Ruckus FastIron 07300p Release Notes, V1 Fast Iron 07.3.00p Notes

FastIron 07.3.00p Release Notes FastIron_07300p_ReleaseNotes_v1

2017-07-11

User Manual: Ruckus FastIron 07.3.00p Release Notes

Open the PDF directly: View PDF PDF.
Page Count: 113 [warning: Documents this large are best viewed by clicking the View PDF Link!]

IronWare Software Release 07.3.00p
for Brocade FSX Switches
Release Notes v1.0
July 20, 2015
Document History
Document Title
Summary of Changes
Publication Date
IronWare Software Release
R07.3.00p for Brocade FSX Switches
Release Notes v1.0
Initial release
July 2015
IronWare Software Release R07.3.00p Page 2 of 113
© 2015, Brocade Communications Systems, Inc. All Rights Reserved.
ADX, Brocade, Brocade Assurance, the B-wing symbol, DCX, Fabric OS, HyperEdge, ICX, MLX, MyBrocade,
OpenScript, The Effortless Network, VCS, VDX, Vplane, and Vyatta are registered trademarks, and Fabric Vision
and vADX are trademarks of Brocade Communications Systems, Inc., in the United States and/or in other
countries. Other brands, products, or service names mentioned may be trademarks of others.
Notice: This document is for informational purposes only and does not set forth any warranty, expressed or
implied, concerning any equipment, equipment feature, or service offered or to be offered by Brocade. Brocade
reserves the right to make changes to this document at any time, without notice, and assumes no
responsibility for its use. This informational document describes features that may not be currently available.
Contact a Brocade sales office for information on feature and product availability. Export of technical data
contained in this document may require an export license from the United States government.
The authors and Brocade Communications Systems, Inc. assume no liability or responsibility to any person or
entity with respect to the accuracy of this document or any loss, cost, liability, or damages arising from the
information contained herein or the computer programs that accompany it.
The product described by this document may contain open source software covered by the GNU General Public
License or other open source license agreements. To find out which open source software is included in
Brocade products, view the licensing terms applicable to the open source software, and obtain a copy of the
programming source code, please visit http://www.brocade.com/support/oscd.
IronWare Software Release R07.3.00p Page 3 of 113
Contents
Supported Devices ....................................................................................................... 7
Manageability ................................................................................................................ 7
Summary of enhancements ...................................................................................... 7
Summary of enhancements in IronWare release R07.3.00p ............................................................. 7
38BHardware enhancements .................................................................................................................................................................. 7
Software enhancements .................................................................................................................................................................... 7
Summary of enhancements in IronWare release R07.3.00n ............................................................. 7
38BHardware enhancements .................................................................................................................................................................. 7
Software enhancements .................................................................................................................................................................... 7
Summary of enhancements in IronWare release R07.3.00m ........................................................... 7
38BHardware enhancements .................................................................................................................................................................. 7
Software enhancements .................................................................................................................................................................... 7
Summary of enhancements in IronWare release R07.3.00k ............................................................. 7
38BHardware enhancements .................................................................................................................................................................. 7
Software enhancements .................................................................................................................................................................... 7
Summary of enhancements in IronWare release R07.3.00j .............................................................. 8
38BHardware enhancements .................................................................................................................................................................. 8
Software enhancements .................................................................................................................................................................... 8
Summary of enhancements in IronWare release R07.3.00h ............................................................. 8
38BHardware enhancements .................................................................................................................................................................. 8
Software enhancements .................................................................................................................................................................... 8
Summary of enhancements in IronWare release R07.3.00g1 .......................................................... 8
38BHardware enhancements .................................................................................................................................................................. 8
Software enhancements .................................................................................................................................................................... 8
Summary of enhancements in IronWare release R07.3.00g ............................................................. 9
38BHardware enhancements .................................................................................................................................................................. 9
Software enhancements .................................................................................................................................................................... 9
IronWare Software Release R07.3.00p Page 4 of 113
Summary of enhancements in IronWare release R07.3.00f ........................................................... 10
38BHardware enhancements ................................................................................................................................................................ 10
Software enhancements .................................................................................................................................................................. 10
Summary of enhancements in IronWare release R07.3.00e .......................................................... 11
38BHardware enhancements ................................................................................................................................................................ 11
Summary of enhancements in IronWare release R07.3.00d .......................................................... 11
38BHardware enhancements ................................................................................................................................................................ 11
39BSoftware enhancements .................................................................................................................................................................. 11
Summary of enhancements in IronWare release R07.3.00c .......................................................... 12
Summary of enhancements in IronWare release R07.3.00b .......................................................... 12
Summary of enhancements in IronWare release R07.3.00a .......................................................... 12
Summary of enhancements in IronWare release R07.3.00 ............................................................ 12
40BNew hardware ..................................................................................................................................................................................... 12
Summary of enhancements in FCX R07.3.00 ......................................................................................................................... 13
42BSummary of enhancements in FSX R07.3.00 .......................................................................................................................... 17
43Summary of enhancements in FWS R07.3.00 ........................................................................................................................ 19
44BSummary of enhancements in TurboIron 24X R07.3.00 .................................................................................................. 19
45BDeprecated commands .................................................................................................................................................................... 20
Configuration Notes and feature limitations .................................................... 20
FastIron 07.3.00j ............................................................................................................................................ 20
General ............................................................................................................................................................... 20
Documentation updates ........................................................................................... 22
Supported FSX modules ........................................................................................... 22
Feature support .......................................................................................................... 22
Feature support for FCX, FESX6, ICX 6610, SX, and FWS .................................................................. 22
58BSupported management features ................................................................................................................................................ 22
59BSupported security features .......................................................................................................................................................... 25
60BSupported system-level features ................................................................................................................................................. 27
IronWare Software Release R07.3.00p Page 5 of 113
61BSupported Layer 2 features ........................................................................................................................................................... 30
Supported base Layer 3 features ................................................................................................................................................. 33
63BSupported edge Layer 3 features ................................................................................................................................................ 34
64BSupported full Layer 3 features.................................................................................................................................................... 34
65BSupported IPv6 management features ..................................................................................................................................... 36
66BUnsupported features ....................................................................................................................................................................... 37
TurboIron 24X Feature Support ............................................................................................................... 38
67BSupported Management Features ............................................................................................................................................... 38
68BSupported IPv6 Management Features .................................................................................................................................... 39
69BSupported Security Features ......................................................................................................................................................... 39
70BSupported System-Level Features .............................................................................................................................................. 41
Supported Layer 2 Features .......................................................................................................................................................... 43
72BSupported Layer 3 Features .......................................................................................................................................................... 45
Software image file .................................................................................................... 46
Boot and flash images for Ironware release 07.3.00p ...................................................................... 46
PoE Firmware files ......................................................................................................................................... 46
Upgrading software ................................................................................................... 46
Important notes about upgrading or downgrading the software ............................................................ 47
Standard upgrade procedure..................................................................................................................... 47
Upgrading the boot code ................................................................................................................................................................. 47
Upgrading the flash code ................................................................................................................................................................. 48
Confirming software versions (IronStack devices) ........................................................................... 48
Upgrading software images on TurboIron devices ........................................ 50
Upgrading the boot code ............................................................................................................................. 50
Upgrading the flash image .......................................................................................................................... 51
Technical support ...................................................................................................... 51
Getting help or reporting errors ........................................................................... 51
E-mail and telephone access ...................................................................................................................... 51
IronWare Software Release R07.3.00p Page 6 of 113
Additional resources ................................................................................................. 51
Closed Defects in IronWare Software Release 07.3.00p ............................... 52
Closed Defects in IronWare Software Release 07.3.00n ............................... 53
Closed Defects in IronWare Software Release 07.3.00m .............................. 53
Closed Defects in IronWare Software Release 07.3.00k ............................... 53
Closed Defects in IronWare Software Release 07.3.00j ................................ 56
Closed Defects in IronWare Software Release 07.3.00h ............................... 57
Closed Defects in IronWare Software Release 07.3.00g1 ............................. 61
Closed Defects in IronWare Software Release 07.3.00g ............................... 61
Closed Defects in IronWare Software Release 07.3.00f ................................ 68
Closed Defects in IronWare Software Release 07.3.00e ............................... 72
Closed Defects in IronWare Software Release 07.3.00d ............................... 76
Closed Defects in IronWare Software Release 07.3.00c ................................ 84
Closed Defects in IronWare Software Release 07.3.00b ............................... 95
Closed Defects in IronWare Software Release 07.3.00a ............................... 96
35BCustomer reported defects closed with code in Release 07.3.00a ............................................................................... 96
Closed Defects in IronWare Software Release 07.3.00 ............................... 100
36BCustomer reported defects closed with code in Release 07.3.00 ............................................................................... 100
37BCustomer reported defects closed without code in Release 07.3.00 ........................................................................ 111
Open defects in Release 07.3.00 ......................................................................... 112
IronWare Software Release R07.3.00p Page 7 of 113
Supported Devices
The 07.3.00p software release applies only to the following Brocade products:
- FastIron X Series:
o FastIron Edge Switch X Series, (IPv6 models) (FESX6)
o FastIron SX 800 and 1600 (FSX 800 and FSX 1600)
Manageability
This 07.3.00p software releases are supported by Brocade Network Advisor 11.2. Any earlier versions of
Network Advisor, as well as any version of IronView Network Manager (INM) are not compatible with this
release or its supported hardware platforms (see Supported Devices). Network Advisor 11.2 is generally
available for download on my.brocade.com. It is strongly recommended that customers upgrade to Network
Advisor 11.2, as part of their upgrade to this 07.3.00 software release.
Summary of enhancements
Summary of enhancements in IronWare release R07.3.00p
38BHardware enhancements
There are no enhancements in software release 07.3.00p.
Software enhancements
Support added to send RSTP agreement on Alternate port which has received a Proposal, provided port is
operating on Point-to-point mode. This feature is supported only on FSX devices.
Please refer to the FastIron Documentation Family Documentation Update Guide for Release 07.3.00p.
Summary of enhancements in IronWare release R07.3.00n
38BHardware enhancements
There are no enhancements in software release 07.3.00n.
Software enhancements
Software release 07.3.00n includes defect fixes. There are no enhancements in software release 07.3.00n.
Summary of enhancements in IronWare release R07.3.00m
38BHardware enhancements
There are no enhancements in software release 07.3.00m.
Software enhancements
Software release 07.3.00m includes defect fixes. There are no enhancements in software release 07.3.00m.
Summary of enhancements in IronWare release R07.3.00k
38BHardware enhancements
There are no enhancements in software release 07.3.00k.
Software enhancements
Software release 07.3.00k includes defect fixes. There are no enhancements in software release 07.3.00k.
IronWare Software Release R07.3.00p Page 8 of 113
Summary of enhancements in IronWare release R07.3.00j
38BHardware enhancements
There are no enhancements in software release 07.3.00j.
Software enhancements
Software release 07.3.00j includes defect fixes. There are no enhancements in software release 07.3.00j.
Summary of enhancements in IronWare release R07.3.00h
38BHardware enhancements
There are no enhancements in software release 07.3.00h.
Software enhancements
Software release 07.3.00h includes defect fixes. There are no enhancements in software release 07.3.00h.
Summary of enhancements in IronWare release R07.3.00g1
38BHardware enhancements
There are no enhancements in software release 07.3.00g1.
Software enhancements
Software release 07.3.00g1 includes defect fixes for FCX and ICX 6610 platforms. If SCP is used for
downloading boot images on FCX or ICX 6610, it is recommended to use 07.3.00g1 release instead of
07.3.00g. There are no enhancements in software release 07.3.00g1.
IronWare Software Release R07.3.00p Page 9 of 113
Summary of enhancements in IronWare release R07.3.00g
38BHardware enhancements
There are no enhancements in software release 07.3.00g.
Software enhancements
This release adds support for the following:
Feature
Applicable devices
For more
information...
PHY calibration in stack
ports of ICX 6610
Brocade ICX 6610
Brocade FastIron
Family
Documentation
Updates 07.3.00x
Stack port resiliency in
ICX 6610 devices
Brocade ICX 6610
Brocade FastIron
Family
Documentation
Updates 07.3.00x
Designated Guard
Ensures that a port does not
change to designated
forwarding state in standard
STP 802.1d.
Brocade FCX
Brocade ICX 6610
Brocade ICX 6430
ICX 6450
Brocade FastIron
Family
Documentation
Updates 07.3.00x
Packet InError
Detection
Identifies links that receive
more number of bad frames
than configured
threshold and disables them to
avoid instability in the network.
Brocade FCX
ICX 6610
ICX 6430
ICX 6450
Brocade FastIron
Family
Documentation
Updates 07.3.00x
System Monitoring
FSX 800
FSX1600
Brocade FastIron
Family
Documentation
Updates 07.3.00x
IronWare Software Release R07.3.00p Page 10 of 113
Summary of enhancements in IronWare release R07.3.00f
38BHardware enhancements
There are no enhancements in software release 07.3.00f.
Software enhancements
This release adds support for the following:8B
Feature
Applicable devices
For more
information...
SCP bootrom firmware
enhancement
Brocade FSX
Brocade ICX 6610
Brocade FCX
Brocade FESX-v6
Brocade FastIron
Family
Documentation
Updates,
07.3.00x.
SCP PoE firmware
enhancement
Brocade FSX
Brocade ICX 6610
Brocade FCX
Brocade FESX-v6
Brocade FastIron
Family
Documentation
Updates,
07.3.00x.
MIB enhancement
Brocade FastIron SX
Brocade FESX6 v6
Brocade FCX
Brocade FastIron
Family
Documentation
Updates,
07.3.00x.
CLI enhancement for
GRE tunnel
Brocade FastIron SX
Brocade FESX6 v6
Brocade FCX
Brocade FastIron
Family
Documentation
Updates,
07.3.00x.
SNMP traps for GRE
tunnel interfaces
Brocade FastIron SX
Brocade FESX6 v6
Brocade FCX
Brocade FastIron
Family
Documentation
Updates,
07.3.00x.
IronWare Software Release R07.3.00p Page 11 of 113
Summary of enhancements in IronWare release R07.3.00e
38BHardware enhancements
This release adds support for the following:8B
Feature
Applicable devices
For more
information...
2-port 10G SFP+
Uplink module
Brocade FCX 624S
Brocade FCX 648S
Brocade FCX 624S-F
Brocade FCX 624S-HPOE
Brocade FCX 648S-HPOE
Brocade FastIron
Family
Documentation
Updates,
07.3.00x.
DC power supply
ICX 6610
Brocade FastIron
Family
Documentation
Updates,
07.3.00x.
Summary of enhancements in IronWare release R07.3.00d
38BHardware enhancements
This release adds support for the following:
40 Gigabit Ethernet (40GBASE-SR4) QSFP optic modules
39BSoftware enhancements
Feature
Description
Applicable devices
For more
information...
NTPv4
Network Time Protocol version 4 (NTPv4)
feature synchronizes the local system
clock in the router with the UTC.
FCX devices
(This feature is
only available on
router code. It is
not available on
switch code.)
Brocade FastIron
Family
Documentation
Updates,
07.3.00x.
IronWare Software Release R07.3.00p Page 12 of 113
Feature
Description
Applicable devices
For more
information...
LLDP
processing
over 802.1x
blocked ports
This feature adds support for reception
and transmission of LLDP packets over
an 802.1x blocked port.
FCX
ICX 6610
Brocade FastIron
Family
Documentation
Updates,
07.3.00x.
Long distance
stacking
The long distance stacking feature
enables stacking of ICX 6610 switches
over a distributed network environment.
ICX 6610
Brocade FastIron
Family
Documentation
Updates,
07.3.00x.
Summary of enhancements in IronWare release R07.3.00c
This release adds support for DHCPv6 relay agent to devices that support IPv6.With DHCPv6 relay agent, you
can have interfaces on a device access services from a DHCP Server that doesn’t belong to the same network
segment. You can configure up to 16 DHCPv6 relay agents on an interface.
Summary of enhancements in IronWare release R07.3.00b
There are no enhancements in software release R07.3.00b.
Summary of enhancements in IronWare release R07.3.00a
There are no enhancements in software release R07.3.00a.
Summary of enhancements in IronWare release R07.3.00
This section describes the enhancements in software release R07.3.00.
40BNew hardware
This release introduces the new ICX 6610 Series of stackable switches.
This release also introduces the following new FastIron SX interface modules:
24-port Gigabit Ethernet copper interface module
24-port Gigabit Ethernet fiber interface module
2-port 10-Gigabit Ethernet interface module
8-port 10-Gigabit Ethernet interface module4
IronWare Software Release R07.3.00p Page 13 of 113
Summary of enhancements in FCX R07.3.00
Table 1 lists the enhancements in software release 07.3.00 for FCX and ICX 6610 devices.
Table 1 Enhancements in FCX R07.3.00
Feature
Description
See the FastIron Configuration
Guide, section entitled...
DHCPv6 Relay Agent
Support for DHCPv6 relay agent on IPv6
interfaces enable DHCP functionality of
devices that don’t share the same network
segment as the DHCP Server.
For more information, refer to
the 07.3.00c Release Notes.
802.1X guest VLAN per port
You can configure 802.1X guest VLAN on
each port individually.
“Specifying the authentication-
failure action”
DHCP Option 66
You can configure the DHCP TFTP server
option by specifying the TFTP server name.
“Configure the TFTP server”
IPv4 Egress ACL support
Access Control Lists (ACLs) for filtering
outbound traffic.
Chapter “Configuring Rule-Based
IP Access Control Lists (ACLs)”
Chapter “Configuring IPv6
Access Control Lists (ACLs)”
GRE support (FCX ONLY)
IPv4 point-to-point GRE tunnels are now
supported. Hitless management for IPv6-over-
IPv4 tunnels is supported for GRE tunnels.
Hitless management for IPv6-over-IPv4
tunnels is not supported for IP tunnels.
“IPv4 point-to-point GRE
tunnels”
IPSec for OSPFv3
IPSec can be applied to an interface, area, or
virtual link that is using OSPFv3, to provide
security.
“IPsec for OSPFv3”
“Configuring IPsec for
OSPFv3”
IPv4 & IPv6 Ingress ACL
support
Access Control Lists (ACLs) can now be used
to filter both IPv4 and IPv6 traffic on FCX and
ICX 6610 devices.
Chapter “Configuring Rule-Based
IP Access Control Lists (ACLs)”
Chapter “Configuring IPv6
Access Control Lists (ACLs)”
IronWare Software Release R07.3.00p Page 14 of 113
Feature
Description
See the FastIron Configuration
Guide, section entitled...
IPv6 routing enhancements
This release adds IPv6 routing
enhancements:
Router advertisement and solicitation
IPv6 static routes
IPv6 over IPv4 tunnels
ECMP load sharing
IPv6 ICMP
IPv6 routing protocols
ICMP redirect messages
IPv6 neighbor discovery
IPv6 Layer 3 forwarding
IPv6 redistribution
IPv6 MTU
Static neighbor entries
Hop limit for IPv6 packets
Clear IPv6 global information
FCX devices also allow you to configure how
TCAM space is used to store routing
information and GRE tunnel information.
The following are NOT supported:
OSPFv6
RIPng
BGPv4+
PIMv6
“Configuring IPv6 on
FastIron X, FCX, and ICX
6610 Series Switches”
chapter
“Configuring TCAM space on
FCX and ICX 6610 devices”
IPv6 source routing security
enhancements
As a security measure, source-routed IPv6
traffic is deprecated.
“IPv6 source routing security
enhancements”
IPv6 Support for VRRP and
VRRPE
IPv6 VRRP version 3 (v3) and IPv6 VRRP-E
(v3) is now supported on devices with IPv6
routing support. You can configure a VRRP or
a VRRPE instance on an IPv6 interface under
the IPv6 VRRP or VRRPE router mode.
“Configuring VRRP and VRRPE”
chapter
Multi-range VLANs
The multi-range VLAN feature allows you to
use a single command to create and
configure multiple VLANs.
“Multi-range VLAN”
IronWare Software Release R07.3.00p Page 15 of 113
Feature
Description
See the FastIron Configuration
Guide, section entitled...
New SNMP MIBs
SNMP MIB support has been added for the
following features:
802.1x authentication
Support for MIBs in RFC 2932, RFC 2933
and RFC 2934
Power Over Ethernet MIB with the
following table:
snAgentPoeUnitTable (stacking
systems)
IronWare MIB Reference Guide
Ports on Demand
Licensing for Ports on Demand (POD) is
introduced on the ICX 6610 devices. By
default, the ICX 6610 device has eight active
1 Gb uplink ports. To upgrade the ICX 6610
10 Gb ports from 1 Gb to 10 Gb port speed,
use the ICX6610-10G-LIC-POD license. To
increase the uplink capacity of four ports from
1 Gb to 10 Gb port speed, purchase a single
ICX 661010G-LIC-POD license. To increase
the uplink capacity of all eight ports from 1
Gb to 10 Gb port speed, purchase a second
ICX 6610-10G-LIC-POD license.
“Licensed features and part
numbers”
“Licensing for Ports on Demand
for ICX 6610 devices”
SNTP Server Support
SNTP server support allows you to enable
SNTP server and serve SNTP clients
“Configuring the device as an
SNTP server”
SNTP Broadcast Support
SNTP broadcast support allows you to enable
an SNTP client to function in a broadcast
mode when the NTP server is within the same
LAN and the expected delay in response to
calibrate the system clock is minimal.
“Specifying a Simple Network
Time Protocol (SNTP) server”
SNTP MD5 Authentication
To configure an authentication key for
communication with the SNTP server, use the
authentication-key option. You can also
configure the device to function as an SNTP
server to its downstream clients.
“Specifying a Simple
Network Time Protocol
(SNTP) server”
“Configuring the device as
an SNTP server”
SNTP Show Association
The show sntp associations details command
displays detailed information about SNTP
associations.
“Specifying a Simple Network
Time Protocol (SNTP) server”
IronWare Software Release R07.3.00p Page 16 of 113
Feature
Description
See the FastIron Configuration
Guide, section entitled...
Software-based Licensing
Software-based licensing is introduced on ICX
6610 devices. The ICX 6610 Premium
license, Advance license, and Upgrade
license (from Premium to Advance license)
are introduced to support routing
functionality. New features are also added to
the FCX Advance license. The behavior for
running software-based licensing in a stack
with different licenses (Premium, Advance, or
Upgrade licenses) is the same for FCX and ICX
6610 devices. Commands for adding,
deleting, or displaying a license are also
introduced for FCX and ICX 6610 devices
only.
“Non-licensed features”
“Licensed features and part
numbers”
“FCX and ICX 6610 devices”
“Using TFTP to copy a license file
on FCX and ICX devices”
“Deleting a license on FCX and
ICX devices”
“Viewing information about
software licenses”
SSHv2 Client
SSHv2 client allows you to connect to SSHv2
servers while logged onto the device.
“Configuring and using SSH2
client”
SSHv2 Server RSA 2048 key
authentication
SSHv2 server supports authentication using
RSA keys of up to 2048 bits in length.
“Configuring SSH2 and SCP”
chapter
VRRP-E MD5 authentication
VRRP-E supports MD5 for authentication of
VRRP-E traffic.
“Configuring VRRP and VRRPE”
chapter
IronWare Software Release R07.3.00p Page 17 of 113
42BSummary of enhancements in FSX R07.3.00
Table 2 lists the enhancements in software release 07.3.00 for FESX6 and SX devices.
Table 2 Enhancements in FSX R07.3.00
Feature
Description
See the FastIron Configuration
Guide, section entitled...
New hardware
This release introduces the following new
FastIron SX third generation interface
modules:
SX-FI-24GPP - 24-port Gigabit
Ethernet copper third generation
interface module
SX-FI-24HF - 24-port Gigabit Ethernet
100/1000 Mbps SFP fiber third
generation interface module
SX-FI-2XG - 2-port 10-Gigabit
Ethernet SFP+ third generation
interface module
SX-FI-8XG - 8-port 10-Gigabit
Ethernet SFP+ third generation
interface module
802.1X guest VLAN per port
You can configure 802.1X guest VLAN on
each port individually.
“Specifying the authentication-
failure action”
DHCP Option 66
You can configure the DHCP TFTP server
option by specifying the TFTP server name.
“Configure the TFTP server”
IPv4 Egress ACL support
(USupported only on SX 800
and SX 1600 new 1Gb and
10Gb modulesU)
Access Control Lists (ACLs) for filtering
outbound traffic.
Chapter “Configuring Rule-Based
IP Access Control Lists (ACLs)”
Chapter “Configuring IPv6
Access Control Lists (ACLs)”
IPSec for OSPFv3
IPSec can be applied to an interface, area, or
virtual link that is using OSPFv3, to provide
security.
“IPsec for OSPFv3”
“Configuring IPsec for
OSPFv3”
IPv6 source routing security
enhancements
As a security measure, source-routed IPv6
traffic is deprecated.
“IPv6 source routing security
enhancements”
IPv6 Support for VRRP and
VRRPE
IPv6 VRRP version 3 (v3) and IPv6 VRRP-E
(v3) is now supported on devices with IPv6
routing support. You can configure a VRRP or
a VRRPE instance on an IPv6 interface under
the IPv6 VRRP or VRRPE router mode.
“Configuring VRRP and VRRPE”
chapter
Multi-range VLANs
The multi-range VLAN feature allows you to
use a single command to create and
configure multiple VLANs.
“Multi-range VLAN”
IronWare Software Release R07.3.00p Page 18 of 113
Feature
Description
See the FastIron Configuration
Guide, section entitled...
New SNMP MIBs
SNMP MIB support has been added for
the following features:
802.1x authentication
Support for MIBs in RFC 2932, RFC 2933
and RFC 2934
Power Over Ethernet MIB with the
following table:
snAgentPoeUnitTable (stacking systems)
IronWare MIB Reference Guide
SNTP Server Support
SNTP server support allows you to enable
SNTP server and serve SNTP clients
“Configuring the device as an
SNTP server”
SNTP Broadcast Support
SNTP broadcast support allows you to enable
an SNTP client to function in a broadcast
mode when the NTP server is within the same
LAN and the expected delay in response to
calibrate the system clock is minimal.
“Specifying a Simple Network
Time Protocol (SNTP) server”
SNTP MD5 Authentication
To configure an authentication key for
communication with the SNTP server, use the
authentication-key option. You can also
configure the device to function as an SNTP
server to its downstream clients.
“Specifying a Simple
Network Time Protocol
(SNTP) server”
“Configuring the device as
an SNTP server”
SNTP Show Association
The show sntp associations details command
displays detailed information about SNTP
associations.
“Specifying a Simple Network
Time Protocol (SNTP) server”
SSHv2 Client
SSHv2 client allows you to connect to SSHv2
servers while logged onto the device.
“Configuring and using SSH2
client”
SSHv2 Server RSA 2048 key
authentication
SSHv2 server supports authentication using
RSA keys of up to 2048 bits in length.
“Configuring SSH2 and SCP”
chapter
VRRP-E MD5 authentication
VRRP-E supports MD5 for authentication of
VRRP-E traffic.
“Configuring VRRP and VRRPE”
chapter
IronWare Software Release R07.3.00p Page 19 of 113
43Summary of enhancements in FWS R07.3.00
Table 3 lists the enhancements in software release 07.3.00 for FWS devices.
Table 3 Enhancements in FWS R07.3.00
Feature
Description
See the FastIron Configuration
Guide, section entitled...
Multi-range VLANs
The multi-range VLAN feature allows you to
use a single command to create and
configure multiple VLANs.
“Multi-range VLAN”
New SNMP MIBs
SNMP MIB support has been added for the
following features:
802.1x authentication
Support for MIBs in RFC 2932, RFC 2933
and RFC 2934
Power Over Ethernet MIB with the
following table:
snAgentPoeUnitTable (stacking systems)
IronWare MIB Reference Guide
44BSummary of enhancements in TurboIron 24X R07.3.00
Feature
Description
See the TurboIron 24X
Configuration Guide, section
entitled...
AES in SNMP v3
TurboIron supports AES Encryption for
SNMP v3
Chapter 48: Securing SNMP
Access
Defining an SNMP group
Symmetric Flow Control
In addition to asymmetric flow control,
TurboIron devices support symmetric flow
control, meaning they can both receive and
transmit 802.3x PAUSE frames.
Chapter 3: Configuring Basic
Software Features
Inter-domain Multicast
Support for the validation of inter-domain
multicasting
BGP
Chapter 20: Configuring IP
Multicast Protocols
Multicast Source Discovery
Protocol (MSDP)
IronWare Software Release R07.3.00p Page 20 of 113
Feature
Description
See the TurboIron 24X
Configuration Guide, section
entitled...
New SNMP MIBs
TurboIron now supports the Unified IP MIB.
SNMP MIB support has been added for the
following features:
802.1x authentication
Support for MIBs in RFC 2932, RFC
2933 and RFC 2934
Power Over Ethernet MIB with the
following table:
snAgentPoeUnitTable (stacking
systems)
Unified IP MIB Reference Guide
45BDeprecated commands
The CLI command flash is deprecated. You cannot change the default block size for TFTP file transfers.
Configuration Notes and feature limitations
This section contains configuration notes and describes some feature limitations in this release:
FastIron 07.3.00j
Optical monitoring information
On FSX, the 100-FX optic shows N/A values in the output of the show optic command after a reboot or
switchover. Workaround is to run the show media, show media slot x, or the show optic slot x and then run the
show optic x. This will help to display the Optical Monitoring information.
IPv6 neighbor discovery
On an FGS Device, duplicated IPv6 neighbor discovery (ND) packets are sent out every two seconds if a port is
added and removed as "uplink-switch" within a VLAN.
General
Additional notes on trunk group rules
The following additional considerations apply to forming trunk groups:
Legacy ports and 48 Gbps copper ports cannot be members of the same trunk group in hardware
configurations such as the following:
48-port 10/100/1000 Mbps (RJ45) Ethernet PoE interface module (SX-FI48GPP) and IPv4/IPv6 interface
modules or management modules with user ports.
Combination of different generations of ports cannot be members of the same trunk group under the following
hardware configurations:
24-port fiber and copper Ethernet PoE/Fiber interfaces (SX-FI24GPP, SX-FI24GF) and IPv4/IPv6 interface
modules or management modules with user ports
IronWare Software Release R07.3.00p Page 21 of 113
2-port 10G and 8-port 10G interfaces (SX-FI8XG, SX-FI2XG) and the IPv4/IPv6 interface modules or
management modules with user ports
SNTP version configuration during upgrade
Starting with release 7.3.00, the default SNTP version is 4. In previous releases, the default SNTP version was
1. When you upgrade to release 7.3.00, the SNTP version gets set automatically to 4, unless a different SNTP
version is specified in the device startup configuration.
