Академический Документы
Профессиональный Документы
Культура Документы
Release Notes
123456789
2
Contents
Chapter 1 Overview
New and Enhanced Features in ExtremeWare 7.5 or Earlier 9
Local Authentication for Management Sessions 9
MAC Address Lockdown with Timeout 9
Network Lookup on “e” Series Switches 10
PVST+ Enhancements 10
Edge Safeguard 10
.Bxtr Software Image 10
New Hardware Platforms for Summit 200 Series Switches 10
Supported Hardware 11
BlackDiamond Component Support 13
Alpine Component Support 14
Summit “i” and Summit “e” Series Platforms 14
GBIC Support 15
Mini-GBIC Support 16
XENPAK Module Support 16
Channel Mapping 16
Tested Third-Party Products 22
Tested NICs 22
WPA-Compliant Wireless NICs 25
Tested RADIUS Servers 26
Tested Third-Party Clients 27
Tested Laptops 27
Tested PDAs 27
Tested Tablets 27
Tested Scanner 27
Tested Embedded WNIC Modules 27
Tested Spectralink Supported Handsets 27
Tested Spectralink Gateway 28
Legacy IP Phones 28
Legacy Phones with Dongle 29
Request Error Running show wireless ap-scan result Command with Two APs 68
TCP/IP Connection is Lost if Internal DHCP is Enabled 68
Special Characters Accepted in WEP Plaintext Key 68
SNMP Error Messages are Generated When Wireless Port is Reset 68
TCP/IP Connection is Lost if Internal DHCP is Enabled 69
Some IAPP Debug Messages Are Not Logged 69
HTTP/Vista Not Supported 69
Do Not Enable AP_Scan on More than Two Interfaces at a Time 69
These Release Notes document ExtremeWare® 7.5. ExtremeWare 7.5 enables new hardware products and
software features.
NOTE
You can only load ExtremeWare 7.5 on a switch running ExtremeWare 7.0 or later.
aging time. If traffic from a user stops and resumes before the timer expires, the stored MAC address
becomes active again. In similar fashion, if a user disconnects from the switch and reconnects to the
switch before the timer expires, the stored MAC address becomes active again.
MAC address lockdown with timeout is configured by individual ports. The lockdown timer and
address learning limits are configured separately for a port.
PVST+ Enhancements
Per-VLAN Spanning Tree (PVST+) can now be configured on “e” series switches, which allows you to
assign ports to multiple Spanning Tree Protocol Domains (STPDs).
Edge Safeguard
An edge safeguard specifies a port that does not have a bridge attached. An edge port without edge
safeguard enabled is placed and held in the STP forwarding state unless a bridge protocol data unit
(BPDU) is received by the port. An edge port with edge safeguard enabled behaves like other ports
except that it moves from blocking to forwarding within 4 seconds delay instead of 30 seconds like
other ports.Allows you to apply RSTP to edge ports as a mechanism to detect loops.
Although the BlackDiamond 6804 and BlackDiamond 6808 switches use the .xtr software image, the
BlackDiamond switches do not support UAA and PoE.
To use SMA and SONET, the advanced image (.xtr or Sxtr) must be used (PD3-10674849 and
PD3-10693717).
Supported Hardware
Hardware in the following sections listed in italics is new for this release.
ExtremeWare 7.3 (and later) supports “i” series and “e” series products.
• BlackDiamond 6816
• BlackDiamond 6808
• BlackDiamond 6804
• Alpine 3808
• Alpine 3804
• Alpine 3802
• Summit7i/7iT
• Summit1i/1iT
• Summit5i/5iT/5iLX
• Summit48i
• Summit48si
• Summit 400-48t
• Summit 400-24p
• Summit 400-24t
• Summit 200-24/48
• Summit 200-24fx
• Summit 300-24
• Summit 300-48
Table 1 lists software filenames for the hardware that requires software. Summit 400-24 switches require
ExtremeWare 7.4 or later. Summit 200-24fx switches require ExtremeWare 7.5 or later.
NOTE
In addition to the filenames listed in Table 1, v753b8.Wxtr and v753b8.SWxtr are used for upgrading
Summit 200 switches from ExtremeWare 7.1e.
NOTE
The BlackDiamond 6816 requires its own ExtremeWare image. The image that runs on other
BlackDiamond, Alpine, or stackable switches does not support the BlackDiamond 6816.
NOTE
Systems with 128 MB memory should use the v753b8.Bxtr or v753b8.SBxtr image. To determine how
much memory is available, use the show memory command.
NOTE
Do not install mixed versions of the power supplies in the same system. Install power supplies of the
same type.
1. Older switches do not require ExtremeWare 6.2.2b56. To determine the minimum revision
required for your switch, see Field Notice 115A, here:
http://www.extremenetworks.com/services/documentation/FieldNotices_FN0115-MACAddress
SoftwareReqmt.asp.
GBIC Support
NOTE
Extreme Networks optics are tested and work in all supported Extreme switches. It is recommend
customers use these GBIC optics in their Extreme Networks gear. Extreme Networks assumes no
liability for third party optics that do not function in our switches. Extreme does not block third party
optics and can investigate issues involving interoperability of our switches with standards based on third
party optics, provided the customer has a valid service contract for the third party equipment and the
third party optics are made available to Extreme support staff for testing. Extreme Networks cannot
ensure ALL third party optics will work across all our products.
