Page 1
Software Maintenance Release Note
Version 281-01
for AR700, AR415S, AR450S and AR44x series routers, and
AT-8600, AT-8700XL, Rapier i, AT-8800, AT-8900, x900-48, AT-9900, and AT-9800 series switches
This software maintenance release note lists the issues addressed and enhancements made in Maintenance Version 281-01 for Software Version 2.8.1. Version
details are listed in the following table:
Models Series Release File Date Size (bytes) GUI file
AR415S, AR440S, AR441S, AR442S, AR450S AR400 54281-01.rez 26 July 2006 4672392 415s_281-01_en_d.rsc
440s_281-01_en_d.rsc
441s_281-01_en_d.rsc
442s_281-01_en_d.rsc
450s_281-01_en_d.rsc
AR750S, AR770S 55281-01.rez 26 July 2006 3934152 750s_281-01_en_d.rsc (AR750S)
AR725, AR745 AR7x5 52281-01.rez 26 July 2006 3999360 725_281-01_en_d.rsc
745_281-01_en_d.rsc
AT-8624T/2M, AT-8624PoE, AT-8648T/2SP AT-8600 sr281-01.rez 26 July 2006 2249768 sr24_281-01_en_d.rsc
AT-8724XL, AT-8748XL AT-8700XL 87281-01.rez 26 July 2006 2292712 8724_281-01_en_d.rsc
8748_281-01_en_d.rsc
Rapier 24i, Rapier 48i, Rapier 16fi Rapier i 86281-01.rez 26 July 2006 4417996 r24i_281-01_en_d.rsc
r16i_281-01_en_d.rsc
r48i_281-01_en_d.rsc
AT-8824, AT-8848 AT-8800 86281-01.rez 26 July 2006 4417996 8824_281-01_en_d.rsc
8848_281-01_en_d.rsc
Page 2
Enabling and Installing this Release 2
Models Series Release File Date Size (bytes) GUI file
AT-8948, x900-48FE, x900-48FE-N x900-48 89281-01.rez 26 July 2006 4786652 -
AT-9924T, AT-9924SP, AT-9924T/4SP AT-9900 89281-01.rez 26 July 2006 4786652 9924_281-01_en_d.rsc
AT-9812T, AT-9816GB AT-9800 sb281-01.rez 26 July 2006 3865056 9812_281-01_en_d.rsc
9816_281-01_en_d.rsc
Caution: Using a maintenance version on the wrong model may cause unpredictable results, including disruption to the network.
This maintenance release note should be read in conjunction with the Release Note for Software Version 2.8.1.
Caution: Information in this release note is subject to change without notice and does not represent a commitment on the part of Allied Telesis Inc. While every
effort has been made to ensure that the information contained within this document and the features and changes described are accurate, Allied Telesis Inc. can
not accept any type of liability for errors in, or omissions arising from the use of this information.
Enabling and Installing this Release
To use this maintenance release you must have a base release license for Software Release 2.8.1. Contact your distributor or reseller for more information. To
enable this release and install it as the preferred release, use the commands:
enable rel=xx281-01.rez num=2.8.1
set install=pref rel=xx281-01.rez
where xx is the prefix to the filename, as shown in the table on page 1. For example, to install the release on an AR440S router, use the commands:
enable rel=54281-01.rez num=2.8.1
set install=pref rel=54281-01.rez
Version 281-01
C613-10482-00 REV A
Page 3
Levels 3
Levels
Some of the issues addressed in this Maintenance Version include a level number. This number reflects the importance of the issue that has been resolved. The
levels are:
Level 1 This issue will cause significant interruption to network services, and there is no work-around.
Level 2 This issue will cause interruption to network service, however there is a work-around.
Level 3 This issue will seldom appear, and will cause minor inconvenience.
Level 4 This issue represents a cosmetic change and does not affect network operation.
Version 281-01
C613-10482-00 REV A
Page 4
Features in 281-01 4
Features in 281-01
Software Maintenance Version 281-01 includes the resolved issues and enhancements in the following tables. In the tables, for each product series:
■ “Y” indicates that the resolution is available in Version 281-01 for that product series.
■ “-” indicates that the issue did not apply to that product series.
Level 1
CR Module Level Description
CR00012654
CR00012715
CR00012760
Version 281-01
C613-10482-00 REV A
Switch 1 If an AT-9924SP had a large number of SFPs installed and had a very high level of
traffic passing through the network, sometimes newly inserted SFPs were not
detected.
This issue has been resolved.