ICMP redirect messages
In software release 07.2.02 and later, ICMP redirect messages are disabled by default, whereas in releases
prior to 07.2.02, ICMP redirect messages are enabled by default.
If ICMP redirect messages were enabled prior to upgrading to release 07.2.02 and later, you will need to
re-enable this feature after upgrading to 07.2.02 and later. To do so, enter the ip icmp redirect command
at the global CONFIG level of the CLI.
If ICMP redirect messages were disabled prior to upgrading to release 07.2.02 and later, the configuration
(no ip icmp redirect) will be removed from the configuration file after upgrading to 07.2.02 and later, since
this feature is now disabled by default. In this case, ICMP redirect messages will not be sent and no
further action is required.
Note regarding Telnet and Internet Explorer 7
The Telnet function in Web management does not work with Internet Explorer version 7.0.5730. The system
goes to "telnet://10.43.43.145" page when the user clicks web/general system configuration/ (telnet) in
Internet Explorer version 7.0.5730. This is a known issue for Internet Explorer. To work around this issue, you
must download and install a patch for IE 7. To do so, go to Uhttp://www.lib.ttu.edu.tw/file/IE7_telnet.regU.
Note regarding US-Cert advisory 120541
In order to address the SSL and TLS vulnerability issue discussed in US-Cert advisory 120541, the Web server
re-negotiation feature has been disabled in this release so that SSL re-negotiation requests will not be honored
by the Brocade IP device Web server.
Based on Cert advisory 120541, the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols
are vulnerable to Man-In-The-Middle (MITM) attacks. Vulnerability is in the way SSL and TLS protocols allow re-
negotiation requests, which may allow a MITM to inject arbitrary requests into an application HTTP protocol
stream. This could result in a situation where the MITM may be able to harm the Brocade IP device through
the Web Management interface.
For more information regarding Cert advisory 120541, refer to the following links:
Uhttp://extendedsubset.com/?p=8U
Uhttp://www.links.org/?p=780U
Uhttp://www.links.org/?p=786U
Uhttp://www.links.org/?p=789U
Uhttp://blogs.iss.net/archive/sslmitmiscsrf.htmlU
Uhttp://www.ietf.org/mail-archive/web/tls/current/msg03948.htmlU
Uhttps://bugzilla.redhat.com/show_bug.cgi?id=533125U
Uhttp://lists.gnu.org/archive/html/gnutls-devel/2009-11/msg00014.htmlU
Uhttp://cvs.openssl.org/chngview?cn=18790U
Uhttp://www.links.org/files/no-renegotiation-2.patchU
Uhttp://blog.zoller.lu/2009/11/new-sslv3-tls-vulnerability-mitm.htmlU
Uhttps://svn.resiprocate.org/rep/ietf-drafts/ekr/draft-rescorla-tls-renegotiate.txtU
IronWare Software Release R07.3.00p Page 22 of 113
Uhttp://www.educatedguesswork.org/2009/11/understanding_the_tls_renegoti.htmlU
Documentation updates
Refer to the standalone documentation updates guide for this release.
Supported FSX modules
This release supports the following modules on the FSX 800 and FSX 1600 devices.
First generation modules
Second generation modules
Third generation modules
SX-FI2XGMR4
SX-FI2XGMR6
SX-FI48GPP
SX-FI2XGMR4-PREM
SX-FI2XGMR6-PREM
SX-FI-2XG
SX-FI424C
SX-FI2XGMR6-PREM6
SX-FI-8XG
SX-FI424P
SX-FI624100FX
SX-FI-24HF
SX-FI424F
SX-FI624C
SX-FI-24GPP
SX-FI424HF
SX-FI624HF
SX-FI42XG
SX-FI624P
SX-FI62XG
In addition, the SX-FIZMR, SX-FIZMR-PREM, SX-FIZMR-6-PREM and SX-FIZMR-6-PREM6, which do not have
packet processors, are supported in this release.
Feature support
Feature support for FCX, FESX6, ICX 6610, SX, and FWS
These release notes include a list of supported features in IronWare software for FCX, FESX6, ICX 6610, SX,
and FWS devices supported in this release. For more information about supported features, refer to the
manuals listed in Additional resources.
58BSupported management features
Table 4 lists the supported management features. These features are supported in the Layer 2, base Layer 3,
edge Layer 3, and full Layer 3 software images.
Table 4 Supported management features
Category and description
FESX6
FSX 800
FSX 1600
FWS
FCX
ICX 6610
System Monitoring
Yes
No
No
No
Packet InError Detection
Yes
Yes
Yes
Yes
802.1X accounting
Yes
Yes
Yes
Yes
IronWare Software Release R07.3.00p Page 23 of 113
Category and description
FESX6
FSX 800
FSX 1600
FWS
FCX
ICX 6610
AAA support for console commands
Yes
No
Yes
Yes
Access Control Lists (ACLs) for
controlling management access
Yes
Yes
Yes
Yes
Alias command
Yes
Yes
Yes
Yes
Combined DSCP and internal marking in
one ACL rule
Yes
No
No
No
Single source address for the following
packet types:
Telnet
TFTP
Syslog
SNTP
TACACS/TACACS+
RADIUS
SSH
SNMP
Yes
No
No
No
DHCP client-based auto-configuration
Yes
Yes
Yes
Yes
DHCP server
Yes
Yes
Yes
Yes
Disabling TFTP access
Yes
No
Yes
Yes
Brocade Network Advisor 11.2
Yes
Yes
Yes
Yes
Hitless management:
Hitless switchover
Hitless failover
Hitless OS upgrade
Yes (FSX
800 and
FSX 1600
only)
No
See next
line item
See next
line item
Hitless stacking management:
Hitless stacking switchover
Hitless stacking failover
No
No
Yes
Yes
Hitless support for:
PBR
GRE Tunnels
IPv6 to IPv4 Tunnels
Yes (FSX
800 and
FSX 1600
only)
No
Yes (PBR
and GRE
only)
Yes (PBR
only)
Brocade Network Advisor 11.2
Yes
Yes
Yes
Yes
Remote monitoring (RMON)
Yes
Yes
Yes
Yes
IronWare Software Release R07.3.00p Page 24 of 113
Category and description
FESX6
FSX 800
FSX 1600
FWS
FCX
ICX 6610
Retaining Syslog messages after a soft
reboot
Yes
Yes
Yes
Yes
sFlow support for IPv6 packets
Yes
Yes
Yes
Yes
DHCP Client
Yes
Yes
Yes
Yes
SNTP Server
Yes
Yes
Yes
Yes
SNTP Client (Broadcast & Unicast)
Yes
No
Yes
Yes
NTPv4
No
No
Yes
(Router
code
only)
No
Flexible Port On Demand Licensing
No
No
No
Yes
sFlow version 2
Yes
Yes
Yes
Yes
sFlow version 5 (default)
Yes
Yes
Yes
Yes
Industry-standard Command Line
Interface (CLI), including support for:
Serial and Telnet access
Alias command
On-line help
Command completion
Scroll control
Line editing
Searching and filtering output
Special characters
Yes
Yes
Yes
Yes
Show log on all terminals
Yes
Yes
Yes
Yes
SNMP v1, v2, v3
Yes
Yes
Yes
Yes
SNMP V3 traps
Yes
Yes
Yes
Yes
Specifying the maximum number of
entries allowed in the RMON Control
Table
Yes
No
Yes
Yes
Specifying which IP address will be
included in a DHCP/BOOTP reply packet
Yes
No
Yes
Yes
Traffic counters for outbound traffic
Yes
No
No
No
Web-based GUI
Yes
Yes
Yes
Yes
IronWare Software Release R07.3.00p Page 25 of 113
Category and description
FESX6
FSX 800
FSX 1600
FWS
FCX
ICX 6610
Web-based management HTTPS/SSL
Yes
Yes
Yes
Yes
59BSupported security features
Table 5 lists the supported security features. These features are supported in the Layer 2, base Layer 3, edge
Layer 3, and full Layer 3 software images.
Table 5 Supported security features
Category and description
FESX6
FSX 800
FSX 1600
FWS
FCX
ICX 6610
Designated Guard
Yes
Yes
Yes
Yes
802.1X port security
Yes
Yes
Yes
Yes
802.1X authentication RADIUS timeout
action
Yes
Yes
Yes
Yes
802.1X dynamic assignment for ACL,
MAC filter, and VLAN
Yes
Yes
Yes
Yes
Access Control Lists (ACLs) for filtering
transit traffic
Support for inbound ACLs.
Support Outbound ACLs
(*SX 800 and SX1600 on third
generation modules only)
Yes
Yes *
Yes
No
Yes
Yes
Yes
Yes
Address locking (for MAC addresses)
Yes
Yes
Yes
Yes
AES Encryption for SNMP v3
Yes
Yes
Yes
Yes
AES Encryption for SSH v2
Yes
Yes
Yes
Yes
Authentication, Authorization and
Accounting (AAA):
RADIUS
TACACS/TACACS+
Yes
Yes
Yes
Yes
Denial of Service (DoS) attack
protection:
Smurf (ICMP) attacks
TCP SYN attacks
Yes
Yes
Yes
Yes
DHCP Snooping
Yes
Yes
Yes
Yes
Dynamic ARP Inspection
Yes
Yes
Yes
Yes
IronWare Software Release R07.3.00p Page 26 of 113
Category and description
FESX6
FSX 800
FSX 1600
FWS
FCX
ICX 6610
EAP Pass-through Support
Yes
Yes
Yes
Yes
HTTPS
Yes
Yes
Yes
Yes
IP Source Guard
Yes
Yes
Yes
Yes
Local passwords
Yes
Yes
Yes
Yes
MAC address filter override of 802.1X
Yes
Yes
Yes
Yes
MAC address filtering (filtering on source
and destination MAC addresses)
Yes
Yes
Yes
Yes
Ability to disable MAC learning
Yes
Yes
Yes
Yes
Flow-based MAC address learning
Yes
No
Yes
Yes
MAC port security
Yes
Yes
Yes
Yes
Multi-device port authentication
Yes
Yes
Yes
Yes
Support for Multi-Device Port
Authentication together with:
Dynamic VLAN assignment
Yes
Yes
Yes
Yes
Dynamic ACLs
Yes
Yes
Yes
Yes
802.1X
Yes
Yes
Yes
Yes
Dynamic ARP inspection with
dynamic ACLs
Yes
No
No
No
DHCP snooping with dynamic ACLs
Yes
No
No
No
Denial of Service (DoS) attack
protection
Yes
No
Yes
Yes
Source guard protection
Yes
Yes
Yes
Yes
ACL-per-port-per-VLAN
Yes
Yes
Yes
Yes
Multi-device port authentication
password override
Yes
Yes
Yes
Yes
Multi-device port authentication RADIUS
timeout action
Yes
Yes
Yes
Yes
Secure Copy (SCP)
Yes
Yes
Yes
Yes
Secure Copy (SCP) of Bootrom firmware
Yes
No
Yes
Yes
IronWare Software Release R07.3.00p Page 27 of 113
Category and description
FESX6
FSX 800
FSX 1600
FWS
FCX
ICX 6610
Secure Copy (SCP) of POE firmware
Yes
No
Yes
Yes
Secure Shell (SSH) v2
Yes
Yes
Yes
Yes
Packet filtering on TCP Flags
No
Yes
Yes
Yes
DHCP Relay Agent information (DHCP
Option 82)
Yes
Yes
Yes
Yes
Web Authentication
Yes
Yes
Yes
Yes
60BSupported system-level features
Table 6 lists the supported system-level features. These features are supported in the Layer 2, base Layer 3,
edge Layer 3, and full Layer 3 software images.
Table 6 Supported system-level features
Category and description
FESX6
FSX
FSX 800 FSX
1600
FWS
FCX
ICX 6610
10/100/1000 port speed
Yes
Yes
Yes
Yes
16,000 MAC addresses per switch
(FastIron devices)
Yes
Yes
Yes
Yes
32,000 MAC addresses per switch
Yes
No
Yes
Yes
ACL-based mirroring
Yes
Yes
Yes
Yes
ACL-based fixed rate limiting
Yes
Yes
Yes
Yes
ACL-based adaptive rate limiting
Yes
No
Yes
Yes
ACL filtering based on VLAN
membership or VE port membership
Yes
Yes
Yes
Yes
ACL logging of denied packets (IPv4)
Yes
Yes
Yes
Yes
ACL statistics
Yes
Yes
Yes
Yes
ACLs to filter ARP packets
Yes
Yes
Yes
Yes
Auto MDI/MDIX detection
Yes
Yes
Yes
Yes
Auto-negotiation
Yes
Yes
Yes
Yes
Automatic removal of Dynamic VLAN
for 802.1X ports
Yes
Yes
Yes
Yes
IronWare Software Release R07.3.00p Page 28 of 113
Category and description
FESX6
FSX
FSX 800 FSX
1600
FWS
FCX
ICX 6610
Automatic removal of Dynamic VLAN
for MAC authenticated ports
Yes
No
No
No
Byte-based broadcast, multicast, and
unknown-unicast rate limits
Yes
(Not
supported
on SX-FI8XG,
SX-FI-2XG,
SX-FI-24HF,
SX-FI-24GPP,
SX-FI-48GPP
modules)
No
No
No
Packet-based broadcast, multicast,
and unknown-unicast rate limits
Yes
Yes
Yes
Yes
DiffServ support
Yes
Yes
Yes
Yes
Digital Optical Monitoring
Yes
Yes
Yes
Yes
Displaying interface names in Syslog
messages
Yes
Yes
Yes
Yes
Displaying TCP and UDP port
numbers in Syslog messages
Yes
Yes
Yes
Yes
Dynamic buffer allocation for QoS
priorities
Yes
Yes
Yes
Yes
Flow control:
Responds to flow control
packets, but does not generate
them
Yes
Yes
Yes
Yes
Inbound rate limiting (port-based
fixed rate limiting on inbound ports)
Yes
Yes
Yes
Yes
Foundry Discovery Protocol (FDP) /
Cisco Discovery Protocol (CDP)
Yes
Yes
Yes
Yes
Generic buffer profile
No
Yes
Yes
Yes
Layer 2 hitless switchover and Layer
2 hitless failover
Note: For details about this feature,
refer to the Brocade FastIron X
Series Chassis Hardware Installation
Guide
Yes
(FSX 800
and
FSX 1600
only)
No
No
No
LLDP
Yes
Yes
Yes
Yes
IronWare Software Release R07.3.00p Page 29 of 113
Category and description
FESX6
FSX
FSX 800 FSX
1600
FWS
FCX
ICX 6610
LLDP-MED
Yes
Yes
Yes
Yes
LLDP processing on 802.1x blocked
port
No
No
Yes
Yes
MAC address filter-based mirroring
No
Yes
Yes
Yes
Multi-port static MAC address
Yes
Yes
Yes
Yes
Multiple Syslog server logging (up to
six Syslog servers)
Yes
Yes
Yes
Yes
Outbound rate limiting (port-based
and port- and priority-based rate
limiting on outbound ports)
No
Yes
No
No
Outbound rate shaping
Yes
No
Yes
Yes
Path MTU Discovery
Yes
No
Yes
Yes
Port flap dampening
Yes
Yes
Yes
Yes
Port mirroring and monitoring
(mirroring of both inbound and
outbound traffic on individual ports)
Yes
Yes
Yes
Yes
Power over Ethernet (POE)
Yes
(POE-
enabled
Interface
modules
with POE
power
supply)
Yes
(FWS-POE
and FWS-
G-POE
only)
Yes
(FCX-S-
POE+
only)
Yes
- ICX
6610-
24P and
ICX 6610-
48P
High Power over Ethernet (POE)+
Yes (SX-
FI48GPP and
SX-FI-24GPP
modules
only)
No
Yes
(FCX-S-
POE+
only)
Yes
- ICX
6610-
24P and
ICX 6610-
48P
PoE firmware upgrade via CLI
Yes
No
Yes
Yes
Priority mapping using ACLs
Yes
Yes
Yes
Yes
Protected link groups
Yes
Yes
Yes
Yes
Layer 2 stacking rapid failover and
switchover
No
No
Yes
Yes
Long distance stacking
No
No
No
Yes
IronWare Software Release R07.3.00p Page 30 of 113
Category and description
FESX6
FSX
FSX 800 FSX
1600
FWS
FCX
ICX 6610
Static MAC entries with option to set
traffic priority
Yes
Yes
Yes
Yes
Symmetric flow control
Can transmit and receive 802.1x
PAUSE frames
No
No
Yes
Yes
System time using a Simple Network
Time Protocol (SNTP) server or local
system counter
Yes
Yes
Yes
Yes
User-configurable scheduler profile
No
No
Yes
Yes
User-configurable buffer profile
No
No
Yes
Yes
Virtual Cable Testing (VCT)
technology
Not on third
generation
modules
Yes
Yes
No
61BSupported Layer 2 features
Layer 2 software images include all of the management, security, and system-level features listed in the
previous tables, plus the features listed in Table 7.
Table 7 Supported Layer 2 features
Category and description
FESX6
FSX 800
FSX 1600
FWS
FCX
ICX 6610
802.1D Spanning Tree Support:
Enhanced IronSpan support
includes Fast Port Span, Fast Uplink
Span, and Single-instance Span
Up to 254 spanning tree instances
for VLANs
Yes
Yes
Yes
Yes
802.1p Quality of Service (QoS):
Strict Priority (SP)
Weighted Round Robin (WRR)
Combined SP and WRR
8 priority queues
Yes
Yes
Yes
Yes
802.1s Multiple Spanning Tree
Yes
Yes
Yes
Yes
802.1W Rapid Spanning Tree (RSTP)
Yes
Yes
Yes
Yes
IronWare Software Release R07.3.00p Page 31 of 113
Category and description
FESX6
FSX 800
FSX 1600
FWS
FCX
ICX 6610
802.3ad link aggregation (dynamic trunk
groups)
Yes
Yes
Yes
Yes
ACL-based rate limiting QoS
Yes
Yes
Yes
Yes
BPDU Guard
Yes
Yes
Yes
Yes
Dynamic Host Configuration Protocol
(DHCP) Assist
Yes
Yes
Yes
Yes
IGMP v1/v2 Snooping Global
Yes
Yes
Yes
Yes
IGMP v3 Snooping Global
Yes
(*,G)
Yes
(S,G)
Yes
(S,G)
Yes
(S,G)
IGMP v1/v2/v3 Snooping per VLAN
Yes
Yes
Yes
Yes
IGMP v2/v3 Fast Leave (membership
tracking)
Yes
Yes
Yes
Yes
Interpacket Gap (IPG) adjustment
Yes
Yes
Yes
Yes
IP MTU (individual port setting)
Yes
No
Yes
Yes
Jumbo frames:
Up to 10240 bytes, or
Up to 10232 bytes in an IronStack
Yes
Yes
Yes
Yes
Link Aggregation Control Protocol (LACP)
Yes
Yes
Yes
Yes
Link Fault Signaling (LFS) for 10G
Yes
Yes
Yes
Yes
MAC-Based VLANs, including support for
dynamic MAC-Based VLAN activation
No
Yes
Yes
Yes
Metro Ring Protocol 1 (MRP 1)
Yes
Yes
Yes
Yes
Metro Ring Protocol 2 (MRP 2)
Yes
Yes
Yes
Yes
Extended MRP ring IDs from 1 1023
Yes
No
Yes
Yes
MLD Snooping V1/V2:
MLD V1/V2 snooping (global and
local)
MLD fast leave for V1
MLD tracking and fast leave for V2
Static MLD and IGMP groups with
support for proxy
Yes
Yes
Yes
Yes
Multicast static group traffic filtering (for
snooping scenarios)
No
Yes
Yes
Yes
IronWare Software Release R07.3.00p Page 32 of 113
Category and description
FESX6
FSX 800
FSX 1600
FWS
FCX
ICX 6610
PIM-SM V2 Snooping
Yes
Yes
Yes
Yes
PVST/PVST+ compatibility
Yes
Yes
Yes
Yes
PVRST+ compatibility
Yes
Yes
Yes
Yes
Remote Fault Notification (RFN) for 1 G
fiber
Yes
Yes
Yes
Yes
Root Guard
Yes
Yes
Yes
Yes
Single link LACP
Yes
Yes
Yes
Yes
Super Aggregated VLANs
Yes
Yes
Yes
Yes
Trunk groups:
Trunk threshold for static trunk
groups
Flexible trunk group membership
Option to include Layer 2 in trunk
hash calculation (FGS, FLS, FWS
only)
Yes
Yes
Yes
Yes
Topology groups
Yes
Yes
Yes
Yes
Uni-directional Link Detection (UDLD)
(Link keepalive)
Yes
Yes
Yes
Yes
Uplink Ports within a Port-Based VLAN
Yes
Yes
Yes
Yes
VLAN Support:
4096 maximum VLANs
802.1Q with tagging
802.1ad tagging
Dual-mode VLANs
GVRP
Port-based VLANs
Protocol VLANs (AppleTalk, IPv4,
dynamic IPv6, and IPX
Layer 3 Subnet VLANs (Appletalk, IP
subnet network, and IPX)
VLAN groups
Private VLANs
Multi-range VLANs
Yes
Yes
Yes
Yes
VLAN-based mirroring
No
Yes
Yes
Yes
VoIP Autoconfiguration and CDP
Yes
Yes
Yes
Yes
IronWare Software Release R07.3.00p Page 33 of 113
Category and description
FESX6
FSX 800
FSX 1600
FWS
FCX
ICX 6610
Virtual Switch Redundancy Protocol
(VSRP)
Yes
Yes
Yes
Yes
VSRP-Aware security features
Yes
Yes
Yes
Yes
VSRP and MRP signaling
Yes
Yes
Yes
Yes
VSRP Fast Start
Yes
Yes
Yes
Yes
VSRP timer scaling
Yes
Yes
Yes
Yes
Supported base Layer 3 features
Base Layer 3 software images include all of the management, security, system, and Layer 2 features listed in
the previous tables, plus the features listed in Table 8.
Note: FCX devices will not contain a base Layer 3 image. The features in this table will be supported on the full
Layer 3 image for these devices.
Table 8 Supported base Layer 3 features
Category and description
FESX6
FSX 800
FSX 1600
FWS
FCX
ICX 6610
BootP/DHCP Relay
Yes
Yes
Yes
Yes
Equal Cost Multi Path (ECMP) load
sharing
Yes
Yes
Yes
Yes
IP helper
Yes
Yes
Yes
Yes
RIP V1 and V2 (advertising only)
Yes
Yes
Yes
Yes
Routing for directly connected IP
subnets
Yes
Yes
Yes
Yes
Static IP routing
Yes
Yes
Yes
Yes
Virtual Interfaces (up to 512)
Yes
Yes
Yes
Yes
Virtual Router Redundancy Protocol
(VRRP)
Yes
Yes
Yes
Yes
VRRP timer scaling
Yes
Yes
Yes
Yes
IronWare Software Release R07.3.00p Page 34 of 113
63BSupported edge Layer 3 features
Edge Layer 3 software images include all of the management, security, system, Layer 2, and base Layer 3
features listed in the previous tables, plus the features shown in Table 9.
Note: Edge Layer 3 images are supported in the FastIron (hardware) models listed in Table 9. These features
are also supported with software-based licensing. For details, refer to the chapter “Software-based Licensing”
in the FastIron Configuration Guide.
Table 9 Supported edge Layer 3 features
Category and description
FWS-EPREM
FWSG-EPREM
OSPF V2 (IPv4)
Yes
Full RIP V1 and V2
Yes
Route-only support (Global configuration level only)
Yes
Route redistribution
Yes
1020 routes in hardware maximum
Yes
VRRP-E
Yes
64BSupported full Layer 3 features
Full Layer 3 software images include all of the management, security, system, Layer 2, base Layer 3 and edge
Layer 3 features listed in the previous tables, plus the features listed in Table 10.
Note: Full Layer 3 features are supported in the FastIron (hardware) models listed in Table 10. These features
are also supported with software-based licensing. For details, refer to the chapter “Software-based Licensing”
in the FastIron Configuration Guide.
Table 10 Supported full Layer 3 features
Category and description
FESX-PREM
FSX 800-PREM
FSX 1600-PREM
FCX
ICX 6610
Active host routes
Yes (6,000)
Yes (16,000)
Yes (16,000)
Anycast RP
Yes
No
No
IPv6 BGP/BGP4+
No
No
No
BGP4 graceful restart
Yes (FSX 800
and FSX 1600
only)
Yes (ADV
models in a
stack)
Yes (ADV
models in a
stack)
BGP4
Yes
Yes (ADV
models)
Yes (ADV
models)
IronWare Software Release R07.3.00p Page 35 of 113
Category and description
FESX-PREM
FSX 800-PREM
FSX 1600-PREM
FCX
ICX 6610
Distance Vector Multicast Routing
Protocol (DVMRP) V2 (RFC 1075)
Yes
No
No
Internet Group Management Protocol (IGMP) V1,
V2, and V3 (for multicast routing scenarios)
Yes
Yes
Yes
ICMP Redirect messages
Yes
Yes
Yes
IGMP V3 fast leave (for routing)
Yes
Yes
Yes
IPv4 point-to-point GRE IP tunnels
Yes
(IPv6 devices
only and 3rd gen
modules)
No
No
IPv6 Layer 3 forwarding1
Yes
Yes
Yes
IPv6 over IPv4 tunnels in hardware1
Yes
Yes
Yes
IPv6 Redistribution0F
1
Yes
Yes
Yes
IPv6 Static Routes1
Yes
Yes
Yes
Multiprotocol Source Discovery Protocol (MSDP)
Yes
Yes
Yes
OSPF graceful restart
Yes (FSX 800
and FSX 1600
only)
Yes
Yes
OSPF V2
Yes
Yes
Yes
OSPF V3 (IPv6)1
Yes
Yes
Yes
Protocol Independent Multicast Dense
mode (PIM-DM) V1 (draft-ietf-pim-dm-05)
and V2 (draft-ietf-pim-v2-dm-03)
Yes
Yes
Yes
Protocol Independent Multicast Sparse
mode (PIM-SM) V2 (RFC 2362)
Yes
Yes
Yes
PIM passive
Yes
Yes
Yes
Policy-Based Routing (PBR)
Yes
Yes
Yes
RIPng (IPv6)1
Yes
Yes
Yes
Route-only support (Global CONFIG level and
Interface level)
Yes
Yes
Yes
1
This feature requires IPv6-capable hardware and a valid software license. For details, refer to the chapter
“Software-based Licensing” in the FastIron Configuration Guide.
IronWare Software Release R07.3.00p Page 36 of 113
Category and description
FESX-PREM
FSX 800-PREM
FSX 1600-PREM
FCX
ICX 6610
Route redistribution (including BGP4)
Yes
Yes (BGP4
supported on
ADV models
only)
Yes (BGP4
supported on
ADV models
only)
Routes in hardware maximum:
FESX6 up to 256K routes
FESX6-E up to 512K routes
FSX up to 512K routes
FCX up to 16K routes
ICX up to 15K Ipv4 routes and 2800 IPv6
routes
Yes
Yes
Yes
Static ARP entries
Yes (up to 6,000)
Yes (up to
1,000)
Yes (up to
1,000)
VRRP-E
Yes
Yes
Yes
VRRP-E slow start timer
Yes
Yes
Yes
VRRP-E timer scale
Yes
Yes
Yes
65BSupported IPv6 management features
Table 11 shows the IPV6 management features that are supported in Brocade devices that can be configured
as an IPv6 host in an IPv6 network, and in devices that support IPv6 routing.
Table 11 Supported IPv6 management features
Category and description
FESX6
FSX 800
FSX 1600
FWS
FCX
ICX 6610
Link-Local IPv6 Address
Yes
Yes
Yes
Yes
IPv6 Access List (management ACLs)
Yes
Yes
Yes
Yes
IPv6 copy
Yes
Yes
Yes
Yes
IPv6 ncopy
Yes
Yes
Yes
Yes
IPv6 debug
Yes
Yes
Yes
Yes
IPv6 ping
Yes
Yes
Yes
Yes
IPv6 traceroute
Yes
Yes
Yes
Yes
DNS server name resolution
Yes
Yes
Yes
Yes
IronWare Software Release R07.3.00p Page 37 of 113
Category and description
FESX6
FSX 800
FSX 1600
FWS
FCX
ICX 6610
HTTP/HTTPS
Yes
Yes
Yes
Yes
Logging (Syslog)
Yes
Yes
Yes
Yes
RADIUS
Yes
Yes
Yes
Yes
SCP
Yes
Yes
Yes
Yes
SSH
Yes
Yes
Yes
Yes
SNMP
Yes
Yes
Yes
Yes
SNMP traps
Yes
Yes
Yes
Yes
SNTP
Yes
Yes
Yes
Yes
TACACS/TACACS+
Yes
Yes
Yes
Yes
Telnet
Yes
Yes
Yes
Yes
TFTP
Yes
Yes
Yes
Yes
66BUnsupported features
Table 12 lists the features that are not supported on the FastIron devices. If required, these features are
available on other Brocade devices.
Table 12 Unsupported features
System-level features not supported
ACL logging of permitted packets
Broadcast and multicast MAC filters
Outbound ACLs on FWS, and 1st or 2nd generation of FSX modules.
Layer 2 features not supported
SuperSpan
VLAN-based priority
Layer 3 features not supported
AppleTalk routing
IronWare Software Release R07.3.00p Page 38 of 113
System-level features not supported
Foundry Standby Router Protocol (FSRP)
IPv6 Multicast Routing
IPX routing
IS-IS
Multiprotocol Border Gateway Protocol (MBGP)
Multiprotocol Label Switching (MPLS)
Network Address Translation (NAT)
TurboIron 24X Feature Support
This section describes the feature highlights in this release. Features or options not listed in this section or
documented in the FastIron and TurboIron 24X Configuration Guide are not supported.
67BSupported Management Features
This release supports the following management features.
Supported Management Features
Category, Description, and Configuration Notes
Supported on
TurboIron
802.1X accounting
No
AAA support for console commands
Yes
Access Control Lists (ACLs) for controlling management access
Yes
Alias Command
Yes
Combined DSCP and internal marking in one ACL rule
Yes
Configuring an interface as the source for all TFTP, Syslog, and SNTP packets
No
DHCP Client-Based Auto-Configuration
No
DHCP Server
No
Disabling TFTP Access
Yes
Brocade Network Advisor 11.2
Yes
P-Bridge and Q-Bridge MIBs
Yes
Remote monitoring (RMON)
Yes
Retaining Syslog messages after a soft reboot
No
sFlow
For inbound traffic only
802.1X username export support for encrypted and non-encrypted EAP types
Yes
sFlow support for IPv6 packets
Yes
sFlow Version 5
No
Serial and Telnet access to industry-standard Command Line Interface (CLI)
Yes
Show log on all terminals
Yes
SNMP v1, v2, v3
Yes
SNMP V3 traps
Yes
Specifying the maximum number of entries allowed in the RMON Control Table
Yes
Specifying which IP address will be included in a DHCP/BOOTP reply packet
No
IronWare Software Release R07.3.00p Page 39 of 113
Supported Management Features
Category, Description, and Configuration Notes
Supported on
TurboIron
Traffic counters for outbound traffic
Yes
Web-based GUI
No
Web-based management HTTPS/SSL
No
68BSupported IPv6 Management Features
This release supports the following IPv6 management features.