GBICs supported with ExtremeWare 7.5, and the minimum ExtremeWare version required, include:
The following table describes how each version of ExtremeWare interprets the media type of the
installed GBIC, based on either the Vista web interface, or the show port configuration command.
All versions correctly identify Parallel ID GBIC types; however, some versions do not correctly identify
the Serial ID GBIC type because the Serial ID GBICs were introduced after the software was released.
Mini-GBIC Support
Extreme products support the Extreme mini-GBIC only. For reliability and stability reasons, third-party
mini-GBICs are not supported at this time.
Channel Mapping
Table 9 lists the channel mapping for Altitude 300-2i wireless ports connected to a Summit 300-48 using
ExtremeWare 7.5. The UAA features contained in this table apply to the Summit 300-48 switch only.
Table 10 lists the channel mapping for indoor Altitude 300-2d wireless ports connected to a Summit
300-48 switch using ExtremeWare 7.5.
Table 11 lists the channel mapping for outdoor Altitude 300-2d wireless ports connected to a Summit
300-48 switch using ExtremeWare 7.5.
Tested NICs
The wireless NICs in Table 12, Table 13, Table 14, and Table 15 are tested with the listed software (or
later) and authentication method.
The wireless PCI cards in Table 17 are tested with the listed software (or later) and authentication
method.
NOTE
WPA compliant wireless NICs support TKIP and AES with pre-shared and dynamic keys.
Tested Laptops
These laptops are fully tested:
• IBM Thinkpad T40 (Intel Centrino-based 802.11b)
• IBM Thinkpad T41 (Intel Centrino-based 802.11b)
• Dell Latitude D800 (Intel Centrino-based 802.11b)
• HP/Compaq nx9010 (Broadcom 54G MaxPerformance MiniPCI)
• Fujitsu Lifebook N series (Broadcom 54G MaxPerformance MiniPCI)
• Sony PCG-K15
• Dell Latitude D600
Tested PDAs
These PDAs are fully tested:
• iPAQ H5550
• Dell Axim x3i
• HP Pocket PC 4155
Tested Tablets
These tablets are fully tested:
• NEC Tablet
Tested Scanner
The following scanner is fully tested:
• Intermec Scanner Model 700 Color-Pocket PC - 802.11b CF: Open Authentication/No encryption,
Shared/WEP, and Open/WEP
Legacy IP Phones
These wired IP phones have been verified for PoE power up only:
• Avaya 4610SW IP
• Avaya 4620 IP New 03-016A/B
• Avaya 4620SW IP
• Super tex PD1 v1
• Super PD+PS
• TI PTB48540 CL003ENG
• 3COM NJ105
• 3COM NJ220
• 3COM NJ200 Old
• 3COM NJ200 New
• 3COM NJ100 New
• 3COM NJ100 Old
• 3COM 3C10248B with 3CNJVOIPMOD-NBX
• 3COM 3C10248PE IP Phone
• 3COM 3C10226PE IP Phone
• Avaya 4602SW IP Phone
• Avaya 4620 IP Phone
• Avaya 4630SW IP Phone
• Polycom IP 300 With 2457-11077-002 Rev.X1
• Polycom IP 500 With 2457-11077-002 Rev.X1
• Polycom IP 600
• Polycom Speaker IP 3500 with Cisco PIM
• Polycom Speaker IP 3500 with IEEE
• Linear CD671
• 3COM 655003403 PD with 3CNJVOIPMOD-NBX
• Avaya 4602 IP Phone
• Linear LTC4257IS8 with 4257
• Linear Edge PD
• TPS2375 Eval Chip #22
Staying Current
If you are an Extreme Assist customer, the latest release and release notes are available after logging in
to the Tech Support web site:
http://www.extremenetworks.com/go/esupport.htm.
Following are specific instructions on upgrading to, and downgrading from, ExtremeWare 7.5 for
Summit, Alpine, and BlackDiamond switches.
NOTE
ExtremeWare 7.4 contains a PoE firmware upgrade for the Alpine FM-32Pi module. PoE firmware
changes are not automatically performed by the software. You must manually download the new
firmware using the download firmware CLI command. If you are upgrading from a version earlier than
ExtremeWare 7.4, you must manually download the new firmware. Until this firmware update is
completed, the PoE ports are not powered up. The PoE firmware download may take up to 5 minutes
per Alpine FM-32Pi module. Check the switch log messages to ensure the firmware change was
successful. If unsuccessful repeat the firmware download.
Alpine switches with PoE modules require user intervention using a CLI command to upgrade the PoE
firmware. Until the firmware update is completed, the PoE ports are not powered up. Refer to
“Upgrading PoE Firmware on an Alpine Switch with a PoE Module” on page 36.
NOTE
If you are also upgrading your BlackDiamond to MSM-3’s, see the MSM-3 Upgrade Note included with
your MSM-3.
NOTE
If you are upgrading a chassis with MSM64i’s to MSM-3’s, see the MSM-3 Upgrade Note included with
your MSM-3.
