Rackswitch G8124 Firmware version 6.8.17.0 (Released September 2013) ** Changes since the 6.8.16.0 release ** Enhancements: None. Changes: - Added support for the latest revision of the Management Processor. Fixes: None. ===================================================================== Rackswitch G8124 Firmware version 6.8.16.0 (Released July 2013) ** Changes since the 6.8.15.0 release ** Enhancements: None. Changes: None. Fixes: - A watchdog timeout could occur if an IGMPv3 Report packet was received with the invalid source-IP address of 0.0.0.0. (71749) - A Security vulnerability existed in the OSPFv2 Routing Protocol that is used in IBM System Networking Ethernet Switches (CVE-2013-0149). - A Security vulnerability existed in IBM Switches which support Fibre Channel over Ethernet (FCoE), in that data frames were being flooded out of every port if the destination address was not in the MAC table. (CVE-2013-0570). ===================================================================== Rackswitch G8124 Firmware version 6.8.15.0 (Released April 2013) ** Changes since the 6.8.12.0 release ** Enhancements: None. Changes: None. Fixes: - The running configuration would be displayed in the output of "show tech support" in IBM-CLI format after uploading via the "copy tech-support to tftp" isCLI command. (62584) - The CLI terminal-length setting would not be respected when issuing certain "show" commands. (66031) - If IGMP Multicast streams with a common (S,G) pair were being sent out of two or more switch ports, then inbound IGMPv3 protocol packets from multiple receivers were interleaved such that an Exclude(none), an Include(S,G), and an Exclude(none) arrived sequentially on a port, that port would stop forwarding multicast packets that matched the (S,G) pair. (70055) =================================================================================== Rackswitch G8124 Firmware version 6.8.12.0 (Released November 2012) ** Changes since the 6.8.7.0 release ** Enhancements: - Added the "HFT" Boot Profile, which with respect to the Default Profile, increases the the number of IGMP Multicast Groups from 1000 to 2900, and the number of IGMP mrouter port entries from 20 to 128. (59237) - Added commands to disable/enable IGMP mrouter syslog messages: [no] logging log igmp-group [no] logging log igmp-mrouter [no] logging log igmp-querier (59573) - Added the ability to configure the BBI refresh rate. (59008) Changes: - Syslogs are now displayed most-recent first in the BBI. (59008) - Changed the frequency of NTP logging from every time the system clock is updated, to only when a connection is established with an NTP server, or lost. (60467) Fixes: - Issuing any variant of the "show mac" command would sometimes display an inaccurate number for "Total number of FDB entries". (48561) - Attempting to configure auto-negotiation parameters on Management Ports would fail. (51820) - Attempting to configure an IPsec 3DES key beginning with "00" would fail. (55362) - OSPFv3 IPsec Security Associations would not be formed when using AH or ESP keys beginning with "00". (55738) - In an OSPF topology, deleting a static route would result in Type 5 LSAs being sent with an invalid Forwarding Address. (57334) - Multiple simultaneous Telnet/SSH login attempt failures within a short interval could cause VRRP to flap. (58261) - After 4 failed SSH login attempts when the user-authentication server (TACACS or RADIUS) is unreachable, memory exhaustion could occur if continuous connection attempts were made in rapid succession from an SSH client before the configured authentication timeout is reached. (58263) - Syslog events would not be generated after downloading a configuration file via the "copy tftp running-config" command. (58841) - The "ipv6 ospf encryption ipsec spi" command would be lost from the configuration upon reboot. (58930) - User-configured IPv6 interfaces could fail to initialize during reboot. (58970) - When traffic was mirrored to multiple Mirror ports, some packets would be lost if the traffic being received on the Monitor ports was a mix of Broadcast and Unicast. (59168) - Stack traces produced by Memory-Monitor resets were inaccurate. (59210) - Statically configuring an multicast router on LACP-trunk ports would fail if the mrouter table was full. (59451) - The "show ip igmp mrouter" command would not display mrouter entries correctly when more than one static mrouter was configured. (59461) - After using the "clear ip igmp mrouter" command, the "show ip igmp mrouter" command would display more entries than were actually programmed in hardware. (59462) - Memory corruption could occur while servicing an SNMP Get request for the 'dot1dTpHCPortInFrames' leaf