Ruckus FastIron 08.0.50 Release Notes, V1 Fast Iron Notes 08050
FastIron 08.0.50 Release Notes FastIron_08050_ReleaseNotes_v1
2017-12-14
User Manual: Ruckus FastIron 08.0.50 Release Notes
Open the PDF directly: View PDF 
.
Page Count: 112
| Download | |
| Open PDF In Browser | View PDF |
16 November 2016 FastIron 08.0.50 for Brocade ICX Switches Release Notes Version 1 Copyright © 2016 Brocade Communications Systems, Inc. All Rights Reserved. Brocade, the B-wing symbol, and MyBrocade are registered trademarks of Brocade Communications Systems, Inc., in the United States and in other countries. Other brands, product names, or service names mentioned of Brocade Communications Systems, Inc. are listed at www.brocade.com/en/legal/brocade-Legal-intellectual-property/brocade-legal-trademarks.html. Other marks may belong to third parties. Notice: This document is for informational purposes only and does not set forth any warranty, expressed or implied, concerning any equipment, equipment feature, or service offered or to be offered by Brocade. Brocade reserves the right to make changes to this document at any time, without notice, and assumes no responsibility for its use. This informational document describes features that may not be currently available. Contact a Brocade sales office for information on feature and product availability. Export of technical data contained in this document may require an export license from the United States government. The authors and Brocade Communications Systems, Inc. assume no liability or responsibility to any person or entity with respect to the accuracy of this document or any loss, cost, liability, or damages arising from the information contained herein or the computer programs that accompany it. The product described by this document may contain open source software covered by the GNU General Public License or other open source license agreements. To find out which open source software is included in Brocade products, view the licensing terms applicable to the open source software, and obtain a copy of the programming source code, please visit http://www.brocade.com/support/oscd. FastIron 08.0.50 for Brocade ICX Switches Release Notes Version 1 2 Contents Document history ......................................................................................................................................... 4 Preface .......................................................................................................................................................... 5 Contacting Brocade Technical Support ..................................................................................................... 5 Related documentation ............................................................................................................................ 5 Document feedback .................................................................................................................................. 6 Overview ....................................................................................................................................................... 7 New in this release ........................................................................................................................................ 8 Hardware .................................................................................................................................................. 8 Software features ..................................................................................................................................... 8 CLI changes.............................................................................................................................................. 11 Newly supported RFCs and standards .................................................................................................... 16 Hardware support ....................................................................................................................................... 17 Supported devices .................................................................................................................................. 17 Supported power supplies ...................................................................................................................... 17 Supported optics ..................................................................................................................................... 17 Software upgrade and downgrade ............................................................................................................. 18 Image file names ..................................................................................................................................... 18 PoE firmware files ................................................................................................................................... 18 Defects ........................................................................................................................................................ 19 Closed with code changes in release 8.0.50 ........................................................................................... 19 Closed without code changes ................................................................................................................. 76 Known issues........................................................................................................................................... 98 FastIron 08.0.50 for Brocade ICX Switches Release Notes Version 1 3 Document history Version FastIron 8.0.50 for Brocade ICX Switches Release Notes Version 1 Summary of changes New enhancements and features for the 8.0.50 release. FastIron 08.0.50 for Brocade ICX Switches Release Notes Version 1 Publication date November 16, 2016 4 Preface Contacting Brocade Technical Support As a Brocade customer, you can contact Brocade Technical Support 24x7 online, by telephone, or by e-mail. Brocade OEM customers should contact their OEM/solution provider. Brocade customers For product support information and the latest information on contacting the Technical Assistance Center, go to www.brocade.com and select Support. If you have purchased Brocade product support directly from Brocade, use one of the following methods to contact the Brocade Technical Assistance Center 24x7. Online Telephone E-mail Preferred method of contact for non-urgent issues: • Case management through the MyBrocade portal. • Quick Access links to Knowledge Base, Community, Document Library, Software Downloads