1 Upload the configuration to your TFTP server using the upload configuration command.
2 TFTP download ExtremeWare 7.5 to the primary image space using the download image primary
command.
3 Clear your switch using the unconfigure switch all command, and enter y at the prompt to
reboot the switch. If you started the upgrade process with ExtremeWare 7.4 or later, you can skip this
step.
4 Configure the IP address on the switch to reach the TFTP server.
5 TFTP download the configuration.
6 Reboot the switch using the reboot command.
NOTE
If you have Hitless Failover enabled on your MSM-3, you can use the hitless upgrade procedure.
7 Verify that the correct ExtremeWare version is loaded on the switch using the show switch
command.
8 TFTP download the configuration you saved in Step 1, and enter y at the prompt to reboot the
switch.
9 Check the log for configuration errors. Manually enter configurations that did not load.
10 Save the new configuration to the primary space.
Do not save to the secondary configuration space until you are certain a downgrade to the previous
image is not required.
11 If you are upgrading a BlackDiamond switch, synchronize the BootROM, image, and configuration
across all installed MSM modules using the synchronize command. This command reboots the
synchronized modules.
12 Reboot the switch using the reboot command.
13 If you are using the Network Login campus mode:
a Manually enable Network Login using the enable netlogin [web-based | dot1x] command.
b Verify that users are able to authenticate and successfully access network resources.
NOTE
If you are upgrading multiple modules, skip step 4 until you have upgraded every module, then reboot
the switch instead of rebooting each slot.
5 Verify that the correct ExtremeWare is loaded using the show version command.
6 Download the BootROM using the download bootrom slot command.
7 Reboot the module using the reboot slot command.
8 Verify the slot is operational using the show slot <#> command.
NOTE
Alpine switches with PoE modules require user intervention using a CLI command to upgrade the PoE
firmware. Until this firmware update is completed, the PoE ports are not powered up.
1 Use the following command to download the firmware to the selected slot:
download firmware slot <slot_number>
2 Verify that the PoE firmware loaded correctly using the show inline-power stats <slot
number> command.
NOTE
When downgrading to a previous version of ExtremeWare, ensure that the switch configuration
matches that version of ExtremeWare or below. Pointing the configuration to a new version of
ExtremeWare and using a previous version of ExtremeWare is not supported. You will get a warning
message from the system when attempting to do so.
NOTE
Because of the drastic change in the functionality between ExtremeWare 7.5 and ExtremeWare 7.1e,
not all configuration databases are automatically converted during the initial boot of ExtremeWare 7.5.
Failure to download the saved configuration will leave the switch with a minimal default configuration.
NOTE
If you are using ExtremeWare 7.1e and stacking is enabled, the stacking functionality has changed
drastically since ExtremeWare 7.5. As a result, some CLI commands are not compatible. Refer to the
ExtremeWare 7.5 (or later) User Guide or Command Reference Guide for configuration differences.
NOTE
If you need SSH functionality, first download the non-SSH image as stated below and then download
the SSH image. To request SSH code, contact Technical Support.
Downgrading ExtremeWare
These instructions assume that you followed the upgrade instructions correctly and that the desired
previous configuration has been preserved in the secondary configuration space.
1 If the secondary configuration was saved while using a previous image, configure the switch to use
the secondary configuration using the use configuration secondary command.
2 If there is no stored configuration saved for that version of ExtremeWare, you must either
reconfigure, or unconfigure, the configuration file chosen (using the unconfig switch all
command) or download the correct configuration file to the switch while running the desired image.
3 Use the image in the secondary image space with the use image secondary command.
4 Verify that the above procedures were completed successfully with the show switch command.
5 Reboot the switch.
6 If you do not have the appropriate configuration downloaded, reconfigure the switch or download
the appropriate configuration.
NOTE
When downgrading to a previous version of ExtremeWare, you must ensure that the switch configuration
matches that version of ExtremeWare or below. Pointing the configuration to a new version of
ExtremeWare and using a previous version of ExtremeWare is not supported.
NOTE
If your switch is supporting wireless features with the Altitude 300 Access Point, Extreme Networks
strongly recommends that you not upgrade switches to ExtremeWare 7.5, but rather wait until
ExtremeWare 7.6 is available to do the upgrade. (Extremeware 7.5 does not contain any new
wireless-specific functionality.)
The reason for this recommendation is that the ExtremeWare 7.5 upgrade procedure for wireless access
points is very long, with multiple steps. The complexity of the procedure results from the decoupling of
the AP boot image from the ExtremeWare code on the switch. This decoupling provides significant
benefits in the long run by freeing up more space in the switch for future ExtremeWare development
and by adding flexibility for future wireless applications.
In contrast to the upgrade to ExtremeWare 7.5, the upgrade process to ExtremeWare 7.6 will be more
user friendly.
If you do need to upgrade a wireless switch to ExtremeWare 7.5, follow the recommended steps
carefully. Failure to follow these instructions could result in inoperable access points.
NOTE
Upgrading to ExtremeWare 7.5 requires network downtime for wireless networks.
