Ruckus FastIron 07300p Release Notes, V1 Fast Iron 07.3.00p Notes

FastIron 07.3.00p Release Notes FastIron_07300p_ReleaseNotes_v1

2017-07-11

User Manual: Ruckus FastIron 07.3.00p Release Notes

Open the PDF directly: View PDF PDF.
Page Count: 113

DownloadRuckus FastIron 07300p Release Notes, V1 Fast Iron 07.3.00p Notes
Open PDF In BrowserView PDF
IronWare Software Release 07.3.00p
for Brocade FSX Switches
Release Notes v1.0
July 20, 2015

Document History
Document Title

Summary of Changes

Publication Date

IronWare Software Release
R07.3.00p for Brocade FSX Switches
Release Notes v1.0

Initial release

July 2015

© 2015, Brocade Communications Systems, Inc. All Rights Reserved.
ADX, Brocade, Brocade Assurance, the B-wing symbol, DCX, Fabric OS, HyperEdge, ICX, MLX, MyBrocade,
OpenScript, The Effortless Network, VCS, VDX, Vplane, and Vyatta are registered trademarks, and Fabric Vision
and vADX are trademarks of Brocade Communications Systems, Inc., in the United States and/or in other
countries. Other brands, products, or service names mentioned may be trademarks of others.
Notice: This document is for informational purposes only and does not set forth any warranty, expressed or
implied, concerning any equipment, equipment feature, or service offered or to be offered by Brocade. Brocade
reserves the right to make changes to this document at any time, without notice, and assumes no
responsibility for its use. This informational document describes features that may not be currently available.
Contact a Brocade sales office for information on feature and product availability. Export of technical data
contained in this document may require an export license from the United States government.
The authors and Brocade Communications Systems, Inc. assume no liability or responsibility to any person or
entity with respect to the accuracy of this document or any loss, cost, liability, or damages arising from the
information contained herein or the computer programs that accompany it.
The product described by this document may contain open source software covered by the GNU General Public
License or other open source license agreements. To find out which open source software is included in
Brocade products, view the licensing terms applicable to the open source software, and obtain a copy of the
programming source code, please visit http://www.brocade.com/support/oscd.

IronWare Software Release R07.3.00p

Page 2 of 113

Contents
Supported Devices ....................................................................................................... 7
Manageability ................................................................................................................ 7
Summary of enhancements ...................................................................................... 7
Summary of enhancements in IronWare release R07.3.00p ............................................................. 7
38BHardware enhancements .................................................................................................................................................................. 7
Software enhancements .................................................................................................................................................................... 7

Summary of enhancements in IronWare release R07.3.00n ............................................................. 7
38BHardware enhancements .................................................................................................................................................................. 7
Software enhancements .................................................................................................................................................................... 7

Summary of enhancements in IronWare release R07.3.00m ........................................................... 7
38BHardware enhancements .................................................................................................................................................................. 7
Software enhancements .................................................................................................................................................................... 7

Summary of enhancements in IronWare release R07.3.00k ............................................................. 7
38BHardware enhancements .................................................................................................................................................................. 7
Software enhancements .................................................................................................................................................................... 7

Summary of enhancements in IronWare release R07.3.00j .............................................................. 8
38BHardware enhancements .................................................................................................................................................................. 8
Software enhancements .................................................................................................................................................................... 8

Summary of enhancements in IronWare release R07.3.00h ............................................................. 8
38BHardware enhancements .................................................................................................................................................................. 8
Software enhancements .................................................................................................................................................................... 8

Summary of enhancements in IronWare release R07.3.00g1 .......................................................... 8
38BHardware enhancements .................................................................................................................................................................. 8
Software enhancements .................................................................................................................................................................... 8

Summary of enhancements in IronWare release R07.3.00g ............................................................. 9
38BHardware enhancements .................................................................................................................................................................. 9
Software enhancements .................................................................................................................................................................... 9

IronWare Software Release R07.3.00p

Page 3 of 113

Summary of enhancements in IronWare release R07.3.00f ........................................................... 10
38BHardware enhancements ................................................................................................................................................................10
Software enhancements ..................................................................................................................................................................10

Summary of enhancements in IronWare release R07.3.00e .......................................................... 11
38BHardware enhancements ................................................................................................................................................................11

Summary of enhancements in IronWare release R07.3.00d .......................................................... 11
38BHardware enhancements ................................................................................................................................................................11
39BSoftware enhancements ..................................................................................................................................................................11

Summary of enhancements in IronWare release R07.3.00c .......................................................... 12
Summary of enhancements in IronWare release R07.3.00b .......................................................... 12
Summary of enhancements in IronWare release R07.3.00a .......................................................... 12
Summary of enhancements in IronWare release R07.3.00 ............................................................ 12
40BNew hardware .....................................................................................................................................................................................12
Summary of enhancements in FCX R07.3.00 .........................................................................................................................13
42BSummary of enhancements in FSX R07.3.00 ..........................................................................................................................17
43Summary of enhancements in FWS R07.3.00 ........................................................................................................................19
4BSummary of enhancements in TurboIron 24X R07.3.00 ..................................................................................................19
45BDeprecated commands ....................................................................................................................................................................20

Configuration Notes and feature limitations .................................................... 20
FastIron 07.3.00j ............................................................................................................................................ 20
General ............................................................................................................................................................... 20

Documentation updates ........................................................................................... 22
Supported FSX modules ........................................................................................... 22
Feature support .......................................................................................................... 22
Feature support for FCX, FESX6, ICX 6610, SX, and FWS .................................................................. 22
58BSupported management features ................................................................................................................................................22
59BSupported security features ..........................................................................................................................................................25
60BSupported system-level features .................................................................................................................................................27

IronWare Software Release R07.3.00p

Page 4 of 113

61BSupported Layer 2 features ...........................................................................................................................................................30
Supported base Layer 3 features .................................................................................................................................................33
63BSupported edge Layer 3 features ................................................................................................................................................34
64BSupported full Layer 3 features....................................................................................................................................................34
65BSupported IPv6 management features .....................................................................................................................................36
6BUnsupported features .......................................................................................................................................................................37

TurboIron 24X Feature Support ............................................................................................................... 38
67BSupported Management Features ...............................................................................................................................................38
68BSupported IPv6 Management Features ....................................................................................................................................39
69BSupported Security Features .........................................................................................................................................................39
70BSupported System-Level Features ..............................................................................................................................................41
Supported Layer 2 Features ..........................................................................................................................................................43
72BSupported Layer 3 Features ..........................................................................................................................................................45

Software image file .................................................................................................... 46
Boot and flash images for Ironware release 07.3.00p ...................................................................... 46
PoE Firmware files ......................................................................................................................................... 46

Upgrading software ................................................................................................... 46
Important notes about upgrading or downgrading the software ............................................................ 47
Standard upgrade procedure..................................................................................................................... 47
Upgrading the boot code .................................................................................................................................................................47
Upgrading the flash code.................................................................................................................................................................48

Confirming software versions (IronStack devices) ........................................................................... 48

Upgrading software images on TurboIron devices ........................................ 50
Upgrading the boot code ............................................................................................................................. 50
Upgrading the flash image .......................................................................................................................... 51

Technical support ...................................................................................................... 51
Getting help or reporting errors ........................................................................... 51
E-mail and telephone access ...................................................................................................................... 51

IronWare Software Release R07.3.00p

Page 5 of 113

Additional resources ................................................................................................. 51
Closed Defects in IronWare Software Release 07.3.00p ............................... 52
Closed Defects in IronWare Software Release 07.3.00n ............................... 53
Closed Defects in IronWare Software Release 07.3.00m .............................. 53
Closed Defects in IronWare Software Release 07.3.00k ............................... 53
Closed Defects in IronWare Software Release 07.3.00j ................................ 56
Closed Defects in IronWare Software Release 07.3.00h ............................... 57
Closed Defects in IronWare Software Release 07.3.00g1 ............................. 61
Closed Defects in IronWare Software Release 07.3.00g ............................... 61
Closed Defects in IronWare Software Release 07.3.00f ................................ 68
Closed Defects in IronWare Software Release 07.3.00e ............................... 72
Closed Defects in IronWare Software Release 07.3.00d ............................... 76
Closed Defects in IronWare Software Release 07.3.00c................................ 84
Closed Defects in IronWare Software Release 07.3.00b ............................... 95
Closed Defects in IronWare Software Release 07.3.00a ............................... 96
35BCustomer reported defects closed with code in Release 07.3.00a ...............................................................................96

Closed Defects in IronWare Software Release 07.3.00 ............................... 100
36BCustomer reported defects closed with code in Release 07.3.00 ............................................................................... 100
37BCustomer reported defects closed without code in Release 07.3.00 ........................................................................ 111

Open defects in Release 07.3.00 ......................................................................... 112

IronWare Software Release R07.3.00p

Page 6 of 113

Supported Devices
The 07.3.00p software release applies only to the following Brocade products:
-

FastIron X Series:
o

FastIron Edge Switch X Series, (IPv6 models) (FESX6)

o

FastIron SX 800 and 1600 (FSX 800 and FSX 1600)

Manageability
This 07.3.00p software releases are supported by Brocade Network Advisor 11.2. Any earlier versions of
Network Advisor, as well as any version of IronView Network Manager (INM) are not compatible with this
release or its supported hardware platforms (see Supported Devices). Network Advisor 11.2 is generally
available for download on my.brocade.com. It is strongly recommended that customers upgrade to Network
Advisor 11.2, as part of their upgrade to this 07.3.00 software release.

Summary of enhancements
Summary of enhancements in IronWare release R07.3.00p
Hardware enhancements
There are no enhancements in software release 07.3.00p.
38B

Software enhancements
Support added to send RSTP agreement on Alternate port which has received a Proposal, provided port is
operating on Point-to-point mode. This feature is supported only on FSX devices.
Please refer to the FastIron Documentation Family Documentation Update Guide for Release 07.3.00p.

Summary of enhancements in IronWare release R07.3.00n
Hardware enhancements
There are no enhancements in software release 07.3.00n.
38B

Software enhancements
Software release 07.3.00n includes defect fixes. There are no enhancements in software release 07.3.00n.

Summary of enhancements in IronWare release R07.3.00m
Hardware enhancements
There are no enhancements in software release 07.3.00m.
38B

Software enhancements
Software release 07.3.00m includes defect fixes. There are no enhancements in software release 07.3.00m.

Summary of enhancements in IronWare release R07.3.00k
Hardware enhancements
There are no enhancements in software release 07.3.00k.
38B

Software enhancements
Software release 07.3.00k includes defect fixes. There are no enhancements in software release 07.3.00k.

IronWare Software Release R07.3.00p

Page 7 of 113

Summary of enhancements in IronWare release R07.3.00j
Hardware enhancements
There are no enhancements in software release 07.3.00j.
38B

Software enhancements
Software release 07.3.00j includes defect fixes. There are no enhancements in software release 07.3.00j.

Summary of enhancements in IronWare release R07.3.00h
Hardware enhancements
There are no enhancements in software release 07.3.00h.
38B

Software enhancements
Software release 07.3.00h includes defect fixes. There are no enhancements in software release 07.3.00h.

Summary of enhancements in IronWare release R07.3.00g1
Hardware enhancements
There are no enhancements in software release 07.3.00g1.
38B

Software enhancements
Software release 07.3.00g1 includes defect fixes for FCX and ICX 6610 platforms. If SCP is used for
downloading boot images on FCX or ICX 6610, it is recommended to use 07.3.00g1 release instead of
07.3.00g. There are no enhancements in software release 07.3.00g1.

IronWare Software Release R07.3.00p

Page 8 of 113

Summary of enhancements in IronWare release R07.3.00g
Hardware enhancements
There are no enhancements in software release 07.3.00g.
38B

Software enhancements
This release adds support for the following:
Feature

Description

Applicable devices

For more
information...

PHY calibration in stack
ports of ICX 6610

FastIron IronWare detects the
calibration errors and by
default, recovers the port by
re-calibrating them.



Brocade ICX 6610

Brocade FastIron
Family
Documentation
Updates 07.3.00x

Stack port resiliency in
ICX 6610 devices

Configures different levels of
correctional steps that an
active controller can take to fix
stacking ports that cannot
send or receive packets even
when the ports are logically
operational.



Brocade ICX 6610

Brocade FastIron
Family
Documentation
Updates 07.3.00x

Designated Guard

Ensures that a port does not
change to designated
forwarding state in standard
STP 802.1d.






Brocade FCX
Brocade ICX 6610
Brocade ICX 6430
ICX 6450

Brocade FastIron
Family
Documentation
Updates 07.3.00x

Packet InError
Detection



Identifies links that receive
more number of bad frames
than configured
threshold and disables them to
avoid instability in the network.






Brocade FCX
ICX 6610
ICX 6430
ICX 6450

Brocade FastIron
Family
Documentation
Updates 07.3.00x

System Monitoring



Sysmon is a utility that runs as
a background process and
monitors connections and
components of the device for
specific errors and logs them.




FSX 800
FSX1600

Brocade FastIron
Family
Documentation
Updates 07.3.00x

IronWare Software Release R07.3.00p

Page 9 of 113

Summary of enhancements in IronWare release R07.3.00f
Hardware enhancements
There are no enhancements in software release 07.3.00f.
38B

Software enhancements
This release adds support for the following:
Feature

8B

Description

Applicable devices

For more
information...

SCP bootrom firmware You can use SCP to copy boot
code from SCP-enabled host to
enhancement
flash memory.






Brocade FSX
Brocade ICX 6610
Brocade FCX
Brocade FESX-v6

Brocade FastIron
Family
Documentation
Updates,
07.3.00x.

SCP PoE firmware
enhancement

You can use SCP to copy PoE
boot firmware from SCPenabled host to flash memory.






Brocade FSX
Brocade ICX 6610
Brocade FCX
Brocade FESX-v6

Brocade FastIron
Family
Documentation
Updates,
07.3.00x.

MIB enhancement

This feature extends RFC 2784 
MIBS to support GRE tunnel

ports and SNMP Traps for

Tunnel Status Up/Down.

Brocade FastIron SX
Brocade FESX6 – v6
Brocade FCX

Brocade FastIron
Family
Documentation
Updates,
07.3.00x.

CLI enhancement for
GRE tunnel

The show stat tunnel tunnel

number command output now 
includes “IP GRE Tunnel

 HW
Counters", which provides
statistics of the supported GRE
tunnel counters.

Brocade FastIron SX
Brocade FESX6 – v6
Brocade FCX

Brocade FastIron
Family
Documentation
Updates,
07.3.00x.

SNMP traps for GRE
tunnel interfaces

The snmp-server enable traps
link-change command, which
was earlier applicable only to
physical interfaces, is now
extended to GRE tunnel
interfaces.

Brocade FastIron SX
Brocade FESX6 – v6
Brocade FCX

Brocade FastIron
Family
Documentation
Updates,
07.3.00x.

IronWare Software Release R07.3.00p





Page 10 of 113

Summary of enhancements in IronWare release R07.3.00e
Hardware enhancements
This release adds support for the following:
38B

8B

Feature

Description

Applicable devices

For more
information...

2-port 10G SFP+
Uplink module

The Brocade FCX 624S, FCX
648S, FCX 624S-F, FCX 624SHPOE, and FCX 648S-HPOE
devices include a slot on the
front panel for a two-port 10
Gbps SFP+ uplink module. This
module operates at 10 Gbps
full duplex and is capable to
support the 10G SFP+ optics:
10G SR, 10G LR, 10G LRM,
10G USR(Ultra Short Reach),
and 10G ER(Extra Long Reach).



Brocade FCX 624S
Brocade FCX 648S
Brocade FCX 624S-F
Brocade FCX 624S-HPOE
Brocade FCX 648S-HPOE

Brocade FastIron
Family
Documentation
Updates,
07.3.00x.

ICX 6610

Brocade FastIron
Family
Documentation
Updates,
07.3.00x.






Each Brocade FastIron ICX

6610 Stackable switch comes
with an alternating-current (AC)
power supply. All models have
two power supply slots,
enabling you to install a
second power supply for
redundancy. The system will
not function mixed with AC &
DC.

DC power supply

Summary of enhancements in IronWare release R07.3.00d
Hardware enhancements
This release adds support for the following:
38B



40 Gigabit Ethernet (40GBASE-SR4) QSFP optic modules

Software enhancements
39B

Feature

Description

Applicable devices

For more
information...

NTPv4

Network Time Protocol version 4 (NTPv4)
feature synchronizes the local system
clock in the router with the UTC.

FCX devices
(This feature is
only available on
router code. It is
not available on
switch code.)

Brocade FastIron
Family
Documentation
Updates,
07.3.00x.

IronWare Software Release R07.3.00p

Page 11 of 113

Feature

Description

Applicable devices

For more
information...

LLDP
processing
over 802.1x
blocked ports

This feature adds support for reception
and transmission of LLDP packets over
an 802.1x blocked port.

FCX
ICX 6610

Brocade FastIron
Family
Documentation
Updates,
07.3.00x.

Long distance
stacking

The long distance stacking feature
enables stacking of ICX 6610 switches
over a distributed network environment.

ICX 6610

Brocade FastIron
Family
Documentation
Updates,
07.3.00x.

Summary of enhancements in IronWare release R07.3.00c
This release adds support for DHCPv6 relay agent to devices that support IPv6.With DHCPv6 relay agent, you
can have interfaces on a device access services from a DHCP Server that doesn’t belong to the same network
segment. You can configure up to 16 DHCPv6 relay agents on an interface.

Summary of enhancements in IronWare release R07.3.00b
There are no enhancements in software release R07.3.00b.

Summary of enhancements in IronWare release R07.3.00a
There are no enhancements in software release R07.3.00a.

Summary of enhancements in IronWare release R07.3.00
This section describes the enhancements in software release R07.3.00.
New hardware
This release introduces the new ICX 6610 Series of stackable switches.
40B

This release also introduces the following new FastIron SX interface modules:
 24-port Gigabit Ethernet copper interface module
 24-port Gigabit Ethernet fiber interface module
 2-port 10-Gigabit Ethernet interface module
 8-port 10-Gigabit Ethernet interface module
4

IronWare Software Release R07.3.00p

Page 12 of 113

Summary of enhancements in FCX R07.3.00
Table 1 lists the enhancements in software release 07.3.00 for FCX and ICX 6610 devices.
Table 1 Enhancements in FCX R07.3.00
Feature

Description

See the FastIron Configuration
Guide, section entitled...

DHCPv6 Relay Agent

Support for DHCPv6 relay agent on IPv6
interfaces enable DHCP functionality of
devices that don’t share the same network
segment as the DHCP Server.

For more information, refer to
the 07.3.00c Release Notes.

802.1X guest VLAN per port

You can configure 802.1X guest VLAN on
each port individually.

“Specifying the authenticationfailure action”

DHCP Option 66

You can configure the DHCP TFTP server
option by specifying the TFTP server name.

“Configure the TFTP server”

IPv4 Egress ACL support

Access Control Lists (ACLs) for filtering
outbound traffic.

Chapter “Configuring Rule-Based
IP Access Control Lists (ACLs)”
Chapter “Configuring IPv6
Access Control Lists (ACLs)”

GRE support (FCX ONLY)

IPv4 point-to-point GRE tunnels are now
“IPv4 point-to-point GRE
supported. Hitless management for IPv6-over- tunnels”
IPv4 tunnels is supported for GRE tunnels.
Hitless management for IPv6-over-IPv4
tunnels is not supported for IP tunnels.

IPSec for OSPFv3

IPSec can be applied to an interface, area, or
virtual link that is using OSPFv3, to provide
security.




IPv4 & IPv6 Ingress ACL
support

Access Control Lists (ACLs) can now be used
to filter both IPv4 and IPv6 traffic on FCX and
ICX 6610 devices.

Chapter “Configuring Rule-Based
IP Access Control Lists (ACLs)”

“IPsec for OSPFv3”
“Configuring IPsec for
OSPFv3”

Chapter “Configuring IPv6
Access Control Lists (ACLs)”

IronWare Software Release R07.3.00p

Page 13 of 113

Feature

Description

See the FastIron Configuration
Guide, section entitled...

IPv6 routing enhancements

This release adds IPv6 routing
enhancements:
 Router advertisement and solicitation
 IPv6 static routes
 IPv6 over IPv4 tunnels
 ECMP load sharing
 IPv6 ICMP
 IPv6 routing protocols
 ICMP redirect messages
 IPv6 neighbor discovery
 IPv6 Layer 3 forwarding
 IPv6 redistribution
 IPv6 MTU
 Static neighbor entries
 Hop limit for IPv6 packets
 Clear IPv6 global information
FCX devices also allow you to configure how
TCAM space is used to store routing
information and GRE tunnel information.
The following are NOT supported:










“Configuring IPv6 on
FastIron X, FCX, and ICX
6610 Series Switches”
chapter
“Configuring TCAM space on
FCX and ICX 6610 devices”

OSPFv6
RIPng
BGPv4+
PIMv6

IPv6 source routing security
enhancements

As a security measure, source-routed IPv6
traffic is deprecated.

“IPv6 source routing security
enhancements”

IPv6 Support for VRRP and
VRRPE

IPv6 VRRP version 3 (v3) and IPv6 VRRP-E
(v3) is now supported on devices with IPv6
routing support. You can configure a VRRP or
a VRRPE instance on an IPv6 interface under
the IPv6 VRRP or VRRPE router mode.

“Configuring VRRP and VRRPE”
chapter

Multi-range VLANs

The multi-range VLAN feature allows you to
use a single command to create and
configure multiple VLANs.

“Multi-range VLAN”

IronWare Software Release R07.3.00p

Page 14 of 113

Feature

Description

New SNMP MIBs

SNMP MIB support has been added for the
IronWare MIB Reference Guide
following features:
 802.1x authentication
 Support for MIBs in RFC 2932, RFC 2933
and RFC 2934
 Power Over Ethernet MIB with the
following table:
 snAgentPoeUnitTable (stacking
systems)

Ports on Demand

Licensing for Ports on Demand (POD) is
introduced on the ICX 6610 devices. By
default, the ICX 6610 device has eight active
1 Gb uplink ports. To upgrade the ICX 6610
10 Gb ports from 1 Gb to 10 Gb port speed,
use the ICX6610-10G-LIC-POD license. To
increase the uplink capacity of four ports from
1 Gb to 10 Gb port speed, purchase a single
ICX 661010G-LIC-POD license. To increase
the uplink capacity of all eight ports from 1
Gb to 10 Gb port speed, purchase a second
ICX 6610-10G-LIC-POD license.

“Licensed features and part
numbers”

SNTP Server Support

SNTP server support allows you to enable
SNTP server and serve SNTP clients

“Configuring the device as an
SNTP server”

SNTP Broadcast Support

SNTP broadcast support allows you to enable “Specifying a Simple Network
an SNTP client to function in a broadcast
Time Protocol (SNTP) server”
mode when the NTP server is within the same
LAN and the expected delay in response to
calibrate the system clock is minimal.

SNTP MD5 Authentication

To configure an authentication key for
communication with the SNTP server, use the
authentication-key option. You can also
configure the device to function as an SNTP
server to its downstream clients.



The show sntp associations details command
displays detailed information about SNTP
associations.

“Specifying a Simple Network
Time Protocol (SNTP) server”

SNTP Show Association

IronWare Software Release R07.3.00p

See the FastIron Configuration
Guide, section entitled...

“Licensing for Ports on Demand
for ICX 6610 devices”



“Specifying a Simple
Network Time Protocol
(SNTP) server”
“Configuring the device as
an SNTP server”

Page 15 of 113

Feature

Description

See the FastIron Configuration
Guide, section entitled...

Software-based Licensing

Software-based licensing is introduced on ICX
6610 devices. The ICX 6610 Premium
license, Advance license, and Upgrade
license (from Premium to Advance license)
are introduced to support routing
functionality. New features are also added to
the FCX Advance license. The behavior for
running software-based licensing in a stack
with different licenses (Premium, Advance, or
Upgrade licenses) is the same for FCX and ICX
6610 devices. Commands for adding,
deleting, or displaying a license are also
introduced for FCX and ICX 6610 devices
only.

“Non-licensed features”
“Licensed features and part
numbers”
“FCX and ICX 6610 devices”
“Using TFTP to copy a license file
on FCX and ICX devices”
“Deleting a license on FCX and
ICX devices”
“Viewing information about
software licenses”

SSHv2 Client

SSHv2 client allows you to connect to SSHv2
servers while logged onto the device.

“Configuring and using SSH2
client”

SSHv2 Server RSA 2048 key
authentication

SSHv2 server supports authentication using
RSA keys of up to 2048 bits in length.

“Configuring SSH2 and SCP”
chapter

VRRP-E MD5 authentication

VRRP-E supports MD5 for authentication of
VRRP-E traffic.

“Configuring VRRP and VRRPE”
chapter

IronWare Software Release R07.3.00p

Page 16 of 113

Summary of enhancements in FSX R07.3.00
Table 2 lists the enhancements in software release 07.3.00 for FESX6 and SX devices.
42B

Table 2 Enhancements in FSX R07.3.00
Feature

Description

New hardware

This release introduces the following new
FastIron SX third generation interface
modules:
 SX-FI-24GPP - 24-port Gigabit
Ethernet copper third generation
interface module
 SX-FI-24HF - 24-port Gigabit Ethernet
100/1000 Mbps SFP fiber third
generation interface module
 SX-FI-2XG - 2-port 10-Gigabit
Ethernet SFP+ third generation
interface module
 SX-FI-8XG - 8-port 10-Gigabit
Ethernet SFP+ third generation
interface module

802.1X guest VLAN per port

You can configure 802.1X guest VLAN on
each port individually.

“Specifying the authenticationfailure action”

DHCP Option 66

You can configure the DHCP TFTP server
option by specifying the TFTP server name.

“Configure the TFTP server”

IPv4 Egress ACL support

Access Control Lists (ACLs) for filtering
outbound traffic.

Chapter “Configuring Rule-Based
IP Access Control Lists (ACLs)”

(Supported only on SX 800
and SX 1600 new 1Gb and
10Gb modules)

See the FastIron Configuration
Guide, section entitled...

U

Chapter “Configuring IPv6
Access Control Lists (ACLs)”

U

IPSec for OSPFv3

IPSec can be applied to an interface, area, or
virtual link that is using OSPFv3, to provide
security.




IPv6 source routing security
enhancements

As a security measure, source-routed IPv6
traffic is deprecated.

“IPv6 source routing security
enhancements”

IPv6 Support for VRRP and
VRRPE

IPv6 VRRP version 3 (v3) and IPv6 VRRP-E
(v3) is now supported on devices with IPv6
routing support. You can configure a VRRP or
a VRRPE instance on an IPv6 interface under
the IPv6 VRRP or VRRPE router mode.

“Configuring VRRP and VRRPE”
chapter

Multi-range VLANs

The multi-range VLAN feature allows you to
use a single command to create and
configure multiple VLANs.

“Multi-range VLAN”

IronWare Software Release R07.3.00p

“IPsec for OSPFv3”
“Configuring IPsec for
OSPFv3”

Page 17 of 113

Feature

Description

New SNMP MIBs







See the FastIron Configuration
Guide, section entitled...

IronWare MIB Reference Guide
SNMP MIB support has been added for
the following features:
802.1x authentication
Support for MIBs in RFC 2932, RFC 2933
and RFC 2934
Power Over Ethernet MIB with the
following table:
snAgentPoeUnitTable (stacking systems)

SNTP Server Support

SNTP server support allows you to enable
SNTP server and serve SNTP clients

SNTP Broadcast Support

SNTP broadcast support allows you to enable “Specifying a Simple Network
an SNTP client to function in a broadcast
Time Protocol (SNTP) server”
mode when the NTP server is within the same
LAN and the expected delay in response to
calibrate the system clock is minimal.

SNTP MD5 Authentication

To configure an authentication key for
communication with the SNTP server, use the
authentication-key option. You can also
configure the device to function as an SNTP
server to its downstream clients.



SNTP Show Association

The show sntp associations details command
displays detailed information about SNTP
associations.

“Specifying a Simple Network
Time Protocol (SNTP) server”

SSHv2 Client

SSHv2 client allows you to connect to SSHv2
servers while logged onto the device.

“Configuring and using SSH2
client”

SSHv2 Server RSA 2048 key
authentication

SSHv2 server supports authentication using
RSA keys of up to 2048 bits in length.

“Configuring SSH2 and SCP”
chapter

VRRP-E MD5 authentication

VRRP-E supports MD5 for authentication of
VRRP-E traffic.

“Configuring VRRP and VRRPE”
chapter

IronWare Software Release R07.3.00p

“Configuring the device as an
SNTP server”



“Specifying a Simple
Network Time Protocol
(SNTP) server”
“Configuring the device as
an SNTP server”

Page 18 of 113

Summary of enhancements in FWS R07.3.00
Table 3 lists the enhancements in software release 07.3.00 for FWS devices.
43

Table 3 Enhancements in FWS R07.3.00
Feature

Description

See the FastIron Configuration
Guide, section entitled...

Multi-range VLANs

The multi-range VLAN feature allows you to
use a single command to create and
configure multiple VLANs.

“Multi-range VLAN”

New SNMP MIBs

SNMP MIB support has been added for the
IronWare MIB Reference Guide
following features:
 802.1x authentication
 Support for MIBs in RFC 2932, RFC 2933
and RFC 2934
 Power Over Ethernet MIB with the
following table:
 snAgentPoeUnitTable (stacking systems)

Summary of enhancements in TurboIron 24X R07.3.00
4B

Feature

Description

See the TurboIron 24X
Configuration Guide, section
entitled...

AES in SNMP v3

TurboIron supports AES Encryption for
SNMP v3

Chapter 48: Securing SNMP
Access
Defining an SNMP group

Symmetric Flow Control

In addition to asymmetric flow control,
TurboIron devices support symmetric flow
control, meaning they can both receive and
transmit 802.3x PAUSE frames.

Chapter 3: Configuring Basic
Software Features

Inter-domain Multicast

Support for the validation of inter-domain
multicasting
BGP

Chapter 20: Configuring IP
Multicast Protocols

IronWare Software Release R07.3.00p

Multicast Source Discovery
Protocol (MSDP)

Page 19 of 113

Feature

Description

See the TurboIron 24X
Configuration Guide, section
entitled...

New SNMP MIBs

TurboIron now supports the Unified IP MIB.

