sent after IGMP was disabled. This issue has been
resolved.
PCR: 03240 Module: OSPF Level: 2
A fatal error occurred when OSPF was under high load. This issue has been
resolved.
PCR: 03253 Module: FIREWALL Level: 2
Inbound TCP sessions through the firewall (e.g. Telnet and FTP) failed when
the PORT parameter was set to ALL in the SET FIREWALL POLICY RULE
command. This issue has been resolved.
PCR: 03255 Module: FIREWALL Level: 3
Patch 86222-27 for Software Release 2.2.2
C613-10319-00 REV Z
The firewall doubled the IPSPOOF event timeout from 2 minutes to 4
minutes. This issue has been resolved.
PCR: 03302 Module: SWI Level: 3
Following a period of high traffic load, the CPU utilisation would
occasionally fail to drop below 40%. This issue has been resolved.
PCR: 03314 Module: SWI Level: 2
Layer 3 filters that matched TCP or UDP port numbers were being applied
to the second and subsequent fragments of large fragmented packets. This
issue has been resolved.
8 Patch Release Note
PCR: 03332 Module: TTY Level: 2
A log message is now created when a user is forced to logout from an
asynchronous port when another user (i.e. someone connected via Telnet)
resets the asynchronous connection with the RESET ASYN command.
PCR: 03346 Module: SNMP Level: 4
Sometimes the Agent Address field in SNMP traps was not the same as the
IP source address. This meant that sometimes the NMS did not send an
alarm to the network manager when traps were received from switches.
This issue has been resolved.
PCR: 03368 Module: SWI Level: 2
Layer 2 packets transmitted out of the mirror port were being tagged
erroneously. This issue has been resolved.
PCR: 03378 Module: DHCP Level: 2
DHCP sometimes suffered a fatal error when a range of IP addresses was
destroyed. This issue has been resolved.
PCR: 03385 Module: FILE, INSTALL, SCR Level:
Critical files (prefer.ins, config.ins and enabled.sec) are now copied from NVS
to FLASH at boot time if they do not exist in FLASH, or if the NVS version
of the file is different from the FLASH version.
PCR: 03386 Module: SWI Level: 2
If the SET SWITCH L3FILTER MATCH command had nothing specified for
the IMPORT and EMPORT parameters, and there was an existing match
entry in the filter table, the new filter was not added correctly. Filter match
entries are now accepted regardless of the order in which they are entered
into the table.
PCR: 03388 Module: DHCP Level: 3
The DHCP lease Expiry time showed incorrectly in the SHOW DHCP
CLIENT command when the lease straddled across multiple months and
years. This issue has been resolved.
PCR: 03402 Module: IPG Level:
IP routes deleted from the route cache occasionally caused a fatal error. This
issue has been resolved.
Patch 86222-27 for Software Release 2.2.2
C613-10319-00 REV Z
Patch 86222-27 For Rapier Switches 9
Features in 86222-24
Patch file details are listed in Table 4:
Table 4: Patch file details for Patch 86222-24.
Base Software Release File
Patch Release Date
Compressed Patch File Name
Compressed Patch File Size
86s-222.rez
6-Mar-2003
86222-24.paz
433360 bytes
Patch 86222-23 includes all issues resolved and enhancements released in
previous patches for Software Release 2.2.2, and the following enhancements:
PCR: 02071 Module: NTP Network affecting: No
When a NTP packet was received from an NTP server (mode 4) the router
acted as a client, and sent a reply back to the server, but did not remove the
peer association. This meant that the Dynamic Peers list, viewed using the
SHOW NTP command, displayed incorrect dynamic peer associations. This
issue has been resolved.
PCR: 02202 Module: FIREWALL/IP NAT Network affecting: No
Previously, when Firewall or IP NAT was enabled, any fragmented IP
packets had to be reassembled so they could be processed. If the fragments
could not be reassembled, the packet was dropped. Reassembly could only
occur if the combined packet (IP header, and protocol header, and data) was
no more than 1800 bytes. An additional limit of no more than eight
fragments was also imposed. This PCR implements enhanced fragment
handling for Firewall and IP NAT. Each module can now be configured to
process fragmented packets of specified protocol types without needing to
reassemble the packet. The number of fragments a packet may consist of is
also configurable. This enhanced fragment handling is disabled by default.