AP Image Names
AP image files are named in the following way:
• Bootstrap Image—ABS-X_Y_Z.bin
• Bootloader—ABL-X_Y_Z.bin
• Runtime—ART-X_Y_Z.bin
where
X = Major version number
Y = Minor version number
Z = SR or build number
For example:
ABS-1_8_0.bin is an AP bootstrap image.
ABL-2_12_0.bin is an AP bootloader image.
ART-7_5_10.bin is an AP runtime image.
When you specify filenames in the image configuration commands, the names must match the AP
image type indicated in the command line.
Quick Summary
To upgrade the image software on Altitude 300 Access Points, you will be following these steps:
1 Acquire the new images for the upgrade and place them in the external TFTP server.
2 Upgrade the switch image.
3 Download the AP images (Bootstrap, Bootloader, and runtime image) from the TFTP server to the
switch.
4 Configure the wireless ports to download the needed image files from the switch.
5 Enable the wireless ports.
6 Monitor the upgrade process.
7 When the upgrade is complete for all APs, unconfigure the Bootstrap and Bootloader images for the
ports and reconfigure the wireless ports to download the runtime image from the external TFTP
server.
Upgrade Procedure
This procedure describes how to upgrade the image software on Altitude 300 Access Points connected
to any of the following switches:
• Summit 300-48
• Summit 300-24
• Summit 400-24p
• Alpine
Minor differences between upgrading remote connect and direct connect APs are noted in the
procedure.
CAUTION
Do not disconnect Altitude 300 APs during the upgrade process; unplugging them during the upgrade
can cause file corruption.
To download new images for the APs, perform the following steps:
1 Acquire the new images for the upgrade as follows:
a Locate the switch image, as well as the new unbundled AP images for bootstrap, bootloader and
runtime.
b Load the new switch image and AP images onto a TFTP server on your network. Make sure the
TFTP server is accessible by any switch or access point you will upgrade.
2 Upgrade the switch image as follows:
a Download the switch image from the TFTP server using the download image [<hostname> |
<ipaddress>] <filename> {primary | secondary} command.
b Select the new switch image using the use image [primary | secondary] command.
c Save the configuration using the save configuration {primary | secondary} [slot
<slot-id-list> |all] command, and reboot the switch.
3 Download the AP images (boot strap, bootloader, and runtime image) from the TFTP server to the
switch using the download file-name <ip-address/host name> <filename> command as
follows:
• To upgrade direct connect APs, download the files to the switch to which the APs are physically
connected.
• To upgrade remote connect APs, download the files to the attachment switch for the Remote
Connect APs.
The filename argument specifies the path/filename combination starting from the TFTP root
directory.
Example:
Assuming that 10.210.2.34 is the TFTP server in the network, and apimages is the subdirectory in
which AP images are placed in TFTP server, the following command sequence downloads the AP
images from the TFTP server to the switch:
Alp:3 # download file-name 10.210.2.34 apimages/ABS-1_8_0.bin
......
fbe1475b2e8a6dd651f15ef4a1676c42 MD5 checksum for C:/ABS-1_8_0.bin
(cwd=C:)
Alp:4 # download file-name 10.210.2.34 apimages/ABL-2_12_0.bin
....4a57a6afca567c1eb885185a19b21f60 MD5 checksum for C:/ABL-2_12_0.bin
(cwd=C:
Alp:5 # download file-name 10.210.2.34 apimages/ART-7_5_10.bin
.................
876b83ae4ed2641401db569457db0814 MD5 checksum for C:/ART-7_5_10.bin
(cwd=C:)
Issue the following command to verify the downloaded files::
Alp:6 # ls
ART-7_5_10.bin
ABS-1_8_0.bin
ABL-2_12_0.bin
4106240 bytes free
4 Configure the wireless ports to download the needed image files using one of the following
commands. Upgrade only if the Bootstrap and Bootloader are versions ABS-1_8_0.bin or
ABL-2_12_0.bin.
• configure wireless ports [<portlist> | all] image runtime [<ip address> |
<hostname>] <filename>
• configure wireless ports [<portlist> | all] image bootloader [<ip address> |
<hostname>] <filename>
• configure wireless ports [<portlist> | all] image bootstrap [<ip address> |
<hostname>] <filename>
For direct connect APs, specify the IP address of the wireless management VLAN.
For remote connect APs, specify an IP address of a VLAN on the attachment switch where you
downloaded the AP images. This address must have L3 connectivity and a valid L3 route to the AP
being upgraded. This address may not necessarily be the wireless management VLAN.
Example:
Assuming 172.15.2.204 is the wireless management VLAN IP address, the following command
sequence configures the wireless ports for direct connect AP upgrade:
NOTE
You must configure a runtime image for a wireless port before you can enable the port. You do not
need to configure wireless ports to download bootstrap and bootloader images unless these files
need to be upgraded.
NOTE
The all option allows you to download image files to all APs on the switch at one time. However, on
Summit 300-48 switches used as attachment switches for remote connect APs, Extreme Networks
recommends that you upgrade any direct donnect APs on these switches separately from the remote
connect APs.
5 Enable the wireless ports using the enable wireless ports <portlist> command.
• For switches with only direct connect APs, you can enable all the wireless ports at one time using
the enable wireless ports all command.
