Patch Release Note Patch 86253-07 For Rapier Series Switches Introduction This patch release note lists the issues addressed and enhancements made in patch 86253-07 for Software Release 2.5.3 on existing models of Rapier series switches. Patch file details are listed in Table 1. Table 1: Patch file details for Patch 86253-07. Base Software Release File 86s-253.rez Patch Release Date 18-Feb-2004 Compressed Patch File Name 86253-07.
Patch Release Note Some of the issues addressed in this Release Note include a level number. This number reflects the importance of the issue that has been resolved. The levels are: Level 1 This issue will cause significant interruption to network services, and there is no work-around. Level 2 This issue will cause interruption to network service, however there is a work-around. Level 3 This issue will seldom appear, and will cause minor inconvenience.
Patch 86253-07 For Rapier Series Switches PCR: 31160 3 Module: IPG Level: 2 A memory leak occurred if DNS relay was configured, and the device kept receiving DNS Query packets. This issue has been resolved. PCR: 31176 Module: PIM6 Level: 2 PIM6 could not send unicast bootstrap messages to a new neighbour. This issue has been resolved. PCR: 31178 Module: FIREWALL Level: 4 If the SMTP Proxy detected a third party relay attack, the “SMTP third party relay attack” trigger message was not displayed.
Patch Release Note PCR: 31233 Module: L3F Level: 2 A filter entry was lost when the SET SWITCH L3FILTER ENTRY command did not succeed. This issue has been resolved. PCR: 31236 Module: IPV6 Level: 3 Link-local addresses can only be unicast addresses. If a link-local address was added as an anycast address, no error message was returned. This issue has been resolved. Now, an error message is returned stating that a linklocal address must be a unicast address.
Patch 86253-07 For Rapier Series Switches PCR: 31270 5 Module: CURE, IPG, ATK, DVMRP, IPX2, LB, LOG, SNMP, UTILITY Level: 3 Entering “?” after a command at the CLI gives context-sensitive Help about parameters valid for the command. Occasionally, commands (for example, ENABLE IP MULTICASTING) were executed when “?” was entered at the end of the command. This issue has been resolved.
Patch Release Note Features in 86253-05 Patch file details are listed in Table 2: Table 2: Patch file details for Patch 86253-05. Base Software Release File 86s-253.rez Patch Release Date 26-November-2003 Compressed Patch File Name 86253-05.paz Compressed Patch File Size 700793 bytes Patch 86253-05 includes all issues resolved and enhancements released in previous patches for Software Release 2.5.
Patch 86253-07 For Rapier Series Switches PCR: 03953 7 Module: SW56 Level: 3 On AT-8800 series switches, strict QoS scheduling is now enforced for ports where egress rate limiting is applied. On Rapier i series switches, the same QoS setup is now applied to all of the appropriate ports when setting up egress rate limiting. PCR: 03970 Module: IPV6 Level: 3 If an IPv6 filter that blocked traffic on a VLAN interface was removed, the traffic was still blocked. This issue has been resolved.
Patch Release Note PCR: 31040 Module: PIM Level: 2 When two devices are BSR candidates, and have the same preference set with the SET PIM BSRCANDIDATE PREFERENCE command, the device with the higher IP address was not elected as the candidate. This issue has been resolved. PCR: 31041 Module: PIM Level: 3 A Prune message sent to an old RP neighbour was ignored when a new unicast route was learned. This issue has been resolved.
Patch 86253-07 For Rapier Series Switches PCR: 31071 9 Module: SWI Level: 4 The warning given when a QoS policy is active on a port operating at reduced speed has been changed to reflect the problem more accurately. The old message was: Warning (2087343): Port is currently used in QoS policy , this policy may become incorrect due to the port bandwidth.
Patch Release Note PCR: 31106 Module: MLD Level: 2 When the device received a version 1 Query packet, it become a non-querier on that interface, even if it should have remained as the querier. This issue has been resolved. PCR: 31118 Module: SWI Level: 2 When the TYPE parameter was specified for the ADD SWITCH L3FILTER command, the type was sometimes a different value in the device’s hardware table. This issue has been resolved.
Patch 86253-07 For Rapier Series Switches DELETE IGMPSNOOPING ROUTERADDRESS 11 ADD IGMPSNOOPING ROUTERADDRESS Syntax Description ADD IGMPSNOOPING ROUTERADDRESS=ipaddr[,...] where: • ipaddr is a reserved IP multicast address in dotted decimal notation. This command adds reserved IP multicast addresses to the list of router multicast addresses. The IP address specified must be within the range 224.0.0.1 to 224.0.0.255.
SHOW IGMPSNOOPING ROUTERADDRESS Description Patch Release Note This command deletes reserved IP multicast addresses from the list of router multicast addresses. The IP address specified must be within the range 224.0.0.1 to 224.0.0.255. This command is only valid if the IGMP snooping router mode is set to IP with the SET IGMPSNOOPING ROUTERMODE command.