Unified IP MIB Reference Guide

SNMP MIB support has been added for the
following features:


802.1x authentication



Support for MIBs in RFC 2932, RFC
2933 and RFC 2934



Power Over Ethernet MIB with the
following table:



snAgentPoeUnitTable (stacking
systems)

Deprecated commands
The CLI command flash is deprecated. You cannot change the default block size for TFTP file transfers.
45B

Configuration Notes and feature limitations
This section contains configuration notes and describes some feature limitations in this release:

FastIron 07.3.00j
Optical monitoring information
On FSX, the 100-FX optic shows N/A values in the output of the show optic command after a reboot or
switchover. Workaround is to run the show media, show media slot x, or the show optic slot x and then run the
show optic x. This will help to display the Optical Monitoring information.

IPv6 neighbor discovery
On an FGS Device, duplicated IPv6 neighbor discovery (ND) packets are sent out every two seconds if a port is
added and removed as "uplink-switch" within a VLAN.

General
Additional notes on trunk group rules
The following additional considerations apply to forming trunk groups:


Legacy ports and 48 Gbps copper ports cannot be members of the same trunk group in hardware
configurations such as the following:
 48-port 10/100/1000 Mbps (RJ45) Ethernet PoE interface module (SX-FI48GPP) and IPv4/IPv6 interface
modules or management modules with user ports.
Combination of different generations of ports cannot be members of the same trunk group under the following
hardware configurations:
 24-port fiber and copper Ethernet PoE/Fiber interfaces (SX-FI24GPP, SX-FI24GF) and IPv4/IPv6 interface
modules or management modules with user ports

IronWare Software Release R07.3.00p

Page 20 of 113



2-port 10G and 8-port 10G interfaces (SX-FI8XG, SX-FI2XG) and the IPv4/IPv6 interface modules or
management modules with user ports

SNTP version configuration during upgrade
Starting with release 7.3.00, the default SNTP version is 4. In previous releases, the default SNTP version was
1. When you upgrade to release 7.3.00, the SNTP version gets set automatically to 4, unless a different SNTP
version is specified in the device startup configuration.

ICMP redirect messages
In software release 07.2.02 and later, ICMP redirect messages are disabled by default, whereas in releases
prior to 07.2.02, ICMP redirect messages are enabled by default.



If ICMP redirect messages were enabled prior to upgrading to release 07.2.02 and later, you will need to
re-enable this feature after upgrading to 07.2.02 and later. To do so, enter the ip icmp redirect command
at the global CONFIG level of the CLI.
If ICMP redirect messages were disabled prior to upgrading to release 07.2.02 and later, the configuration
(no ip icmp redirect) will be removed from the configuration file after upgrading to 07.2.02 and later, since
this feature is now disabled by default. In this case, ICMP redirect messages will not be sent and no
further action is required.

Note regarding Telnet and Internet Explorer 7
The Telnet function in Web management does not work with Internet Explorer version 7.0.5730. The system
goes to "telnet://10.43.43.145" page when the user clicks web/general system configuration/ (telnet) in
Internet Explorer version 7.0.5730. This is a known issue for Internet Explorer. To work around this issue, you
must download and install a patch for IE 7. To do so, go to http://www.lib.ttu.edu.tw/file/IE7_telnet.reg.
U

U

Note regarding US-Cert advisory 120541
In order to address the SSL and TLS vulnerability issue discussed in US-Cert advisory 120541, the Web server
re-negotiation feature has been disabled in this release so that SSL re-negotiation requests will not be honored
by the Brocade IP device Web server.
Based on Cert advisory 120541, the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols
are vulnerable to Man-In-The-Middle (MITM) attacks. Vulnerability is in the way SSL and TLS protocols allow renegotiation requests, which may allow a MITM to inject arbitrary requests into an application HTTP protocol
stream. This could result in a situation where the MITM may be able to harm the Brocade IP device through
the Web Management interface.
For more information regarding Cert advisory 120541, refer to the following links:
http://extendedsubset.com/?p=8
U

http://www.links.org/?p=780
U

http://www.links.org/?p=786

U

U

http://www.links.org/?p=789
U

U

U

U

http://blogs.iss.net/archive/sslmitmiscsrf.html
U

U

http://www.ietf.org/mail-archive/web/tls/current/msg03948.html
U

https://bugzilla.redhat.com/show_bug.cgi?id=533125
U

U

U

http://lists.gnu.org/archive/html/gnutls-devel/2009-11/msg00014.html
U

http://cvs.openssl.org/chngview?cn=18790
U

U

http://www.links.org/files/no-renegotiation-2.patch
U

U

U

http://blog.zoller.lu/2009/11/new-sslv3-tls-vulnerability-mitm.html
U

U

https://svn.resiprocate.org/rep/ietf-drafts/ekr/draft-rescorla-tls-renegotiate.txt
U

IronWare Software Release R07.3.00p

U

Page 21 of 113

http://www.educatedguesswork.org/2009/11/understanding_the_tls_renegoti.html
U

U

Documentation updates
Refer to the standalone documentation updates guide for this release.

Supported FSX modules
This release supports the following modules on the FSX 800 and FSX 1600 devices.
First generation modules

Second generation modules

Third generation modules

SX-FI2XGMR4

SX-FI2XGMR6

SX-FI48GPP

SX-FI2XGMR4-PREM

SX-FI2XGMR6-PREM

SX-FI-2XG

SX-FI424C

SX-FI2XGMR6-PREM6

SX-FI-8XG

SX-FI424P

SX-FI624100FX

SX-FI-24HF

SX-FI424F

SX-FI624C

SX-FI-24GPP

SX-FI424HF

SX-FI624HF

SX-FI42XG

SX-FI624P
SX-FI62XG

In addition, the SX-FIZMR, SX-FIZMR-PREM, SX-FIZMR-6-PREM and SX-FIZMR-6-PREM6, which do not have
packet processors, are supported in this release.

Feature support
Feature support for FCX, FESX6, ICX 6610, SX, and FWS
These release notes include a list of supported features in IronWare software for FCX, FESX6, ICX 6610, SX,
and FWS devices supported in this release. For more information about supported features, refer to the
manuals listed in Additional resources.
Supported management features
Table 4 lists the supported management features. These features are supported in the Layer 2, base Layer 3,
edge Layer 3, and full Layer 3 software images.
58B

Table 4 Supported management features
Category and description

FESX6

FWS

FCX

ICX 6610

FSX 800
FSX 1600
System Monitoring

Yes

No

No

No

Packet InError Detection

Yes

Yes

Yes

Yes

802.1X accounting

Yes

Yes

Yes

Yes

IronWare Software Release R07.3.00p

Page 22 of 113

Category and description

FESX6

FWS

FCX

ICX 6610

FSX 800
FSX 1600
AAA support for console commands

Yes

No

Yes

Yes

Access Control Lists (ACLs) for
controlling management access

Yes

Yes

Yes

Yes

Alias command

Yes

Yes

Yes

Yes

Combined DSCP and internal marking in
one ACL rule

Yes

No

No

No

Single source address for the following
packet types:
 Telnet
 TFTP
 Syslog
 SNTP
 TACACS/TACACS+
 RADIUS
 SSH
 SNMP

Yes

No

No

No

DHCP client-based auto-configuration

Yes

Yes

Yes

Yes

DHCP server

Yes

Yes

Yes

Yes

Disabling TFTP access

Yes

No

Yes

Yes

Brocade Network Advisor 11.2

Yes

Yes

Yes

Yes

Hitless management:
 Hitless switchover
 Hitless failover
 Hitless OS upgrade

Yes (FSX No
800 and
FSX 1600
only)

See next
line item

See next
line item

Hitless stacking management:
 Hitless stacking switchover
 Hitless stacking failover

No

Yes

Yes

Hitless support for:
 PBR
 GRE Tunnels
 IPv6 to IPv4 Tunnels

Yes (FSX No
800 and
FSX 1600
only)

Yes (PBR
and GRE
only)

Yes (PBR
only)

Brocade Network Advisor 11.2

Yes

Yes

Yes

Yes

Remote monitoring (RMON)

Yes

Yes

Yes

Yes

IronWare Software Release R07.3.00p

No

Page 23 of 113

Category and description

FESX6

FWS

FCX

ICX 6610

FSX 800
FSX 1600
Retaining Syslog messages after a soft
reboot

Yes

Yes

Yes

Yes

sFlow support for IPv6 packets

Yes

Yes

Yes

Yes

DHCP Client

Yes

Yes

Yes

Yes

SNTP Server

Yes

Yes

Yes

Yes

SNTP Client (Broadcast & Unicast)

Yes

No

Yes

Yes

NTPv4

No

No

Yes
(Router
code
only)

No

Flexible Port On Demand Licensing

No

No

No

Yes

sFlow version 2

Yes

Yes

Yes

Yes

sFlow version 5 (default)

Yes

Yes

Yes

Yes

Industry-standard Command Line
Interface (CLI), including support for:
 Serial and Telnet access
 Alias command
 On-line help
 Command completion
 Scroll control
 Line editing
 Searching and filtering output
 Special characters

Yes

Yes

Yes

Yes

Show log on all terminals

Yes

Yes

Yes

Yes

SNMP v1, v2, v3

Yes

Yes

Yes

Yes

SNMP V3 traps

Yes

Yes

Yes

Yes

Specifying the maximum number of
entries allowed in the RMON Control
Table

Yes

No

Yes

Yes

Specifying which IP address will be
included in a DHCP/BOOTP reply packet

Yes

No

Yes

Yes

Traffic counters for outbound traffic

Yes

No

No

No

Web-based GUI

Yes

Yes

Yes

Yes

IronWare Software Release R07.3.00p

Page 24 of 113

Category and description

FESX6

FWS

FCX

ICX 6610

Yes

Yes

Yes

FSX 800
FSX 1600
Web-based management HTTPS/SSL

Yes

Supported security features
Table 5 lists the supported security features. These features are supported in the Layer 2, base Layer 3, edge
Layer 3, and full Layer 3 software images.
59B

Table 5 Supported security features
Category and description

FESX6
FWS
FSX 800
FSX 1600

FCX

ICX 6610

Designated Guard

Yes

Yes

Yes

Yes

802.1X port security

Yes

Yes

Yes

Yes

802.1X authentication RADIUS timeout
action

Yes

Yes

Yes

Yes

802.1X dynamic assignment for ACL,
MAC filter, and VLAN

Yes

Yes

Yes

Yes

Access Control Lists (ACLs) for filtering
transit traffic
 Support for inbound ACLs.
 Support Outbound ACLs
 (*SX 800 and SX1600 on third
generation modules only)

Yes
Yes *

Yes
No

Yes
Yes

Yes
Yes

Address locking (for MAC addresses)

Yes

Yes

Yes

Yes

AES Encryption for SNMP v3

Yes

Yes

Yes

Yes

AES Encryption for SSH v2

Yes

Yes

Yes

Yes

Authentication, Authorization and
Accounting (AAA):
 RADIUS
 TACACS/TACACS+

Yes

Yes

Yes

Yes

Denial of Service (DoS) attack
protection:
 Smurf (ICMP) attacks
 TCP SYN attacks

Yes

Yes

Yes

Yes

DHCP Snooping

Yes

Yes

Yes

Yes

Dynamic ARP Inspection

Yes

Yes

Yes

Yes

IronWare Software Release R07.3.00p

Page 25 of 113

Category and description

FESX6
FWS
FSX 800
FSX 1600

FCX

ICX 6610

EAP Pass-through Support

Yes

Yes

Yes

Yes

HTTPS

Yes

Yes

Yes

Yes

IP Source Guard

Yes

Yes

Yes

Yes

Local passwords

Yes

Yes

Yes

Yes

MAC address filter override of 802.1X

Yes

Yes

Yes

Yes

MAC address filtering (filtering on source Yes
and destination MAC addresses)

Yes

Yes

Yes

Ability to disable MAC learning

Yes

Yes

Yes

Yes

Flow-based MAC address learning

Yes

No

Yes

Yes

MAC port security

Yes

Yes

Yes

Yes

Multi-device port authentication

Yes

Yes

Yes

Yes

Support for Multi-Device Port
Authentication together with:


Dynamic VLAN assignment

Yes

Yes

Yes

Yes



Dynamic ACLs

Yes

Yes

Yes

Yes



802.1X

Yes

Yes

Yes

Yes



Dynamic ARP inspection with
dynamic ACLs

Yes

No

No

No



DHCP snooping with dynamic ACLs

Yes

No

No

No



Denial of Service (DoS) attack
protection

Yes

No

Yes

Yes



Source guard protection

Yes

Yes

Yes

Yes



ACL-per-port-per-VLAN

Yes

Yes

Yes

Yes

Multi-device port authentication
password override

Yes

Yes

Yes

Yes

Multi-device port authentication RADIUS
timeout action

Yes

Yes

Yes

Yes

Secure Copy (SCP)

Yes

Yes

Yes

Yes

Secure Copy (SCP) of Bootrom firmware

Yes

No

Yes

Yes

IronWare Software Release R07.3.00p

Page 26 of 113

Category and description

FESX6
FWS
FSX 800
FSX 1600

FCX

ICX 6610

Secure Copy (SCP) of POE firmware

Yes

No

Yes

Yes

Secure Shell (SSH) v2

Yes

Yes

Yes

Yes

Packet filtering on TCP Flags

No

Yes

Yes

Yes

DHCP Relay Agent information (DHCP
Option 82)

Yes

Yes

Yes

Yes

Web Authentication

Yes

Yes

Yes

Yes

Supported system-level features
Table 6 lists the supported system-level features. These features are supported in the Layer 2, base Layer 3,
edge Layer 3, and full Layer 3 software images.
60B

Table 6 Supported system-level features
Category and description

FESX6
FWS
FSX
FSX 800 FSX
1600

FCX

ICX 6610

10/100/1000 port speed

Yes

Yes

Yes

Yes

16,000 MAC addresses per switch
(FastIron devices)

Yes

Yes

Yes

Yes

32,000 MAC addresses per switch

Yes

No

Yes

Yes

ACL-based mirroring

Yes

Yes

Yes

Yes

ACL-based fixed rate limiting

Yes

Yes

Yes

Yes

ACL-based adaptive rate limiting

Yes

No

Yes

Yes

ACL filtering based on VLAN
membership or VE port membership

Yes

Yes

Yes

Yes

ACL logging of denied packets (IPv4)

Yes

Yes

Yes

Yes

ACL statistics

Yes

Yes

Yes

Yes

ACLs to filter ARP packets

Yes

Yes

Yes

Yes

Auto MDI/MDIX detection

Yes

Yes

Yes

Yes

Auto-negotiation

Yes

Yes

Yes

Yes

Automatic removal of Dynamic VLAN
for 802.1X ports

Yes

Yes

Yes

Yes

IronWare Software Release R07.3.00p

Page 27 of 113

Category and description

FESX6
FWS
FSX
FSX 800 FSX
1600

FCX

ICX 6610

Automatic removal of Dynamic VLAN
for MAC authenticated ports

Yes

No

No

No

Byte-based broadcast, multicast, and Yes
No
unknown-unicast rate limits
(Not
supported
on SX-FI8XG,
SX-FI-2XG,
SX-FI-24HF,
SX-FI-24GPP,
SX-FI-48GPP
modules)

No

No

Packet-based broadcast, multicast,
and unknown-unicast rate limits

Yes

Yes

Yes

Yes

DiffServ support

Yes

Yes

Yes

Yes

Digital Optical Monitoring

Yes

Yes

Yes

Yes

Displaying interface names in Syslog
messages

Yes

Yes

Yes

Yes

Displaying TCP and UDP port
numbers in Syslog messages

Yes

Yes

Yes

Yes

Dynamic buffer allocation for QoS
priorities

Yes

Yes

Yes

Yes

Flow control:
 Responds to flow control
packets, but does not generate
them

Yes

Yes

Yes

Yes

Inbound rate limiting (port-based
fixed rate limiting on inbound ports)

Yes

Yes

Yes

Yes

Foundry Discovery Protocol (FDP) /
Cisco Discovery Protocol (CDP)

Yes

Yes

Yes

Yes

Generic buffer profile

No

Yes

Yes

Yes

Layer 2 hitless switchover and Layer
2 hitless failover

Yes
(FSX 800
and
FSX 1600
only)

No

No

No

Yes

Yes

Yes

Yes

Note: For details about this feature,
refer to the Brocade FastIron X
Series Chassis Hardware Installation
Guide
LLDP

IronWare Software Release R07.3.00p

Page 28 of 113

Category and description

FESX6
FWS
FSX
FSX 800 FSX
1600

FCX

ICX 6610

LLDP-MED

Yes

Yes

Yes

Yes

LLDP processing on 802.1x blocked
port

No

No

Yes

Yes

MAC address filter-based mirroring

No

Yes

Yes

Yes

Multi-port static MAC address

Yes

Yes

Yes

Yes

Multiple Syslog server logging (up to
six Syslog servers)

Yes

Yes

Yes

Yes

Outbound rate limiting (port-based
and port- and priority-based rate
limiting on outbound ports)

No

Yes

No

No

Outbound rate shaping

Yes

No

Yes

Yes

Path MTU Discovery

Yes

No

Yes

Yes

Port flap dampening

Yes

Yes

Yes

Yes

Port mirroring and monitoring
(mirroring of both inbound and
outbound traffic on individual ports)

Yes

Yes

Yes

Yes

Power over Ethernet (POE)

Yes
(POEenabled
Interface
modules
with POE
power
supply)

Yes
(FWS-POE
and FWSG-POE
only)

Yes
(FCX-SPOE+
only)

Yes
- ICX
661024P and
ICX 661048P

High Power over Ethernet (POE)+

Yes (SXNo
FI48GPP and
SX-FI-24GPP
modules
only)

Yes
(FCX-SPOE+
only)

Yes
- ICX
661024P and
ICX 661048P

PoE firmware upgrade via CLI

Yes

No

Yes

Yes

Priority mapping using ACLs

Yes

Yes

Yes

Yes

Protected link groups

Yes

Yes

Yes

Yes

Layer 2 stacking rapid failover and
switchover

No

No

Yes

Yes

Long distance stacking

No

No

No

Yes

IronWare Software Release R07.3.00p

Page 29 of 113

Category and description

FESX6
FWS
FSX
FSX 800 FSX
1600

FCX

ICX 6610

Static MAC entries with option to set
traffic priority

Yes

Yes

Yes

Yes

Symmetric flow control
 Can transmit and receive 802.1x
PAUSE frames

No

No

Yes

Yes

System time using a Simple Network
Time Protocol (SNTP) server or local
system counter

Yes

Yes

Yes

Yes

User-configurable scheduler profile

No

No

Yes

Yes

User-configurable buffer profile

No

No

Yes

Yes

Virtual Cable Testing (VCT)
technology

Not on third
generation
modules

Yes

Yes

No

Supported Layer 2 features
Layer 2 software images include all of the management, security, and system-level features listed in the
previous tables, plus the features listed in Table 7.
61B

Table 7 Supported Layer 2 features
Category and description

FESX6
FWS
FSX 800
FSX 1600

FCX

ICX 6610

802.1D Spanning Tree Support:
 Enhanced IronSpan support
includes Fast Port Span, Fast Uplink
Span, and Single-instance Span
 Up to 254 spanning tree instances
for VLANs

Yes

Yes

Yes

Yes

802.1p Quality of Service (QoS):
 Strict Priority (SP)
 Weighted Round Robin (WRR)
 Combined SP and WRR
 8 priority queues

Yes

Yes

Yes

Yes

802.1s Multiple Spanning Tree

Yes

Yes

Yes

Yes

802.1W Rapid Spanning Tree (RSTP)

Yes

Yes

Yes

Yes

IronWare Software Release R07.3.00p

Page 30 of 113

Category and description

FESX6
FWS
FSX 800
FSX 1600

FCX

ICX 6610

802.3ad link aggregation (dynamic trunk Yes
groups)

Yes

Yes

Yes

ACL-based rate limiting QoS

Yes

Yes

Yes

Yes

BPDU Guard

Yes

Yes

Yes

Yes

Dynamic Host Configuration Protocol
(DHCP) Assist

Yes

Yes

Yes

Yes

IGMP v1/v2 Snooping Global

Yes

Yes

Yes

Yes

IGMP v3 Snooping Global

Yes
(*,G)

Yes
(S,G)

Yes
(S,G)

Yes
(S,G)

IGMP v1/v2/v3 Snooping per VLAN

Yes

Yes

Yes

Yes

IGMP v2/v3 Fast Leave (membership
tracking)

Yes

Yes

Yes

Yes

Interpacket Gap (IPG) adjustment

Yes

Yes

Yes

Yes

IP MTU (individual port setting)

Yes

No

Yes

Yes

Jumbo frames:
 Up to 10240 bytes, or
 Up to 10232 bytes in an IronStack

Yes

Yes

Yes

Yes

Link Aggregation Control Protocol (LACP)

Yes

Yes

Yes

Yes

Link Fault Signaling (LFS) for 10G

Yes

Yes

Yes

Yes

MAC-Based VLANs, including support for
dynamic MAC-Based VLAN activation

No

Yes

Yes

Yes

Metro Ring Protocol 1 (MRP 1)

Yes

Yes

Yes

Yes

Metro Ring Protocol 2 (MRP 2)

Yes

Yes

Yes

Yes

Extended MRP ring IDs from 1 – 1023

Yes

No

Yes

Yes

MLD Snooping V1/V2:
 MLD V1/V2 snooping (global and
local)
 MLD fast leave for V1
 MLD tracking and fast leave for V2
 Static MLD and IGMP groups with
support for proxy

Yes

Yes

Yes

Yes

Multicast static group traffic filtering (for
snooping scenarios)

No

Yes

Yes

Yes

IronWare Software Release R07.3.00p

Page 31 of 113

Category and description

FESX6
FWS
FSX 800
FSX 1600

FCX

ICX 6610

PIM-SM V2 Snooping

Yes

Yes

Yes

Yes

PVST/PVST+ compatibility

Yes

Yes

Yes

Yes

PVRST+ compatibility

Yes

Yes

Yes

Yes

Remote Fault Notification (RFN) for 1 G
fiber

Yes

Yes

Yes

Yes

Root Guard

Yes

Yes

Yes

Yes

Single link LACP

Yes

Yes

Yes

Yes

Super Aggregated VLANs

Yes

Yes

Yes

Yes

Trunk groups:
 Trunk threshold for static trunk
groups
 Flexible trunk group membership
 Option to include Layer 2 in trunk
hash calculation (FGS, FLS, FWS
only)

Yes

Yes

Yes

Yes

Topology groups

Yes

Yes

Yes

Yes

Uni-directional Link Detection (UDLD)
(Link keepalive)

Yes

Yes

Yes

Yes

Uplink Ports within a Port-Based VLAN

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

VLAN-based mirroring

No

Yes

Yes

Yes

VoIP Autoconfiguration and CDP

Yes

Yes

Yes

Yes

VLAN Support:
 4096 maximum VLANs
 802.1Q with tagging
 802.1ad tagging
 Dual-mode VLANs
 GVRP
 Port-based VLANs
 Protocol VLANs (AppleTalk, IPv4,
dynamic IPv6, and IPX
 Layer 3 Subnet VLANs (Appletalk, IP
subnet network, and IPX)
 VLAN groups
 Private VLANs
 Multi-range VLANs

IronWare Software Release R07.3.00p

Page 32 of 113

Category and description

FESX6
FWS
FSX 800
FSX 1600

FCX

ICX 6610

Virtual Switch Redundancy Protocol
(VSRP)

Yes

Yes

Yes

Yes

VSRP-Aware security features

Yes

Yes

Yes

Yes

VSRP and MRP signaling

Yes

Yes

Yes

Yes

VSRP Fast Start

Yes

Yes

Yes

Yes

VSRP timer scaling

Yes

Yes

Yes

Yes

Supported base Layer 3 features
Base Layer 3 software images include all of the management, security, system, and Layer 2 features listed in
the previous tables, plus the features listed in Table 8.
Note: FCX devices will not contain a base Layer 3 image. The features in this table will be supported on the full
Layer 3 image for these devices.
Table 8 Supported base Layer 3 features
Category and description

FESX6
FWS
FSX 800
FSX 1600

FCX

ICX 6610

BootP/DHCP Relay

Yes

Yes

Yes

Yes

Equal Cost Multi Path (ECMP) load
sharing

Yes

Yes

Yes

Yes

IP helper

Yes

Yes

Yes

Yes

RIP V1 and V2 (advertising only)

Yes

Yes

Yes

Yes

Routing for directly connected IP
subnets

Yes

Yes

Yes

Yes

Static IP routing

Yes

Yes

Yes

Yes

Virtual Interfaces (up to 512)

Yes

Yes

Yes

Yes

Virtual Router Redundancy Protocol
(VRRP)

Yes

Yes

Yes

Yes

VRRP timer scaling

Yes

Yes

Yes

Yes

IronWare Software Release R07.3.00p

Page 33 of 113

Supported edge Layer 3 features
Edge Layer 3 software images include all of the management, security, system, Layer 2, and base Layer 3
features listed in the previous tables, plus the features shown in Table 9.
63B

Note: Edge Layer 3 images are supported in the FastIron (hardware) models listed in Table 9. These features
are also supported with software-based licensing. For details, refer to the chapter “Software-based Licensing”
in the FastIron Configuration Guide.
Table 9 Supported edge Layer 3 features
Category and description

FWS-EPREM
FWSG-EPREM

OSPF V2 (IPv4)

Yes

Full RIP V1 and V2

Yes

Route-only support (Global configuration level only)

Yes

Route redistribution

Yes

1020 routes in hardware maximum

Yes

VRRP-E

Yes

Supported full Layer 3 features
Full Layer 3 software images include all of the management, security, system, Layer 2, base Layer 3 and edge
Layer 3 features listed in the previous tables, plus the features listed in Table 10.
64B

Note: Full Layer 3 features are supported in the FastIron (hardware) models listed in Table 10. These features
are also supported with software-based licensing. For details, refer to the chapter “Software-based Licensing”
in the FastIron Configuration Guide.
Table 10 Supported full Layer 3 features
Category and description

FESX-PREM

FCX

ICX 6610

FSX 800-PREM
FSX 1600-PREM
Active host routes

Yes (6,000)

Yes (16,000)

Yes (16,000)

Anycast RP

Yes

No

No

IPv6 BGP/BGP4+

No

No

No

BGP4 graceful restart

Yes (FSX 800
and FSX 1600
only)

Yes (ADV
models in a
stack)

Yes (ADV
models in a
stack)

BGP4

Yes

Yes (ADV
models)

Yes (ADV
models)

IronWare Software Release R07.3.00p

Page 34 of 113

Category and description

FESX-PREM

FCX

ICX 6610

FSX 800-PREM
FSX 1600-PREM
Distance Vector Multicast Routing
Protocol (DVMRP) V2 (RFC 1075)

Yes

No

No

Internet Group Management Protocol (IGMP) V1,
V2, and V3 (for multicast routing scenarios)

Yes

Yes

Yes

ICMP Redirect messages

Yes

Yes

Yes

IGMP V3 fast leave (for routing)

Yes

Yes

Yes

IPv4 point-to-point GRE IP tunnels

Yes
(IPv6 devices
only and 3rd gen
modules)

No

No

IPv6 Layer 3 forwarding1

Yes

Yes

Yes

IPv6 over IPv4 tunnels in hardware1

Yes

Yes

Yes

IPv6 Redistribution 1

Yes

Yes

Yes

IPv6 Static Routes1

Yes

Yes

Yes

Multiprotocol Source Discovery Protocol (MSDP)

Yes

Yes

Yes

OSPF graceful restart

Yes (FSX 800
and FSX 1600
only)

Yes

Yes

OSPF V2

Yes

Yes

Yes

OSPF V3 (IPv6)1

Yes

Yes

Yes

Protocol Independent Multicast Dense
mode (PIM-DM) V1 (draft-ietf-pim-dm-05)
and V2 (draft-ietf-pim-v2-dm-03)

Yes

Yes

Yes

Protocol Independent Multicast Sparse
mode (PIM-SM) V2 (RFC 2362)

Yes

Yes

Yes

PIM passive

Yes

Yes

Yes

Policy-Based Routing (PBR)

Yes

Yes

Yes

RIPng (IPv6)1

Yes

Yes

Yes

Route-only support (Global CONFIG level and
Interface level)

Yes

Yes

Yes

0F

This feature requires IPv6-capable hardware and a valid software license. For details, refer to the chapter
“Software-based Licensing” in the FastIron Configuration Guide.
1

IronWare Software Release R07.3.00p

Page 35 of 113

Category and description

FESX-PREM

FCX

ICX 6610

FSX 800-PREM
FSX 1600-PREM
Route redistribution (including BGP4)

Yes

Yes (BGP4
supported on
ADV models
only)

Yes (BGP4
supported on
ADV models
only)

Routes in hardware maximum:
 FESX6 – up to 256K routes
 FESX6-E – up to 512K routes
 FSX – up to 512K routes
 FCX – up to 16K routes
 ICX – up to 15K Ipv4 routes and 2800 IPv6
routes

Yes

Yes

Yes

Static ARP entries

Yes (up to 6,000) Yes (up to
1,000)

Yes (up to
1,000)

VRRP-E

Yes

Yes

Yes

VRRP-E slow start timer

Yes

Yes

Yes

VRRP-E timer scale

Yes

Yes

Yes

Supported IPv6 management features
Table 11 shows the IPV6 management features that are supported in Brocade devices that can be configured
as an IPv6 host in an IPv6 network, and in devices that support IPv6 routing.
65B

Table 11 Supported IPv6 management features
Category and description

FESX6
FWS
FSX 800
FSX 1600

FCX

ICX 6610

Link-Local IPv6 Address

Yes

Yes

Yes

Yes

IPv6 Access List (management ACLs)

Yes

Yes

Yes

Yes

IPv6 copy

Yes

Yes

Yes

Yes

IPv6 ncopy

Yes

Yes

Yes

Yes

IPv6 debug

Yes

Yes

Yes

Yes

IPv6 ping

Yes

Yes

Yes

Yes

IPv6 traceroute

Yes

Yes

Yes

Yes

DNS server name resolution

Yes

Yes

Yes

Yes

IronWare Software Release R07.3.00p

Page 36 of 113

Category and description

FESX6
FWS
FSX 800
FSX 1600

FCX

ICX 6610

HTTP/HTTPS

Yes

Yes

Yes

Yes

Logging (Syslog)

Yes

Yes

Yes

Yes

RADIUS

Yes

Yes

Yes

Yes

SCP

Yes

Yes

Yes

Yes

SSH

Yes

Yes

Yes

Yes

SNMP

Yes

Yes

Yes

Yes

SNMP traps

Yes

Yes

Yes

Yes

SNTP

Yes

Yes

Yes

Yes

TACACS/TACACS+

Yes

Yes

Yes

Yes

Telnet

Yes

Yes

Yes

Yes

TFTP

Yes

Yes

Yes

Yes

Unsupported features
Table 12 lists the features that are not supported on the FastIron devices. If required, these features are
available on other Brocade devices.
6B

Table 12 Unsupported features
System-level features not supported


ACL logging of permitted packets



Broadcast and multicast MAC filters



Outbound ACLs on FWS, and 1st or 2nd generation of FSX modules.