• For Summit 300-48 switches with both direct connect and remote connect APs, enable each type
of AP separately using one of the following commands:
Direct connect APs: enable wireless ports 1:*
Remote connect APs: enable wireless ports v:*
NOTE
When multiple AP upgrades are initiated at the same time, ExtremeWare 7.5 “throttles” the process
to allow a maximum of five APs to be upgraded at one time. As each group of five finishes, another
group is allowed to begin.
7 When the upgrade is complete for all APs, unconfigure the bootstrap and bootloader images for the
ports using the following commands:
• unconfigure wireless ports [all | <portlist>] image-configuration bootstrap
• unconfigure wireless ports [all | <portlist>] image-configuration bootloader
This prevents subsequent unnecessary attempts to upgrade the bootstrap and bootloader files if the
APs are reset.
Example:
unconfigure wireless ports all image-configuration bootstrap
unconfigure wireless ports all image-configuration bootloader
NOTE
It is required that you configure the runtime image so that it is downloaded from an external TFTP
server that will be accessible at all times by all APs.
Example:
The following command configures the wireless ports with the runtime image on the external TFTP
server:
The external TFTP server configured for runtime image download should be running whenever the AP
is rebooted. In the case of Layer 3 connectivity between the AP and TFTP server, ensure that proper
Layer 3 configuration is made in order for the AP to reach the TFTP server.
NOTE
In ExtremeWare 7.5, the AP obtains its runtime image from an external TFTP server. Every time the AP
reboots, a connectivity issue with the TFTP server can cause the AP to stay down until TFTP
connectivity is restored, resulting in extended downtimes for the wireless network.
Error Messages
In case of a failure, the switch log shows the cause for the failure. Following are the different causes of
failures that can occur:
Wireless port <port number>. <image type> image transfer failed. Reason : <fail
reason>
Resetting the wireless port.
For example, if the runtime image is not found in the TFTP server the following error message is
displayed:
Wireless port 1:3. Runtime image transfer failed. Reason : File not found. Resetting
the wireless port.
Unknown host
AP is unable to resolve the TFTP server name.
Version Mismatch
Switch version does not match with the transferred file.
Checksum failed
TFTP failed due to checksum error.
General Error
This is due to some general TFTP protocol error such as malformed packets.
Version Conflict
In the case of bootstrap and bootloader, the AP checks for version of the file transferred. If the AP
already has the same image as the one sent from TFTP server, the file is ignored with the log of the
following type:
In the case of a runtime error, the AP verifies the version number sent by the switch to ensure it
matches the transferred file. If it does not match, the AP ignores the runtime image.
Successive Failures
Any time an AP encounters five successive TFTP failures, the AP/wireless port is moved into an error
state and a trap is generated.
Too many TFTP tries made for port=<port>. Sending out trap and moving port to ERR."
To retry the AP image upgrade or boot-up, you must disable the port and then enable it.
This chapter summarizes the supported limits in ExtremeWare 7.5 and contains the following sections:
• Supported Limits for ExtremeWare “i” Series Switches on page 47.
• Supported Limits for ExtremeWare “e” Series Switches on page 53.
• Stacking Limits for Summit Series Switches on page 57.
This chapter describes items needing further clarification, behaviors that might not be intuitive, and
issues that have been resolved since the last release. Numbers in parentheses are for internal reference
and can be ignored.
• Clarifications and Known Behaviors on page 61
• Issues Resolved in ExtremeWare 7.5.3b8 on page 69
• Issues Resolved in ExtremeWare 7.5.2b8 on page 72
• Issues Resolved in ExtremeWare 7.5.2b6 on page 72
• Issues Resolved in ExtremeWare 7.5.1b1 on page 75
General
Traffic in Mirror to Port is Twice the Actual Traffic in Mirror From Port
When sending unknown traffic, the traffic in the mirror to port (mirroring port) is double the traffic in
the mirror from port (mirrored port) (PD3-46218041).
Port Sharing Between G24T and G8X I/O Modules is not Working Correctly
Cross module port sharing involving a G24T and G8X I/O module is not working correctly and
generates the following error message:
You can only load share on links operating at the same speed and with similar auto negotiation
configuration (PD3-37325552)
Alpine
BlackDiamond 6800
Bridging
Hot Swapping an I/O Module with Load-share group, Can Display incremented Port
Count
In an EAPS ring with load-share ports, if the load-share ports on any of the nodes are hot-swapped, the
port count on the master node is incremented (PD3-48242106).
Control Protocols
Documentation
Autopolarity Set to Off Still Causes Link to Come up With a Straight through Cable
The autopolarity feature does not work on a Summit 400 because the Summit 400 switches use only
gigabit ports. When autopolarity is disabled, the switch should not allow the link to come up using a
straight through cable.(PD3-42982143).
ESRP
Rate-shaped ESRP Slave Interface Loses Some of the ESRP Hello Packets
A rate-shaped ESRP slave interface loses some of the ESRP hello packets from the master and flips
between the slave and pre-master state when the election parameters suit the slave to win the ESRP
election (PD3-26798641).
Network Login
PoE
(PD3-26067537)
Routing
Exported Static Route in ISIS is Advertised After Removing the VLAN and Static Route
If a VLAN is removed prior to removing a static route, the exported static route is not removed, even
after removing the static route configuration.