Patch 86253-07 For Rapier Series Switches PCR: 31145 SHOW IGMPSNOOPING ROUTERADDRESS Module: SWI 13 Level: 3 The port counters were not incremented: • ifInDiscards • ifinErrors • ifOutDiscards • ifOutErrors This issue has been resolved. PCR: 31146 Module: SWI Level: 3 The following SNMP MIB objects could not be set: • Dot1dStpPriority • Dot1dStpBridgeMaxAge • Dot1dStpBridgeHelloTime • Dot1dStpBridgeForwardDelay This issue has been resolved.
SHOW IGMPSNOOPING ROUTERADDRESS • Patch Release Note The Proposal flag is not set in a BPDU sent by a designated port once the port has reached the forwarding state. PCR: 31159 Module: FW, VLAN Level: 2 Static ARP entries sometimes prevented the firewall from working correctly. This is because when an VLAN interface is added to the firewall, the CPU takes over the routing from the switch silicon in order to inspect the packet. Hence all the Layer 3 route entries must be deleted.
Patch 86253-07 For Rapier Series Switches PCR: 31190 SHOW IGMPSNOOPING ROUTERADDRESS Module: SWI, SW56 15 Level: 2 When static port security was enabled with the RELEARN parameter in the SET SWITCH PORT command, and a switch port was reset or unplugged, the MAC entries were removed (unlearned) from the forwarding database table. The MAC entries should only be removed when dynamic port security is in use. This issue has been resolved.
SHOW IGMPSNOOPING ROUTERADDRESS PCR: 03268 Patch Release Note Module: SWI Level: 1 When using MVR on a Rapier 48 or Rapier 48i, multicast packets were not forwarded correctly between ports 1-24 and 25-48. This issue has been resolved. PCR: 03409 Module: SWI Level: 2 The switch filter was not operating correctly after a boot cycle. This issue has been resolved. PCR: 03524 Module: OSPF, IPG Level: 2 OSPF disabled RIP unless RIP was activated using the SET OSPF RIP command.
Patch 86253-07 For Rapier Series Switches SHOW IGMPSNOOPING ROUTERADDRESS 17 For example, to turn off the Diffie Hellman padding, use the command: SET ENCO DHPADDING=OFF Also, the output of the SHOW ENCO command now contains a new line showing the setting for DHPADDING. PCR: 03704 Module: BGP Level: 2 BGP was importing the best route from IP without checking whether the route was reachable. BGP now selects the best reachable route.
SHOW IGMPSNOOPING ROUTERADDRESS PCR: 03780 Patch Release Note Module: INSTALL Level: 3 If a configuration file had a long file name, the SHOW CONFIG command displayed the file name using the shortened DOS 8.3 format (where file names are 8 characters long, with extensions of 3 characters). This issue has been resolved so that long configuration file names are now displayed using the DOS 16.3 format (where file names are up to 16 characters long).
Patch 86253-07 For Rapier Series Switches PCR: 03828 SHOW IGMPSNOOPING ROUTERADDRESS Module: IPV6 19 Level: 2 The MTU value for IPv6 PPP interfaces was always set to 1280 bytes. This MTU value is now correctly set to 1500 bytes, and 1492 bytes for PPP over Ethernet (PPPoE). PCR: 03836 Module: OSPF Level: 2 OSPF sometimes chose routes with an infinite metric over routes with a finite metric when selecting the best local route. This issue has been resolved.
SHOW IGMPSNOOPING ROUTERADDRESS PCR: 03867 Module: BGP Patch Release Note Level: 2 BGP sometimes chose routes with an infinite metric over routes with a finite metric when selecting the best local route. This issue has been resolved. PCR: 03868 Module: IPG Level: 3 The ipForwDatagrams SNMP MIB object was incremented when it should not have been. This issue has been resolved.
Patch 86253-07 For Rapier Series Switches PCR: 03890 SHOW IGMPSNOOPING ROUTERADDRESS Module: IGMP, SWI 21 Level: 2 The switch was adding a router port for multicast packets to destinations with an address in the range 224.0.0.x. Switch port entries are now only created for special router multicast addresses.
SHOW IGMPSNOOPING ROUTERADDRESS PCR: 03925 Module: IPV6 Patch Release Note Level: 3 Incorrect debug information was returned when an ICMPv6 PacketTooBig message was received. This issue has been resolved. PCR: 03928 Module: IKMP Level: 2 ISAKMP in aggressive mode did not establish a connection when the peer client sent 10 or more payloads. This issue has been resolved.