Layer 2 features not supported


SuperSpan



VLAN-based priority

Layer 3 features not supported


AppleTalk routing

IronWare Software Release R07.3.00p

Page 37 of 113

System-level features not supported


Foundry Standby Router Protocol (FSRP)



IPv6 Multicast Routing



IPX routing



IS-IS



Multiprotocol Border Gateway Protocol (MBGP)



Multiprotocol Label Switching (MPLS)



Network Address Translation (NAT)

TurboIron 24X Feature Support
This section describes the feature highlights in this release. Features or options not listed in this section or
documented in the FastIron and TurboIron 24X Configuration Guide are not supported.
Supported Management Features
This release supports the following management features.
67B

Supported Management Features
Category, Description, and Configuration Notes
802.1X accounting
AAA support for console commands
Access Control Lists (ACLs) for controlling management access
Alias Command
Combined DSCP and internal marking in one ACL rule
Configuring an interface as the source for all TFTP, Syslog, and SNTP packets
DHCP Client-Based Auto-Configuration
DHCP Server
Disabling TFTP Access
Brocade Network Advisor 11.2
P-Bridge and Q-Bridge MIBs
Remote monitoring (RMON)
Retaining Syslog messages after a soft reboot
sFlow
For inbound traffic only
802.1X username export support for encrypted and non-encrypted EAP types
sFlow support for IPv6 packets
sFlow Version 5
Serial and Telnet access to industry-standard Command Line Interface (CLI)
Show log on all terminals
SNMP v1, v2, v3
SNMP V3 traps
Specifying the maximum number of entries allowed in the RMON Control Table

Specifying which IP address will be included in a DHCP/BOOTP reply packet

IronWare Software Release R07.3.00p

Supported on
TurboIron
No
Yes
Yes
Yes
Yes
No
No
No
Yes
Yes
Yes
Yes
No
Yes
Yes
No
Yes
Yes
Yes
Yes
Yes
No

Page 38 of 113

Category, Description, and Configuration Notes

Supported on
TurboIron

Traffic counters for outbound traffic
Web-based GUI
Web-based management HTTPS/SSL

Yes
No
No

Supported Management Features

Supported IPv6 Management Features
This release supports the following IPv6 management features.
68B

Supported IPv6 Management Features
Category, Description, and Configuration Notes

Supported on
TurboIron

Link-Local IPv6 Address

Yes

IPv6 Access List

No

IPv6 copy

Yes

IPv6 ncopy

Yes

IPv6 debug

Yes

IPv6 ping

Yes

IPv6 traceroute

Yes

DNS server name resolution

Yes

HTTP/HTTPS

No

Logging (syslog)

Yes

RADIUS

Yes

SCP

Yes

SSH

Yes

SNMP v1, v2, v3

Yes

SNTP

Yes

Syslog

Yes

TACACS/TACACS+

Yes

Telnet

Yes

TFTP

Yes

Traps

Yes

Supported Security Features
This release supports the following security features.
69B

Category, Description, and Configuration Notes

Supported on
TurboIron

802.1X port security

Yes

Supported Security Features

IronWare Software Release R07.3.00p

Page 39 of 113

Category, Description, and Configuration Notes

Supported on
TurboIron

802.1X authentication RADIUS timeout action

Yes

802.1X dynamic assignment for ACL, MAC filter, and VLAN

Yes

Access Control Lists (ACLs) for filtering transit traffic

Yes

Supported Security Features

Support for inbound ACLs only. These devices do not support outbound ACLs.
Address locking (for MAC addresses)

Yes

AES Encryption for SNMP v3

Yes

AES Encryption for SSH v2

Yes

Authentication, Authorization and Accounting (AAA)

Yes

RADIUS, TACACS/TACACS+
Denial of Service (DoS) protection

Yes

TCP SYN Attacks and ICMP Attacks
DHCP Snooping

No

Dynamic ARP Inspection

No

EAP Pass-through Support

Yes

Enhancements to username and password

Yes

HTTPS

No

IP Source Guard

No

Local passwords

Yes

MAC filter override of 802.1X

Yes

MAC filtering

Yes

Filtering on source and destination MAC addresses
Ability to disable MAC Learning

Yes

Flow-based MAC learning

No

MAC port security

Yes

Multi-device port authentication

Yes

Multi-device port Authentication with dynamic ACLs

Yes

Multi-device port authentication with dynamic VLAN assignment

Yes

Multi-device port authentication password override

Yes

Multi-device port authentication RADIUS timeout action

Yes

Secure Copy (SCP)

Yes

Secure Shell (SSH) v2 Server

Yes

Packet filtering on TCP Flags

Yes

DHCP Relay Agent information (DHCP Option 82) for DHCP snooping

No

IronWare Software Release R07.3.00p

Page 40 of 113

Category, Description, and Configuration Notes

Supported on
TurboIron

Web Authentication

No

Supported Security Features

Supported System-Level Features
This release supports the following system-level features.
70B

Category, Description, and Configuration Notes

Supported on
TurboIron

10/100/1000 port speed

Yes

1 Gbps and 10 Gbps configurable port speed on fiber ports

Yes

32,000 MAC addresses per switch

Yes

ACL-Based Mirroring

Yes

ACL-Based Rate Limiting

Yes

Supported System –Level Features

ACL-based fixed and adaptive rate limiting on inbound ports
ACL filtering based on VLAN membership or VE port membership

Yes

ACL logging of denied packets

Yes

ACL logging is supported for denied packets, which are sent to the CPU for logging
ACL logging is not supported for permitted packets
Packets that are denied by ACL filters are logged in the Syslog based on a sample time-period.
ACL statistics

Yes

ACLs to filter ARP packets

Yes

Asymmetric flow control

Yes

Responds to flow control packets, but does not generate them
Auto MDI/MDIX

Yes

Auto-negotiation

Yes

Automatic removal of Dynamic VLAN for 802.1X ports

No

Automatic removal of Dynamic VLAN for MAC authenticated ports

No

Broadcast, multicast, and unknown-unicast rate limiting

Yes

Boot and reload after 5 minutes at or above shutdown temperature

Yes

Cut-through switching

Yes

DiffServ support

Yes

Digital Optical Monitoring

Yes

Displaying interface names in Syslog

Yes

Displaying TCP/UDP port numbers in Syslog messages

Yes

DSCP Mapping for values 1 through 8

Yes

IronWare Software Release R07.3.00p

Page 41 of 113

Category, Description, and Configuration Notes

Supported on
TurboIron

Dynamic buffer allocation

Yes

Egress buffer thresholds

Yes

Fixed rate limiting

Yes

Supported System –Level Features

Port-based rate limiting on inbound ports.
Fixed rate limiting is supported on 1 Gbps and 10 Gbps Ethernet ports.
Fixed rate limiting is not supported on tagged ports in the full Layer 3 router image.
Foundry Discovery Protocol (FDP) / Cisco Discovery Protocol (CDP)

Yes

Generic buffer profile

No

High Availability

No

Layer 2 hitless switchover
Layer 2 hitless Operating System (OS) upgrade
LLDP

Yes

LLDP-MED

No

MAC filter-based mirroring

Yes

Multi-port static MAC address

Yes

Multiple Syslog server logging

Yes

Up to six Syslog servers
Negative temperature setting

Yes

Outbound rate limiting

No

Outbound rate shaping

Yes

Path MTU Discovery support

No

Port flap dampening

Yes

Port mirroring and monitoring

Yes

Mirroring of both inbound and outbound traffic on individual ports is supported.
Power over Ethernet

No

Priority mapping using ACLs

Yes

Protected link groups

No

Specifying a Simple Network Time Protocol (SNTP) Server

Yes

Specifying the minimum number of ports in a trunk group

Yes

Static MAC entries with option to set traffic priority

Yes

Virtual Cable Testing (VCT) technology

No

Uses Time Domain Reflectometry (TDR) technology to detect and report cable statistics such as; local and remote
link pair, cable length, and link status.

IronWare Software Release R07.3.00p

Page 42 of 113

Supported Layer 2 Features
This release supports the following Layer 2 features.
Supported Layer 2 Features
Category, Description, and Configuration Notes
802.1D Spanning Tree Support

Supported on
TurboIron
Yes

Enhanced IronSpan support includes Fast Port Span and Single-instance Span
TurboIron switches support up to 255 spanning tree instances for VLANs.
802.1p Quality of Service (QoS)

Yes

Strict Priority (SP)
Weighted Round Robin (WRR)
Combined SP and WRR
8 priority queues
802.1s Multiple Spanning Tree

Yes

802.1W Rapid Spanning Tree (RSTP)

Yes

802.1W RSTP support allows for sub-second convergence (both final standard and draft 3 supported)
802.3ad link aggregation (dynamic trunk groups)

Yes

Brocade ports enabled for link aggregation follow the same rules as ports configured for trunk groups.
ACL-based rate limiting QoS

Yes

BPDU Guard

Yes

Dynamic Host Configuration Protocol (DHCP) Assist

Yes

IGMP v1/v2 Snooping Global

Yes

IGMP v3 Snooping Global

Yes
(*,G and S,G)

IGMP v1/v2/v3 Snooping per VLAN

Yes

IGMP Proxy

Yes

IGMP v2/v3 Fast Leave (membership tracking)

Yes

IGMP Filters

Yes

Interpacket Gap (IPG) adjustment

Yes

Jumbo frames

Yes

10/100/1000 and 10-Gigabit Ethernet ports
Up to 9216 bytes
LACP

Yes

LACP trunk group ports follow the same configuration rules as for statically configured trunk group ports.
Support for single link LACP
Link Fault Signaling (LFS) for 10-Gigabit Ethernet ports

Yes

MAC-Based VLANs

No

Dynamic MAC-Based VLAN Activation
Metro Ring Protocol 1 (MRP 1)

IronWare Software Release R07.3.00p

Yes

Page 43 of 113

Category, Description, and Configuration Notes

Supported on
TurboIron

Metro Ring Protocol 2 (MRP 2)

Yes

MLD Snooping V1/V2

No

Supported Layer 2 Features

MLD V1/V2 snooping (global and local)
MLD fast leave for V1
MLD tracking and fast leave for V2
Static MLD and IGMP groups with support for proxy
Multicast static group traffic filtering (for snooping scenarios)

No

PIM-SM V2 Snooping

Yes

PVST/PVST+ compatibility

Yes

PVRST+ compatibility

Yes

Remote Fault Notification (RFN) for 10-Gigabit Ethernet ports

No

Root Guard

Yes

Super Aggregated VLANs

Yes

Trunk groups

Yes

Trunk threshold for static trunk groups
Flexible trunk group membership
Topology groups

Yes

Uni-directional Link Detection (UDLD) (Link keepalive)

Yes

Uplink Ports Within a Port-Based VLAN

Yes

VLAN Support on TurboIron Devices:

Yes

4096 maximum VLANs
Dual-mode VLANs
802.1Q with tagging
Port-based VLANs
VLAN groups
Private VLANs
802.1ad Tagging (tag-type 8100 over 8100 encapsulation)

Yes

VLAN-based mirroring

No

VoIP Auto-configuration and CDP

No

Virtual Switch Redundancy Protocol (VSRP)

Yes

VSRP-Aware security features

Yes

VSRP and MRP signaling

Yes

VSRP Fast Start

Yes

VSRP timer scaling

Yes

IronWare Software Release R07.3.00p

Page 44 of 113

Supported Layer 3 Features
This release supports the following Layer 3 features.
72B

Supported Layer 3 Features
Category, Description, and Configuration Notes

Supported on
TurboIron

Anycast RP

Yes

BGP

Yes

IGMP V1, V2, and V3

Yes

IP helper

Yes

IP multicast routing protocols: PIM-SM and PIM-DM

Yes

DVMRP is not supported
ICMP Redirect messages

Yes

Multiprotocol Source Discovery Protocol (MSDP)

Yes

OSPF V2 (IPv4)

Yes

RIP V1 and V2

Yes

Route-only support

Yes

Disabling Layer 2 Switching at the CLI Interface level as well as the Global CONFIG level. This feature is not
supported on virtual interfaces.
Routing for directly connected IP subnets

Yes

Static IP Routing

Yes

Virtual Interfaces

Yes

Up to 255 virtual interfaces
VRRP

Yes

VRRP-E

Yes

Note: Layer 3 features not listed under “Layer 3 Features” are not supported.

IronWare Software Release R07.3.00p

Page 45 of 113

Software image file
Boot and flash images for Ironware release 07.3.00p
Table 13 lists the software image file that is available for IronWare Release 07.3.00p.
Table 13 Software image file
Device

Boot Image

Flash Image

FESX6
FSX 800
FSX 1600

sxz07200.bin

SXS07300p.bin (Layer 2) or
SXL07300p.bin (base Layer 3)
or
SXR07300p.bin (full Layer 3)

PoE Firmware files
Table 14 lists the PoE firmware file types supported for IronWare Release R07.3.00p. The firmware files are
specific to their devices and are not interchangeable. For example, you cannot load FCX PoE firmware on a FSX
device.
Note: The PoE circuitry includes a microcontroller pre-programmed at Brocade factory. In the past, a copy of
the current microcontroller code was embedded as part of the FastIron software releases and was used for
upgrades if necessary. Two different types of PoE controller code sets were included for PoE and POE+
subsystems. That is no longer the case, and the software has been enhanced so that it can be loaded as an
external file. The microcontroller code has not changed in this release, so there is no current need for an
upgrade. The PoE firmware version string will be kept updated to match the corresponding software version
however. This is only a cosmetic change and the firmware itself remains unchanged. Should a new version of
POE code be released, Brocade will notify its customers of the needed code upgrade. Finally, in the remote
case that a failure occurs during an upgrade process, the switch would still be functional but without PoE
circuitry. Should you encounter such an issue, please contact Brocade Technical Support for servicing.
Table 14 PoE Firmware files
Device

PoE Firmware Version

PoE Firmware Files

FESX6
FSX 800
FSX 1600

06.0.6

fsx_poe_06.0.6.fw

FSX 800 with SX-FI648PP or SX-FI24GPP module
FSX 1600 with SX-FI648PP or SXFI-24GPP module

02.1.0

fsx_poeplus_02.1.0.fw

FCX
ICX 6610

02.1.0

fcx_poeplus_02.1.0.fw

Upgrading software
Use the procedures in this section to upgrade the software for your devices.
There are two different upgrade procedures. Select the appropriate procedure for the type of upgrade you want
to perform:

IronWare Software Release R07.3.00p

Page 46 of 113

 Standard upgrade procedure
Use this procedure if you want to upgrade to IronWare R07.3.00p but do not want to run the device in a FIPS
environment. This procedure is described in the Standard upgrade procedure section.

Important notes about upgrading or downgrading the software
Note the following when upgrading to software release R07.3.00p:






FSX devices can store two Full Layer 3 image or two Layer 2 or Base Layer 3 images.
FESX6 can store one Full Layer 3 image or two Layer 2 or Base Layer 3 images
The image for IronWare R07.2.00a and later uses different Interprocessor Communications (IPC) versions
for FCX devices; however, units in a stack must run the same IPC version to communicate. After upgrading
from IronWare R07.2.00 or earlier to IronWare R07.3.00p, you must verify that the same image
downloaded to every unit in the stack before reloading the entire stack. To verify the images, you can enter
the show flash command at any level of the CLI. A stack cannot be built and will not operate if one or more
units has different software images.
Hitless upgrade for FSX devices from 07.3.00c to later 07.3.00 releases is not supported.

Note the following when downgrading from software release R07.3.00p:


If software-based licensing is in effect on the device and the software is downgraded to pre-release
07.1.00, software-based licensing will not be supported.

Standard upgrade procedure
Before upgrading the software on the device, first read the Important notes about upgrading or downgrading
the software section.
Upgrading the boot code
If you need to upgrade the boot code, perform the following steps.
1. Place the new boot code on a TFTP server to which the Brocade device has access.
2. If the device has 8 MB of flash memory or if you want to install a Full Layer 3 image on an FCX or FSX
device, you must delete the primary and secondary image
3. Copy the boot code from the TFTP server into flash memory. To do so, enter a command such as the
following at the Privileged EXEC level of the CLI.
copy tftp flash   bootrom
You should see output similar to the following.
Device# Flash Memory Write (8192 bytes per dot)...........................
(Boot Flash Update)Erase.........Write.............
TFTP to Flash Done
Note: Brocade recommends that you use the copy tftp flash command to copy the boot code to the
device during a maintenance window. Attempting to do so during normal networking operations may
cause disruption to the network.
4. Verify that the code has been successfully copied by entering the following command at any level of
the CLI.

show flash
The output will display the compressed boot ROM code size and the boot code version.
5. Upgrade the flash code as instructed in the following section.

IronWare Software Release R07.3.00p

Page 47 of 113

Upgrading the flash code
Note: You must delete the current primary and secondary images before completing the upgrade steps.
Devices with 8MB of flash memory can only hold one complete image.
To upgrade the flash code, perform the following steps.
1. Place the new flash code on a TFTP server to which the Brocade device has access.
2. If the device has 8MB of flash memory or if you want to install a Full Layer 3 image on an FCX device,
you must delete the primary and secondary images before upgrading the image. To delete images
from the flash, enter the following commands:
Device# erase flash primary
Device# erase flash secondary
Note: If the primary flash contains additional files not related to the software update, it is
recommended that you also delete these files.
3. Copy the flash code from the TFTP server into flash memory. To do so, use the copy command at the
Privileged EXEC level of the CLI.
copy tftp flash   primary | secondary
You should see output similar to the following.
Device# Flash Memory Write (8192 bytes per dot) ........................
...................................................................................................................................................
TFTP to Flash Done
4. Verify that the flash code has been successfully copied by entering the following command at any level
of the CLI.
Note: For units in an IronStack, when upgrading from one major release to another (for example, from
software release 07.1.00 to 07.2.00), make sure that every unit has the same code. If you reload the
stack while units are running different code versions, the units will not be able to communicate.
show flash
If the flash code version is correct, go to step 5, otherwise, go back to step 1.
5. Once you have completed the upgrade, you must reboot the device to complete the upgrade process.
Use one of the following commands:



reload (this command boots from the default boot source, which is the primary flash area by
default)
boot system flash primary | secondary

A confirmation step may occur after a boot system flash primary/secondary command is entered and
gives an administrator the opportunity to make last minute changes or corrections before performing a
reload. The example below shows the confirmation step.
Device# boot system flash primary
Are you sure? (enter ‘Y’ or ‘N’): y
6. For devices in an IronStack, make sure all devices are running the same software image. See
“Confirming software versions (IronStack devices)” in the next section.

Confirming software versions (IronStack devices)
All units in an IronStack must be running the same software image. To confirm this, check the software version
on all devices that you want to add to your IronStack. Upgrade any units that are running older versions of the
software before you build your stack.

IronWare Software Release R07.3.00p

Page 48 of 113

1. Telnet, SSH, or connect to any of the console ports in the stack.
2. Enter the show version command. Output similar to the following is displayed.
Device# show version
Copyright (c) 1996-2011 Brocade Communications Systems, Inc.
UNIT 3: compiled on Sep 26 2011 at 21:15:14 labeled as FCXR07300
(6801867 bytes) from Primary fcxr07300.bin
SW: Version 07.3.00T7f3
UNIT 1: compiled on Sep 26 2011 at 21:15:14 labeled as FCXR07300
(6801867 bytes) from Primary fcxr07300.bin
SW: Version 07.3.00T7f3
UNIT 2: compiled on Sep 26 2011 at 21:15:14 labeled as FCXR07300
(6801867 bytes) from Primary fcxr07300.bin
SW: Version 07.3.00T7f3
UNIT 4: compiled on Sep 26 2011 at 21:15:14 labeled as FCXR07300
(6801867 bytes) from Primary fcxr07300.bin
SW: Version 07.3.00T7f3
UNIT 5: compiled on Sep 26 2011 at 21:15:14 labeled as FCXR07300
(6801867 bytes) from Primary fcxr07300.bin
SW: Version 07.3.00T7f3
UNIT 6: compiled on Sep 26 2011 at 21:15:14 labeled as FCXR07300
(6801867 bytes) from Primary fcxr07300.bin
SW: Version 07.3.00T7f3
UNIT 7: compiled on Sep 26 2011 at 21:15:14 labeled as FCXR07300
(6801867 bytes) from Primary fcxr07300.bin
SW: Version 07.3.00T7f3
UNIT 8: compiled on Sep 26 2011 at 21:15:14 labeled as FCXR07300
(6801867 bytes) from Primary fcxr07300.bin
SW: Version 07.3.00T7f3
Boot-Monitor Image size = 369321, Version:07.3.00T7f5 (grz07300)
HW: Stackable FCX648S-PREM (PROM-TYPE FCX-ADV-U)
==========================================================================
UNIT 1: SL 1: FCX-24GS 24-port Management Module
License: FCX_ADV_ROUTER_SOFT_PACKAGE
(LID: )
P-ENGINE 0: type DB90, rev 01
PROM-TYPE: FCX-ADV-U
==========================================================================
UNIT 1: SL 2: FCX-2XGC 2-port 16G Module (2-CX4)
==========================================================================
UNIT 1: SL 3: FCX-2XG 2-port 10G Module (2-XFP)
==========================================================================
UNIT 2: SL 1: FCX-48GS POE 48-port Management Module
License: FCX_ADV_ROUTER_SOFT_PACKAGE
(LID: )
P-ENGINE 0: type DB90, rev 01
P-ENGINE 1: type DB90, rev 01
PROM-TYPE: FCX-ADV-U
==========================================================================
UNIT 2: SL 2: FCX-2XGC 2-port 16G Module (2-CX4)
==========================================================================
UNIT 3: SL 1: FCX-48GS 48-port Management Module
License: FCX_ADV_ROUTER_SOFT_PACKAGE
(LID: )
P-ENGINE 0: type DB90, rev 01
P-ENGINE 1: type DB90, rev 01
PROM-TYPE: FCX-ADV-U
==========================================================================
UNIT 3: SL 2: FCX-2XGC 2-port 16G Module (2-CX4)
==========================================================================
UNIT 3: SL 3: FCX-2XG 2-port 10G Module (2-XFP)
==========================================================================
UNIT 4: SL 1: FCX-24GS-F 24-port Management Module
Serial #: BFC2239E03J

IronWare Software Release R07.3.00p

Page 49 of 113

License: FCX_ADV_ROUTER_SOFT_PACKAGE
(LID: dheHHIOgFIl)
P-ENGINE 0: type DB90, rev 01
==========================================================================
UNIT 4: SL 2: FCX-2XGC 2-port 16G Module (2-CX4)
==========================================================================
UNIT 5: SL 1: FCX-24GS 24-port Management Module
Serial #: BCV2218F091
License: FCX_ADV_ROUTER_SOFT_PACKAGE
(LID: dexHHGNhFOG)
P-ENGINE 0: type DB90, rev 01
==========================================================================
UNIT 5: SL 2: FCX-2XGC 2-port 16G Module (2-CX4)
==========================================================================
UNIT 6: SL 1: FCX-24GS 24-port Management Module
Serial #: BCV2218F0BX
License: FCX_ADV_ROUTER_SOFT_PACKAGE
(LID: dexHHGNhFdz)
P-ENGINE 0: type DB90, rev 01
==========================================================================
UNIT 6: SL 2: FCX-2XGC 2-port 16G Module (2-CX4)
==========================================================================
UNIT 7: SL 1: FCX-24GS 24-port Management Module
Serial #: BCV2218F099
License: FCX_ADV_ROUTER_SOFT_PACKAGE
(LID: dexHHGNhFOO)
P-ENGINE 0: type DB90, rev 01
==========================================================================
UNIT 7: SL 2: FCX-2XGC 2-port 16G Module (2-CX4)
==========================================================================
UNIT 8: SL 1: FCX-24GS 24-port Management Module
Serial #: BCV2218F0B7
License: FCX_ADV_ROUTER_SOFT_PACKAGE
(LID: dexHHGNhFdM)
P-ENGINE 0: type DB90, rev 01
==========================================================================
UNIT 8: SL 2: FCX-2XGC 2-port 16G Module (2-CX4)
==========================================================================
telnet@fcx648s-upper#

Note: If any unit in the IronStack is running an incorrect version of the software, it will appear as nonoperational. You must install the correct software version on that unit for it to operate properly in the stack. For
more information, refer to “Copying the flash image to a stack unit from the Active Controller” in the FastIron
Configuration Guide.

Upgrading software images on TurboIron devices
Upgrading the boot code
1. Place the new boot code on a TFTP server to which the Brocade device has access.
2. Enter the following command at the Privileged EXEC level of the CLI (example: FastIron Switch#) to copy
the boot code from the TFTP server into flash memory:
copy tftp flash   bootrom
3. Use the copy tftp flash command to copy the boot code to the Brocade device only during a maintenance
window. Attempting to do so during normal networking operations can cause disruption to the network.
4. Verify that the code has been successfully copied by entering the following command at any level of the
CLI:
show flash
5. The output will display the compressed boot ROM code size and the boot code version.

IronWare Software Release R07.3.00p

Page 50 of 113

6. Upgrade the flash code as instructed in the following section.

Upgrading the flash image
1. Place the new flash code on a TFTP server to which the Brocade device has access.
2. Enter the following command at the Privileged EXEC level of the CLI (example: FastIron#) to copy the flash
code from the TFTP server into the flash memory:
copy tftp flash   primary | secondary
3. Verify that the flash code has been successfully copied by entering the following command at any level of
the CLI:
show flash
4. If the flash code version is correct, go to Step 5. Otherwise, go to Step 1.
5. Reload the software by entering the following command:
reload
(The reload command boots from the default boot source, which is the primary flash area by default)

Technical support
Contact your switch supplier for the hardware, firmware, and software support, including product repairs and
part ordering. To expedite your call, have the following information immediately available:
1. General Information







Technical Support contract number, if applicable
Device model
Software release version
Error numbers and messages received
Detailed description of the problem, including the switch or network behavior immediately
following the problem, and specific questions
Description of any troubleshooting steps already performed, with the results

2. Switch Serial Number

Getting help or reporting errors
E-mail and telephone access
Go to http://www.brocade.com/services-support/index.html for the latest e-mail and telephone contact
information.

Additional resources
For more information about the products supported in this software release, refer to the following publications.
Document Title

Contents

FastIron Configuration Guide

Provides configuration procedures for systemlevel features, enterprise routing protocols, and
security features.

Brocade FCX Series Hardware Installation Guide

Describes the hardware as shipped. Provides
installation instructions, hardware maintenance

IronWare Software Release R07.3.00p

Page 51 of 113

Document Title

Contents

Brocade FastIron WS Series Hardware Installation
Guide
Brocade FastIron X Series Chassis Hardware
Installation Guide
Brocade FastIron Edge X-Series Switch Hardware
Installation guide
Brocade ICX 6610 Series Hardware Installation Guide

procedures, hardware specifications, and
compliance information.

Unified IP MIB Reference

Simple Network Management Protocol (SNMP)
Management Information Base (MIB) objects.

Brocade FCX, Brocade FastIron SX, Brocade ICX 6610
Web Management Interface User Guide

Describes the Graphical User Interface (GUI) and
procedures for monitoring and configuring various
features of the FastIron CX series switches using
the GUI.

Brocade FCX and Brocade ICX 6610 Debug Guide

Documents debug commands for debugging
devices.

TurboIron 24X Configuration Guide

Provides configuration procedures for systemlevel features, enterprise routing protocols, and
security features for TurboIron 24X.

Brocade TurboIron 24X Series Hardware Installation
Guide

Describes the TurboIron 24X hardware as
shipped. Provides installation instructions,
hardware maintenance procedures, hardware
specifications, and compliance information.

Go to http://www.brocade.com/ethernetproducts to obtain the latest version of the guides. To report errors in
the guide, send an email to documentation@brocade.com.
U

U

U

U

Closed Defects in IronWare Software Release 07.3.00p
Defect ID: DEFECT000561967
Technical Severity: Medium

Probability: High

Product: IronWare

Technology: Layer 2

Reported In Release: FI 07.3.00
Technology Area: IEEE 802.1w RSTP
Symptom: Delayed MAC table flush observed upon the Root bridge reload and RSTP topology convergence.
Condition: The problem occurs when the Root bridge reloads and joins the topology back. The MAC flush occurs after
twice the forward delay time.

IronWare Software Release R07.3.00p

Page 52 of 113

Closed Defects in IronWare Software Release 07.3.00n
Defect ID: DEFECT000536989
Technical Severity: Medium
Probability: Medium
Product: IronWare
Technology: Security
Reported In Release: FI 08.0.10
Technology Area: FIPS
Symptom: SSL poodle attack vulnerability
Condition: When HTTPS is connected using SSL 3.0, there is chance for poodle attack.
Defect ID: DEFECT000559035
Technical Severity: Medium
Probability: High
Product: IronWare
Technology: Management
Reported In Release: FI 07.3.00
Technology Area: SNMPv2, SNMPv3 & MIBs
Symptom: Device may unexpectedly reload when interface statistics is fetched through SNMP polling.
Condition: This issue is observed when IPv6 interface information is fetched for invalid port through SNMP polling.
Workaround: Avoid SNMP polling of IPv6 interface statistics with invalid port number.

