Dell PowerConnect 7024P, PowerConnect M6348, PowerConnect 7048R, PowerConnect 7024F, PowerConnect 8024F User Manual
...
Dell™ PowerConnect™
8132/8164/8132F/8164F/7024/7048/7024P/7048P/7024F/7048R/
7048R-RA/8024/8024F/M6220/M6348/M8024/M8024-k
PowerConnect
5.1.1.7 Firmware Release Notes
Date: July 2013
System Firmware Version 5.1.1.7
Information in this document is subject to change without notice.
© 2003 – 2013 Dell Inc. All rights reserved.
Reproduction in any manner whatsoever without the written pe r m is sion of Dell I nc. is strictly forbidden.
Trademark s used in this t ex t: Dell, the DE LL logo and PowerC o nnect are trademarks of D el l Inc; Intel and Pentium ar e r eg istered trademarks and
Celeron is a trademark of Intel Corporation; Microsoft and Windows are registered trademarks of Microsoft Corporation.
Other trademarks and tr ade names may be used in this document to refer to either the entity claiming the marks and names or thei r products. Dell
Inc. disclaims any proprietary interest in trademarks and trade names other than its own. All rights reserved. This document m ay not, in whole or
in part, be copied, photocopied, reproduced, translated, or reduced to any electronic medium or machine-readable form without the prior written
consent of Dell. Dell reserves the right to make changes without further notice to any products or specifications referred to herein to im prove
reliability, functionality or design.
Reproduction, adaptation or translation without prior written permission is prohibited, except as allowed under the copyrigh t laws.
Table of Contents
Introduction 1
Global Support 1
Firmware Specifications 1
Firmware Upgrade 2
Firmware Downgrade 3
Boot Code Downgrade 4
Hardware Supported 4
Support Matrix 5
Supported Firmware Functionality 6
Added Functionality in this Release 7
Changed Functionality in this Release 14
Issues Resolved 22
CLI Reference Guide Updates 55
User’s Configuration Guide Updates 59
Known Issues 61
Known Restrictions and Limitations 70
System – 5.0.1.3 71
System – 5.0.0.4 71
Management – 4.2.1.3 72
Layer 2 – 4.2.0.4 73
Layer 3 – 4.2.0.4 74
Management – 4.2.0.4 74
Data Center – 4.2.0.4 75
End of Release Notes 76
2 System Firmware Version 5.1.1.7
PowerConnect 8132/8164/8132F/8164F/8024/8024F/M8024/M8024-k/
M6220/M6348/7024/7048/7024P/7048P/7024F/7048R/7048R-RA
Release Notes
PC8100v5.1.1.7.stk
PCM8024kv5.1.1.7.stk
5.1.1.7
5.1.1.7
July 2013
July 2013
Version Numbering Convention
Version number
Description
PowerConnect
5 1 1
7
Four part version number
Denotes an ad hoc release of the product software.
Denotes a scheduled maintenance release of the product software.
Denotes a major version number.
Introduction
This document provides specific information for the Dell PowerConnect
8132/8164/8132F/8164F/7024/7048/7024P/7048P/7024F/7048R/7048R-RA/8024/8024F/M6220/M6348/M8024/M8024-k
switches firmware versi on 5.1.1.7.
It is recommended that this release note be thoroughly reviewed prior to installing or upgrading of this product.
Global Support
For information regardi ng the latest available firmware, release note revisio ns, or additional assistance, please visit
support.dell.com.
Firmware Specifications
Firmware Version
Firmware Image Name Version Number Release Date
PCM6220v5.1.1.7.stk
PC7000_M6348v5.1.1.7.stk
PC8024v5.1.1.7.stk
PCM8024v5.1.1.7.stk
Series
5.1.1.7
5.1.1.7
5.1.1.7
5.1.1.7
Denotes the build number.
July 2013
July 2013
July 2013
July 2013
System Firmware Version 5.1.1.7 Page 1
Firmware Upgrade
NOTE: Administrators upgrading PowerConnect 7024/7048/7024P/7048P/7024F/
7048R/7048R-RA/8024/8024F/M6220/M6348/M8024/ M8024k switches from 2.x.x.x or
3.x.x.x or 4.x.x.x or 5.x.x.x versions of firmware MUST follow the instructions
documented in the
Upgrading PowerConnect Switches from Version 2.x.x.x or 3.x.x.x
or 4.x.x.x or 5.x.x.x to 5.1.1.7 Firmware procedure. Failure to follow the procedure s
described in that document when upgrading from 2.x.x.x or 3.x.x.x or 4.x. x.x or 5.x.x.x
firmware may result in an inoperable switch!
NOTE: After upgradi ng the switch firmware version to 5.1.1.7, the CPLD (Complex
Programmable Logic Device) code update is required on M8024-k and P C8024/P C80 24F
switches via serial console if switch is running with the older CPLD version. The latest
CPLD version available for M8024k switch is Version 5 and for PC8024/PC8024F switch is
Version 6. Administrators upgrading PowerConnect 8024/ 8 0 2 4F/M8024k switches MUST
follow the CPLD update instructions documented in the
Upgrading PowerConnect
Switches from Version 2.x.x.x or 3.x.x.x or 4.x.x.x or 5.x.x.x to 5.1.1.7 Firmware
procedure.
NOTE: Administrators upgrading PowerConnect 8132/8164/8132F/8164F switches
MUST follow the instr u ctions documented in the
Upgrading PowerConnect
8132_8164_8132F_8164F switche s from Version 5.x.x.x to 5.1.1.7
Firmware procedure. Failure t o follow the pro cedures described in that document w h en
upgrading firmware may result in an inoperable switch!