DHCP 1 In some configurations in which the DHCP server was enabled, the router or
switch compacted its flash memory frequently. This occurred because the DHCP
server unnecessarily updated record files in flash memory even if the record had
not changed.
This issue has been resolved, so that DHCP records are only updated when
necessary. Note that if the router or switch has NVS memory, it stores DHCP
records in NVS by preference, instead of in flash memory.
Log 1 Entering the command show debug caused the router or switch to reboot if one
or more long messages existed in the log.
This issue has been resolved.
AR400
AR7x5
AR750S / AR770S
Rapier i
AT-8800
AT-8600
AT-8700XL
AT-8948 / x900-48
AT-9900
AT-9800
--------Y-
YYYYYYYYYY
YYYYYYYYYY
Page 5
Features in 281-01 5
CR Module Level Description
CR00012933
Switch 1 When STP is enabled on the switch but is disabled for a trunk (by using the
command disable stp port), the trunk should pass traffic. Previously, some trunk
members sometimes stayed in the “discarding” state instead.
This issue has been resolved.
CR00013025
DVMRP 1 Receiving a DVMRP Graft or Prune message occasionally caused the router or
switch to reboot.
This issue has been resolved.
CR00013413
IP Gateway,
Load Balancer
1 If the router or switch was configured with a local interface IP address and the
interface to which this address belonged did not have a logical interface with
index 0, a number of connectivity issues from this router or switch occurred, in
which the router or switch was not able to communicate with UDP, TCP or PING.
This issue has been resolved.
CR00013666
SSL 1 When the router or switch used SSL to process HTTPS traffic, it rebooted.
This issue occurred, for example, when browsing securely to the GUI, or when
the load balancer was configured to support HTTPS traffic.
This issue has been resolved.
AR400
AR7x5
AR750S / AR770S
Rapier i
AT-8 800
AT-8 600
AT-8700XL
AT-8948 / x900-48
AT-9 900
AT-9 800
-------YY-
YYYYY- - YYY
YYYYYYYYYY
YYYYYYYYYY
Version 281-01
C613-10482-00 REV A
Page 6
Level 2
Features in 281-01 6
CR Module Level Description
CR00009212
CR00009213
CR00009826
Bridge 2 The Bridge cannot be configured to bridge PPPoE packets from an Ethernet
interface that has also been configured as a PPPoE interface. Previously, such a
Bridge configuration would appear to succeed. However the Bridge would not
bridge PPPoE packets and the router would restart when the command reset
bridge was entered.
This issue has been resolved. Note: if you want to bridge PPPoE packets, do not
also configure the router as a PPPoE endpoint (by using the command create
ppp=number over=ethx-any).
MSTP 2 Because of an MSTP issue, the switch did not always send a BPDU with an
agreement flag to its designated bridge, even if the switch was synchronised with
the latest spanning tree information from the designated bridge. This prevented
the designated port on the designated bridge from making a fast transition to
the forwarding state. The result was that the network could take up to two times
the “forward delay” time to fully converge.
This issue has been resolved.
IP Gateway 2 When a static ARP is deleted, the router or switch sends out an ARP request to
attempt to create a dynamic ARP for that IP address. Previously, the router or
switch did not process the ARP response correctly and therefore did not add the
ARP to its ARP table.
This issue has been resolved. When a static ARP is deleted, the router or switch
attempts to create a dynamic ARP for that IP address, and will successfully add it
to the ARP table if a device responds.
AR400
AR7x5
AR750S / AR770S
Rapier i
AT-8800
AT-8600
AT-8700XL
AT-8948 / x900-48
AT-9900
AT-9800
YYY- ------
---YYYYYY-
YYYYYYYYYY
CR00010513
Version 281-01
C613-10482-00 REV A
BGP,
IP Gateway
2 BGP did not update its route table when a blackhole route changed in IP.
This issue has been resolved.
YYYYY- - YYY
Page 7
Features in 281-01 7
CR Module Level Description
CR00011434
File 2 The router or switch sometimes rebooted when copying a very large file (several
Mbytes). This issue has been resolved by improving the copy process so that it
uses fewer memory buffers.
CR00011670
Switch 2 On x900-48 Series switches, when the switch used a DSCP map to remark
packets, it did not mark the packets correctly.
This issue has been resolved.
CR00012364
IPv6 2 For IPv6, if there were multiple equal cost multipath (ECMP) static routes to a
destination, and one or more links for the routes became inactive, the inactive
route was sometimes still chosen for forwarding. This caused brief data delivery
failure to the destination.
This issue has been resolved.