Supported IPv6 Management Features
Category, Description, and Configuration Notes
Supported on
TurboIron
Link-Local IPv6 Address
Yes
IPv6 Access List
No
IPv6 copy
Yes
IPv6 ncopy
Yes
IPv6 debug
Yes
IPv6 ping
Yes
IPv6 traceroute
Yes
DNS server name resolution
Yes
HTTP/HTTPS
No
Logging (syslog)
Yes
RADIUS
Yes
SCP
Yes
SSH
Yes
SNMP v1, v2, v3
Yes
SNTP
Yes
Syslog
Yes
TACACS/TACACS+
Yes
Telnet
Yes
TFTP
Yes
Traps
Yes
69BSupported Security Features
This release supports the following security features.
Supported Security Features
Category, Description, and Configuration Notes
Supported on
TurboIron
802.1X port security
Yes
IronWare Software Release R07.3.00p Page 40 of 113
Supported Security Features
Category, Description, and Configuration Notes
Supported on
TurboIron
802.1X authentication RADIUS timeout action
Yes
802.1X dynamic assignment for ACL, MAC filter, and VLAN
Yes
Access Control Lists (ACLs) for filtering transit traffic
Support for inbound ACLs only. These devices do not support outbound ACLs.
Yes
Address locking (for MAC addresses)
Yes
AES Encryption for SNMP v3
Yes
AES Encryption for SSH v2
Yes
Authentication, Authorization and Accounting (AAA)
RADIUS, TACACS/TACACS+
Yes
Denial of Service (DoS) protection
TCP SYN Attacks and ICMP Attacks
Yes
DHCP Snooping
No
Dynamic ARP Inspection
No
EAP Pass-through Support
Yes
Enhancements to username and password
Yes
HTTPS
No
IP Source Guard
No
Local passwords
Yes
MAC filter override of 802.1X
Yes
MAC filtering
Filtering on source and destination MAC addresses
Yes
Ability to disable MAC Learning
Yes
Flow-based MAC learning
No
MAC port security
Yes
Multi-device port authentication
Yes
Multi-device port Authentication with dynamic ACLs
Yes
Multi-device port authentication with dynamic VLAN assignment
Yes
Multi-device port authentication password override
Yes
Multi-device port authentication RADIUS timeout action
Yes
Secure Copy (SCP)
Yes
Secure Shell (SSH) v2 Server
Yes
Packet filtering on TCP Flags
Yes
DHCP Relay Agent information (DHCP Option 82) for DHCP snooping
No
IronWare Software Release R07.3.00p Page 41 of 113
Supported Security Features
Category, Description, and Configuration Notes
Supported on
TurboIron
Web Authentication
No
70BSupported System-Level Features
This release supports the following system-level features.
Supported System Level Features
Category, Description, and Configuration Notes
Supported on
TurboIron
10/100/1000 port speed
Yes
1 Gbps and 10 Gbps configurable port speed on fiber ports
Yes
32,000 MAC addresses per switch
Yes
ACL-Based Mirroring
Yes
ACL-Based Rate Limiting
ACL-based fixed and adaptive rate limiting on inbound ports
Yes
ACL filtering based on VLAN membership or VE port membership
Yes
ACL logging of denied packets
ACL logging is supported for denied packets, which are sent to the CPU for logging
ACL logging is not supported for permitted packets
Packets that are denied by ACL filters are logged in the Syslog based on a sample time-period.
Yes
ACL statistics
Yes
ACLs to filter ARP packets
Yes
Asymmetric flow control
Responds to flow control packets, but does not generate them
Yes
Auto MDI/MDIX
Yes
Auto-negotiation
Yes
Automatic removal of Dynamic VLAN for 802.1X ports
No
Automatic removal of Dynamic VLAN for MAC authenticated ports
No
Broadcast, multicast, and unknown-unicast rate limiting
Yes
Boot and reload after 5 minutes at or above shutdown temperature
Yes
Cut-through switching
Yes
DiffServ support
Yes
Digital Optical Monitoring
Yes
Displaying interface names in Syslog
Yes
Displaying TCP/UDP port numbers in Syslog messages
Yes
DSCP Mapping for values 1 through 8
Yes
IronWare Software Release R07.3.00p Page 42 of 113
Supported System Level Features
Category, Description, and Configuration Notes
Supported on
TurboIron
Dynamic buffer allocation
Yes
Egress buffer thresholds
Yes
Fixed rate limiting
Port-based rate limiting on inbound ports.
Fixed rate limiting is supported on 1 Gbps and 10 Gbps Ethernet ports.
Fixed rate limiting is not supported on tagged ports in the full Layer 3 router image.
Yes
Foundry Discovery Protocol (FDP) / Cisco Discovery Protocol (CDP)
Yes
Generic buffer profile
No
High Availability
Layer 2 hitless switchover
Layer 2 hitless Operating System (OS) upgrade
No
LLDP
Yes
LLDP-MED
No
MAC filter-based mirroring
Yes
Multi-port static MAC address
Yes
Multiple Syslog server logging
Up to six Syslog servers
Yes
Negative temperature setting
Yes
Outbound rate limiting
No
Outbound rate shaping
Yes
Path MTU Discovery support
No
Port flap dampening
Yes
Port mirroring and monitoring
Mirroring of both inbound and outbound traffic on individual ports is supported.
Yes
Power over Ethernet
No
Priority mapping using ACLs
Yes
Protected link groups
No
Specifying a Simple Network Time Protocol (SNTP) Server
Yes
Specifying the minimum number of ports in a trunk group
Yes
Static MAC entries with option to set traffic priority
Yes
Virtual Cable Testing (VCT) technology
Uses Time Domain Reflectometry (TDR) technology to detect and report cable statistics such as; local and remote
link pair, cable length, and link status.
No
IronWare Software Release R07.3.00p Page 43 of 113
Supported Layer 2 Features
This release supports the following Layer 2 features.
Supported Layer 2 Features
Category, Description, and Configuration Notes
Supported on
TurboIron
802.1D Spanning Tree Support
Enhanced IronSpan support includes Fast Port Span and Single-instance Span
TurboIron switches support up to 255 spanning tree instances for VLANs.
Yes
802.1p Quality of Service (QoS)
Strict Priority (SP)
Weighted Round Robin (WRR)
Combined SP and WRR
8 priority queues
Yes
802.1s Multiple Spanning Tree
Yes
802.1W Rapid Spanning Tree (RSTP)
802.1W RSTP support allows for sub-second convergence (both final standard and draft 3 supported)
Yes
802.3ad link aggregation (dynamic trunk groups)
Brocade ports enabled for link aggregation follow the same rules as ports configured for trunk groups.
Yes
ACL-based rate limiting QoS
Yes
BPDU Guard
Yes
Dynamic Host Configuration Protocol (DHCP) Assist
Yes
IGMP v1/v2 Snooping Global
Yes
IGMP v3 Snooping Global
Yes
(*,G and S,G)
IGMP v1/v2/v3 Snooping per VLAN
Yes
IGMP Proxy
Yes
IGMP v2/v3 Fast Leave (membership tracking)
Yes
IGMP Filters
Yes
Interpacket Gap (IPG) adjustment
Yes
Jumbo frames
10/100/1000 and 10-Gigabit Ethernet ports
Up to 9216 bytes
Yes
LACP
LACP trunk group ports follow the same configuration rules as for statically configured trunk group ports.
Support for single link LACP
Yes
Link Fault Signaling (LFS) for 10-Gigabit Ethernet ports
Yes
MAC-Based VLANs
Dynamic MAC-Based VLAN Activation
No
Metro Ring Protocol 1 (MRP 1)
Yes
IronWare Software Release R07.3.00p Page 44 of 113
Supported Layer 2 Features
Category, Description, and Configuration Notes
Supported on
TurboIron
Metro Ring Protocol 2 (MRP 2)
Yes
MLD Snooping V1/V2
MLD V1/V2 snooping (global and local)
MLD fast leave for V1
MLD tracking and fast leave for V2
Static MLD and IGMP groups with support for proxy
No
Multicast static group traffic filtering (for snooping scenarios)
No
PIM-SM V2 Snooping
Yes
PVST/PVST+ compatibility
Yes
PVRST+ compatibility
Yes
Remote Fault Notification (RFN) for 10-Gigabit Ethernet ports
No
Root Guard
Yes
Super Aggregated VLANs
Yes
Trunk groups
Trunk threshold for static trunk groups
Flexible trunk group membership
Yes
Topology groups
Yes
Uni-directional Link Detection (UDLD) (Link keepalive)
Yes
Uplink Ports Within a Port-Based VLAN
Yes
VLAN Support on TurboIron Devices:
4096 maximum VLANs
Dual-mode VLANs
802.1Q with tagging
Port-based VLANs
VLAN groups
Private VLANs
Yes
802.1ad Tagging (tag-type 8100 over 8100 encapsulation)
Yes
VLAN-based mirroring
No
VoIP Auto-configuration and CDP
No
Virtual Switch Redundancy Protocol (VSRP)
Yes
VSRP-Aware security features
Yes
VSRP and MRP signaling
Yes
VSRP Fast Start
Yes
VSRP timer scaling
Yes
IronWare Software Release R07.3.00p Page 45 of 113
72BSupported Layer 3 Features
This release supports the following Layer 3 features.
Supported Layer 3 Features
Category, Description, and Configuration Notes
Supported on
TurboIron
Anycast RP
Yes
BGP
Yes
IGMP V1, V2, and V3
Yes
IP helper
Yes
IP multicast routing protocols: PIM-SM and PIM-DM
DVMRP is not supported
Yes
ICMP Redirect messages
Yes
Multiprotocol Source Discovery Protocol (MSDP)
Yes
OSPF V2 (IPv4)
Yes
RIP V1 and V2
Yes
Route-only support
Disabling Layer 2 Switching at the CLI Interface level as well as the Global CONFIG level. This feature is not
supported on virtual interfaces.
Yes
Routing for directly connected IP subnets
Yes
Static IP Routing
Yes
Virtual Interfaces
Up to 255 virtual interfaces
Yes
VRRP
Yes
VRRP-E
Yes
Note: Layer 3 features not listed under “Layer 3 Features” are not supported.
IronWare Software Release R07.3.00p Page 46 of 113
Software image file
Boot and flash images for Ironware release 07.3.00p
Table 13 lists the software image file that is available for IronWare Release 07.3.00p.
Table 13 Software image file
Device
Boot Image
Flash Image
FESX6
FSX 800
FSX 1600
sxz07200.bin
SXS07300p.bin (Layer 2) or
SXL07300p.bin (base Layer 3)
or
SXR07300p.bin (full Layer 3)
PoE Firmware files
Table 14 lists the PoE firmware file types supported for IronWare Release R07.3.00p. The firmware files are
specific to their devices and are not interchangeable. For example, you cannot load FCX PoE firmware on a FSX
device.
Note: The PoE circuitry includes a microcontroller pre-programmed at Brocade factory. In the past, a copy of
the current microcontroller code was embedded as part of the FastIron software releases and was used for
upgrades if necessary. Two different types of PoE controller code sets were included for PoE and POE+
subsystems. That is no longer the case, and the software has been enhanced so that it can be loaded as an
external file. The microcontroller code has not changed in this release, so there is no current need for an
upgrade. The PoE firmware version string will be kept updated to match the corresponding software version
however. This is only a cosmetic change and the firmware itself remains unchanged. Should a new version of
POE code be released, Brocade will notify its customers of the needed code upgrade. Finally, in the remote
case that a failure occurs during an upgrade process, the switch would still be functional but without PoE
circuitry. Should you encounter such an issue, please contact Brocade Technical Support for servicing.
Table 14 PoE Firmware files
Device
PoE Firmware Version
PoE Firmware Files
FESX6
FSX 800
FSX 1600
06.0.6
fsx_poe_06.0.6.fw
FSX 800 with SX-FI648PP or SX-FI-
24GPP module
FSX 1600 with SX-FI648PP or SX-
FI-24GPP module
02.1.0
fsx_poeplus_02.1.0.fw
FCX
ICX 6610
02.1.0
fcx_poeplus_02.1.0.fw
Upgrading software
Use the procedures in this section to upgrade the software for your devices.
There are two different upgrade procedures. Select the appropriate procedure for the type of upgrade you want
to perform:
IronWare Software Release R07.3.00p Page 47 of 113
Standard upgrade procedure
Use this procedure if you want to upgrade to IronWare R07.3.00p but do not want to run the device in a FIPS
environment. This procedure is described in the Standard upgrade procedure section.
Important notes about upgrading or downgrading the software
Note the following when upgrading to software release R07.3.00p:
FSX devices can store two Full Layer 3 image or two Layer 2 or Base Layer 3 images.
FESX6 can store one Full Layer 3 image or two Layer 2 or Base Layer 3 images
The image for IronWare R07.2.00a and later uses different Interprocessor Communications (IPC) versions
for FCX devices; however, units in a stack must run the same IPC version to communicate. After upgrading
from IronWare R07.2.00 or earlier to IronWare R07.3.00p, you must verify that the same image
downloaded to every unit in the stack before reloading the entire stack. To verify the images, you can enter
the show flash command at any level of the CLI. A stack cannot be built and will not operate if one or more
units has different software images.
Hitless upgrade for FSX devices from 07.3.00c to later 07.3.00 releases is not supported.
Note the following when downgrading from software release R07.3.00p:
If software-based licensing is in effect on the device and the software is downgraded to pre-release
07.1.00, software-based licensing will not be supported.
Standard upgrade procedure
Before upgrading the software on the device, first read the Important notes about upgrading or downgrading
the software section.
Upgrading the boot code
If you need to upgrade the boot code, perform the following steps.
1. Place the new boot code on a TFTP server to which the Brocade device has access.
2. If the device has 8 MB of flash memory or if you want to install a Full Layer 3 image on an FCX or FSX
device, you must delete the primary and secondary image
3. Copy the boot code from the TFTP server into flash memory. To do so, enter a command such as the
following at the Privileged EXEC level of the CLI.
copy tftp flash <ip-addr> <image-file-name> bootrom
You should see output similar to the following.
Device# Flash Memory Write (8192 bytes per dot)...........................
(Boot Flash Update)Erase.........Write.............
TFTP to Flash Done
Note: Brocade recommends that you use the copy tftp flash command to copy the boot code to the
device during a maintenance window. Attempting to do so during normal networking operations may
cause disruption to the network.
4. Verify that the code has been successfully copied by entering the following command at any level of
the CLI.
show flash
The output will display the compressed boot ROM code size and the boot code version.
5. Upgrade the flash code as instructed in the following section.
IronWare Software Release R07.3.00p Page 48 of 113
Upgrading the flash code
Note: You must delete the current primary and secondary images before completing the upgrade steps.
Devices with 8MB of flash memory can only hold one complete image.
To upgrade the flash code, perform the following steps.
1. Place the new flash code on a TFTP server to which the Brocade device has access.
2. If the device has 8MB of flash memory or if you want to install a Full Layer 3 image on an FCX device,
you must delete the primary and secondary images before upgrading the image. To delete images
from the flash, enter the following commands:
Device# erase flash primary
Device# erase flash secondary
Note: If the primary flash contains additional files not related to the software update, it is
recommended that you also delete these files.
3. Copy the flash code from the TFTP server into flash memory. To do so, use the copy command at the
Privileged EXEC level of the CLI.
copy tftp flash <ip-addr> <image-file-name> primary | secondary
You should see output similar to the following.
Device# Flash Memory Write (8192 bytes per dot) ........................
...................................................................................................................................................
TFTP to Flash Done
4. Verify that the flash code has been successfully copied by entering the following command at any level
of the CLI.
Note: For units in an IronStack, when upgrading from one major release to another (for example, from
software release 07.1.00 to 07.2.00), make sure that every unit has the same code. If you reload the
stack while units are running different code versions, the units will not be able to communicate.
show flash
If the flash code version is correct, go to step 5, otherwise, go back to step 1.
5. Once you have completed the upgrade, you must reboot the device to complete the upgrade process.
Use one of the following commands:
reload (this command boots from the default boot source, which is the primary flash area by
default)
boot system flash primary | secondary
A confirmation step may occur after a boot system flash primary/secondary command is entered and
gives an administrator the opportunity to make last minute changes or corrections before performing a
reload. The example below shows the confirmation step.
Device# boot system flash primary
Are you sure? (enter ‘Y’ or ‘N’): y
6. For devices in an IronStack, make sure all devices are running the same software image. See
“Confirming software versions (IronStack devices)” in the next section.
Confirming software versions (IronStack devices)
All units in an IronStack must be running the same software image. To confirm this, check the software version
on all devices that you want to add to your IronStack. Upgrade any units that are running older versions of the
software before you build your stack.
IronWare Software Release R07.3.00p Page 49 of 113
1. Telnet, SSH, or connect to any of the console ports in the stack.
2. Enter the show version command. Output similar to the following is displayed.
Device# show version
Copyright (c) 1996-2011 Brocade Communications Systems, Inc.
UNIT 3: compiled on Sep 26 2011 at 21:15:14 labeled as FCXR07300
(6801867 bytes) from Primary fcxr07300.bin
SW: Version 07.3.00T7f3
UNIT 1: compiled on Sep 26 2011 at 21:15:14 labeled as FCXR07300
(6801867 bytes) from Primary fcxr07300.bin
SW: Version 07.3.00T7f3
UNIT 2: compiled on Sep 26 2011 at 21:15:14 labeled as FCXR07300
(6801867 bytes) from Primary fcxr07300.bin
SW: Version 07.3.00T7f3
UNIT 4: compiled on Sep 26 2011 at 21:15:14 labeled as FCXR07300
(6801867 bytes) from Primary fcxr07300.bin
SW: Version 07.3.00T7f3
UNIT 5: compiled on Sep 26 2011 at 21:15:14 labeled as FCXR07300
(6801867 bytes) from Primary fcxr07300.bin
SW: Version 07.3.00T7f3
UNIT 6: compiled on Sep 26 2011 at 21:15:14 labeled as FCXR07300
(6801867 bytes) from Primary fcxr07300.bin
SW: Version 07.3.00T7f3
UNIT 7: compiled on Sep 26 2011 at 21:15:14 labeled as FCXR07300
(6801867 bytes) from Primary fcxr07300.bin
SW: Version 07.3.00T7f3
UNIT 8: compiled on Sep 26 2011 at 21:15:14 labeled as FCXR07300
(6801867 bytes) from Primary fcxr07300.bin
SW: Version 07.3.00T7f3
Boot-Monitor Image size = 369321, Version:07.3.00T7f5 (grz07300)
HW: Stackable FCX648S-PREM (PROM-TYPE FCX-ADV-U)
==========================================================================
UNIT 1: SL 1: FCX-24GS 24-port Management Module
License: FCX_ADV_ROUTER_SOFT_PACKAGE (LID: )
P-ENGINE 0: type DB90, rev 01
PROM-TYPE: FCX-ADV-U
==========================================================================
UNIT 1: SL 2: FCX-2XGC 2-port 16G Module (2-CX4)
==========================================================================
UNIT 1: SL 3: FCX-2XG 2-port 10G Module (2-XFP)
==========================================================================
UNIT 2: SL 1: FCX-48GS POE 48-port Management Module
License: FCX_ADV_ROUTER_SOFT_PACKAGE (LID: )
P-ENGINE 0: type DB90, rev 01
P-ENGINE 1: type DB90, rev 01
PROM-TYPE: FCX-ADV-U
==========================================================================
UNIT 2: SL 2: FCX-2XGC 2-port 16G Module (2-CX4)
==========================================================================
UNIT 3: SL 1: FCX-48GS 48-port Management Module
License: FCX_ADV_ROUTER_SOFT_PACKAGE (LID: )
P-ENGINE 0: type DB90, rev 01
P-ENGINE 1: type DB90, rev 01
PROM-TYPE: FCX-ADV-U
==========================================================================
UNIT 3: SL 2: FCX-2XGC 2-port 16G Module (2-CX4)
==========================================================================
UNIT 3: SL 3: FCX-2XG 2-port 10G Module (2-XFP)
==========================================================================
UNIT 4: SL 1: FCX-24GS-F 24-port Management Module
Serial #: BFC2239E03J
IronWare Software Release R07.3.00p Page 50 of 113
License: FCX_ADV_ROUTER_SOFT_PACKAGE (LID: dheHHIOgFIl)
P-ENGINE 0: type DB90, rev 01
==========================================================================
UNIT 4: SL 2: FCX-2XGC 2-port 16G Module (2-CX4)
==========================================================================
UNIT 5: SL 1: FCX-24GS 24-port Management Module
Serial #: BCV2218F091
License: FCX_ADV_ROUTER_SOFT_PACKAGE (LID: dexHHGNhFOG)
P-ENGINE 0: type DB90, rev 01
==========================================================================
UNIT 5: SL 2: FCX-2XGC 2-port 16G Module (2-CX4)
==========================================================================
UNIT 6: SL 1: FCX-24GS 24-port Management Module
Serial #: BCV2218F0BX
License: FCX_ADV_ROUTER_SOFT_PACKAGE (LID: dexHHGNhFdz)
P-ENGINE 0: type DB90, rev 01
==========================================================================
UNIT 6: SL 2: FCX-2XGC 2-port 16G Module (2-CX4)
==========================================================================
UNIT 7: SL 1: FCX-24GS 24-port Management Module
Serial #: BCV2218F099
License: FCX_ADV_ROUTER_SOFT_PACKAGE (LID: dexHHGNhFOO)
P-ENGINE 0: type DB90, rev 01
==========================================================================
UNIT 7: SL 2: FCX-2XGC 2-port 16G Module (2-CX4)
==========================================================================
UNIT 8: SL 1: FCX-24GS 24-port Management Module
Serial #: BCV2218F0B7
License: FCX_ADV_ROUTER_SOFT_PACKAGE (LID: dexHHGNhFdM)
P-ENGINE 0: type DB90, rev 01
==========================================================================
UNIT 8: SL 2: FCX-2XGC 2-port 16G Module (2-CX4)
==========================================================================
telnet@fcx648s-upper#
Note: If any unit in the IronStack is running an incorrect version of the software, it will appear as non-
operational. You must install the correct software version on that unit for it to operate properly in the stack. For
more information, refer to “Copying the flash image to a stack unit from the Active Controller” in the FastIron
Configuration Guide.
Upgrading software images on TurboIron devices
Upgrading the boot code
1. Place the new boot code on a TFTP server to which the Brocade device has access.
2. Enter the following command at the Privileged EXEC level of the CLI (example: FastIron Switch#) to copy
the boot code from the TFTP server into flash memory:
copy tftp flash <ip-addr> <image-file-name> bootrom
3. Use the copy tftp flash command to copy the boot code to the Brocade device only during a maintenance
window. Attempting to do so during normal networking operations can cause disruption to the network.
4. Verify that the code has been successfully copied by entering the following command at any level of the
CLI:
show flash
5. The output will display the compressed boot ROM code size and the boot code version.
IronWare Software Release R07.3.00p Page 51 of 113
6. Upgrade the flash code as instructed in the following section.
Upgrading the flash image
1. Place the new flash code on a TFTP server to which the Brocade device has access.
2. Enter the following command at the Privileged EXEC level of the CLI (example: FastIron#) to copy the flash
code from the TFTP server into the flash memory:
copy tftp flash <ip-addr> <image-file-name> primary | secondary
3. Verify that the flash code has been successfully copied by entering the following command at any level of
the CLI:
show flash
4. If the flash code version is correct, go to Step 5. Otherwise, go to Step 1.
5. Reload the software by entering the following command:
reload
(The reload command boots from the default boot source, which is the primary flash area by default)
Technical support
Contact your switch supplier for the hardware, firmware, and software support, including product repairs and
part ordering. To expedite your call, have the following information immediately available:
1. General Information
Technical Support contract number, if applicable
Device model
Software release version
Error numbers and messages received
Detailed description of the problem, including the switch or network behavior immediately
following the problem, and specific questions
Description of any troubleshooting steps already performed, with the results
2. Switch Serial Number
Getting help or reporting errors
E-mail and telephone access
Go to http://www.brocade.com/services-support/index.html for the latest e-mail and telephone contact
information.
Additional resources
For more information about the products supported in this software release, refer to the following publications.
Document Title
Contents
FastIron Configuration Guide
Provides configuration procedures for system-
level features, enterprise routing protocols, and
security features.
Brocade FCX Series Hardware Installation Guide
Describes the hardware as shipped. Provides
installation instructions, hardware maintenance
IronWare Software Release R07.3.00p Page 52 of 113
Document Title
Contents
Brocade FastIron WS Series Hardware Installation
Guide
Brocade FastIron X Series Chassis Hardware
Installation Guide
Brocade FastIron Edge X-Series Switch Hardware
Installation guide
Brocade ICX 6610 Series Hardware Installation Guide
procedures, hardware specifications, and
compliance information.
Unified IP MIB Reference
Simple Network Management Protocol (SNMP)
Management Information Base (MIB) objects.
Brocade FCX, Brocade FastIron SX, Brocade ICX 6610
Web Management Interface User Guide
Describes the Graphical User Interface (GUI) and
procedures for monitoring and configuring various
features of the FastIron CX series switches using
the GUI.
Brocade FCX and Brocade ICX 6610 Debug Guide
Documents debug commands for debugging
devices.
TurboIron 24X Configuration Guide
Provides configuration procedures for system-
level features, enterprise routing protocols, and
security features for TurboIron 24X.
Brocade TurboIron 24X Series Hardware Installation
Guide
Describes the TurboIron 24X hardware as
shipped. Provides installation instructions,
hardware maintenance procedures, hardware
specifications, and compliance information.
Go to Uhttp://www.brocade.com/ethernetproductsU to obtain the latest version of the guides. To report errors in
the guide, send an email to Udocumentation@brocade.comU.
Closed Defects in IronWare Software Release 07.3.00p
Defect ID: DEFECT000561967
Technical Severity: Medium
Probability: High
Product: IronWare
Technology: Layer 2
Reported In Release: FI 07.3.00
Technology Area: IEEE 802.1w RSTP
Symptom: Delayed MAC table flush observed upon the Root bridge reload and RSTP topology convergence.
Condition: The problem occurs when the Root bridge reloads and joins the topology back. The MAC flush occurs after
twice the forward delay time.
IronWare Software Release R07.3.00p Page 53 of 113
Closed Defects in IronWare Software Release 07.3.00n
Defect ID: DEFECT000536989
Technical Severity: Medium
Probability: Medium
Product: IronWare
Technology: Security
Reported In Release: FI 08.0.10
Technology Area: FIPS
Symptom: SSL poodle attack vulnerability
Condition: When HTTPS is connected using SSL 3.0, there is chance for poodle attack.
Defect ID: DEFECT000559035
Technical Severity: Medium
Probability: High
Product: IronWare
Technology: Management
Reported In Release: FI 07.3.00
Technology Area: SNMPv2, SNMPv3 & MIBs
Symptom: Device may unexpectedly reload when interface statistics is fetched through SNMP polling.
Condition: This issue is observed when IPv6 interface information is fetched for invalid port through SNMP polling.
Workaround: Avoid SNMP polling of IPv6 interface statistics with invalid port number.
Closed Defects in IronWare Software Release 07.3.00m
Defect ID: DEFECT000488852
Technical Severity: Medium
Probability: Low
Product: IronWare
Technology: Layer 3
Reported In Release: FI 07.4.00
Technology Area: OSPF (IPv4)
Symptom: Even though routing table gets changed as far as they see "show ip route", the traffic still goes out from the
port based on the previous routing table, unless we execute "clear ip route".
Condition: None
Workaround: Execute "clear ip route" a few times
Defect ID: DEFECT000533382
Technical Severity: High
Probability: Low
Product: IronWare
Technology: Stacking
Reported In Release: FI 07.2.00
Technology Area: Hitless Switchover, Failover, Hotswap,OS U/G
Symptom: The active management module of SX800 device unexpectedly reloads without stack trace.
Condition: If the SX800 device is up for more than 1325 days, the active management module resets unexpectedly.
Closed Defects in IronWare Software Release 07.3.00k
Defect ID:
DEFECT000468746
Technical Severity:
High
Probability:
High
Product:
IronWare
Technology:
Layer 2
Reported In Release:
FI 08.0.00
Technology Area:
IEEE 802.1w RSTP
Symptom:
With PVRST mode enabled on VDX device the FastIron devices drops BPDUs from VDX device
resulting in non-convergence of the topology.
Condition:
When VDX device with Spanning tree and PVRST mode enabled, is connected to a FastIron device
the BPDUs are dropped resulting issue in topology convergence.
IronWare Software Release R07.3.00p Page 54 of 113
Defect ID:
DEFECT000495931
Technical Severity:
Medium
Probability:
Medium
Product:
IronWare
Technology:
Management
Reported In Release:
FI 08.0.01
Technology Area:
SNMPv2, SNMPv3 & MIBs
Symptom:
SNMPv3 user became invalid after changing the stack MAC.
Condition:
When the stack MAC is changed, the SNMPv3 user became invalid.
Defect ID:
DEFECT000506391
Technical Severity:
Medium
Probability:
High
Product:
IronWare
Technology:
Traffic Management
Reported In Release:
FI 07.3.00
Technology Area:
QoS - Quality of Service
Symptom:
The “egress-buffer-threshold minimum” configuration on LACP/Trunk interface does not take effect
on secondary ports after reload.
Condition:
When “egress-buffer-threshold minimum” is configured on LACP / Trunk interfaces, the
configuration is shown only on primary interface in the start-up configuration. The configuration is
not applied on the secondary ports upon reload.
Recovery:
Re-configure the 'egress-buffer-threshold minimum' command after reload
Defect ID:
DEFECT000509612
Technical Severity:
Medium
Probability:
Medium
Product:
IronWare
Technology:
Management
Reported In Release:
FI 08.0.10
Technology Area:
DHCP (IPv4)
Symptom:
IP phones of specific models do not get connected to the TFTP server, when ICX 64xx or ICX6610
device is used as DHCP server.
Condition:
When ICX device is used as DHCP server, the IP phones of specific models could not connect to the
TFTP server.