NOTE: OMNM (Open Manage Network Manager) v5.2 SP1 supports firmware
management of PowerConnect 7024/7048/7024P/7048P/7024F/7048R/7048RRA/8024/8024F/M6220/M6348/M8024/M8024-k to deploy the firmware version 4.1.x.x or
later. OMNM v5.2 SP1 supports PowerConnect 8132/8164/8132F/8164F t o deploy the
firmware version 5.0.0.4
2 System Firmware Version 5.1.1.7
PowerConnect 8132/8164/8132F/8164F/8024/8024F/M8024/M8024-k/
M6220/M6348/7024/7048/7024P/7048P/7024F/7048R/7048R-RA
Release Notes
Part Numbers for PowerConnect 81xx
A1 CPU
B1 CPU
PowerConnect 8132 (US, Canada, Mexico, South Ame r ic a)
TRJ78
PTM0F
PowerConnect 8132F
W0HV1
NWHGV
PowerConnect 8132F (all other countries)
7D1GN
KWHG3
H0F6C
N00C1
PowerConnect 8164 (all other countries)
P8RHX
Y2FJ0
PowerConnect 8164F (US, Canada, Mexico, South America)
VTWN8
4PHP2
PowerConnect 8164F
1JWM5
8KHT1
Firmware Downgrade
Downgrading from 5.1.1.7 to an earlier release is supported on most PowerConnect series switches (except PC81xx series
with B1 CPU versions, see note below); however, migration of configuration information from a later release to an earl ier
release is not supported. The existing configuration may or may not work with the earlier version of firmware, therefore, it is best
to be physically present at the switch site and to be prep ar ed to access the switch over the s er ial port if necessary when
downgrading firmware.
Auto-downgrade of a stack is not enabled by default. If downgrading a stack, be sure to enable auto-downgrade before activating
the earlier versions of firmware on the stack master.
Recent versions of the PowerConnect 81xx series switches support newer versions of CPU (B1). The B1 version of CPU
requires firmware release version 5.1.0.1 or later and cannot be downgraded to earlier firmware releases. In addition, if this unit is
to be deployed as a member within a stack, the entire stack will be required to run 5.1.0.1 or later firmware. Here are some st eps
to help determ i ne what CPU is in the PowerConnect 8100 Series switch:
1. Run show version from the CLI prompt.
2. If there is no CPU version line, then t he stack is r unning 5.0.x.x firmware . Since 5.0.x.x can onl y run on
A1 CPU switches, then all switches in the stack (or a standalone) contain A1 CPUs.
3. If there is a CPU version line (like below):
CPU Version....................... XLP308H-A1
(It will display the CPU version in the last two characters - either A1 or B1).
4. On a stack, r un show version m where m is the unit number assigned to the stack member to see each CPU
version for each member in the stack.
In addition here are the part numbers for reference:
PowerConnect 8132 (all other countries) 0C90P X20W5
(US, Canada, Mexico, So u th America)
PowerConnect 8164 (US, Canada, Mexico, South Ame r ic a)
(all other countries)
Recent versions of the PowerConnect M8024-K modular switches have hardware changes that require firmware version 4.1.0.19
or higher. Power C onne c t M 8 02 4-K with a new PPID label cannot be downgraded to the firmware version below 4.1.0.19. If a
downgrade is attempted, the firmware activatio n procedure will detect th at earlier firmware version is not compatible with the
switch hardware and abort the activation procedure. Any PowerConnect M8024-K with the old PPID label can accept any
version of the switch firmware.
MODEL OLD PPID NEW PPID
M8024K
System Firmware Version 5.1.1.7 Page 3
2F07F A00 2F07F A01
57821 A00 57821 A01
Boot Code Downgrade
Never downgrade the boot code! The 5.1.1.7 boot code supports all earlier versions of firmware and never needs downgrading.
Hardware Supported
• Dell PowerConnect 8132 Ethernet Switch
• Dell PowerConnect 8164 Ethernet Switch
• Dell PowerConnect 8132F Ethernet Switch
• Dell PowerConnect 8164F Ethernet Switch
• Dell PowerConnect M6220 Ethernet Switch
• Dell PowerConnect M6348 Ethernet Switch
• Dell PowerConnect 7024 Ethernet Switch
• Dell PowerConnect 7048 Ethernet Switch
• Dell PowerConnect 7024P Ethernet Switch
• Dell PowerConnect 7048P Ethernet Switch
• Dell PowerConnect 7024F Ethernet Switch
• Dell PowerConnect 7048R Ethernet Switch
• Dell PowerConnect 7048R-RA Ethernet Switch
• Dell PowerConnect 8024 Ethernet Switch
• Dell PowerConnect 8024F Ethernet Switch
• Dell PowerConnect M8024 Ethernet Switch
• Dell PowerConnect M8024-k Ethernet Switch
4 System Firmware Version 5.1.1.7
PowerConnect 8132/8164/8132F/8164F/8024/8024F/M8024/M8024-k/
M6220/M6348/7024/7048/7024P/7048P/7024F/7048R/7048R-RA
Release Notes
Support Matrix
Since not all functionality is supported on all switches, the following matrix identifies the major differences among the
PowerConnect switch models. A check mark indicates support for the feature. All other features listed in the release notes ar e
supported on all switches.
Feature/Switch
Dell PowerConnect
M6220 Ethernet
Switch
Dell PowerConnect
M6348 Ethernet
Switch
Dell PowerConnect
7024 Ethernet
Switch
Dell PowerConnect
7048 Ethernet
Switch
Dell PowerConnect
7024P Ethernet
Switch
Dell PowerConnect
7048P Ethernet
Switch
Dell PowerConnect
7024F Ethernet
Switch
Dell PowerConnect
7048R Ethernet
Switch
Dell PowerConnect
7048R-RA Ethernet
Switch
Dell PowerConnect
8024 Ethernet
Switch
Dell PowerConnect
8024F Ethernet
Switch
Dell PowerConnect
M8024 Ethernet
Switch
Dell PowerConnect
M8024-k Ethernet
Switch
Dell PowerConnect
8132 Ethernet
Switch
Dell PowerConnect
8164 Ethernet
Switch
Dell PowerConnect
8132F/8164F
Ethernet Switch
Priority
Flow
Control
DCBx ETS PoE+
iSCSI
Optimization
USB
grEEEn
Ethernet
Hot
Swap
Cards
WRED
System Firmware Version 5.1.1.7 Page 5
Supported Firmware Functionality
For more details regarding all the supported firmware features and functionality, please refer to the Dell PowerConnect Series
CLI Reference Guide and the Dell PowerConnect Series User’s Configuration Guide.
6 System Firmware Version 5.1.1.7
PowerConnect 8132/8164/8132F/8164F/8024/8024F/M8024/M8024-k/
M6220/M6348/7024/7048/7024P/7048P/7024F/7048R/7048R-RA
Release Notes
Added Functionality in this Release
This section contains a list of features added in this rele ase that are new for at least one switch listed in the Hardware Supported
section above.