Patch 86222-27 for Software Release 2.2.2
C613-10319-00 REV Z
To enable enhanced fragmentation for Firewall, use the command:
ENABLE FIREWALL POLICY=policy_name
FRAGMENT={ICMP|UDP|OTHER}
To enable enhanced fragmentation for IP NAT, use the command:
ENABLE IP NAT FRAGMENT={ICMP|UDP|OTHER}
To disable enhanced fragmentation for Firewall, use the command:
DISABLE FIREWALL POLICY=policy_name
FRAGMENT={ICMP|UDP|OTHER}
To disable enhanced fragmentation for IP NAT, use the command
DISABLE IP NAT FRAGMENT={ICMP|UDP|OTHER}
To configure the number of fragments permitted per packet for Firewall, use
the command:
SET FIREWALL FRAGMENT=8...50
To configure the number of fragments permitted per packet for IP NAT, use
the command:
SET IP NAT FRAGMENT=8...50
10 Patch Release Note
TCP has been excluded from this enhancement because TCP has the MSS
(Maximum Segment Size) parameter for segment size control. Also, for
PPPoE interfaces with a reduced MTU of 1492, a previous enhancement in
PCR 02097 ensures that TCP MSS values in sessions carried by a PPPoE
interface are clamped to a value that prevents fragmentation.
PCR 02116 Module: IPG PING Network affecting: No
When pinging to a remote IP address with two or more different cost routes,
if the preferred route became unavailable, the ping failed to switch to the
less preferred route until the ping was stopped and restarted. This issue has
been resolved.
PCR: 02371 Module: FIREWALL Network affecting: No
When the system time was set to a time that was before or significantly after
the current time, Firewall sessions were prematurely deleted. This issue has
been resolved.
PCR: 03011 Module: OSPF Network affecting: No
When the router priority was changed on a dynamic OSPF interface, the
new priority did not appear in the output of the SHOW OSPF NEIGHBOUR
command on neighbouring routers. The new priority only showed after the
RESET OSPF command was executed on the neighbouring routers. This
issue has been resolved.
PCR: 03026 Module: IPG Network affecting: No
After setting the IGMP query timer with the SET IP IGMP command, and
saving the configuration, the IGMP Other Querier timeout was not set to the
correct value after a restart. This issue has been resolved.
PCR: 03027 Module: DHCP Network affecting: No
Entries in the process of being reclaimed as static entries (and waiting for
the remote IP to become routable), were disrupting the reclaim process. This
prevented further entries from being reclaimed. DHCP static entries are
now fully subject to normal reclaim processing.
PCR: 03032 Module: SWI Network affecting: No
If the ENABLE IP IGMP command was executed before the ENABLE
SWITCH L3FILTER command, Layer 3 filtering did not discard packets
destined for the CPU. This issue has been resolved.
PCR: 03035 Module: OSPF Network affecting: No
Link state advertisements could incorrectly show an area as a stub area. This
happened during the time when a Direct Route (DR) was removed from a
configuration and before a Direct Backup Route (BDR), or an Other Direct
Route (Other DR) was elected. This issue has been resolved.
PCR: 03040 Module: IPG Network affecting: No
Sometimes IP flows were not deleted correctly when both directions of the
flow were in use. This issue has been resolved.
PCR: 03065 Module: SWI Level: 2
When the TX cable was unplugged from a fibre port the operating status
was incorrectly reported as UP. This issue has been resolved.
Patch 86222-27 for Software Release 2.2.2
C613-10319-00 REV Z
Patch 86222-27 For Rapier Switches 11
PCR: 03067 Module: DHCP Level: 1
When replying to a DHCP REQUEST that had passed through a DHCP
relay, the broadcast bit of DHCP NAK messages was not being set. This
issue has been resolved in accordance with RFC2131.
PCR: 03080 Module: DVMRP
DVMRP was not updating the downstream forwarding state correctly. This
issue has been resolved.