CR00012534
IP Gateway 2 If the router or switch received an IP packet that had been sent as an Ethernet
broadcast, the router or switch responded as if the packet had been sent to its IP
address, even when the packet was destined for a different IP address. In
particular, the router or switch processed and responded to ICMP and TCP
packets that were sent as Ethernet broadcasts to different IP addresses. These
caused the router or switch to send ICMP echo responses or TCP reset packets.
This issue has been resolved. Such Ethernet broadcast packets are generally not
valid packets, so the router or switch now discards them.
AR400
AR7x5
AR750S / AR770S
Rapier i
AT-8 800
AT-8 600
AT-8700XL
AT-8948 / x900-48
AT-9 900
AT-9 800
YYYYYYYYYY
-------Y--
YYYYY- - YYY
YYYYYYYYYY
Version 281-01
C613-10482-00 REV A
Page 8
Features in 281-01 8
CR Module Level Description
CR00012613
Firewall 2 When the WAN load balancer was used with IP NAT (instead of firewall NAT), and
an FTP session was established to a server on the public network, the router did
not correctly establish a return session. This meant data was unable to flow
correctly back from the server, and the router rebooted.
This issue has been resolved.
Note that the WAN load balancer is not designed for use with IP NAT, because IP
NATs are not associated with interfaces. Configurations that use an IP NAT cannot
vary the global IP address (the gblip parameter) based on the outgoing interface,
so the WAN load balancer sends all traffic out with the same source address.
Therefore, the return traffic probably comes back via the WAN load balancer
resource that is associated with the global IP. The impact is that the WAN load
balancer balances the outgoing traffic but not the return traffic.
We recommend using firewall NAT instead of IP NAT with the WAN load balancer.
CR00012624
VRRP,
IP Gateway
2 Under certain network conditions in which VRRP entities become temporarily
unsynchronised, the router or switch could receive a gratuitous ARP from a selfelected VRRP master when the router or switch was still the master. This caused
the existing master to create an ARP entry that incorrectly redirected packets
towards the other VRRP entity even after the other entity had become a slave
again.
This issue has been resolved. The router or switch no longer accepts gratuitous
ARPs from other VRRP entities while it is still the Master.
AR400
AR7x5
AR750S / AR770S
Rapier i
AT-8 800
AT-8 600
AT-8700XL
AT-8948 / x900-48
AT-9 900
AT-9 800
Y-Y-------
YYYYYYYYYY
CR00012683
Version 281-01
C613-10482-00 REV A
Switch 2 After the AR770S rebooted, the Port Link/Activity and Duplex/Collision LEDs
sometimes did not blink in response to activity and collisions, respectively.
This issue has been resolved. The router detects the problem and recovers from
it, if possible. If it cannot recover from the problem, it generates a log message
of severity 6, module SWK, type REST, and subtype FAIL. The log message says
“An LED error has been detected, please power-cycle the device. If this message
appears again, contact your technical support representative for help.”
--Y-------
Page 9
Features in 281-01 9
CR Module Level Description
CR00012697
CR00012710
CR00012741
CR00012757
CR00012820
IPsec, ENCO 2 Decrypting a large IPsec ESP packet sometimes caused the router or switch to
reboot.
This issue has been resolved.
Core 2 Soft errors can generate exceptions that would cause the router or switch to
reboot. Soft errors are spontaneous changes in the information stored in a digital
circuit, caused by physical effects. The router or switch’s handling of such errors
has been improved, so that it recovers without rebooting when possible.
Core, File,
Stack
OSPF 2 The router or switch correctly accepted the command add ospf redistribution
DHCP
Snooping,
Switch
2 The command create config=filename set did not copy the configuration file
to all switches in the stack, but only saved the file onto the current switch.
This issue has been resolved.
protocol=static followed by the command set ospf asexternal=on or nssa.
However, the command create config did not create a valid configuration file
from these commands. If the router or switch used that configuration after a
reboot, it gave the error “Redistribution for specified routing protocol - already
exists” and did not use the user-defined redistribution definition.
This issue has been resolved. The router or switch now correctly saves and uses
the user-defined redistribution definition.
2 When the switch had two DHCP snooping classifiers applied across all 48 ports,
and maxleases was set to 10 or more on each port, the switch rebooted.
This issue has been resolved.