Release 5.1.1.7
No Added Functionality in this Release
Release 5.1.0.1
IGMP Snooping Improvements
IP Multicast Enhancements
Support for B1 CPU – only on PC8100 series
New Browser Support
• Mozilla Firefox 14
• Internet Explorer 9
• Google Chrome 21
Static Route Maximum Increased to 512 (for all switches except for M6220 series)
USB Auto-configuration expanded for multiple MAC Address support
Ability to reset stack port counters
Increased Maximum number of dot1x clients per port to 24
Commands to remove signed certificates/Keys
Support for Additional transceivers/optics
Release 5.0.1.3
Added PoE DC Disconnect HW support – on PC7000 series
Release 5.0.0.4
Added Native EEE Support for the PC8100 10GBaseT Ports
802.1Qaz (ETS) – on 8100 series
Support for 40 Gig (QSFP+) interfaces
Support for Bootcode upgrade from pre-4.x image to 5.x image without manual system reset.
Local Preference for LAG
Private VLAN
CLI output filtering
Routing Improvements for OSPF
UDLD
Administrative Profiles
AAA Authorization
TACACS+ Ac countin g
Stacking over QSFP+ ports
QSFP+ diagnostics
sFlow Support on Port Channels
System Firmware Version 5.1.1.7 Page 7
Release 4.2.2.3
No Added Functionality in this Release
Release 4.2.1.3
No Added Functionality in this Release
Release 4.2.0.4
DCBx on M8024-k/8024/8024F
FIP Snooping Bridge on M8024-k/8024/8024F
Add EEE Support for the PC7000 10GBaseT Ports
GUI EEE Power Savings Charts
RP Failover Performance Improvement
Flexible Dynamic LAG Limits
CLI Help Usability Improvements
Ability to Show Static Route Entries
CMC XML Support
Stacking Over Ethernet Por ts
Change Dell EqualLogic iSCSI Auto Detect to default
Add CLI Macro (Port Profile) for Dell Compellent Storage Equipment
Provide Dell EqualLogic DCBx TLV Auto Detect and Configuration on M8024-k/8024/8024F
Release 4.1.1.9
No Added Functionality in this Release
Release 4.1.0.19
Media-type CLI command
Added new command "media-type" to co nfigure an interface to select the specified media on a combo port. It is
recommended the administrators select the specific media type for the particular type of network connection they
expect to use. Users may observe a single port flap when the media type is changed from RJ45 to auto-select RJ45 and
only the corresponding SFP port is enabled. Refer to the CLI Reference Guide Up dates section below for th e complete
syntax.
Release 4.1.0.6
IPv4-Only Mode Optimization
PowerConnect switches allocate the maximum sizes for routing tables (and others, as applicable) for both IPv4 and
IPv6. Switch Performance Optimization allows the operator to optimize the allocation of switch silicon tables for
either IPv4 only or mixed IPv4/IPv6 operation. The template specified limits are enforced by routing components
when routes are bein g l earned. When IPv4 only mode is select ed, the following capabilities are disabled:
• DHCPv6 r elay
• DHCPv6 server
• IPv6 routing/forwarding
• OSPFv3
• IPv6 Neighbor Discovery
• Configured v6-over-v4 tunnels
• Automatic (6to4) tunnels
8 System Firmware Version 5.1.1.7
PowerConnect 8132/8164/8132F/8164F/8024/8024F/M8024/M8024-k/
M6220/M6348/7024/7048/7024P/7048P/7024F/7048R/7048R-RA
Release Notes
Blocked Destination
MAC Address
Blockcdp
Used to block CDP
PDU’s
N/A
0x2000
Blockvtp
Used to block VTP
PDU;s
N/A
0x2003
Blockdtp
Used to block DTP
PDU’s
N/A
0x2004
Blockudld
Used to block UDLD
PDU’s
N/A
0x0111
Blockpagp
Used to block PAGP
PDU’s
N/A
0x0104
Blocksstp
Used to block SSTP
PDU’s
N/A
0x010b
Blockall
Used to block all defined
Protocol Filtering PDU’s
01:00.0C:CC:CC:C0
N/A
Auto-Install
Link Local Protocol Filtering
• IPv6 Multicast
A reboot is required when changing to or from IPv4 mode.
USB based auto-install is an easy way to quickly bring up a switch with a known configuration. Network based autoinstall is useful in rolling out a configuration or firmware update to a group of switches or in maintaining a central
repository of switch configurations and firmware where the switches always obtain their firmware and configuration
from a central server.
The following clarifications are helpful in understanding the processing steps in auto-install:
• Always power on the switch that is desired to be the stack master first
• Auto-install never p ro ceeds if a startup-config file is present o n the (master) switch
• USB auto -install is attempted first. Network auto-install only proceeds if USB auto-install fails.
• If there are multiple .setup files present on the USB flash device, the powerconnect.setu p file is selected
• If a valid .setup file is not found on the USB flash device, the single .text file is used
• If multiple .text files are present, the powerconnect.text file is used.
Network based auto-install utilizes information obtained from a DHCP server. Refer to the documentation for a
discussion of the DHCP options used by Auto-Install.
When auto-install downloads a firmware image to switch memory, it compares the version to the current switch image.
If different, the image in memory is copied to the switch backup image and activatio n of the image is attempted. If
activation succeeds, the switch is rebooted and auto-install then attempts configuration file download.
Auto-in s tall configuration files are executed as a script. For more details on Auto-Install, refer to the User’s Guide.
Link Local Protocol Filtering blocks Cisco link local protocols from being flooded in the network. By default,
PowerConnect switches process and r es pond to Cisco CDP packets. However, i n networks where this capability is not
desirable or other Cisco proprietary packets are flooded over the network, the administrator can disable flooding of
Cisco link local protocols. The following table identifies the matching criteria for filtering Cisco proprietary packets:
Rule Type Rule Purpose
System Firmware Version 5.1.1.7 Page 9
Ether Type
DHCP Server
The PowerConnect Series switches support a si mpl e DH C P server capability for domains that do not wish to deploy a
redundant DHCP address assignment solution or who have need of a temporary solution while (re)deploying their
DHCP server solution.
In configuring DHCP scopes, be aware that the DHCP pool address and netmask must exactly match a VLAN address
and netmask assignment for D H CP addresses to be served over that VLAN.
Only a single manual IP address can be assigned to a pool. The address must have a netmask of 32 .