Defect ID:
DEFECT000516553
Technical Severity:
Critical
Probability:
High
Product:
IronWare
Technology:
Stacking
Reported In Release:
FI 07.4.00
Technology Area:
Traditional Stacking
Symptom:
In ICX stacking environment, sometimes a member gets isolated from the stack due to a transmit
lockup. This is result of inability to transmit packets on the 40G link, causing the member to be
removed from the stack.
Condition:
This could be caused due to flapping of the 40G port, or in a congestion situation.
Syslog message will inform which unit from which stack device is deleted from the stack system.
Defect ID:
DEFECT000518219
Technical Severity:
Medium
Probability:
Medium
Product:
IronWare
Technology:
System
Reported In Release:
FI 07.3.00
Technology Area:
Component
Symptom:
In SX1600 device, ping latency occurs when optical monitoring is turned on.
Condition:
SX1600 device having Gen2 Management Module and Gen 3 line cards running 7.300g or 7.300f
software, when optical monitoring is enabled ping latency is observed even under normal CPU load.
IronWare Software Release R07.3.00p Page 55 of 113
Defect ID:
DEFECT000522650
Technical Severity:
High
Probability:
Low
Product:
IronWare
Technology:
Security
Reported In Release:
FI 07.3.00
Technology Area:
802.1x Port Security
Symptom:
IP phones unexpectedly losing connection when 802.1x is enabled after about 10 minutes.This
happens in dual-mode vlan, where the phone is tagged to voice-vlan, while the dot1x mac-session is
associated with the data-vlan.
Condition:
None
Workaround:
Enable dot1x multicast mode on the phone.
Defect ID:
DEFECT000524754
Technical Severity:
Low
Probability:
High
Product:
IronWare
Technology:
Layer 2
Reported In Release:
FI 07.3.00
Technology Area:
ARP
Symptom:
While executing the “show mac” command from the rconsole prompt on an ICX6610 member unit,
that unit unexpectedly reloads.
Condition:
None.
Defect ID:
DEFECT000528247
Technical Severity:
Medium
Probability:
Medium
Product:
IronWare
Technology:
Monitoring/RAS
Reported In Release:
FI 07.3.00
Technology Area:
Syslog
Symptom:
FCX stack device restarts spontaneously when enormous syslog messages are generated.
Condition:
When the FCX stack device is switched over multiple times with enormous syslog messages the
device reloads unexpectedly.
Defect ID:
DEFECT000529496
Technical Severity:
High
Probability:
Low
Product:
IronWare
Technology:
System
Reported In Release:
FI 07.3.00
Technology Area:
Optics
Symptom:
In very few 100-FX optics, when an interface configured as 100-fx, the interface status in "show
interface" shows as UP when 100-fx SR optics is plugged without a link up.
Condition:
The link is physically down, and the 100-FX optics is plugged-in.
Defect ID:
DEFECT000530578
Technical Severity:
High
Probability:
Medium
Product:
IronWare
Technology:
Layer 3
Reported In Release:
FI 07.4.00
Technology Area:
Other IPv4
Symptom:
IP reachability issues are observed between hosts in specific subnets connected in different VLANs
during event of a switch fabric hotswap.
Condition:
None
Defect ID:
DEFECT000535762
Technical Severity:
High
Probability:
High
Product:
IronWare
Technology:
Security
Reported In Release:
FI 07.4.00
Technology Area:
Web Authentication
Symptom:
Web pages do not load during HTTPs server verification.
Condition:
When self signed-ceritificate is used for HTTPS server verification, web page does not load.
Workaround:
Security certificates generated externally can be used for secure-login
IronWare Software Release R07.3.00p Page 56 of 113
Defect ID:
DEFECT000537299
Technical Severity:
Medium
Probability:
Low
Product:
IronWare
Technology:
System
Reported In Release:
FI 08.0.30
Technology Area:
CLI
Symptom:
“show tech” command output does not have sysmon counter information for ICX6610 devices.
Condition:
None
Closed Defects in IronWare Software Release 07.3.00j
Defect ID:
DEFECT000493946
Technical Severity:
Medium
Probability:
High
Product:
IronWare
Technology:
Monitoring/RAS
Reported In Release:
FI 07.3.00
Technology Area:
Syslog
Symptom:
An SNTP syslog is generated whenever the SNTP poll interval expires. The default SNTP poll
interval timeout value is 30 minutes.
Condition:
If there is no SNTP poll interval configured, a syslog is printed on every 30 minutes. When a poll
interval is configured, syslog is generated at the expiration of the configured time
Defect ID:
DEFECT000496483
Technical Severity:
Medium
Probability:
High
Product:
IronWare
Technology:
Security
Reported In Release:
FI 07.3.00
Technology Area:
802.1x Port Security
Symptom:
Stack unit with DOT1X may get reloaded due to insufficient memory caused by a memory leak issue.
Depending on the number of clients, memory leakage may result in complete memory exhaustion
after a period of time.
Condition:
FCX stack running FI 7.3.00.f release version with DoT1X authentication enabled may experience
crash due to memory exhaustion.
Defect ID:
DEFECT000496787
Technical Severity:
Medium
Probability:
High
Product:
IronWare
Technology:
Layer 2
Reported In Release:
FI 07.3.00
Technology Area:
Link Aggregation
Symptom:
When a switch forms an LACP trunk, it brings down all the ports in that LAG and flushes out peer
info. It then sends NULL PDU to the peer. The peer starts to send LACPPDU with NULL peer info to
the device. Then, device starts to disable LACP member ports one by one and finally brings down the
whole LAG. This is a continuous process.
Condition:
TI connected to a third party switch or Linux in a LAG configuration, the switch forms a LACP
trunk, then it tears down all the ports in that lag and flush out peer info
Recovery:
none
Defect ID:
DEFECT000501159
Technical Severity:
High
Probability:
Medium
Product:
IronWare
Technology:
Management
Reported In Release:
FI 07.3.00
Technology Area:
DHCP (IPv4)
Symptom:
When DHCP works in the server mode, memory leakage happens with each request received by the
device. When this is continued for a few days, the system may run out of memory and get rebooted
Condition:
When FastIron device is configured as DHCP server, DHCP client request processed by server may
cause memory leak.
IronWare Software Release R07.3.00p Page 57 of 113
Defect ID:
DEFECT000502975
Technical Severity:
Medium
Probability:
Medium
Product:
IronWare
Technology:
Management
Reported In Release:
FI 07.3.00
Technology Area:
NTP - Network Time Protocol
Symptom:
An NTP syslog is generated whenever the NTP poll interval expires. The default NTP poll interval
timeout value is 30 minutes.
Condition:
If there is no NTP poll interval configured, a syslog is printed on every 30 minutes. When a poll
interval is configured, syslog is generated at the expiration of the configured time
Closed Defects in IronWare Software Release 07.3.00h
Defect ID:
DEFECT000467830
Technical Severity:
Medium
Summary:
Traffic through LAG is interrupted on standby unit when active unit is reloaded.
Symptom:
In a stack of two ICX 6610 switches with a LAG group consisting of one port in the active unit and
another port in the standby unit, the LAG egress traffic stops for about 30 seconds on the standby unit
when the active unit reloads
Probability:
Low
Risk of Fix:
Medium
Feature:
L2 Forwarding
Function:
UNDETERMINED
Reported In Release:
FI 07.4.00
Service Request ID:
1199002
Defect ID:
DEFECT000470564
Technical Severity:
Medium
Summary:
The “show ip mroute” command output does not display a configured static default multicast route.
Symptom:
The “show ip mroute” command output does not display a configured static default multicast route.
Probability:
Medium
Feature:
SX L2/L3 Multicast Features
Function:
PIM Sparse
Reported In Release:
FI 07.3.00
Service Request ID:
1210623
Defect ID:
DEFECT000471200
Technical Severity:
High
Summary:
ICX 6610 reloads due to Data TLB error in corner case scenarios upon receiving certain control plane
stacking messages from peer stack units.
Symptom:
ICX 6610 reloads due to Data TLB error in corner case scenarios upon receiving certain control plane
stacking messages from peer stack units.
Probability:
Low
Risk of Fix:
Low
Feature:
FI Infrastructure
Function:
Stacking table sync/high avaibility
Reported In Release:
FI 07.4.00
Service Request ID:
1212599
Defect ID:
DEFECT000471565
Technical Severity:
Medium
Summary:
An SCP file transfer using Putty version 0.63 over a slow connection may fail.
Symptom:
An SCP file transfer using Putty version 0.63 over a slow connection may fail and generate the
following error message: Fatal: Received unexpected end-of-file from server.
Probability:
Medium
Feature:
FI Embedded Management
Function:
SSHV2/SCP
Reported In Release:
FI 07.3.00
Service Request ID:
1213955,1213955
Defect ID:
DEFECT000472237
Technical Severity:
Medium
Summary:
On time update, SNTP server generates syslog message mentioning wrong time.
Symptom:
On time update, SNTP server generates syslog message mentioning wrong time.
Probability:
Medium
Feature:
FI Embedded Management
Function:
Common Criteria
Reported In Release:
FI 07.3.00
IronWare Software Release R07.3.00p Page 58 of 113
Defect ID:
DEFECT000472725
Technical Severity:
Medium
Summary:
The “show statistics brief ethernet <port>” command output does not display packet counters for
undersized packets
Symptom:
The “show statistics brief ethernet <port>” command output does not display packet counters for
undersized packets.
Workaround:
N/A
Probability:
Medium
Feature:
FI Embedded Management
Function:
CLI and parser
Reported In Release:
FI 07.3.00
Defect ID:
DEFECT000473755
Technical Severity:
Medium
Summary:
SNMP incorrectly reports power supply status as down.
Symptom:
SNMP incorrectly reports power supply status as down.
Probability:
Medium
Risk of Fix:
Low
Feature:
FCX Network Management
Function:
SNMP V4/V6
Reported In Release:
FI 07.2.02
Service Request ID:
1208707
Defect ID:
DEFECT000474185
Technical Severity:
High
Summary:
A device acting as the DHCP-Relay Agent unexpectedly reloads while updating its ARP table.
Symptom:
A device acting as the DHCP-Relay Agent unexpectedly reloads while updating its ARP table.
Workaround:
N/A
Probability:
High
Risk of Fix:
Medium
Feature:
UNDETERMINED
Function:
UNDETERMINED
Reported In Release:
FI 07.4.00
Service Request ID:
1226009
Defect ID:
DEFECT000474395
Technical Severity:
Medium
Summary:
Enabling 802.1w on the default VLAN that contains no port gives continuous error messages.
Symptom:
Enabling 802.1w on the default VLAN that contains no port gives continuous error messages.
Probability:
Medium
Risk of Fix:
High
Feature:
FI L2
Function:
Control Plane - xSTP PVST+ PVRST+
Reported In Release:
FI 08.0.00
Service Request ID:
1226756
Defect ID:
DEFECT000475964
Technical Severity:
High
Summary:
Two IPv6 neighbor discovery (ND) packets sent out every second.
Symptom:
Duplicate ICMPv6 neighbor solicitations are sent.
Probability:
Medium
Risk of Fix:
Low
Feature:
FI L3 Unicast
Function:
Control Plane - ND ICMPv6
Reported In Release:
FI 08.0.01
Service Request ID:
1219638
Defect ID:
DEFECT000478555
Technical Severity:
Medium
Summary:
Removing the dual mode configuration on an interface configured with dot1x and mac authentication
causes the switch to unexpectedly reload.
Symptom:
Removing the dual-mode configuration on an interface configured with dot1x and mac authentication
causes the switch to unexpectedly reload.
Probability:
High
Risk of Fix:
Medium
Feature:
FI ACL
Function:
802.1x authentication
Reported In Release:
FI 07.4.00
Service Request ID:
1179303
IronWare Software Release R07.3.00p Page 59 of 113
Defect ID:
DEFECT000479288
Technical Severity:
High
Summary:
When network failure occurs with IGMPv3 and IGMP Tracking enabled, it causes delay in failover
process.
Symptom:
When network failure occurs with IGMPv3 and IGMP Tracking enabled, it causes delay in failover
process.
Probability:
High
Risk of Fix:
Low
Feature:
L2/L3 Multicast Features
Function:
IGMP snooping and variants
Reported In Release:
FI 07.4.00
Service Request ID:
1241536
Defect ID:
DEFECT000481649
Technical Severity:
High
Summary:
Counter overflow causes an ICX 6650 device to stop functioning after 9999 reloads.
Symptom:
Counter overflow causes an ICX 6650 device to stop functioning after 9999 reloads.
Probability:
High
Risk of Fix:
Medium
Feature:
Platform
Function:
UNDETERMINED
Reported In Release:
FI 07.4.00
Service Request ID:
1241878
Defect ID:
DEFECT000481686
Technical Severity:
Medium
Summary:
Setting up a scheduled reload to boot from the secondary flash instead boots the device from the
primary flash.
Symptom:
Configuring a scheduled reload from secondary flash will make the switch boot from primary still.
Probability:
Low
Risk of Fix:
Low
Feature:
FI Platform
Function:
Boot code/Flash/Kernel
Reported In Release:
FI 08.0.00
Service Request ID:
1234188
Defect ID:
DEFECT000482452
Technical Severity:
Medium
Summary:
The "admin-edge-port" configuration is automatically added at the VLAN level after LAG is
operational.
Symptom:
The "admin-edge-port" configuration is automatically added at the VLAN level after LAG is
operational.
Probability:
Medium
Feature:
FI L2
Function:
Control Plane - LACP
Reported In Release:
FI 07.3.00
Service Request ID:
1249659
Defect ID:
DEFECT000483135
Technical Severity:
High
Summary:
Unidirectional link in an LACP LAG causes network loop due to port incorrectly remaining in
Designated/Forwarding state in RSTP
Symptom:
Unidirectional link in an LACP LAG causes network loop. Affected ports were not correctly blocked
in RSTP causing ARP packets to circulate within the LAG ports indefinitely. The LAG needs to be
removed manually to mitigate the issue.
Probability:
Medium
Feature:
FI L2
Function:
Control Plane - xSTP/PVST+/PVRST+
Reported In Release:
FI 07.3.00
Service Request ID:
1248927
Defect ID:
DEFECT000485242
Technical Severity:
Critical
Summary:
When several switches connect to a multi-access section (Hub), the TCN does not terminate.
Symptom:
TCN BPDUs flood the network.
Workaround:
run RSTP instead
Probability:
High
Risk of Fix:
Low
Feature:
FI L2 control
Function:
Spanning-tree protocols /PVST+/PVRST+
Reported In Release:
FI 07.4.00
Service Request ID:
1256784
IronWare Software Release R07.3.00p Page 60 of 113
Defect ID:
DEFECT000485316
Technical Severity:
Medium
Summary:
FCX Combo Ports generate optical errors every three minutes even when SFP is disconnected and
alternate copper port is used.
Symptom:
Every three minutes, FCX displays an error message similar to the following: “RX power warning
error slot 1/1/1”.
Workaround:
Removed the SFPs on the ports that do not have fiber connected which stopped the errors.
Probability:
Medium
Risk of Fix:
Low
Feature:
DOM
Function:
DOM
Reported In Release:
FI 07.2.02
Service Request ID:
1231134,1231134
Defect ID:
DEFECT000485619
Technical Severity:
High
Summary:
A Deny ACL fails when applied on an inbound interface in an FCX device.
Symptom:
A Deny ACL fails when applied on an inbound interface in an FCX device.
Probability:
Medium
Feature:
FI ACL
Function:
ACL(all aspects of ACLs - IPV4)
Reported In Release:
FI 07.3.00
Service Request ID:
1256313
Defect ID:
DEFECT000485822
Technical Severity:
High
Summary:
Create an SNMP OID for the new Packet InError Detection and Designated Protection features.
Symptom:
Unable to pull string or values, or generate a SNMP trap for the new Packet InError Detection and
Designated Protection features.
Probability:
High
Feature:
FI Embedded Management
Function:
SNMP
Reported In Release:
FI 07.3.00
Service Request ID:
1258674
Defect ID:
DEFECT000485867
Technical Severity:
Medium
Summary:
An FSX management module switchover removes the 100-fx and optical monitoring configuration.
Symptom:
An FSX management module switchover removes the 100-fx and optical monitoring configuration.
Probability:
Medium
Feature:
DOM
Function:
DOM
Reported In Release:
FI 07.3.00
Service Request ID:
1257391
Defect ID:
DEFECT000486236
Technical Severity:
High
Summary:
A client that is connected to the active VRRP router fails to ping successfully to the server that is
connected to the PBR-configured backup VRRP router.
Symptom:
A client that is connected to the active VRRP router fails to ping successfully to the server that is
connected to the PBR-configured backup VRRP router.
Probability:
Low
Feature:
SX Layer 3 Forwarding - IPV4
Function:
PBR
Reported In Release:
FI 07.3.00
Service Request ID:
1256567
Defect ID:
DEFECT000486447
Technical Severity:
Medium
Summary:
The “show optic” command displays no output.
Symptom:
The “show optic” command displays no output for 10G Optics.
Probability:
High
Feature:
DOM
Function:
DOM
Reported In Release:
FI 07.3.00
Service Request ID:
1253880
IronWare Software Release R07.3.00p Page 61 of 113
Closed Defects in IronWare Software Release 07.3.00g1
Defect ID:
DEFECT000478420
Technical Severity:
High
Summary:
Boot image is not synchronized across all stack members when upgrading in 07.3.00g code using SCP
Symptom:
When upgrading the boot code through SCP in 07.3.00g code, the boot image is not synchronized
correctly to all the units in the stack; also the Active Unit may never get the new boot image even if
the member units do. Problem is not seen for Application images.
Probability:
Medium
Risk of Fix:
Low
Feature:
FI Embedded Management
Function:
SSHV2/SCP
Reported In Release:
FI 07.3.00g
Service Request ID:
1239987
Closed Defects in IronWare Software Release 07.3.00g
Defect ID:
DEFECT000391347
Technical Severity:
Medium
Summary:
If the MCT client switch is on an LACP trunk, reloading one MCT peer will cause traffic to drop for a
few seconds after it restarts.
Symptom:
If the MCT client switch is connected through LACP, traffic loss is seen for 10-15 seconds when the
MCT peer comes up after a reload due to LACP convergence.
Workaround:
Use static trunk for MCT client switches.
Probability:
High
Risk of Fix:
High
Feature:
FI MCT-L2
Function:
Link Aggregation Static/LACP
Reported In Release:
FI 07.4.00
Service Request ID:
1187611
Defect ID:
DEFECT000410566
Technical Severity:
Medium
Summary:
Issuing a "show tech" can cause UDLD to flap in some rare scenarios with a heavily loaded chassis.
Symptom:
In an SX chassis with several line cards fully equipped with SFPs, the implicit "show media"
command within "show tech" can cause some protocols such as UDLD to flap.
Probability:
Low
Risk of Fix:
Low
Feature:
SX Management Functionality
Function:
CLI and parser
Reported In Release:
FI 07.2.02
Service Request ID:
689327
Defect ID:
DEFECT000414937
Technical Severity:
Medium
Summary:
After a reload "show optic" command does not show any values on the SX-FI-24HF module.
Symptom:
After a reload, the "show optic" command does not show any values on the SX-FI-24HF module.
Workaround:
Execute "show media" first, after which "show optic" will show the correct values.
Probability:
High
Risk of Fix:
Low
Feature:
Platform
Function:
Digital Optical Monitoring
Reported In Release:
FI 07.4.00
Service Request ID:
759723
Defect ID:
DEFECT000419899
Technical Severity:
Medium
Summary:
Erroneous Syslog messages reporting functioning FCX power supply units going down and coming up
immediately are generated due to signal noise level.
Symptom:
Erroneous and cosmetic Syslog messages about a Power Supply Unit being powered down and up are
displayed continuously even though the PSU functions correctly and provides uninterrupted AC power
to the switch/router.
Probability:
Medium
Risk of Fix:
Low
Feature:
FI Platform Specific features
Function:
Chassis/fan/powersupplies/temperature
sensors
Reported In Release:
FI 07.2.02
Service Request ID:
1080157
IronWare Software Release R07.3.00p Page 62 of 113
Defect ID:
DEFECT000419924
Technical Severity:
Medium
Summary:
IP Source Guard blocks traffic after moving the port to a new VLAN.
Symptom:
When a client is moved to a port that has IP Source Guard enabled, if the port is then moved to a new
VLAN, the client will no longer be reachable.
Workaround:
Disable IP Source Guard on the client port, move it to the new VLAN and then re-enable IP Source
Guard on the port.
Probability:
Medium
Risk of Fix:
Medium
Feature:
FI ACL
Function:
DHCP Snooping functionality
Reported In Release:
FI 07.4.00
Service Request ID:
1071537
Defect ID:
DEFECT000428623
Technical Severity:
Medium
Summary:
CDP Packet coming from a Brocade Device has one missing field and one incorrect field.
Symptom:
Host name is not visible in the CDP packet for location services.
Probability:
High
Risk of Fix:
Medium
Feature:
FI Embedded Management
Function:
LLDP
Reported In Release:
FI 07.4.00
Service Request ID:
1100465
Defect ID:
DEFECT000429049
Technical Severity:
Medium
Summary:
High CPU utilization observed with NETBIOS & DHCP broadcasts.
Symptom:
High CPU utilization is observed when DHCP & NETBIOS broadcast packets are received by the
device.
Probability:
High
Risk of Fix:
High
Feature:
Layer 3 Forwarding - IPV4
Function:
Data Forwarding (IPV4)
Reported In Release:
FI 07.4.00
Service Request ID:
1092737
Defect ID:
DEFECT000441827
Technical Severity:
High
Summary:
A few Bosch Security Cameras (e.g. NBC-455-11P) fail to power on when connected to ICX6610.
Symptom:
IP security camera fails to power on when connected to ICX6610. The "show inline power" output on
the ICX6610 displays the camera port in a "short circuit" state.
Probability:
High
Feature:
Power over Ethernet
Function:
Power over Ethernet
Reported In Release:
FI 07.3.00
Service Request ID:
1110403
Defect ID:
DEFECT000443109
Technical Severity:
Medium
Summary:
Warning temperature is not configurable on FESX devices running versions 7.2.02 and later.
Symptom:
Warning temperature is not configurable on FESX devices running versions 7.2.02 and later.
Probability:
High
Risk of Fix:
Low
Feature:
SX Platform Specific features
Function:
Chassis/fan/powersupplies/temperature
sensors
Reported In Release:
FI 07.2.02
Service Request ID:
1137834
Defect ID:
DEFECT000447495
Technical Severity:
Medium
Summary:
Elevated CPU utilization levels seen on ICX6610, even with little traffic.
Symptom:
With minimal configuration and nothing plugged into an ICX6610-48, an average of 17 to 23% CPU
utilization is observed.
Probability:
High
Feature:
FI Platform
Function:
Boot code/Flash/Kernel
Reported In Release:
FI 07.3.00
Service Request ID:
1148445
IronWare Software Release R07.3.00p Page 63 of 113
Defect ID:
DEFECT000448184
Technical Severity:
High
Summary:
ICX6610 stacking instability due to interface errors (e.g. CRC, "InErrors", "InGiantPkts", "InJabber"
and/or "InBadPkts") on the stacking ports.
Symptom:
CPU utilization steadily increases, interface errors are seen on some of the stacking links, and the unit
generating the errors will eventually break off from the stack.
Workaround:
The separated stack unit needs to be cold booted to recover.
Probability:
Low
Feature:
FI Platform
Function:
40G Link
Reported In Release:
FI 07.3.00
Service Request ID:
1148013,1149815
Defect ID:
DEFECT000448876
Technical Severity:
Medium
Summary:
With DHCP snooping enabled, IP Cache is not updated from "Drop" to "Forward" when ARP packet
is received.
Symptom:
Traffic loss to certain destinations when traffic transits through a VRRP backup router if DHCP
Snooping is enabled on the incoming interface.
Probability:
Low
Risk of Fix:
Medium
Feature:
SX L2 Forwarding
Function:
MAC Table/FDB Manager
Reported In Release:
FI 07.2.00
Service Request ID:
1105581
Defect ID:
DEFECT000451227
Technical Severity:
Medium
Summary:
VRRP peer IP address is not reachable if IP address of another physical interface is removed.
Symptom:
If VRRP is configured between a TI-24X and an adjacent device, and if there is any physical interface
on it configured with an IP address, removing that IP address will cause the TI-24X to lose connection
to its VRRP peer.
Probability:
High
Feature:
TI Layer 3 Forwarding - IPV4
Function:
Data Forwarding (IPV4)
Reported In Release:
FI 07.3.00
Service Request ID:
1120393
Defect ID:
DEFECT000452027
Technical Severity:
Medium
Summary:
The "show aaa" command output is not accurate for certain fields.
Symptom:
Certain fields in the “show aaa” command output do not increment or change state in response to user
logins. Specifically, the lines “opens=0 closes=0 timeouts=0 errors=0”, and “no connection” do not
change in response to successful user logins.
Probability:
High
Risk of Fix:
Medium
Feature:
FI Embedded Management
Function:
AAA RADIUS/TACACS+ V4/V6
Reported In Release:
FI 07.4.00
Service Request ID:
1154018
Defect ID:
DEFECT000452843
Technical Severity:
Medium
Summary:
Switch does not send Accounting Stop message to the TACACS+ server when the SSH session ends
due to idle timeout.
Symptom:
Accounting Stop messages are not sent to the TACACS+ server when SSH session ends due to idle
timeout. This problem is not seen with RADIUS or Telnet.
Probability:
High
Risk of Fix:
Medium
Feature:
FI Embedded Management
Function:
AAA RADIUS/TACACS+ V4/V6
Reported In Release:
FI 07.4.00
Service Request ID:
1144016
IronWare Software Release R07.3.00p Page 64 of 113
Defect ID:
DEFECT000454619
Technical Severity:
Medium
Summary:
When loop-detection and 802.1x Authentication are enabled on the same interface, a Layer2 loop is
not detected.
Symptom:
When 802.1x is enabled on ports of a VLAN configured with loop-detection, and a physical Layer2
loop exists, the loop is not detected and high CPU utilization results.
Workaround:
Configure "dot1x port-control force-authorized" where the Layer2 loop is formed.
Probability:
Low
Feature:
FI - L4/Security
Function:
802.1x
Reported In Release:
FI 07.3.00
Service Request ID:
1136072
Defect ID:
DEFECT000455824
Technical Severity:
Medium
Summary:
On FESXv6 devices, output for the "show optic" command is not correctly displayed.
Symptom:
FESXv6 devices return "N/A" in the "show optic <port-number>" output if the command is executed
before executing the "show media" command.
Probability:
High
Risk of Fix:
Low
Feature:
Platform
Function:
Digital Optical Monitoring
Reported In Release:
FI 07.4.00
Service Request ID:
1167129
Defect ID:
DEFECT000456995
Technical Severity:
Medium
Summary:
LACP LAG does not get restored after line protocol changes from down to up.
Symptom:
After restoring one of the two links in a two-port LAG, the LAG stays down indefinitely.
Probability:
Medium
Risk of Fix:
Medium
Feature:
FI L2 control
Function:
LACP
Reported In Release:
FI 07.4.00
Service Request ID:
1157272
Defect ID:
DEFECT000457367
Technical Severity:
Medium
Summary:
When DCHP snooping is enabled, DHCP Discover packets are only forwarded to the helper address,
but are not broadcast within the local VLAN.
Symptom:
If DHCP Snooping is enabled on a VLAN which has an IP Helper Address configured, when a client
sends a DHCP Discover packet, the packet should be broadcast within the incoming VLAN but is not.
Probability:
High
Feature:
FCX Layer 3 Forwarding - IPV4
Function:
Data Forwarding (IPV4)
Reported In Release:
FI 07.3.00
Service Request ID:
1153147
Defect ID:
DEFECT000460102
Technical Severity:
High
Summary:
FCX incorrectly allows an unsupported "1000-full-slave" configuration on its fiber ports.
Symptom:
Configuring "1000-full-slave" on an FCX fiber port results in FCS errors on the link partner and
collisions on the local port.
Probability:
High
Feature:
FI Platform
Function:
OPTICS
Reported In Release:
FI 07.3.00
Service Request ID:
1168139
Defect ID:
DEFECT000460514
Technical Severity:
Medium
Summary:
High CPU spikes when optical-monitoring configured.
Symptom:
High CPU Spikes with Optical Monitoring configured on 7.300e Router Code.
Workaround:
Remove optical-monitor and no high CPU Spikes.
Probability:
High
Feature:
FI Platform Specific features
Function:
Digital Optical Monitor
Reported In Release:
FI 07.3.00
Service Request ID:
1170303
IronWare Software Release R07.3.00p Page 65 of 113
Defect ID:
DEFECT000462469
Technical Severity:
Medium
Summary:
Disabling SNMP traps for link-down/link-up also disables Syslog messages for interface down/up
events.
Symptom:
Issuing "no snmp-server enable traps <link-down | link-up>" prevents the generation of Syslog
messages when an interface goes down or comes up.
Probability:
High
Risk of Fix:
Medium
Feature:
FCX Management Functionality
Function:
CLI and parser
Reported In Release:
FI 07.2.02
Service Request ID:
1187496
Defect ID:
DEFECT000464240
Technical Severity:
High
Summary:
IP Helper Address stops working after DHCP Server feature is enabled and disabled.
Symptom:
DHCP client broadcast requests are not forwarded to the IP Helper Address after enabling and
disabling DHCP Server on the device.
Workaround:
Re-enable DHCP Server, even if not using the switch for that purpose.
Probability:
Medium
Feature:
FCX L2 Forwarding
Function:
DHCP assist
Reported In Release:
FI 07.3.00
Service Request ID:
1179152
Defect ID:
DEFECT000464627
Technical Severity:
High
Summary:
CPU Memory Leak may be observed when IP DHCP Server is enabled.
Symptom:
If DHCP Server is configured on the FI device without a DHCP Scope, a slow CPU memory leak may
be observed.
Workaround:
Ensure DHCP Scope on external DHCP Server is correctly configured.
Probability:
Low
Feature:
FI Embedded Management
Function:
DHCP
Reported In Release:
FI 07.3.00
Service Request ID:
1179149
Defect ID:
DEFECT000464738
Technical Severity:
Medium
Summary:
Designated Protect feature in Spanning Tree.
Symptom:
New feature support: 802.1d/802.1w Designated Protect (or Designated Guard).
Probability:
Low
Feature:
FI L2
Function:
Control Plane - xSTP/PVST+/PVRST+
Reported In Release:
FI 07.3.00
Service Request ID:
1168139
Defect ID:
DEFECT000464973
Technical Severity:
Medium
Summary:
Issuing "show media slot <num>" causes sending and receiving of VRRP-E Hello packets to stop for
longer than three seconds, leading to VRRP-E status flaps.
Symptom:
VRRP-E master/backup flaps and Duplicate IP Address messages are seen when "show media slot 1"
is executed on either ICX6650 in a VRRP-E hot standby pair.