Closed Defects in IronWare Software Release 07.3.00m
Defect ID: DEFECT000488852
Technical Severity: Medium
Probability: Low
Product: IronWare
Technology: Layer 3
Reported In Release: FI 07.4.00
Technology Area: OSPF (IPv4)
Symptom: Even though routing table gets changed as far as they see "show ip route", the traffic still goes out from the
port based on the previous routing table, unless we execute "clear ip route".
Condition: None
Workaround: Execute "clear ip route" a few times
Defect ID: DEFECT000533382
Technical Severity: High
Probability: Low
Product: IronWare
Technology: Stacking
Reported In Release: FI 07.2.00
Technology Area: Hitless Switchover, Failover, Hotswap,OS U/G
Symptom: The active management module of SX800 device unexpectedly reloads without stack trace.
Condition: If the SX800 device is up for more than 1325 days, the active management module resets unexpectedly.

Closed Defects in IronWare Software Release 07.3.00k
Defect ID: DEFECT000468746
Technical Severity: High
Probability: High
Product: IronWare
Technology: Layer 2
Reported In Release: FI 08.0.00
Technology Area: IEEE 802.1w RSTP
Symptom: With PVRST mode enabled on VDX device the FastIron devices drops BPDUs from VDX device
resulting in non-convergence of the topology.
Condition: When VDX device with Spanning tree and PVRST mode enabled, is connected to a FastIron device
the BPDUs are dropped resulting issue in topology convergence.

IronWare Software Release R07.3.00p

Page 53 of 113

Defect ID: DEFECT000495931
Technical Severity: Medium
Probability: Medium
Product: IronWare
Technology: Management
Reported In Release: FI 08.0.01
Technology Area: SNMPv2, SNMPv3 & MIBs
Symptom: SNMPv3 user became invalid after changing the stack MAC.
Condition: When the stack MAC is changed, the SNMPv3 user became invalid.
Defect ID: DEFECT000506391
Technical Severity: Medium
Probability: High
Product: IronWare
Technology: Traffic Management
Reported In Release: FI 07.3.00
Technology Area: QoS - Quality of Service
Symptom: The “egress-buffer-threshold minimum” configuration on LACP/Trunk interface does not take effect
on secondary ports after reload.
Condition: When “egress-buffer-threshold minimum” is configured on LACP / Trunk interfaces, the
configuration is shown only on primary interface in the start-up configuration. The configuration is
not applied on the secondary ports upon reload.
Recovery: Re-configure the 'egress-buffer-threshold minimum' command after reload
Defect ID: DEFECT000509612
Technical Severity: Medium
Probability: Medium
Product: IronWare
Technology: Management
Reported In Release: FI 08.0.10
Technology Area: DHCP (IPv4)
Symptom: IP phones of specific models do not get connected to the TFTP server, when ICX 64xx or ICX6610
device is used as DHCP server.
Condition: When ICX device is used as DHCP server, the IP phones of specific models could not connect to the
TFTP server.
Defect ID: DEFECT000516553
Technical Severity: Critical
Probability: High
Product: IronWare
Technology: Stacking
Reported In Release: FI 07.4.00
Technology Area: Traditional Stacking
Symptom: In ICX stacking environment, sometimes a member gets isolated from the stack due to a transmit
lockup. This is result of inability to transmit packets on the 40G link, causing the member to be
removed from the stack.
Condition: This could be caused due to flapping of the 40G port, or in a congestion situation.
Syslog message will inform which unit from which stack device is deleted from the stack system.
Defect ID: DEFECT000518219
Technical Severity: Medium
Probability: Medium
Product: IronWare
Technology: System
Reported In Release: FI 07.3.00
Technology Area: Component
Symptom: In SX1600 device, ping latency occurs when optical monitoring is turned on.
Condition: SX1600 device having Gen2 Management Module and Gen 3 line cards running 7.300g or 7.300f
software, when optical monitoring is enabled ping latency is observed even under normal CPU load.

IronWare Software Release R07.3.00p

Page 54 of 113

Defect ID: DEFECT000522650
Technical Severity: High
Probability: Low
Product: IronWare
Technology: Security
Reported In Release: FI 07.3.00
Technology Area: 802.1x Port Security
Symptom: IP phones unexpectedly losing connection when 802.1x is enabled after about 10 minutes.This
happens in dual-mode vlan, where the phone is tagged to voice-vlan, while the dot1x mac-session is
associated with the data-vlan.
Condition: None
Workaround: Enable dot1x multicast mode on the phone.
Defect ID: DEFECT000524754
Technical Severity: Low
Probability: High
Product: IronWare
Technology: Layer 2
Reported In Release: FI 07.3.00
Technology Area: ARP
Symptom: While executing the “show mac” command from the rconsole prompt on an ICX6610 member unit,
that unit unexpectedly reloads.
Condition: None.
Defect ID: DEFECT000528247
Technical Severity: Medium
Probability: Medium
Product: IronWare
Technology: Monitoring/RAS
Reported In Release: FI 07.3.00
Technology Area: Syslog
Symptom: FCX stack device restarts spontaneously when enormous syslog messages are generated.
Condition: When the FCX stack device is switched over multiple times with enormous syslog messages the
device reloads unexpectedly.
Defect ID: DEFECT000529496
Technical Severity: High
Probability: Low
Product: IronWare
Technology: System
Reported In Release: FI 07.3.00
Technology Area: Optics
Symptom: In very few 100-FX optics, when an interface configured as 100-fx, the interface status in "show
interface" shows as UP when 100-fx SR optics is plugged without a link up.
Condition: The link is physically down, and the 100-FX optics is plugged-in.
Defect ID: DEFECT000530578
Technical Severity: High
Probability: Medium
Product: IronWare
Technology: Layer 3
Reported In Release: FI 07.4.00
Technology Area: Other IPv4
Symptom: IP reachability issues are observed between hosts in specific subnets connected in different VLANs
during event of a switch fabric hotswap.
Condition: None
Defect ID: DEFECT000535762
Technical Severity: High
Probability: High
Product: IronWare
Technology: Security
Reported In Release: FI 07.4.00
Technology Area: Web Authentication
Symptom: Web pages do not load during HTTPs server verification.
Condition: When self signed-ceritificate is used for HTTPS server verification, web page does not load.
Workaround: Security certificates generated externally can be used for secure-login

IronWare Software Release R07.3.00p

Page 55 of 113

Defect ID: DEFECT000537299
Technical Severity: Medium
Probability: Low
Product: IronWare
Technology: System
Reported In Release: FI 08.0.30
Technology Area: CLI
Symptom: “show tech” command output does not have sysmon counter information for ICX6610 devices.
Condition: None

Closed Defects in IronWare Software Release 07.3.00j
Defect ID: DEFECT000493946
Technical Severity: Medium
Probability: High
Product: IronWare
Technology: Monitoring/RAS
Reported In Release: FI 07.3.00
Technology Area: Syslog
Symptom: An SNTP syslog is generated whenever the SNTP poll interval expires. The default SNTP poll
interval timeout value is 30 minutes.
Condition: If there is no SNTP poll interval configured, a syslog is printed on every 30 minutes. When a poll
interval is configured, syslog is generated at the expiration of the configured time
Defect ID: DEFECT000496483
Technical Severity: Medium
Probability: High
IronWare
Product:
Technology: Security
Reported In Release: FI 07.3.00
Technology Area: 802.1x Port Security
Symptom: Stack unit with DOT1X may get reloaded due to insufficient memory caused by a memory leak issue.
Depending on the number of clients, memory leakage may result in complete memory exhaustion
after a period of time.
Condition: FCX stack running FI 7.3.00.f release version with DoT1X authentication enabled may experience
crash due to memory exhaustion.
Defect ID: DEFECT000496787
Technical Severity: Medium
Probability: High
Product: IronWare
Technology: Layer 2
Reported In Release: FI 07.3.00
Technology Area: Link Aggregation
Symptom: When a switch forms an LACP trunk, it brings down all the ports in that LAG and flushes out peer
info. It then sends NULL PDU to the peer. The peer starts to send LACPPDU with NULL peer info to
the device. Then, device starts to disable LACP member ports one by one and finally brings down the
whole LAG. This is a continuous process.
Condition: TI connected to a third party switch or Linux in a LAG configuration, the switch forms a LACP
trunk, then it tears down all the ports in that lag and flush out peer info
none
Recovery:
Defect ID: DEFECT000501159
Technical Severity: High
Probability: Medium
Product: IronWare
Technology: Management
Reported In Release: FI 07.3.00
Technology Area: DHCP (IPv4)
Symptom: When DHCP works in the server mode, memory leakage happens with each request received by the
device. When this is continued for a few days, the system may run out of memory and get rebooted
Condition: When FastIron device is configured as DHCP server, DHCP client request processed by server may
cause memory leak.

IronWare Software Release R07.3.00p

Page 56 of 113

Defect ID: DEFECT000502975
Technical Severity: Medium
Probability: Medium
Product: IronWare
Technology: Management
Reported In Release: FI 07.3.00
Technology Area: NTP - Network Time Protocol
Symptom: An NTP syslog is generated whenever the NTP poll interval expires. The default NTP poll interval
timeout value is 30 minutes.
Condition: If there is no NTP poll interval configured, a syslog is printed on every 30 minutes. When a poll
interval is configured, syslog is generated at the expiration of the configured time

Closed Defects in IronWare Software Release 07.3.00h
Defect ID: DEFECT000467830
Technical Severity: Medium
Summary: Traffic through LAG is interrupted on standby unit when active unit is reloaded.
Symptom: In a stack of two ICX 6610 switches with a LAG group consisting of one port in the active unit and
another port in the standby unit, the LAG egress traffic stops for about 30 seconds on the standby unit
when the active unit reloads
Probability: Low
Risk of Fix: Medium
Feature: L2 Forwarding
Function: UNDETERMINED
Reported In Release: FI 07.4.00
Service Request ID: 1199002
Defect ID: DEFECT000470564
Technical Severity: Medium
Summary: The “show ip mroute” command output does not display a configured static default multicast route.
Symptom: The “show ip mroute” command output does not display a configured static default multicast route.
Probability: Medium
Feature: SX L2/L3 Multicast Features
Function: PIM Sparse
Reported In Release: FI 07.3.00
Service Request ID: 1210623
Defect ID: DEFECT000471200
Technical Severity: High
Summary: ICX 6610 reloads due to Data TLB error in corner case scenarios upon receiving certain control plane
stacking messages from peer stack units.
Symptom: ICX 6610 reloads due to Data TLB error in corner case scenarios upon receiving certain control plane
stacking messages from peer stack units.
Probability: Low
Risk of Fix: Low
Feature: FI Infrastructure
Function: Stacking table sync/high avaibility
Reported In Release: FI 07.4.00
Service Request ID: 1212599
Defect ID: DEFECT000471565
Technical Severity: Medium
Summary: An SCP file transfer using Putty version 0.63 over a slow connection may fail.
Symptom: An SCP file transfer using Putty version 0.63 over a slow connection may fail and generate the
following error message: Fatal: Received unexpected end-of-file from server.
Probability: Medium
Feature: FI Embedded Management
Function: SSHV2/SCP
Reported In Release: FI 07.3.00
Service Request ID: 1213955,1213955
Defect ID: DEFECT000472237
Technical Severity: Medium
Summary: On time update, SNTP server generates syslog message mentioning wrong time.
Symptom: On time update, SNTP server generates syslog message mentioning wrong time.
Probability: Medium
Feature: FI Embedded Management
Function: Common Criteria
Reported In Release: FI 07.3.00

IronWare Software Release R07.3.00p

Page 57 of 113

Defect ID: DEFECT000472725
Technical Severity: Medium
Summary: The “show statistics brief ethernet ” command output does not display packet counters for
undersized packets
Symptom: The “show statistics brief ethernet ” command output does not display packet counters for
undersized packets.
Workaround: N/A
Probability: Medium
Feature: FI Embedded Management
Function: CLI and parser
Reported In Release: FI 07.3.00
Defect ID: DEFECT000473755
Technical Severity: Medium
Summary: SNMP incorrectly reports power supply status as down.
Symptom: SNMP incorrectly reports power supply status as down.
Probability: Medium
Risk of Fix: Low
Feature: FCX Network Management
Function: SNMP V4/V6
Reported In Release: FI 07.2.02
Service Request ID: 1208707
Defect ID: DEFECT000474185
Technical Severity: High
Summary: A device acting as the DHCP-Relay Agent unexpectedly reloads while updating its ARP table.
Symptom: A device acting as the DHCP-Relay Agent unexpectedly reloads while updating its ARP table.
Workaround: N/A
Probability: High
Risk of Fix: Medium
Feature: UNDETERMINED
Function: UNDETERMINED
Reported In Release: FI 07.4.00
Service Request ID: 1226009
Defect ID: DEFECT000474395
Technical Severity: Medium
Enabling
802.1w
on
the
default
VLAN
that
contains
no port gives continuous error messages.
Summary:
Symptom: Enabling 802.1w on the default VLAN that contains no port gives continuous error messages.
Probability: Medium
Risk of Fix: High
Feature: FI L2
Function: Control Plane - xSTP PVST+ PVRST+
Reported In Release: FI 08.0.00
Service Request ID: 1226756
Defect ID: DEFECT000475964
Technical Severity: High
Summary: Two IPv6 neighbor discovery (ND) packets sent out every second.
Symptom: Duplicate ICMPv6 neighbor solicitations are sent.
Probability: Medium
Risk of Fix: Low
Feature: FI L3 Unicast
Function: Control Plane - ND ICMPv6
Reported In Release: FI 08.0.01
Service Request ID: 1219638
Defect ID: DEFECT000478555
Technical Severity: Medium
Summary: Removing the dual mode configuration on an interface configured with dot1x and mac authentication
causes the switch to unexpectedly reload.
Symptom: Removing the dual-mode configuration on an interface configured with dot1x and mac authentication
causes the switch to unexpectedly reload.
Probability: High
Risk of Fix: Medium
Feature: FI ACL
Function: 802.1x authentication
Reported In Release: FI 07.4.00
Service Request ID: 1179303

IronWare Software Release R07.3.00p

Page 58 of 113

Defect ID: DEFECT000479288
Technical Severity: High
Summary: When network failure occurs with IGMPv3 and IGMP Tracking enabled, it causes delay in failover
process.
Symptom: When network failure occurs with IGMPv3 and IGMP Tracking enabled, it causes delay in failover
process.
Probability: High
Risk of Fix: Low
Feature: L2/L3 Multicast Features
Function: IGMP snooping and variants
Reported In Release: FI 07.4.00
Service Request ID: 1241536
Defect ID: DEFECT000481649
Technical Severity: High
Summary: Counter overflow causes an ICX 6650 device to stop functioning after 9999 reloads.
Symptom: Counter overflow causes an ICX 6650 device to stop functioning after 9999 reloads.
Probability: High
Risk of Fix: Medium
Feature: Platform
Function: UNDETERMINED
Reported In Release: FI 07.4.00
Service Request ID: 1241878
Defect ID: DEFECT000481686
Technical Severity: Medium
Setting
up
a
scheduled
reload
to
boot
from
the
secondary flash instead boots the device from the
Summary:
primary flash.
Symptom: Configuring a scheduled reload from secondary flash will make the switch boot from primary still.
Probability: Low
Risk of Fix: Low
Feature: FI Platform
Function: Boot code/Flash/Kernel
Reported In Release: FI 08.0.00
Service Request ID: 1234188
Defect ID: DEFECT000482452
Technical Severity: Medium
Summary: The "admin-edge-port" configuration is automatically added at the VLAN level after LAG is
operational.
Symptom: The "admin-edge-port" configuration is automatically added at the VLAN level after LAG is
operational.
Probability: Medium
Feature: FI L2
Function: Control Plane - LACP
Reported In Release: FI 07.3.00
Service Request ID: 1249659
Defect ID: DEFECT000483135
Technical Severity: High
Summary: Unidirectional link in an LACP LAG causes network loop due to port incorrectly remaining in
Designated/Forwarding state in RSTP
Symptom: Unidirectional link in an LACP LAG causes network loop. Affected ports were not correctly blocked
in RSTP causing ARP packets to circulate within the LAG ports indefinitely. The LAG needs to be
removed manually to mitigate the issue.
Probability: Medium
Feature: FI L2
Function: Control Plane - xSTP/PVST+/PVRST+
Reported In Release: FI 07.3.00
Service Request ID: 1248927
Defect ID: DEFECT000485242
Technical Severity: Critical
Summary: When several switches connect to a multi-access section (Hub), the TCN does not terminate.
Symptom: TCN BPDUs flood the network.
Workaround: run RSTP instead
Probability: High
Risk of Fix: Low
Feature: FI L2 control
Function: Spanning-tree protocols /PVST+/PVRST+
FI
07.4.00
Reported In Release:
Service Request ID: 1256784

IronWare Software Release R07.3.00p

Page 59 of 113

Defect ID: DEFECT000485316
Technical Severity: Medium
Summary: FCX Combo Ports generate optical errors every three minutes even when SFP is disconnected and
alternate copper port is used.
Symptom: Every three minutes, FCX displays an error message similar to the following: “RX power warning
error slot 1/1/1”.
Workaround: Removed the SFPs on the ports that do not have fiber connected which stopped the errors.
Probability: Medium
Risk of Fix: Low
Feature: DOM
Function: DOM
Reported In Release: FI 07.2.02
Service Request ID: 1231134,1231134
Defect ID: DEFECT000485619
Technical Severity: High
Summary: A Deny ACL fails when applied on an inbound interface in an FCX device.
Symptom: A Deny ACL fails when applied on an inbound interface in an FCX device.
Probability: Medium
Feature: FI ACL
Function: ACL(all aspects of ACLs - IPV4)
Reported In Release: FI 07.3.00
Service Request ID: 1256313
Defect ID: DEFECT000485822
Technical Severity: High
Summary: Create an SNMP OID for the new Packet InError Detection and Designated Protection features.
Symptom: Unable to pull string or values, or generate a SNMP trap for the new Packet InError Detection and
Designated Protection features.
Probability: High
Feature: FI Embedded Management
Function: SNMP
Reported In Release: FI 07.3.00
Service Request ID: 1258674
Defect ID: DEFECT000485867
Technical Severity: Medium
Summary: An FSX management module switchover removes the 100-fx and optical monitoring configuration.
Symptom: An FSX management module switchover removes the 100-fx and optical monitoring configuration.
Probability: Medium
Feature: DOM
Function: DOM
Reported In Release: FI 07.3.00
Service Request ID: 1257391
Defect ID: DEFECT000486236
Technical Severity: High
Summary: A client that is connected to the active VRRP router fails to ping successfully to the server that is
connected to the PBR-configured backup VRRP router.
Symptom: A client that is connected to the active VRRP router fails to ping successfully to the server that is
connected to the PBR-configured backup VRRP router.
Probability: Low
Feature: SX Layer 3 Forwarding - IPV4
Function: PBR
Reported In Release: FI 07.3.00
Service Request ID: 1256567
Defect ID: DEFECT000486447
Technical Severity: Medium
Summary: The “show optic” command displays no output.
Symptom: The “show optic” command displays no output for 10G Optics.
Probability: High
Feature: DOM
Function: DOM
Reported In Release: FI 07.3.00
Service Request ID: 1253880

IronWare Software Release R07.3.00p

Page 60 of 113

Closed Defects in IronWare Software Release 07.3.00g1
Defect ID: DEFECT000478420
Technical Severity: High
Summary: Boot image is not synchronized across all stack members when upgrading in 07.3.00g code using SCP
Symptom: When upgrading the boot code through SCP in 07.3.00g code, the boot image is not synchronized
correctly to all the units in the stack; also the Active Unit may never get the new boot image even if
the member units do. Problem is not seen for Application images.
Probability: Medium
Risk of Fix: Low
Feature: FI Embedded Management
Function: SSHV2/SCP
Reported In Release: FI 07.3.00g
Service Request ID: 1239987

Closed Defects in IronWare Software Release 07.3.00g
Defect ID: DEFECT000391347
Technical Severity: Medium
Summary: If the MCT client switch is on an LACP trunk, reloading one MCT peer will cause traffic to drop for a
few seconds after it restarts.
Symptom: If the MCT client switch is connected through LACP, traffic loss is seen for 10-15 seconds when the
MCT peer comes up after a reload due to LACP convergence.
Workaround: Use static trunk for MCT client switches.
Probability: High
Risk of Fix: High
Feature: FI MCT-L2
Function: Link Aggregation Static/LACP
Reported In Release: FI 07.4.00
Service Request ID: 1187611
Defect ID: DEFECT000410566
Technical Severity: Medium
Summary: Issuing a "show tech" can cause UDLD to flap in some rare scenarios with a heavily loaded chassis.
Symptom: In an SX chassis with several line cards fully equipped with SFPs, the implicit "show media"
command within "show tech" can cause some protocols such as UDLD to flap.
Probability: Low
Risk of Fix: Low
Feature: SX Management Functionality
Function: CLI and parser
Reported In Release: FI 07.2.02
Service Request ID: 689327
Defect ID: DEFECT000414937
Technical Severity: Medium
Summary: After a reload "show optic" command does not show any values on the SX-FI-24HF module.
Symptom: After a reload, the "show optic" command does not show any values on the SX-FI-24HF module.
Workaround: Execute "show media" first, after which "show optic" will show the correct values.
Probability: High
Risk of Fix: Low
Feature: Platform
Function: Digital Optical Monitoring
Reported In Release: FI 07.4.00
Service Request ID: 759723
Defect ID: DEFECT000419899
Technical Severity: Medium
Summary: Erroneous Syslog messages reporting functioning FCX power supply units going down and coming up
immediately are generated due to signal noise level.
Symptom: Erroneous and cosmetic Syslog messages about a Power Supply Unit being powered down and up are
displayed continuously even though the PSU functions correctly and provides uninterrupted AC power
to the switch/router.
Probability: Medium
Risk of Fix: Low
Feature: FI Platform Specific features
Function: Chassis/fan/powersupplies/temperature
sensors
Reported In Release: FI 07.2.02
Service Request ID: 1080157

IronWare Software Release R07.3.00p

Page 61 of 113

Defect ID: DEFECT000419924
Technical Severity: Medium
Summary: IP Source Guard blocks traffic after moving the port to a new VLAN.
Symptom: When a client is moved to a port that has IP Source Guard enabled, if the port is then moved to a new
VLAN, the client will no longer be reachable.
Workaround: Disable IP Source Guard on the client port, move it to the new VLAN and then re-enable IP Source
Guard on the port.
Probability: Medium
Risk of Fix: Medium
Feature: FI ACL
Function: DHCP Snooping functionality
Reported In Release: FI 07.4.00
Service Request ID: 1071537
Defect ID: DEFECT000428623
Technical Severity: Medium
Summary: CDP Packet coming from a Brocade Device has one missing field and one incorrect field.
Symptom: Host name is not visible in the CDP packet for location services.
Probability: High
Risk of Fix: Medium
Feature: FI Embedded Management
Function: LLDP
Reported In Release: FI 07.4.00
Service Request ID: 1100465
Defect ID: DEFECT000429049
Technical Severity: Medium
Summary: High CPU utilization observed with NETBIOS & DHCP broadcasts.
Symptom: High CPU utilization is observed when DHCP & NETBIOS broadcast packets are received by the
device.
Probability: High
Risk of Fix: High
Feature: Layer 3 Forwarding - IPV4
Function: Data Forwarding (IPV4)
Reported In Release: FI 07.4.00
Service Request ID: 1092737
Defect ID: DEFECT000441827
Technical Severity: High
Summary: A few Bosch Security Cameras (e.g. NBC-455-11P) fail to power on when connected to ICX6610.
Symptom: IP security camera fails to power on when connected to ICX6610. The "show inline power" output on
the ICX6610 displays the camera port in a "short circuit" state.
Probability: High
Feature: Power over Ethernet
Function: Power over Ethernet
Reported In Release: FI 07.3.00
Service Request ID: 1110403
Defect ID: DEFECT000443109
Technical Severity: Medium
Summary: Warning temperature is not configurable on FESX devices running versions 7.2.02 and later.
Symptom: Warning temperature is not configurable on FESX devices running versions 7.2.02 and later.
Probability: High
Risk of Fix: Low
Feature: SX Platform Specific features
Function: Chassis/fan/powersupplies/temperature
sensors
Reported In Release: FI 07.2.02
Service Request ID: 1137834
Defect ID: DEFECT000447495
Technical Severity: Medium
Summary: Elevated CPU utilization levels seen on ICX6610, even with little traffic.
Symptom: With minimal configuration and nothing plugged into an ICX6610-48, an average of 17 to 23% CPU
utilization is observed.
Probability: High
Feature: FI Platform
Function: Boot code/Flash/Kernel
Reported In Release: FI 07.3.00
Service Request ID: 1148445

IronWare Software Release R07.3.00p

Page 62 of 113

Defect ID: DEFECT000448184
Technical Severity: High
Summary: ICX6610 stacking instability due to interface errors (e.g. CRC, "InErrors", "InGiantPkts", "InJabber"
and/or "InBadPkts") on the stacking ports.
Symptom: CPU utilization steadily increases, interface errors are seen on some of the stacking links, and the unit
generating the errors will eventually break off from the stack.
Workaround: The separated stack unit needs to be cold booted to recover.
Probability: Low
Feature: FI Platform
Function: 40G Link
Reported In Release: FI 07.3.00
Service Request ID: 1148013,1149815
Defect ID: DEFECT000448876
Technical Severity: Medium
Summary: With DHCP snooping enabled, IP Cache is not updated from "Drop" to "Forward" when ARP packet
is received.
Symptom: Traffic loss to certain destinations when traffic transits through a VRRP backup router if DHCP
Snooping is enabled on the incoming interface.
Probability: Low
Risk of Fix: Medium
Feature: SX L2 Forwarding
Function: MAC Table/FDB Manager
Reported In Release: FI 07.2.00
Service Request ID: 1105581
Defect ID: DEFECT000451227
Technical Severity: Medium
Summary: VRRP peer IP address is not reachable if IP address of another physical interface is removed.
Symptom: If VRRP is configured between a TI-24X and an adjacent device, and if there is any physical interface
on it configured with an IP address, removing that IP address will cause the TI-24X to lose connection
to its VRRP peer.
Probability: High
Feature: TI Layer 3 Forwarding - IPV4
Function: Data Forwarding (IPV4)
Reported In Release: FI 07.3.00
Service Request ID: 1120393
Defect ID: DEFECT000452027
Technical Severity: Medium
Summary: The "show aaa" command output is not accurate for certain fields.
Symptom: Certain fields in the “show aaa” command output do not increment or change state in response to user
logins. Specifically, the lines “opens=0 closes=0 timeouts=0 errors=0”, and “no connection” do not
change in response to successful user logins.
Probability: High
Risk of Fix: Medium
Feature: FI Embedded Management
Function: AAA RADIUS/TACACS+ V4/V6
Reported In Release: FI 07.4.00
Service Request ID: 1154018
Defect ID: DEFECT000452843
Technical Severity: Medium
Summary: Switch does not send Accounting Stop message to the TACACS+ server when the SSH session ends
due to idle timeout.
Symptom: Accounting Stop messages are not sent to the TACACS+ server when SSH session ends due to idle
timeout. This problem is not seen with RADIUS or Telnet.
Probability: High
Risk of Fix: Medium
Feature: FI Embedded Management
Function: AAA RADIUS/TACACS+ V4/V6
Reported In Release: FI 07.4.00
Service Request ID: 1144016

IronWare Software Release R07.3.00p

Page 63 of 113

Defect ID: DEFECT000454619
Technical Severity: Medium
Summary: When loop-detection and 802.1x Authentication are enabled on the same interface, a Layer2 loop is
not detected.
Symptom: When 802.1x is enabled on ports of a VLAN configured with loop-detection, and a physical Layer2
loop exists, the loop is not detected and high CPU utilization results.
Workaround: Configure "dot1x port-control force-authorized" where the Layer2 loop is formed.
Probability: Low
Feature: FI - L4/Security
Function: 802.1x
Reported In Release: FI 07.3.00
Service Request ID: 1136072
Defect ID: DEFECT000455824
Technical Severity: Medium
Summary: On FESXv6 devices, output for the "show optic" command is not correctly displayed.
Symptom: FESXv6 devices return "N/A" in the "show optic " output if the command is executed
before executing the "show media" command.
Probability: High
Risk of Fix: Low
Feature: Platform
Function: Digital Optical Monitoring
Reported In Release: FI 07.4.00
Service Request ID: 1167129
Defect ID: DEFECT000456995
Technical Severity: Medium
Summary: LACP LAG does not get restored after line protocol changes from down to up.
Symptom: After restoring one of the two links in a two-port LAG, the LAG stays down indefinitely.
Probability: Medium
Risk of Fix: Medium
Feature: FI L2 control
Function: LACP
Reported In Release: FI 07.4.00
Service Request ID: 1157272
Defect ID: DEFECT000457367
Technical Severity: Medium
Summary: When DCHP snooping is enabled, DHCP Discover packets are only forwarded to the helper address,
but are not broadcast within the local VLAN.
Symptom: If DHCP Snooping is enabled on a VLAN which has an IP Helper Address configured, when a client
sends a DHCP Discover packet, the packet should be broadcast within the incoming VLAN but is not.
Probability: High
Feature: FCX Layer 3 Forwarding - IPV4
Function: Data Forwarding (IPV4)
Reported In Release: FI 07.3.00
Service Request ID: 1153147
Defect ID: DEFECT000460102
Technical Severity: High
Summary: FCX incorrectly allows an unsupported "1000-full-slave" configuration on its fiber ports.
Symptom: Configuring "1000-full-slave" on an FCX fiber port results in FCS errors on the link partner and
collisions on the local port.
Probability: High
Feature: FI Platform
Function: OPTICS
Reported In Release: FI 07.3.00
Service Request ID: 1168139
Defect ID: DEFECT000460514
Technical Severity: Medium
High
CPU
spikes
when
optical-monitoring
configured.
Summary:
Symptom: High CPU Spikes with Optical Monitoring configured on 7.300e Router Code.
Workaround: Remove optical-monitor and no high CPU Spikes.
Probability: High
Feature: FI Platform Specific features
Function: Digital Optical Monitor
Reported In Release: FI 07.3.00
Service Request ID: 1170303