GMRP
The GARP Multicast Registration Protocol provides a mechanism that allows networking devices to dynamically
register (and de-register) Group membership information with the MAC networking devices attached to the same
segment, and for that information to be disseminated across all networking devices in the bridged LAN that support
Extended Filtering Services. The PowerConnect Series switches support GMRP as specified in IEEE 802.1Q 1998.
WRED
Weighted Random Early Drop is supported on certain PowerConnect series switches. Refer to the table at t he
beginning of this section for further information. CoS queue configuration involves the following hardware port queue
configuration parameters:
• schedul er type: strict vs. weighted
• minimum guaran teed bandwidth
• maximum allowed bandwidth (i.e. shaping)
• queue manage ment type: tail drop vs. WRED
• tail drop par ameters: threshold
• WRED parameters: minimum threshold, maximum threshold, drop probability
Tail drop and WRED parameters are specified individually for each supported drop precedence level.
In addition, the following are specified on a per-interface basis:
• queue management type: tail drop vs. WRED (only if per-queue configuration is not supported)
• WRED decay exponent
Switch administrators should remember to configure ingress ports as trusted or un-trusted. By default ingress ports
trust dot1p values.
Stack Firmware Synchronization
Stack firmware synchronization updates all stack members to the active firmware versi on on the master switch. Stack
firmware synchronization is enabled b y defaul t. Stack firmware downgrade is enabled by default.
Multicast VLAN Registration
Multicast VLAN Registration provides a method of coalescing multicast traffic requested by users on multiple VLANs
onto a single VLAN when carried over the network.
MVR does not require t ha t ei t her source or recei v e r ports uti li z e V LAN tagging.
Network planners are re min ded that multicast groups in the 224.0.0.x range are reserved for multicast control plane
traffic. Network planners should select multicast groups in another range for normal multicast traffic, e.g. 239.0.1.x
iSCSI Optimization
iSCSI Optimization automatically configures ports for use with the iSCSI protocol and tracks iSCSI sessions on the
PowerConnect 7000 and 8000 Series switches as well as t he PCM6348. Dell EqualLogic arrays are automatically
detected and configuration of Dell EqualLogic connected ports is perfor med automatically.
Administrators are advised that the configuration performed by enabling iSCSI optimization is not automatically
reversed on disabling the feature. The administrator will need to manually remove the configurat ion s e t ti ng s w he n
migrating Dell EqualLogic servers or iSCSI initiator ports to other ports or switches.
10 System Firmware Version 5.1.1.7
PowerConnect 8132/8164/8132F/8164F/8024/8024F/M8024/M8024-k/
M6220/M6348/7024/7048/7024P/7048P/7024F/7048R/7048R-RA
Release Notes
Detection of Dell EqualLogic arrays is keyed on receipt of the mandatory System Description TLV in the LLDP
packet. Disabling LLDP will effectively disable Dell EqualLogic array detection.
Dell EqualLogic arra ys are required to be upgraded to fir mwar e 5.0.2 or later in order to use the iSCSI Optimization
feature.
LLDP
Administrators should ensure that LLDP-MED is enabled in order to operate EEE. Disabli ng LLDP or LLD P-MED
will effectively disable EEE, IEEE 802.3at PoE+ high power negotiation and Dell EqualLogic array detection in the
iSCSI Optimization feature.
Connectivity Fault Management
Connectivity Fault Management performs Metro Et hernet maintenance functions. Dell PowerConnect CFM supports
the following functions defined in IEEE 802.1ag Draft 8.1:
• Path disco very (link trace messages)
• Fault detect ion (continuity check messa ge)
• Fault verification and isolation (loopback and link trace messages)
• Fault notification (alarm indication signal or SNMP trap).
Management IP Address Conflict Detection
Management IP address conflict detection activel y lo oks for duplicate IP address as s ignment and logs conflicts. Only
the last identified IPv4 address conflict is retained for display by a show command. Administrators may examine the
in- memory logs or the output from a SYSLOG server to identify the historical IP address conflicts. If console logging
is enabled for traps, a message will appear on the console indicating that an address conflict has o ccurred.
Email Alerting
Email alerting allows administrators to be notified via email regarding system events. Multiple email addresses can be
configured. The system will attempt to resol ve mai l servers specified with a FQDN immediately and, if su ccess fu l,
store the mail-server as an I P address. If a new IP address is subsequently assigned t o the mail server, the oper ator will
need to re-assign the email address on the switch.
Only the Mail User Agent functionality of RFC 4409 is implemented. The PowerConnect switch does not implem e nt
SMTP server functionality.
802.1X Monitor Mode
Monitor mode is a special debug mode that assists network administrators in configuring 802.1X authenticators. Users
attempting to authenticate using the authenticator are always granted access when monitor mode is enabled. All
interactions with th e s upplicant and the authenti cation server are logged.
Administrators are cautioned against enabling monitor mode in a deployed network where 802.1X users may gain
access to sensitive n etwork resources.
Time Controlled ACLs
Time controlled ACLs allow administrators to apply ACLs based on the time of day. Both periodic and absolute time
periods may be configured.
Administrators are cautioned that invalid (overlapping) periodic entries within a time range will prevent the time range
from being applied. Administrators are advised to t es t their periodic entries an d validate that they become active as
expected before deploying the time ranges in a production network. Administrators can check if a time range is act ive
by using the show time-range command.
It is recommended to enable ACL logging to ensure notice of ACL activation and de-activation.
System Firmware Version 5.1.1.7 Page 11
SNTP over IPv6
SNTP operates over IPv4 and IPv6 and may be configured using IPv4 or IPv6 addresses or DNS.
Strong Passwords
The strong passwords featu r e allows administrators to specify that local switch pas swords meet certain characteristics
considered to enhance network security.
Administrators are advi sed that the minimum character classes configuration must be enabled (value equal to 1 or
greater) along with enabling the strong password feature before the other minimum character class configurations are
enforced. These character class configurations are:
• Minimum number of uppercase letters.
• Minimum number of lowercase letters.
• Minimum number of numeric characters.
• Minimum number of special characters
The password strength restrictions do not apply to users configured for the internal authentication server.
Switch Auditing
Switch auditing enhances network security by logging sensitive administrative actions. Switch auditing logs the
following actions:
• Successful login
• Unsuccessful attempt to login
• Logout out from the switch
• Timed out logout from the switch
• Download file to the switch
• Upload file from the switch
• Remove file from the flash
• File changes on the flash
• Clear configu ration
• Add or remove user
• Change user acces s level
Use of a SYSLOG server for monitoring network events is highly recommended.
