Allied Telesis 86241-02 User Manual
Patch Release Note
Patch 86241-02
For Rapier Switches and AR800 Series
Modular Switching Routers
Introduction
This patch release note lists the issues addressed and enhancements made in
patch 86241-02 for Software Release 2.4.1 on existing models of Rapier L3
managed switches and AR800 Series L3 modular switching routers. Patch file
details are listed in Table 1.
Table 1: Patch file details for Patch 86241-02.
Base Software Release File
Patch Release Date
Compressed Patch File Name
Compressed Patch File Size
This release note should be read in conjunction with the following documents:
■ Release Note: Software Release 2.4.1 for Rapier Switches, AR300 and
AR700 Series Routers, and AR800 Series Modular Switching Routers
(Document Number C613-10338-00 Rev A) available from
www.alliedtelesyn.co.nz/documentation/documentation.html
■ Rapier Switch Documentation Set for Software Release 2.4.1 available on
the Documentation and Tools CD-ROM packaged with your switch, or
from www.alliedtelesyn.co.nz/documentation/documentation.html
WARNING: Using a patch for a different model or software release may cause
unpredictable results, including disruption to the network. Information in this
release note is subject to change without notice and does not represent a
commitment on the part of Allied Telesyn International. While every effort has
been made to ensure that the information contained within this document and
the features and changes described are accurate, Allied Telesyn International
can not accept any type of liability for errors in, or omissions arising from the
use of this information.
86s-241.rez
25-Oct-2002
86241-02.paz
132368 bytes
.
.
Simply connecting the world
2 Patch Release Note
Features in 86241-02
Patch 86241-02 includes all issues resolved and enhancements released in
previous patches for Software Release 2.4.1, and the following enhancements:
PCR: 02103 Module: SWI Network affecting: No
IPX traffic passing between two switch instances using VLAN for Rapier48
now operates correctly.
PCR: 02210 Module: DNS Relay Network affecting: No
Buffer leaks occurred when DNS relay was enabled. This issue has been
resolved.
PCR: 02214 Module: IPG Network affecting: No
A buffer leak occurred when a large number of flows (over 4000) were in use
and needed to be recycled. This issue has been resolved.
PCR: 02220 Module: SWI Network affecting: No
The EPORT parameter in the ADD SWITCH L3FILTER ENTRY and SET
SWITCH L3FILTER ENTRY commands was matching multicast and
broadcast packets with software filtering. This issue has been resolved.
PCR: 02236 Module: FIREWALL Network affecting: No
Sometimes the retransmission of an FTP packet was not permitted through
the Firewall. This issue has been resolved.
PCR: 02245 Module: VRRP Network affecting: No
VRRP returned an incorrect MAC address for an ARP request. This issue
has been resolved.
PCR: 02263 Module: VRRP Network affecting: No
The virtual MAC address was used as the source MAC for all packets
forwarded on an interface associated with a Virtual Router (VR). This was
confusing when multiple VRs were defined over the same interface because
only one virtual MAC address was ever used. The other virtual MAC
addresses (for the other VR's) were only used if the source IP address
matched the VR’s IP address. To avoid this confusion, the system MAC
address is now always used unless the source IP address of the packet is the
same as the VR’s IP address.
PCR: 02267 Module: BGP Network affecting: No
When route aggregation was enabled, the atomic aggregate was not being
set. This issue has been resolved.
PCR: 02268 Module: FIREWALL Network affecting: No
HTTP requests from a fixed IP address were erroneously reported as a host
scan attack in the Firewall deny queue. This issue has been resolved.
Patch 86241-02 for Software Release 2.4.1
C613-10340-00 REV B
Patch 86241-02 For Rapier Switches and AR800 Series Modular Switching Routers 3
PCR: 02272 Module: IPG, PIM, SWI Network affecting: No
The following issues have been resolved:
• The RESET PIM INTERFACE=VLAN command was not working
correctly.
• Packets with Time to Live (TTL) set to less than 4 were not being
forwarded.