AR400
AR7x5
AR750S / AR770S
Rapier i
AT-8 800
AT-8 600
AT-8700XL
AT-8948 / x900-48
AT-9 900
AT-9 800
YYYYY-----
--Y-------
---YYYYYY-
YYYYYYYYYY
-------Y--
CR00012821
Version 281-01
C613-10482-00 REV A
IP Gateway 2 When adding, deleting or updating subnet routes of a more general route, the
software and hardware IP route tables sometimes became unsynchronised. The
same issue sometimes also occurred when updating ECMP routes. This could
cause the router or switch to forward packets to unexpected next hops.
This issue has been resolved.
---YYYYYYY
Page 10
Features in 281-01 10
CR Module Level Description
CR00012846
ASYN, Log 2 The following issues occurred with sending log messages to an asynchronous
port:
■ The log messages output on an asynchronous port were corrupt.
■ When log messages were output to an asynchronous port, that port was
(correctly) locked. However, the port remained locked after the asynchronous
log output definition was destroyed, and after the log output's destination
was changed from asynchronous to something else.
■ It was possible for a user to change the log output destination to an
asynchronous port while the user was logged into the asynchronous port. This
resulted in the user losing access to the command line interface.
■ It was possible to create a log output definition with an asynchronous port as
the destination even when another user was logged into that asynchronous
port. This resulted in the other user losing access to the command line
interface.
■ If a user changed the log output destination to an asynchronous port and
specified invalid parameters in the command, an error message was displayed
but the new output destination was saved anyway.
■ The set command allowed a user to specify an asynchronous port as the
destination without specifying the asynchronous port number. The number
defaulted to asyn0, which may not have been the desired port.
These issues have been resolved.
AR400
AR7x5
AR750S / AR770S
Rapier i
AT-8 800
AT-8 600
AT-8700XL
AT-8948 / x900-48
AT-9 900
AT-9 800
YYYYYYYYYY
CR00012855
CR00012868
Version 281-01
C613-10482-00 REV A
Core 2 If the switch was rebooted at a time when there was a high level of packet traffic
between the switch ports and the switch CPU, then during the reboot process it
was possible for RAM test errors to occur.
This issue has been resolved.
ENCO 2 Entering the command create enco key=number ip=? caused the router or
switch to reboot.
This issue has been resolved.
-------YY-
YYYYYYYYYY
Page 11
Features in 281-01 11
CR Module Level Description
CR00012900
CR00012911
CR00012951
CR00012952
CR00012991
CR00013003
IPv6, Switch 2 When an IPv6 accelerator card was installed, IPv6 multicast traffic was flooded to
all ports in a downstream VLAN, whether or not they had joined the multicast
group.
This issue has been resolved.
Switch, VLAN,
User
IPv6 2 RIPng (for IPv6) sometimes sent sub-optimal routes to its neighbours. When
Bridge 2 If a tagged packet was bridged out of a VLAN interface, the interface always
ATM 2 The maximum allowed value of the vpi parameter in the commands add and set
EPSR, Switch 2 When EPSR is enabled, it creates a classifier so it can send EPSR packets to the
2 Under very rare circumstances, memory corruption could occur when packets
were transmitted by the CPU out a switch port.
This issue has been resolved.
RIPng was configured in a network with loop topology, this could cause unstable
routing table entries on the neighbours (the metric kept being updated, as a
result of updates from neighbours).
This issue has been resolved. RIPng no longer sends sub-optimal routes.
added a VLAN tag into the packet, even though the packet was already tagged.
This issue has been resolved.
atm channel has been increased from 8 to 15.
CPU for processing. Previously, if too many classifiers existed and therefore EPSR
could not create the classifier, EPSR was enabled anyway. However, it did not
work correctly.
This issue has been resolved. Now, if EPSR cannot create the classifier, an error
message displays and EPSR is not enabled.
AR400
AR7x5
AR750S / AR770S
Rapier i
AT-8 800
AT-8 600
AT-8700XL
AT-8948 / x900-48
AT-9 900
AT-9 800
-------YY-
Y-Y-------
YYYYY- - YYY
YYY- ------
Y---------
-------YY-
Version 281-01
C613-10482-00 REV A
Page 12
Features in 281-01 12
CR Module Level Description
CR00013077
IPv6 2 When an IPv6 address was deleted on the router or switch, and that IPv6 address
had previously been learnt by a remote IPv6 node, then the router or switch
would reboot if it received an ICMPv6 Neighbour Solicitation message from the
remote node. This meant, for example, that if you successfully pinged an address
on the router or switch, then deleted that address, then attempted to ping the
old address again, the router or switch would reboot.
This issue has been resolved.
CR00013234
IP Gateway 2 If the router or switch attempted to email log output, and used a domain name
server that gave a non-standard response to the DNS query, the router or switch
sometimes rebooted.