IronWare Software Release R07.3.00p

Page 64 of 113

Defect ID: DEFECT000462469
Technical Severity: Medium
Summary: Disabling SNMP traps for link-down/link-up also disables Syslog messages for interface down/up
events.
Symptom: Issuing "no snmp-server enable traps " prevents the generation of Syslog
messages when an interface goes down or comes up.
Probability: High
Risk of Fix: Medium
Feature: FCX Management Functionality
Function: CLI and parser
Reported In Release: FI 07.2.02
Service Request ID: 1187496
Defect ID: DEFECT000464240
Technical Severity: High
Summary: IP Helper Address stops working after DHCP Server feature is enabled and disabled.
Symptom: DHCP client broadcast requests are not forwarded to the IP Helper Address after enabling and
disabling DHCP Server on the device.
Workaround: Re-enable DHCP Server, even if not using the switch for that purpose.
Probability: Medium
Feature: FCX L2 Forwarding
Function: DHCP assist
Reported In Release: FI 07.3.00
Service Request ID: 1179152
Defect ID: DEFECT000464627
Technical Severity: High
Summary: CPU Memory Leak may be observed when IP DHCP Server is enabled.
Symptom: If DHCP Server is configured on the FI device without a DHCP Scope, a slow CPU memory leak may
be observed.
Workaround: Ensure DHCP Scope on external DHCP Server is correctly configured.
Probability: Low
Feature: FI Embedded Management
Function: DHCP
Reported In Release: FI 07.3.00
Service Request ID: 1179149
Defect ID: DEFECT000464738
Technical Severity: Medium
Summary: Designated Protect feature in Spanning Tree.
Symptom: New feature support: 802.1d/802.1w Designated Protect (or Designated Guard).
Probability: Low
Feature: FI L2
Function: Control Plane - xSTP/PVST+/PVRST+
Reported In Release: FI 07.3.00
Service Request ID: 1168139
Defect ID: DEFECT000464973
Technical Severity: Medium
Summary: Issuing "show media slot " causes sending and receiving of VRRP-E Hello packets to stop for
longer than three seconds, leading to VRRP-E status flaps.
Symptom: VRRP-E master/backup flaps and Duplicate IP Address messages are seen when "show media slot 1"
is executed on either ICX6650 in a VRRP-E hot standby pair.
Workaround: Use "show media" and "show media ethernet" instead of "show media slot ".
Probability: High
Risk of Fix: Low
Feature: Optics
Function: OPTICS
Reported In Release: FI 07.5.00
Service Request ID: 1186282

IronWare Software Release R07.3.00p

Page 65 of 113

Defect ID: DEFECT000465359
Technical Severity: High
Summary: Enabling IGMP Snooping on Switch image may stop ARP Request packets from being processed.
Symptom: On an SX system running Switch image with only Gen3 line modules, enabling "ip multicast passive"
may prevent ARP Request packets from reaching the CPU for processing. Hence, connectivity to hosts
is lost. This does not happen on Router image or on systems which have at least one older generation
line module.
Probability: High
Feature: SX L2/L3 Multicast Features
Function: IGMP snooping and variants
Reported In Release: FI 07.3.00
Service Request ID: 1152821
Defect ID: DEFECT000466801
Technical Severity: High
Summary: In OSPFv2, FI device's native Router-LSA gets replaced when a fake LSA is sent from a malicious
router which uses an LS ID equivalent to the FI device's router-id.
Symptom: In OSPFv2, FI device's native Router-LSA gets replaced when a fake LSA is sent from a malicious
router which uses an LS ID equivalent to the FI device's router-id.
Probability: High
Risk of Fix: Medium
Layer3
Control
Protocols
Feature:
Function: OSPFV2 - IPV4
Reported In Release: FI 07.4.00
Defect ID: DEFECT000467796
Technical Severity: Medium
Summary: SX-FI-8XG line card improperly evaluates ACL for switched traffic within a VLAN.
Symptom: When an ACL is configured on a VE interface, it gets applied to switched traffic within the VLAN as
well, whereas it is expected to be applied only on routed traffic.
Probability: High
Feature: FI - L4/Security
Function: IPV4 ACLs - SX
Reported In Release: FI 07.3.00
Service Request ID: 1198247
Defect ID: DEFECT000467837
Technical Severity: Medium
Summary: Source IPv6 address for Router Advertisement should be the Link Local Address and not the VRRP
Address.
Symptom: The VRRP Address is used as the Source IPv6 Address in Router Advertisements, whereas only the
Link Local Address should be used for this purpose.
Probability: High
Feature: FI L3 Unicast
Function: Control Plane - VRRPv3 for IPv6
Reported In Release: FI 07.3.00
Service Request ID: 1191608
Defect ID: DEFECT000468598
Technical Severity: Medium
Summary: Incorrect system up-time reported by SNMP when NTP is configured.
Symptom: Incorrect sysUpTime reported by SNMP "get" or "walk" when NTP is configured. However, the
"show version" output displays the correct up-time.
Workaround: Use SNTP instead of NTP.
Probability: High
Feature: FCX Network Management
Function: SNMP V4/V6
Reported In Release: FI 07.3.00
Service Request ID: 1189278

IronWare Software Release R07.3.00p

Page 66 of 113

Defect ID: DEFECT000468812
Technical Severity: Medium
Summary: ACL rules with IP Forward-Protocol are not installed properly in TCAM on TI-24x.
Symptom: TCAM rule for UDP port 177 that is added by the command “ip forward-protocol udp 177” gets
removed when configuring a different "no ip forward-protocol udp ".
Workaround: Configure an additional dummy "ip forward-protocol udp ".
Probability: High
Feature: FI ACL
Function: ACL(all aspects of ACLs - IPV4)
Reported In Release: FI 07.3.00
Service Request ID: 1092630
Defect ID: DEFECT000469631
Technical Severity: High
Summary: MAC Table flush in a fully populated chassis can cause STP flaps.
Symptom: When an 802.1d enabled port flaps, it leads to a flush of the MAC Table, creating a high CPU
condition lasting for up to a minute which then causes other protocols to flap as well.
Probability: Low
Feature: FCX L2 Control
Function: SpanningTree Protocols
Reported In Release: FI 07.3.00
Service Request ID: 1157674
Defect ID: DEFECT000469670
Technical Severity: Medium
Summary: ICX6610 incorrectly uses interface MAC as the Source MAC address in VRRP-E Gratuitous ARP
packets.
Symptom: VRRP-E Gratuitous ARP packets are sent with Interface MAC as the Source MAC Address, whereas
they should use the VRRP-E Virtual MAC Address.
Probability: High
Risk of Fix: Low
Layer3
Control
Protocols
Feature:
Function: VRRP/VRRP-E and slow-start timerVRRP-E timer scale
Reported In Release: FI 07.4.00
Service Request ID: 1206999
Defect ID: DEFECT000470072
Technical Severity: Medium
Summary: If the AES encryption string in SNMPv3 user configuration begins with 00, it is not retained across
reloads.
Symptom: In SNMPv3, if the AES encrypted string that is based on SNMP Engine ID and user supplied key gets
generated such that its first two characters are "00", the string does not get read properly when a reboot
or switchover occurs.
Probability: Low
Risk of Fix: Medium
Feature: FI Embedded Management
Function: SNMP v1/v2/v3
Reported In Release: FI 07.4.00
Service Request ID: 1208892
Defect ID: DEFECT000470501
Technical Severity: Medium
Summary: Packet InError Detection feature.
Symptom: Feature to allow a user configurable InError threshold on a port, which when exceeded puts the port
into Error-disabled state for a user configured period of time.
Probability: Low
Feature: FI L2
Function: Control Plane -Other
Reported In Release: FI 07.3.00
Service Request ID: 1168139

IronWare Software Release R07.3.00p

Page 67 of 113

Defect ID: DEFECT000471789
Technical Severity: Critical
Summary: DHCP Offer packets can cause a system reset when received on a VE interface.
Symptom: In rare instances, DHCP Offer packets that are received on a VE interface can overwrite the IPv6
default route entry, leading to a system reset.
Probability: Low
Risk of Fix: Low
Feature: FI Embedded Management
Function: DHCP
Reported In Release: FI 07.5.00
Service Request ID: 1213962
Defect ID: DEFECT000473426
Technical Severity: High
Summary: Continuous SCP copy of application image on ICX6610 stack results in an empty flash on the Active
Unit.
Symptom: When continuously copying an application image to the secondary flash partition, the secondary flash
partition becomes empty on the Active Unit and can eventually lead to a system reset.
Probability: Medium
Feature: FI Platform
Function: Boot code/Flash/Kernel
Reported In Release: FI 07.3.00
Service Request ID: 1206553
Defect ID: DEFECT000473539
Technical Severity: Medium
Summary: "admin-pt2pt-mac" configuration automatically gets added at VLAN level after a system reload.
Symptom: If "spanning-tree 802 admin-pt2pt-mac" command is added at interface configuration level and saved
to the configuration, upon reloading the system, "spanning-tree 802-1w ethe  admin-pt2ptmac" appears at the VLAN configuration level.
Probability: High
Feature: FCX L2 Control
Function: 802.1w
Reported In Release: FI 07.3.00
Service Request ID: 1222349

Closed Defects in IronWare Software Release 07.3.00f
Defect ID: DEFECT000383772
Technical Severity: Medium
Summary: System may display a syslog message about route allocation failures even though resources are
available.
Symptom: The following syslog message is generated: "SYSLOG: <14>Jan 6 16:25:35 ICX6450 IP: number of
free route entries allocation failed!"
Probability: Low
Risk of Fix: Low
Feature: Layer 3 Forwarding - IPV4
Function: Data Forwarding (IPV4)
Reported In Release: FI 07.4.00
Service Request ID: 1102772
Defect ID: DEFECT000400311
Technical Severity: High
Summary: "dot1x auth-timeout-action" command does not differentiate between success and failure
configurations
Symptom: Even when "dot1x auth-timeout-action failure" command is configured to move the port to the
restricted VLAN, on failure, the port is instead moved to the native VLAN that is configured as part of
the "dot1x auth-timeout-action success" configuration.
Probability: Medium
Risk of Fix: Low
Feature: FI - L4/Security
Function: 802.1x
FI
07.5.00
Reported In Release:
Service Request ID: 1104525

IronWare Software Release R07.3.00p

Page 68 of 113

Defect ID: DEFECT000426210
Technical Severity: Medium
Summary: Issuing any "dm" command when TACACS+ is configured makes the CLI unresponsive until the
carriage return is pressed
Symptom: Issuing any "dm" command when TACACS+ is configured makes the CLI unresponsive until the
carriage return is pressed, and may cause problems with scripted data collection.
Probability: High
Risk of Fix: Medium
Feature: FI Embedded Management
Function: CLI Parser
Reported In Release: FI 07.4.00
Service Request ID: 1101096
Defect ID: DEFECT000428691
Technical Severity: Medium
Summary: Command "ip forward-protocol udp 177" does not take effect
Symptom: Application traffic with all-router broadcast packets sent to UDP Port 177 are dropped even when "ip
forward-protocol udp 177" is configured.
Probability: High
Feature: TI Layer 3 Forwarding - IPV4
Function: Data Forwarding (IPV4)
Reported In Release: FI 07.3.00
Service Request ID: 1092630
Defect ID: DEFECT000430373
Technical Severity: Critical
Summary: Repeatedly configuring/unconfiguring Port Mac Security may lead to an unexpected System Reset
Symptom: Unexpected System Reset may be observed upon repeatedly configuring/unconfiguring Port Mac
Security.
Probability: High
Risk of Fix: Low
Feature: FI L2
Function: Forwarding - Port Mac Security
FI
08.0.00
Reported In Release:
Service Request ID: 1119122
Defect ID: DEFECT000431548
Technical Severity: High
Summary: ACL programming in hardware may become inconsistent with software if ACLs are removed and
added to the running configuration via TFTP
Symptom: After an ACL associated with PBR configuration is removed and added to the running configuration
via TFTP, the PBR functionality may no longer work as expected.
Workaround: Do not add/remove ACL to the running configuration via TFTP, and instead do it through CLI.
Probability: Medium
Feature: FI ACL
Function: ACL(all aspects of ACLs - IPV4)
Reported In Release: FI 07.3.00
Service Request ID: 1051833
Defect ID: DEFECT000432681
Technical Severity: High
Summary: Configured IPv6 address gets deleted when the address learned from Router Advertisements expires
Symptom: When the lifetime of an IPv6 address that is auto-learned through Router Advertisements expires, then
the configured address gets deleted along with the auto-learned address.
Workaround: Reboot the device. It will recover and the configured address will take effect from the
configuration.
Probability: High
Feature: FCX Layer 3 Forwarding - IPV6
Function: ECMP (IPV6)
Reported In Release: FI 07.3.00
Service Request ID: 1111827

IronWare Software Release R07.3.00p

Page 69 of 113

Defect ID: DEFECT000433237
Technical Severity: High
Summary: SNMP ifOperStatus reports ports in Blocking state as down even though the ports are physically and
administratively up
Symptom: FWS is incorrectly reporting the ifOperStatus as down(2), when the port is in blocking state but is
administratively and operationally up.
Probability: Medium
Risk of Fix: Low
Feature: FI Embedded Management
Function: SNMP v1/v2/v3
Reported In Release: FI 07.4.00
Service Request ID: 1115243
Defect ID: DEFECT000438420
Technical Severity: Medium
Summary: Interface level negotiation mode configuration may not work correctly
Symptom: In case global level negotiation configuration is deleted, interface level negotiation configuration may
not take effect.
Workaround: Configure interface level negotiation mode again.
Probability: Medium
Risk of Fix: Low
Feature: FCX Layer1 features
Function: Auto Negotiation
Reported In Release: FI 07.2.02
Service Request ID: 1131822
Defect ID: DEFECT000444065
Technical Severity: High
Summary: In rare cases, one of the stack links of a member unit may get administratively disabled even though
the link is up, causing CPU to CPU communication between other units in the stack to become onedirectional
Symptom: The output of "show stack connection" will display a warning about a missing stacking link and many
errors about one directional CPU to CPU messages, even though all stacking links are physically up.
Probability: Low
Risk of Fix: Low
Feature: FI Infrastructure
Function: stacking port trunking
Reported In Release: FI 07.4.00
Service Request ID: 1148013
Defect ID: DEFECT000446797
Technical Severity: Medium
Summary: Loading the FastIron Router MIB file into HP OpenVIew version NNMi 9.2 Patch fails with syntax
error
Symptom: When attempting to load the FastIron Router MIB file into HP OpenVIew version NNMi 9.2 Patch,
the operation fails with the following syntax errors:
"Operation LoadMib failed"
"Failed to load MIB modules from ..."
"Problems were reported during parsing, unable to load requested MIBs"
Probability: Low
Feature: FCX Network Management
Function: INM Support
FI
07.3.00
Reported In Release:
Service Request ID: 1129553
Defect ID: DEFECT000447482
Technical Severity: Medium
Summary: Temperature warning level can be configured to a higher value than the system shutdown temperature
Symptom: The warning temperature setting, that is configurable via the CLI, can be set to a higher value than the
actual system shutdown temperature level, in which case no warning is triggered.
Probability: High
Risk of Fix: Low
Feature: Platform
Function: CHASSIS
Reported In Release: FI 08.0.00
Service Request ID: 1148013

IronWare Software Release R07.3.00p

Page 70 of 113

Defect ID: DEFECT000448413
Technical Severity: Medium
Summary: During bootup, a few characters at the start of syslog messages may be omitted
Symptom: When the FastIron device is reloaded, some of the initial characters are omitted for the first few Syslog
messages. After some period of time, the messages are generated correctly.
Probability: Medium
Feature: FI Embedded Management
Function: SYSLOG
Reported In Release: FI 07.3.00
Service Request ID: 1135927
Defect ID: DEFECT000448726
Technical Severity: Medium
Summary: SSH session establishment may trigger VRRP state changes
Symptom: Upon initiating an SSH session to the FastIron device, the CPU may become unresponsive and trigger
VRRP/VRRP-E state changes.
Workaround: Use "Diffie-Hellman_group1” protocol for SSH Key Exchange.
Probability: Medium
Feature: SX Network Management
Function: SSHv2/SCP V4/V6
Reported In Release: FI 07.3.00
Service Request ID: 1148834
Defect ID: DEFECT000449453
Technical Severity: High
Summary: Multi-session inband SNMP bulk walk on the MAC table causes LACP timers to expire and leads to a
link flap
Symptom: On ICX6610, two or more simultaneous in-band SNMP bulk walks on the MAC table may cause
LACPDU's to not be sent out on time, thereby triggering a timeout and flap by the link partner.
Probability: High
Feature: FI L2
Function: Control Plane - LACP
Reported In Release: FI 07.3.00
Service Request ID: 1131590
Defect ID: DEFECT000450766
Technical Severity: Medium
Summary: Disabling sFlow at a global configuration level can cause high CPU usage
Symptom: When sFlow is disabled at a global CLI configuration level, the CPU utilization may go up to 99%.
Workaround: Correct the port setting for sFlow usage by entering "sflow enable" and then "no sflow enable" at
the global CLI configuration level.
Probability: Low
Feature: SX Network Management
Function: sFlow
Reported In Release: FI 07.3.00
Service Request ID: 1129051
Defect ID: DEFECT000451637
Technical Severity: Medium
Summary: Configuring sFlow may cause the FastIron device to experience an unexpected system reset
Symptom: In very rare situations, configuring sFlow may cause the FastIron device to experience an unexpected
system reset.
Probability: Low
Feature: FCX Network Management
Function: sFlow
Reported In Release: FI 07.3.00
Service Request ID: 1154139
Defect ID: DEFECT000457368
Technical Severity: High
Summary: Incorrect initialization of the downstream interface table may cause multicast congestion drops in a
chassis with mixed generation line cards.
Symptom: In very rare cases, multicast congestion drops are seen on a third generation module in a mixed SX
chassis, and multicast/broadcast packets will stop being transmitted on the ports of this module.
Probability: Low
Feature: SX L2/L3 Multicast Features
Function: PIM Sparse
Reported In Release: FI 07.3.00
Service Request ID: 1113516

IronWare Software Release R07.3.00p

Page 71 of 113

Defect ID: DEFECT000457828
Technical Severity: Medium
Summary: In some cases, SX-1600 may not boot up when 48-port 1 Gig copper modules are present in the
system.
Symptom: If 48-port 1Gig copper modules are present, SX chassis does not complete the boot process. In this
error condition, the following error messages are displayed on the console:
"qdLoadDriver return Failed
QuarterDeck initialization failed.
qdMultiDevStart Failed for Dev 20, Port 0
ERROR[puma_phy_init]: init_6165_interfaces returned 1
sx_1g_puma_init() failed
[Error] :: Hw-validation-failure : read/write failed on line-module 11, powering it off "
Probability: Medium
Risk of Fix: Low
Feature: Platform
Function: System
Reported In Release: FI 07.4.00
Service Request ID: 1169079

Closed Defects in IronWare Software Release 07.3.00e
Defect ID: DEFECT000296833
Technical Severity: Medium
Summary: Device will close down a Telnet management session as soon as it receives a FIN even if output is
pending.
Symptom: Device will close down a Telnet management session as soon as it receives a FIN even if output is
pending.
Probability: High
Risk of Fix: Medium
Feature: FCX Management Functionality
Function: IPV4/V6 Telnet Service
Reported In Release: FI 07.0.01
Service Request ID: 246740
Defect ID: DEFECT000351893
Technical Severity: High
Summary: Memory usage steadily increases every time a Web Authentication client logs in and logs out using
HTTPS.
Symptom: Memory is constantly depleted every time a Web Authentication client logs in and logs out using
HTTPS.
Workaround: Reboot the device.
Probability: High
Feature: FI - L4/Security
Function: Web Authentication
Reported In Release: FI 07.3.00
Service Request ID: 700759
Defect ID: DEFECT000369470
Technical Severity: High
Summary: Digital Monitoring support in 1G SFP may not function and may display incorrect information with
stacking configuration
Symptom: Digital Monitoring support in 1G SFP may not function and may display incorrect information with
stacking configuration
Probability: Low
Feature: FI Platform
Function: Digital Optical Monitor
Reported In Release: FI 07.3.00
Service Request ID: 1104973

IronWare Software Release R07.3.00p

Page 72 of 113

Defect ID: DEFECT000376464
Technical Severity: Medium
Summary: Ports are Up without having a physical connection on port in ICX-6610
Symptom: Ports are Up without having a physical connection on it in ICX-6610. LEDs are also blinking.
Probability: High
Feature: FI Platform
Function: 1G Link
Reported In Release: FI 07.3.00
Service Request ID: 826357
Defect ID: DEFECT000399851
Technical Severity: Critical
Summary: CLI may encounter unexpected system reset when VLANs - for a large number of ports are being
managed using the Web Management Interface
Symptom: CLI may encounter unexpected system reset when VLANs - for a large number of ports are managed
using the Web Management Interface.
Probability: Medium
Feature: SX Network Management
Function: Web Management
Reported In Release: FI 07.3.00
Service Request ID: ,754515
Defect ID: DEFECT000408284
Technical Severity: Medium
Some
OpenSSH
versions
are
incompatible
with
the FastIron devices when using SCP.
Summary:
Symptom: FCX Devices may not be able to perform secure shell (SSH) login or secure copy (SCP) from client
running OpenSSH v5.5.p1 version. Previous versions work properly.
Workaround: Use an earlier version of OpenSSH.
Probability: High
Risk of Fix: Low
Feature: FCX Network Management
Function: SSHv2/SCP V4/V6
Reported In Release: FI 07.2.02
Service Request ID: 604551
Defect ID: DEFECT000408747
Technical Severity: Medium
Summary: DHCP server not giving IP addresses to some hosts.
Symptom: SX device running DHCP server may not offer IP addresses to hosts when moved from one subnet to
other.
Probability: Medium
Feature: SX DHCP SERVER
Function: DHCP
Reported In Release: FI 07.3.00
Service Request ID: 1084792, 1085652
Defect ID: DEFECT000415140
Technical Severity: Medium
Summary: DHCP server does not allocate addresses for all hosts within defined address pools.
Symptom: Some host DHCP requests will fail, while others will work on the same VLAN.
Probability: High
Risk of Fix: Medium
Feature: Platform
Function: System
Reported In Release: FI 07.4.00
Service Request ID: 1061154
Defect ID: DEFECT000415181
Technical Severity: Medium
Summary: Multicast Packets are duplicated to 224.0.0.x across ICX6610 layer 2
Symptom: Multicast Packets are duplicated to 224.0.0.x across ICX6610 layer 2
Probability: High
Risk of Fix: Medium
Feature: L2 Forwarding
Function: Other
Reported In Release: FI 07.4.00
Service Request ID: 737715

IronWare Software Release R07.3.00p

Page 73 of 113

Defect ID: DEFECT000419248
Technical Severity: Medium
Summary: Spanning tree blocked port forwarding ARP broadcasts.
Symptom: In SX device, enabling a redundant link in a VLAN may occasionally cause loop in the network.
Probability: Medium
Risk of Fix: Medium
Feature: SX L2 Control
Function: SpanningTree Protocols
Reported In Release: FI 07.2.02
Service Request ID: 841043
Defect ID: DEFECT000419899
Technical Severity: Medium
Summary: Erroneous Syslog messages reporting functioning FCX power supply units going down and coming up
immediately are generated due to signal noise level.
Symptom: Erroneous and cosmetic Syslog messages about a Power Supply Unit being powered down and up are
displayed continuously even though the PSU functions correctly and provides uninterrupted AC power
to the switch/router.
Probability: Medium
Risk of Fix: Low
Feature: FI Platform Specific features
Function: Chassis/fan/powersupplies/temperature
sensors
Reported In Release: FI 07.2.02
Service Request ID: 1080157
Defect ID: DEFECT000422319
Technical Severity: Medium
Summary: "ip tcp keepalive" command doesn't work for IPv6
Symptom: "ip tcp keepalive" command for IPv6 may not work and configuration may not show in running
configuration
Probability: High
Risk of Fix: Medium
Feature: FCX Layer 3 Forwarding - IPV6
Function: Data Forwarding (IPV6)
Reported In Release: FI 07.2.02
Service Request ID: 1085918
Defect ID: DEFECT000422811
Technical Severity: Medium
Summary: Stack ID swapped when Ring Stack changed to Linear Stack due to port related issue
Symptom: Stack ID could be swapped when Ring stack changed to Linear stack due to port related issues.
Workaround: Make the units to be clean units by "unconfigure clean" and then allow the units to join the stack
again.
Probability: Medium
Feature: FI Infrastructure
Function: stacking undetermined
Reported In Release: FI 07.3.00
Service Request ID: 1091448
Defect ID: DEFECT000423085
Technical Severity: Medium
Summary: PoE on SX can get stuck due to power glitch. Device is not providing inline power and may show
incorrect information.
Symptom: SX device may stop providing power to PDs such as access points and IP phones. PoE module is
showing incorrect inline power allocation, even when no PD is attached.
Workaround: Re-install the PoE firmware on the PoE controller, or RMA the affected unit if firmware
installation is not successful.
Medium
Probability:
Risk of Fix: Medium
Feature: POE FW upgrade
Function: POE FW upgrade
Reported In Release: FI 07.2.02
Service Request ID: 760185

IronWare Software Release R07.3.00p

Page 74 of 113

Defect ID: DEFECT000423234
Technical Severity: High
Summary: Stack encounters unexpected system reset after VLAN configuration using the Web Management
Interface.
Symptom: Stack encounters unexpected system reset after VLAN configuration using the Web Management
Interface.
Probability: Medium
Feature: FI Embedded Management
Function: Web Management
Reported In Release: FI 07.3.00
Service Request ID: 754515
Defect ID: DEFECT000425786
Technical Severity: Medium
Summary: IEEE PD class 0 default power allocation should be set to 15.4 Watts instead of 30 Watts
Symptom: Due to incorrect power allocation of IEEE PD class 0 by switch, customer suffers from power budget
issue. To supply enough inline power for all the PDs in use, customer may require manual
configuration on all switches to trim the power budget.
Workaround: Use CLI command to configure for "inline power power-limit 15400"
Probability: High
Feature: Power over Ethernet
Function: Power over Ethernet
Reported In Release: FI 07.3.00
Service Request ID: 1090929
Defect ID: DEFECT000425958
Technical Severity: Medium
Summary: Switch encounters unexpected system reset after executing 'ip dhcp snooping vlan x' command
Symptom: Switch may encounter unexpected system reset after executing 'ip dhcp snooping vlan' command in
SX.
Probability: High
Risk of Fix: Medium
Feature: FI ACL
Function: DHCP Snooping functionality
Reported In Release: FI 07.4.00
Service Request ID: 1060660, 1042423
Defect ID: DEFECT000426653
Technical Severity: Medium
Summary: Switch encounter unexpectedly system reset when a loopback interface is enabled.
Symptom: Switch may encounter unexpectedly system reset when a loopback interface is enabled in ICX-6610.
Workaround: Remove static route pointing to ve interface.
Probability: High
Risk of Fix: Low
Feature: Layer3 Control Protocols
Function: OSPFV2 - IPV4
Reported In Release: FI 07.4.00
Service Request ID: 1097908
Defect ID: DEFECT000427550
Technical Severity: Medium
Summary: VRRP Standby may encounter port flap with multiple VLANs and VRIDs configuration.
Symptom: Intermittent flaps on the VRRP standby may occur for multiple VRIDs in multiple VLANs
configuration. Flap occurs only on the VRRP Standby and not on the VRRP Owner.
Probability: Medium
Feature: Layer3 Control Protocols
Function: VRRP/VRRP-E and slow-start timerVRRP-E timer scale
Reported In Release: FI 07.3.00
Service Request ID: 1101971
Defect ID: DEFECT000428520
Technical Severity: Medium
Summary: Packet loss on SX module SX-FI-24GPP due to multicast congestion
Symptom: Packet loss may occur on SX-FI-24GPP modules due to multicast packet congestion
Probability: Low
Feature: Platform
Function: System
Reported In Release: FI 07.4.00
Service Request ID: 737265

IronWare Software Release R07.3.00p

Page 75 of 113

Defect ID: DEFECT000429808
Technical Severity: Medium
Summary: SX switch may encounter unexpected system reset during processing CPU packets.
Symptom: SX1600 encountered a system reset with no apparent reason. The unexpected system reset may occur
during processing CPU packets.
Probability: Medium
Feature: FI Infrastructure
Function: Packet Scheduling/Marking/Buffering
Reported In Release: FI 07.3.00
Service Request ID: 1077158

Closed Defects in IronWare Software Release 07.3.00d
Defect ID: DEFECT000333939
Technical Severity: Medium
Summary: Access-list to permit/deny ICMP with certain types doesn't work
Symptom: Access list does not honor different types of ICMP packets in transit traffic if the access-list also
contains filters for TCP ports. All ICMP types will be permitted or denied.
Workaround: Do not apply filter with TCP ports in addition to ICMP types.
Probability: Low
Risk of Fix: Low
Feature: SX ACL
Function: ACL(all aspects of ACLs - IPV4)
Reported In Release: FI 07.2.00
Service Request ID: 514363
Defect ID: DEFECT000347917
Technical Severity: Medium
Summary: FCX device does not forward ARP broadcast packets when raw packet debugging is enabled
Symptom: When "dm raw" is enabled, ARP broadcast packets stop being flooded in the VLAN.
Workaround: Turn off "dm raw".
Probability: Medium
Risk of Fix: Low
Feature: FCX Layer 3 Forwarding - IPV4
Function: Data Forwarding (IPV4)
Reported In Release: FI 07.2.02
Service Request ID: 266738
Defect ID: DEFECT000358890
Technical Severity: Critical
Summary: SX1600 may reset when launching an SSHv2 session after a hitless reload.
Symptom: SX1600 may reset when launching an SSHv2 session after a hitless reload.
Probability: High
Feature: FI Embedded Management
Function: SSHV2/SCP
Reported In Release: FI 07.3.00
Service Request ID: 728893
Defect ID: DEFECT000380312
Technical Severity: Medium
Summary: Unexpected reset may occur when a dm command is issued in a VLAN that contains no ports.
Symptom: Debug CLI command "dm 802-1w bridge vlan " may cause an unexpected reset of the device.
Workaround: Add ports to the VLAN. Do not run the command.
Probability: High
Feature: FI Debug support
Function: dm commands - L2
Reported In Release: FI 07.3.00
Service Request ID: 689965