Workaround. Remove the static route before deleting the VLAN with the gateway IP address.
(PD3-31673591)
SNMP
MIB Table Becomes Empty When Adding Policy Rules through EPICenter
When adding multiple IP policy rules through EPICenter's Policy Manager, frequently the MIB table
will become empty or partially cleared (only some of the rules will remain), even though no error
message has occurred, and the policy rules are still in place on the switch. When this happens it is no
longer possible to create policies on the switch through EPICenter (PD3-36028540).
Workaround. Increase the timeout value in SNMP Client Tool. Suggested values for more than seven
APs: timeout: 7 seconds; retry = 2.
(PD3-36087851)
Stacking
With 3000 or More Entries in Host Table, "Table Full" Error Appears in Log
In Summit 400-48 platforms, the IP FDB table may become full before reaching 4000 entries when there
are a large number of entries in the ip-subnet-fdb table (PD3-42986309).
When Configuring Large Number of ACLs in the Stack, NVRAM May Run Out of Space
Saving a configuration with a large number of ACLs will not be successful. Increasing the NVRAM size
for ACLs results in memory issues.
Workaround. Upload and then download the configuration instead of using save/restore when there
are large number of ACLs.
(PD3-47170526)
Bootup Time
A full stack consisting of eight Summit 200 or Summit 300-24 switches may take slightly over two
minutes to bootup. However, a full stack of Summit 400 switches would take just under two minutes on
the average to bootup.
Traffic Grouping Based on Access Lists, DSCP Across Units Not Working Properly
Traffic grouping based on access-lists across units on a Summit 200-48, or across slots in a stack of
Summit 200 series switches is not supported (PD3-35723040).
Wireless
show wireless ports client-scan Command Does Not Show Status of Wireless Online
Ports
The show wireless ports all interface 1 client-scan status command does not show the
status of wireless online ports.
Workaround. To show the client-scan status of a wireless port, omit the all option in the show
wireless ports <port> interface [1 | 2] client-scan status command.
(PD3-45613351, PD3-38754675)
“WPA Only Mode” Field Not Required for WPA2-only and WPA2-PSK-only Profiles
For WPA2-only and WPA2-PSK-only security profiles, "WPA Only Mode" is not necessary as it is shown
as OFF. This can lead to the user thinking that WPA and WPA2 are supported for this security profile
(PD3-45607029, PD3-45522997, PD3-37247907).
Request Error Running show wireless ap-scan result Command with Two APs
The following request error is generated when running the show wireless ap-scan result
command on two APs in continuous off-channel scan:
06/27/2005 11:43:38.57 <Erro:SYST> No rows retrieved from AP
06/27/2005 11:43:38.57 <Erro:SYST> Error message: Unknown error while getting
varbind.
06/27/2005 11:43:38.57 <Erro:SYST> Failed request for port v:2 interface 2 member
(name) WI_STATISTICS_BLOB
Workaround. Run the show wireless port x:y int z ap-scan result command to show the
results for individual ports.
(PD3-45606949, PD3-38959831)
Workaround. Enable DHCP on a wireless port only when wireless Network Login is used.
(PD3-45606873, PD3-35311601)
* - (hyphen)
* _ (underscore)
* . (dot)
For example, eg.con sec open64wep wep key add 0 plaintext a-_.. would be an accepted key.
The following character is accepted in the CLI but is not stored as part of the key:
* # (hash)
For example, eg.con sec open64wep wep key add 0 plaintext a-_..############ is accepted
by the switch, but is seen as identical to the previous example.
* ~'@$%^&*()+={[}]|\:;"'<,>?/
For example, eg.# con sec open64wep wep key add 0 plaintext abcd' generates a syntax error
at the ' character.
(PD3-36227502)
03/14/2005 17:26:01.47 <Erro:WLANSYST> <WLAN> Port 1 SNMP failed to parse the packet
with 7a198
03/14/2005 17:26:01.47 <Info:WLANSYST> <WLAN> Port 1 Wireless Port Down
03/14/2005 17:26:01.10 <Info:SYST> 10.255.52.7 admin: reset wireless ports 1
(PD3-36028901)
General
A switch no longer reboots with inactive ports after recovering from a task crash (PD3-48452797).
The stack size for tNetTask has been increased to reduce the possibility of the tNetTask stack overflow
(PD3-74377326).
In a stacking configuration, the show slot command now displays the serial number of the individual
unit as the slot serial number (PD3-59886124).
Configuring a redundant port and disabling smart redundancy on the port no longer causes the
redundant port status LED to remain On (PD3-59091233).
The time shown in the show switch command output is consistent with the time set on the SNTP
server (PD3-54296952, PD3-55441151).
Loopback ports and bidirectional QoS configurations are now uploaded and downloaded correctly
(PD3-51125907).
LED status support is now available for the stacking ports (10G) on Summit 400 platforms
(PD3-40373804).
With autonegotiation disabled on a port, the link now comes up once the port is enabled and has
changed Auto Neg to ON (PD3-9556226).
Summit
After restoring an STP topology, FDB entries are now flushed properly so that the switch no longer
forwards traffic according to the previous FDB entries (PD3-54046762).