This issue has been resolved.
CR00013276
UPnP 2 In UPnP, Msearch requests were stored indefinitely, which eventually exhausted
the router’s memory and caused it to reboot.
This issue has been resolved. Msearch requests are now deleted once the router
has finished with them.
CR00013309
L2TP 2 When an L2TP LAC Client (for example, a Microsoft Windows XP VPN Client)
activated an L2TP tunnel to a router or switch that was operating as an LNS, the
dynamic PPP interface on the LNS left out the PPP authentication phase.
This also prevented the interface from obtaining an IP address by remote IP
assignment from a User Database entry.
This issue has been resolved.
AR400
AR7x5
AR750S / AR770S
Rapier i
AT-8 800
AT-8 600
AT-8700XL
AT-8948 / x900-48
AT-9 900
AT-9 800
YYYYY- - YYY
YYYYYYYYYY
YYY- ------
YYYYY- - YYY
CR00013407
Version 281-01
C613-10482-00 REV A
EPSR 2 The switch correctly accepted a changed ring flap time (the commands create or
set epsr ringflaptime). However, if the command create config was used to
save the configuration and the switch used that configuration after a reboot,
EPSR failed.
This issue has been resolved.
-------YY-
Page 13
Features in 281-01 13
CR Module Level Description
CR00013529
PIMv6 2 When the router or switch used PIM for multicast routing, and an IPv6 multicast
client joined a group, then left it, then attempted to rejoin it, sometimes the
attempt to rejoin was not successful.
This issue has been resolved.
Level 3
CR Module Level Description
CR00008766
CR00011444
TTY 3 Editing a text file that consisted of a very large number of lines (approaching or
exceeding 30,000 lines) caused the router or switch to reboot.
This issue has been resolved.
Asyn 3 If information was sent to a console (asyn) port that had no cable plugged into
it, excessive CPU usage occurred.
This issue has been resolved.
AR400
AR7x5
AR750S / AR770S
Rapier i
AT-8 800
AT-8 600
AT-8700XL
AT-8948 / x900-48
AT-9 900
AT-9 800
YYYYY- - YYY
AR400
AR7x5
AR750S / AR770S
Rapier i
AT-8 800
AT-8 600
AT-8700XL
AT-8948 / x900-48
AT-9 900
AT-9 800
Y- Y- - - - YY-
YYYYYYYYYY
CR00012309
Version 281-01
C613-10482-00 REV A
WAN load
balancer
3 WAN load balancer performance has been improved, especially through
improvements to the session hashing mechanism.
Y-Y-------
Page 14
Features in 281-01 14
CR Module Level Description
CR00012468
OSPF 3 An OSPF router or switch could show large numbers of entries in its
retransmission lists to certain neighbours under certain conditions (for example,
in a congested Frame Relay network). In some cases, the number of items in the
list was larger than the number of LSAs in the database.
This issue has been resolved.
Also, a new NRL debugging option has been added to OSPF, to show additions
to and deletions from the neighbour retransmission list. To enable NRL
debugging, use the command:
enable ospf debug=nrl
Note that this option may generate large amounts of debugging output on a
large OSPF network. Use it with care.
To disable NRL debugging, use the command:
disable ospf debug=nrl
CR00012598
OSPF 3 In an OSPF NSSA, changing the router ID of the OSPF NSSA ASBR sometimes
caused the area border router to behave incorrectly.
This issue has been resolved.
CR00012607
Switch 3 IPv6 multicast routing using the IPv6 accelerator card on an AT-9924T or AT-8948
switch sometimes caused very high CPU utilisation, even though multicast data
is switched at wirespeed by the accelerator card.
This issue has been resolved.
AR400
AR7x5
AR750S / AR770S
Rapier i
AT-8 800
AT-8 600
AT-8700XL
AT-8948 / x900-48
AT-9 900
AT-9 800
YYYYYYYYYY
YYYYYYYYYY
-------YY-
CR00012708
Version 281-01
C613-10482-00 REV A
many 3 The command show debug active displays information about currently-active
debugging for many modules at once. Similarly, the command disable debug
active disables debugging for many modules in a single step.
This Software Version extends the list of modules that these commands act on.
They now apply to all modules with debug support, except for DS3, ACC, Q931,
SA, SYN, TPAD, and X25C.
