Allied Telesis Rapier User Manual

Patch Release Note
Patch 86253-04 For Rapier Series Switches

Introduction

This patch release note lists the issues addressed and enhancements made in patch 86253-04 for Software Release 2.5.3 on existing models of Rapier series switches. Patch file details are listed in Table 1.
Table 1: Patch file details for Patch 86253-04.
Base Software Release File
Patch Release Date
Compressed Patch File Name
Compressed Patch File Size
Release Note: Software Release 2.5.3 for Rapier Switches and AR400 and
AR700 Series Routers (Document Number C613-10362-00 Rev A) available from www.alliedtelesyn.co.nz/documentation/documentation.html
Rapier Switch Documentation Set for Software Release 2.5.1 available on
the Documentation and Tools CD-ROM packaged with your switch, or from www.alliedtelesyn.co.nz/documentation/documentation.html
WARNING: Using a patch for a different model or software release may cause unpredictable results, including disruption to the network. Information in this release note is subject to change without notice and does not represent a commitment on the part of Allied Telesyn International. While every effort has been made to ensure that the information contained within this document and the features and changes described are accurate, Allied Telesyn International can not accept any type of liability for errors in, or omissions arising from the use of this information.
86s-253.rez
17-October-2003
86253-03.paz
585295 bytes
.
.
Simply connecting the world
2 Patch Release Note
Some of the issues addressed in this Release Note include a level number. This number reflects the importance of the issue that has been resolved. The levels are:
Level 1 This issue will cause significant interruption to network services, and
there is no work-around.
Level 2 This issue will cause interruption to network service, however there
is a work-around.
Level 3 This issue will seldom appear, and will cause minor inconvenience.
Level 4 This issue represents a cosmetic change and does not affect network
operation.