using a portchannel ID. This could indirectly lead to the the management software errantly believing the the IGMP table was full. (59882) - The Switch ASIC supports a maximum of 128 IGMP mrouters (either statically configured or dynamically learned), but afer globally disabling then re-enabling IGMP, only 127 minus the number of statically-configured mrouters could be dynamically learned. (59899) - Instances of the escape character '\' in the System Notice were not explicitly being stored in the configuration file, leading to an "Invalid input detected" error during reboot, and the user-configured message missing from the running configuration. (59926) - The number of available IGMP mrouter entries would sometimes not be updated after removing ports from a Trunk on which mrouters had previously been configured or learned. (59963, 60045) - IGMP mrouter entries statically configured on Trunk ports would sometimes not be applied upon reboot. (60039) - With a mixture of static and dynamic IGMP mrouter entries already installed, attempts to configure additional entries beyond the maximum supportable number would fail (as designed), but no error message would be generated. (60093) - After changing the LACP mode from "active" to "off", MAC addresses previously learned on that trunk were not being flushed from the FDB. (60094) - If the IP address of a switch for which IGMP Querier was enabled was changed to be numerically lower than the previously-elected querier, re-election would not be triggered. (60116) - If the first port of a Trunk on which IGMP mrouters were configured is subjected to a link flap, static mrouter entries would be deleted. (60186) - A crash could occur when issuing the "no ip ipmcfld" configuration command, after previously changing the LACP key. (60219) - Disabling IGMP globally would result in unregistered IP multicast traffic being flooded on Trunks for which mrouters had been statically configured, even if flooding was disabled. (60235) - Unregistered IP multicast traffic would not be forwarded to statically-configured mrouter ports upon enabling IGMP globally, if the mrouter ports had been configured while IGMP was disabled globally. (60247) - Unregistered IP multicast traffic would be flooded if IP routing was disabled, even if flooding was also disabled. (60257) - Attempts to add a static IGMP group entry when the maximum supportable groups had already been reached would fail (as designed), but no error message would be generated. (60299) - When receiving frames with the Broadcast destination address at a rate greater than 100Mbps, DNS Resolution Requests would fail. (60537) - Reserved IP Multicast packets would not be forwarded if flooding and and IP routing were disabled. (60563) - A user could inadvertently configure more Multicast groups than are supported. (60770) - In a case where more than 2000 IGMP groups are installed, if multiple IGMP Query packets are received simultaneously on two ports in the same VLAN, some may not be processed. (60855) - The NTP primary server IP address would be replaced with the word 'key' if the invalid command 'ntp primary-server key [x]' was invoked from ISCLI. (60900) - A loopback interface configured as the Source Address of an NTP server could inadvertently be deleted. (60936) - UDLD PDUs received on an port which is a member of LACP trunk and for which UDLD was disabled would errantly accept the PDUs, leading to the port being set to the "Error Disabled" state. (60945) - After disabling MAC Learning via the "no learning" command, MAC addresses previously learned on an LACP trunk would not be flushed from the FDB. (61026) - If two LLDP PDUs were received from the same source on two different ports within the time specified by the TTL TLV of the first PDU to arrive, 4KB of CPU memory would be lost (i.e., not returned to the global memory pool) while processing the second PDU. Over time, this condition could lead to CPU memory exhaustion, and a reset by the switch's Memory Monitor. (61108) - After changing the SSH port number via the "ssh port " command, active SSH sessions were not being terminated as expected. (61140) - If during reboot, a timezone other than default was explicitly configured, the time reflected in the "Booting complete" message would not use the configured timezone, resulting in an inaccurate boot-complete time being displayed (and possibly earlier than the prior "Resetting at" time). (61266) - After a adding a static IP Multicast entry to a Port/VLAN, multicast traffic that was previously being forwarded to Mrouter ports in the same VLAN would no longer be forwarded. (61487) - If an LACP trunk had ports in multiple Spanning Tree groups, and two