Workaround:
Use "show media" and "show media ethernet" instead of "show media slot <num>".
Probability:
High
Risk of Fix:
Low
Feature:
Optics
Function:
OPTICS
Reported In Release:
FI 07.5.00
Service Request ID:
1186282
IronWare Software Release R07.3.00p Page 66 of 113
Defect ID:
DEFECT000465359
Technical Severity:
High
Summary:
Enabling IGMP Snooping on Switch image may stop ARP Request packets from being processed.
Symptom:
On an SX system running Switch image with only Gen3 line modules, enabling "ip multicast passive"
may prevent ARP Request packets from reaching the CPU for processing. Hence, connectivity to hosts
is lost. This does not happen on Router image or on systems which have at least one older generation
line module.
Probability:
High
Feature:
SX L2/L3 Multicast Features
Function:
IGMP snooping and variants
Reported In Release:
FI 07.3.00
Service Request ID:
1152821
Defect ID:
DEFECT000466801
Technical Severity:
High
Summary:
In OSPFv2, FI device's native Router-LSA gets replaced when a fake LSA is sent from a malicious
router which uses an LS ID equivalent to the FI device's router-id.
Symptom:
In OSPFv2, FI device's native Router-LSA gets replaced when a fake LSA is sent from a malicious
router which uses an LS ID equivalent to the FI device's router-id.
Probability:
High
Risk of Fix:
Medium
Feature:
Layer3 Control Protocols
Function:
OSPFV2 - IPV4
Reported In Release:
FI 07.4.00
Defect ID:
DEFECT000467796
Technical Severity:
Medium
Summary:
SX-FI-8XG line card improperly evaluates ACL for switched traffic within a VLAN.
Symptom:
When an ACL is configured on a VE interface, it gets applied to switched traffic within the VLAN as
well, whereas it is expected to be applied only on routed traffic.
Probability:
High
Feature:
FI - L4/Security
Function:
IPV4 ACLs - SX
Reported In Release:
FI 07.3.00
Service Request ID:
1198247
Defect ID:
DEFECT000467837
Technical Severity:
Medium
Summary:
Source IPv6 address for Router Advertisement should be the Link Local Address and not the VRRP
Address.
Symptom:
The VRRP Address is used as the Source IPv6 Address in Router Advertisements, whereas only the
Link Local Address should be used for this purpose.
Probability:
High
Feature:
FI L3 Unicast
Function:
Control Plane - VRRPv3 for IPv6
Reported In Release:
FI 07.3.00
Service Request ID:
1191608
Defect ID:
DEFECT000468598
Technical Severity:
Medium
Summary:
Incorrect system up-time reported by SNMP when NTP is configured.
Symptom:
Incorrect sysUpTime reported by SNMP "get" or "walk" when NTP is configured. However, the
"show version" output displays the correct up-time.
Workaround:
Use SNTP instead of NTP.
Probability:
High
Feature:
FCX Network Management
Function:
SNMP V4/V6
Reported In Release:
FI 07.3.00
Service Request ID:
1189278
IronWare Software Release R07.3.00p Page 67 of 113
Defect ID:
DEFECT000468812
Technical Severity:
Medium
Summary:
ACL rules with IP Forward-Protocol are not installed properly in TCAM on TI-24x.
Symptom:
TCAM rule for UDP port 177 that is added by the command “ip forward-protocol udp 177” gets
removed when configuring a different "no ip forward-protocol udp <port-num>".
Workaround:
Configure an additional dummy "ip forward-protocol udp <port-num>".
Probability:
High
Feature:
FI ACL
Function:
ACL(all aspects of ACLs - IPV4)
Reported In Release:
FI 07.3.00
Service Request ID:
1092630
Defect ID:
DEFECT000469631
Technical Severity:
High
Summary:
MAC Table flush in a fully populated chassis can cause STP flaps.
Symptom:
When an 802.1d enabled port flaps, it leads to a flush of the MAC Table, creating a high CPU
condition lasting for up to a minute which then causes other protocols to flap as well.
Probability:
Low
Feature:
FCX L2 Control
Function:
SpanningTree Protocols
Reported In Release:
FI 07.3.00
Service Request ID:
1157674
Defect ID:
DEFECT000469670
Technical Severity:
Medium
Summary:
ICX6610 incorrectly uses interface MAC as the Source MAC address in VRRP-E Gratuitous ARP
packets.
Symptom:
VRRP-E Gratuitous ARP packets are sent with Interface MAC as the Source MAC Address, whereas
they should use the VRRP-E Virtual MAC Address.
Probability:
High
Risk of Fix:
Low
Feature:
Layer3 Control Protocols
Function:
VRRP/VRRP-E and slow-start timer-
VRRP-E timer scale
Reported In Release:
FI 07.4.00
Service Request ID:
1206999
Defect ID:
DEFECT000470072
Technical Severity:
Medium
Summary:
If the AES encryption string in SNMPv3 user configuration begins with 00, it is not retained across
reloads.
Symptom:
In SNMPv3, if the AES encrypted string that is based on SNMP Engine ID and user supplied key gets
generated such that its first two characters are "00", the string does not get read properly when a reboot
or switchover occurs.
Probability:
Low
Risk of Fix:
Medium
Feature:
FI Embedded Management
Function:
SNMP v1/v2/v3
Reported In Release:
FI 07.4.00
Service Request ID:
1208892
Defect ID:
DEFECT000470501
Technical Severity:
Medium
Summary:
Packet InError Detection feature.
Symptom:
Feature to allow a user configurable InError threshold on a port, which when exceeded puts the port
into Error-disabled state for a user configured period of time.
Probability:
Low
Feature:
FI L2
Function:
Control Plane -Other
Reported In Release:
FI 07.3.00
Service Request ID:
1168139
IronWare Software Release R07.3.00p Page 68 of 113
Defect ID:
DEFECT000471789
Technical Severity:
Critical
Summary:
DHCP Offer packets can cause a system reset when received on a VE interface.
Symptom:
In rare instances, DHCP Offer packets that are received on a VE interface can overwrite the IPv6
default route entry, leading to a system reset.
Probability:
Low
Risk of Fix:
Low
Feature:
FI Embedded Management
Function:
DHCP
Reported In Release:
FI 07.5.00
Service Request ID:
1213962
Defect ID:
DEFECT000473426
Technical Severity:
High
Summary:
Continuous SCP copy of application image on ICX6610 stack results in an empty flash on the Active
Unit.
Symptom:
When continuously copying an application image to the secondary flash partition, the secondary flash
partition becomes empty on the Active Unit and can eventually lead to a system reset.
Probability:
Medium
Feature:
FI Platform
Function:
Boot code/Flash/Kernel
Reported In Release:
FI 07.3.00
Service Request ID:
1206553
Defect ID:
DEFECT000473539
Technical Severity:
Medium
Summary:
"admin-pt2pt-mac" configuration automatically gets added at VLAN level after a system reload.
Symptom:
If "spanning-tree 802 admin-pt2pt-mac" command is added at interface configuration level and saved
to the configuration, upon reloading the system, "spanning-tree 802-1w ethe <port-num> admin-pt2pt-
mac" appears at the VLAN configuration level.
Probability:
High
Feature:
FCX L2 Control
Function:
802.1w
Reported In Release:
FI 07.3.00
Service Request ID:
1222349
Closed Defects in IronWare Software Release 07.3.00f
Defect ID:
DEFECT000383772
Technical Severity:
Medium
Summary:
System may display a syslog message about route allocation failures even though resources are
available.
Symptom:
The following syslog message is generated: "SYSLOG: <14>Jan 6 16:25:35 ICX6450 IP: number of
free route entries allocation failed!"
Probability:
Low
Risk of Fix:
Low
Feature:
Layer 3 Forwarding - IPV4
Function:
Data Forwarding (IPV4)
Reported In Release:
FI 07.4.00
Service Request ID:
1102772
Defect ID:
DEFECT000400311
Technical Severity:
High
Summary:
"dot1x auth-timeout-action" command does not differentiate between success and failure
configurations
Symptom:
Even when "dot1x auth-timeout-action failure" command is configured to move the port to the
restricted VLAN, on failure, the port is instead moved to the native VLAN that is configured as part of
the "dot1x auth-timeout-action success" configuration.
Probability:
Medium
Risk of Fix:
Low
Feature:
FI - L4/Security
Function:
802.1x
Reported In Release:
FI 07.5.00
Service Request ID:
1104525
IronWare Software Release R07.3.00p Page 69 of 113
Defect ID:
DEFECT000426210
Technical Severity:
Medium
Summary:
Issuing any "dm" command when TACACS+ is configured makes the CLI unresponsive until the
carriage return is pressed
Symptom:
Issuing any "dm" command when TACACS+ is configured makes the CLI unresponsive until the
carriage return is pressed, and may cause problems with scripted data collection.
Probability:
High
Risk of Fix:
Medium
Feature:
FI Embedded Management
Function:
CLI Parser
Reported In Release:
FI 07.4.00
Service Request ID:
1101096
Defect ID:
DEFECT000428691
Technical Severity:
Medium
Summary:
Command "ip forward-protocol udp 177" does not take effect
Symptom:
Application traffic with all-router broadcast packets sent to UDP Port 177 are dropped even when "ip
forward-protocol udp 177" is configured.
Probability:
High
Feature:
TI Layer 3 Forwarding - IPV4
Function:
Data Forwarding (IPV4)
Reported In Release:
FI 07.3.00
Service Request ID:
1092630
Defect ID:
DEFECT000430373
Technical Severity:
Critical
Summary:
Repeatedly configuring/unconfiguring Port Mac Security may lead to an unexpected System Reset
Symptom:
Unexpected System Reset may be observed upon repeatedly configuring/unconfiguring Port Mac
Security.
Probability:
High
Risk of Fix:
Low
Feature:
FI L2
Function:
Forwarding - Port Mac Security
Reported In Release:
FI 08.0.00
Service Request ID:
1119122
Defect ID:
DEFECT000431548
Technical Severity:
High
Summary:
ACL programming in hardware may become inconsistent with software if ACLs are removed and
added to the running configuration via TFTP
Symptom:
After an ACL associated with PBR configuration is removed and added to the running configuration
via TFTP, the PBR functionality may no longer work as expected.
Workaround:
Do not add/remove ACL to the running configuration via TFTP, and instead do it through CLI.
Probability:
Medium
Feature:
FI ACL
Function:
ACL(all aspects of ACLs - IPV4)
Reported In Release:
FI 07.3.00
Service Request ID:
1051833
Defect ID:
DEFECT000432681
Technical Severity:
High
Summary:
Configured IPv6 address gets deleted when the address learned from Router Advertisements expires
Symptom:
When the lifetime of an IPv6 address that is auto-learned through Router Advertisements expires, then
the configured address gets deleted along with the auto-learned address.
Workaround:
Reboot the device. It will recover and the configured address will take effect from the
configuration.
Probability:
High
Feature:
FCX Layer 3 Forwarding - IPV6
Function:
ECMP (IPV6)
Reported In Release:
FI 07.3.00
Service Request ID:
1111827
IronWare Software Release R07.3.00p Page 70 of 113
Defect ID:
DEFECT000433237
Technical Severity:
High
Summary:
SNMP ifOperStatus reports ports in Blocking state as down even though the ports are physically and
administratively up
Symptom:
FWS is incorrectly reporting the ifOperStatus as down(2), when the port is in blocking state but is
administratively and operationally up.
Probability:
Medium
Risk of Fix:
Low
Feature:
FI Embedded Management
Function:
SNMP v1/v2/v3
Reported In Release:
FI 07.4.00
Service Request ID:
1115243
Defect ID:
DEFECT000438420
Technical Severity:
Medium
Summary:
Interface level negotiation mode configuration may not work correctly
Symptom:
In case global level negotiation configuration is deleted, interface level negotiation configuration may
not take effect.
Workaround:
Configure interface level negotiation mode again.
Probability:
Medium
Risk of Fix:
Low
Feature:
FCX Layer1 features
Function:
Auto Negotiation
Reported In Release:
FI 07.2.02
Service Request ID:
1131822
Defect ID:
DEFECT000444065
Technical Severity:
High
Summary:
In rare cases, one of the stack links of a member unit may get administratively disabled even though
the link is up, causing CPU to CPU communication between other units in the stack to become one-
directional
Symptom:
The output of "show stack connection" will display a warning about a missing stacking link and many
errors about one directional CPU to CPU messages, even though all stacking links are physically up.
Probability:
Low
Risk of Fix:
Low
Feature:
FI Infrastructure
Function:
stacking port trunking
Reported In Release:
FI 07.4.00
Service Request ID:
1148013
Defect ID:
DEFECT000446797
Technical Severity:
Medium
Summary:
Loading the FastIron Router MIB file into HP OpenVIew version NNMi 9.2 Patch fails with syntax
error
Symptom:
When attempting to load the FastIron Router MIB file into HP OpenVIew version NNMi 9.2 Patch,
the operation fails with the following syntax errors:
"Operation LoadMib failed"
"Failed to load MIB modules from ..."
"Problems were reported during parsing, unable to load requested MIBs"
Probability:
Low
Feature:
FCX Network Management
Function:
INM Support
Reported In Release:
FI 07.3.00
Service Request ID:
1129553
Defect ID:
DEFECT000447482
Technical Severity:
Medium
Summary:
Temperature warning level can be configured to a higher value than the system shutdown temperature
Symptom:
The warning temperature setting, that is configurable via the CLI, can be set to a higher value than the
actual system shutdown temperature level, in which case no warning is triggered.
Probability:
High
Risk of Fix:
Low
Feature:
Platform
Function:
CHASSIS
Reported In Release:
FI 08.0.00
Service Request ID:
1148013
IronWare Software Release R07.3.00p Page 71 of 113
Defect ID:
DEFECT000448413
Technical Severity:
Medium
Summary:
During bootup, a few characters at the start of syslog messages may be omitted
Symptom:
When the FastIron device is reloaded, some of the initial characters are omitted for the first few Syslog
messages. After some period of time, the messages are generated correctly.
Probability:
Medium
Feature:
FI Embedded Management
Function:
SYSLOG
Reported In Release:
FI 07.3.00
Service Request ID:
1135927
Defect ID:
DEFECT000448726
Technical Severity:
Medium
Summary:
SSH session establishment may trigger VRRP state changes
Symptom:
Upon initiating an SSH session to the FastIron device, the CPU may become unresponsive and trigger
VRRP/VRRP-E state changes.
Workaround:
Use "Diffie-Hellman_group1” protocol for SSH Key Exchange.
Probability:
Medium
Feature:
SX Network Management
Function:
SSHv2/SCP V4/V6
Reported In Release:
FI 07.3.00
Service Request ID:
1148834
Defect ID:
DEFECT000449453
Technical Severity:
High
Summary:
Multi-session inband SNMP bulk walk on the MAC table causes LACP timers to expire and leads to a
link flap
Symptom:
On ICX6610, two or more simultaneous in-band SNMP bulk walks on the MAC table may cause
LACPDU's to not be sent out on time, thereby triggering a timeout and flap by the link partner.
Probability:
High
Feature:
FI L2
Function:
Control Plane - LACP
Reported In Release:
FI 07.3.00
Service Request ID:
1131590
Defect ID:
DEFECT000450766
Technical Severity:
Medium
Summary:
Disabling sFlow at a global configuration level can cause high CPU usage
Symptom:
When sFlow is disabled at a global CLI configuration level, the CPU utilization may go up to 99%.
Workaround:
Correct the port setting for sFlow usage by entering "sflow enable" and then "no sflow enable" at
the global CLI configuration level.
Probability:
Low
Feature:
SX Network Management
Function:
sFlow
Reported In Release:
FI 07.3.00
Service Request ID:
1129051
Defect ID:
DEFECT000451637
Technical Severity:
Medium
Summary:
Configuring sFlow may cause the FastIron device to experience an unexpected system reset
Symptom:
In very rare situations, configuring sFlow may cause the FastIron device to experience an unexpected
system reset.
Probability:
Low
Feature:
FCX Network Management
Function:
sFlow
Reported In Release:
FI 07.3.00
Service Request ID:
1154139
Defect ID:
DEFECT000457368
Technical Severity:
High
Summary:
Incorrect initialization of the downstream interface table may cause multicast congestion drops in a
chassis with mixed generation line cards.
Symptom:
In very rare cases, multicast congestion drops are seen on a third generation module in a mixed SX
chassis, and multicast/broadcast packets will stop being transmitted on the ports of this module.
Probability:
Low
Feature:
SX L2/L3 Multicast Features
Function:
PIM Sparse
Reported In Release:
FI 07.3.00
Service Request ID:
1113516
IronWare Software Release R07.3.00p Page 72 of 113
Defect ID:
DEFECT000457828
Technical Severity:
Medium
Summary:
In some cases, SX-1600 may not boot up when 48-port 1 Gig copper modules are present in the
system.
Symptom:
If 48-port 1Gig copper modules are present, SX chassis does not complete the boot process. In this
error condition, the following error messages are displayed on the console:
"qdLoadDriver return Failed
QuarterDeck initialization failed.
qdMultiDevStart Failed for Dev 20, Port 0
ERROR[puma_phy_init]: init_6165_interfaces returned 1
sx_1g_puma_init() failed
[Error] :: Hw-validation-failure : read/write failed on line-module 11, powering it off "
Probability:
Medium
Risk of Fix:
Low
Feature:
Platform
Function:
System
Reported In Release:
FI 07.4.00
Service Request ID:
1169079
Closed Defects in IronWare Software Release 07.3.00e
Defect ID:
DEFECT000296833
Technical Severity:
Medium
Summary:
Device will close down a Telnet management session as soon as it receives a FIN even if output is
pending.
Symptom:
Device will close down a Telnet management session as soon as it receives a FIN even if output is
pending.
Probability:
High
Risk of Fix:
Medium
Feature:
FCX Management Functionality
Function:
IPV4/V6 Telnet Service
Reported In Release:
FI 07.0.01
Service Request ID:
246740
Defect ID:
DEFECT000351893
Technical Severity:
High
Summary:
Memory usage steadily increases every time a Web Authentication client logs in and logs out using
HTTPS.
Symptom:
Memory is constantly depleted every time a Web Authentication client logs in and logs out using
HTTPS.
Workaround:
Reboot the device.
Probability:
High
Feature:
FI - L4/Security
Function:
Web Authentication
Reported In Release:
FI 07.3.00
Service Request ID:
700759
Defect ID:
DEFECT000369470
Technical Severity:
High
Summary:
Digital Monitoring support in 1G SFP may not function and may display incorrect information with
stacking configuration
Symptom:
Digital Monitoring support in 1G SFP may not function and may display incorrect information with
stacking configuration
Probability:
Low
Feature:
FI Platform
Function:
Digital Optical Monitor
Reported In Release:
FI 07.3.00
Service Request ID:
1104973
IronWare Software Release R07.3.00p Page 73 of 113
Defect ID:
DEFECT000376464
Technical Severity:
Medium
Summary:
Ports are Up without having a physical connection on port in ICX-6610
Symptom:
Ports are Up without having a physical connection on it in ICX-6610. LEDs are also blinking.
Probability:
High
Feature:
FI Platform
Function:
1G Link
Reported In Release:
FI 07.3.00
Service Request ID:
826357
Defect ID:
DEFECT000399851
Technical Severity:
Critical
Summary:
CLI may encounter unexpected system reset when VLANs - for a large number of ports are being
managed using the Web Management Interface
Symptom:
CLI may encounter unexpected system reset when VLANs - for a large number of ports are managed
using the Web Management Interface.
Probability:
Medium
Feature:
SX Network Management
Function:
Web Management
Reported In Release:
FI 07.3.00
Service Request ID:
,754515
Defect ID:
DEFECT000408284
Technical Severity:
Medium
Summary:
Some OpenSSH versions are incompatible with the FastIron devices when using SCP.
Symptom:
FCX Devices may not be able to perform secure shell (SSH) login or secure copy (SCP) from client
running OpenSSH v5.5.p1 version. Previous versions work properly.
Workaround:
Use an earlier version of OpenSSH.
Probability:
High
Risk of Fix:
Low
Feature:
FCX Network Management
Function:
SSHv2/SCP V4/V6
Reported In Release:
FI 07.2.02
Service Request ID:
604551
Defect ID:
DEFECT000408747
Technical Severity:
Medium
Summary:
DHCP server not giving IP addresses to some hosts.
Symptom:
SX device running DHCP server may not offer IP addresses to hosts when moved from one subnet to
other.
Probability:
Medium
Feature:
SX DHCP SERVER
Function:
DHCP
Reported In Release:
FI 07.3.00
Service Request ID:
1084792, 1085652
Defect ID:
DEFECT000415140
Technical Severity:
Medium
Summary:
DHCP server does not allocate addresses for all hosts within defined address pools.
Symptom:
Some host DHCP requests will fail, while others will work on the same VLAN.
Probability:
High
Risk of Fix:
Medium
Feature:
Platform
Function:
System
Reported In Release:
FI 07.4.00
Service Request ID:
1061154
Defect ID:
DEFECT000415181
Technical Severity:
Medium
Summary:
Multicast Packets are duplicated to 224.0.0.x across ICX6610 layer 2
Symptom:
Multicast Packets are duplicated to 224.0.0.x across ICX6610 layer 2
Probability:
High
Risk of Fix:
Medium
Feature:
L2 Forwarding
Function:
Other
Reported In Release:
FI 07.4.00
Service Request ID:
737715
IronWare Software Release R07.3.00p Page 74 of 113
Defect ID:
DEFECT000419248
Technical Severity:
Medium
Summary:
Spanning tree blocked port forwarding ARP broadcasts.
Symptom:
In SX device, enabling a redundant link in a VLAN may occasionally cause loop in the network.
Probability:
Medium
Risk of Fix:
Medium
Feature:
SX L2 Control
Function:
SpanningTree Protocols
Reported In Release:
FI 07.2.02
Service Request ID:
841043
Defect ID:
DEFECT000419899
Technical Severity:
Medium
Summary:
Erroneous Syslog messages reporting functioning FCX power supply units going down and coming up
immediately are generated due to signal noise level.
Symptom:
Erroneous and cosmetic Syslog messages about a Power Supply Unit being powered down and up are
displayed continuously even though the PSU functions correctly and provides uninterrupted AC power
to the switch/router.
Probability:
Medium
Risk of Fix:
Low
Feature:
FI Platform Specific features
Function:
Chassis/fan/powersupplies/temperature
sensors
Reported In Release:
FI 07.2.02
Service Request ID:
1080157
Defect ID:
DEFECT000422319
Technical Severity:
Medium
Summary:
"ip tcp keepalive" command doesn't work for IPv6
Symptom:
"ip tcp keepalive" command for IPv6 may not work and configuration may not show in running
configuration
Probability:
High
Risk of Fix:
Medium
Feature:
FCX Layer 3 Forwarding - IPV6
Function:
Data Forwarding (IPV6)
Reported In Release:
FI 07.2.02
Service Request ID:
1085918
Defect ID:
DEFECT000422811
Technical Severity:
Medium
Summary:
Stack ID swapped when Ring Stack changed to Linear Stack due to port related issue
Symptom:
Stack ID could be swapped when Ring stack changed to Linear stack due to port related issues.
Workaround:
Make the units to be clean units by "unconfigure clean" and then allow the units to join the stack
again.
Probability:
Medium
Feature:
FI Infrastructure
Function:
stacking undetermined
Reported In Release:
FI 07.3.00
Service Request ID:
1091448
Defect ID:
DEFECT000423085
Technical Severity:
Medium
Summary:
PoE on SX can get stuck due to power glitch. Device is not providing inline power and may show
incorrect information.
Symptom:
SX device may stop providing power to PDs such as access points and IP phones. PoE module is
showing incorrect inline power allocation, even when no PD is attached.
Workaround:
Re-install the PoE firmware on the PoE controller, or RMA the affected unit if firmware
installation is not successful.
Probability:
Medium
Risk of Fix:
Medium
Feature:
POE FW upgrade
Function:
POE FW upgrade
Reported In Release:
FI 07.2.02
Service Request ID:
760185
IronWare Software Release R07.3.00p Page 75 of 113
Defect ID:
DEFECT000423234
Technical Severity:
High
Summary:
Stack encounters unexpected system reset after VLAN configuration using the Web Management
Interface.
Symptom:
Stack encounters unexpected system reset after VLAN configuration using the Web Management
Interface.
Probability:
Medium
Feature:
FI Embedded Management
Function:
Web Management
Reported In Release:
FI 07.3.00
Service Request ID:
754515
Defect ID:
DEFECT000425786
Technical Severity:
Medium
Summary:
IEEE PD class 0 default power allocation should be set to 15.4 Watts instead of 30 Watts
Symptom:
Due to incorrect power allocation of IEEE PD class 0 by switch, customer suffers from power budget
issue. To supply enough inline power for all the PDs in use, customer may require manual
configuration on all switches to trim the power budget.
Workaround:
Use CLI command to configure for "inline power power-limit 15400"
Probability:
High
Feature:
Power over Ethernet
Function:
Power over Ethernet
Reported In Release:
FI 07.3.00
Service Request ID:
1090929
Defect ID:
DEFECT000425958
Technical Severity:
Medium
Summary:
Switch encounters unexpected system reset after executing 'ip dhcp snooping vlan x' command
Symptom:
Switch may encounter unexpected system reset after executing 'ip dhcp snooping vlan' command in
SX.
Probability:
High
Risk of Fix:
Medium
Feature:
FI ACL
Function:
DHCP Snooping functionality
Reported In Release:
FI 07.4.00
Service Request ID:
1060660, 1042423
Defect ID:
DEFECT000426653
Technical Severity:
Medium
Summary:
Switch encounter unexpectedly system reset when a loopback interface is enabled.
Symptom:
Switch may encounter unexpectedly system reset when a loopback interface is enabled in ICX-6610.
Workaround:
Remove static route pointing to ve interface.
Probability:
High
Risk of Fix:
Low
Feature:
Layer3 Control Protocols
Function:
OSPFV2 - IPV4
Reported In Release:
FI 07.4.00
Service Request ID:
1097908
Defect ID:
DEFECT000427550
Technical Severity:
Medium
Summary:
VRRP Standby may encounter port flap with multiple VLANs and VRIDs configuration.
Symptom:
Intermittent flaps on the VRRP standby may occur for multiple VRIDs in multiple VLANs
configuration. Flap occurs only on the VRRP Standby and not on the VRRP Owner.
Probability:
Medium
Feature:
Layer3 Control Protocols
Function:
VRRP/VRRP-E and slow-start timer-
VRRP-E timer scale
Reported In Release:
FI 07.3.00
Service Request ID:
1101971
Defect ID:
DEFECT000428520
Technical Severity:
Medium
Summary:
Packet loss on SX module SX-FI-24GPP due to multicast congestion
Symptom:
Packet loss may occur on SX-FI-24GPP modules due to multicast packet congestion
Probability:
Low
Feature:
Platform
Function:
System
Reported In Release:
FI 07.4.00
Service Request ID:
737265
IronWare Software Release R07.3.00p Page 76 of 113
Defect ID:
DEFECT000429808
Technical Severity:
Medium
Summary:
SX switch may encounter unexpected system reset during processing CPU packets.
Symptom:
SX1600 encountered a system reset with no apparent reason. The unexpected system reset may occur
during processing CPU packets.
Probability:
Medium
Feature:
FI Infrastructure
Function:
Packet Scheduling/Marking/Buffering
Reported In Release:
FI 07.3.00
Service Request ID:
1077158
Closed Defects in IronWare Software Release 07.3.00d
Defect ID:
DEFECT000333939
Technical Severity:
Medium
Summary:
Access-list to permit/deny ICMP with certain types doesn't work
Symptom:
Access list does not honor different types of ICMP packets in transit traffic if the access-list also
contains filters for TCP ports. All ICMP types will be permitted or denied.
Workaround:
Do not apply filter with TCP ports in addition to ICMP types.
Probability:
Low
Risk of Fix:
Low
Feature:
SX ACL
Function:
ACL(all aspects of ACLs - IPV4)
Reported In Release:
FI 07.2.00
Service Request ID:
514363
Defect ID:
DEFECT000347917
Technical Severity:
Medium
Summary:
FCX device does not forward ARP broadcast packets when raw packet debugging is enabled
Symptom:
When "dm raw" is enabled, ARP broadcast packets stop being flooded in the VLAN.
Workaround:
Turn off "dm raw".
Probability:
Medium
Risk of Fix:
Low
Feature:
FCX Layer 3 Forwarding - IPV4
Function:
Data Forwarding (IPV4)
Reported In Release:
FI 07.2.02
Service Request ID:
266738
Defect ID:
DEFECT000358890
Technical Severity:
Critical
Summary:
SX1600 may reset when launching an SSHv2 session after a hitless reload.
Symptom:
SX1600 may reset when launching an SSHv2 session after a hitless reload.
Probability:
High
Feature:
FI Embedded Management
Function:
SSHV2/SCP
Reported In Release:
FI 07.3.00
Service Request ID:
728893
Defect ID:
DEFECT000380312
Technical Severity:
Medium
Summary:
Unexpected reset may occur when a dm command is issued in a VLAN that contains no ports.
Symptom:
Debug CLI command "dm 802-1w bridge vlan <ID>" may cause an unexpected reset of the device.
Workaround:
Add ports to the VLAN. Do not run the command.
Probability:
High
Feature:
FI Debug support
Function:
dm commands - L2
Reported In Release:
FI 07.3.00
Service Request ID:
689965
IronWare Software Release R07.3.00p Page 77 of 113
Defect ID:
DEFECT000391531
Technical Severity:
Medium
Summary:
TI-When a copper SFP is moved from port 1 to 2 and back to 1, the link does not come up and
requires a reload.
Symptom:
When a copper SFP is moved from port 1 to 2 and back to 1, the link does not come up and requires a
reload. The same does not happen in 4200d code
Workaround:
If issue is seen, bouncing the port fixes the problem unlike in 7.3.00c where we had to do a
reload to recover.
Probability:
High
Feature:
Optics
Function:
OPTICS
Reported In Release:
FI 07.3.00
Service Request ID:
711623
Defect ID:
DEFECT000391791
Technical Severity:
Medium
Summary:
If the same VSRP VRID is used in multiple VLANs, then changes made under one VLAN can affect a
different VLAN with the same VSRP VRID.
Symptom:
If the same VSRP VRID is used in multiple VLANs, then changes made under one VLAN can affect a
different VLAN with the same VSRP VRID.
Probability:
Medium
Risk of Fix:
Low
Feature:
FCX L2 Control
Function:
VSRP(master and aware)
Reported In Release:
FI 07.2.02
Service Request ID:
713975
Defect ID:
DEFECT000392987
Technical Severity:
High
Summary:
When saving the running configuration, the system may disconnect the SSH session unexpectedly
Symptom:
“Bad packet length 4171188320” is seen when "write mem" command is issued over SSH and the
client is then disconnected.