Multicast ACLs no longer block ARP request packets sent to a Summit 300-48 switch (PD3-51382441).
A port does not move to a "Ready" state when autonegotiation is turned off with speed set to 100 or 10
Mbps full duplex on Summit48i switches and F48T I/O modules when connected to 10/100/1000 ports
that have similar configurations for autonegotiation and speed (PD3-67531715).
The run diagnostics command works correctly on all revisions of Summit 400-24t switches
(PD3-73431673).
Configuring port redundancy on a stack of Summit 200-24 switches now works correctly
(PD3-75467357).
Bridging
Assertion failures no longer occur if the multicast table exceeds the limit on a Summit 400-24
(PD3-53467462).
CLI
If you configure a port as a display string you can now unconfigure the display string for that port and
reconfigure it (PD2-65114851, PD3-24901374).
Control Protocols
Dual master configurations are no longer seen when two switches are configured as backup switches
and the switch that is elected as master is rebooted (PD3-73246291).
ESRP
Packets destined to an ESRP virtual MAC are no longer forwarded in slowpath after deleting the
domain-member VLAN (PD3-55943214).
IP Multicast
Ingress multicast packets with 1,514 bytes no longer egress with 1,5,18 bytes, an additional four bytes
frame check sequence (PD3-56072417).
LACP
When enabling load sharing in a dynamic load sharing configuration, the CLI now generates an error
message (PD3-74323889).
NetFlow
Enabling NetFlow and NetFlow configuration commands are now working correctly on "i" series
platforms using the .Bxtr image (PD3-81477394).
Network Login
In web-based Network Login, when a user VLAN is different from the uplink VLAN, TCP/UDP traffic
is passed through the unauthenticated port and routed out the uplink port (PD3-54297068).
OSPF
OSPF no longer transmits hello packets on the passive interface during reboots and link flaps on “i”
series switches (PD3-63827477).
When the route-map is used to change an attribute (cost, cost-type, or tag) on an exported route, the
direct route is now exported into OSPF (PD3-60028402).
RADIUS
The switch no longer reboots due to a watchdog expiry because the tRadProxy task now drops all
packets from any source other than a RADIUS server (PD3-83958928).
Routing
In a PIM-DM configuration, when an Assert winner goes down, the current Assert loser now begins
forwarding data to the downstream members (PD3-79196571).
Security
On a switch enabled with HTTPS or SSL, the RSA private key information displayed in the show
configuration command output is consistent each time you run the show configuration command
(PD3-63827519).
sFlow
CPU DoS protect messages no longer fill up the log when both sFlow and CPU DoS protect are enabled
(PD3-58023501).
SNMP
You can now enable IP fowarding on the management VLAN using SNMPc (PD3-48590941).
Summit
Summit 400-48p part numbers are now RoHS5 compliant (PD3-64963071).
Opnext ER XENPAKs used in a Summit 400-48t switch will now come up and operate correctly
without generating any error messages (PD3-38955593).
Stacking
When a trunk group is part of an IP multicast FDB entry and the ports in the trunk group are in
different slots of the stack, the output of the show ipmc fdb command displays the operating master of
the trunk group. When all the ports are down, the output displays the configuration master of the trunk
group, after which the output now displays the correct ports (if the ports in the trunk group are
activated) (PD3-62693655).
General
MSM64-based systems no longer accept or display hitless failover configurations (PD3-45633831).
When a T3 port is removed from a VLAN, the port link no longer goes down as long as it is part of
another VLAN (PD3-48060671, PD3-48117531).
The message "system rebooted" is now logged in the syslog server when an “e” series switch reboots
(PD3-42661131).
BlackDiamond switches no longer reboot because of a watchdog timer expiry with certain server load
balancing configurations. (PD3-53917721).
The stack size for the RIP timer task has been increased to prevent the RIP timer task stack overflow
(PD3-55943183).
A Summit 400 switch in a stack now responds to all PING requests (PD3-57658818).
Running MSM failover multiple times no longer results in a tRootTask exception in the secondary MSM,
causing a watchdog reboot or the system to hang on the primary MSM (PD3-56304241).
An MSM failover no longer logs an error message during the following scenarios: when a failover
occurs from MSM-A to MSM-B, or a failover occurs in either direction:
(PD3-56143621, PD3-42868051)
Summit
Summit 200 switches no longer crash when receiving non-IP packets on Network Login enabled ports
(PD3-61889031).
Summit48si switches using third party power supplies no longer lose system log information after a
cold reboot (PD3-60674138).
Bridging
The critical task tBgTask no longer crashes on a Summit 400-24t when transmitting continuous multicast
traffic (PD3-53917743).
IP multicast packets no longer get looped on an EAPS ring with IGMP snooping disabled on a Summit
200 switch (PD3-58338070).
CLI
The show tech-support command now includes stacking information (PD3-61906991).
DHCP
A tCardTask crash no longer occurs after booting up the switch when the DHCP range is too large
(PD3-42285041).
In the DHCP Option 6 (DNS server address) options field, only a switch IP address is passed for
unauthenticated clients while both configured DNS IP addresses, as well as switch IP addresses, are
passed for authenticated clients (PD3-42335096).
