Allied Telesis 89262-08 User Manual
Patch Release Note
Patch 89262-08
For AT-8900 Series Switches
Introduction
This patch release note lists the issues addressed and enhancements made in
patch 89262-08 for Software Release 2.6.2 on existing models of AT-8900 Series
switches. Patch file details are listed in Table 1.
Table 1: Patch file details for Patch 89262-08.
Base Software Release File
Patch Release Date
Compressed Patch File Name
Compressed Patch File Size
This release note should be read in conjunction with the following documents:
■ Release Note: Software Release 2.6.2 for AT-8900 Series switches
(Document Number C613-10399-00 REV A) available from
www.alliedtelesyn.co.nz/documentation/documentation.html
■ AT-8900 Series Switch Documentation Set for Software Release 2.6.2
available on the Documentation and Tools CD-ROM packaged with your
switch, or from www.alliedtelesyn.co.nz/documentation/documentation.html
WARNING: Using a patch for a different model or software release may cause
unpredictable results, including disruption to the network. Information in this
release note is subject to change without notice and does not represent a
commitment on the part of Allied Telesyn International. While every effort has
been made to ensure that the information contained within this document and
the features and changes described are accurate, Allied Telesyn International
can not accept any type of liability for errors in, or omissions arising from the
use of this information.
89-262.rez
15-Oct-2004
89262-08.paz
324452 bytes
.
.
Simply connecting the world
2 Patch Release Note
Some of the issues addressed in this Release Note include a level number. This
number reflects the importance of the issue that has been resolved. The levels
are:
Level 1 This issue will cause significant interruption to network services, and
there is no work-around.
Level 2 This issue will cause interruption to network service, however there
is a work-around.
Level 3 This issue will seldom appear, and will cause minor inconvenience.
Level 4 This issue represents a cosmetic change and does not affect network
operation.
From Patch 89262-07 onwards, issues for each patch are listed in severity order as per
the levels above. Enhancement PCRs are listed after Level 4 issues.
Features in 89262-08
Patch 89262-08 includes all issues resolved and enhancements released in
previous patches for Software Release 2.6.2, and the following enhancements:
Level 1
No issues.
Level 2
PCR: 40570 Module: IP6 Level: 2
IPv6 multicast packets were not being forwarded when coming from a
6-over-4 tunnel. This issue has been resolved.
PCR: 40573 Module: LOG Level: 2
If the log module was configured to store a very large number of messages
(for example, more than 3000 messages), a watchdog timeout could occur
when the show debug command was executed. This issue has been
resolved.
Please note that this problem would not occur when the show log command
was executed. A temporary work-around would be to disable the log
module before executing the show debug command.
PCR: 40591 Module: SWMX Level: 2
In a multicast setup, there was a possibility that all multicast and broadcast
packets were not being forwarded as expected. This caused symptoms such
as RIPv1 or RIPv2 losing routes, PIM neighbourhoods being lost, and other
protocols using broadcast or multicast packets would fail to register any
peers/neighbours. Also, multicast packets are not switched. This issue has
been resolved.
Patch 89262-08 for Software Release 2.6.2
C613-10402-00 REV H
Patch 89262-08 For AT-8900 Series Switches 3
PCR: 40596 Module: SWMX Level: 2
When STP is enabled, when frames with a multicast destination MAC
address were sent, a loop was observed within the network. This issue has
been resolved.
PCR: 40601 Module: SWMX Level: 2
In network configurations with multiple paths to neighbours on an
interface, if the interface changed state from up to down, then up again, the
interface route may have been erroneously deleted by a route update. This
issue has been resolved.
PCR: 40619 Module: IPG Level: 2
The valid and preferred parameters were incorrectly added to the dynamic
set ipv6 prefix configuration. The default onlink and autonomous
parameters were also being included. This issue has been resolved.
Level 3
PCR: 40589 Module: IPG Level: 3
The counter parameter did not exist in the show igmpsnooping command.
This issue has been resolved.
PCR: 40603 Module: SWI, SWMX Level: 3
An error message is now shown if the user tries to assign more than the
allowable number of traffic class (or default traffic class) entries to active
QOS policies.
PCR: 40606 Module: VLAN Level: 3
When a Core port was added to a nested VLAN, its Ingress Filtering
attribute was set to be On and Acceptable Frame Type was set to be Admit
Only VLAN tagged Frames. If the port was deleted from that VLAN, its
Ingress Filtering attribute must be set to Off and Acceptable Frame Type
must be set to Admit All Frames, however, the attributes were not changed
when the port was deleted from the nested VLAN. This issue has been
resolved.
PCR: 40617 Module: TTY Level: 3
The manager prompt did not appear when using a telnet session until the
[Enter] key was pressed several times. This issue has been resolved.