• VLAN tags were not being inserted into IP multicast packets on multitagged ports.
• A fatal error occurred when PIM and RIP were both running.
PCR: 02274 Module: TPAD Network affecting: No
ARL message interrupts have been re-enabled after a software table rebuild
to fix synchronisation of the software forwarding database with the
hardware table.
PCR: 02276 Module: FIREWALL Network affecting: No
The CREATE CONFIG command did not save the SOURCEPORT
parameter to the configuration file when the low value of the source port
range was set to zero. This issue has been resolved.
PCR: 02277 Module: DVMRP Network affecting: No
Report sending and default routes were not working correctly. Also, the
SHOW CONFIGURATION DYNAMIC and SHOW
CONFIGURATION=DVMRP commands were not working correctly. These
issues have been resolved.
PCR: 02280 Module: TELNET, TTY Network affecting: No
TELNET sessions are now closed with “^D” only when the session is in the
login state.
PCR: 02291 Module: DHCP Network affecting: No
DHCP now processes Discover messages smaller than 300 bytes.
PCR: 02292 Module: IPSEC Network affecting: No
IPSec no longer logs packets that match an ACTION=ALLOW policy. The
overhead of this logging was affecting non-IPSec traffic.
PCR: 02294 Module: IKMP Network affecting: No
The LOCALRSAKEY parameter in the CREATE ISAKMP POLICY and SET
ISAKMP POLICY commands was not accepting the value zero. This issue
has been resolved.
Patch 86241-02 for Software Release 2.4.1
C613-10340-00 REV B
PCR: 02298 Module: IPSEC Network affecting: No
The PURGE IPSEC command caused a fatal error. This issue has been
resolved.
4 Patch Release Note
PCR: 02299 Module: VRRP Network affecting: No
If a packet with a destination IP address equal to a VRRP IP address was
received when the router didn’t own the IP address, (because it didn’t have
an interface with that IP address) the router incorrectly tried to forward the
packet and send an ICMP “redirect” message to the source. Now, if such a
packet is received, it will be discarded and an ICMP “host unreachable”
message will be sent to the source.
PCR: 02301 Module: IPG Network affecting: No
If a DNS relay agent was configured with overlapping subnets, sometimes
the DNS server response was returned to the client with a source IP address
of an interface on the relay agent that was different from the interface the
request was received on. This issue has been resolved.
PCR: 02302 Module: IPv6 Network affecting: No
The default router lifetime value has been corrected. Also, the SET IPV6
INTERFACE command now updates valid and preferred lifetimes correctly.
PCR: 02303 Module: INSTALL Network affecting: No
When enabling or disabling feature licences, a message will now be
generated with a warning that changes to feature licences may not take
effect until after a reboot.
PCR: 02304 Module: VRRP Network affecting: No
VRRP used the wrong source IP address in ICMP redirects. RFC 2338 states
that the source IP address of ICMP redirects should be the IP address that
the end host used when making its next hop routing decision. In the case of
a packet sent to a VRRP virtual MAC address, this is the primary VRRP IP
address associated with the MAC address, provided such a VR exists and is
in the master state. This issue has been resolved.
PCR: 02309 Module: STP Network affecting: No
On models except Rapier i Series Switches, the ENABLE STP DEBUG PORT
command did not work correctly. This issue has been resolved.
PCR: 02311 Module: SWI Network affecting: No
It was possible to set the trunk speed to 10/100M, even if the port within the
trunk was not capable of this speed. This issue has been resolved.
PCR: 02313 Module: IPV6 Network affecting: No
The SHOW IPV6 INTERFACE command now shows the address lifetime
aging status that is determined by the DECREMENT parameter in the ADD
IPV6 INTERFACE command. The default valid and preferred address
lifetimes have been changed to 30 days and 7 days respectively.
PCR: 02320 Module: IPV6 Network affecting: No
The interface address preferred lifetime was not operating correctly. This
issue has been resolved.
Patch 86241-02 for Software Release 2.4.1
C613-10340-00 REV B
Loading...