Authentication
The PowerConnect switches support authentication via a number of methods. The methods are specified in named
lists. Lists may be assigned to the enable and login access methods. The supported authentication methods are:
• Enable
• Line
• RADIUS
• TACACS
• IAS
• Local
• None
Methods are attempted in the order specified in the authentication list. If the authentication method rejects
authentication, the user login is rejected. If an authentication method fail s , e.g. unable to contact the authentication
server, the next method in the list is attempted. The IAS, local and none methods can never fail so, if specified, must
be last in the list.
The 802.1X authentication list cannot be named and only supports the RADIUS, IAS, or none authentication methods.
The 802.1X authentication can only have a single method.
12 System Firmware Version 5.1.1.7
PowerConnect 8132/8164/8132F/8164F/8024/8024F/M8024/M8024-k/
M6220/M6348/7024/7048/7024P/7048P/7024F/7048R/7048R-RA
Release Notes
Internal Authentication Server
The PowerConnect Series switches support 802.1X authentication of network users from an internal authentication
database. IAS users are given access to network resources. IAS is not a valid method for login or enable
authentication.
The IAS database can be downloaded to the switch using the “ias-users” target in the copy command. The i as -users
file takes the form of a configuration script, as follows:
configure
aaa ias-user username client-1
password my-password1
exit
aaa ias-user username client-2
password aa5c6c251fe374d5e306c62496c3bcf6 encrypted
exit
aaa ias-user username 1f3ccb1157
password 1f3ccb1157
exit
IAS users may also be configured via the web interface.
DNS Client
The PowerConnect Series switches support name resolu tion via an embedded DNS client. When a DNS name is
specified, it is attempted to be resolved against the configured DNS servers immediately. The PowerConnect switches
will store the resolved IP address. If the IP address of the host resolved via DNS changes, th e administrator will need
to update the configured IP address, either via DNS or manually.
If the switch is configured to obtain an address via DHCP, DNS server information received from the DHCP server is
used to populate the DNS client configuration.
Port Profiles (CLI Macros)
The PowerConnect series of switches provid es a convenient way to save and share common configurations through the
use of CLI macros. A CLI macro is a set of commands having a unique name. When a CLI macro is applied, the CLI
commands contained within the macro are executed and added to the running configuration. When the macro is
applied to an interface, th e exi sting interface configur ations are not lost; the new commands are added to the interface
and are saved in the running configuration.
A CLI macro may have keywords (variables) which are replaced by values provided when th e macro is applied (up to 3
keywords per macro). M acros can be applied to specific i nterfaces, a range of int er faces, or the global configuration.
Administrators may add their own macros or utilize the built-in macros.
Administrators are cautioned to ensure that a macro does not change command modes (e.g., change from inter fa ce
configuration mode to global configuration mode).
The software includes 6 built-in macros:
• profile-global - the global configuration used to enable RSTP and loop guard.
• profile-desktop - the int er face co nfiguration for incr eased network security and reliability when connecting a
desktop device, such as a PC, to a switch port.
• profile-phone - the in terface configuration used when connecting a desktop device such as a PC with an IP
phone to a switch port.
• profile-switch - the interface confi guration used when connecting an access switch and a distribution switch
or between access switches.
• profile-router - the interface configur ation used when connecting the switch and a WAN router.
• profile-wireless- the interface configur ation used when connecting the switch and a wireless access point.
Built-in macros may not be deleted or altered by the operator.
System Firmware Version 5.1.1.7 Page 13
Changed Functionality in this Release
This section contains commentary on significant differences from previous releases of firmware on PowerConnect switches, e.g.
the 8132/8164/8132F/8164F/7024/7048/7024P/7048P/7024F/7048R/7048R-RA/M6348/M6220/M8024/8024/8024F/M8024-k
switches. Dell PowerConnect series switches closely conform to networking industry standard operational capabilities and
administrative interfaces. The differences below should be studied carefully as attempting to configure or operate the
PowerConnect switches in the same manner as for previous releases of firmware for PowerConnect
8132/8164/8132F/8164F/7024/7048/7024P/7048P/7024F/7048R/7048R-RA/M6348/M6220/M8024/8024/8024F/M8024-k
switches may lead to unexpected results.
Release 5.1.1.7
No Changed Functionality in this Release
Release 5.1.0.1
IGMP Snooping
IGMP snooping is enabled by default.
Traffic addressed to res er ved multicast IP addr es ses is flooded.
Unregistered multicast is flooded to all ports in the VLAN until a multicast router port is identified.
Once mrouter port is identified the traffic is forwarded to mrouter port and listener ports only.
PIMSM
PIMSM Rendezvous Points can be positioned anywhere in the network, not just as the first hop router. Although
multiple Rendezvous Points can be configured, only one Rendezvous Point is active at any time.
Auto-Configuration
Auto-configuration recognizes any of the assigned internal switch’s MAC addresses when present in an autoconfiguration file. The switch re-writes the file to use th e base MAC address of the switch.
Dot1x Clients
The maximum number of 802.1x clients (i.e. supplicants) that can be authenticated per port is increased to 24. This
increase does not include a corresponding increase in the maximum number of 802.1x clients that are supported on an
entire switch or stack.
Release 5.0.1.3
No Changed Functionality in this Release
Release 5.0.0.4
Stacking Ports C hange
The maximum number of ports that can be configured for stacking per switch is limited to 8. This is done to ensure that
the Hardware limits for maximum stack trunk members are not exceeded.
Stacking Over QSFP+ Ports
Stacking is supported over standard QSFP+ ports at either 1x10G or 4x10G mode. The ports must be configured as
stacking ports.
14 System Firmware Version 5.1.1.7
PowerConnect 8132/8164/8132F/8164F/8024/8024F/M8024/M8024-k/
M6220/M6348/7024/7048/7024P/7048P/7024F/7048R/7048R-RA
Release Notes
Bootcode upgrade
Bootcode program is enhanced to automatically upgrade bootcode on migrating switches from pre-4.x version to 5.x
version.
Release 4.2.2.3
No Changed Functionality in this Release
Release 4.2.1.3
VoIP Phone Limits
The limitation on the number of VoIP phones has been increased to 576 phones for the
7024/7048/7024P/7048P/7024F
switches.