or more ports in the trunk were not in the same forwarding state (e.g., during boot-up, or after issuing the "shut/no shut" command sequence), any static Mrouter configuration for that trunk would "error out" and be lost (i.e., the Mrouter entries would not be installed). (61529) - Repetitive use of the isCLI "pipe" option would result in a memory leak. Over time, this could lead to CPU memory exhaustion, and a reset by the switch's Memory Monitor. (61623) - If a user had logged in with a TACACS user ID of the maximum allowable length then disabled TACACS, a crash would occur upon logging out. (61691) - When displaying the IGMP table simultaneously via Telnet and Console sessions, the Telnet session would be disconnected. (61747) - The "terminal-length 0" setting would not be respected when using the isCLI "pipe" option. (61751) - There was no SNMP MIB object for the currently-running Boot Profile. (62264) - With PIM disabled, PIM protocol packets would not be flooded if flooding of IP-Mulitcast packets was also disabled. (62270) - A crash would occur while trying to log in using TACACS+ authentication, if the designated TACACS server was unreachable. (62839) - All packet processing in the switch ASIC would be momentarily suspended, and all incoming packets discarded, under any of the following conditions: 1) Logging into or out of the Switch via SSH or Telnet. 2) Initiating a Telnet session from the Switch, and subsequently terminating the session. 3) Initiating, completing, or otherwise terminating a file transfer via FTP or TFTP. * Note that while processing of packets is suspended, there will be no indication of discards (i.e., discard counters will not be incremented) (63890) - A crash would occur when closing a Telnet or SSH session while a command-option prompt was pending. (64005) - Incoming IGMP protocol packets (i.e., Queries, Joins, and Leaves) could be lost if the switch was simultaneously receiving unregistered IP multicast packets a high rate. (64114) - Attempting to configure the SSH port number to one already used by another service (e.g., HTTP port 80) would not generate an error until attempting to enable SSH. (64987) - A crash would occur if an SSH client used the remote-execution option to run a local command (e.g., ping, traceroute, etc) upon login. (65557) =================================================================================== Rackswitch G8124 Firmware version 6.8.7.0 (Released March 2012) ** Changes since the 6.8.6.0 release ** Enhancements: None. Changes: None. - Previously when a PIM Rendezvous Point became unreachable, a PIM Join message would be sent on the alternate path after a 10-second timeout. To improve the failover time, PIM will now send a Join on the alternate path immediately after being notified of the lost route by the Unicast Routing Table. (CR 56265) - Multiple simultaneous Telnet/SSH login attempt failures within a short interval could cause VRRP to flap. (58261) - After 4 failed SSH login attempts when the user-authentication server (TACACS or RADIUS) is unreachable, memory exhaustion could occur if continuous connection attempts were made in rapid succession from an SSH client before the configured authentication timeout is reached. (58263) - IGMP mrouter entries statically configured on Trunk ports would sometimes not be applied upon reboot. (60039) - With a mixture of static and dynamic IGMP mrouter entries already installed, attempts to configure additional entries beyond the maximum supportable number would fail (as designed), but no error message would be generated. (60093) - If the first port of a Trunk on which IGMP mrouters were configured is subjected to a link flap, static mrouter entries would be deleted. (60186) - Disabling IGMP globally would result in unregistered IP multicast traffic being flooded on Trunks for which mrouters had been statically configured, even if flooding was disabled. (60235) - Unregistered IP multicast traffic would not be forwarded to statically-configured mrouter ports upon enabling IGMP globally, if the mrouter ports had been configured while IGMP was disabled globally. (60247) =================================================================================== Rackswitch G8124 Firmware version 6.8.6.0 (Released Februaury 2012) ** Changes since the 6.8.2.0 release ** Enhancements: None. Changes: - Added support for the SNMP P-Bridge and Q-Bridge MIBs in accordance with RFC 4363. (51920) - The LLDP "Port and Protocol VLAN ID" and "VLAN Name" optional TLVs are now disabled by default. (56041) Fixes: - The SNMP "swTempReturnThreshold" trap would not be generated when returning to the normal operating range after previously exceeding the