IronWare Software Release R07.3.00p

Page 76 of 113

Defect ID: DEFECT000391531
Technical Severity: Medium
Summary: TI-When a copper SFP is moved from port 1 to 2 and back to 1, the link does not come up and
requires a reload.
Symptom: When a copper SFP is moved from port 1 to 2 and back to 1, the link does not come up and requires a
reload. The same does not happen in 4200d code
Workaround: If issue is seen, bouncing the port fixes the problem – unlike in 7.3.00c where we had to do a
reload to recover.
Probability: High
Feature: Optics
Function: OPTICS
Reported In Release: FI 07.3.00
Service Request ID: 711623
Defect ID: DEFECT000391791
Technical Severity: Medium
Summary: If the same VSRP VRID is used in multiple VLANs, then changes made under one VLAN can affect a
different VLAN with the same VSRP VRID.
Symptom: If the same VSRP VRID is used in multiple VLANs, then changes made under one VLAN can affect a
different VLAN with the same VSRP VRID.
Probability: Medium
Risk of Fix: Low
Feature: FCX L2 Control
Function: VSRP(master and aware)
Reported In Release: FI 07.2.02
Service Request ID: 713975
Defect ID: DEFECT000392987
Technical Severity: High
Summary: When saving the running configuration, the system may disconnect the SSH session unexpectedly
Symptom: “Bad packet length 4171188320” is seen when "write mem" command is issued over SSH and the
client is then disconnected.
Probability: Low
Risk of Fix: High
Feature: FCX Management Functionality
Function: IPv4/V6 SSH Service
Reported In Release: FI 07.2.00
Service Request ID: 712399
Defect ID: DEFECT000396100
Technical Severity: Medium
Summary: Switch with no IPv4 address configured generates ARP packets incorrectly when both a Management
VLAN and Uplink Switch are configured.
Symptom: Switch with no IPv4 address configured generates ARP packets with Source Address 0.0.0.0 for
directed broadcast traffic when both a Management VLAN and Uplink Switch are configured.
Probability: High
Risk of Fix: Medium
Feature: SX Layer 3 Forwarding - IPV4
Function: Data Forwarding (IPV4)
Reported In Release: FI 07.2.02
Service Request ID: 722675
Defect ID: DEFECT000396545
Technical Severity: Medium
Summary: Aggregate VLAN Q-in-Q supports frame sizes of up to 1522 bytes only
Symptom: With Q-in-Q configured, frame sizes of up to 1522 bytes are supported instead of the expected 1530
bytes. Frames larger than 1522 bytes are dropped.
Workaround: Configure for switch to support Jumbo frame.
Probability: High
Risk of Fix: Low
Feature: FCX L2 Forwarding
Function: Q-in-Q
Reported In Release: FI 07.2.02
Service Request ID: 715413

IronWare Software Release R07.3.00p

Page 77 of 113

Defect ID: DEFECT000397916
Technical Severity: Medium
Summary: Configuring more than 4000 VLANs causes flash to run out of space.
Symptom: After making configuration changes, the “write memory” and “show run” commands do not work.
Below messages are displayed
BRCD6650-64 Switch(config)#wr mem
Configuration data is too big!------------------------------------------>
Running-config to startup-config abort.
BRCD6650-64 Switch(config)#sh run
please trim your configuration---------------------------------------------------------->
Risk of Fix: Medium
Feature: FI Embedded Management
Function: Telnet/SSH/SCP
Reported In Release: FI 07.5.00
Service Request ID: 761061
Defect ID: DEFECT000398232
Technical Severity: High
Summary: When RSTP cost and edge port are set on a port outside the VLAN via Web Management Interface, an
unexpected reset may be seen.
Symptom: When using the Web Management Interface to set RSTP cost and edge port on a port that is not
currently a member of the chosen VLAN, an unexpected reset may be seen.
Probability: Low
Feature: FI Embedded Management
Function: Web Management
Reported In Release: FI 07.3.00
Service Request ID: 723983
Defect ID: DEFECT000399298
Technical Severity: Medium
Summary: IP Cache display shows incorrect VLAN IDs for some entries.
Symptom: In rare cases, the output of the "show ip cache" command displays IP Address entries with incorrect
VLAN IDs.
Workaround: NO
Probability: Low
Risk of Fix: Medium
Feature: FCX Layer 3 Forwarding - IPV4
Function: Data Forwarding (IPV4)
Reported In Release: FI 07.2.02
Service Request ID: 683131
Defect ID: DEFECT000400064
Technical Severity: Medium
ARP
packets
embedded
within
Q-in-Q
is
not
forwarded
by ICX.
Summary:
Symptom: ARP packets embedded within Q-in-Q packet is not forwarded by ICX.
Probability: High
Feature: FCX L2 Forwarding
Function: Q-in-Q
Reported In Release: FI 07.3.00
Service Request ID: 728101, 716155

IronWare Software Release R07.3.00p

Page 78 of 113

Defect ID: DEFECT000400929
Technical Severity: Medium
Summary: TurboIron does not forward traffic on all ports upon receiving too many Pause frames
Symptom: TurboIron does not forward traffic on all ports upon receiving too many Pause frames
Workaround: The TurboIron buffer allocation is based on robust tuning; therefore, the default buffer allocation
should not be changed.
As a workaround, set the port to use minimum egress buffers by configuring the "egress-bufferthreshold min" command when a port is enabled to honor or transmit pause frames.
An example configuration for Ethernet interfaces 2 and 10 are as follows;
TX24 Switch(config)# no enable egress-buffer-default
TX24 Switch(config)#int e 2 e 10
TX24 Switch(config-mif-2,10)#egress-buffer-threshold min
Probability: Medium
Feature: TI Layer 3 Forwarding - IPV4
Function: Data Forwarding (IPV4)
Reported In Release: FI 07.3.00
Service Request ID: 730677
Defect ID: DEFECT000400942
Technical Severity: Medium
Summary: Switch sends incorrect IPv4 format of SSH client address to the console.
Symptom: SSH client IP address is not printed on the console, and if it is printed, the format appears to be in
IPv6 format with "::".
This is a cosmetic error seen in console syslog message..
Probability: High
Feature: CHOW Layer 3 Forwarding - IPV4
Function: Data Forwarding (IPV4)
Reported In Release: FI 07.3.00
Service Request ID: 732281
Defect ID: DEFECT000401082
Technical Severity: High
Summary: Cannot communicate with tagged promiscuous port on primary VLAN from isolated VLAN over
PVLAN-trunk.
Symptom: When the promiscuous port in the primary VLAN is tagged, an ARP request may be forwarded with
an incorrect VLAN tag.
Workaround: Use Untagged port on Primary VLAN.
Probability: Medium
Feature: FI L2
Function: Forwarding - Private VLAN
FI
07.3.00
Reported In Release:
Service Request ID: 721623
Defect ID: DEFECT000401609
Technical Severity: Medium
Summary: When trunk ports span across the stacks: the MAC address is not reset, when the trunk is not deployed.
Symptom: When trunk ports span across the stacks: the MAC address is not reset, when the trunk is not deployed.
Risk of Fix: Low
Feature: FCX L2 Forwarding
Function: Trunk Threshold
Reported In Release: FI 07.2.02
Service Request ID: 724649

IronWare Software Release R07.3.00p

Page 79 of 113

Defect ID: DEFECT000403066
Technical Severity: Medium
Summary: If a router is upgraded directly from release version 04.x.xx to 07.2.xx or later, SSH access to the
device could result in a system reset.
Symptom: If a router is upgraded directly from release version 04.x.xx to 07.2.xx or later without regenerating
the SSH key, the system may reset if an SSH access is attempted.
Workaround: 1. Invoke the “crypto key gen” command to regenerate the key after the upgrade.
2. Upgrade the device first from version 04.x.xx to 07.1.00, and then upgrade it from 07.1.00 to
07.2.xx or later code streams.
Probability: Medium
Feature: FI Embedded Management
Function: SSHV2/SCP
Reported In Release: FI 07.3.00
Service Request ID: 733057
Defect ID: DEFECT000403640
Technical Severity: High
It
takes
6.7
seconds
to
clear
the
MAC
in
router
code where as it takes 400 milliseconds to flush it in
Summary:
switch code.
Risk of Fix: Low
Feature: Layer 3 Forwarding - IPV4
Function: Data Forwarding (IPV4)
Reported In Release: FI 07.5.00
Service Request ID: 756077
Defect ID: DEFECT000404253
Technical Severity: Medium
Summary: Configuring and then removing protocol VLAN does not clean up MAC Address locking issue on port
registers.
Symptom: High CPU level due to data packets are not being forwarded in hardware.
Workaround: Configure device issuing the command "dot1x-enable" and then remove it issuing the command
"no dot1x-enable".
Feature: FCX L2 Forwarding
Function: Protocol VLAN
Reported In Release: FI 07.3.00
Service Request ID: 725439
Defect ID: DEFECT000404397
Technical Severity: Medium
Summary: Printing more than 700 lines at a time in buffer logging, causes high CPU and VRRP might not
process control packets.
Symptom: Printing more than 700 lines in buffer logging at the same time causes high CPU and VRRP might not
process control packets
Workaround: Remove the "logging buffer" from the configuration. Default is 50 lines.
Probability: High
Risk of Fix: Medium
Feature: SX Layer3 Control Protocols
Function: VRRP/VRRP-E and slow-start timerVRRP-E timer scale
Reported In Release: FI 07.2.02
Service Request ID: 721885
Defect ID: DEFECT000405574
Technical Severity: High
Summary: High CPU usage is observed when LLDP is enabled on a POE enabled port on SX.
Symptom: High CPU usage is observed when LLDP is enabled on a POE enabled port on SX, when there are
many non POE devices connected on POE enabled ports. If there is a non-POE device connected on a
POE enabled port, the “PD Detection Fault” message is displayed with “show inline power”.
Feature: Power over Ethernet
Function: Power over Ethernet
Reported In Release: FI 07.3.00
Service Request ID: 733323

IronWare Software Release R07.3.00p

Page 80 of 113

Defect ID: DEFECT000406403
Technical Severity: Medium
Summary: DHCP may fail in VLAN 1 when using dual mode interface and IP helper.
Symptom: The switch is dropping the DHCP packets that are coming on VLAN 1 when dual-mode and IP helper
is enabled.
Probability: High
Risk of Fix: Low
Feature: SX L2 Forwarding
Function: DHCP assist
Reported In Release: FI 07.2.02
Service Request ID: 732333
Defect ID: DEFECT000406631
Technical Severity: Medium
Summary: Bridge TC Event log is missing on FastIron SX switches from code 07.2.00 and later.
Symptom: An SX switch that has MSTP configured is connected to other vendor switches running legacy STP
(802.1D). When a laptop is connected to a third party switch, the third-party switch generates TCN
BPDUs which are sent to the SX. This leads to MSTP reconvergence. There is no log indicating that a
TCN BPDU has been received. About 3 to 4 ping drops are experienced on the network due to
reconvergence. There should be a log to identify the source of BPDU.
Workaround: Configure edge port on all switch ports where servers and laptops are to be connected.
Probability: Medium
Risk of Fix: Low
Feature: SX L2 Control
Function: SpanningTree Protocols
Reported In Release: FI 07.2.02
Service Request ID: 733719
Defect ID: DEFECT000406877
Technical Severity: Medium
Summary: ARP inspection fails to inspect ARP response packet.
Symptom: ARP inspection fails to inspect ARP response packet.
Probability: High
Feature: FI - L4/Security
Function: Dynamic ARP inspection
Reported In Release: FI 07.3.00
Service Request ID: 739235
Defect ID: DEFECT000407553
Technical Severity: Medium
Summary: TurboIron stops forwarding broadcast on Ethernet 1 port if management port is disabled.
Symptom: TurboIron stops forwarding broadcast on Ethernet 1 port if management port is disabled.
Workaround: enable spanning tree
Probability: High
Feature: TI Layer 3 Forwarding - IPV4
Function: Data Forwarding (IPV4)
Reported In Release: FI 07.3.00
Service Request ID: 741009

IronWare Software Release R07.3.00p

Page 81 of 113

Defect ID: DEFECT000408208
Technical Severity: High
Summary: Configuring monitor port will trigger the active stack controller to reset if a module has been changed
in the FCX stack.
Symptom: FCX XFP 10G module is swapped from stack unit 3 to stack unit 2, when both are powered off. Then,
both unit2 and unit3 are powered up, and the stack was configured by giving "module 3 fcx-xfp-2port-10g-module" command on stack unit2 and giving "no module 3 fcx-xfp-2-port-10g-module"
command on stack unit3.
A Write memory (wr mem) command was then issued to save the configuration.
Subsequently, commands
"mirror-port ether 1/1/1"
"int ether 3/1/22"
"monitor ether 1/1/1 both"
are configured. This causes the active stack controller to perform an expected reset. The standby stack
controller takes over. Then configuring a monitor port on e 3/1/22 caused the new active to perform an
unexpected reset.
After these two resets, no more resets were observed.
Workaround: Do not configure the stack with the "no module 3 fcx-xfp-2-port-10g-module" command even after
the module is removed from the system. This will prevent the condition of the running
configuration and static configuration getting out of synchronization, causing data structure access
issue in module 3. This will not affect system operation.
Probability: High
Feature: FI Infrastructure
Function: port mirroring/monitoring
Reported In Release: FI 07.3.00
Service Request ID: 746263
Defect ID: DEFECT000408842
Technical Severity: Medium
Summary: Single SPAN STP loop may occur if port is added to VLAN.
Symptom: Single SPAN STP loop may occur if port is added to VLAN.
Probability: High
Feature: FCX L2 Control
Function: single spanning-tree
Reported In Release: FI 07.3.00
Service Request ID: 737569
Defect ID: DEFECT000408982
Technical Severity: Medium
Optical
monitoring
can’t
be
enabled
per
interface
in ICX when using the 10G ports and SFPP.
Summary:
Symptom: Optical monitoring can’t be enabled per interface in ICX 6610 when using the 10G ports and SFPP.
Probability: High
Feature: DOM
Function: DOM
Reported In Release: FI 07.3.00
Service Request ID: 745701
Defect ID: DEFECT000410277
Technical Severity: High
Summary: FWS switch reloads continuously when non-PoE port receives a CDP message.
Symptom: After upgrade from 07.2.02e to 07.3.00c, the switch reloads continuously.
Workaround: Disable CDP on FWS or disable CDP on all devices connected to FWS.
Probability: High
Feature: FI Platform
Function: POE
Reported In Release: FI 07.3.00
Service Request ID: 748591

IronWare Software Release R07.3.00p

Page 82 of 113

Defect ID: DEFECT000410285
Technical Severity: Medium
Summary: Faulty line module failing initialization in an SX800 makes the System unusable.
Symptom: Faulty module can make the system "unusable" and results in loss of network services.
The subject switch/router will perform a reset with these error messages.
(when adding the faulty module to slot 2)
P1 : 02 03
F1 : 02 03 Module 2 Init failed with status 1
Err: Enabling module 2 Failed
[1]Retrying ..
P1 : 02 03
F1 : 02 03 Module 2 Init failed with status 1
Err: Enabling module 2 Failed
[2]Retrying ..
P1 : 02 03
F1 : 02 03 Module 2 Init failed with status 1
Err: Enabling module 2 Failed
[3]Retrying ..
...
System will again perform an unexpected reset.
Probability: Medium
Feature: FI Platform
Function: Chassis/Cards/PCI - SX/TI
Reported In Release: FI 07.3.00
Service Request ID: 742229
Defect ID: DEFECT000410498
Technical Severity: Medium
Summary: First vlan's ip-subnet name is erased when protocol "xxx-proto" is configured in the VLAN. The
dynamic IPv6 protocol vlan membership that is disabled (with "ipv6-proto" no dynamic) is enabled
after a reboot in router.
Symptom: First VLAN ip-subnet name is erased after reload.
Risk of Fix: Medium
Feature: SX L2 Forwarding
Function: Protocol VLAN
Reported In Release: FI 07.2.02
Service Request ID: 751033

IronWare Software Release R07.3.00p

Page 83 of 113

Defect ID: DEFECT000413089
Technical Severity: Medium
Summary: In ICX, layer1 interface status is showing as up before the other end connected device boot process is
completed.
Symptom: If two ICX6610 devices are connected to each other, when the other end reboots, the interface at local
box shows Layer 1 is up even before the other end completely reboots.
Scenario:
ICX6610A(e 1/1/24) <---> ICX6610B(e 1/1/24)
This is the behavior with port enabled (ICX on other side reloading)
(timestamp):I:System: Interface ethernet 1/1/24, state up
(timestamp):I:System: Interface ethernet 1/1/24, state down
(timestamp):I:System: Interface ethernet 1/1/24, state up
(timestamp):I:System: Interface ethernet 1/1/24, state down
As soon as the interface comes up the second time, the IP address is responding immediately. The
interfaces should remain down until the switch on the other end boots up completely. Then connect
and bring up both ends.
Probability: Low
Risk of Fix: Low
Feature: Platform
Function: System
FI
07.4.00
Reported In Release:
Service Request ID: 738385
Defect ID: DEFECT000414072
Technical Severity: Medium
Summary: Unable to reload the switches using IPv6 SNMP.
Symptom: Unable to reload the switches using IPv6 SNMP.
Probability: High
Feature: FCX Network Management
Function: SNMP V4/V6
Reported In Release: FI 07.3.00
Service Request ID: 760347

Closed Defects in IronWare Software Release 07.3.00c
Defect ID: DEFECT000333027

Technical Severity:

Medium

Summary: Unicast DHCP offer packets are intermittently dropped
Symptom: DHCP Client sometimes does not get the DHCP offer packet from the Server when connecting
directly through TurboIron in the same VLAN.
Probability: High
Feature: TI IPv4 Forwarding
Function: DHCP Snooping
Reported In Release: FI TI 04.2.00
Service Request ID: 511501
Defect ID: DEFECT000346307
Technical Severity: Medium
Summary: “dm diag” causes the switch to get stuck in the diagnostic mode, making it unusable.
Symptom: “dm diag” causes the switch to get stuck in the diagnostic mode, making it unusable
Probability: High
Feature: FI Platform Specific features
Function: system bringup
Reported In Release: FI 07.2.02
Service Request ID: 590679

IronWare Software Release R07.3.00p

Page 84 of 113

Defect ID: DEFECT000346422
Technical Severity: High
Summary: After failing to copy 7.2.02a router image due to lack of flash space, user unable to write anything
to the flash.
Symptom: Get "Flash access in progress. Please try later" errors when trying to copy image from TFTP server
or when saving the running configuration.
Probability: High
Feature: SX Network Management
Function: TFTP Configuration- Software V4/V6
Reported In Release: FI 07.2.02
Service Request ID: 592067
Defect ID: DEFECT000348065
Technical Severity: Critical
Summary: Traffic going through valid default route gets dropped.
Symptom: All traffic that uses the default route is dropped if the default route is learned from OSPF, when
Active/Standby Management Modules are present.
Probability: High
Feature: SX Layer 3 Forwarding - IPV4
Function: Data Forwarding (IPV4)
Reported In Release: FI 07.2.02
Service Request ID: 568471
Defect ID: DEFECT000353729
Technical Severity: Medium
Summary: FastIron switches may not respond to ICMPv6 echo request
Symptom: FESX, FCX and FGS switches may fail to reply to ICMPv6 echo request sent by router or IPV6
server (Linux) that is directly connected to the switch.
Probability: High
Feature: FCX Layer 3 Forwarding - IPV6
Function: Data Forwarding (IPV6)
Reported In Release: FI 07.2.02
Service Request ID: 611321
Defect ID: DEFECT000355892
Technical Severity: High
Summary: SNMP: All Plat: the command “no snmp-server comm Public ro” is not retained after a reload.
Once the Device reloads it will begin to respond to polling and read only operations using this
community
Symptom: Synopsis: the command when you use the command “no snmp-server comm Public ro” the public
community will be disabled and our device will no longer respond to SNMP requests using the
Public community, however it is not placed in the running config or retained after a reload. Once
the Device reloads it will begin to respond to polling and read only operations using this
community
Probability: Low
Feature: FI Embedded Management
Function: SNMP v1/v2/v3
Reported In Release: FI 07.3.00
Defect ID: DEFECT000359994
Technical Severity: High
Summary: System continuously reloads with "Error: flash_get_fresh_block: no space."after upgrading to
7.2.02D Router code
Symptom: Customer system continuously reloads after upgrading to 7202D.
Feature: FCX Platform Specific features
Function: system bringup
Reported In Release: FI 07.2.02
Service Request ID: 643927
Defect ID: DEFECT000365448
Technical Severity: Medium
Summary: Private VLAN does not work as expected
Symptom: When Private VLAN's are used, the "show mac" output is not consistent.
Workaround: Downgrade code to version 7.1.00a.
Probability: High
Feature: FCX L2 Forwarding
Function: Private VLAN
Reported In Release: FI 07.2.02
Service Request ID: 660501

IronWare Software Release R07.3.00p

Page 85 of 113

Defect ID: DEFECT000368019
Technical Severity: Medium
Summary: FastIron drops ServerIron Hot Standby HA MAC sync PDUs sent or received on ports configured for
UDLD.
Symptom: Configuring UDLD between an FWS or FGS switch and each ADX in a hot standby ServerIron pair
leads to the standby ServerIron not being able to learn MAC addresses on the UDLD-configured
port.
Probability: Medium
Feature: SX L2 Control
Function: UDLD
Reported In Release: FI 07.2.02
Service Request ID: 670755
Defect ID: DEFECT000371615
Technical Severity: High
Summary: Standby unit of FCX stack may reset after Hitless Failover if OSPFv2 graceful restart is disabled
Symptom: If RIPv2 and OSPFv2 neighborhoods are formed on the same interface with the OSPF default
route chosen as the best route, issuing a "no-graceful restart" and then doing a failover can lead
to a reset on the Standby Management module.
Probability: Low
Feature: Layer3 Control Protocols
Function: RIP(v1-v2) - IPV4
Reported In Release: FI 07.4.00
Service Request ID: 695341
Defect ID: DEFECT000374592
Technical Severity: Medium
Summary: After a trunk is unconfigured, IP forwarding to ports that were previously part of that trunk may
not work.
Symptom: IP forwarding to ports that were previously part of a trunk may not work after the trunk is deleted.
Workaround: Reload the system to re-initialize the ports correctly for IP forwarding.
Probability: Medium
Feature: SX Layer 3 Forwarding - IPV4
Function: Data Forwarding (IPV4)
Reported In Release: FI 07.2.02
Service Request ID: 681463
Defect ID: DEFECT000374604
Technical Severity: Medium
Summary: IP forwarding between FCX stack units may fail after switchover with MSTP configuration
Symptom: With MSTP configuration present, IP forwarding between FCX stack units may fail after doing a
switchover.
Workaround: Reload the whole stack again.
Probability: Medium
Feature: FCX L2 Control
Function: SpanningTree Protocols
Reported In Release: FI 07.3.00
Service Request ID: 681225
Defect ID: DEFECT000376558
Technical Severity: Medium
Summary: Standby unit may reset if the Active stack unit is unplugged from power during hitless failover
Symptom: When hitless failover is configured and power is disconnected from the Active FCX of a stacked
pair running OSPFv2, the other FCX may reset soon afterwards. When it later recovers, all its
interfaces will remain down.
Probability: Low
Feature: FCX Layer3 Control Protocols
Function: OSPFV2 - IPV4
Reported In Release: FI 07.2.02
Service Request ID: 682809

IronWare Software Release R07.3.00p

Page 86 of 113

Defect ID: DEFECT000377090
Technical Severity: Medium
Summary: MAC table is not updated correctly when client is moved from PVLAN primary to PVLAN community
or from PVLAN community to PVLAN primary
Symptom: MAC table is not updated correctly when client is moved from PVLAN primary to PVLAN community
or from PVLAN community to PVLAN primary.
Probability: High
Feature: FCX L2 Forwarding
Function: Private VLAN
Reported In Release: FI 07.2.02
Service Request ID: 687429
Defect ID: DEFECT000377099
Technical Severity: Medium
Summary: Interface and Port descriptions for 10/100M ports on some FWS models are incorrectly displayed
as 'GigabitEthernet'
Symptom: On non-Gigabit capable FWS models (FWS624, FWS624-EPREM, FWS624-POE, FWS648,
FWS648-EPREM & FWS648-POE), ifDescr and port description for 10/100M ports are displayed
as 'GigabitEthernet' instead of 'FastEthernet'.
Probability: High
Feature: FCX Network Management
Function: SNMP V4/V6
Reported In Release: FI 07.2.00
Service Request ID: 683989
Defect ID: DEFECT000377535
Technical Severity: Medium
Summary: FCX stack with 10G ports breaks when upgraded from 7.2.02d to 7.2.02e
Symptom: FCX stack with 10G ports breaks when upgraded from 7.2.02d to 7.2.02e
Probability: High
Feature: FCX Stacking
Function: stack-ports
Reported In Release: FI 07.2.02
Service Request ID: 686589
Defect ID: DEFECT000377562
Technical Severity: Medium
Summary: Q-in-Q removes the original customer's 802.1q tag for broadcast packets
Symptom: Broadcast packets do not get forwarded at all in Q-in-Q environment.
Probability: Medium
Feature: FCX L2 Forwarding
Function: Q-in-Q
Reported In Release: FI 07.3.00
Service Request ID: 682505
Defect ID: DEFECT000377873
Technical Severity: High
Summary: If multiple 0.0.0.0 route updates over RIPv2 with netmasks other than /0 from multiple
neighboring routers are received, the device could lock up or reset
Symptom: Upon receiving multiple 0.0.0.0 route updates over RIPv2 with non-zero netmasks, continuous
route updates for 0.0.0.0 will be emitted by the affected system. FCX devices may experience a
lockup while FESX/SX devices may experience a reset.
Probability: High
Feature: FCX Layer3 Control Protocols
Function: RIP(v1-v2) - IPV4
Reported In Release: FI 07.2.02
Service Request ID: 685879
Defect ID: DEFECT000379038
Technical Severity: Critical
Summary: High CPU condition when non-POE devices connect to POE-enabled ports
Symptom: CPU usage rate goes high when non-POE devices are connected to POE-enabled ports.
Workaround: Disable legacy POE detection by configuring the following command at the global level: "no
legacy -inline-power "
Probability: High
Feature: Power over Ethernet
Function: Power over Ethernet
Reported In Release: FI 07.3.00
Service Request ID: 680137

IronWare Software Release R07.3.00p

Page 87 of 113

Defect ID: DEFECT000379697
Technical Severity: Critical
Summary: ARP age is not refreshed after disabling/enabling a module even though there is constant traffic
from/to the host
Symptom: ARP age is not refreshed after disabling/enabling the module even though there is constant
traffic from/to the host
Probability: High
Feature: SX Layer 3 Forwarding - IPV4
Function: Data Forwarding (IPV4)
Reported In Release: FI 07.2.02
Service Request ID: 691653
Defect ID: DEFECT000380312
Technical Severity: Medium
Summary: Unexpected reset may occur when dm command is issued in a VLAN that contains no ports.
Symptom: Debug CLI command "dm 802-1w bridge vlan " may cause an unexpected reset of the
device.
Workaround: Add ports to the VLAN. Do not run the command.
Probability: High
Feature: FI Debug support
Function: dm commands - L2
Reported In Release: FI 07.3.00
Service Request ID: 689965
Defect ID: DEFECT000380727
Technical Severity: High
Summary: System Diagnostic feature not functioning on TI products
Symptom: "dm diag" command is accepted on TI24 but upon resetting the device, it goes into application
code without running diagnostics.
Probability: High
Feature: Platform
Function: Dm commands
Reported In Release: FI 07.4.00
Service Request ID: 714763
Defect ID: DEFECT000381074
Technical Severity: Medium
Summary: Logical VE interface remains UP even though none of its associated physical ports are enabled
Symptom: With Single Spanning Tree enabled, even if all the physical ports of a VLAN are down, the
associated VE interface is displayed as being logically up under "show ip interface".
Probability: High
Feature: FCX Layer1 features
Function: link status - speed and duplex status
Reported In Release: FI 07.2.02
Service Request ID: 675563
Defect ID: DEFECT000381773
Technical Severity: Medium
Summary: LACP may break if FCX stack is reloaded
Symptom: LACP breaks if FCX stack is reloaded and only the Standby unit comes up.
Probability: High
Feature: FCX L2 Forwarding
Function: LinkAggregation - Static
Reported In Release: FI 07.3.00
Service Request ID: 695251
Defect ID: DEFECT000382104
Technical Severity: Medium
Summary: When the active FCX switch in a stack fails, OSPF routes that had depended on ve interfaces
using the failed switch's physical interfaces remain in the routing table with OSPF cost "n/a".
Symptom: Loss of connectivity lasting 90 seconds in 7.3 and lasting indefinitely in 7.2.02e when the active
FCX in a stack goes down.
Probability: High
Feature: FCX Layer3 Control Protocols
Function: OSPFV2 - IPV4
Reported In Release: FI 07.2.02
Service Request ID: 683169

IronWare Software Release R07.3.00p

Page 88 of 113

Defect ID: DEFECT000382236
Technical Severity: Medium
Summary: SNMP ifOperStatus reports ports in STP Blocking as down even though the ports are physically
and administratively up
Symptom: SNMP ifOperStatus reports ports in STP Blocking as down even though the ports are physically
and administratively up.
Probability: Medium
Feature: FCX Network Management
Function: SNMP V4/V6
Reported In Release: FI 07.2.02
Service Request ID: 696127
Defect ID: DEFECT000382316
Technical Severity: Medium
Summary: FCX ports go into Blocking if both STP and 802.1w are configured after a stack reload
Symptom: FCX ports go into Blocking state if both STP and 802.1w are configured after a stack reload.
Workaround: Reload the whole FCX stack again.
Probability: High
Feature: FCX L2 Control
Function: SpanningTree Protocols
Reported In Release: FI 07.3.00
Service Request ID: 691379
Defect ID: DEFECT000382390
Technical Severity: Medium
Summary: New active port of protected-link-group over stacking units does not handle any traffic
Symptom: With a protected-link group configured over multiple units of a stack, after the Active unit of the
Stack is powered off, the new Active unit's port does not handle any traffic even though the
interface moves to Forwarding state.
Workaround: Configure an 'active-port' for the protected link group.
Probability: Low
Feature: FCX L2 Forwarding
Function: Protected Link group
Reported In Release: FI 07.2.02
Service Request ID: 694309
Defect ID: DEFECT000382536
Technical Severity: Medium
Summary: CPU memory usage increases with repetitive SSH sessions
Symptom: With continuous creation and deletion of SSH sessions to the device, the memory usage steadily
increases and does not recover.
Probability: Low
Feature: FI Embedded Management
Function: SSH/SCP
Reported In Release: FI 07.4.00
Service Request ID: 704159
Defect ID: DEFECT000383004
Technical Severity: Medium
Summary: ARP and MAC entries may not be updated correctly on SX when a connected device is removed
Symptom: With continuous traffic flowing to an attached device that has valid ARP and MAC entries, the ARP
and MAC entries are not deleted when that device is disconnected.
Workaround: After disconnecting the device, stop the continuous traffic meant for that device in order to
age the ARP/MAC entries out.
Probability: High
Feature: SX L2 Forwarding
Function: MAC Table/FDB Manager
Reported In Release: FI 07.3.00
Service Request ID: 695827