Release 4.2.0.4
LAG Limits
Ports can be formed into LAGs in a more flexible manner. The system supports up to 128 total LAGs. Up to 144 ports
can be assigned to dynamic LAGs. Up to 72 LAGs can be configured as dynamic. A LAG may contain up to 8 ports.
The M8024 supports 12 total LAGs (static or dynamic) with up to 24 ports assigned to dynamic LAGs.
Stacking Over Ethernet Por ts only on M8024-k/8024/8024F
Stacking is supported over standard Ethernet SFP+ ports. The ports must be configured as stacking ports.
iSCSI Default Changes
iSCSI optimization is enabled by default. iSCSI optimization will reconfigure ports that are attached to Dell
EqualLogic arrays to utilize spanning-tree portfast and unicast storm disable.
PowerConnect
Release 4.1.1.9
No Changed Functionality in this Release
Release 4.1.0.19
PHY microcode upgrade process
The PHY microcode upgrade process has been enhanced to upgrade the PHY microcode to the latest version base d on
PHY revision. If the user experiences problems links on the combo ports after the upgrade completes, a reboot may be
required in order to activate the new PHY firmware.
Asymmetric flow control
Asymmetric flow control is implemented for the PC8024X, PCM8024, PCM6348, PC70XX, and PCM8024-k
switches. The switch does not generate pause frames when congest ed. It will honor pause frames as per industry
standards.
Release 4.1.0.6
Authentication
The enable and line authentication methods will no longer perform authentication if a password for the method is not
configured. Previously, these methods would always succeed if no password was configured. To achieve the same
functionality, add the “none” method to the list after enable or line method.
System Firmware Version 5.1.1.7 Page 15
NOTE: It is recommended that administrators attach the service/out-of-
management of PowerConnect switches over the operational network.
The default authentication list for telnet and SSH has been changed to enableNetList. The only authentication method
contained in enableN etList is enabled. The net effect of these two changes is that a password is required to enter
privileged exec mode when using telnet or SSH.
Administrators wishing to maintain the previous PowerConnect behavior can set the default authentication list for
telnet and SSH to enableList, which has the enable and none authentication methods (no password required to enter
privileged exec mode). The following commands ch ange the telnet authentication method to enableList.
console(config)# line telnet
console(config)# enable authentication enableList
console(config)# exit
New Web Interface
The Web interface has been enhanced with new navigation features for ease of use.
CLI Syntax Changes
The CLI has changed significantly to be compatible with the PowerConnect switch standard CLI. Configurations for
previous releases may not be compatible with th is release and may need to be updated.
document for more info.
Unit/Slot/Port Naming Conventions
In-band interfaces are na med based on stack unit, slot, and port. Units range from 1-12. Slots range from 0-2. Ports
range from 1-48. Slots for plug-in modules are numbered 1 and 2. Fixed ports belong to slot 0.
The service port is still addressed using the out-of-band keyword.
Management VLAN Deprecated
The PowerConnect series switches do not have an in-band management VLAN by default. Administrators can
designate a VLAN for support of in-band management operations.
VLAN interface configuration mode enables routing
When executing the “in terface vlan x” command, routing is automatically enabled on that VLAN.
Service/Out-of-band Ethernet Port Defaults to DHCP Addressing
By default, the service/out-of-band Ethernet port will attempt to obtain an address via DHCP.
Refer Configuration Migration
band Ethernet port to a physically separate network for out-of-band
network management. The service port does not offer routing or
switching capabilities nor does it offer enhanced protection from DOS
attacks. Configure a VLAN on one or more in-band interfaces for
LACP Ports Inactive Until Attached
Ports in a LAG configured to use LACP (dynamic LAG) remain inactive (discard received traffic) u ntil they become
attached to the LAG. LACP ports that are attached to a LAG will enter the discarding state if they become detached
from the LAG for any reason.
Port level configuration for a port that is configured in a dynamic LAG is disregarded. Remove the port from the LAG
to restore use of the port level configuration.
Ports in a static LAG begin forwarding on link up. Ports in a static LAG disregard port level configuration. Configure
static LAG functions on the static LAG interface.
16 System Firmware Version 5.1.1.7
PowerConnect 8132/8164/8132F/8164F/8024/8024F/M8024/M8024-k/
M6220/M6348/7024/7048/7024P/7048P/7024F/7048R/7048R-RA
Release Notes
NOTE: It is recommended that administrators disable portfast and auto-
portfast on physical interfaces configured in a LAG. Portfast and autoportfast can interfere with an interface entering into LAG mode on a
reboot and possibly enable a packet sto rm .
Spanning Tree Changes
Administrators may assign more than 1024 VLANs to MSTP instances. Only VLANs that are configured on the
switch will forward traffic.
The PowerConnect swit ches implements the 802.1Q-2005 standard which builds on 802.1D-2004. 802.1D-2004
incorporates the 802.1t, 802.1w and 802.1s revisions. Port path costs are calculated based on the interface speed as
shown below and are dynamically recalculated on interface a ctivation and link sp eed changes.
External Port Path Cost values (Port Path Cost in 17.14 of 802.1D-2004) are applicable in STP, RSTP, and MST modes
(Ref. Table 17-3 802.1D-2004). Use the spanning-tree cost command in interface mode to set the external port path
cost.
Link Speed
10 Gb/s 2000
1 Gb/s 20000
100 Mb/s 200000
10 Mb/s 2000000
1 Mb/s 20000000
Internal Port Path Cost values are specific to MST mode only (Ref. Table 13-3 802.1Q-2005). Use the spanning-tree
mst <instance> cost command in interface mode to set the internal port path cost.
Link Speed
10 Gb/s 2000
1 Gb/s 20000
100 Mb/s 200000
10 Mb/s 2000000
1 Mb/s 20000000
User Configurable CLI Banners
Administrators may configure banners for the following: MOTD, login, and exec. The banners may consist of multiple
lines of text. Each new line will consume an extra two characters (CR/LF) that count against the maximum lengt h
banner that can be configured.
Captive Portal
Captive portal has been extended to support user logout and localization.
802.1Q
The following changes have been made to the operation of VLANs.
VLAN Membership:
Default Value
Default Value
System Firmware Version 5.1.1.7 Page 17
VRRP
By default, trunk ports participate in all VLANs. VLANs created after a trunk port is created are added to all trunk
ports. VLANs deleted are removed from all trunk ports. The operator may configure a trunk port to explicitly disallow
certain VLANs.