temperature-warning threshold. (50510) - When upgrading from a firmware verision prior to 6.6, any explicit configuration of "auto-negotiation off" for 1G ports would errantly be changed to "on". (50710) - The "show ip route counters" command could display more than the actual number of ECMP routes after performing the "interface enable/disable" command sequence in a topology with indirect next hop routes. (52271) - BGP peer connections would be lost when receiving update packets with the community attribute containing transitive temporary flags. (52595) - A crash could occur after receiving an STP BPDU with an invalid STG instance number. (52947) - Some multicast packets would be lost by existing IGMP receivers if a new receiver registered for the same Group and VLAN or a receiver already registered for the same Group and Vlan would leave (due to a Leave or a port down event) (53305, 55693) - A port's link speed could not be set to 10/100MB if a Finisar Copper SFP transceiver was installed. (53803) - In a multi-ECMP configuration, only one non-best ECMP route would be displayed in the routing table after adding a static route to the same destination. (54641) - Static Multicast routes were not removed from the IP Multicast table after deleting them from the running configuration. (54901) - The switch would erroneously allow the configuration of a TACACS+ password greater than the maximum length of 32 characters. (55007) - Ping requests would not be sent on a port which had previously been removed from an LACP Trunk. (55234) - A crash would occur if the "show running-config" command was issued after a login notice greater than 1024 characters was previously configured (55417) - The SNMP and TACACS+ CoPP queue priorities were not being respected when PIM was enabled. (55642) - High CPU utilization could occur if IGMP packets were received while IGMP was not configured and VLAN flooding was disabled. (55647) - A crash would occur when using the Nmap/Zenmap port-scanning tools with the "intense udp scan" option. (55771) - IP Multicast traffic in groups that had been learned via IGMPv3 Reports was no longer forwarded after a General Query was received on the same port and the multicast groups had expired. (55923) - The switch was not being recognized as a Remote Device by Juniper MX480 Routers when LLDP was enabled. (56041) - Disabling multiple ports in a LACP Trunk could result in traffic discards on the remaining ports. (56115) - Momentary packet discards would occur within a VLAN when removing ports from that VLAN. (56304) - The "Object Identifier" field in the output of the "/i/l2/lldp/remodev" command could sometimes appear garbled. (56426) - STP flapping could occur if receiving unregistered multicast traffic for a VLAN configured with Flooding disabled, or Optimized Flooding enabled. (56489, 56970) - LLDP packets would not be sent on a port that was in the STP "Blocking" state. (56639) - The "Total entries" parameter displayed via the "show ip igmp mrouter" command was being double-counted if static multicast routers were configured on Trunks. (56788) - Using either of the "include", "exclude", "section", or "begin" CLI filtering options with commands that require user confirmation to proceed (e.g., "show tech" and "show counters") would result in a hang of the terminal session (56840) - Enabling the sFLow feature could lead to a CPU packet-buffer leak that over a prolonged period of time would eventually lead to a loss of control-plane protocols that are dependent on the CPU, and an inability to manage the switch (via Telnet, SSH, SNMP, etc.). (57045) - Multicast routers previously learned via PIM Hello packets would not expire after receiving PIM Hello packets updated with a new multicast-router source-IP address. (57249, 55588) - Activation/Deactivation errors could appear when registering IPMC entries with PIM enabled (56886) - The SNMP 'altTeamingTriggerUp' and 'altTeamingTriggerDownTraps' were not included in the Enterprise MIB, resulting in the traps being unrecognized by SNMP Management software. (57311) - A memory leak existed when receiving LLDP DCBX v1 packets, such that over time could lead to complete memory exhaustion and eventual reset by the Switch's Memory Monitor. (57389) - A crash could occur while processing invalid or unsupported LLDP DUs. (57438) - Enabling the sFLow feature could lead to a crash. (58016) =================================================================================== BNT 8124/8124E Switch Version 6.7.2.0 (Released July 2011) ** Changes since the 6.5.3 release ** Enhancements: - Added support for the following IPv6 features for NIST USGv6 conformance Multicast Listenet Discovery