PCR: 40618 Module: SWI Level: 3
Patch 89262-08 for Software Release 2.6.2
C613-10402-00 REV H
An FTP server located on a private interface of a firewall with NAT enabled
may have had its ftp-data (tcp/20) source port translated to another port.
This could lead to a firewall rejecting the data packets, as they do not strictly
conform to RFC 959. This issue has been resolved, ensuring that ftp-data
packets are sent from port 20 on the firewall, even when NAT is enabled.
4 Patch Release Note
PCR: 40618 Module: SWI Level: 3
Fixing speed on a fibre SPF to 1000mfull in a configuration script showed
up incorrectly as 10mfull actual speed after reboot. This issue has been
resolved.
Level 4
No issues.
Enhancements
No issues.
Features in 89262-07
Patch file details are listed in Table 1.
Table 2: Patch file details for Patch 89262-07.
Base Software Release File
Patch Release Date
Compressed Patch File Name
Compressed Patch File Size
Patch 89262-07 includes all issues resolved and enhancements released in
previous patches for Software Release 2.6.2, and the following enhancements:
89-262.rez
29-Sept-2004
89262-07.paz
316588 bytes
Level 1
No issues.
Level 2
PCR: 40272 Module: IPG Level: 2
The switch learned an ARP entry for an IP address that was already
configured on one of its interfaces. This issue has been resolved, and the
receipt of spoofed ARP packets will now generate a log message.
PCR: 40356 Module: BGP Level: 2
1) A switch reboot could be observed if an IP interface was deleted while
BGP was learning routes.
2) A switch reboot could be observed if a BGP peer was disconnected while
the other peer was learning routes.
3) Excessive log messages were generated when the switch was low on
memory.
Patch 89262-08 for Software Release 2.6.2
C613-10402-00 REV H
Patch 89262-08 For AT-8900 Series Switches 5
4) Not all routes were removed from the BGP route table when a peer was
disabled.
These issues have all been resolved.
PCR: 40419 Module: OSPF, IPG Level: 2
If OSPF was configured using the command set ospf dyninterface=stub, to
advertise dynamic interfaces such as PPPoE interfaces as stub links, the
links were not being advertised as expected. This issue has been resolved.
PCR: 40420 Module: BGP, IGP Level: 2
In some circumstances, when a BGP peer became physically disconnected,
subsequent deletion of routes could cause a switch reboot to occur.
PCR: 40419 Module: OSPF, IPG Level: 2
If OSPF was configured using the command set ospf dyninterface=stub, to
advertise dynamic interfaces such as PPPoE interfaces as stub links, the
links were not being advertised as expected. This issue has been resolved.
PCR: 40420 Module: BGP, IGP Level: 2
In some circumstances, when a BGP peer became physically disconnected,
subsequent deletion of routes could cause a switch reboot to occur.
PCR: 40457 Module: STP Level: 2
If an STP disabled port was moved from one VLAN to another, it caused
STP to reconverge. This issue has been resolved.
PCR: 40460 Module: SWMX Level: 2
Incorrect behaviour would occur if the switch was configured with a
hardware filter that used a classifier matching on a VLAN, plus some
additional IP Layer 3 or Layer 4 information (e.g. UDPDPort); and another
filter using a classifier matching on just a VLAN. The result would be that
only non-IP packets would be matched by this second hardware filter. IP
packets not matching the first filter would not match the second, and
therefore would not be classified by the switch. This symptom could also
occur for classifiers using MACSA and MACDA. This issue has been
resolved.
PCR: 40465 Module: PIM6, PIM4 Level: 2
The switch could reboot when a user changed the Rendezvous Point
Candidate (RPC) priority in the PIM6 module. This issue has been resolved.
Patch 89262-08 for Software Release 2.6.2
C613-10402-00 REV H
PCR: 40470 Module: BGP Level: 2
When BGP redistributed routes, locally imported routes were selected
rather than peer learnt routes. This issue has been resolved.
6 Patch Release Note
PCR: 40473 Module: IPG Level: 2
When IP filters are configured on IP interfaces of the switch, all IP routing
must occur in software. To achieve this, the IP forwarding table in the ASIC
must be emptied. There was an issue whereby Interim IP route entries (IP
routes for which there is not yet an ARP entry for the nexthop address) were
not removed from the hardware IP forwarding table when an IP filter was
added to an IP interface. This issue has been resolved.
PCR: 40478 Module: IPG Level: 2
If the switch received many packets to Layer 3 route, but did not have ARP
entries for the destination address, the switch memory would deplete,
leading to a switch reboot. This issue has been resolved.