Native VLAN Configuration on T runk Ports:
It is now possible to configure the native VLAN on a port in trunk mode. Trunk mode ports will accept untagged
frames but will always transmit tagged frames except for the native VLAN which will always transmit untagged
frames. It is also possible to configure a trunk port to drop untagged frames by filtering on the native VLAN, e.g. by
using the switchport trunk allowed vlan remove command.
A trunk port always has a native VLAN (default is VLAN 1), so the default behavior is that untagged packets are
treated as if they are tagged in VLAN 1. To drop untagged packets, configure switchport trunk allowed vlan remove
<vlan> which has th e side effect of dropping tagged packets in that VLAN as well IIRC.
Switchport Mode Configuration Preserved:
When switching between switchport modes (access , trunk, and general), the switchport configuration applicable to the
selected mode is maintained. This means that when switching from one mode to another and back, the port will have
the same configuration as it had in the original mode. Only the configuration applicable to the selected mode is active
on the port.
The following enhancements have been made to the operation of VRRP to increase usability and robustness of
operation in the network:
Preemption Delay:
Per the VRRP RFC 3768, when preemption is enabled, the backup router discards advertisements until the master
down-timer fires. When the preemption delay timer is set to a non-zero val ue and the backup switch r eceives a PDU
with a lower priority from the master, then backup switch waits for the preemption delay value be fore advertising itself
as the master.
Timer Advertis e me nt Lear ni n g:
In VRRP, all participating routers should be configured with coherent advertisement timer interval values. The
operator can now enable t imer learning which causes a backup router to learn the master advertisement interval and
change its master down interval accordingly.
Ping-able VRRP Interfaces:
RFC 3768 specifies that a r outer may only accept IP packets s ent to the virtual router’s IP address if the router is the
address owner (master). In practice, this restriction makes it more difficult to troubleshoot network connectivity
problems.
This capability adds support for responding to pings by the VRRP master, but does not allow the VRRP Master to
accept other types of packets. A configuration option controls whether the router responds to Echo Requests sent to a
VRRP IP address. When enabled, the VRRP master responds to both fragmented and un-fragmented ICMP Echo
Request packets. The VRRP master responds to Echo Requests sent to the virtual router’s primary address or any of its
secondary addresses. When the VRRP master responds with an Echo Reply, the source IPv4 address is the VRRP
address and source MAC address is the virtual router’s MAC address. The VRRP master does not respond to pings
sent from the master.
Members of the virtual r outer who are in backup stat e discard ping packets destin ed to VRRP addresses, just as they
discard any Ethernet frame sent to a VRRP MAC address.
Fragmentation and Reassembly:
18 System Firmware Version 5.1.1.7
PowerConnect 8132/8164/8132F/8164F/8024/8024F/M8024/M8024-k/
M6220/M6348/7024/7048/7024P/7048P/7024F/7048R/7048R-RA
Release Notes
NOTE: By default, multicast frames are flooded by the switch. Utilize the
multicast frames.
Fragmentation and reassembly of VRRP packets is not supported.
DHCP Relay
The following enhancements have been made to the operation of DHCP Relay to bring the implementation into
conformance with RFC 4649:
DHCPv6 Relay Circuit Id/Remote I d Types
RFC 4649 specifies the IANA assignment of the Relay Circuit Id sub-option and Remote Id option. The
implementation has been changed so that the administrator can no longer assign a numerical value to these TLVs as the
IANA assigned number is now used. The administrator can still enable or disable the insertion of these TLVs in
messages sent to the DHCP server.
Relay Information Option:
The operator has the ability to enable DHCP Relay Information Options both globally and on a physical interface. The
interface configuration overrides the glob al configuration for the selected interface.
Relay Information Option Check:
When DHCP Option-82 insertion is enabled for a rel ay agent, the server should echo received Option 82 unaltered back
toward the client. The relay agent is required to strip Option 82 information before relaying the BOOTPREPLY to the
DHCP client. When enabled, the Relay Information Option Check will cause the BOOTPREPLY packet to be dropped
if invalid sub-options are echoed by the DHCP server.
L2 Address Table
The administrator can disable MAC address table aging.
The administrator can configure static forwarding of a MAC address on a specific VLAN.
mac address-table multicast filtering command to disable flooding of
LLDP Enhancements
Multiple Neighbor Support:
Multiple neighbors are supported on a single LLDP interface. The number of recognized neighbors is limited to two
per port or 834 LLDP neighbors on a fully stacked set of switches. There is no restriction on the number of neighbors
connected to an LLDP port. If more LLDP neighbors are pr es ent than are supported, then only the last two neighbors
that communicate with the local LLDP interface are recognized and any addit ional neighbors are ignored.
EEE Support:
Support is added to process/communicate the EEE TLV to partner devices. The EEE TLV is an 802.3 organizationally
specific TLV used to r eport on the EEE Data Link Layer capabilities.
LLDP-MED Support:
LLDP-MED uses LLDP’s organizationally specific TLV extensions and defines new TLVs which make it easier to
deploy VoIP in a wired or wireless LAN/MAN environment. The LLDP implementation supports the following TLVs:
System Firmware Version 5.1.1.7 Page 19
Mandatory 802.1AB TLVs
• Chassis ID TLV (subtype shall default to MAC Address)
• Port ID TLV (subtype shall default to MAC address
• TTL TLV
• MAC/PHY configuration/status TLV
• End of LLDP PDU
Optional 802.1AB TLV
• Systems Capabilities TLV
• Po wer via MDI TLV
NOT recommended
Mandatory LLDP-MED TLVs
• LLDP-MED Capabilities TLV
This TLV allows the network connectivity device to definitively determine wheth er particular connected
devices do support LLDP-MED and to discover which specific LLDP-MED TLVs the particular end point
devices are capable of su pporting as well as what specific device class they belo ng to.
• Network Policy TLV
This TLV allows the device to advertise its VLAN and associat ed Layer 2 priority and Layer 3 DSCP
attributes which apply for a set of specific protocol applications on this port.
• Location Identification TLV
This TLV provides the advertisement of location identifier information Class II endpoint Devices. This is
expected to be related to wire map or similar network topology data, such that the configuration of the
network Connectivity device is able to uniquely identify the physical location of the connected MED
endpoint.