v1/v2, Authentication/Confidentiality for OSPFv3 and IPsec/IKev2 support. - Added loopback interface support for integrating with routing protocols BGP and OSPF. - Added loopback interface as source IP address for the following protocols SNMP trap, NTP, Syslog and TACACS+. - Added Log capability for ACL functionality. - Added the LACP support by introducing 'minimum number of links needed' configuration to form a LACP trunk. - Added ISCLI output filtering capability using 'begin', 'include', 'exclude' etc. - Added optical input/output level information to 'show transceiver' command output. - Added 'if'(interface) statistics for trunk groups. Changes: - Default STP mode is now changed to PVRST+. - In PVRST+ mode, new VLANs will now be automatically assigned a Spanning tree group ID. First 128 newly created VLANs will be associated to an STG ID automatically. If more than 128 VLANs are created they will be assigned to an STG ID 1. - flooding options can be configured for at vlan's level and not at IGMP's level and the functionality is available regardless of the IGMP's state. - A new flooding option, optimized flooding, can be configured. By default it is disabled. When enabled, optimized flooding config avoids the packet loss during the learning period. Fixes: - Fixed an OS crash when trying to upgrade the boot kernel image using SCP. (51080) - In stacking mode some of the IGMP related config is lost after stack master failback. (48515) - OSPFv3: ecmp route is removed from hardware when shutdown a port from a trunk (50221). - VRRP: ping to VR is not working from Master switch works only from Backup switch. (50523) - sFlow: sFlow samples are not sent. (50473) - SSH: Fixed SSh crash when trying to login with wrong password (48951). - Static MAC: stale ARP entry created and caused not to forward the traffic (50365). - CPU rate stayed high utilization after stopping SNMP. I2C thread stats increments.(51134) - sFlow: unable to see ip address pairs when monitoring flows through switch (49041). =================================================================================== G8124 Firmware version 6.4.7.0 (Released March 2011) Enhancements: - Added a prompt for the local username and password when entering via the TACACS "back door". (45627) - Removed prompting of the administrator password when changing the password of a local user, when the user is already logged in via TACACS authentication with administrator privilege. (45628) - Added support for learning Mrouter ports via PIM Hello messages. (44139) Changes: - Converted the "stats/mp/pkt" command to a menu and added more options to display packet counters and logs. (37046) - Added support for SFP+ ER Transceivers. (38919) - Added the ability to access the SNMP "lldpRemTable" table via the "Time Mark", "Local Port", and "Index" indices. (43158, 44088) - Added a check to block link-up of ports when a straight-through cable is installed and autonegotiation is disabled. (47727) Fixes: - Applying any layer-3 configuration change could result in an alternate gateway becoming the active gateway. (42700) - If a port associated with a static-mulitcast MAC entry was added to a trunk, the hardware entry would continue to be associated with the port. Conversely, if the port was removed from the trunk, the entry would continue to be associated with the trunk. Either condition would result an unpredictable port states. (43648) - The User Interface would hang when trying to download configuration files via BBI or SNMP. (43650, 44054) - If port in a Trunk (programmed with a static-mulitcast MAC entry) went down, traffic would not resume when the port came back up. (43662) - A crash could occur if clearing the PIM mroute table while the RP is being learned. (43733) - If a router in a RIP domain became unreachable, the default route advertised by the unreachable router would still be propogated within the RIP domain. (43765) - A crash could occur if the PIM DR is changed while a new neighbor is being learned. (43792) - A crash could occur if PIM is disabled (globally) then re-enabled in Dense Mode while traffic is being switched. (44586) - Configuration of autonegotiation parameters on management ports was prohibited. (45241) - With PIM enabled, PVRST BPDUs were being treated as unknown multicast data and flooded back to the network instead of being consumed. This resulted in continuous STP topolgy changes. (45423) - SNMP MIB walks would get stuck in an endless loop in the UdldInfoNeighborTable object. (45616) - Resetting the active switch in an active-standby topology would not bring down the link, resulting in a suppresion of the failover mechanism. This would lead to network outage of up to 30 seconds while the