Patch 86253-07 For Rapier Series Switches PCR: 03954 SHOW IGMPSNOOPING ROUTERADDRESS Module: IPV6 23 Level: 2 An anycast address could not be assigned when the prefix for the anycast address had previously been assigned on that interface. This issue has been resolved. PCR: 03958 Module: FIREWALL Level: 2 The ADD FIREWALL POLICY RULE and SET FIREWALL POLICY RULE commands no longer accept the GBLREMOTEIP parameter with standard NAT, or enhanced NAT for a private interface.
SHOW IGMPSNOOPING ROUTERADDRESS PCR: 031020 Patch Release Note Module: PIM Level: 2 When the switch received a generation ID change message, it was not responding by sending a PIM HELLO message. This issue has been resolved. PCR: 31028 Module: BGP Level: 2 BGP did not always send Withdrawn advertisements when a route went down. This issue has been resolved.
Patch 86253-07 For Rapier Series Switches SHOW IGMPSNOOPING ROUTERADDRESS 25 Features in 86253-02 Patch file details are listed in Table 5: Table 5: Patch file details for Patch 86253-02. Base Software Release File 86s-253.rez Patch Release Date 25-July-2003 Compressed Patch File Name 86253-02.
SHOW IGMPSNOOPING ROUTERADDRESS PCR: 03707 Module: STP Patch Release Note Level: 2 When adding a port to a VLAN, any STP ports that had been disabled in the default STP were re-enabled. This issue has been resolved. PCR: 03708 Module: DHCP Level: 2 When the DELETE DHCP RANGE command was executed, DHCP attempted to reclaim the addresses in that range.
Patch 86253-07 For Rapier Series Switches PCR: 03764 SHOW IGMPSNOOPING ROUTERADDRESS Module: IPG 27 Level: 3 The IP multicast counter did not increment when IGMP, DVMRP and PIM packets were transmitted and received. This issue has been resolved. PCR: 03766 Module: FIREWALL Level: 2 The firewall denied streaming data using Windows Media Player 9. This issue has been resolved. PCR: 03779 Module: DHCP Level: 2 The DHCP client was not honouring a subnet option provided by the DHCP server.
SHOW IGMPSNOOPING ROUTERADDRESS Patch Release Note Enable and Disable ICMP Messages The Internet Control Message Protocol (ICMP) allows routers to send error and control messages to other routers or hosts. It provides the communication between IP software on one system and IP software on another. This enhancement allows the switch to enable or disable some ICMP messages when directed by the network manager.
Patch 86253-07 For Rapier Series Switches SHOW IGMPSNOOPING ROUTERADDRESS 29 If ALL is specified, all configurable ICMP message replies are disabled. If NETUNREACH is specified, all network unreachable message replies are disabled (RFC792 Type 3 Code 0). If HOSTUNREACH is specified, all host unreachable message replies are disabled (RFC792 Type 3 Code 1). If REDIRECT is specified, all ICMP redirect message replies are disabled (RFC792 Type 5 Code 0, 1, 2, 3).
SHOW IGMPSNOOPING ROUTERADDRESS Patch Release Note Table 6: Parameters in the output of the SHOW IP ICMPREPLY command. Parameter Meaning ICMP Reply Messages A list of ICMP configurable reply messages and whether they are enabled or disabled. MLD Snooping Multicast Listener Discovery (MLD) snooping enables the switch to forward IPv6 multicast traffic intelligently, instead of flooding it out all ports in the VLAN.
Patch 86253-07 For Rapier Series Switches SHOW IGMPSNOOPING ROUTERADDRESS 31 IGMP Snooping All-Group Entry Because IGMP is an IP-based protocol, multicast group membership for VLAN aware devices is on a per-VLAN basis. If at least one port in the VLAN is a member of a multicast group, multicast packets will be flooded onto all ports in the VLAN by default. IGMP snooping enables the switch to forward multicast traffic intelligently on the switch.
SHOW IP IGMP Patch Release Note Modified Command SHOW IP IGMP Syntax Description SHOW IP IGMP [COUNTER] [INTERFACE=interface] This command displays information about IGMP, and multicast group membership for each IP interface. This enhancement includes the line “Disabled All-groups ports” on the output of this command, as show in Figure 3 on page 32. Ports that are disabled have a “#” symbol next to the port number. Figure 3: Example output from the SHOW IP IGMP command.
Patch 86253-07 For Rapier Series Switches DISABLE IP IGMP ALLGROUP 33 New Commands This enhancement request introduces two new commands from enabling/ disabling all-group entries on switch ports. ENABLE IP IGMP ALLGROUP Syntax ENABLE IP IGMP ALLGROUP=[{port-list|ALL}] where: ■ Description port-list is a port number, a range of port numbers (specified as n-m), or a comma separated list of port numbers and/or ranges.
DISABLE IP IGMP ALLGROUP Patch Release Note Availability Patches can be downloaded from the Software Updates area of the Allied Telesyn web site at www.alliedtelesyn.co.nz/support/updates/patches.html. A licence or password is not required to use a patch. Patch 86253-07 for Software Release 2.5.