IronWare Software Release R07.3.00p

Page 89 of 113

Defect ID: DEFECT000383069
Technical Severity: High
Summary: TCAM entries are not updated on Standby/Member units for a static ECMP Route when there is
MAC movement
Symptom: When MAC movement for a static ECMP route occurs, traffic that is received on Standby or
Member unit continues to be forwarded to the old port.
Probability: High
Feature: Layer 3 Forwarding - IPV4
Function: Data Forwarding (IPV4)
Reported In Release: FI 07.4.00
Service Request ID: 697721
Defect ID: DEFECT000383469
Technical Severity: Medium
Summary: A Layer 2 loop may be created if the Native VLAN Id is changed on other vendors' switches
Symptom: If the Native VLAN Id is changed from the default on other vendors' switches that are connected
to a Brocade device, a Layer 2 loop may result due to the Brocade device expecting an IEEE BPDU
in the default VLAN 1.
Workaround: Configure the Native VLAN to default value 1 on the other vendor's switch or configure VLAN 1
on the interface connected to the Brocade device.
Probability: Low
Feature: FCX L2 Control
Function: PVST/PVST+/ PVRST
Reported In Release: FI 07.3.00
Service Request ID: 670195
Defect ID: DEFECT000383745
Technical Severity: Medium
Summary: Power supply front LEDs not working correctly
Symptom: When the power supply unit is unplugged, the LED turns amber. But when it is plugged in again,
the LED stays in amber and does not move to green.
Probability: High
Feature: FI Platform
Function: Power Supply/Temp Sensor/Fan
Controller
Reported In Release: FI 07.3.00
Service Request ID: 696305
Defect ID: DEFECT000384066
Technical Severity: Medium
Summary: In PBR, the Secondary Gateway IP Address is not selected when the link to the Primary Gateway
goes down
Symptom: If multiple Next Hop gateways are configured in PBR, when the VLAN associated with the Primary
Next Hop goes down, the Secondary Next Hop does not become effective if the Default Route is
also configured.
Probability: Low
Feature: FCX Layer 3 Forwarding - IPV4
Function: PBR
Reported In Release: FI 07.3.00
Service Request ID: 697479
Defect ID: DEFECT000384408
Technical Severity: High
Summary: ServerIron HA PDUs (EtherType 0x885a) are not switched across VLAN
Symptom: TI products incorrectly drop ServerIron control packets (Ethertype 0x885a) instead of switching
them.
Probability: Low
Feature: FI L2
Function: Forwarding - Other
Reported In Release: FI 07.3.00
Service Request ID: 695053

IronWare Software Release R07.3.00p

Page 90 of 113

Defect ID: DEFECT000385534
Technical Severity: High
Summary: MAC address being learned on STP Blocking port when DHCP snooping is enabled
Symptom: If Spanning Tree is configured on a VLAN and DHCP Snooping is enabled on a port that is in
Blocking state, a packet that is received on that port incorrectly triggers learning of its Source
MAC address on it.
Probability: High
Feature: FI ACL
Function: DHCP Snooping functionality
Reported In Release: FI 07.4.00
Service Request ID: 712523, 712913
Defect ID: DEFECT000385924
Technical Severity: Medium
Summary: IPv6 Ping to Virtual IP Address fails after VRRP-E state change to Backup
Symptom: IPv6 Ping to VRRP-E Virtual IP address times out after failing over from Master to Backup state.
Workaround: Clear IPv6 cache and fail over VRRP-E again.
Probability: High
Feature: Layer3 Control Protocols
Function: VRRP/VRRP-E and slow-start timer- VRRPE timer scale
Reported In Release: FI 07.3.00
Service Request ID: 700737
Defect ID: DEFECT000386563
Technical Severity: High
Summary: After the previous Master unit of an FCX stack goes down, the new Master unit may reset when
commands related to traffic statistics are executed
Symptom: After the Master unit of a 2-node FCX stack is powered down, the new Master unit may reset if
certain commands like "show statistics traffic-policy" or "show access-list" are issued from CLI.
Probability: Low
Feature: FCX Stacking
Function: IPC Infrastructure
Reported In Release: FI 07.2.02
Service Request ID: 705189
Defect ID: DEFECT000387044
Technical Severity: High
Summary: FCX shows Power Supply Unit as normal even when it is inserted without power
Symptom: If two PSU's are inserted into an FCX with no power cable plugged into PSU2, both PSU's are
displayed as present and OK.
Probability: High
Feature: FI Platform Specific features
Function: Chassis/fan/powersupplies/temperature
sensors
Reported In Release: FI 07.3.00
Service Request ID: 707887
Defect ID: DEFECT000387141
Technical Severity: Medium
Summary: Port status changes to Blocking although Protected-link-status is Active after Stack
Failover/Switchover
Symptom: After the active ports of a cross-unit protected link group on an FCX stack are flapped a few times
and a failover or switchover is then done, the expected Active port of the protected link group is
shown to be in Blocked state.
Probability: High
Feature: FCX L2 Control
Function: LinkAggregation - LACP/Dynamic
Reported In Release: FI 07.2.02
Service Request ID: 705571

IronWare Software Release R07.3.00p

Page 91 of 113

Defect ID: DEFECT000388009
Technical Severity: Medium
Summary: DNS resolution does not work when multiple DNS domain lists are used
Symptom: When "ip dns domain-list " command is used to specify more than one domain name, if
the first one fails, the device retries for it and times out instead of trying the successive domain
names.
Probability: High
Feature: FCX Management Functionality
Function: HTTPs/HTTP
Reported In Release: FI 07.2.02
Service Request ID: 697877
Defect ID: DEFECT000388194
Technical Severity: Medium
Summary: SSH session to device may disconnect due to bad server public DH value
Symptom: SSH login attempts to the switch repeatedly fail after several attempts when using the default
OpenSSH installation with Ubuntu 10.04 and possibly other versions/distributions.
Workaround: Reload the device or use Telnet/Console instead of SSH.
Probability: Low
Feature: FCX Management Functionality
Function: IPv4/V6 SSH Service
Reported In Release: FI 07.3.00
Service Request ID: 688843, 700589
Defect ID: DEFECT000388293
Technical Severity: Medium
Summary: Standby Management module may not come up after upgrading to 7.3 or greater code base due
to calibration errors
Symptom: Standby Management module does not come up and displays the following message on the
console - "Error: valid DFCDL file not found for slot 9 in hal_hw_init()"
Probability: Low
Feature: FI Platform Specific features
Function: system bringup
Reported In Release: FI 07.3.00
Service Request ID: 704997
Defect ID: DEFECT000388432
Technical Severity: High
Summary: Switch may reset when it gets the digital signature from the SSH Client and validates it
Symptom: With OpenSSH 5.5p1&Open SSL 0.9.8o, multiple logins to the device can cause the switch to
reset.
Probability: Medium
Feature: FCX Network Management
Function: SSHv2/SCP V4/V6
Reported In Release: FI 07.3.00
Service Request ID: 709277
Defect ID: DEFECT000389216
Technical Severity: Medium
Summary: OSPF adjacency may not form on data ports of the Standby Management module
Symptom: OSPF adjacency fails to form on data ports of the Standby Management module although the ARP
cache and IP routes are ok.
Workaround: Disabling and re-enabling the router interface may get the OSPF adjacency to form.
Downgrading to release 7.2.00 or prior should also mitigate the issue.
Probability: Medium
Feature: OSPF
Function: OSPF
Reported In Release: FI 07.2.02
Service Request ID: 708908, 712545
Defect ID: DEFECT000389267
Technical Severity: Low
Summary: Username could get overwritten due to changes in other usernames in the configuration
Symptom: If the first username is changed many times, the successive usernames may get overwritten and
are displayed with unexpected characters.
Probability: Medium
Feature: SX Network Management
Function: AAA RADIUS/TACACS+ V4/V6
Reported In Release: FI 07.2.02
Service Request ID: 710445

IronWare Software Release R07.3.00p

Page 92 of 113

Defect ID: DEFECT000390164
Technical Severity: Medium
Summary: ICMP packets are not flooded if ICMP Burst protection is configured on a VE interface
Symptom: If "ip icmp burst" is configured on a VE interface, ICMP packets are not flooded within the
associated VLAN.
Probability: Medium
Feature: FI ACL
Function: ACL based rate limitting
Reported In Release: FI 07.3.00
Service Request ID: 704591
Defect ID: DEFECT000390166
Technical Severity: Medium
Summary: Brocade Web GUI shows VLAN 0 for all ports on FCX
Symptom: All ports are displayed incorrectly as being in VLAN 0 via the Brocade Web GUI.
Probability: Medium
Feature: FCX Management Functionality
Function: HTTPs/HTTP
Reported In Release: FI 07.3.00
Service Request ID: 712561
Defect ID: DEFECT000390792
Technical Severity: High
Summary: SX800 experiences high CPU utilization when routing IP packets through ve interfaces in subnet
VLANs.
Symptom: SX800 experiences high CPU utilization when routing IP packets through ve interfaces in subnet
VLANs as all routed packets are routed in software by the CPU instead of in hardware by ASICs.
Workaround: Use 5.1.00f instead of anything in the 7 range.
Probability: Low
Feature: SX L2 Forwarding
Function: Subnet VLAN
Reported In Release: FI 07.2.02
Service Request ID: 711367
Defect ID: DEFECT000391366
Technical Severity: Medium
Summary: "Version Number" field is not correctly displayed in the "show pid" command output
Symptom: On TI24X running 7.3.00 or later, "show pid" command returns error for "Version Number".
Probability: Low
Feature: FI Platform
Function: EEPROM - serial number/LID/etc
Reported In Release: FI 07.3.00
Service Request ID: 714305
Defect ID: DEFECT000391539
Technical Severity: Medium
Summary: Cisco AP using proprietary TLV may not work after Brocade switch reload
Symptom: Cisco AP using proprietary TLV may not work after Brocade switch reload
Probability: High
Feature: Power over Ethernet
Function: Power over Ethernet
Reported In Release: FI 07.3.00
Service Request ID: 674465
Defect ID: DEFECT000392006
Technical Severity: Medium
Summary: MIB OID snAgentPoePortWattage does not return the configured value
Symptom: The power limit on a PoE port can be set via SNMP and the value is configured correctly on the
port, but it cannot be read and always displays the power value as 0.
Probability: High
Feature: FCX Network Management
Function: SNMP V4/V6
Reported In Release: FI 07.3.00
Service Request ID: 696861

IronWare Software Release R07.3.00p

Page 93 of 113

Defect ID: DEFECT000392506
Technical Severity: Medium
Summary: Hardware MAC entries are not properly deleted after aging, increasing the probability of MAC hash
collisions
Symptom: Over a long period of time on a campus network with many mobile users logging in an out
constantly, some users lose Layer 2 connectivity as their MAC addresses cannot be learned.
Workaround: reload the switch/router during maintenance window to clear.
Probability: Medium
Feature: FCX L2 Forwarding
Function: MAC Table/FDB Manager
Reported In Release: FI 07.2.00
Service Request ID: 712255
Defect ID: DEFECT000392549
Technical Severity: Medium
Summary: VRRP-E flaps when ports are added or removed from a VLAN through Web Management interface
Symptom: VRRP-E flaps when ports are added or removed from a VLAN through Web Management interface.
Workaround: add or delete ports from CLI
Probability: Medium
Feature: FCX Layer 3 Forwarding - IPV4
Function: Data Forwarding (IPV4)
Reported In Release: FI 07.3.00
Service Request ID: 693427
Defect ID: DEFECT000393415
Technical Severity: Medium
Summary: IP Follow VE address may be unreachable upon creation when VRRP is enabled on the Master VE
Symptom: Unable to ping newly-added Virtual Interface IP Address configured with IP Follow feature.
Workaround: disable/enable master interface
OR disable/enable vrrp instance on master interface
Probability: Low
Feature: SX Layer 3 Forwarding - IPV4 and IPV6
Function: Virtual interface (ve) Manager
Reported In Release: FI 07.2.02
Service Request ID: 706005
Defect ID: DEFECT000394040
Technical Severity: Medium
Summary: CPU memory usage increases constantly when using OpenNMS tool to poll system's IP addresses
Symptom: If OpenNMS tool is used to poll the IP addresses on a system, it can cause a CPU heap memory
leak over time due to terminating multiple SSH connections prematurely.
Workaround: use telnet instead of ssh
Probability: High
Feature: SX Management Functionality
Function: IPv4/V6 SSH Service
Reported In Release: FI 07.2.02
Service Request ID: 704159
Defect ID: DEFECT000394590
Technical Severity: Low
Summary: Flow control packets seen with no traffic on Fiber ports with 1G SFP
Symptom: Flow control packets with the pause quanta field set to zero, which do not make the partner stop
the traffic, are seen with no traffic on 1G Fiber ports.
Workaround: Configure 'no flow control' on the port.
Probability: High
Feature: FI Infrastructure
Function: Flow Control
Reported In Release: FI 07.3.00
Service Request ID: 724451

IronWare Software Release R07.3.00p

Page 94 of 113

Defect ID: DEFECT000395855
Technical Severity: High
Summary: SX 2x10G cards may fail to initialize on cold start due to errors when trying to read EEPROM
Symptom: If an SX1600 switch is powered off for several hours and then powered on, some of the 2x10G
line modules will fail to initialize with the following error: "Unable to read slot 1 EEPROM... please
re-insert the line card in slot 1"
Workaround: re-enable line modules from CLI using enable/disable command
Probability: Low
Feature: FI Platform Specific features
Function: system bringup
Reported In Release: FI 07.3.00
Service Request ID: 713675
Defect ID: DEFECT000396159
Technical Severity: Low
Summary: Radius IP Address may be displayed incorrectly in the output of “sh table-mac-vlan detail”
Symptom: In the "show table-mac-vlan detail" display, not enough characters are allocated for the Radius IP
address column, which might cause trailing characters to be lost for a given IP address.
Probability: Medium
Feature: FCX L2 Forwarding
Function: MAC- BASED VLAN
Reported In Release: FI 07.2.02
Service Request ID: 722235
Defect ID: DEFECT000399035
Technical Severity: Medium
Summary: Routed packets on an FCX/ICX stack may have an incorrect Source MAC address
Symptom: When a Stack MAC Address is configured for an FCX/ICX stack, a routed packet that egresses the
stack has a Source MAC Address with the first 5 octets identical to the Stack MAC, but may have
the last octet overwritten.
Probability: High
Feature: FCX Layer 3 Forwarding - IPV4
Function: Data Forwarding (IPV4)
Reported In Release: FI 07.3.00
Service Request ID: 720777

Closed Defects in IronWare Software Release 07.3.00b
Defect ID: DEFECT000303853
Technical Severity: High
Summary: Unable to configure VRRP in base layer 3 code.
Symptom: Unable to configure VRRP in base layer 3 code.
Probability: High
Feature: SX Layer3 Control Protocols
Function: VRRP/VRRP-E and slow-start timer- VRRPE timer scale
Reported In Release: FI 07.1.00
Service Request ID: 253547
Defect ID: DEFECT000381441
Technical Severity: Medium
Summary: 8 port management card shows all ports UP even without any cable connected
Symptom: 8 port management card shows all ports UP even without any cable connected
Feature: FI Platform Specific features
Function: Management Port
Reported In Release: FI 07.3.00
Service Request ID: 694599

IronWare Software Release R07.3.00p

Page 95 of 113

Closed Defects in IronWare Software Release 07.3.00a
The following defects have been closed as part of this release with code changes as of December 21, 2011.
Customer reported defects closed with code in Release 07.3.00a
35B

This section lists the defects with Critical, High and Medium Technical Severity closed with a code change as of
December 16, 2011.
Defect ID: DEFECT000330146
Technical Severity: High
Summary: Newly inserted Management Module may have invalid LID displayed, after which the module
cannot be upgraded via SW Licensing
Symptom: On the Standby module, the LID value is displayed as ÿÿÿÿÿÿÿÿÿÿ. After a failover, the new Active
will have this same LID and thus cannot be upgraded.
Probability: High
Feature: SX Management Functionality
Function: CLI and parser
Reported In Release: FI 07.2.02
Service Request ID: 595349
Defect ID: DEFECT000334383
Technical Severity: Medium
Summary: With "delay-link-event" configured to dampen port flapping, unnecessary Syslog messages are
generated if a 10G port goes down
Symptom: With "delay-link-event" configured to dampen port flapping, unnecessary Syslog messages are
generated if a 10G port goes down.
Probability: Low
Feature: SX Layer1 features
Function: port flap dampening
Reported In Release: FI 07.2.00
Service Request ID: 624889
Defect ID: DEFECT000338676
Technical Severity: Medium
Summary: Installing a cable in the SFP ports 1/1 to 1/2 causes the LED on the copper combo ports 1/2 to
be lit.
Feature: FCX Layer1 features
Function: link status - speed and duplex status
Reported In Release: FI 07.2.00
Service Request ID: 548131
Defect ID: DEFECT000348267
Technical Severity: Medium
Summary: Unable to set POE via SNMPSET on FWS
Symptom: Can read the POE value using snmpwalk command but cannot set using snmpset command.
Sytem responds:
Error in packet.
Reason: undoFailed
Workaround: Set the POE via the CLI
Feature: POE MIBS
Function: POE MIBS
Reported In Release: FI 07.2.02
Service Request ID: 578485
Defect ID: DEFECT000355653
Technical Severity: Medium
Summary: FWS does not allow Port-based Mirroring and VLAN-based Mirroring on the same port to be
configured
Symptom: Port-based Mirroring and VLAN-based Mirroring is not permitted simultaneously on the same port
on FWS platform, even though it is supported on FCX platform.
Probability: Medium
Feature: FI Traffic conditioning and Monitoring
Function: port mirroring/monitoring
Reported In Release: FI 07.2.02
Service Request ID: 614459

IronWare Software Release R07.3.00p

Page 96 of 113

Defect ID: DEFECT000362478
Technical Severity: Medium
Summary: When CPU intensive tasks like repeated TFTP uploads are done, it may lead to loss of heartbeat
from Active to Standby Management modules, resulting in a switchover
Symptom: When repeated TFTP uploads are done via INM, a switchover may be observed.
Probability: Low
Feature: SX Platform Specific features
Function: Management module redundancy
Reported In Release: FI 07.2.02
Service Request ID: 592699
Defect ID: DEFECT000364076
Technical Severity: High
Summary: ARP request is not forward between Primary and Isolated VLANs
Symptom: When Private VLANs are configured, an ARP request is not forward between the Primary and
Isolated VLANs.
Probability: High
Feature: FCX L2 Forwarding
Function: Private VLAN
Reported In Release: FI 07.2.02
Service Request ID: 650833,660501
Defect ID: DEFECT000368913
Technical Severity: Medium
Summary: Memory tracking debug command may not work for all cases
Symptom: Some memory leak conditions may not be detected using the “dm mem-leak” tool.
Probability: Low
Feature: SX_SYSTEM
Function: UNDETERMINED
Reported In Release: FI 07.2.02
Defect ID: DEFECT000368973
Technical Severity: High
Summary: If inline power is configured through SNMP on FWS, device allocates only 1W to the port
Symptom: On configuring inline power through SNMP, power devices may not come up
Workaround: Please use Command Line Interface to configure inline power
Probability: Low
Feature: FI Embedded Management
Function: SNMP
Reported In Release: FI 07.3.00
Defect ID: DEFECT000369368
Technical Severity: Medium
Summary: SX momentarily forwards packets during boot up process
Symptom: During boot up process, SX forwards packets on a port for a short time when initializing that port
even though it is disabled in the saved configuration.
Probability: Medium
Feature: SX Layer1 features
Function: link status - speed and duplex status
Reported In Release: FI 07.2.02
Service Request ID: 669641
Defect ID: DEFECT000369547
Technical Severity: Medium
Summary: DHCP Client - SX device connected via another DUT to server is not getting IP address
Symptom: Customer may see the issue.
Probability: Medium
Feature: SX DHCP CLIENT
Function: DHCP
Reported In Release: FI 07.3.00
Service Request ID: 694027 694027

IronWare Software Release R07.3.00p

Page 97 of 113

Defect ID: DEFECT000370080
Technical Severity: High
Summary: DSCP tag values for VRRPv2, VRRPv3, and ICMPv6-Router Advertisements(RA) packets are 0
Symptom: The current priority field values for VRRPv2, VRRPv3, and ICMPv6-RA are set to zero
Probability: High
Feature: Layer3 Control Protocols
Function: VRRP/VRRP-E and slow-start timer- VRRPE timer scale
Reported In Release: FI 07.3.00
Defect ID: DEFECT000371312
Technical Severity: High
Summary: Port LED does not glow when E1MG-TX optics is plugged into the 1G ports on ICX6610-24F and
the speed is set to 100 full
Symptom: Port LED does not glow when E1MG-TX optics is plugged into the 1G ports on ICX6610-24F and
the speed is set to 100 full
Probability: Low
Feature: Optics
Function: OPTICS
Reported In Release: FI 07.3.00
Defect ID: DEFECT000374288
Technical Severity: High
Summary: On Production ICX 24P Fiber Units, Links don't come up when E1MG-TX optics are plugged in
Symptom: [ICX] If copper GBIC is used in 1G SFP port, link may not come up
Workaround: no
Probability: Medium
Feature: FI Platform
Function: 1G Link
Reported In Release: FI 07.3.00
Defect ID: DEFECT000375025
Technical Severity: Medium
Summary: Packets destined to the VRRP Virtual MAC address are received by the CPU of the VRRP Backup
Router
Symptom: Packets destined to the VRRP Virtual MAC address are received by the CPU of the VRRP Backup
Router instead of being switched in HW to the VRRP Master.
Probability: High
Feature: SX Layer3 Control Protocols
Function: VRRP/VRRP-E and slow-start timer- VRRPE timer scale
Reported In Release: FI 07.2.02
Service Request ID: 674521
Defect ID: DEFECT000375146
Technical Severity: High
Summary: A very long CLI string may be truncated in the running-configuration
Symptom: A very long CLI string may be truncated in the running-configuration
Probability: Medium
Feature: SX Management Functionality
Function: CLI and parser
Reported In Release: FI 05.1.00
Service Request ID: 683689
Defect ID: DEFECT000375567
Technical Severity: Medium
Summary: If hitless OS upgrade between incompatible SW code versions is attempted, a system reset may
be experienced.
Symptom: If hitless OS upgrade between incompatible SW code versions is attempted, a system reset may
be experienced.
Workaround: Issue a regular 'reload' or 'boot system flash primary/secondary' instead of hitless-reload to
upgrade.
Probability: High
Feature: FI Infrastructure
Function: SX Hitless OS upgrade
Reported In Release: FI 07.3.00
Service Request ID: 680843

IronWare Software Release R07.3.00p

Page 98 of 113

Defect ID: DEFECT000377048
Technical Severity: Medium
Summary: After stack failover causes preferred RIPv2 route to get deleted, backup Static route does not
take over
Symptom: If only the Active unit has RIP reachability and learns a better route than a configured Static route
for a given IP Next Hop, upon disabling power to the Active unit, the ensuing failover does not
move up the Static route as the best route on the new Active unit.
Probability: Medium
Feature: FCX Layer3 Control Protocols
Function: RIP(v1-v2) - IPV4
Reported In Release: FI 07.2.02
Service Request ID: 683931
Defect ID: DEFECT000377054
Technical Severity: Medium
Summary: FCX "E" type FAN displays erroneous airflow direction in "show chassis" output
Symptom: The output of "show chassis" on FCX displays the airflow for "E" type fan as Back to Front even
though the fan actually provides airflow from the front to the back.
Probability: Medium
Feature: FI Platform
Function: Power Supply/Temp Sensor/Fan
Controller
Reported In Release: FI 07.3.00
Service Request ID: 686691
Defect ID: DEFECT000377762
Technical Severity: Critical
Summary: SX Standby Management module unexpectedly resets after 231 days
Symptom: On SX platform, after 231 days of continuous uptime, the Standby Management module
unexpectedly resets with a log message "Mgmt CPU1 ( slot 10 ) failed".
Probability: High
Feature: SX Platform Specific features
Function: Management module redundancy
Reported In Release: FI 07.2.00
Service Request ID: 682807
Defect ID: DEFECT000378514
Technical Severity: Medium
Summary: One ICMP packet is lost every 60 seconds over a cross unit trunk when one switch in a stack of 2
goes down
Symptom: In a stack of two FCX switches containing a 2-port trunk with one port on each chassis, if one of
the switches is powered off, ICMP through the FCX shows one packet is lost every 60 seconds.
Probability: High
Feature: FCX Layer 3 Forwarding - IPV4
Function: Data Forwarding (IPV4)
Reported In Release: FI 07.3.00
Service Request ID: 687111
Defect ID: DEFECT000381053
Technical Severity: Medium
Summary: DHCP does not work with SX-FI-24 GPP cards
Symptom: DHCP does not work with SX-FI-24 GPP cards on superx
Probability: High
Feature: SX DHCP CLIENT
Function: DHCP
Reported In Release: FI 07.3.00
Service Request ID: 694027

IronWare Software Release R07.3.00p

Page 99 of 113

Closed Defects in IronWare Software Release 07.3.00
The following defects have been closed as part of this release.
Customer reported defects closed with code in Release 07.3.00
36B

This section lists the defects with Critical, High and Medium Technical Severity closed with a code change as of
October 13, 2011.
Defect ID: DEFECT000335488
Technical Severity: Critical
Summary: A fully loaded SX1600 will not synchronize with the redundant management module
Symptom: Active and Standby module with be out of sync and Standby module will crash
Probability: High
Feature: SX Platform Specific Features
Function: Management Module Redundancy
Reported In Release: FI 07.2.00
Service Request ID: 509075
Defect ID: DEFECT000318624
Technical Severity: High
Summary: On FSX platform, v4 and v6 license is shown as "invalid"
Symptom: V4 ADV software license is shown as invalid on both v4 and v6 chassis
Probability: High
Feature: FCX SW License
Function: Licensing
Reported In Release: FI 07.2.00
Service Request ID:
Defect ID: DEFECT000320370
Technical Severity: Medium
Summary: FGS Buffer depletion when running multiple instances of a looped SNMP Bulk get Script
Symptom: Device runs out of memory
Probability: Medium
Feature: FCX Network Management
Function:
SNMP V4/V6
Reported In Release: FI 07.2.00
Defect ID: DEFECT000325993
Technical Severity: Low
Summary: "show inline power detail" display is inconsistent between active and standby units
Symptom: Standby unit displaying wrong POE firmware version for active unit
Probability: Low
Feature: FCX Stacking
Function:
PoE/PoE+
Reported In Release: FI 07.2.00
Defect ID: DEFECT000326814
Technical Severity: Medium
Summary: LED remains green after removing PoE Powered Device from a port.
Symptom: If a PoE PD is removed from a port, the LED for that port still remains green as if it was still
plugged in.
Probability: High
Feature: FCX Layer1 features
Function:
PoE/PoE+
Reported In Release: FI 07.2.00
Defect ID: DEFECT000329490
Technical Severity: High
Summary: SX system reloads due to running out of Multicast next hop entries
Symptom: SX system may reload after continuously displaying error messages due to next hop entries not
being available for Multicast route programming
Probability:
Low
Feature: SX L2/L3 Multicast Features
Function:
PIM Sparse
Reported In Release: FI 07.3.00

IronWare Software Release R07.3.00p

Page 100 of 113

Defect ID: DEFECT000332429
Technical Severity: Low
Summary: When a standby module is inserted into an SX chassis, it does not display a License ID
Symptom: Newly inserted management module will display a blank entry for the License.
Workaround: Set the active management module to the new one and reload the device.
Probability: High
Feature: FCX SW License
Function:
Licensing
Reported In Release:
FI 07.2.02
Service Request ID:
595349
Defect ID: DEFECT000334142
Technical Severity: Medium
Summary: Cannot open web authentication login page after moving from one port to another.
Symptom: If a client first logs in using web authentication on one port, and then moves to another port of the
switch, the client will not be able to reopen the web authentication login page.
Probability: Low
Feature: FCX Network Management
Function: Web Management
Reported In Release: FI 07.2.00
Service Request ID: 504247
Defect ID: DEFECT000335182
Technical Severity: Medium
Summary: Incorrect display in ipCidrRouteTable MIB
Symptom: While executing an snmpwalk on a FESX 424-PREM system using ipCidrRouteDest MIB
1.3.6.1.2.1.4.24.4.1.1, the result shows incorrect subnet mask and route destination values
Probability: High
Feature: SX Network Management
Function: SNMP V4/V6
Reported In Release: FI 07.2.00
Service Request ID: 505491
Defect ID: DEFECT000335749
Technical Severity: Medium
Summary: Error message displayed when configuring port mirroring if sFlow is enabled.
Symptom: Error message displayed when configuring inbound port mirroring and monitoring if sFlow is also
enabled on that port."
Workaround: Remove sFlow temporarily from the port(s). Configure the monitoring, then add sFlow back.
Probability: Medium
Feature: SX Management Functionality
Function: CLI and parser
Reported In Release: FI 07.2.00
Service Request ID: 524679
Defect ID: DEFECT000336328
Technical Severity: Medium
Summary: ACL dynamically applied does not take effect on the multi-chassis trunk link on the standby stack
unit
Symptom: ACL dynamically applied does not take effect on the multi-chassis trunk link on the standby stack
unit
Probability:
High
Feature: FCX Stacking
Function: IPC Sync messages
Reported In Release: FI 07.2.00
Service Request ID: 506901
Defect ID: DEFECT000338071
Technical Severity: High
Summary: In an MCT configuration, all members of a LAG on FCX get disabled when one of the connected
MCT devices is reset, even though the other MCT device is still up.
Symptom: With an FCX connected to two MCT devices using a single Link Aggregation Group, if one of the
MCT devices is reset, all link members the LAG on FCX get disabled.
Probability: High
Feature: FCX L2 Control
Function: LinkAggregation - LACP/Dynamic
Reported In Release: FI 07.2.00
Service Request ID: 543693