PCR: 03095 Module: DHCP Level: 2
DHCP policies are no longer stored in alphabetical order in the DYNAMIC
CONFIGURATION script because this did not work when the DHCP
INHERIT parameter was used.
PCR: 03122 Module: SWI Level: 2
When a static ARP was added to a trunk group, a software restart could
occur. This issue has been resolved.
Features in 86222-23
Patch file details are listed in Table 5.
Table 5: Patch file details for Patch 86222-23.
Base Software Release File
Patch Release Date
Compressed Patch File Name
Compressed Patch File Size
Patch 86222-23 includes all issues resolved and enhancements released in
previous patches for Software Release 2.2.2, and the following enhancements:
PCR: 02166 Module: FIREWALL Network affecting: No
Locally generated ICMP packets, such as unreachable messages, were not
passed out through public interfaces when the packet that caused the
message was not recorded by the firewall. This may occur, for example, if
the packet passed between two public interfaces. This issue has been
resolved.
86s-222.rez
16-Jan-2003
86222-23.paz
947772 bytes
Patch 86222-27 for Software Release 2.2.2
C613-10319-00 REV Z
PCR: 02491 Module: IPG Network affecting: No
The ARP cache is now updated when a gratuitous ARP request or reply
packet is received.
PCR: 02574 Module: DVMRP Network affecting: No
Some change actions, and the resending of prune messages were not
operating correctly. This issue has been resolved.
PCR: 02586 Module: CORE, FFS, FILE,
Network affecting: No
INSTALL, SCR
Reverses PCR 02400.
12 Patch Release Note
PCR: 02587 Module: OSPF Network affecting: No
When OSPF was enabled on startup, an OSPF interface would sometimes
stay in the DOWN state. This issue has been resolved.
PCR: 03012 Module: TTY Network affecting: No
Logging out from a Telnet session caused the switch to restart. This issue
has been resolved.
Features in 86222-22
Patch file details are listed in Table 6.
Table 6: Patch file details for Patch 86222-22.
Base Software Release File
Patch Release Date
Compressed Patch File Name
Compressed Patch File Size
86s-222.rez
12-Dec-2002
86222-22.paz
957598 bytes
PCR 02136 Module: FIREWALL Network affecting: No
The firewall was blocking outbound ICMP packets when the associated
private interface had a ‘deny all’ rule. The passing of ICMP packets should
be controlled by the ICMP_FORWARDING and PING parameters. This
issue has been resolved.
PCR 02184 Module: FFS FILE TTY Network affecting: No
This patch supersedes PCRs 02073, 02081, 02086 and 02105. In addition to
enhancements in the preceding PCRs, this PCR now also resolves the
following issues:
• If a compaction was started within 60ms of a file write commencing, the
file being written was placed in the wrong location in the file system.
This led to file corruption during subsequent compactions.
• If a file load occurred during compaction, an incomplete copy of the file
was loaded. The load also put the file into the wrong part of the file
system once the compaction had moved beyond the part of the file that
had been loaded.
• A fatal error occurred during compaction if a file was marked as deleted
when it was being transferred.
• Sometimes during compaction when the file system was erasing blocks
belonging to deleted files, one of the files was transferred rather than
deleted. However, its directory entry was deleted, so the file was not
visible with a SHOW FILE command but was visible with a SHOW
FFILE command.
• During compaction if the amount of free space was less than two erase
blocks (including the "spare" erase block), the file system erroneously
reported that a large amount of space was available for a new file due
to an underflow problem. When a new file was written it would corrupt
existing data.
Patch 86222-27 for Software Release 2.2.2
C613-10319-00 REV Z
Patch 86222-27 For Rapier Switches 13
• If the file system was completely full and the deletion of a single file led
to a compaction, the file system reported that it was continually
compacting. This was because it was repeatedly searching through a
linked list of file headers.
• A byte of data from FLASH was incorrectly returning the value 0xFF.
• When a file was renamed using upper case letters, the renamed file did
not appear in the file directory but did appear in FLASH. Also, if a
SHOW FFILE CHECK command was executed after renaming the file,
the file system would appear to hang. All file names must now be lower
case.