YYYYYYYYYY
Page 15
Features in 281-01 15
CR Module Level Description
CR00012786
IP Gateway 3 When a link that had RIP configured on it went down, so that the router or switch
used an alternative route, output from the command show ip route sometimes
displayed incorrect information when the link came back up. When the link first
comes back up, the route's RIP metric is still 16, so the alternative route is still the
“best” route to the target. However, show ip route sometimes displayed a
disabled route over the original link, with a RIP metric of 16, as the best route,
even though the router or switch correctly used the alternative route.
This issue has been resolved.
CR00012895
IP Gateway 3 Previously, the router accepted ARP entries with multicast IP and MAC addresses
when the MAC disparity feature was disabled. The MAC disparity feature is
disabled by default.
The issue has been resolved. The router now discards such ARP entries unless the
MAC disparity feature has been enabled by using the command enable ip
macdisparity.
CR00012947
Log 3 When a user entered the command show log receive=ipadd mask=mask, the
router or switch displayed an error message that said mask was not a valid
parameter.
This issue has been resolved. The mask parameter is now valid for this command.
CR00013007
IPsec 3 With tunnel-mode IPsec, the router or switch decremented the time to live (TTL)
of IP packets twice when it forwarded the packets through the tunnel.
This issue has been resolved.
AR400
AR7x5
AR750S / AR770S
Rapier i
AT-8 800
AT-8 600
AT-8700XL
AT-8948 / x900-48
AT-9 900
AT-9 800
YYYYYYYYYY
YYY- ------
YYYYYYYYYY
YYYYY-----
CR00013048
Version 281-01
C613-10482-00 REV A
Firewall 3 When IP NAT or firewall NAT was used, the router or switch sometimes generated
ICMP messages that specified the wrong source IP address. This meant that the
response to traceroute could be incorrect.
This issue has been resolved.
YYYYY-----
Page 16
Features in 281-01 16
CR Module Level Description
CR00013049
IPv6 3 The router or switch sometimes rebooted when it processed a large number of
multicast routes that were created as the result of receiving a large amount of
data from more than 500 multicast groups.
This issue has been resolved.
CR00013085
OSPF 3 A user can configure a range on an OSPF ABR, so that the ABR aggregates the
network advertisements from one area into another area in the form of summary
LSAs. However, networks advertised into a transit area should not be aggregated
into summary LSAs. Previously, the router or switch advertised aggregated
summary LSAs into transit areas when a range had been configured.
This issue has been resolved. When the router or switch is advertising into a
transit area, it ignores any configured range.
CR00013093
Switch 3 When traffic on a port was mirrored and that port had a learn limit set, packets
from the CPU (such as ARP replies and ICMP replies) were not always mirrored.
This issue has been resolved.
CR00013190
Core 3 If a AT-8624PoE switch had a sticky fan, the fan constantly toggled between
running at full speed and slowing down. This meant that the fan continuously
generated alarms.
This issue has been resolved. If the fan reports an error more than 3 times in an
hour, it now remains at its maximum speed setting.
AR400
AR7x5
AR750S / AR770S
Rapier i
AT-8 800
AT-8 600
AT-8700XL
AT-8948 / x900-48
AT-9 900
AT-9 800
YYYYY- - YYY
YYYYYYYYYY
---YYYY- - -
-----Y----
CR00013202
Version 281-01
C613-10482-00 REV A
Core 3 On the AT-8624PoE switch, a fan fault alarm was not generated when the fan
speed dropped to 70% of the expected speed.
This issue has been resolved. When the speed drops to 70% or less, a alarm is
now generated.
-----Y----
Page 17
Features in 281-01 17
CR Module Level Description
CR00013243
Core 3 The system LED did not indicate when an internal power supply fault occurred.
This issue has been resolved. The system LED now flashes 3 times to indicate a
fault. Also, output of the show system command now reports voltages more
accurately.
CR00013279
OSPF 3 When a user changed the OSPF priority of an interface, the router or switch did
not immediately perform the process to elect a Designated Router and Backup
Designated Router (BDR).
This issue has been resolved.
CR00013353
Switch 3 Certain BIST and AUTOBURNIN tests reported errors, especially if an IPv6
accelerator was installed. Also, if a user entered the commands disable or
enable switch learning and an IPv6 accelerator was installed, the switch
displayed an error message that said:
“SWI ERROR: (1) swmxMacLearningSet [1] - Unable to set learning”
These issues have been resolved.
CR00013421
BGP 3 When a user created a BGP module trigger for the peerstate event, the router
or switch did not allow specification of the script or state parameters.
This issue has been resolved. All such generic parameters are now available with
module-specific triggers.