Probability:
Low
Risk of Fix:
High
Feature:
FCX Management Functionality
Function:
IPv4/V6 SSH Service
Reported In Release:
FI 07.2.00
Service Request ID:
712399
Defect ID:
DEFECT000396100
Technical Severity:
Medium
Summary:
Switch with no IPv4 address configured generates ARP packets incorrectly when both a Management
VLAN and Uplink Switch are configured.
Symptom:
Switch with no IPv4 address configured generates ARP packets with Source Address 0.0.0.0 for
directed broadcast traffic when both a Management VLAN and Uplink Switch are configured.
Probability:
High
Risk of Fix:
Medium
Feature:
SX Layer 3 Forwarding - IPV4
Function:
Data Forwarding (IPV4)
Reported In Release:
FI 07.2.02
Service Request ID:
722675
Defect ID:
DEFECT000396545
Technical Severity:
Medium
Summary:
Aggregate VLAN Q-in-Q supports frame sizes of up to 1522 bytes only
Symptom:
With Q-in-Q configured, frame sizes of up to 1522 bytes are supported instead of the expected 1530
bytes. Frames larger than 1522 bytes are dropped.
Workaround:
Configure for switch to support Jumbo frame.
Probability:
High
Risk of Fix:
Low
Feature:
FCX L2 Forwarding
Function:
Q-in-Q
Reported In Release:
FI 07.2.02
Service Request ID:
715413
IronWare Software Release R07.3.00p Page 78 of 113
Defect ID:
DEFECT000397916
Technical Severity:
Medium
Summary:
Configuring more than 4000 VLANs causes flash to run out of space.
Symptom:
After making configuration changes, the “write memory” and “show run” commands do not work.
Below messages are displayed
BRCD6650-64 Switch(config)#wr mem
Configuration data is too big!------------------------------------------>
Running-config to startup-config abort.
BRCD6650-64 Switch(config)#sh run
please trim your configuration---------------------------------------------------------->
Risk of Fix:
Medium
Feature:
FI Embedded Management
Function:
Telnet/SSH/SCP
Reported In Release:
FI 07.5.00
Service Request ID:
761061
Defect ID:
DEFECT000398232
Technical Severity:
High
Summary:
When RSTP cost and edge port are set on a port outside the VLAN via Web Management Interface, an
unexpected reset may be seen.
Symptom:
When using the Web Management Interface to set RSTP cost and edge port on a port that is not
currently a member of the chosen VLAN, an unexpected reset may be seen.
Probability:
Low
Feature:
FI Embedded Management
Function:
Web Management
Reported In Release:
FI 07.3.00
Service Request ID:
723983
Defect ID:
DEFECT000399298
Technical Severity:
Medium
Summary:
IP Cache display shows incorrect VLAN IDs for some entries.
Symptom:
In rare cases, the output of the "show ip cache" command displays IP Address entries with incorrect
VLAN IDs.
Workaround:
NO
Probability:
Low
Risk of Fix:
Medium
Feature:
FCX Layer 3 Forwarding - IPV4
Function:
Data Forwarding (IPV4)
Reported In Release:
FI 07.2.02
Service Request ID:
683131
Defect ID:
DEFECT000400064
Technical Severity:
Medium
Summary:
ARP packets embedded within Q-in-Q is not forwarded by ICX.
Symptom:
ARP packets embedded within Q-in-Q packet is not forwarded by ICX.
Probability:
High
Feature:
FCX L2 Forwarding
Function:
Q-in-Q
Reported In Release:
FI 07.3.00
Service Request ID:
728101, 716155
IronWare Software Release R07.3.00p Page 79 of 113
Defect ID:
DEFECT000400929
Technical Severity:
Medium
Summary:
TurboIron does not forward traffic on all ports upon receiving too many Pause frames
Symptom:
TurboIron does not forward traffic on all ports upon receiving too many Pause frames
Workaround:
The TurboIron buffer allocation is based on robust tuning; therefore, the default buffer allocation
should not be changed.
As a workaround, set the port to use minimum egress buffers by configuring the "egress-buffer-
threshold min" command when a port is enabled to honor or transmit pause frames.
An example configuration for Ethernet interfaces 2 and 10 are as follows;
TX24 Switch(config)# no enable egress-buffer-default
TX24 Switch(config)#int e 2 e 10
TX24 Switch(config-mif-2,10)#egress-buffer-threshold min
Probability:
Medium
Feature:
TI Layer 3 Forwarding - IPV4
Function:
Data Forwarding (IPV4)
Reported In Release:
FI 07.3.00
Service Request ID:
730677
Defect ID:
DEFECT000400942
Technical Severity:
Medium
Summary:
Switch sends incorrect IPv4 format of SSH client address to the console.
Symptom:
SSH client IP address is not printed on the console, and if it is printed, the format appears to be in
IPv6 format with "::".
This is a cosmetic error seen in console syslog message..
Probability:
High
Feature:
CHOW Layer 3 Forwarding - IPV4
Function:
Data Forwarding (IPV4)
Reported In Release:
FI 07.3.00
Service Request ID:
732281
Defect ID:
DEFECT000401082
Technical Severity:
High
Summary:
Cannot communicate with tagged promiscuous port on primary VLAN from isolated VLAN over
PVLAN-trunk.
Symptom:
When the promiscuous port in the primary VLAN is tagged, an ARP request may be forwarded with
an incorrect VLAN tag.
Workaround:
Use Untagged port on Primary VLAN.
Probability:
Medium
Feature:
FI L2
Function:
Forwarding - Private VLAN
Reported In Release:
FI 07.3.00
Service Request ID:
721623
Defect ID:
DEFECT000401609
Technical Severity:
Medium
Summary:
When trunk ports span across the stacks: the MAC address is not reset, when the trunk is not deployed.
Symptom:
When trunk ports span across the stacks: the MAC address is not reset, when the trunk is not deployed.
Risk of Fix:
Low
Feature:
FCX L2 Forwarding
Function:
Trunk Threshold
Reported In Release:
FI 07.2.02
Service Request ID:
724649
IronWare Software Release R07.3.00p Page 80 of 113
Defect ID:
DEFECT000403066
Technical Severity:
Medium
Summary:
If a router is upgraded directly from release version 04.x.xx to 07.2.xx or later, SSH access to the
device could result in a system reset.
Symptom:
If a router is upgraded directly from release version 04.x.xx to 07.2.xx or later without regenerating
the SSH key, the system may reset if an SSH access is attempted.
Workaround:
1. Invoke the “crypto key gen” command to regenerate the key after the upgrade.
2. Upgrade the device first from version 04.x.xx to 07.1.00, and then upgrade it from 07.1.00 to
07.2.xx or later code streams.
Probability:
Medium
Feature:
FI Embedded Management
Function:
SSHV2/SCP
Reported In Release:
FI 07.3.00
Service Request ID:
733057
Defect ID:
DEFECT000403640
Technical Severity:
High
Summary:
It takes 6.7 seconds to clear the MAC in router code where as it takes 400 milliseconds to flush it in
switch code.
Risk of Fix:
Low
Feature:
Layer 3 Forwarding - IPV4
Function:
Data Forwarding (IPV4)
Reported In Release:
FI 07.5.00
Service Request ID:
756077
Defect ID:
DEFECT000404253
Technical Severity:
Medium
Summary:
Configuring and then removing protocol VLAN does not clean up MAC Address locking issue on port
registers.
Symptom:
High CPU level due to data packets are not being forwarded in hardware.
Workaround:
Configure device issuing the command "dot1x-enable" and then remove it issuing the command
"no dot1x-enable".
Feature:
FCX L2 Forwarding
Function:
Protocol VLAN
Reported In Release:
FI 07.3.00
Service Request ID:
725439
Defect ID:
DEFECT000404397
Technical Severity:
Medium
Summary:
Printing more than 700 lines at a time in buffer logging, causes high CPU and VRRP might not
process control packets.
Symptom:
Printing more than 700 lines in buffer logging at the same time causes high CPU and VRRP might not
process control packets
Workaround:
Remove the "logging buffer" from the configuration. Default is 50 lines.
Probability:
High
Risk of Fix:
Medium
Feature:
SX Layer3 Control Protocols
Function:
VRRP/VRRP-E and slow-start timer-
VRRP-E timer scale
Reported In Release:
FI 07.2.02
Service Request ID:
721885
Defect ID:
DEFECT000405574
Technical Severity:
High
Summary:
High CPU usage is observed when LLDP is enabled on a POE enabled port on SX.
Symptom:
High CPU usage is observed when LLDP is enabled on a POE enabled port on SX, when there are
many non POE devices connected on POE enabled ports. If there is a non-POE device connected on a
POE enabled port, the “PD Detection Fault” message is displayed with “show inline power”.
Feature:
Power over Ethernet
Function:
Power over Ethernet
Reported In Release:
FI 07.3.00
Service Request ID:
733323
IronWare Software Release R07.3.00p Page 81 of 113
Defect ID:
DEFECT000406403
Technical Severity:
Medium
Summary:
DHCP may fail in VLAN 1 when using dual mode interface and IP helper.
Symptom:
The switch is dropping the DHCP packets that are coming on VLAN 1 when dual-mode and IP helper
is enabled.
Probability:
High
Risk of Fix:
Low
Feature:
SX L2 Forwarding
Function:
DHCP assist
Reported In Release:
FI 07.2.02
Service Request ID:
732333
Defect ID:
DEFECT000406631
Technical Severity:
Medium
Summary:
Bridge TC Event log is missing on FastIron SX switches from code 07.2.00 and later.
Symptom:
An SX switch that has MSTP configured is connected to other vendor switches running legacy STP
(802.1D). When a laptop is connected to a third party switch, the third-party switch generates TCN
BPDUs which are sent to the SX. This leads to MSTP reconvergence. There is no log indicating that a
TCN BPDU has been received. About 3 to 4 ping drops are experienced on the network due to
reconvergence. There should be a log to identify the source of BPDU.
Workaround:
Configure edge port on all switch ports where servers and laptops are to be connected.
Probability:
Medium
Risk of Fix:
Low
Feature:
SX L2 Control
Function:
SpanningTree Protocols
Reported In Release:
FI 07.2.02
Service Request ID:
733719
Defect ID:
DEFECT000406877
Technical Severity:
Medium
Summary:
ARP inspection fails to inspect ARP response packet.
Symptom:
ARP inspection fails to inspect ARP response packet.
Probability:
High
Feature:
FI - L4/Security
Function:
Dynamic ARP inspection
Reported In Release:
FI 07.3.00
Service Request ID:
739235
Defect ID:
DEFECT000407553
Technical Severity:
Medium
Summary:
TurboIron stops forwarding broadcast on Ethernet 1 port if management port is disabled.
Symptom:
TurboIron stops forwarding broadcast on Ethernet 1 port if management port is disabled.
Workaround:
enable spanning tree
Probability:
High
Feature:
TI Layer 3 Forwarding - IPV4
Function:
Data Forwarding (IPV4)
Reported In Release:
FI 07.3.00
Service Request ID:
741009
IronWare Software Release R07.3.00p Page 82 of 113
Defect ID:
DEFECT000408208
Technical Severity:
High
Summary:
Configuring monitor port will trigger the active stack controller to reset if a module has been changed
in the FCX stack.
Symptom:
FCX XFP 10G module is swapped from stack unit 3 to stack unit 2, when both are powered off. Then,
both unit2 and unit3 are powered up, and the stack was configured by giving "module 3 fcx-xfp-2-
port-10g-module" command on stack unit2 and giving "no module 3 fcx-xfp-2-port-10g-module"
command on stack unit3.
A Write memory (wr mem) command was then issued to save the configuration.
Subsequently, commands
"mirror-port ether 1/1/1"
"int ether 3/1/22"
"monitor ether 1/1/1 both"
are configured. This causes the active stack controller to perform an expected reset. The standby stack
controller takes over. Then configuring a monitor port on e 3/1/22 caused the new active to perform an
unexpected reset.
After these two resets, no more resets were observed.
Workaround:
Do not configure the stack with the "no module 3 fcx-xfp-2-port-10g-module" command even after
the module is removed from the system. This will prevent the condition of the running
configuration and static configuration getting out of synchronization, causing data structure access
issue in module 3. This will not affect system operation.
Probability:
High
Feature:
FI Infrastructure
Function:
port mirroring/monitoring
Reported In Release:
FI 07.3.00
Service Request ID:
746263
Defect ID:
DEFECT000408842
Technical Severity:
Medium
Summary:
Single SPAN STP loop may occur if port is added to VLAN.
Symptom:
Single SPAN STP loop may occur if port is added to VLAN.
Probability:
High
Feature:
FCX L2 Control
Function:
single spanning-tree
Reported In Release:
FI 07.3.00
Service Request ID:
737569
Defect ID:
DEFECT000408982
Technical Severity:
Medium
Summary:
Optical monitoring can’t be enabled per interface in ICX when using the 10G ports and SFPP.
Symptom:
Optical monitoring can’t be enabled per interface in ICX 6610 when using the 10G ports and SFPP.
Probability:
High
Feature:
DOM
Function:
DOM
Reported In Release:
FI 07.3.00
Service Request ID:
745701
Defect ID:
DEFECT000410277
Technical Severity:
High
Summary:
FWS switch reloads continuously when non-PoE port receives a CDP message.
Symptom:
After upgrade from 07.2.02e to 07.3.00c, the switch reloads continuously.
Workaround:
Disable CDP on FWS or disable CDP on all devices connected to FWS.
Probability:
High
Feature:
FI Platform
Function:
POE
Reported In Release:
FI 07.3.00
Service Request ID:
748591
IronWare Software Release R07.3.00p Page 83 of 113
Defect ID:
DEFECT000410285
Technical Severity:
Medium
Summary:
Faulty line module failing initialization in an SX800 makes the System unusable.
Symptom:
Faulty module can make the system "unusable" and results in loss of network services.
The subject switch/router will perform a reset with these error messages.
(when adding the faulty module to slot 2)
P1 : 02 03
F1 : 02 03 Module 2 Init failed with status 1
Err: Enabling module 2 Failed
[1]Retrying ..
P1 : 02 03
F1 : 02 03 Module 2 Init failed with status 1
Err: Enabling module 2 Failed
[2]Retrying ..
P1 : 02 03
F1 : 02 03 Module 2 Init failed with status 1
Err: Enabling module 2 Failed
[3]Retrying ..
...
System will again perform an unexpected reset.
Probability:
Medium
Feature:
FI Platform
Function:
Chassis/Cards/PCI - SX/TI
Reported In Release:
FI 07.3.00
Service Request ID:
742229
Defect ID:
DEFECT000410498
Technical Severity:
Medium
Summary:
First vlan's ip-subnet name is erased when protocol "xxx-proto" is configured in the VLAN. The
dynamic IPv6 protocol vlan membership that is disabled (with "ipv6-proto" no dynamic) is enabled
after a reboot in router.
Symptom:
First VLAN ip-subnet name is erased after reload.
Risk of Fix:
Medium
Feature:
SX L2 Forwarding
Function:
Protocol VLAN
Reported In Release:
FI 07.2.02
Service Request ID:
751033
IronWare Software Release R07.3.00p Page 84 of 113
Defect ID:
DEFECT000413089
Technical Severity:
Medium
Summary:
In ICX, layer1 interface status is showing as up before the other end connected device boot process is
completed.
Symptom:
If two ICX6610 devices are connected to each other, when the other end reboots, the interface at local
box shows Layer 1 is up even before the other end completely reboots.
Scenario:
ICX6610A(e 1/1/24) <---> ICX6610B(e 1/1/24)
This is the behavior with port enabled (ICX on other side reloading)
(timestamp):I:System: Interface ethernet 1/1/24, state up
(timestamp):I:System: Interface ethernet 1/1/24, state down
(timestamp):I:System: Interface ethernet 1/1/24, state up
(timestamp):I:System: Interface ethernet 1/1/24, state down
As soon as the interface comes up the second time, the IP address is responding immediately. The
interfaces should remain down until the switch on the other end boots up completely. Then connect
and bring up both ends.
Probability:
Low
Risk of Fix:
Low
Feature:
Platform
Function:
System
Reported In Release:
FI 07.4.00
Service Request ID:
738385
Defect ID:
DEFECT000414072
Technical Severity:
Medium
Summary:
Unable to reload the switches using IPv6 SNMP.
Symptom:
Unable to reload the switches using IPv6 SNMP.
Probability:
High
Feature:
FCX Network Management
Function:
SNMP V4/V6
Reported In Release:
FI 07.3.00
Service Request ID:
760347
Closed Defects in IronWare Software Release 07.3.00c
Defect ID:
DEFECT000333027
Technical Severity:
Medium
Summary:
Unicast DHCP offer packets are intermittently dropped
Symptom:
DHCP Client sometimes does not get the DHCP offer packet from the Server when connecting
directly through TurboIron in the same VLAN.
Probability:
High
Feature:
TI IPv4 Forwarding
Function:
DHCP Snooping
Reported In Release:
FI TI 04.2.00
Service Request ID:
511501
Defect ID:
DEFECT000346307
Technical Severity:
Medium
Summary:
“dm diag” causes the switch to get stuck in the diagnostic mode, making it unusable.
Symptom:
“dm diag” causes the switch to get stuck in the diagnostic mode, making it unusable
Probability:
High
Feature:
FI Platform Specific features
Function:
system bringup
Reported In Release:
FI 07.2.02
Service Request ID:
590679
IronWare Software Release R07.3.00p Page 85 of 113
Defect ID:
DEFECT000346422
Technical Severity:
High
Summary:
After failing to copy 7.2.02a router image due to lack of flash space, user unable to write anything
to the flash.
Symptom:
Get "Flash access in progress. Please try later" errors when trying to copy image from TFTP server
or when saving the running configuration.
Probability:
High
Feature:
SX Network Management
Function:
TFTP Configuration- Software V4/V6
Reported In Release:
FI 07.2.02
Service Request ID:
592067
Defect ID:
DEFECT000348065
Technical Severity:
Critical
Summary:
Traffic going through valid default route gets dropped.
Symptom:
All traffic that uses the default route is dropped if the default route is learned from OSPF, when
Active/Standby Management Modules are present.
Probability:
High
Feature:
SX Layer 3 Forwarding - IPV4
Function:
Data Forwarding (IPV4)
Reported In Release:
FI 07.2.02
Service Request ID:
568471
Defect ID:
DEFECT000353729
Technical Severity:
Medium
Summary:
FastIron switches may not respond to ICMPv6 echo request
Symptom:
FESX, FCX and FGS switches may fail to reply to ICMPv6 echo request sent by router or IPV6
server (Linux) that is directly connected to the switch.
Probability:
High
Feature:
FCX Layer 3 Forwarding - IPV6
Function:
Data Forwarding (IPV6)
Reported In Release:
FI 07.2.02
Service Request ID:
611321
Defect ID:
DEFECT000355892
Technical Severity:
High
Summary:
SNMP: All Plat: the command “no snmp-server comm Public ro” is not retained after a reload.
Once the Device reloads it will begin to respond to polling and read only operations using this
community
Symptom:
Synopsis: the command when you use the command “no snmp-server comm Public ro” the public
community will be disabled and our device will no longer respond to SNMP requests using the
Public community, however it is not placed in the running config or retained after a reload. Once
the Device reloads it will begin to respond to polling and read only operations using this
community
Probability:
Low
Feature:
FI Embedded Management
Function:
SNMP v1/v2/v3
Reported In Release:
FI 07.3.00
Defect ID:
DEFECT000359994
Technical Severity:
High
Summary:
System continuously reloads with "Error: flash_get_fresh_block: no space."after upgrading to
7.2.02D Router code
Symptom:
Customer system continuously reloads after upgrading to 7202D.
Feature:
FCX Platform Specific features
Function:
system bringup
Reported In Release:
FI 07.2.02
Service Request ID:
643927
Defect ID:
DEFECT000365448
Technical Severity:
Medium
Summary:
Private VLAN does not work as expected
Symptom:
When Private VLAN's are used, the "show mac" output is not consistent.
Workaround:
Downgrade code to version 7.1.00a.
Probability:
High
Feature:
FCX L2 Forwarding
Function:
Private VLAN
Reported In Release:
FI 07.2.02
Service Request ID:
660501
IronWare Software Release R07.3.00p Page 86 of 113
Defect ID:
DEFECT000368019
Technical Severity:
Medium
Summary:
FastIron drops ServerIron Hot Standby HA MAC sync PDUs sent or received on ports configured for
UDLD.
Symptom:
Configuring UDLD between an FWS or FGS switch and each ADX in a hot standby ServerIron pair
leads to the standby ServerIron not being able to learn MAC addresses on the UDLD-configured
port.
Probability:
Medium
Feature:
SX L2 Control
Function:
UDLD
Reported In Release:
FI 07.2.02
Service Request ID:
670755
Defect ID:
DEFECT000371615
Technical Severity:
High
Summary:
Standby unit of FCX stack may reset after Hitless Failover if OSPFv2 graceful restart is disabled
Symptom:
If RIPv2 and OSPFv2 neighborhoods are formed on the same interface with the OSPF default
route chosen as the best route, issuing a "no-graceful restart" and then doing a failover can lead
to a reset on the Standby Management module.
Probability:
Low
Feature:
Layer3 Control Protocols
Function:
RIP(v1-v2) - IPV4
Reported In Release:
FI 07.4.00
Service Request ID:
695341
Defect ID:
DEFECT000374592
Technical Severity:
Medium
Summary:
After a trunk is unconfigured, IP forwarding to ports that were previously part of that trunk may
not work.
Symptom:
IP forwarding to ports that were previously part of a trunk may not work after the trunk is deleted.
Workaround:
Reload the system to re-initialize the ports correctly for IP forwarding.
Probability:
Medium
Feature:
SX Layer 3 Forwarding - IPV4
Function:
Data Forwarding (IPV4)
Reported In Release:
FI 07.2.02
Service Request ID:
681463
Defect ID:
DEFECT000374604
Technical Severity:
Medium
Summary:
IP forwarding between FCX stack units may fail after switchover with MSTP configuration
Symptom:
With MSTP configuration present, IP forwarding between FCX stack units may fail after doing a
switchover.
Workaround:
Reload the whole stack again.
Probability:
Medium
Feature:
FCX L2 Control
Function:
SpanningTree Protocols
Reported In Release:
FI 07.3.00
Service Request ID:
681225
Defect ID:
DEFECT000376558
Technical Severity:
Medium
Summary:
Standby unit may reset if the Active stack unit is unplugged from power during hitless failover
Symptom:
When hitless failover is configured and power is disconnected from the Active FCX of a stacked
pair running OSPFv2, the other FCX may reset soon afterwards. When it later recovers, all its
interfaces will remain down.
Probability:
Low
Feature:
FCX Layer3 Control Protocols
Function:
OSPFV2 - IPV4
Reported In Release:
FI 07.2.02
Service Request ID:
682809
IronWare Software Release R07.3.00p Page 87 of 113
Defect ID:
DEFECT000377090
Technical Severity:
Medium
Summary:
MAC table is not updated correctly when client is moved from PVLAN primary to PVLAN community
or from PVLAN community to PVLAN primary
Symptom:
MAC table is not updated correctly when client is moved from PVLAN primary to PVLAN community
or from PVLAN community to PVLAN primary.
Probability:
High
Feature:
FCX L2 Forwarding
Function:
Private VLAN
Reported In Release:
FI 07.2.02
Service Request ID:
687429
Defect ID:
DEFECT000377099
Technical Severity:
Medium
Summary:
Interface and Port descriptions for 10/100M ports on some FWS models are incorrectly displayed
as 'GigabitEthernet'
Symptom:
On non-Gigabit capable FWS models (FWS624, FWS624-EPREM, FWS624-POE, FWS648,
FWS648-EPREM & FWS648-POE), ifDescr and port description for 10/100M ports are displayed
as 'GigabitEthernet' instead of 'FastEthernet'.
Probability:
High
Feature:
FCX Network Management
Function:
SNMP V4/V6
Reported In Release:
FI 07.2.00
Service Request ID:
683989
Defect ID:
DEFECT000377535
Technical Severity:
Medium
Summary:
FCX stack with 10G ports breaks when upgraded from 7.2.02d to 7.2.02e
Symptom:
FCX stack with 10G ports breaks when upgraded from 7.2.02d to 7.2.02e
Probability:
High
Feature:
FCX Stacking
Function:
stack-ports
Reported In Release:
FI 07.2.02
Service Request ID:
686589
Defect ID:
DEFECT000377562
Technical Severity:
Medium
Summary:
Q-in-Q removes the original customer's 802.1q tag for broadcast packets
Symptom:
Broadcast packets do not get forwarded at all in Q-in-Q environment.
Probability:
Medium
Feature:
FCX L2 Forwarding
Function:
Q-in-Q
Reported In Release:
FI 07.3.00
Service Request ID:
682505
Defect ID:
DEFECT000377873
Technical Severity:
High
Summary:
If multiple 0.0.0.0 route updates over RIPv2 with netmasks other than /0 from multiple
neighboring routers are received, the device could lock up or reset
Symptom:
Upon receiving multiple 0.0.0.0 route updates over RIPv2 with non-zero netmasks, continuous
route updates for 0.0.0.0 will be emitted by the affected system. FCX devices may experience a
lockup while FESX/SX devices may experience a reset.
Probability:
High
Feature:
FCX Layer3 Control Protocols
Function:
RIP(v1-v2) - IPV4
Reported In Release:
FI 07.2.02
Service Request ID:
685879
Defect ID:
DEFECT000379038
Technical Severity:
Critical
Summary:
High CPU condition when non-POE devices connect to POE-enabled ports
Symptom:
CPU usage rate goes high when non-POE devices are connected to POE-enabled ports.
Workaround:
Disable legacy POE detection by configuring the following command at the global level: "no
legacy -inline-power <slot#>"
Probability:
High
Feature:
Power over Ethernet
Function:
Power over Ethernet
Reported In Release:
FI 07.3.00
Service Request ID:
680137
IronWare Software Release R07.3.00p Page 88 of 113
Defect ID:
DEFECT000379697
Technical Severity:
Critical
Summary:
ARP age is not refreshed after disabling/enabling a module even though there is constant traffic
from/to the host
Symptom:
ARP age is not refreshed after disabling/enabling the module even though there is constant
traffic from/to the host
Probability:
High
Feature:
SX Layer 3 Forwarding - IPV4
Function:
Data Forwarding (IPV4)
Reported In Release:
FI 07.2.02
Service Request ID:
691653
Defect ID:
DEFECT000380312
Technical Severity:
Medium
Summary:
Unexpected reset may occur when dm command is issued in a VLAN that contains no ports.
Symptom:
Debug CLI command "dm 802-1w bridge vlan <ID>" may cause an unexpected reset of the
device.
Workaround:
Add ports to the VLAN. Do not run the command.
Probability:
High
Feature:
FI Debug support
Function:
dm commands - L2
Reported In Release:
FI 07.3.00
Service Request ID:
689965
Defect ID:
DEFECT000380727
Technical Severity:
High
Summary:
System Diagnostic feature not functioning on TI products
Symptom:
"dm diag" command is accepted on TI24 but upon resetting the device, it goes into application
code without running diagnostics.
Probability:
High
Feature:
Platform
Function:
Dm commands
Reported In Release:
FI 07.4.00
Service Request ID:
714763
Defect ID:
DEFECT000381074
Technical Severity:
Medium
Summary:
Logical VE interface remains UP even though none of its associated physical ports are enabled
Symptom:
With Single Spanning Tree enabled, even if all the physical ports of a VLAN are down, the
associated VE interface is displayed as being logically up under "show ip interface".
Probability:
High
Feature:
FCX Layer1 features
Function:
link status - speed and duplex status
Reported In Release:
FI 07.2.02
Service Request ID:
675563
Defect ID:
DEFECT000381773
Technical Severity:
Medium
Summary:
LACP may break if FCX stack is reloaded
Symptom:
LACP breaks if FCX stack is reloaded and only the Standby unit comes up.
Probability:
High
Feature:
FCX L2 Forwarding
Function:
LinkAggregation - Static
Reported In Release:
FI 07.3.00
Service Request ID:
695251
Defect ID:
DEFECT000382104
Technical Severity:
Medium
Summary:
When the active FCX switch in a stack fails, OSPF routes that had depended on ve interfaces
using the failed switch's physical interfaces remain in the routing table with OSPF cost "n/a".
Symptom:
Loss of connectivity lasting 90 seconds in 7.3 and lasting indefinitely in 7.2.02e when the active
FCX in a stack goes down.
Probability:
High
Feature:
FCX Layer3 Control Protocols
Function:
OSPFV2 - IPV4
Reported In Release:
FI 07.2.02
Service Request ID:
683169
IronWare Software Release R07.3.00p Page 89 of 113
Defect ID:
DEFECT000382236
Technical Severity:
Medium
Summary:
SNMP ifOperStatus reports ports in STP Blocking as down even though the ports are physically
and administratively up
Symptom:
SNMP ifOperStatus reports ports in STP Blocking as down even though the ports are physically
and administratively up.
Probability:
Medium
Feature:
FCX Network Management
Function:
SNMP V4/V6
Reported In Release:
FI 07.2.02
Service Request ID:
696127
Defect ID:
DEFECT000382316
Technical Severity:
Medium
Summary:
FCX ports go into Blocking if both STP and 802.1w are configured after a stack reload
Symptom:
FCX ports go into Blocking state if both STP and 802.1w are configured after a stack reload.
Workaround:
Reload the whole FCX stack again.
Probability:
High
Feature:
FCX L2 Control
Function:
SpanningTree Protocols
Reported In Release:
FI 07.3.00
Service Request ID:
691379
Defect ID:
DEFECT000382390
Technical Severity:
Medium
Summary:
New active port of protected-link-group over stacking units does not handle any traffic
Symptom:
With a protected-link group configured over multiple units of a stack, after the Active unit of the
Stack is powered off, the new Active unit's port does not handle any traffic even though the
interface moves to Forwarding state.
Workaround:
Configure an 'active-port' for the protected link group.
Probability:
Low
Feature:
FCX L2 Forwarding
Function:
Protected Link group
Reported In Release:
FI 07.2.02
Service Request ID:
694309
Defect ID:
DEFECT000382536
Technical Severity:
Medium
Summary:
CPU memory usage increases with repetitive SSH sessions
Symptom:
With continuous creation and deletion of SSH sessions to the device, the memory usage steadily
increases and does not recover.
Probability:
Low
Feature:
FI Embedded Management
Function:
SSH/SCP
Reported In Release:
FI 07.4.00
Service Request ID:
704159
Defect ID:
DEFECT000383004
Technical Severity:
Medium
Summary:
ARP and MAC entries may not be updated correctly on SX when a connected device is removed
Symptom:
With continuous traffic flowing to an attached device that has valid ARP and MAC entries, the ARP
and MAC entries are not deleted when that device is disconnected.