• Multiple TTY sessions could edit the same file. This caused
unpredictable behaviour when the TTY sessions closed the files.
A new command, SHOW FFILE VERIFY, has been added. This command
steps through the file system headers starting with file zero and finishing at
the end of the last reachable file. It then verifies that all FLASH locations
from the end of the last reachable file to the beginning of file zero are in an
erased state. Errors are reported as they are found.
PCR 02192 Module: IP Network affecting: No
The source IP address in DVMRP prune and graft messages was incorrect.
This issue has been resolved.
PCR: 02241 Module: FIREWALL Network affecting: No
Firewall subnet NAT rules were not working correctly from the private to
the public side of the firewall. Traffic from the public to private side
(destined for subnet NAT) was discarded. These issues have been resolved.
ICMP traffic no longer causes a RADIUS lookup for access authentication,
but is now checked by ICMP handlers for attacks and eligibility. If the ICMP
traffic matches a NAT rule, NAT will occur on inbound and outbound
traffic. HTTP 1.0 requests sometimes caused the firewall HTTP proxy to
close prematurely. Cached TCP sessions were sometimes not hit correctly.
These issues have been resolved.
PCR: 02359 Module: IPG Network affecting: No
When an IP Multihomed interface was used as an OSPF interface,
neighbour relationships were only established if the IP interface for OSPF
was added first in the configuration. Now, OSPF establishes neighbour
relationships regardless of the IP Multihomed interface configuration order.
PCR: 02395 Module: VRRP, TRG Network affecting: No
The SHOW VRRP command now shows the number of trigger activations
for the Upmaster and Downmaster triggers.
Patch 86222-27 for Software Release 2.2.2
C613-10319-00 REV Z
PCR: 02396 Module: DHCP Network affecting: No
DHCP RENEW request messages are now unicast (as defined in the RFC),
not broadcast.
PCR 02400 Module: CORE, FFS, FILE,
Network affecting: No
INSTALL, SCR
If a problem occurred with NVS, some critical files were lost. As a result, the
equipment was forced to load only boot ROM software at boot time. This
patch combined with the new version of the boot ROM software (pr1-1.2.0
for the AR700 series) resolves this issue.
14 Patch Release Note
PCR 02408 Module: SWI Network affecting: No
The EPORT parameter in the SHOW SWITCH L3FILTER ENTRY command
was displaying incorrectly after an issue was resolved in PCR02374. The
command now displays correctly.
PCR: 02427 Module: DHCP Network affecting: No
DHCP entry reclaim checks are now delayed by 10 seconds if the entry is
unroutable because the interface is not up.
PCR: 02463 Module: DVMRP, IPG Network affecting: No
Support for multi-homed interfaces has been added.
PCR 02465 Module: TTY Network affecting: No
Under some circumstances a fatal error occurred if a large amount of data
was pasted onto the command line. This issue has been resolved.
PCR: 02489 Module: SWI Network affecting: No
When the switch was under heavy learning load, some MAC address were
lost. This issue has been resolved.
PCR 02506 Module: OSPF, IPG Network affecting: No
In the ADD IP ROUTE FILTER command, when the optional parameter
INTERFACE was included, the filter was not applied to the flooding of
OSPF external LSAs. Also, in the command SHOW IP ROUTE FILTER, the
output of the interface name was truncated when the name was more than
six characters long. These issues have been resolved.
PCR: 02509 Module: DVMRP Network affecting: No
The source net mask has been removed from DVMRP prune, graft and
graft-ack messages.
PCR 02526 Module: DVMRP Network affecting: No
Under some circumstances, multiple default routes were created for
DVMRP. This issue has been resolved.
PCR 02538 Module: DVMRP Network affecting: No
The source mask is now always 0xffffffff in the DVMRP forwarding table.
The temporary route in the DVMRP route table was not displaying
correctly. This issue has been resolved.
An IGMP entry was erroneously added for the reserved IP address. This
issue has been resolved.
Patch 86222-27 for Software Release 2.2.2
C613-10319-00 REV Z
Loading...