PCR: 40479 Module: OSPF Level: 2
For OSPF-originated routes, it was possible for a route to be deleted from
the IP routing table, but still be referenced by OSPF. This could cause a
switch reboot when later generating a summary LSA that contained the old
route. This occurred using the reset ip command. This issue has been
resolved.
PCR: 40481 Module: IPG Level: 2
If the configuration script on the switch contained several commands for
creating static arp entries, the switch could reboot on startup. This issue has
been resolved.
PCR: 40487 Module: CORE Level: 2
A memory leak could occur when the accessing of the environmental
monitoring chip failed. This issue has been resolved.
PCR: 40488 Module: IPG Level: 2
When a BGP peer was physically disconnected, the best routes for all
prefixes learned were written to the silicon. The memory that was used to
contain these routes was sometimes not freed, resulting in a memory leak.
This issue has been resolved.
PCR: 40496 Module: DHCP Level: 2
When DHCP is enabled, it reclaims IP addresses at switch startup to
determine if the addresses are in use or not. If, during this process, DHCP
was disabled then re-enabled, the switch would not attempt to reclaim the
remaining IP address ranges. This would lead to the rejection of DHCP
requests for IP addresses that were still being reclaimed. This issue has been
resolved.
PCR: 40500 Module: BGP Level: 2
When doing AS-Path regular expression matching in the show bgp route
command, the router could reboot if there were withdrawn routes in the
BGP table. This issue has been resolved.
Patch 89262-08 for Software Release 2.6.2
C613-10402-00 REV H
Patch 89262-08 For AT-8900 Series Switches 7
PCR: 40510 Module: VRRP Level: 2
A configuration generated with the create config or show config dynamic
commands could under some circumstances, include a
disable vrrp = <vrrpid> command even if VRRP was enabled. This issue
has been resolved.
PCR: 40516 Module: DHCP Level: 2
While initialising a range, the switch acting as a DHCP server may release
a dynamic entry incorrectly. This issue has been resolved.
PCR: 40519 Module: SWI Level: 2
When the STP mode was changed, all the static arps on the ports belonging
to the STP were deleted. This issue has been resolved.
PCR: 40520 Module: DVMRP Level: 2
Multicast data could not flow from PIM to DVMRP on a PIM/DVMRP
border switch. This issue has been resolved.
PCR: 40522 Module: CLASSIFIER Level: 2
If a create classifier command contained the ethformat parameter, the
resulting entry in a script created using the create config, or show config
dynamic commands could sometimes be incorrect. This issue has been
resolved.
PCR: 40530 Module: IPG Level: 2
When both Load Balancer and Firewall were configured, the very first TCP
session was established after rebooting. Subsequent TCP session startup
packets may have been routed out to an incorrect interface causing sessions
to not be established. This issue has been resolved.
PCR: 40531 Module: VLAN Level: 2
A customer port in one nested VLAN could be set to be a core port in
another nested VLAN. This issue has been resolved.
PCR: 40535 Module: SWMX Level: 2
When a particular model of SFP is fitted, and a switch reboot occurs, the
switch could get locked in a reboot cycle, and never manage to finish
booting. This issue has been resolved.
PCR: 40537 Module: BGP Level: 2
Patch 89262-08 for Software Release 2.6.2
C613-10402-00 REV H
When the status of an interface changed, the BGP revaluation of IP routes
for redistribution (via the add bgp import or add bgp network commands)
was incorrect. This gave inconsistent BGP route tables depending on the
order of events. This issue has been resolved.
PCR: 40538 Module: IP6, SWI Level: 2
Multicast data failed to be forwarded by PIM-SM if an MLD report was
received on the switch before the corresponding multicast stream had
arrived. This issue has been resolved.
8 Patch Release Note
PCR: 40540 Module: SWI Level: 2
Problems could occur if hardware filters or QOS policies were created using
a classifier matching on: a Layer 2 attribute other than MAC Destination
(e.g. MACSA or VLAN ID), and one or more other parameters that match
on IPv4 frames (e.g. IP address, UDP/TCP parameters), and another
classifier matching on Layer 2 attributes only.
The possible problems were; a generic Layer 2 match only succeeding if the
frame was not of IP type, or false-positive matches when a frames had the
same MAC Destination as a classifier designed to match on MAC Source
address. This issue has been resolved.
PCR: 40541 Module: CLASSIFIER Level: 2
If a classifier was created that used the ethformat and protocol parameters,
the resulting entry in a script created using the create config command or
show config dynamic commands was not always correct. This issue has
been resolved.
PCR: 40543 Module: SWMX Level: 2
When a Novell IPX packet was received by a port in a a protocol-based
VLAN, it was being flooded out all ports on the default VLAN. This issue
has been resolved.
PCR: 40544 Module: VLAN Level: 2
1.) A port was remaining in the default VLAN after having been added to
a nested VLAN.