Features in 86253-04

Patch 86253-04 includes all issues resolved and enhancements released in previous patches for Software Release 2.5.3, and the following enhancements:
PCR: 02414 Module: IPV6, SWI, IPG, VLAN
MLD snooping is now supported on AT-9800 Series Switches and Rapier i Series Switches. For details, see “MLD Snooping” on page 17.
PCR: 02577 Module: IPG, LOG Level: 4
The ability to log MAC addresses whenever the ARP cache changes has been added. To enable this, use the command:
ENABLE IP ARP LOG
To disable it, use the command:
DISABLE IP ARP LOG
The logging of MAC addresses is disabled by default. Use the SHOW LOG command to view the MAC addresses that have been logged when the ARP cache changes.
PCR: 03162 Module: IPV6 Level: 3
The performance of IPv6 has been improved by introducing IPv6 flows.
PCR: 03268 Module: SWI Level: 1
When using MVR on a Rapier 48 or Rapier 48i, multicast packets were not forwarded correctly between ports 1-24 and 25-48. This issue has been resolved.
PCR: 03409 Module: SWI Level: 2
The switch filter was not operating correctly after a boot cycle. This issue has been resolved.
PCR: 03524 Module: OSPF, IPG Level: 2
OSPF disabled RIP unless RIP was activated using the SET OSPF RIP command. This issue has been resolved.
Patch 86253-04 for Software Release 2.5.3
C613-10382-00 REV C
Patch 86253-04 For Rapier Series Switches 3
PCR: 03560 Module: IPV6 Level: 2
A fatal error sometimes occurred when IPv6 multicast packets were forwarded via an interface that went down and then came back up. This issue has been resolved.
PCR: 03598 Module: ETH, IPG, IPv6, IPX,
Level: 3
PORT, PPP.
After about 250 days, commands such as SHOW BRIDGE COUNT w ere not displaying the correct number of seconds for Uptime and Last Change At. days. This issue has been resolved.
PCR: 03616 Module: IPG Level: 4
Three new commands have been added to enable and disable transmission of the following ICMP messages: Network Unreachable, Host Unreachable, and all Redirect messages.
The commands are:
DISABLE IP
ICMPREPLY[={ALL|NETUNREACH|HOSTUNREACH|REDIRECT}]
ENABLE IP
ICMPREPLY[={ALL|NETUNREACH|HOSTUNREACH|REDIRECT}]
SHOW IP ICMPREPLY
For details, see “Enable and Disable ICMP Messages” on page 14.
PCR: 03622 Module: ENCO Level: 2
Interoperating with other vendors implementations of ISAKMP was occasionally causing errors following key exchanges. This relates to differing implementations of the RFC regarding the retention of leading zeros. This issue has been resolved by modifying the software to retain leading zeros. An additional command provides compatibility with routers that still use previous software versions. The command details are:
Patch 86253-04 for Software Release 2.5.3 C613-10382-00 REV C
SET ENCO DHPADDING={ON|OFF}
This command controls the padding process for Diffie Hellman generated values. This may be required when interoperability is required with other vendor’s equipment that uses the Diffie Hellman algorithm.
The DHPADDING parameter specifies whether the Diffie Hellman generated values should be padded or not. If ON is specified, then leading zeros will be inserted into the generated values. If OFF is specified, then the generated values will not be padded. The default is ON.
For example, to turn off the Diffie Hellman padding, use the command:
SET ENCO DHPADDING=OFF
Also, the output of the SHOW ENCO command now contains a new line showing the setting for DHPADDING.
PCR: 03704 Module: BGP Level: 2
BGP was importing the best route from IP without checking whether the route was reachable. BGP now selects the best reachable route. If there are no reachable routes, BGP will select the best unreachable route.
PCR: 03710 Module: PIM, PIM6 Level: 2
The list of multicast groups for each Rendezvous Point occasionally became corrupted, and this could cause a fatal error. This issue has been resolved.
4 Patch Release Note
PCR: 03723 Module: BGP Level: 2
BGP routes that were added after a summary aggregate route had been formed were not suppressed. This issue has been resolved: all routes added after summary aggregate route creation are also now suppressed.
The SHOW BGP ROUTE command displayed unselected routes as the "best" route, until they had been processed. This issue has been resolved.
When a single route was deleted from an aggregate route, the aggregate route was deleted, even if it contained other routes. This issue has been resolved.
PCR: 03726 Module: TTY, USER Level: 3
The time recorded when a user logged in was overwritten when the same user logged in a second time while the original connection was still active. This meant the SHOW USER command displayed the same time for both connections. This issue has been resolved.
PCR: 03733 Module: IPV6 Level: 3
When an oversize packet (PMTU) was received, an error message was not returned, even when IPv6 flow was enabled. This issue has been resolved.
PCR: 03734 Module: IPG Level: 2
With static multicasting enabled on two VLANs, only the first few multicast packets of a stream were L3 forwarded. This issue has been resolved.
PCR: 03751 Module: MLDS Level: 3
The MLD snooping entries registered on a port were not removed when the port went down or was unplugged. This issue has been resolved.
PCR: 03757 Module: BGP Level: 2
Route flapping occurred with BGP when an interface went down. This issue has been resolved.
PCR: 03771 Module: SWI Level: 2
When ingress rate limiting was used on Rapier switch ports, TCP sessions sometimes obtained a throughput that was lower than the configured ingress rate limit. This issue has been resolved.
PCR: 03780 Module: INSTALL Level: 3
If a configuration file had a long file name, the SHOW CONFIG command displayed the file name using the shortened DOS 8.3 format (where file names are 8 characters long, with extensions of 3 characters). This issue has been resolved so that long configuration file names are now displayed using the DOS 16.3 format (where file names are up to 16 characters long).
PCR: 03789 Module: ETH Level: 2
When a 4-port ETH PIC card was installed, the output of the SHOW IP INTERFACE command showed the ETH port as Down, but the link LEDs on the card were lit. This issue has been resolved. The SHOW command now shows the correct link status. The link will go down after 90 seconds if no inbound traffic is received. When inbound traffic is received the link will come up.
Patch 86253-04 for Software Release 2.5.3
C613-10382-00 REV C
Patch 86253-04 For Rapier Series Switches 5
PCR: 03790 Module: SWI Level: 2