Diagnostics
Running auto-mode cable diagnostics is no longer delayed by 1-second for each day (PD3-56143689,
PD3-52446291).
EAPS
On a Summit 400 master switch, the EAPS blocked port is no longer transmitting multicast traffic
(PD3-59779291).
The EAPS ring master and shared-port controller no longer send out numerous "EAPS Shared Port:
Segment timer expired" related messages (PD3-59682681).
EAPS control packets are properly forwarded under stacking and load-share configurations
(PD3-59199683).
MPLS
Events that occur when MPLS OAM functions are enabled are no longer incorrectly logged as error
level events (PD3-60257043).
The stack size has been increased for processing MPLS critical events to provide additional space in
large networks (PD3-60257156).
The changing by a peer of the MPLS label associated with a RSVP-TE LSP is now correctly logged as an
Info level event when MPLS debug messages are enabled (PD3-60217126).
Rebooting one of multiple MPLS modules no longer incorrectly displays certain log messages as being
error conditions (PD3-60217200).
L3 information is sent to MPLS modules on a per slot basis by the MSM. When there are multiple
modules installed, L3 information is now correctly sent to all slots containing MPLS modules
(PD3-60217031).
A problem that caused a repeated erroneous "Slot n not polled" log message five minutes after
removing an ARM, ATM (A3cMi or A3cSi), MPLS, or Packet over SONET (P3cMi, P3cSi, P12cMi, or
P12cSi) module has been corrected (PD3-58254831).
Synchronization between the MSM and the MPLS modules no longer causes problems when trying to
reach a neighboring L3 peer (PD3-58258368).
A problem that can cause a network processor on the ARM and MPLS modules to go down during IP
routing table changes has been corrected (PD3-58248291).
Multicast
On Summit 200, Summit 300, and Summit 400 switches, the first multicast packet received after source
learning and clearing the multicast FDB is no longer forwarded twice (PD3-43009727, PD3-48913901).
Network Login
The switch now queries the external DNS server when a client attempts to log back in to the switch
(PD3-48498559).
QoS
QoS configuration information for QoS profiles in an access list are now correctly shown in the
configuration file (PD3-43172031).
Remote Connect
Wireless Network Login is not supported in remote connect. Therefore, do not assign a wireless
Network Login security profile to a virtual port (PD3-45607276, PD3-38588890).
Security
The enable web https command is now supported (PD3-62146227).
802.1x functions on secondary ports in a Summit 400 stack even with STP enabled (PD3-58845012,
PD3-61115582).
SNMP
The Network Management tool EPICenter is now able to retrieve realtime statistics on an Extreme
device having more than 24 ports (PD3-15975950, PD3-14524212).
A memory leak is no longer observed when RtStat is polled from EPICenter (PD3-57488021).
RSTP edge ports with edge-safeguard enabled no longer go into listening state for about four seconds
when a link up/down event occurs for any other ports in that VLAN (PD3-56101235).
Vista
ExtremeWare Vista is now displaying the correct IP ARP entries (PD3-41602680).
VRRP
When sending out proxy ARP replies on a VRRP enabled VLAN, the switch now answers with the
VRRP MAC address instead of the system MAC address (PD3-1275521).
Summit 300
The AP now comes up in remote connect after switching from direct connect (PD3-46430702).
Control Protocols
The tSnmpd task no longer crashes on a BlackDiamond switch when sending a “get” query from
SNMPc for the LldpRemManAddrEntry table (PD3-47597811).
RADIUS
Authentication using a secondary RADIUS server no longer fails after the switch reboots
(PD3-36227684).
RIP
Importing filters for RIP will block default route (PD3-32118381).
SNMP
The switch now logs a message when using SNMP to change a configuration (PD3-35398661).
Stacking
A high volume of slow-path packets no longer causes stacking to fail (PD3-41175669, PD3-41909449).
bcmRX no longer drops messages when adding or deleting a VLAN with traffic (PD3-26514621).
VRRP
The switch now sends gratuitous ARP requests with the system MAC after VRRP is disabled globally
(PD3-46014341).
Wireless
The show wireless ports detail command output no longer changes to the incorrect value after
modifying the IP address of the wireless port (PD3-26541091).
The show wireless ports detail command output now shows the correct BootStrap and
BootLoader version on Summit 400-24p, Summit 300-24, and Alpine switches (PD3-35947955).
When a switch is configured for ISP mode and a wireless client is successfully authenticated using
Network Login, the show wireless ports interface clients detail correctly shows the wireless
client to be in the FORWARD state, even if the client logs out and is re-authenticated (PD3-36087675).
Wireless Network Login users can no longer access network resources when in unauthorized state
(PD3-35950208).
The output for the show wireless ports detail command now shows the correct software version
(PD3-36954329, PD3-35950133).
Wireless clients can now move to a permanent VLAN if ISP mode is changed to Campus mode on the
same port (PD3-36087982).
Changing the switch time backwards correctly resets the time on the AP (PD3-30472539).
When a wireless Network Login user logs out using the logout window, the log message displays the
correct user name (PD3-33544205).
Wireless clients can now connect using WPA-PSK passphrases of 12 or more characters (PD3-35947702).