Workaround:
After disconnecting the device, stop the continuous traffic meant for that device in order to
age the ARP/MAC entries out.
Probability:
High
Feature:
SX L2 Forwarding
Function:
MAC Table/FDB Manager
Reported In Release:
FI 07.3.00
Service Request ID:
695827
IronWare Software Release R07.3.00p Page 90 of 113
Defect ID:
DEFECT000383069
Technical Severity:
High
Summary:
TCAM entries are not updated on Standby/Member units for a static ECMP Route when there is
MAC movement
Symptom:
When MAC movement for a static ECMP route occurs, traffic that is received on Standby or
Member unit continues to be forwarded to the old port.
Probability:
High
Feature:
Layer 3 Forwarding - IPV4
Function:
Data Forwarding (IPV4)
Reported In Release:
FI 07.4.00
Service Request ID:
697721
Defect ID:
DEFECT000383469
Technical Severity:
Medium
Summary:
A Layer 2 loop may be created if the Native VLAN Id is changed on other vendors' switches
Symptom:
If the Native VLAN Id is changed from the default on other vendors' switches that are connected
to a Brocade device, a Layer 2 loop may result due to the Brocade device expecting an IEEE BPDU
in the default VLAN 1.
Workaround:
Configure the Native VLAN to default value 1 on the other vendor's switch or configure VLAN 1
on the interface connected to the Brocade device.
Probability:
Low
Feature:
FCX L2 Control
Function:
PVST/PVST+/ PVRST
Reported In Release:
FI 07.3.00
Service Request ID:
670195
Defect ID:
DEFECT000383745
Technical Severity:
Medium
Summary:
Power supply front LEDs not working correctly
Symptom:
When the power supply unit is unplugged, the LED turns amber. But when it is plugged in again,
the LED stays in amber and does not move to green.
Probability:
High
Feature:
FI Platform
Function:
Power Supply/Temp Sensor/Fan
Controller
Reported In Release:
FI 07.3.00
Service Request ID:
696305
Defect ID:
DEFECT000384066
Technical Severity:
Medium
Summary:
In PBR, the Secondary Gateway IP Address is not selected when the link to the Primary Gateway
goes down
Symptom:
If multiple Next Hop gateways are configured in PBR, when the VLAN associated with the Primary
Next Hop goes down, the Secondary Next Hop does not become effective if the Default Route is
also configured.
Probability:
Low
Feature:
FCX Layer 3 Forwarding - IPV4
Function:
PBR
Reported In Release:
FI 07.3.00
Service Request ID:
697479
Defect ID:
DEFECT000384408
Technical Severity:
High
Summary:
ServerIron HA PDUs (EtherType 0x885a) are not switched across VLAN
Symptom:
TI products incorrectly drop ServerIron control packets (Ethertype 0x885a) instead of switching
them.
Probability:
Low
Feature:
FI L2
Function:
Forwarding - Other
Reported In Release:
FI 07.3.00
Service Request ID:
695053
IronWare Software Release R07.3.00p Page 91 of 113
Defect ID:
DEFECT000385534
Technical Severity:
High
Summary:
MAC address being learned on STP Blocking port when DHCP snooping is enabled
Symptom:
If Spanning Tree is configured on a VLAN and DHCP Snooping is enabled on a port that is in
Blocking state, a packet that is received on that port incorrectly triggers learning of its Source
MAC address on it.
Probability:
High
Feature:
FI ACL
Function:
DHCP Snooping functionality
Reported In Release:
FI 07.4.00
Service Request ID:
712523, 712913
Defect ID:
DEFECT000385924
Technical Severity:
Medium
Summary:
IPv6 Ping to Virtual IP Address fails after VRRP-E state change to Backup
Symptom:
IPv6 Ping to VRRP-E Virtual IP address times out after failing over from Master to Backup state.
Workaround:
Clear IPv6 cache and fail over VRRP-E again.
Probability:
High
Feature:
Layer3 Control Protocols
Function:
VRRP/VRRP-E and slow-start timer- VRRP-
E timer scale
Reported In Release:
FI 07.3.00
Service Request ID:
700737
Defect ID:
DEFECT000386563
Technical Severity:
High
Summary:
After the previous Master unit of an FCX stack goes down, the new Master unit may reset when
commands related to traffic statistics are executed
Symptom:
After the Master unit of a 2-node FCX stack is powered down, the new Master unit may reset if
certain commands like "show statistics traffic-policy" or "show access-list" are issued from CLI.
Probability:
Low
Feature:
FCX Stacking
Function:
IPC Infrastructure
Reported In Release:
FI 07.2.02
Service Request ID:
705189
Defect ID:
DEFECT000387044
Technical Severity:
High
Summary:
FCX shows Power Supply Unit as normal even when it is inserted without power
Symptom:
If two PSU's are inserted into an FCX with no power cable plugged into PSU2, both PSU's are
displayed as present and OK.
Probability:
High
Feature:
FI Platform Specific features
Function:
Chassis/fan/powersupplies/temperature
sensors
Reported In Release:
FI 07.3.00
Service Request ID:
707887
Defect ID:
DEFECT000387141
Technical Severity:
Medium
Summary:
Port status changes to Blocking although Protected-link-status is Active after Stack
Failover/Switchover
Symptom:
After the active ports of a cross-unit protected link group on an FCX stack are flapped a few times
and a failover or switchover is then done, the expected Active port of the protected link group is
shown to be in Blocked state.
Probability:
High
Feature:
FCX L2 Control
Function:
LinkAggregation - LACP/Dynamic
Reported In Release:
FI 07.2.02
Service Request ID:
705571
IronWare Software Release R07.3.00p Page 92 of 113
Defect ID:
DEFECT000388009
Technical Severity:
Medium
Summary:
DNS resolution does not work when multiple DNS domain lists are used
Symptom:
When "ip dns domain-list <name>" command is used to specify more than one domain name, if
the first one fails, the device retries for it and times out instead of trying the successive domain
names.
Probability:
High
Feature:
FCX Management Functionality
Function:
HTTPs/HTTP
Reported In Release:
FI 07.2.02
Service Request ID:
697877
Defect ID:
DEFECT000388194
Technical Severity:
Medium
Summary:
SSH session to device may disconnect due to bad server public DH value
Symptom:
SSH login attempts to the switch repeatedly fail after several attempts when using the default
OpenSSH installation with Ubuntu 10.04 and possibly other versions/distributions.
Workaround:
Reload the device or use Telnet/Console instead of SSH.
Probability:
Low
Feature:
FCX Management Functionality
Function:
IPv4/V6 SSH Service
Reported In Release:
FI 07.3.00
Service Request ID:
688843, 700589
Defect ID:
DEFECT000388293
Technical Severity:
Medium
Summary:
Standby Management module may not come up after upgrading to 7.3 or greater code base due
to calibration errors
Symptom:
Standby Management module does not come up and displays the following message on the
console - "Error: valid DFCDL file not found for slot 9 in hal_hw_init()"
Probability:
Low
Feature:
FI Platform Specific features
Function:
system bringup
Reported In Release:
FI 07.3.00
Service Request ID:
704997
Defect ID:
DEFECT000388432
Technical Severity:
High
Summary:
Switch may reset when it gets the digital signature from the SSH Client and validates it
Symptom:
With OpenSSH 5.5p1&Open SSL 0.9.8o, multiple logins to the device can cause the switch to
reset.
Probability:
Medium
Feature:
FCX Network Management
Function:
SSHv2/SCP V4/V6
Reported In Release:
FI 07.3.00
Service Request ID:
709277
Defect ID:
DEFECT000389216
Technical Severity:
Medium
Summary:
OSPF adjacency may not form on data ports of the Standby Management module
Symptom:
OSPF adjacency fails to form on data ports of the Standby Management module although the ARP
cache and IP routes are ok.
Workaround:
Disabling and re-enabling the router interface may get the OSPF adjacency to form.
Downgrading to release 7.2.00 or prior should also mitigate the issue.
Probability:
Medium
Feature:
OSPF
Function:
OSPF
Reported In Release:
FI 07.2.02
Service Request ID:
708908, 712545
Defect ID:
DEFECT000389267
Technical Severity:
Low
Summary:
Username could get overwritten due to changes in other usernames in the configuration
Symptom:
If the first username is changed many times, the successive usernames may get overwritten and
are displayed with unexpected characters.
Probability:
Medium
Feature:
SX Network Management
Function:
AAA RADIUS/TACACS+ V4/V6
Reported In Release:
FI 07.2.02
Service Request ID:
710445
IronWare Software Release R07.3.00p Page 93 of 113
Defect ID:
DEFECT000390164
Technical Severity:
Medium
Summary:
ICMP packets are not flooded if ICMP Burst protection is configured on a VE interface
Symptom:
If "ip icmp burst" is configured on a VE interface, ICMP packets are not flooded within the
associated VLAN.
Probability:
Medium
Feature:
FI ACL
Function:
ACL based rate limitting
Reported In Release:
FI 07.3.00
Service Request ID:
704591
Defect ID:
DEFECT000390166
Technical Severity:
Medium
Summary:
Brocade Web GUI shows VLAN 0 for all ports on FCX
Symptom:
All ports are displayed incorrectly as being in VLAN 0 via the Brocade Web GUI.
Probability:
Medium
Feature:
FCX Management Functionality
Function:
HTTPs/HTTP
Reported In Release:
FI 07.3.00
Service Request ID:
712561
Defect ID:
DEFECT000390792
Technical Severity:
High
Summary:
SX800 experiences high CPU utilization when routing IP packets through ve interfaces in subnet
VLANs.
Symptom:
SX800 experiences high CPU utilization when routing IP packets through ve interfaces in subnet
VLANs as all routed packets are routed in software by the CPU instead of in hardware by ASICs.
Workaround:
Use 5.1.00f instead of anything in the 7 range.
Probability:
Low
Feature:
SX L2 Forwarding
Function:
Subnet VLAN
Reported In Release:
FI 07.2.02
Service Request ID:
711367
Defect ID:
DEFECT000391366
Technical Severity:
Medium
Summary:
"Version Number" field is not correctly displayed in the "show pid" command output
Symptom:
On TI24X running 7.3.00 or later, "show pid" command returns error for "Version Number".
Probability:
Low
Feature:
FI Platform
Function:
EEPROM - serial number/LID/etc
Reported In Release:
FI 07.3.00
Service Request ID:
714305
Defect ID:
DEFECT000391539
Technical Severity:
Medium
Summary:
Cisco AP using proprietary TLV may not work after Brocade switch reload
Symptom:
Cisco AP using proprietary TLV may not work after Brocade switch reload
Probability:
High
Feature:
Power over Ethernet
Function:
Power over Ethernet
Reported In Release:
FI 07.3.00
Service Request ID:
674465
Defect ID:
DEFECT000392006
Technical Severity:
Medium
Summary:
MIB OID snAgentPoePortWattage does not return the configured value
Symptom:
The power limit on a PoE port can be set via SNMP and the value is configured correctly on the
port, but it cannot be read and always displays the power value as 0.
Probability:
High
Feature:
FCX Network Management
Function:
SNMP V4/V6
Reported In Release:
FI 07.3.00
Service Request ID:
696861
IronWare Software Release R07.3.00p Page 94 of 113
Defect ID:
DEFECT000392506
Technical Severity:
Medium
Summary:
Hardware MAC entries are not properly deleted after aging, increasing the probability of MAC hash
collisions
Symptom:
Over a long period of time on a campus network with many mobile users logging in an out
constantly, some users lose Layer 2 connectivity as their MAC addresses cannot be learned.
Workaround:
reload the switch/router during maintenance window to clear.
Probability:
Medium
Feature:
FCX L2 Forwarding
Function:
MAC Table/FDB Manager
Reported In Release:
FI 07.2.00
Service Request ID:
712255
Defect ID:
DEFECT000392549
Technical Severity:
Medium
Summary:
VRRP-E flaps when ports are added or removed from a VLAN through Web Management interface
Symptom:
VRRP-E flaps when ports are added or removed from a VLAN through Web Management interface.
Workaround:
add or delete ports from CLI
Probability:
Medium
Feature:
FCX Layer 3 Forwarding - IPV4
Function:
Data Forwarding (IPV4)
Reported In Release:
FI 07.3.00
Service Request ID:
693427
Defect ID:
DEFECT000393415
Technical Severity:
Medium
Summary:
IP Follow VE address may be unreachable upon creation when VRRP is enabled on the Master VE
Symptom:
Unable to ping newly-added Virtual Interface IP Address configured with IP Follow feature.
Workaround:
disable/enable master interface
OR disable/enable vrrp instance on master interface
Probability:
Low
Feature:
SX Layer 3 Forwarding - IPV4 and IPV6
Function:
Virtual interface (ve) Manager
Reported In Release:
FI 07.2.02
Service Request ID:
706005
Defect ID:
DEFECT000394040
Technical Severity:
Medium
Summary:
CPU memory usage increases constantly when using OpenNMS tool to poll system's IP addresses
Symptom:
If OpenNMS tool is used to poll the IP addresses on a system, it can cause a CPU heap memory
leak over time due to terminating multiple SSH connections prematurely.
Workaround:
use telnet instead of ssh
Probability:
High
Feature:
SX Management Functionality
Function:
IPv4/V6 SSH Service
Reported In Release:
FI 07.2.02
Service Request ID:
704159
Defect ID:
DEFECT000394590
Technical Severity:
Low
Summary:
Flow control packets seen with no traffic on Fiber ports with 1G SFP
Symptom:
Flow control packets with the pause quanta field set to zero, which do not make the partner stop
the traffic, are seen with no traffic on 1G Fiber ports.
Workaround:
Configure 'no flow control' on the port.
Probability:
High
Feature:
FI Infrastructure
Function:
Flow Control
Reported In Release:
FI 07.3.00
Service Request ID:
724451
IronWare Software Release R07.3.00p Page 95 of 113
Defect ID:
DEFECT000395855
Technical Severity:
High
Summary:
SX 2x10G cards may fail to initialize on cold start due to errors when trying to read EEPROM
Symptom:
If an SX1600 switch is powered off for several hours and then powered on, some of the 2x10G
line modules will fail to initialize with the following error: "Unable to read slot 1 EEPROM... please
re-insert the line card in slot 1"
Workaround:
re-enable line modules from CLI using enable/disable command
Probability:
Low
Feature:
FI Platform Specific features
Function:
system bringup
Reported In Release:
FI 07.3.00
Service Request ID:
713675
Defect ID:
DEFECT000396159
Technical Severity:
Low
Summary:
Radius IP Address may be displayed incorrectly in the output of “sh table-mac-vlan detail”
Symptom:
In the "show table-mac-vlan detail" display, not enough characters are allocated for the Radius IP
address column, which might cause trailing characters to be lost for a given IP address.
Probability:
Medium
Feature:
FCX L2 Forwarding
Function:
MAC- BASED VLAN
Reported In Release:
FI 07.2.02
Service Request ID:
722235
Defect ID:
DEFECT000399035
Technical Severity:
Medium
Summary:
Routed packets on an FCX/ICX stack may have an incorrect Source MAC address
Symptom:
When a Stack MAC Address is configured for an FCX/ICX stack, a routed packet that egresses the
stack has a Source MAC Address with the first 5 octets identical to the Stack MAC, but may have
the last octet overwritten.
Probability:
High
Feature:
FCX Layer 3 Forwarding - IPV4
Function:
Data Forwarding (IPV4)
Reported In Release:
FI 07.3.00
Service Request ID:
720777
Closed Defects in IronWare Software Release 07.3.00b
Defect ID:
DEFECT000303853
Technical Severity:
High
Summary:
Unable to configure VRRP in base layer 3 code.
Symptom:
Unable to configure VRRP in base layer 3 code.
Probability:
High
Feature:
SX Layer3 Control Protocols
Function:
VRRP/VRRP-E and slow-start timer- VRRP-
E timer scale
Reported In Release:
FI 07.1.00
Service Request ID:
253547
Defect ID:
DEFECT000381441
Technical Severity:
Medium
Summary:
8 port management card shows all ports UP even without any cable connected
Symptom:
8 port management card shows all ports UP even without any cable connected
Feature:
FI Platform Specific features
Function:
Management Port
Reported In Release:
FI 07.3.00
Service Request ID:
694599
IronWare Software Release R07.3.00p Page 96 of 113
Closed Defects in IronWare Software Release 07.3.00a
The following defects have been closed as part of this release with code changes as of December 21, 2011.
35BCustomer reported defects closed with code in Release 07.3.00a
This section lists the defects with Critical, High and Medium Technical Severity closed with a code change as of
December 16, 2011.
Defect ID:
DEFECT000330146
Technical Severity:
High
Summary:
Newly inserted Management Module may have invalid LID displayed, after which the module
cannot be upgraded via SW Licensing
Symptom:
On the Standby module, the LID value is displayed as ÿÿÿÿÿÿÿÿÿÿ. After a failover, the new Active
will have this same LID and thus cannot be upgraded.
Probability:
High
Feature:
SX Management Functionality
Function:
CLI and parser
Reported In Release:
FI 07.2.02
Service Request ID:
595349
Defect ID:
DEFECT000334383
Technical Severity:
Medium
Summary:
With "delay-link-event" configured to dampen port flapping, unnecessary Syslog messages are
generated if a 10G port goes down
Symptom:
With "delay-link-event" configured to dampen port flapping, unnecessary Syslog messages are
generated if a 10G port goes down.
Probability:
Low
Feature:
SX Layer1 features
Function:
port flap dampening
Reported In Release:
FI 07.2.00
Service Request ID:
624889
Defect ID:
DEFECT000338676
Technical Severity:
Medium
Summary:
Installing a cable in the SFP ports 1/1 to 1/2 causes the LED on the copper combo ports 1/2 to
be lit.
Feature:
FCX Layer1 features
Function:
link status - speed and duplex status
Reported In Release:
FI 07.2.00
Service Request ID:
548131
Defect ID:
DEFECT000348267
Technical Severity:
Medium
Summary:
Unable to set POE via SNMPSET on FWS
Symptom:
Can read the POE value using snmpwalk command but cannot set using snmpset command.
Sytem responds:
Error in packet.
Reason: undoFailed
Workaround:
Set the POE via the CLI
Feature:
POE MIBS
Function:
POE MIBS
Reported In Release:
FI 07.2.02
Service Request ID:
578485
Defect ID:
DEFECT000355653
Technical Severity:
Medium
Summary:
FWS does not allow Port-based Mirroring and VLAN-based Mirroring on the same port to be
configured
Symptom:
Port-based Mirroring and VLAN-based Mirroring is not permitted simultaneously on the same port
on FWS platform, even though it is supported on FCX platform.
Probability:
Medium
Feature:
FI Traffic conditioning and Monitoring
Function:
port mirroring/monitoring
Reported In Release:
FI 07.2.02
Service Request ID:
614459
IronWare Software Release R07.3.00p Page 97 of 113
Defect ID:
DEFECT000362478
Technical Severity:
Medium
Summary:
When CPU intensive tasks like repeated TFTP uploads are done, it may lead to loss of heartbeat
from Active to Standby Management modules, resulting in a switchover
Symptom:
When repeated TFTP uploads are done via INM, a switchover may be observed.
Probability:
Low
Feature:
SX Platform Specific features
Function:
Management module redundancy
Reported In Release:
FI 07.2.02
Service Request ID:
592699
Defect ID:
DEFECT000364076
Technical Severity:
High
Summary:
ARP request is not forward between Primary and Isolated VLANs
Symptom:
When Private VLANs are configured, an ARP request is not forward between the Primary and
Isolated VLANs.
Probability:
High
Feature:
FCX L2 Forwarding
Function:
Private VLAN
Reported In Release:
FI 07.2.02
Service Request ID:
650833,660501
Defect ID:
DEFECT000368913
Technical Severity:
Medium
Summary:
Memory tracking debug command may not work for all cases
Symptom:
Some memory leak conditions may not be detected using the “dm mem-leak” tool.
Probability:
Low
Feature:
SX_SYSTEM
Function:
UNDETERMINED
Reported In Release:
FI 07.2.02
Defect ID:
DEFECT000368973
Technical Severity:
High
Summary:
If inline power is configured through SNMP on FWS, device allocates only 1W to the port
Symptom:
On configuring inline power through SNMP, power devices may not come up
Workaround:
Please use Command Line Interface to configure inline power
Probability:
Low
Feature:
FI Embedded Management
Function:
SNMP
Reported In Release:
FI 07.3.00
Defect ID:
DEFECT000369368
Technical Severity:
Medium
Summary:
SX momentarily forwards packets during boot up process
Symptom:
During boot up process, SX forwards packets on a port for a short time when initializing that port
even though it is disabled in the saved configuration.
Probability:
Medium
Feature:
SX Layer1 features
Function:
link status - speed and duplex status
Reported In Release:
FI 07.2.02
Service Request ID:
669641
Defect ID:
DEFECT000369547
Technical Severity:
Medium
Summary:
DHCP Client - SX device connected via another DUT to server is not getting IP address
Symptom:
Customer may see the issue.
Probability:
Medium
Feature:
SX DHCP CLIENT
Function:
DHCP
Reported In Release:
FI 07.3.00
Service Request ID:
694027 694027
IronWare Software Release R07.3.00p Page 98 of 113
Defect ID:
DEFECT000370080
Technical Severity:
High
Summary:
DSCP tag values for VRRPv2, VRRPv3, and ICMPv6-Router Advertisements(RA) packets are 0
Symptom:
The current priority field values for VRRPv2, VRRPv3, and ICMPv6-RA are set to zero
Probability:
High
Feature:
Layer3 Control Protocols
Function:
VRRP/VRRP-E and slow-start timer- VRRP-
E timer scale
Reported In Release:
FI 07.3.00
Defect ID:
DEFECT000371312
Technical Severity:
High
Summary:
Port LED does not glow when E1MG-TX optics is plugged into the 1G ports on ICX6610-24F and
the speed is set to 100 full
Symptom:
Port LED does not glow when E1MG-TX optics is plugged into the 1G ports on ICX6610-24F and
the speed is set to 100 full
Probability:
Low
Feature:
Optics
Function:
OPTICS
Reported In Release:
FI 07.3.00
Defect ID:
DEFECT000374288
Technical Severity:
High
Summary:
On Production ICX 24P Fiber Units, Links don't come up when E1MG-TX optics are plugged in
Symptom:
[ICX] If copper GBIC is used in 1G SFP port, link may not come up
Workaround:
no
Probability:
Medium
Feature:
FI Platform
Function:
1G Link
Reported In Release:
FI 07.3.00
Defect ID:
DEFECT000375025
Technical Severity:
Medium
Summary:
Packets destined to the VRRP Virtual MAC address are received by the CPU of the VRRP Backup
Router
Symptom:
Packets destined to the VRRP Virtual MAC address are received by the CPU of the VRRP Backup
Router instead of being switched in HW to the VRRP Master.
Probability:
High
Feature:
SX Layer3 Control Protocols
Function:
VRRP/VRRP-E and slow-start timer- VRRP-
E timer scale
Reported In Release:
FI 07.2.02
Service Request ID:
674521
Defect ID:
DEFECT000375146
Technical Severity:
High
Summary:
A very long CLI string may be truncated in the running-configuration
Symptom:
A very long CLI string may be truncated in the running-configuration
Probability:
Medium
Feature:
SX Management Functionality
Function:
CLI and parser
Reported In Release:
FI 05.1.00
Service Request ID:
683689
Defect ID:
DEFECT000375567
Technical Severity:
Medium
Summary:
If hitless OS upgrade between incompatible SW code versions is attempted, a system reset may
be experienced.
Symptom:
If hitless OS upgrade between incompatible SW code versions is attempted, a system reset may
be experienced.
Workaround:
Issue a regular 'reload' or 'boot system flash primary/secondary' instead of hitless-reload to
upgrade.
Probability:
High
Feature:
FI Infrastructure
Function:
SX Hitless OS upgrade
Reported In Release:
FI 07.3.00
Service Request ID:
680843
IronWare Software Release R07.3.00p Page 99 of 113
Defect ID:
DEFECT000377048
Technical Severity:
Medium
Summary:
After stack failover causes preferred RIPv2 route to get deleted, backup Static route does not
take over
Symptom:
If only the Active unit has RIP reachability and learns a better route than a configured Static route
for a given IP Next Hop, upon disabling power to the Active unit, the ensuing failover does not
move up the Static route as the best route on the new Active unit.
Probability:
Medium
Feature:
FCX Layer3 Control Protocols
Function:
RIP(v1-v2) - IPV4
Reported In Release:
FI 07.2.02
Service Request ID:
683931
Defect ID:
DEFECT000377054
Technical Severity:
Medium
Summary:
FCX "E" type FAN displays erroneous airflow direction in "show chassis" output
Symptom:
The output of "show chassis" on FCX displays the airflow for "E" type fan as Back to Front even
though the fan actually provides airflow from the front to the back.
Probability:
Medium
Feature:
FI Platform
Function:
Power Supply/Temp Sensor/Fan
Controller
Reported In Release:
FI 07.3.00
Service Request ID:
686691
Defect ID:
DEFECT000377762
Technical Severity:
Critical
Summary:
SX Standby Management module unexpectedly resets after 231 days
Symptom:
On SX platform, after 231 days of continuous uptime, the Standby Management module
unexpectedly resets with a log message "Mgmt CPU1 ( slot 10 ) failed".
Probability:
High
Feature:
SX Platform Specific features
Function:
Management module redundancy
Reported In Release:
FI 07.2.00
Service Request ID:
682807
Defect ID:
DEFECT000378514
Technical Severity:
Medium
Summary:
One ICMP packet is lost every 60 seconds over a cross unit trunk when one switch in a stack of 2
goes down
Symptom:
In a stack of two FCX switches containing a 2-port trunk with one port on each chassis, if one of
the switches is powered off, ICMP through the FCX shows one packet is lost every 60 seconds.
Probability:
High
Feature:
FCX Layer 3 Forwarding - IPV4
Function:
Data Forwarding (IPV4)
Reported In Release:
FI 07.3.00
Service Request ID:
687111
Defect ID:
DEFECT000381053
Technical Severity:
Medium
Summary:
DHCP does not work with SX-FI-24 GPP cards
Symptom:
DHCP does not work with SX-FI-24 GPP cards on superx
Probability:
High
Feature:
SX DHCP CLIENT
Function:
DHCP
Reported In Release:
FI 07.3.00
Service Request ID:
694027
IronWare Software Release R07.3.00p Page 100 of 113
Closed Defects in IronWare Software Release 07.3.00
The following defects have been closed as part of this release.
36BCustomer reported defects closed with code in Release 07.3.00
This section lists the defects with Critical, High and Medium Technical Severity closed with a code change as of
October 13, 2011.
Defect ID:
DEFECT000335488
Technical Severity:
Critical
Summary:
A fully loaded SX1600 will not synchronize with the redundant management module
Symptom:
Active and Standby module with be out of sync and Standby module will crash
Probability:
High
Feature:
SX Platform Specific Features
Function:
Management Module Redundancy
Reported In Release:
FI 07.2.00
Service Request ID:
509075
Defect ID:
DEFECT000318624
Technical Severity:
High
Summary:
On FSX platform, v4 and v6 license is shown as "invalid"
Symptom:
V4 ADV software license is shown as invalid on both v4 and v6 chassis
Probability:
High
Feature:
FCX SW License
Function:
Licensing
Reported In Release:
FI 07.2.00
Service Request ID:
Defect ID:
DEFECT000320370
Technical Severity:
Medium
Summary:
FGS Buffer depletion when running multiple instances of a looped SNMP Bulk get Script
Symptom:
Device runs out of memory
Probability:
Medium
Feature:
FCX Network Management
Function:
SNMP V4/V6
Reported In Release:
FI 07.2.00
Defect ID:
DEFECT000325993
Technical Severity:
Low
Summary:
"show inline power detail" display is inconsistent between active and standby units
Symptom:
Standby unit displaying wrong POE firmware version for active unit
Probability:
Low
Feature:
FCX Stacking
Function:
PoE/PoE+
Reported In Release:
FI 07.2.00
Defect ID:
DEFECT000326814
Technical Severity:
Medium
Summary:
LED remains green after removing PoE Powered Device from a port.
Symptom:
If a PoE PD is removed from a port, the LED for that port still remains green as if it was still
plugged in.
Probability:
High
Feature:
FCX Layer1 features
Function:
PoE/PoE+
Reported In Release:
FI 07.2.00
Defect ID:
DEFECT000329490
Technical Severity:
High
Summary:
SX system reloads due to running out of Multicast next hop entries
Symptom:
SX system may reload after continuously displaying error messages due to next hop entries not
being available for Multicast route programming
Probability:
Low
Feature:
SX L2/L3 Multicast Features
Function:
PIM Sparse
Reported In Release:
FI 07.3.00
IronWare Software Release R07.3.00p Page 101 of 113
Defect ID:
DEFECT000332429
Technical Severity:
Low
Summary:
When a standby module is inserted into an SX chassis, it does not display a License ID
Symptom:
Newly inserted management module will display a blank entry for the License.
Workaround:
Set the active management module to the new one and reload the device.
Probability:
High
Feature:
FCX SW License
Function:
Licensing
Reported In Release:
FI 07.2.02
Service Request ID:
595349
Defect ID:
DEFECT000334142
Technical Severity:
Medium
Summary:
Cannot open web authentication login page after moving from one port to another.
Symptom:
If a client first logs in using web authentication on one port, and then moves to another port of the
switch, the client will not be able to reopen the web authentication login page.
Probability:
Low
Feature:
FCX Network Management
Function:
Web Management
Reported In Release:
FI 07.2.00
Service Request ID:
504247
Defect ID:
DEFECT000335182
Technical Severity:
Medium
Summary:
Incorrect display in ipCidrRouteTable MIB
Symptom:
While executing an snmpwalk on a FESX 424-PREM system using ipCidrRouteDest MIB
1.3.6.1.2.1.4.24.4.1.1, the result shows incorrect subnet mask and route destination values
Probability:
High
Feature:
SX Network Management
Function:
SNMP V4/V6
Reported In Release:
FI 07.2.00
Service Request ID:
505491
Defect ID:
DEFECT000335749
Technical Severity:
Medium
Summary:
Error message displayed when configuring port mirroring if sFlow is enabled.
Symptom:
Error message displayed when configuring inbound port mirroring and monitoring if sFlow is also
enabled on that port."
Workaround:
Remove sFlow temporarily from the port(s). Configure the monitoring, then add sFlow back.