When a tagged port was deleted from a VLAN that was in the default STP, and the port was then added to the VLAN again, communications were sometimes not resumed on that port. This issue has been resolved.
PCR: 03798 Module: IKMP Level: 3
ISAKMP did not support the IPSec message option
ID_IPV6_ADDR_SUBNET (RFC 2407, 4.6.2.7). ISAKMP was using the ID_IPV6_ADDR (RFC 2407, 4.6.2.6) option instead. This issue has been
resolved.
PCR: 03801 Module: MLDS Level: 2
MLD and MLD Snooping accepted MLD Query packets with a hop limit greater than 1. Duplicate packets were forwarded when the hop limit was not 1 and the payload was 0::0. This issue has been resolved. MLD and MLD Snooping now require the hop limit to be 1.
PCR: 03806 Module: VRRP Level: 4
After the SHOW VRRP command was executed, incorrect trigger messages were entered into the log. This issue has been resolved.
PCR: 03809 Module: SWI Level: 2
An additional check has been added for unknown GBIC models to determine if they are copper or fibre.
PCR: 03817 Module: IPV6 Level: 2
A fatal error occurred when IPv6 fragmented a packet. Also, when a large fragmented ICMP echo request packet was received, the reply may not have been fragmented and so may have exceeded the MTU for the interface it was sent on. These issues have been resolved.
PCR: 03826 Module: BGP Level: 2
When B GP imp orted routes f rom IP w ith th e ADD BGP IM PORT co mm and, and there were multiple import choices, the best IP route was not always imported. This issue has been resolved.
PCR: 03828 Module: IPV6 Level: 2
The MTU value for IPv6 PPP interfaces was always set to 1280 bytes. This MTU value is now correctly set to 1500 bytes, and 1492 bytes for PPP over Ethernet (PPPoE).
Patch 86253-04 for Software Release 2.5.3 C613-10382-00 REV C
PCR: 03836 Module: OSPF Level: 2
OSPF sometimes chose routes with an infinite metric over routes with a finite metric when selecting the best local route. This issue has been resolved.
PCR: 03839 Module: IPV6 Level: 2
A fatal error sometimes occurred when an IPv6 ping packet length exceeded 1453 bytes. This issue has been resolved.
6 Patch Release Note
PCR: 03843 Module: DHCP Level: 2
When some DHCP entries were in Reclaim mode, and all interface links related to the range of these entries went down, these DHCP entries were stuck in Reclaim mode. This issue has been resolved.
PCR: 03847 Module: TTY Level: 3
Entering Ctrl-N caused some terminals to expect Shift Out ASCII characters. This issue has been resolved.
PCR: 03850 Module: FFS Level: 3
Files were not displayed in the SHOW FFILE command output, after entering “
Q” at the CLI to quit from a previous prompt. This issue has been
resolved.
PCR: 03852 Module: IPG, IPV6 Level: 2
PIM SM did not establish a BSR candidate between two AR720 routers with PPP over SYN. This issue has been resolved.
PCR: 03854 Module: SWI Level: 2
Wh en INGR ESSLI MIT p aramet er in the SE T SWIT CH PORT command w as set to 64kbps, the switch received packets intermittently rather than continuously. This issue has been resolved.
PCR: 03855 Module: IPG Level: 2
Previously, an IP multicast stream destined for an IP multicast group was forwarded out ports in the All Groups IGMP snooping entry even after this entry had timed out. This issue has been resolved.
PCR: 03861 Module: IPV6 Level: 2
When a connector was plugged into one physical interface, the RIPng request packet was erroneously transmitted from all interfaces on the switch. This issue has been resolved.
PCR: 03864 Module: BGP Level: 2
BGP sent Update packets when the local host route table changed but did not affect BGP. Also, BGP did not send Withdrawn packets when there was a change in the best route. These issues have been resolved.
PCR: 03867 Module: BGP Level: 2
BGP sometimes chose routes with an infinite metric over routes with a finite metric when selecting the best local route. This issue has been resolved.
PCR: 03868 Module: IPG Level: 3
The ipForwDatagrams SNMP MIB object was incremented when it should not have been. This issue has been resolved.
PCR: 03870 Module: SWI, VLAN Level: 3
On Rapier 48i switches, mirror port information was repeated in the output of the SHOW VLAN command. This issue has been resolved.
Patch 86253-04 for Software Release 2.5.3
C613-10382-00 REV C
Patch 86253-04 For Rapier Series Switches 7
PCR: 03871 Module: FIREWALL Level: 2
The HTTP proxy sometimes allowed URL requests that should have been denied. Also, the HTTP proxy denied all URLs that contained a deniable keyword, even when some URLs with that word had explicitly been allowed. These issues have been resolved.
PCR: 03874 Module: DHCP Level: 3
For parameters that accept a list of IP addresses in a DHCP command (such as LOGSERVER in the ADD DHCP POLICY command), the list is now limited to a maximum of 32 IP addresses.
PCR: 03875 Module: IPG Level: 2
Sometimes OSPF routes were not entered in the IP route table. This issue has been resolved.
PCR: 03876 Module: PING Level: 2
A fatal error occurred if the TRACE command was executed when a trace was already in progress. This issue has been resolved.
PCR: 03878 Module: SWI Level: 2
The layer 3 filter was matching a layer 3 packet incorrectly when the egress port was specified by the filter. This issue has been resolved.
PCR: 03883 Module: IPG Level: 3
Some IP addresses were not displayed correctly in log messages. This issue has been resolved.
PCR: 03884 Module: IPG Level: 2
The IGMP MVR membership timeout was not operating correctly. Membership of a multicast group is now eliminated when it times out. Also, Leave messages were not being processed correctly, which sometimes delayed the membership timeout. These issues have been resolved.
PCR: 03888 Module: DHCP, TELNET Level: 2
When the device was configured as a DHCP server, a fatal error sometimes occurred when a telnet session to the device was closed while DHCP was reclaiming IP addresses. Also, a telnet error message displayed an incorrect value when a telnet command line parameter was repeated (for example, SHOW TELNET TELNET). These issues have been resolved.
PCR: 03890 Module: IGMP, SWI Level: 2
Patch 86253-04 for Software Release 2.5.3 C613-10382-00 REV C
The switch was adding a router port for multicast packets to destinations with an address in the range 224.0.0.x. Switch port entries are now only created for special router multicast addresses.
PCR: 03895 Module: DHCP Level: 2
If the DHCP server had a policy name greater than 5 characters long, and a very long MERITDUMP or ROOTPATH value, the device could not correctly create the configuration. This issue has been resolved.
Loading...
+ 15 hidden pages