switch rebooted. (45844, 45948) - Unicast packets with TTL=0 were being forwarded instead dropped in hardware. (45944) - During periodic link polling, the link state could be errouneoulsy be detected as "down", resulting in a momentary link flap by the polling software. (45946) - If an IPMC sender and receiving host were in the same PIM-enabled VLAN, IPMC packets would not be forwarded. (45989) - If an IPMC sender and receiving host were in a PIM-enabled VLAN and IGMP Flooding was enabled, traffic could be flooded to an interface beyond which no receiving host exists. (46041) - IP Multicast traffic would leak between VLANs when both PIM and IGMP-Flooding were simultaneouly enabled. (46066) - If a port was added to a VLAN while PIM was enabled on that VLAN, the switch would stop sending IPMC packets to receivers in that VLAN. Conversely, if a port was removed from the VLAN, the receivers would receive duplicate packets. (46090) - Default route entries were not being deleted after disabling the default gateway of the associated interface. This would result in Telnet/SSH sessions associated with the interface not being closed. (46143) - A crash would occur if a PIM Assert message was received while operating in PIM Dense Mode with an incorrect unicast configuration. (46298) - Registered IPMC traffic would not be forwarded to the mrouter port after issuing the "clear ip igmp mrouter" command. (46542) - A crash could occur if a 24-bitmask RP-static entry was confgured to overlap a 32-bitmask RP-static entry (46577) - A crash could occur when a PIM candidate RP was configured after a static RP had previuously been configured. (46729) - When a static Mrouter was configured over a static portchannel, failover/failback would not occur if a port in the trunk experienced a link-state change. (46764) - PIM Neighbors could go down and not recover after a STP/portchannel failover. (46799) - A crash could occur if immediately after a static route flap, the PIM mode was changed from Sparse to Dense. (47126) - The CPU could hang while handling an exception (e.g., a crash or watchdog timeout). (47317) - The CPU could reset while executing the "show mp tcp-block" or "show mp udp-block" commands (or indirectly via the "show tech-support" command), if the amount of TCP/UDP control blocks associated with the management ports at the time was high. (47396) ================================================================== Rackswitch G8124 Firmware version 6.4.6.0 (Released November 2010) Enhancements: None. Changes: None. Fixes: - The console would hang when continuous pings reached 65535 iterations. (43845) - The corruption of a buffer-management counter resulted in the inability of the CPU to process Layer-3 packets. (44306) - The swtich would drop LLDP frames with IEEE 802.3 MAC/PHY Status TLVs in which the auto-negotiation "not supported" and "enabled" bits were both set. (44331) ================================================================== G8124 Firmware version 6.4.5.0 (Released October 2010) Enhancements: - Added protection of BGP Sessions via the TCP MD5 Signature Option. (42077) - Added the ability to display the best route in the output of the "show ip route address" command even when the specified address does not already exist in the route table. (41386) - Added SNMP traps for Fan failures and Temperature-exceeded. (42373) - Increased the number of Static-RP Groups from 12 to 64. (42649) Changes: - Added missing descriptions for LACP Informational Tables in the Enterprise MIB. (42203) - Added Missing MIB values for Fan RPM (hwFan6RPMValue) and Temperature Sensors (hwTemperatureSensor4, hwTemperatureSensor5). (42279) - Added a configurable CLI option to disable the static-route health-check feature. (42492) - Added the missing hwBoardRevision object to the Enterprise MIB. (43237) Fixes: - Crash could occur when changing PIM mode from Sparse to Dense while traffic was being switched. (41580) - OSPF Adjacencies were momentarily lost for all neighbors if the BGP AS number was changed via the "router bgp as" configuration command. (41670) - Crash could occur when issuing "show ip pim elected-rp" command. (41949) - Static routes were lost after bringing link down/up multiple times. (42008) - When a BGP route was learned, and its next-hop matched a statically- configured route, an additional static route was displayed in the isCLI configuration dump. (42376) - With PIM enabled and no active receivers, BGP sessions would flap while receiving IPMC traffic at a high rate. (42408) - The description of the ecmpGatewayUp and ecmpGatewayDown SNMP traps were inconsistent with the MIB, making the traps unrecognizable by the MIB browser. (42442) - SSH