Probability:
Medium
Feature:
SX Management Functionality
Function:
CLI and parser
Reported In Release:
FI 07.2.00
Service Request ID:
524679
Defect ID:
DEFECT000336328
Technical Severity:
Medium
Summary:
ACL dynamically applied does not take effect on the multi-chassis trunk link on the standby stack
unit
Symptom:
ACL dynamically applied does not take effect on the multi-chassis trunk link on the standby stack
unit
Probability:
High
Feature:
FCX Stacking
Function:
IPC Sync messages
Reported In Release:
FI 07.2.00
Service Request ID:
506901
Defect ID:
DEFECT000338071
Technical Severity:
High
Summary:
In an MCT configuration, all members of a LAG on FCX get disabled when one of the connected
MCT devices is reset, even though the other MCT device is still up.
Symptom:
With an FCX connected to two MCT devices using a single Link Aggregation Group, if one of the
MCT devices is reset, all link members the LAG on FCX get disabled.
Probability:
High
Feature:
FCX L2 Control
Function:
LinkAggregation - LACP/Dynamic
Reported In Release:
FI 07.2.00
Service Request ID:
543693
IronWare Software Release R07.3.00p Page 102 of 113
Defect ID:
DEFECT000338822
Technical Severity:
Medium
Summary:
Trunk goes down forever if Master switch in FCX stack goes down for 2 minutes
Symptom:
When the Master FCX switch in a stack is brought down and then restarted after 2 minutes, the
trunk does not get re-established.
Workaround:
Reload the master and standby switches again.
Probability:
High
Feature:
SX L2 Control
Function:
LinkAggregation - LACP/Dynamic
Reported In Release:
FI 07.2.00
Service Request ID:
530331
Defect ID:
DEFECT000338861
Technical Severity:
High
Summary:
Device unexpectedly reloads when using SHA to verify sanctity of flash images.
Symptom:
Device unexpectedly reloads when "verify sha <primary/secondary>" command is executed
Probability:
High
Feature:
FI Embedded Management
Function:
CLI and parser
Reported In Release:
FI 07.3.00
Service Request ID:
642003
Defect ID:
DEFECT000338864
Technical Severity:
Medium
Summary:
Verification of flash images using MD5 gives incorrect and unpredictable results
Symptom:
When “verify md5 <primary/secondary>” is issued, the first run after a reboot returns all zeros.
Subsequent runs will show incorrect file size and MD5 hash
Probability:
High
Feature:
FI Embedded Management
Function:
CLI and parser
Reported In Release:
FI 07.3.00
Service Request ID:
642003, 645141
Defect ID:
DEFECT000339214
Technical Severity:
Medium
Summary:
If a user is authenticated by 802.1x via an IP ACL, the ACL may affect another user on the same
port that was not authenticated with the ACL.
Symptom:
If there are two users on a given port, one authenticated by an IP ACL and one authenticated
without an IP ACL, reconnecting the former will cause the ACL to affect the latter user.
Probability:
High
Feature:
FCX ACL
Function:
802.1x authentication
Reported In Release:
FI 07.2.00
Service Request ID:
550451
Defect ID:
DEFECT000340240
Technical Severity:
Medium
Summary:
SX devices could reload due to a memory leak when running Multicast traffic
Symptom:
With Multicast data traffic running, the CPU memory could run out, causing the device to reload.
Probability:
Medium
Feature:
SX L2/L3 Multicast Features
Function:
PIM Sparse
Reported In Release:
FI 07.2.00
Service Request ID:
528867
Defect ID:
DEFECT000340947
Technical Severity:
Medium
Summary:
IP route may not be programmed to TCAM although it is added to the IP route table when OSPF
route takes over from a static route.
Symptom:
When a static route gets deleted due to the link to the next hop going down, and OSPF takes over
for that route, the route gets added to the IP routing table, but a packet destined to the route is
dropped.
Workaround:
Issue "clear ip route".
Probability:
High
Feature:
FCX Layer3 Control Protocols
Function:
OSPFV2 - IPV4
Reported In Release:
FI 07.2.00
Service Request ID:
558807
IronWare Software Release R07.3.00p Page 103 of 113
Defect ID:
DEFECT000341364
Technical Severity:
Medium
Summary:
Optical-monitor caused bogus syslog messages
Symptom:
Syslog messages SYSTEM: Optic is not Brocade qualified (port 1/1/1) is logged although port
1/1/1 is a copper port
Probability:
High
Feature:
FCX Layer1 features
Function:
Digital Optical Monitoring
Reported In Release:
FI 07.2.02
Service Request ID:
547677
Defect ID:
DEFECT000342071
Technical Severity:
Medium
Summary:
PIM Dense forwarding cache entry gets removed even while active stream is present.
Symptom:
Continuity errors are seen every few minutes when continuous PIM traffic is being forwarded.
Probability:
High
Feature:
SX L2/L3 Multicast Features
Function:
PIM Dense
Reported In Release:
FI 07.2.02
Service Request ID:
559053
Defect ID:
DEFECT000343157
Technical Severity:
Medium
Summary:
2500W PoE power supply is misidentified as a 1250W power supply
Symptom:
2500W power supply can allocate only half its capacity and is displayed incorrectly as 1350W or
1250W in the output of "show inline power detail" and "show power" commands.
Probability:
High
Feature:
FI Platform Specific features
Function:
Chassis/fan/powersupplies/temperature
sensors
Reported In Release:
FI 07.3.00
Service Request ID:
641069
Defect ID:
DEFECT000343165
Technical Severity:
Medium
Summary:
Fully loaded SuperX CPU goes to 18% without any configuration.
Symptom:
After upgrading from 5.1.00d to 7.2.02a, CPU utilization increases from 1% to 18%.
Probability:
High
Feature:
SX_SYSTEM
Function:
UNDETERMINED
Reported In Release:
FI 07.2.02
Service Request ID:
578549
Defect ID:
DEFECT000343288
Technical Severity:
Medium
Summary:
ACL dynamically applied from the Active FCX stack unit does not take effect on the Standby unit
Symptom:
ACL dynamically applied from the Active FCX stack unit does not take effect on the Standby unit if
"enable acl-per-port-per-vlan" is not configured
Probability:
High
Feature:
FCX ACL
Function:
ACL(all aspects of ACLs - IPV4)
Reported In Release:
FI 07.2.02
Service Request ID:
578523
Defect ID:
DEFECT000344224
Technical Severity:
Medium
Summary:
Uplink-switch fails to limit the formation of IPv6 neighbor relationships.
Symptom:
If you enable uplink-switch in a VLAN, the FWS will successfully prevent ARP request broadcasts
from being forwarded between non-uplink ports, but the FWS will fail to prevent IPv6 neighbor
relationships from being formed between non-uplink ports.
Probability:
High
Feature:
SX L2 Forwarding
Function:
Uplink-Switch
Reported In Release:
FI 07.2.02
Service Request ID:
583307
IronWare Software Release R07.3.00p Page 104 of 113
Defect ID:
DEFECT000344380
Technical Severity:
Medium
Summary:
FCX IP traffic goes to cpu with IP Subnet VE interface
Symptom:
IP traffic goes to CPU with a VE interface configured on an IP Subnet VLAN, or if the VE is created
first before adding ports to the VLAN.
Probability:
High
Feature:
FI L2
Function:
Forwarding - VLAN Manager
Reported In Release:
FI 07.3.00
Service Request ID:
646619
Defect ID:
DEFECT000345082
Technical Severity:
Medium
Summary:
Trunk interface goes into Blocked state if spanning tree is disabled on interface
Symptom:
Issuing “no spanning-tree” on a Trunk port causes it to go into Blocking state.
Probability:
High
Feature:
FCX L2 Control
Function:
LinkAggregation - LACP/Dynamic
Reported In Release:
FI 07.2.00
Service Request ID:
582937
Defect ID:
DEFECT000345298
Technical Severity:
High
Summary:
IPv6 functionality is dependent only on HW EPROM licensing even if the system is upgraded via SW
Licensing
Symptom:
Although IPv6 commands are configurable on a system that is upgraded via SW Licensing, a
directly connected IPv6 neigbor is not reachable
Probability:
High
Feature:
SX Layer 3 Forwarding - IPV6
Function:
Host Networking stack (IPV6)
Reported In Release:
FI 07.3.00
Service Request ID:
640715
Defect ID:
DEFECT000346307
Technical Severity:
Medium
Summary:
“dm diag” causes the switch to get stuck in the diagnostic mode, making it unusable.
Symptom:
“dm diag” causes the switch to get stuck in the diagnostic mode, making it unusable
Probability:
High
Feature:
FI Platform Specific features
Function:
system bringup
Reported In Release:
FI 07.2.02
Service Request ID:
590679
Defect ID:
DEFECT000346568
Technical Severity:
Medium
Summary:
Interface level command “dhcp snooping client-learning disable” missing in 7.2 code.
Symptom:
Interface level command “dhcp snooping client-learning disable” present in 7.0.01 code but
missing in 7.2 code.
Probability:
High
Feature:
FCX DHCP
Function:
Client
Reported In Release:
FI 07.2.00
Service Request ID:
591879
Defect ID:
DEFECT000346882
Technical Severity:
High
Summary:
SNMPv3 configuration sometimes gets corrupted.
Symptom:
If multiple SNMP groups and users are configured, removed and re-added, the running
configuration could show corrupted values.
Probability:
Medium
Feature:
FI Embedded Management
Function:
CLI and parser
Reported In Release:
FI 07.3.00
Service Request ID:
608663
IronWare Software Release R07.3.00p Page 105 of 113
Defect ID:
DEFECT000347484
Technical Severity:
High
Summary:
Memory leak may be observed when Policy Based Routing is configured
Symptom:
Memory leak may be observed when Policy Based Routing is configured
Probability:
High
Feature:
FI L3 Unicast
Function:
Forwarding - PBR
Reported In Release:
FI 07.3.00
Service Request ID:
672437
Defect ID:
DEFECT000347677
Technical Severity:
Medium
Summary:
Maximum number of traffic policies changed from 256 in 4.x code to 50 in 7.2.x code.
Symptom:
Cannot configure more than 50 traffic policies in 7.2.02 code.
Probability:
High
Feature:
Traffic Policy
Function:
Traffic Policy
Reported In Release:
FI 07.2.02
Service Request ID:
558097
Defect ID:
DEFECT000347906
Technical Severity:
Critical
Summary:
Upon loading a new bootcode to the flash, multiple units of an FCX stack can experience a reload.
Symptom:
Some units of an FCX stack can unexpectedly reload when a new bootcode is downloaded to the
active unit’s flash.
Probability:
Medium
Feature:
FI Platform
Function:
Boot code/Flash/Kernel
Reported In Release:
FI 07.3.00
Defect ID:
DEFECT000348432
Technical Severity:
Medium
Summary:
FWS system fan noise is too high when operating at room temperature.
Symptom:
FWS system fan noise is higher than permissible when operating at room temperature.
Probability:
High
Feature:
FCX Platform Specific features
Function:
Chassis/fan/powersupplies/temperature
sensors
Reported In Release:
FI 07.2.02
Defect ID:
DEFECT000349335
Technical Severity:
High
Summary:
Routing data traffic to management network may result in buffer loss
Symptom:
Routing data traffic to out of band management network may result in buffer loss
Probability:
High
Feature:
SX Layer 3 Forwarding - IPV4
Function:
Data Forwarding (IPV4)
Reported In Release:
FI 07.2.02
Service Request ID:
602867
Defect ID:
DEFECT000349416
Technical Severity:
High
Summary:
Debug tool to track CPU buffer usage does not work.
Symptom:
The commands to track buffer leaking: “dm gi-buffer-debug” and “dm track-buffer-show” do not
display the used buffers.
Probability:
High
Feature:
FCX Platform Specific features
Function:
Management Port
Reported In Release:
FI 07.2.02
Service Request ID:
602867
IronWare Software Release R07.3.00p Page 106 of 113
Defect ID:
DEFECT000350084
Technical Severity:
Medium
Summary:
CPU memory usage can continuously increase in 7.2.02, eventually causing the device to reload.
Symptom:
With certain network access controllers, every time a user logs in and logs out, memory usage
increases by 1%.
Probability:
High
Feature:
FIPS
Function:
FIPS
Reported In Release:
FI 07.2.02
Service Request ID:
571469
Defect ID:
DEFECT000350162
Technical Severity:
Medium
Summary:
FCX PoE power allocating 30 watts although the port is down and is not operational .
Symptom:
Under some circumstances, the 'show inline power' displays that the port is allocated 30 Watts
even though the port is down and operationally off.
Probability:
Low
Feature:
FCX Layer1 features
Function:
PoE/PoE+
Reported In Release:
FI 07.2.02
Service Request ID:
608563
Defect ID:
DEFECT000350302
Technical Severity:
Medium
Summary:
On a 2-Unit FCX stack with a trunk configured across the units, traffic doesn’t fall back to the
Standby ports when the Active goes down.
Symptom:
After power cycling the master in a 2 unit stack, ARP is not learnt on the trunk port, causing packet
loss.
Probability:
High
Feature:
FCX L2 Control
Function:
LinkAggregation - LACP/Dynamic
Reported In Release:
FI 07.2.02
Service Request ID:
599545
Defect ID:
DEFECT000350592
Technical Severity:
High
Summary:
FWS cannot load router code with license upon erasing the EEPROM.
Symptom:
If EEPROM is erased, FWS with valid license shows error message and does not boot up when
trying to load a router image.
Probability:
High
Feature:
SW licensing
Function:
Licensing All
Reported In Release:
FI 07.3.00
Defect ID:
DEFECT000352213
Technical Severity:
High
Summary:
After reloading, ICXs console halts for over 25 minutes to sync up the dhcp_lease_binding.txt file of
size 23000 bytes in flash.
Symptom:
ICXs console halts for over 25 minutes
Probability:
Medium
Feature:
FI Embedded Management
Function:
DHCP IPv4 Client/Server
Reported In Release:
FI 07.3.00
Defect ID:
DEFECT000352356
Technical Severity:
Medium
Summary:
Uplink-switch fails to limit the formation of IPv6 neighbor relationships in a VLAN if management-
vlan is configured in a separate VLAN.
Symptom:
If you enable management-vlan in one VLAN and then enable uplink-switch in another VLAN, the
VLAN with uplink-switch will successfully prevent ARP request broadcasts from being forwarded
between non-uplink ports, but it will fail to prevent IPv6 neighbor relationships from being formed
between non-uplink ports.
Probability:
High
Feature:
FI L2
Function:
Forwarding - uplink switch
Reported In Release:
FI 07.3.00
Service Request ID:
623977
IronWare Software Release R07.3.00p Page 107 of 113
Defect ID:
DEFECT000352576
Technical Severity:
Medium
Summary:
CPU Memory leak is not traceable by the memory leak finding tool.
Symptom:
Although “show memory” command detects that CPU memory is depleting, the “dm mem-leak”
tool fails to identify it.
Probability:
High
Feature:
FI Debug support
Function:
dm commands - General
Reported In Release:
FI 07.3.00
Defect ID:
DEFECT000353245
Technical Severity:
High
Summary:
System allocates 30W power to a PoE Port even if it detects a non-Powered Device connected to it
Symptom:
Although the System correctly detects the operational state of a port connected to a non-Powered
Device as off, it may still allocate 30W to it.
Probability:
High
Feature:
FI Platform Specific features
Function:
PoE/PoE+
Reported In Release:
FI 07.3.00
Defect ID:
DEFECT000353729
Technical Severity:
Medium
Summary:
FCX/FGS switches are not responding to ICMPv6 echo request
Symptom:
FESX6, FCX and FGS switches may fail to reply to ICMPv6 echo request sent by router or IPV6
server (Linux) that is directly connected to the switch.
Probability:
High
Feature:
FCX Layer 3 Forwarding - IPV6
Function:
Data Forwarding (IPV6)
Reported In Release:
FI 07.2.02
Service Request ID:
611321
Defect ID:
DEFECT00053823
Technical Severity:
High
Summary:
[SX] Multicast traffic duplicated when the VEs with pim-sparse configured face towards a SWTCH
Symptom:
Duplicate multicast packets are seen on other devices in the network
Probability:
Medium
Feature:
FI L3 Multicast
Function:
Control Plane - PIM Sparse
Reported In Release:
FI 07.3.00
Defect ID:
DEFECT000353828
Technical Severity:
High
Summary:
ZR Optic is not passing traffic after upgrading to 7.2.02.
Symptom:
When upgrading from 7.2.00 to 7.2.02a on FCX platform, 10G-ZR optics send traffic but do not
receive traffic.
Probability:
High
Feature:
Optics
Function:
OPTICS
Reported In Release:
FI 07.2.02
Service Request ID:
568471
Defect ID:
DEFECT000354169
Technical Severity:
Medium
Summary:
A system memory leak may be seen when running PIM Routing
Symptom:
Stack trace messages are printed on the console while the “show memory” output shows a rapid
increase in memory consumption, eventually leading to a system reload.
Probability:
High
Feature:
SX L2/L3 Multicast Features
Function:
PIM Sparse
Reported In Release:
FI 07.3.00
Service Request ID:
670015
IronWare Software Release R07.3.00p Page 108 of 113
Defect ID:
DEFECT000354279
Technical Severity:
High
Summary:
FCX may allocate incorrect wattage to all ports with Powered Devices, regardless of class.
Symptom:
After configuring "inline power power-by-class 1" and then "inline power power-by-class 0", FCX will
allocate 30W to all ports with PD.
Probability:
High
Feature:
FI Platform Specific features
Function:
PoE/PoE+
Reported In Release:
FI 07.3.00
Defect ID:
DEFECT000355279
Technical Severity:
Medium
Summary:
DHCP Server-Client binding does not get cleared when "no ip dhcp-client enable" is issued on the
client.
Symptom:
A new IP address is not assigned for 5 or more minutes even if the “no ip dhcp-client enable”
command is issued to clear the original DHCP Server-Client binding.
Probability:
High
Feature:
FCX DHCP
Function:
Server
Reported In Release:
FI 07.2.02
Defect ID:
DEFECT000355497
Technical Severity:
Medium
Summary:
FCX cannot process ARP Requests at a high rate
Symptom:
FCX does not process more than 256 ARP Request packets per second.
Probability:
High
Feature:
FCX Layer 3 Forwarding IPv4
Function:
Data Forwarding (IPv4)
Reported In Release:
FI 07.2.02
Service Request ID:
625975
Defect ID:
DEFECT000356155
Technical Severity:
Medium
Summary:
After the Master unit in a stack goes down, OSPF routes that used this disabled unit’s ports can
remain in the routing table indefinitely.
Symptom:
After the Master unit in a stack goes down, OSPF routes that used this disabled unit’s ports will
remain in the routing table indefinitely.
Probability:
High
Feature:
OSPF
Function:
OSPF
Reported In Release:
FI 07.2.02
Service Request ID:
632283
Defect ID: DEFECT000356415
Technical Severity: Critical
Summary: System unexpectedly resets after becoming unresponsive
Symptom: Device displays LID message, then freezes and is unresponsive even from console.
Feature: Sw licensing
Function: Licensing
Probability: Low
Found in Release: FI 07.3.00
Service Request ID: 642829
Defect ID:
DEFECT000356978
Technical Severity:
High
Summary:
FCX / STK2: After active unit was removed from the stack, OSPF interfaces on standby or member
unit stayed in EXST state
Symptom:
OSPF neighbor relationship is not formed
Probability:
Medium
Feature:
FI L3 Unicast
Function:
Control Plane - OSPF/OSPFv3
Reported In Release:
FI 07.3.00
IronWare Software Release R07.3.00p Page 109 of 113
Defect ID:
DEFECT000357433
Technical Severity:
High
Summary:
Layer 3 traffic sometimes does not get forwarded on an FCX stack.
Symptom:
IP Traffic is not forwarded on an FCX stack’s member units.
Workaround:
Clearing the MAC or ARP tables temporarily resolves the problem.
Probability:
Low
Feature:
FCX Layer 3 Forwarding - IPV4
Function:
Data Forwarding (IPV4)
Reported In Release:
FI 07.2.02
Service Request ID:
601967
Defect ID:
DEFECT000357491
Technical Severity:
Medium
Summary:
Rare error during baseline synchronization between Active and Standby Management modules
may lead to unexpected system reset
Symptom:
In very rare cases during baseline synchronization stage, an error may occur that can lead to
unexpected system reset.
Probability:
Low
Feature:
SX Platform Specific features
Function:
Management module redundancy
Reported In Release:
FI 07.2.00
Service Request ID:
266664
Defect ID:
DEFECT000358149
Technical Severity:
High
Summary:
Watchdog reset may occur during system bring-up
Symptom:
During reboot, system may become unresponsive and reload unexpectedly
Probability:
Low
Feature:
FI Platform Specific features
Function:
SYSTEM
Reported In Release:
FI 07.3.00
Service Request ID:
642829
Defect ID:
DEFECT000358969
Technical Severity:
High
Summary:
DHCP Server binding table shows a single IP address bound to multiple MAC addresses
Symptom:
When DHCP Server is enabled, multiple clients sending DHCP requests to a single port may get the
same IP address assigned to them.
Probability:
Medium
Feature:
FCX DHCP
Function:
Server
Reported In Release:
FI 07.2.02
Defect ID:
DEFECT000359744
Technical Severity:
Medium
Summary:
FESX6 code flash memory is incorrectly displayed as 16MB
Symptom:
FESX6 code flash memory is displayed 16MB instead of 8MB
Probability:
High
Feature:
SX_SYSTEM
Function:
UNDETERMINED
Reported In Release:
FI 07.2.02
Service Request ID:
640449
Defect ID:
DEFECT000360173
Technical Severity:
High
Summary:
After enabling Single Spanning-tree and reloading the device, Eth1 the first port of the system may
be removed from the VLAN 1
Symptom:
After enabling Single Spanning-tree and reloading the device, Eth1 the first port of the system may
be removed from the VLAN 1
Probability:
High
Feature:
SX L2 Control
Function:
single spanning-tree
Reported In Release:
FI 07.2.02
Service Request ID:
643797
IronWare Software Release R07.3.00p Page 110 of 113
Defect ID:
DEFECT000363716
Technical Severity:
Medium
Summary:
FCX CPU rate limits broadcast ARP packets to as low as 256 Packets per second
Symptom:
ARP resolution will fail
Probability:
Medium
Feature:
FCX Layer 3 Forwarding - IPV4 and IPV6
Function:
ARP
Reported In Release:
FI 07.2.02
Service Request ID:
653983
Defect ID:
DEFECT000364534
Technical Severity:
Medium
Summary:
When the Master unit of a stack is powered off, the ARP entries that are bound to ports on that
unit are not updated even though the MAC entries are updated correctly.
Symptom:
Stacking FCX fails to transmit L3 routing packet when Master unit is powered off. 'show arp' shows
a port on the old Master unit which is inactive.
Probability:
High
Feature:
FCX Layer 3 Forwarding - IPV4
Function:
Data Forwarding (IPV4)
Reported In Release:
FI 07.2.02
Service Request ID:
658785
Defect ID:
DEFECT000365673
Technical Severity:
Medium
Summary:
Not able to ping the FSX from directly connected PC on 48 port poe card
Symptom:
Unable to ping the FSX from directly connected PC on 48 port poe card
Probability:
High
Feature:
SX Layer 3 Forwarding - IPV4
Function:
Data Forwarding (IPV4)
Reported In Release:
FI 07.2.02
Service Request ID:
646649
Defect ID:
DEFECT000365696
Technical Severity:
High
Summary:
A Layer 2 Multicast Client may not be able to receive a multicast stream when PIM Dense Mode is
configured
Symptom:
When FCX is running PIM Dense Mode, some Layer 2 receivers may not receive the data.
Probability:
Medium
Feature:
FCX L2/L3 Multicast Features
Function:
PIM Dense
Reported In Release:
FI 07.2.02
Defect ID:
DEFECT000366413
Technical Severity:
Critical
Summary:
static default route does not get updated after master unit down
Symptom:
If there are multiple static default routes from both master and non-master units, the default route
from the master unit is correctly displayed in the routing table. But if the master unit is powered
down, this route will still be displayed instead of the route from the non-master unit.
Probability:
Medium
Feature:
FCX Layer 3 Forwarding - IPV4
Function:
STATIC ROUTES (IPV4)
Reported In Release:
FI 07.2.02
Service Request ID:
665605
Defect ID:
DEFECT000366766
Technical Severity:
High
Summary:
OSPFv2 Type4 ASBR Summary LSA is removed if the neighbor ASBR’s interface in the same area is
deleted.
Symptom:
ASBR route is not advertised properly and subsequently, redistributed routes are not installed in
the routing table.
Probability:
High
Feature:
FI L3 Unicast
Function:
Control Plane - OSPF/OSPFv3
Reported In Release:
FI 07.3.00
Service Request ID:
642515
IronWare Software Release R07.3.00p Page 111 of 113
Defect ID:
DEFECT000368465
Technical Severity:
High
Summary:
When the sFlow collector is configured on a VE, FCX member units may reload unexpectedly
Symptom:
When adding/removing RSTP config from the VLAN, member units may reload if sFlow is
configured on the VE for that VLAN.
Probability:
High
Feature:
FCX Network Management
Function:
sFlow
Reported In Release:
FI 07.2.02
Service Request ID:
669137
Defect ID:
DEFECT000362369
Technical Severity:
Medium
Summary:
Spanning Tree State Not In SYNC with Primary Port of Trunk Port after stack is rebooted.
Symptom:
After hitless failover, Spanning Tree state on the primary port of a trunk shows correctly as "OFF"
but shows incorrectly as ON on the member port
Probability:
Medium
Feature:
FCX L2 Control
Function:
LinkAggregation - LACP/Dynamic
Reported In Release:
FI 07.2.02
Service Request ID:
645709
37BCustomer reported defects closed without code in Release 07.3.00
This section lists the defects with Critical, High and Medium Technical Severity closed without a code change
as of October 13, 2011.
Defect ID:
DEFECT000344733
Technical Severity:
Medium
Summary:
Secure copy does not work if done to startup config.
Symptom:
Secure copy to startup configuration on FCX fails, although secure copy to running configuration
works.
Probability:
Medium
Feature:
FCX Management Functionality
Function:
CLI and parser
Reported In Release:
FI 07.2.02
Service Request ID:
585183
Defect ID:
DEFECT000351027
Technical Severity:
Medium
Summary:
FCX HPOE products with Advanced License are incorrectly displayed as POE.
Symptom:
The output of “show version” displays FCX648 and FCX624 HPOE products with Advanced
License as “FCX648S-POE-PREM” and “FCX624S-POE-PREM” respectively.
Probability:
High
Feature:
FCX Management Functionality
Function:
CLI and parser
Reported In Release:
FI 07.2.02
Defect ID:
DEFECT000363357
Technical Severity:
High
Summary:
SXR07300q053 STBY MP continuously reloads after downgrade to SXR07202d
Symptom:
STBY module resets after downgrade
Probability:
High
Feature:
FI Platform Specific features
Function:
Management module redundancy
Reported In Release:
FI 07.3.00
IronWare Software Release R07.3.00p Page 112 of 113
Defect ID:
DEFECT000365719
Technical Severity:
Medium
Summary:
dynamic-vlan-discovery is enabled by default
Symptom:
A customer noted strange traffic similar to udld in ether type and destination mac
0x885a and 00:e0:52:00:00:00
Workaround:
'no dynamic-vlan-discovery' will disable the feature
Probability:
High
Feature:
L2
Function:
Dynamic VLAN Discovery
Reported In Release:
FI 07.2.02
Service Request ID:
643357
Defect ID:
DEFECT000369317
Technical Severity:
Medium
Summary:
Connectivity problem along with ARP error messages that are displayed on the console
Symptom:
Keep getting "pp_find_arp_entry failed to create ARP" entry on the console while connectivity to
the Internet is lost.
Probability:
High
Feature:
FCX Layer 3 Forwarding - IPV4
Function:
ARP
Reported In Release:
FI 07.2.02
Service Request ID:
671567
Open defects in Release 07.3.00
This section lists defects with High or Medium Technical Severity as of December 9, 2011. The presence of a
defect in this list can be prompted by several different circumstances. For example, some defects may have
been initially reported against an earlier release in the field. Brocade’s standard process in such cases is to
open defects against the current release that might experience the same issues, and close them only when a
fix is implemented, or if it is determined that the problem does not exist with the current release.
In other cases, a fix has been developed but has not been implemented in this release because it requires
particularly extensive code changes or regression testing to ensure that the fix does not create new problems.
Such fixes will appear in future releases.
None of these defects have the requisite combination of probability and severity to cause significant concern
to Brocade customers.
Note that when a workaround to an issue is available, it is provided; otherwise, no recommended workaround
is available at this time.
Defect ID:
DEFECT000379038
Technical Severity:
Critical
Summary:
High CPU condition when there are none POE devices connect to POE enabled ports
Symptom:
High CPU condition when there are none POE devices connect to POE enabled ports
Workaround:
disable legacy POE detection, by configure the following at the global configuration
no legacy -inline-power <slot#>
Probability:
High
Feature:
Power over Ethernet
Function:
Power over Ethernet
Reported In Release:
FI 07.3.00
Service Request ID:
680137
Defect ID: DEFECT000344548
Technical Severity: Medium
Summary: Unexpected Flow Control behavior when negotiation is enabled on one end and flow control is
disabled on the other
Symptom: Flow control operational state on the interface is displayed as being enabled when it should
be disabled.
Workaround: Disable and re-enable one of the ports or disconnect and reconnect the UTP cable
Feature: FCX Layer1 features
Function: Auto Negotiation
Probability: Low
Found in Release: FI 07.2.02
Service Request ID: 544899
IronWare Software Release R07.3.00p Page 113 of 113
Defect ID: DEFECT000368913
Technical Severity: Medium
Summary: Memory tracking debug command may not work for all cases
Symptom: Some memory leak conditions may not be detected using the “dm mem-leak” tool.
Feature: FCX L2 Forwarding
Function: UNDETERMINED
Probability: Medium
Found in Release: FI 07.2.02
Service Request ID:
Defect ID:
DEFECT000365688
Technical Severity:
High
Summary:
On ICX, if copper GBIC is used in the 10G port, sometimes the link may not come up after reboot
Symptom:
If copper GBIC is used in the 10G port, sometimes the link may not come up after reboot
Probability:
Medium
Feature:
ICX Layer1 features
Function:
Optics
Reported In Release:
FI 07.3.00
Defect ID:
DEFECT000337878
Technical Severity:
Medium
Summary:
Unable to create a VLAN using vlan-group using SSH if aaa accounting is configured.
Symptom:
When creating a vlan-group only the first VLAN was created.
Feature:
TI L2 Protocol
Function:
VLAN GROUP
Service Request ID:
267889
Reported In Release:
FI TI 04.2.00
Probability:
Medium

Navigation menu