Specifications

ManualsBrandsExtreme Networks ManualsComputer equipmentExtremeWare Version 7.8

New Features in ExtremeWare 7.0

ExtremeWare 7.0 Release Notes 15

This feature is not documented in the ExtremeWare 7.0.0 Command Reference Guide or the ExtremeWare

7.0.0 User Guide.

• You can now disable auto-polarity detection on the Summit48si (PD2-102329001). The Summit48si

automatically detects and corrects the polarity of cables, simplifying installation and maintenance.

You can disable this feature using the following command:

configure ports <all | portlist> auto-polarity <on | off>

The default setting is on. The show ports {portlist | all } info detail command displays

the autopolarity setting.

This command is not documented in the ExtremeWare 7.0.0 Command Reference Guide.

• You can now create overlapping FDB and ACL IP rules (PD2-63843734).

IP ACL rules can be implemented either as an ACL rule or an FDB rule. ACL hardware is more

flexible and has no restrictions on the kinds of IP rules that can be implemented. ACL rules are

implemented on the I/O modules to which they apply. You can assign precedence values to ACL

rules. IP rules with a precedence specified are implemented as ACL rules.

FDB hardware does not limit FDB rules to 255 per module. However, FDB hardware does not

support range values for IPSA, L4-DST-PORT, or L4-SRC-PORT. In addition, FDB rules cannot

support all IP rule components, such as the ingress port component of IP rules. FDB rules apply to

all ingress ports. You cannot assign precedence to an FDB rule.

ExtremeWare, based on the rule components, decides to implement IP rules either as ACL rules or as

FDB rules. Whenever possible, IP rules are implemented as FDB rules because ACL rules are limited.

When a new IP rule is entered, ExtremeWare checks for overlap with existing IP rules. The new rule

is rejected if either it or the overlapping rule does not have a specified precedence. By default, the

precedence of FDB rules is higher than that of ACL rules.

You can now use the new

ignore-overlap option in the create access-list command to ignore

overlapping IP rules. IP rules are still implemented as FDB rules if possible. IP rules with a specified

precedence are still implemented as ACL rules. FDB rules still take precedence over ACL rules.

The output of the

show access-list command indicates rules added with the ignore-overlap

option.

This feature is not documented in the ExtremeWare 7.0.0 Command Reference Guide or the ExtremeWare

7.0.0 User Guide.

• You can now configure a MAC address to be permitted only on a set of ports (PD2-106654174).

Secure MAC addresses, if learned, are still aged out like other dynamically learned entries, and can

also be cleared. To configure the authorized set of ports on which the MAC address should be

permitted, use the following command:

create fdbentry secure-mac <mac_address> vlan <vlan name> ports <portlist>

To clear all the dynamic, non-permanent blackholed entries that were created due to secure MAC

violations, use the following command:

clear fdb blackhole

To see the number of blackhole entries created due to secure MAC violations, use the following

command:

show vlan <vlan name> security

The output of the show fdb permanent command indicates secure MAC addresses.

A new MIB table was added, and several traps modified so you can configure secure MAC

addresses using SNMP.