• Extended Power-via-MDI TLV
This TLV allows for advanced power management between endpoints and network connectivity devices. It
transmits fine grained power requirement detail s . This TLV provides significantly more value than the
802.1AB Power via MDI TLV.
• EEE TLV
The EEE TLV is used to exchange information about the EEE Data Link Layer capabilities. Devices that
require longer wake up times prior to being able to accep t data on their receive path s may use the Data Link
Layer capabilities to negotiate for extended system wake up times from the transmitting link partner. This
mechanism may allow for more or less aggressive energ y savi ng modes.
D yna mic V LA N As sig n me nt
Dynamic VLAN assignment is intended to support the connection of hosts to a router with enhanced levels of service,
typically either security or QoS. This release supports dynamic VLAN assignment as assign ed from the RADIUS
server as part of port authentication. The following additional checks are performed in support of dynamic VLAN
assignment:
Before assigning the port to RADIUS assigned VLAN, dot1x checks if the given VLAN is in the VLAN database or
not. If the assigned VLAN is not in the VLAN database and dynamic VLAN assignment is enabled , a VLAN is
created on the port over which the client is authenticated. Each time a client is de-authenticated on an interface with a
particular VLAN, a check verifies if there any other interface which a VLAN member is . If there is no interface as a
member, the VLAN is deleted. This behavior is same for MAC b ased authentication as well.
Usability Enhancements
In the output of the show running-config command, the slot and member configuration is commented with the
switch/slot type in human comprehensible form.
When in interface config mode, CLI users can navigate to a different interface b y enter ing the appropriat e interface
command without leaving interface config mode.
CLI users can log out of the switch using the exit command (exit is an alias for quit).
The CLI Reference Guide is updated with acceptable character sets and maximum length s fo r s tring parameters to
commands.
Management ACLs permit specification of service any as shorthand for enabling all services access for in-band
management.
for transmission in order to conserve LLDPDU space.
20 System Firmware Version 5.1.1.7
PowerConnect 8132/8164/8132F/8164F/8024/8024F/M8024/M8024-k/
M6220/M6348/7024/7048/7024P/7048P/7024F/7048R/7048R-RA
Release Notes
VLANs may be administratively assigned to MSTIs in excess of the switch physical limits and without regard to
whether the VLAN is actually configured. Frames are only forwarded on VLANs assigned to interfaces.
Administrators can re-enter SYSLOG server config mode for a particular SYSLOG server entry without requiring the
deletion and re-creatio n of the entry.
Administrators can configure the web timeout by navigating to: System -> Management Security -> Telnet Server ->
Telnet Session Timeou t.
User configured banners (login, exec, MOTD) appear in the running config.
By default, auto-install supports image downgrade for network installs, specific version USB installs (using a .setup
file), and stack firmware s ynchronization.
A comprehensible message and recommendation is issued when configuring multiple services (telnet, http, etc.) to
listen on the same TCP port.
The terminal length command allows user control over terminal paging.
Simple Mode
The PowerConnect M8024-k is the only modular switch that defaults to the simple mode of operation. Simple mode
contains a restrict ed set of commands suitable for control of a port aggregation device that can be deployed in a
network without requiring updates to the network by a network administrator. Users needing switch capabilities which
require the network administrator to modify the network configuration can exit simple mode using the no mode simple
command.
AAA Authentication
In prior releases, more than one method could be specified for dot1x authentication even though only the first method
was attempted. The CLI and Web now only accept a single method for dot1x authentication.
System Firmware Version 5.1.1.7 Page 21
Summary
User Impact
Resolution
Affected Platforms
All 5.1 supported
Stack member crash with
Switch crash occurs
Corrected the SDM Templat e
PC8132
Stack member crash when
Switch crash occurs
Corrected a stack data plane
PC8132
PC8164F
Stack member crash from
Switch crash occurs
Enhanced DMA retry logic to
PC8132
Stack member crash in
Switch crash occurs
Corrected multicast routing
PC8132
PC8164F
PC8132
PCM6220
PCM6348
All 5.1 supported
PC8132
PC8164F
PC8132
PC8164F
All 5.1 supported
Issues Resolved
The following issues from previous releases have been corrected. The issues listed here may have been discovered on any of the
switches listed on the title page.
Release 5.1.1.7
Switch crashes in
tIomEvtMon() task once per
week.
Switch crashes in tCptvPrtl
task.
“SDM Template mismatch”
error
“ISO count mismatch has
been detected”
DMA hang
mcastMapTask
Stack master can move on
stack reload
iomEventLog() might result
in switch crash
FRU service tag value up dates
from CMC might result in buffer
overflow as service tag and
other related tag fields are
updated in the switch.
Switch crash occurs in captive
portal after a reload whi ch
brings down the entire switch
occasionally when an SDM
Template id mismatch occu rs.
occasionally when th e stack unit
detects that it is isolated.
occasionally when packet DMA
from the switching fabric to the
CPU stops.
occasionally with routing and
multicast traffic.
On a stack reload the st ack
master can move to a different
switch based on the plug-in
modules being used.
Communications error in the
m1000e Chassis CMC can result
in a crash.
Correct buffer overflow.
Corrected captive portal
initialization problem
ID problem so that invalid
SDM template ids will be
ignored.
communications problem.
allow DMA status information
to update completely.
problem.
Corrected stack master timing
problem when 10GBaseT
plug-in modules are used.
Corrected index r a nge error on
data received from the CMC
PCM6220
PCM6348
PCM8024
PCM8024-k
platforms
PC8132F
PC8164
PC8164F
PC8132F
PC8164
PC8132F
PC8164
PC8164F
PC8132F
PC8164
PC8132F
PC8164
PC8164F
PCM8024
PCM8024K
Switch crash in DHCP
server task
Stack member crash in
bcmRLINK task
Stack member crash in
DMA processing
Port detection mechanism
fails with SNMP Query
using Q-BRIDGE-MIB
22 System Firmware Version 5.1.1.7
Switch crash in DHCP server
task
Switch crash in bcmRLINK task
due to unit id being out of range
Switch crash in DMA
processing due to memory
corruption
dot1qVlanFd bId S NMP object
returns incremental indexes of
the VLANs.
Corrected memory corruption
problem.
Corrected memory corruption
in ATP process.
Corrected in problem in cache
coherency which was causi ng
data corruption.
Corrected problem so that the
object will return VLAN IDs
platforms
PC8132F
PC8164
PC8132F
PC8164
platforms
Loading...