CR00013538
IP Gateway 3 Software Version 2.8.1 introduced a new msgtype parameter for the command
add igmp filter, which enables users to filter on IGMP query, report or leave
messages. This parameter was mistakenly made compulsory. Therefore, if an
existing configuration script contained IGMP filters, and the router or switch
restarted with that configuration, the filters did not work.
This issue has been resolved. The msgtype parameter is now optional, with a
default of report.
AR400
AR7x5
AR750S / AR770S
Rapier i
AT-8 800
AT-8 600
AT-8700XL
AT-8948 / x900-48
AT-9 900
AT-9 800
--Y-------
YYYYYYYYYY
-------YY-
YYYYY- - YYY
YYYYYYYYYY
Version 281-01
C613-10482-00 REV A
Page 18
Level 4
Features in 281-01 18
CR Module Level Description
CR00010159
CR00011311
CR00011788
GUI 4 When the web-based GUI is used to add or remove ports from a port-based
VLAN association on an AT-9812T switch, the icons representing alternate ports
faced opposite directions.
This issue has been resolved. The port icons now all have the same orientation.
IPsec 4 In output of the commands show ipsec policy and show ipsec policy
sabundle, the value for the number of bytes currently used by each SA bundle
was sometimes truncated.
This issue has been resolved, and both commands now display the correct
number. As part of this, output of the command show ipsec policy has been
modified so that the expiry limits in bytes and in seconds display on separate
lines.
Also, if the expirykbytes parameter of the command create or set ipsec
bundlespecification was given a value higher than 4193280, the router or
switch instead used a lower value.
This issue has been resolved. If you specify a value above 4193280, the router or
switch now displays a warning message and sets the expiry limit to 4193280
kbytes.
IP Gateway 4 Previously the switch allowed users to specify the tag parameter when creating
or modifying a blackhole route with the commands add or set ip route.
However, blackhole routes cannot be tagged, so the switch did not apply the tag
setting in its saved configuration.
This issue has been resolved. If a command contains both the blackhole and tag
parameters, the switch now returns an error message.
AR400
AR7x5
AR750S / AR770S
Rapier i
AT-8800
AT-8600
AT-8700XL
AT-8948 / x900-48
AT-9900
AT-9800
---------Y
YYYYY-----
-------YY-
Version 281-01
C613-10482-00 REV A
Page 19
Features in 281-01 19
CR Module Level Description
CR00012270
CR00012581
CR00012655
CR00012755
CR00012774
Remote Telnet 4 The “?” help description for the enable command stated that the parameter
rtelnet would “Disable the use of remote telnet to control an asyn port”.
This issue has been resolved. The query now states that the command enable
rtelnet enables remote telnet.
PPP 4 Output of the command show ppp idletimer did not display the PPP interface
name.
This issue has been resolved.
GUI 4 The web-based Graphical User Interface (GUI) did not display software QoS
counters.
This issue has been resolved. The counters now display correctly. To access them,
select Diagnostics in the left-hand menu.
Install,
Stacking
IP Gateway,
TCP
4 If the local command show config dynamic was entered as a host-directed
command, the switch gave an incorrect error message.
This issue has been resolved. If you attempt to direct show config dynamic to
a host, the switch now responds with the message “Command is local, do not
use host direction”.
4 In an unusual network configuration where the IP subnet on one interface was a
subset of that on another interface, it was possible for the results of a trace route
to show erroneous information.
This issue has been resolved. A search for an interface using an address within
the interface's subnet now finds the most specific match for the address.
AR400
AR7x5
AR750S / AR770S
Rapier i
AT-8 800
AT-8 600
AT-8700XL
AT-8948 / x900-48
AT-9 900
AT-9 800
YYYY------
YYYYY- - YYY
YYYY------
---YYYYYY-
YYYYYYYYYY
CR00012824
Version 281-01
C613-10482-00 REV A
GUI 4 Internet Explorer did not display the switch trunking summary page correctly. If
the user selected a trunk group, the radio button displayed a grey image, instead
of displaying a black dot inside a circle. This was only a display issue—the GUI
acted on the selected trunk group correctly.
This issue has been resolved.
---YYYYYYY
Page 20
Features in 281-01 20
CR Module Level Description
CR00012916
L2TP 4 When the router or switch was configured as an LNS and received an incoming
L2TP call that was associated with a disabled PPP interface, it produced an
incorrect log message.
This issue has been resolved.
CR00012946
Log 4 When a user entered the command show log receive=ipadd, information
about all IP addresses was displayed unless the user also entered the mask
parameter.
This issue has been resolved. Specifying an IP address without a mask now limits
the display to information about that IP address.