IronWare Software Release R07.3.00p

Page 101 of 113

Defect ID: DEFECT000338822
Technical Severity: Medium
Summary: Trunk goes down forever if Master switch in FCX stack goes down for 2 minutes
Symptom: When the Master FCX switch in a stack is brought down and then restarted after 2 minutes, the
trunk does not get re-established.
Workaround: Reload the master and standby switches again.
Probability: High
Feature: SX L2 Control
Function: LinkAggregation - LACP/Dynamic
Reported In Release: FI 07.2.00
Service Request ID: 530331
Defect ID: DEFECT000338861
Technical Severity: High
Summary: Device unexpectedly reloads when using SHA to verify sanctity of flash images.
Symptom: Device unexpectedly reloads when "verify sha " command is executed
Probability:
High
Feature: FI Embedded Management
Function: CLI and parser
Reported In Release: FI 07.3.00
Service Request ID: 642003
Defect ID: DEFECT000338864
Technical Severity: Medium
Summary: Verification of flash images using MD5 gives incorrect and unpredictable results
Symptom: When “verify md5 ” is issued, the first run after a reboot returns all zeros.
Subsequent runs will show incorrect file size and MD5 hash
Probability:
High
Feature: FI Embedded Management
Function: CLI and parser
Reported In Release: FI 07.3.00
Service Request ID: 642003, 645141
Defect ID: DEFECT000339214
Technical Severity: Medium
Summary: If a user is authenticated by 802.1x via an IP ACL, the ACL may affect another user on the same
port that was not authenticated with the ACL.
Symptom: If there are two users on a given port, one authenticated by an IP ACL and one authenticated
without an IP ACL, reconnecting the former will cause the ACL to affect the latter user.
Probability: High
Feature: FCX ACL
Function: 802.1x authentication
Reported In Release: FI 07.2.00
Service Request ID: 550451
Defect ID: DEFECT000340240
Technical Severity: Medium
Summary: SX devices could reload due to a memory leak when running Multicast traffic
Symptom: With Multicast data traffic running, the CPU memory could run out, causing the device to reload.
Probability: Medium
Feature: SX L2/L3 Multicast Features
Function: PIM Sparse
Reported In Release: FI 07.2.00
Service Request ID: 528867
Defect ID: DEFECT000340947
Technical Severity: Medium
Summary: IP route may not be programmed to TCAM although it is added to the IP route table when OSPF
route takes over from a static route.
Symptom: When a static route gets deleted due to the link to the next hop going down, and OSPF takes over
for that route, the route gets added to the IP routing table, but a packet destined to the route is
dropped.
Workaround: Issue "clear ip route".
Probability: High
Feature: FCX Layer3 Control Protocols
Function: OSPFV2 - IPV4
Reported In Release: FI 07.2.00
Service Request ID: 558807

IronWare Software Release R07.3.00p

Page 102 of 113

Defect ID: DEFECT000341364
Technical Severity: Medium
Summary: Optical-monitor caused bogus syslog messages
Symptom: Syslog messages SYSTEM: Optic is not Brocade qualified (port 1/1/1) is logged although port
1/1/1 is a copper port
Probability: High
Feature: FCX Layer1 features
Function: Digital Optical Monitoring
Reported In Release: FI 07.2.02
Service Request ID: 547677
Defect ID: DEFECT000342071
Technical Severity: Medium
Summary: PIM Dense forwarding cache entry gets removed even while active stream is present.
Symptom: Continuity errors are seen every few minutes when continuous PIM traffic is being forwarded.
Probability: High
Feature: SX L2/L3 Multicast Features
Function: PIM Dense
Reported In Release: FI 07.2.02
Service Request ID: 559053
Defect ID: DEFECT000343157
Technical Severity: Medium
Summary: 2500W PoE power supply is misidentified as a 1250W power supply
Symptom: 2500W power supply can allocate only half its capacity and is displayed incorrectly as 1350W or
1250W in the output of "show inline power detail" and "show power" commands.
Probability: High
Feature: FI Platform Specific features
Function: Chassis/fan/powersupplies/temperature
sensors
Reported In Release: FI 07.3.00
Service Request ID: 641069
Defect ID: DEFECT000343165
Technical Severity: Medium
Summary: Fully loaded SuperX CPU goes to 18% without any configuration.
Symptom: After upgrading from 5.1.00d to 7.2.02a, CPU utilization increases from 1% to 18%.
Probability: High
Feature: SX_SYSTEM
Function: UNDETERMINED
Reported In Release: FI 07.2.02
Service Request ID: 578549
Defect ID: DEFECT000343288
Technical Severity: Medium
Summary: ACL dynamically applied from the Active FCX stack unit does not take effect on the Standby unit
Symptom: ACL dynamically applied from the Active FCX stack unit does not take effect on the Standby unit if
"enable acl-per-port-per-vlan" is not configured
Probability: High
Feature: FCX ACL
Function: ACL(all aspects of ACLs - IPV4)
Reported In Release: FI 07.2.02
Service Request ID: 578523
Defect ID: DEFECT000344224
Technical Severity: Medium
Summary: Uplink-switch fails to limit the formation of IPv6 neighbor relationships.
Symptom: If you enable uplink-switch in a VLAN, the FWS will successfully prevent ARP request broadcasts
from being forwarded between non-uplink ports, but the FWS will fail to prevent IPv6 neighbor
relationships from being formed between non-uplink ports.
Probability: High
Feature: SX L2 Forwarding
Function: Uplink-Switch
Reported In Release: FI 07.2.02
Service Request ID: 583307

IronWare Software Release R07.3.00p

Page 103 of 113

Defect ID: DEFECT000344380
Technical Severity: Medium
Summary: FCX IP traffic goes to cpu with IP Subnet VE interface
Symptom: IP traffic goes to CPU with a VE interface configured on an IP Subnet VLAN, or if the VE is created
first before adding ports to the VLAN.
Probability:
High
Feature: FI L2
Function: Forwarding - VLAN Manager
Reported In Release: FI 07.3.00
Service Request ID: 646619
Defect ID: DEFECT000345082
Technical Severity: Medium
Summary: Trunk interface goes into Blocked state if spanning tree is disabled on interface
Symptom: Issuing “no spanning-tree” on a Trunk port causes it to go into Blocking state.
Probability: High
Feature: FCX L2 Control
Function: LinkAggregation - LACP/Dynamic
Reported In Release: FI 07.2.00
Service Request ID: 582937
Defect ID: DEFECT000345298
Technical Severity: High
Summary: IPv6 functionality is dependent only on HW EPROM licensing even if the system is upgraded via SW
Licensing
Symptom: Although IPv6 commands are configurable on a system that is upgraded via SW Licensing, a
directly connected IPv6 neigbor is not reachable
Probability: High
Feature: SX Layer 3 Forwarding - IPV6
Function: Host Networking stack (IPV6)
Reported In Release: FI 07.3.00
Service Request ID: 640715
Defect ID: DEFECT000346307
Technical Severity: Medium
Summary: “dm diag” causes the switch to get stuck in the diagnostic mode, making it unusable.
Symptom: “dm diag” causes the switch to get stuck in the diagnostic mode, making it unusable
Probability: High
Feature: FI Platform Specific features
Function: system bringup
Reported In Release: FI 07.2.02
Service Request ID: 590679
Defect ID: DEFECT000346568
Technical Severity: Medium
Summary: Interface level command “dhcp snooping client-learning disable” missing in 7.2 code.
Symptom: Interface level command “dhcp snooping client-learning disable” present in 7.0.01 code but
missing in 7.2 code.
Probability: High
Feature: FCX DHCP
Function: Client
Reported In Release: FI 07.2.00
Service Request ID: 591879
Defect ID: DEFECT000346882
Technical Severity: High
Summary: SNMPv3 configuration sometimes gets corrupted.
Symptom: If multiple SNMP groups and users are configured, removed and re-added, the running
configuration could show corrupted values.
Probability: Medium
Feature: FI Embedded Management
Function: CLI and parser
Reported In Release: FI 07.3.00
Service Request ID: 608663

IronWare Software Release R07.3.00p

Page 104 of 113

Defect ID: DEFECT000347484
Technical Severity: High
Summary: Memory leak may be observed when Policy Based Routing is configured
Symptom: Memory leak may be observed when Policy Based Routing is configured
Probability:
High
Feature: FI L3 Unicast
Function: Forwarding - PBR
Reported In Release: FI 07.3.00
Service Request ID: 672437
Defect ID: DEFECT000347677
Technical Severity: Medium
Summary: Maximum number of traffic policies changed from 256 in 4.x code to 50 in 7.2.x code.
Symptom: Cannot configure more than 50 traffic policies in 7.2.02 code.
Probability: High
Feature: Traffic Policy
Function: Traffic Policy
Reported In Release: FI 07.2.02
Service Request ID: 558097
Defect ID: DEFECT000347906
Technical Severity: Critical
Summary: Upon loading a new bootcode to the flash, multiple units of an FCX stack can experience a reload.
Symptom: Some units of an FCX stack can unexpectedly reload when a new bootcode is downloaded to the
active unit’s flash.
Probability: Medium
Feature: FI Platform
Function: Boot code/Flash/Kernel
Reported In Release: FI 07.3.00
Defect ID: DEFECT000348432
Technical Severity: Medium
Summary: FWS system fan noise is too high when operating at room temperature.
Symptom: FWS system fan noise is higher than permissible when operating at room temperature.
Probability: High
Feature: FCX Platform Specific features
Function: Chassis/fan/powersupplies/temperature
sensors
Reported In Release: FI 07.2.02
Defect ID: DEFECT000349335
Technical Severity: High
Summary: Routing data traffic to management network may result in buffer loss
Symptom: Routing data traffic to out of band management network may result in buffer loss
Probability: High
Feature: SX Layer 3 Forwarding - IPV4
Function: Data Forwarding (IPV4)
Reported In Release: FI 07.2.02
Service Request ID: 602867
Defect ID: DEFECT000349416
Technical Severity: High
Summary: Debug tool to track CPU buffer usage does not work.
Symptom: The commands to track buffer leaking: “dm gi-buffer-debug” and “dm track-buffer-show” do not
display the used buffers.
Probability: High
Feature: FCX Platform Specific features
Function: Management Port
Reported In Release: FI 07.2.02
Service Request ID: 602867

IronWare Software Release R07.3.00p

Page 105 of 113

Defect ID: DEFECT000350084
Technical Severity: Medium
Summary: CPU memory usage can continuously increase in 7.2.02, eventually causing the device to reload.
Symptom: With certain network access controllers, every time a user logs in and logs out, memory usage
increases by 1%.
Probability: High
Feature: FIPS
Function: FIPS
Reported In Release: FI 07.2.02
Service Request ID: 571469
Defect ID: DEFECT000350162
Technical Severity: Medium
Summary: FCX PoE power allocating 30 watts although the port is down and is not operational .
Symptom: Under some circumstances, the 'show inline power' displays that the port is allocated 30 Watts
even though the port is down and operationally off.
Probability: Low
Feature: FCX Layer1 features
Function: PoE/PoE+
Reported In Release: FI 07.2.02
Service Request ID: 608563
Defect ID: DEFECT000350302
Technical Severity: Medium
Summary: On a 2-Unit FCX stack with a trunk configured across the units, traffic doesn’t fall back to the
Standby ports when the Active goes down.
Symptom: After power cycling the master in a 2 unit stack, ARP is not learnt on the trunk port, causing packet
loss.
Probability: High
Feature: FCX L2 Control
Function: LinkAggregation - LACP/Dynamic
Reported In Release: FI 07.2.02
Service Request ID: 599545
Defect ID: DEFECT000350592
Technical Severity: High
Summary: FWS cannot load router code with license upon erasing the EEPROM.
Symptom: If EEPROM is erased, FWS with valid license shows error message and does not boot up when
trying to load a router image.
Probability: High
Feature: SW licensing
Function: Licensing All
Reported In Release: FI 07.3.00
Defect ID: DEFECT000352213
Technical Severity: High
Summary: After reloading, ICXs console halts for over 25 minutes to sync up the dhcp_lease_binding.txt file of
size 23000 bytes in flash.
Symptom: ICXs console halts for over 25 minutes
Probability:
Medium
Feature: FI Embedded Management
Function: DHCP IPv4 Client/Server
Reported In Release: FI 07.3.00
Defect ID: DEFECT000352356
Technical Severity: Medium
Summary: Uplink-switch fails to limit the formation of IPv6 neighbor relationships in a VLAN if managementvlan is configured in a separate VLAN.
Symptom: If you enable management-vlan in one VLAN and then enable uplink-switch in another VLAN, the
VLAN with uplink-switch will successfully prevent ARP request broadcasts from being forwarded
between non-uplink ports, but it will fail to prevent IPv6 neighbor relationships from being formed
between non-uplink ports.
Probability: High
Feature: FI L2
Function: Forwarding - uplink switch
Reported In Release: FI 07.3.00
Service Request ID: 623977

IronWare Software Release R07.3.00p

Page 106 of 113

Defect ID: DEFECT000352576
Technical Severity: Medium
Summary: CPU Memory leak is not traceable by the memory leak finding tool.
Symptom: Although “show memory” command detects that CPU memory is depleting, the “dm mem-leak”
tool fails to identify it.
Probability: High
Feature: FI Debug support
Function: dm commands - General
Reported In Release: FI 07.3.00
Defect ID: DEFECT000353245
Technical Severity: High
Summary: System allocates 30W power to a PoE Port even if it detects a non-Powered Device connected to it
Symptom: Although the System correctly detects the operational state of a port connected to a non-Powered
Device as off, it may still allocate 30W to it.
Probability: High
Feature: FI Platform Specific features
Function: PoE/PoE+
Reported In Release: FI 07.3.00
Defect ID: DEFECT000353729
Technical Severity: Medium
Summary: FCX/FGS switches are not responding to ICMPv6 echo request
Symptom: FESX6, FCX and FGS switches may fail to reply to ICMPv6 echo request sent by router or IPV6
server (Linux) that is directly connected to the switch.
Probability: High
Feature: FCX Layer 3 Forwarding - IPV6
Function: Data Forwarding (IPV6)
Reported In Release: FI 07.2.02
Service Request ID: 611321
Defect ID: DEFECT00053823
Technical Severity: High
Summary: [SX] Multicast traffic duplicated when the VEs with pim-sparse configured face towards a SWTCH
Symptom: Duplicate multicast packets are seen on other devices in the network
Probability:
Medium
Feature: FI L3 Multicast
Function: Control Plane - PIM Sparse
Reported In Release: FI 07.3.00
Defect ID: DEFECT000353828
Technical Severity: High
Summary: ZR Optic is not passing traffic after upgrading to 7.2.02.
Symptom: When upgrading from 7.2.00 to 7.2.02a on FCX platform, 10G-ZR optics send traffic but do not
receive traffic.
Probability: High
Feature: Optics
Function: OPTICS
Reported In Release: FI 07.2.02
Service Request ID: 568471
Defect ID: DEFECT000354169
Technical Severity: Medium
Summary: A system memory leak may be seen when running PIM Routing
Symptom: Stack trace messages are printed on the console while the “show memory” output shows a rapid
increase in memory consumption, eventually leading to a system reload.
Probability:
High
Feature: SX L2/L3 Multicast Features
Function: PIM Sparse
Reported In Release: FI 07.3.00
Service Request ID: 670015

IronWare Software Release R07.3.00p

Page 107 of 113

Defect ID: DEFECT000354279
Technical Severity: High
Summary: FCX may allocate incorrect wattage to all ports with Powered Devices, regardless of class.
Symptom: After configuring "inline power power-by-class 1" and then "inline power power-by-class 0", FCX will
allocate 30W to all ports with PD.
Probability: High
Feature: FI Platform Specific features
Function: PoE/PoE+
Reported In Release: FI 07.3.00
Defect ID: DEFECT000355279
Technical Severity: Medium
Summary: DHCP Server-Client binding does not get cleared when "no ip dhcp-client enable" is issued on the
client.
Symptom: A new IP address is not assigned for 5 or more minutes even if the “no ip dhcp-client enable”
command is issued to clear the original DHCP Server-Client binding.
Probability: High
Feature: FCX DHCP
Function: Server
Reported In Release: FI 07.2.02
Defect ID: DEFECT000355497
Technical Severity: Medium
Summary: FCX cannot process ARP Requests at a high rate
Symptom: FCX does not process more than 256 ARP Request packets per second.
Probability: High
Feature: FCX Layer 3 Forwarding – IPv4
Function: Data Forwarding (IPv4)
Reported In Release: FI 07.2.02
Service Request ID: 625975
Defect ID: DEFECT000356155
Technical Severity: Medium
Summary: After the Master unit in a stack goes down, OSPF routes that used this disabled unit’s ports can
remain in the routing table indefinitely.
Symptom: After the Master unit in a stack goes down, OSPF routes that used this disabled unit’s ports will
remain in the routing table indefinitely.
Probability: High
Feature: OSPF
Function: OSPF
Reported In Release: FI 07.2.02
Service Request ID: 632283
Defect ID: DEFECT000356415

Technical Severity: Critical

Summary:

System unexpectedly resets after becoming unresponsive

Symptom:

Device displays LID message, then freezes and is unresponsive even from console.

Feature: Sw licensing

Function: Licensing

Probability: Low
Found in Release: FI 07.3.00

Service Request ID: 642829

Defect ID: DEFECT000356978
Technical Severity: High
Summary: FCX / STK2: After active unit was removed from the stack, OSPF interfaces on standby or member
unit stayed in EXST state
Symptom: OSPF neighbor relationship is not formed
Probability:
Medium
Feature: FI L3 Unicast
Function: Control Plane - OSPF/OSPFv3
Reported In Release: FI 07.3.00

IronWare Software Release R07.3.00p

Page 108 of 113

Defect ID: DEFECT000357433
Technical Severity: High
Summary: Layer 3 traffic sometimes does not get forwarded on an FCX stack.
Symptom: IP Traffic is not forwarded on an FCX stack’s member units.
Workaround: Clearing the MAC or ARP tables temporarily resolves the problem.
Probability: Low
Feature: FCX Layer 3 Forwarding - IPV4
Function: Data Forwarding (IPV4)
Reported In Release: FI 07.2.02
Service Request ID: 601967
Defect ID: DEFECT000357491
Technical Severity: Medium
Summary: Rare error during baseline synchronization between Active and Standby Management modules
may lead to unexpected system reset
Symptom: In very rare cases during baseline synchronization stage, an error may occur that can lead to
unexpected system reset.
Probability: Low
Feature: SX Platform Specific features
Function: Management module redundancy
Reported In Release: FI 07.2.00
Service Request ID: 266664
Defect ID: DEFECT000358149
Technical Severity: High
Summary: Watchdog reset may occur during system bring-up
Symptom: During reboot, system may become unresponsive and reload unexpectedly
Probability: Low
Feature: FI Platform Specific features
Function: SYSTEM
Reported In Release: FI 07.3.00
Service Request ID: 642829
Defect ID: DEFECT000358969
Technical Severity: High
Summary: DHCP Server binding table shows a single IP address bound to multiple MAC addresses
Symptom: When DHCP Server is enabled, multiple clients sending DHCP requests to a single port may get the
same IP address assigned to them.
Probability: Medium
Feature: FCX DHCP
Function: Server
Reported In Release: FI 07.2.02
Defect ID: DEFECT000359744
Technical Severity: Medium
Summary: FESX6 code flash memory is incorrectly displayed as 16MB
Symptom: FESX6 code flash memory is displayed 16MB instead of 8MB
Probability: High
Feature: SX_SYSTEM
Function: UNDETERMINED
Reported In Release: FI 07.2.02
Service Request ID: 640449
Defect ID: DEFECT000360173
Technical Severity: High
Summary: After enabling Single Spanning-tree and reloading the device, Eth1 the first port of the system may
be removed from the VLAN 1
Symptom: After enabling Single Spanning-tree and reloading the device, Eth1 the first port of the system may
be removed from the VLAN 1
Probability: High
Feature: SX L2 Control
Function: single spanning-tree
Reported In Release: FI 07.2.02
Service Request ID: 643797

IronWare Software Release R07.3.00p

Page 109 of 113

Defect ID: DEFECT000363716
Technical Severity: Medium
Summary: FCX CPU rate limits broadcast ARP packets to as low as 256 Packets per second
Symptom: ARP resolution will fail
Probability: Medium
Feature: FCX Layer 3 Forwarding - IPV4 and IPV6
Function: ARP
Reported In Release: FI 07.2.02
Service Request ID: 653983
Defect ID: DEFECT000364534
Technical Severity: Medium
Summary: When the Master unit of a stack is powered off, the ARP entries that are bound to ports on that
unit are not updated even though the MAC entries are updated correctly.
Symptom: Stacking FCX fails to transmit L3 routing packet when Master unit is powered off. 'show arp' shows
a port on the old Master unit which is inactive.
Probability: High
Feature: FCX Layer 3 Forwarding - IPV4
Function: Data Forwarding (IPV4)
Reported In Release: FI 07.2.02
Service Request ID: 658785
Defect ID: DEFECT000365673
Technical Severity: Medium
Summary: Not able to ping the FSX from directly connected PC on 48 port poe card
Symptom: Unable to ping the FSX from directly connected PC on 48 port poe card
Probability: High
Feature: SX Layer 3 Forwarding - IPV4
Function: Data Forwarding (IPV4)
Reported In Release: FI 07.2.02
Service Request ID: 646649
Defect ID: DEFECT000365696
Technical Severity: High
Summary: A Layer 2 Multicast Client may not be able to receive a multicast stream when PIM Dense Mode is
configured
Symptom: When FCX is running PIM Dense Mode, some Layer 2 receivers may not receive the data.
Probability: Medium
Feature: FCX L2/L3 Multicast Features
Function: PIM Dense
Reported In Release: FI 07.2.02
Defect ID: DEFECT000366413
Technical Severity: Critical
Summary: static default route does not get updated after master unit down
Symptom: If there are multiple static default routes from both master and non-master units, the default route
from the master unit is correctly displayed in the routing table. But if the master unit is powered
down, this route will still be displayed instead of the route from the non-master unit.
Probability: Medium
Feature: FCX Layer 3 Forwarding - IPV4
Function: STATIC ROUTES (IPV4)
Reported In Release: FI 07.2.02
Service Request ID: 665605
Defect ID: DEFECT000366766
Technical Severity: High
Summary: OSPFv2 Type4 ASBR Summary LSA is removed if the neighbor ASBR’s interface in the same area is
deleted.
Symptom: ASBR route is not advertised properly and subsequently, redistributed routes are not installed in
the routing table.
Probability: High
Feature: FI L3 Unicast
Function: Control Plane - OSPF/OSPFv3
Reported In Release: FI 07.3.00
Service Request ID: 642515

IronWare Software Release R07.3.00p

Page 110 of 113

Defect ID: DEFECT000368465
Technical Severity: High
Summary: When the sFlow collector is configured on a VE, FCX member units may reload unexpectedly
Symptom: When adding/removing RSTP config from the VLAN, member units may reload if sFlow is
configured on the VE for that VLAN.
Probability: High
Feature: FCX Network Management
Function: sFlow
Reported In Release: FI 07.2.02
Service Request ID: 669137
Defect ID: DEFECT000362369
Technical Severity: Medium
Summary: Spanning Tree State Not In SYNC with Primary Port of Trunk Port after stack is rebooted.
Symptom: After hitless failover, Spanning Tree state on the primary port of a trunk shows correctly as "OFF"
but shows incorrectly as ON on the member port
Probability: Medium
Feature: FCX L2 Control
Function: LinkAggregation - LACP/Dynamic
Reported In Release: FI 07.2.02
Service Request ID: 645709
Customer reported defects closed without code in Release 07.3.00
This section lists the defects with Critical, High and Medium Technical Severity closed without a code change
as of October 13, 2011.
37B

Defect ID: DEFECT000344733
Technical Severity: Medium
Summary: Secure copy does not work if done to startup config.
Symptom: Secure copy to startup configuration on FCX fails, although secure copy to running configuration
works.
Probability: Medium
Feature: FCX Management Functionality
Function: CLI and parser
Reported In Release: FI 07.2.02
Service Request ID: 585183
Defect ID: DEFECT000351027
Technical Severity: Medium
Summary: FCX HPOE products with Advanced License are incorrectly displayed as POE.
Symptom: The output of “show version” displays FCX648 and FCX624 HPOE products with Advanced
License as “FCX648S-POE-PREM” and “FCX624S-POE-PREM” respectively.
Probability: High
Feature: FCX Management Functionality
Function: CLI and parser
Reported In Release: FI 07.2.02
Defect ID: DEFECT000363357
Technical Severity: High
Summary: SXR07300q053 STBY MP continuously reloads after downgrade to SXR07202d
Symptom: STBY module resets after downgrade
Probability:
High
Feature: FI Platform Specific features
Function: Management module redundancy
Reported In Release: FI 07.3.00

IronWare Software Release R07.3.00p

Page 111 of 113

Defect ID: DEFECT000365719
Technical Severity: Medium
Summary: dynamic-vlan-discovery is enabled by default
Symptom: A customer noted strange traffic similar to udld in ether type and destination mac
0x885a and 00:e0:52:00:00:00
Workaround: 'no dynamic-vlan-discovery' will disable the feature
Probability: High
Feature: L2
Function: Dynamic VLAN Discovery
Reported In Release: FI 07.2.02
Service Request ID: 643357
Defect ID: DEFECT000369317
Technical Severity: Medium
Summary: Connectivity problem along with ARP error messages that are displayed on the console
Symptom: Keep getting "pp_find_arp_entry failed to create ARP" entry on the console while connectivity to
the Internet is lost.
Probability: High
Feature: FCX Layer 3 Forwarding - IPV4
Function: ARP
Reported In Release: FI 07.2.02
Service Request ID: 671567

Open defects in Release 07.3.00
This section lists defects with High or Medium Technical Severity as of December 9, 2011. The presence of a
defect in this list can be prompted by several different circumstances. For example, some defects may have
been initially reported against an earlier release in the field. Brocade’s standard process in such cases is to
open defects against the current release that might experience the same issues, and close them only when a
fix is implemented, or if it is determined that the problem does not exist with the current release.
In other cases, a fix has been developed but has not been implemented in this release because it requires
particularly extensive code changes or regression testing to ensure that the fix does not create new problems.
Such fixes will appear in future releases.
None of these defects have the requisite combination of probability and severity to cause significant concern
to Brocade customers.
Note that when a workaround to an issue is available, it is provided; otherwise, no recommended workaround
is available at this time.
Defect ID: DEFECT000379038
Technical Severity: Critical
Summary: High CPU condition when there are none POE devices connect to POE enabled ports
Symptom: High CPU condition when there are none POE devices connect to POE enabled ports
Workaround: disable legacy POE detection, by configure the following at the global configuration
no legacy -inline-power 
Probability: High
Feature: Power over Ethernet
Function: Power over Ethernet
Reported In Release: FI 07.3.00
Service Request ID: 680137
Defect ID: DEFECT000344548
Technical Severity: Medium
Summary: Unexpected Flow Control behavior when negotiation is enabled on one end and flow control is
disabled on the other
Symptom: Flow control operational state on the interface is displayed as being enabled when it should
be disabled.
Workaround: Disable and re-enable one of the ports or disconnect and reconnect the UTP cable
Feature: FCX Layer1 features
Function: Auto Negotiation
Probability: Low
Found in Release: FI 07.2.02
Service Request ID: 544899

IronWare Software Release R07.3.00p

Page 112 of 113

Defect ID: DEFECT000368913

Technical Severity: Medium

Summary:

Memory tracking debug command may not work for all cases

Symptom:

Some memory leak conditions may not be detected using the “dm mem-leak” tool.

Feature: FCX L2 Forwarding

Function: UNDETERMINED

Probability: Medium
Found in Release: FI 07.2.02

Service Request ID:

Defect ID: DEFECT000365688
Technical Severity:
High
Summary: On ICX, if copper GBIC is used in the 10G port, sometimes the link may not come up after reboot
Symptom: If copper GBIC is used in the 10G port, sometimes the link may not come up after reboot
Probability: Medium
Feature: ICX Layer1 features
Function: Optics
Reported In Release: FI 07.3.00
Defect ID: DEFECT000337878
Technical Severity: Medium
Summary: Unable to create a VLAN using vlan-group using SSH if aaa accounting is configured.
Symptom: When creating a vlan-group only the first VLAN was created.
Feature: TI L2 Protocol
Function: VLAN GROUP
Service Request ID: 267889
Reported In Release: FI TI 04.2.00
Probability: Medium

IronWare Software Release R07.3.00p

Page 113 of 113
Source Exif Data: 
File Type                       : PDF
File Type Extension             : pdf
MIME Type                       : application/pdf
PDF Version                     : 1.5
Linearized                      : No
Language                        : en-US
Tagged PDF                      : Yes
XMP Toolkit                     : Adobe XMP Core 5.2-c001 63.139439, 2010/09/27-13:37:26
Format                          : application/pdf
Creator                         : Brocade Communications, Inc
Title                           : FastIron 07300p Release Notes, v1
Create Date                     : 2015:07:20 15:48:02+05:30
Creator Tool                    : Microsoft® Word 2013
Modify Date                     : 2015:07:20 20:44:14+05:30
Metadata Date                   : 2015:07:20 20:44:14+05:30
Producer                        : Microsoft® Word 2013
Document ID                     : uuid:28b9ede6-cbbd-42bc-9b30-a874de7c19f4
Instance ID                     : uuid:757aacaa-7373-4718-ac5f-4fd754b53c61
Page Count                      : 113
Author                          : Brocade Communications, Inc
Warning                         : [Minor] Ignored duplicate Info dictionary
EXIF Metadata provided by EXIF.tools

Navigation menu