connections would hang if TACACS+ was enabled, "clog" or "cauth" were enabled, and the user logged via backdoor and executed a command. (42672) - Was unable to negate PIM Dense Mode under "ip pim component 1" or clear IP PIM Component 1 without rebooting. (42990) - The MTU was being set to "0" in OSPF DBD packets. (43070) - Disabling flow control on the management ports ("mgmt1", "mgmt2") is not allowed, but was not being blocked in isCLI mode. (43247) - G8124 configurations could not be loaded on the G8124-E, and vice-versa. (43286) - PIM would not work with the default gateway if no specific or best-route to RP/Src existed. (43349) - Configuring autonegotiation "off" on Management ports would not take effect. This would result in a link-down condition if the other end of the link had autonegotiation disabled. (43484) - SNMP MIB walks were failing on the agPortCurCfgUdld object. (43696) - The PortID and DeviceID TLVs in UDLD PDUs were being formatted incorrectly, causing the upstream Cisco router to falsely detect a unidirectional link then disable the port. (43699) - The Source-specific BGP packet filter was programmed with an incorrect rule, causing all TCP data packets to be sent to the CPU. (43757) - Crash would occur while displaying static-multicast entries (via the “/maint/fdb/mcdump” command), if one of the entries had previously been added using the CLI’s PORT-LIST option in the “/c/l2/fdb/mcast/add” command, and the ports were part of a trunk. (43728) ================================================================== G8124 Firmware version 6.4.4.3 (Released September 2010) *** Changes/fixes since the 6.4.3.0 release *** Enhancements: None Changes: - Added SNMP alerts for when a Power-fault and Fan-failure conditions are cleared. (42889) - Added the ifDescr, ifAlias, and ifType objects to the SNMP Link Up/Down traps. (42893) Fixes: - Changing a port-parameter configuration (e.g., flow control) could result in the deletion of the default route associated with the management ports (MGTA/MGTB). (41224) - When a port was part of two VLANs and that port was enabled as an mrouter port for one of the VLANs, traffic from the second VLAN was getting forwarded also, even if there was no mrouter configured for the second vlan. (41506) - The console could hang when issuing the "show counters" command. (42611) - Normally when a topology change occurs, the Forwarding Data Base (FDB) and ARP tables are flushed. There was an issue in which the ARP entries were not getting flushed immediately, leading to PVRST convergence times of up to 30 seconds. (42617) - In some cases after repetitive link flapping in a PVRST scenario, ARP entries were not getting flushed when the Forwarding Port was entering the DISC state. This could lead to traffic being dropped for up to 30 seconds. (42676) - With DHCP Relay enabled and relaying DISCOVER packets at a high rate (more than 120 per second), returning DHCPOFFER packets would be dropped. (42874) - SNMP would become unreachable after a link flap on a management port, or after a port-parameter configuration change on any port. (42933) - If a VLAN-tagged port's PVID was changed from that of VLAN A (where A > 1024), to that of VLAN B (where B < 1024), subsequent packets arriving on VLAN A would be dropped. (42996) - Switch crashed during MIB walk on BGP peer info table (43027) - Enabling IGMP Querier would cause the switch to drop protocol control packets (i.e., 224.0.0.x), resulting in OSPF going down. (43089) - The console would hang upon logging in if the TACACS+ Password Change Rule was configured on the server. The TACACS+ password-change rule is not currently supported, so to prevent a hang, we now display an error message ("TACACS+ Forced Password Change Not Supported"), then exit. (43098) ====================================================================== G8124 Firmware version 6.3.3.0 (Released August 2010) Enhancements: None. Changes: - Added missing descriptions for LACP Informational Tables in the SNMP MIB. (42203) - Amended the output of the "show ip igmp querier" command to show the current setting as "Querier" or "Non-Querier" instead of "ON" or "OFF". (42438) Fixes: - Erroneous error message when attempting to remove a port from a VLAN when the port was configured as a vNIC Uplink Port. (41057) - When a port was part of two VLANs and that port was enabled as an mrouter port for one of the VLANs, traffic from the second VLAN was getting forwarded also, even if there was no mrouter configured for the second vlan. (41506) - Terminal sessions could become unusable if an idle-timeout occurred while the CLI is waiting for user input. (41560) - Crash when receiving self-originated LSAs where the