CR00013086
IPv6 4 When the router or switch was running MLD and sent an MLD query packet, it
incremented the OutEchos counter instead of the OutGroupMembQueries
counter.
This issue has been resolved. To see the OutGroupMembQueries counter, enter
the command show ipv6 counter.
CR00013115
IP Gateway 4 The “?” help description for the fragment parameter of the add ip interface
command was unclear.
This issue has been resolved. The query now states that the parameter “Decides
if Do Not Fragment is obeyed for IP packet larger than MTU”.
AR400
AR7x5
AR750S / AR770S
Rapier i
AT-8 800
AT-8 600
AT-8700XL
AT-8948 / x900-48
AT-9 900
AT-9 800
YYYYY- - YYY
YYYYYYYYYY
YYYYY- - YYY
YYYYYYYYYY
Version 281-01
C613-10482-00 REV A
Page 21
Enhancements
Features in 281-01 21
CR Module Level Description
CR00012620
CR00012692
Bridge - By default, when the router receives a tagged packet on an Eth or VLAN interface
and bridges it, the bridge strips out the packet’s VLAN tag. This enhancement
enables you to set the bridge to instead retain the tag, by using off, no or false
in the new command:
set bridge stripvlantag={on|off|yes|no|true|false}
The default is on. To see whether stripping is turned on or off, use the command:
show bridge
and check the new StripVlantag entry.
L2TP - The connection between the router or switch, acting as an LNS, and a third party
peer, acting as an LAC, can sometimes fail during PPP link negotiation. Frequent
negotiation failures can indicate a compatibility problem between the third party
peer and Proxy Authentication responses from the router or switch. With this
enhancement, you can now disable Proxy Authentication on the router or switch
for situations where the third party equipment is not compatible. Use
proxyauth=off in the command:
add l2tp ip=ipadd[-ipadd] ppptemplate=0..31
[number={off|on|startup}] [pre13={off|on}]
[proxyauth={off|on}]
[tosreflect={off|on|false|true|no|yes}]
The default for proxyauth is on. Proxy Authentication should not be disabled
unless necessary.
To see whether Proxy Authentication is turned on or off, use the command:
show l2tp ip
and check the new Proxy Authentication entry.
AR400
AR7x5
AR750S / AR770S
Rapier i
AT-8800
AT-8600
AT-8700XL
AT-8948 / x900-48
AT-9900
AT-9800
YYY- ------
YYYYY- - YYY
Version 281-01
C613-10482-00 REV A
Page 22
Features in 281-01 22
CR Module Level Description
CR00012850
CR00013109
CR00012857
CR00011277
File - Previously, a user could delete the preferred software release and the current
boot configuration file (by using the command delete file), without first setting
a new preferred release or boot configuration file. Therefore, it was possible to
accidentally delete these files, which caused network disruptions if the router or
switch restarted. If the router or switch restarted after the user had deleted the
preferred release, it booted from the fallback software. Similarly, if the router or
switch restarted after the user had deleted the current boot configuration file, it
started up with no configuration.
This enhancement ensures that users can no longer delete the preferred software
release or the current boot configuration file. If you want to delete the files
without specifying new preferred files, first use the commands delete
install=pref or set config=none to stop the files from being preferred.
Core, SNMP,
Stack
- Stacked devices are now SNMP accessible through a single IP address. The MIB
Object stackSnmpHost (at-stack.mib) is used to determine which stacked device
is currently responding to SNMP Requests. By setting the value of
stackSnmpHost, an SNMP manager can chose any one of the stacked switches
to poll. After a new value is set successfully, a new SNMP agent is chosen. On
SNMP V1 and V2c operations, the new agent is immediately ready to talk to the
manager. On SNMP v3 operations, the manager needs to re-run engine discovery
to re-synchronize the agent and manager.
Traps and notifications from stacked devices now include an extra object called
hostID, which gives the value of the switch’s host ID. This identifies which stacked
switch produced the trap or notification.
AR400
AR7x5
AR750S / AR770S
Rapier i
AT-8 800
AT-8 600
AT-8700XL
AT-8948 / x900-48
AT-9 900
AT-9 800
YYYYYYYYYY
---YYYYYY-
CR00013394
CR00013584
Version 281-01
C613-10482-00 REV A
Switch - New AT-8600 Series switches are now ROHS compliant (lead free). This
enhancement ensured that the new ROHS compliant 1 gigabit uplink ports are
fully supported on AT-8648T/2SP switches.
Core - On AT-8624PoE switches, a new 7000 rpm fan is now supported. -----Y----
-----Y----
Loading...