2.) A port was being returned to the default VLAN when deleted from one
nested VLAN even if it was still a member of another nested VLAN.
3.) A port associated with a protocol or subnet rule was not being returned
to the default VLAN when deleted from a nested VLAN.
These issues have all been resolved.
PCR: 40549 Module: SWI Level: 2
The receipt of two IP packets whose destination IP addresses were subnet
addresses caused the switch to reboot. This issue has been resolved.
PCR: 40550 Module: SWMX Level: 2
Wrong bits were being set in the ASIC rule table for classifiers that matched
on IPX source socket. As the result, the classifiers would match on incorrect
values of IPX source socket. This issue has been resolved.
PCR: 40554 Module: QoS Level: 2
Some MIB values for the AT-QOS MIB, have been changed so that the
output of the switch is now compatible with the latest version of the MIB.
PCR: 40561 Module: SWMX Level: 2
After the disable switch learn command had been executed successfully,
automatic MAC learning was still operating. This issue has been resolved.
Patch 89262-08 for Software Release 2.6.2
C613-10402-00 REV H
Patch 89262-08 For AT-8900 Series Switches 9
PCR: 40562 Module: SWNP Level: 2
If the command enable switch accelerator function=icmpredirect had been
executed, there was no resulting entry in a script subsequently created by
the create config or show config dynamic commands. This issue has been
resolved.
PCR: 40565 Module: SWMX Level: 2
If two protocol VLAN association rules were added to two different
VLANs, the second protocol association rule would not work. This issue has
been resolved.
PCR: 40571 Module: SWMX Level: 2
When PIM or DVMRP was enabled, if IP multicast packets were received on
the non-RPF (Reverse-Path-Forwarding) interface, i.e. the wrong ingress
interface, the CPU could become highly utilised, and the packets were not
correctly Layer 2 switched. This issue has been resolved.
PCR: 40574 Module: SWMX Level: 2
Adding, or deleting, port=42 to, or from, a VLAN could cause the entire
Layer 2 Multicast Table to be cleared. This would subsequently cause high
CPU utilisation under heavy multicast traffic. This issue has been resolved.
PCR: 40586 Module: SWMX Level: 2
If VRRP had been enabled on the switch, then the routing of any packets
that entered the switch via a an interface on which VRRP was operating
would be performed in software, rather than using the L3 switching process
in the ASIC. This issue has been resolved.
PCR: 40592 Module: BOOTP Level: 2
If a timed-out ARP entry was renewed by BOOTP, the new entry be created
with no port association. This issue has been resolved.
Level 3
PCR: 40471 Module: SWI Level: 3
When an accelerator card is installed, and ports had been configured for
mirroring, the enable switch mirror caused an unnecessary warning
message to be displayed. This issue has been resolved.
Patch 89262-08 for Software Release 2.6.2
C613-10402-00 REV H
PCR: 40474 Module: IPG Level: 3
When an accelerator card is installed, the set switch mirror command
caused the switch to display an incorrect message saying that the maximum
port number is 54. This issue has been resolved.
PCR: 40493 Module: DHCP Level: 3
In certain scenarios when acting as a DHCP server, the switch would send
a DHCP ACK to an invalid MAC address. This issue has been resolved.
10 Patch Release Note
PCR: 40498 Module: OSPF Level: 3
When a virtual link end point is no longer reachable, the virtual interface is
not brought down, and the virtual neighbour is not removed. This issue has
been resolved.
PCR: 40515 Module: QoS Level: 3
Setting switch enhanced mode to “none” in order to disable QoS counters
did not disable the QoS counters properly. A debug error message was
shown when attempting to view the traffic class counters. This debug error
message has now been removed and an appropriate error message is now
displayed.
PCR: 40525 Module: SWI, SWX Level: 3
When MIB counters relating to packet flows reached their maximum
possible value (0xFFFFFFFF), they should have returned to 0, and counted
up from 0 again. However, they were remaining stuck at 0xFFFFFFFF.
This issue has been resolved, so that the counters will correctly roll over
from 0xFFFFFFFF to 0 and start counting up again.
Level 4
No issues.
Enhancements
PCR: 40511 Module: RSTP
The RSTP module has been enhanced to detect simple loop scenarios
downstream of an RSTP enabled edge port. If a loop is detected, the port is
placed into a Backup/Discarding/LoopbackDisabled state. In this state, all
packets are discarded. The port transitions to a Designated/Discarding
state after 3 x helloPeriod. If the loop still exists, the Backup/Discarding/
LoopbackDisabled state is repeated.
PCR: 40521 Module: TACACS+
The new command show tacplus has been added. This command shows the
module status, number of servers, and number of logged in users.
Patch 89262-08 for Software Release 2.6.2
C613-10402-00 REV H
Loading...