Advertising Router and Link State ID specified in the packet were different. (41734) - PVST can take up to 30 seconds to converge. (41899) - Crash when receiving LLDP packets with management-address TLV. (41998) - Time zones for Sweden, Switzerland, and Turkey were being set incorrectly. (42023) - The ifHCInOctets and ifHCOutOctets 64-bit interface counters were wrapping after just 32 bits. (42122) - Crash when receiving vNIC Version-2 packets, which are not supported in releases prior to 6.5. (42184) - Added Missing MIB values for Fan RPM (hwFan6RPMValue) and Temperature Sensors (hwTemperatureSensor4, hwTemperatureSensor5). (42279) - Failure to flood BPDUs across the aggregator ISL reulted in a loop between the aggregators and upstream devices that went undetected. (42313) - Memory leak and possible memory exhaustion could occur from receiving unsupported DCBX TLVs over time. (42378) - When IGMP querier was enabled without snooping being enabled, control packets were not sent to CPU, so the querier election was not occurring. (42370) - Console could hang when issuing the "show counters" command. (42611) ====================================================================== G8124 Firmware version 6.3.2.0 (Released June 2010) Enhancements: None. Changes: - Amended the output of the "show ip route" command to differentiate between management routes and data routes. (40675) - Automatically disable DHCP client when interface 1 is statically configured. (40692) - Increased the maximum number of OSPF Areas supported from 3 to 6. (40697) - Added the "no prompting" option to isCLI (equivalent of "verbose 0" in BladeOS CLI). (40865) Fixes: - After multiple reciprocating iterations of the "shut" and "no shut" commands, a port would become permanently disabled, recoverable only by a reboot. (38913) - The CPU would lock up when receiving packets with a length of greater than 256 bytes at a high rate. This would ultimately lead to a watchdog timeout and subsequent reboot. (40309) - If a new default route was received via RIP, under some circumstances the route would be not functional. (40310) - A default static route could not be created after the management gateway had been configured. (40604) - OSPF adjacencies flapped when OSPF configuration changes were made. (40610) - Configuration validation of "ip route" and "ip gateway" commands could fail while upgrading from the 5.2.1.1 release to a 6.3.x release, resulting in loss of the startup configuration. (40617) - Telnet connections would not close completely when exiting a session from SecureCRT. (40669) - OSPF adjacencies would be lost on all areas when enabling and disabling authentication on an area where no interface is configured and no neighbor is learned. (40748) - 0.5-meter DAC cables were displayed as "LB" when issuing the "show interface transceiver" command. (40781) - OSPF host addresses were not being relearned from the second path when the first path failed. (40831) - With MSTP enabled and an interface associated with a VLAN that had just one port "up", disabling spanning-tree (CIST) on the port then shutting down the port would lead to a condition where the IP interface still appeared to be up. (40836) - Crash could occur in some instances when downloading a configuration file via SCP and using the PSCP client. (40900) - Static routes may not have been updated in the Switch ASIC if the gateway became unreachable. (40947) - Configuring OSPF to redistribute fixed routes would not take effect without restarting OSPF. (40971) - The 64-bit port counters were not getting refreshed when requested via SNMP. The result was the appearance of the counters not incrementing. (40986) - When adding a mgmt network definition, existing Telnet/SSH users would be ejected, even if they had connected from a trusted network. (41075) - When multiple joins were sent for an IPMC group and leaves were sent for the same group, the counter used to track the "Members Present" state was being overloaded to also track the "Checking Membership" state. As different events cause these state transitions, this counter was getting corrupted. When in this "Checking Membership" state, all Querier-to-Non-Querier transitions were ignored (as per theIGMPv2 spec), so mrouter election was not working correctly. (41280) ====================================================================== G8124 Firmware version 6.3.1.0 (Released June 2010) Enhancements: None. Changes: None. Fixes: - An LACP portchannel (trunk) would not be brought down immediately after changing the local mode from Active to Passive, if the peer's mode was also Passive. (38608) - The ifHighSpeed SNMP object was returning "NULL" for 10-Gigabit ports. (40018)