and Licensing tools. Required for Sev 1-Critical and Sev 2-High issues: • Continental US: 1-800-7528061 • Europe, Middle East, Africa, and Asia Pacific: +800-AT FIBREE (+800 28 34 27 33) • Toll-free numbers are available in many countries. • For areas unable to access a toll free number: +1-408333-6061 support@brocade.com Please include: • Problem summary • Serial number • Installation details • Environment description Brocade OEM customers If you have purchased Brocade product support from a Brocade OEM/solution provider, contact your OEM/solution provider for all of your product support needs. • • • • OEM/solution providers are trained and certified by Brocade to support Brocade® products. Brocade provides backline support for issues that cannot be resolved by the OEM/solution provider. Brocade Supplemental Support augments your existing OEM support contract, providing direct access to Brocade expertise. For more information, contact Brocade or your OEM. For questions regarding service levels and response times, contact your OEM/solution provider. Related documentation Visit the Brocade website to locate related documentation for your product and additional Brocade resources. FastIron 08.0.50 for Brocade ICX Switches Release Notes Version 1 5 White papers, data sheets, and the most recent versions of Brocade software and hardware manuals are available at www.brocade.com. Product documentation for all supported releases is available to registered users at MyBrocade. Click the Support tab and select Document Library to access documentation on MyBrocade or www.brocade.com. You can locate documentation by product or by operating system. Release notes are bundled with software downloads on MyBrocade. Links to software downloads are available on the MyBrocade landing page and in the Document Library. Document feedback Quality is our first concern at Brocade and we have made every effort to ensure the accuracy and completeness of this document. However, if you find an error or an omission, or you think that a topic needs further development, we want to hear from you. You can provide feedback in two ways: • • Through the online feedback form in the HTML documents posted on www.brocade.com. By sending your feedback to documentation@brocade.com. Provide the publication title, part number, and as much detail as possible, including the topic heading and page number if applicable, as well as your suggestions for improvement. FastIron 08.0.50 for Brocade ICX Switches Release Notes Version 1 6 Overview Brocade FastIron Release 8.0.50 introduces several new software features, with a continued commitment to The Effortless Network™ vision of making the network flexible, easy to manage, and cost-effective. The Effortless Network™ is enabled by Brocade® Campus Fabric, which brings campus networks into the modern era to better support mobility, security, and application agility. This evolutionary architecture integrates innovative technologies to streamline application deployment, simplify network management, and reduce operating costs. FastIron 08.0.50 for Brocade ICX Switches Release Notes Version 1 7 New in this release Hardware The following section lists new hardware introduced with this release. None. Software features The following section lists new, modified, and deprecated software features for this release. For information about which platforms support these features, refer to the FastIron Features and Standards Support Matrix, available at www.brocade.com. New software features for 8.0.50 The following software features are new in this release. • Campus Fabric enhancements: o 802.1BR port extender (PE) support on ICX 7250—The ICX 7250 can be enabled as a PE unit and added to a PE chain or ring that includes other ICX 7250 or ICX 7450 devices. o ICX 7250 PoD license and speed negotiation—From the CB console, you can download PoD licenses to or remove them from an ICX 7250 used as a PE in a Campus Fabric (SPX) system. Limited speed negotiation allows 1-Gbps ICX 7250 interfaces to be converted to 10-Gbps SPX interfaces and vice versa. o ICX 7450 model support—All ICX 7450 models, now including the ICX 7450-32ZP, can be enabled as PE units. o ACL- and VLAN-based mirroring—Support for ACL-based and VLAN mirroring on PE units has been added. o Security feature enhancements—Dynamic ARP Inspection (DAI), Neighbor Discovery (ND) inspection, DHCPv4 snooping, DHCPv6 snooping, IPv4 Source Guard, Flexible Authentication (802.1X and MAC authentication), Web Authentication, Ingress port rate limiting, and Egress port rate shaping are enabled on PE units. o Ring topology with load balancing across uplinks—PE units, which previously could be configured only in a chain, can be configured in a ring. o sFlow for Campus Fabric o Support for up to 36 PEs. o uRPF on PE ports—Unicast Reverse Path Forwarding (uRPF) checks are supported in PE units. FastIron 08.0.50 for Brocade ICX Switches Release Notes Version 1 8 o Zero touch SPX deployment—Once the Control Bridge is provisioned, this feature discovers new PE units running in router mode, assigns them IDs, defines SPX ports or LAGs, and reloads them as PE units. • In-Service Software Upgrade (ISSU) for stacking—With ISSU, the stack upgrade occurs in a particular sequence (one switch at a time), aimed at reducing the disruption of the customer network connected to the stack. • Security enhancements: o Sequence numbering in ACLs—You can edit the ACLs using sequence numbers without having to un-configure and re-configure all the ACL filters. o Egress ACL logging support—On both the Brocade ICX 7250 and ICX 7450 series, ACL logging is now supported for egress ACLs. o Interim RADIUS accounting updates for 802.1x authentication and MAC authentication—Apart from setting the device to send the Accounting Start and Accounting Stop messages, you can configure the device to send interim updates of accounting messages to the RADIUS server at regular intervals. o RADIUS dead server detection—The RADIUS servers that are unavailable or that have stopped responding can be detected and marked as dead servers. o Classification of RADIUS servers—RADIUS servers can be configured to be used only for 802.1X authentication, MAC authentication, Web authentication, or a combination of these authentication methods. o Accounting for 802.1x and MAC authentication—Enables the device to log information on the RADIUS server about 802.1X and MAC authenticated clients. o Outbound dynamic IPv4 ACLs and IPv6 ACLs—In addition to inbound dynamic ACL support, outbound dynamic IPv4 ACLs and IPv6 ACLs are supported. o IPv6 ACL support—In addition to dynamic IPv4 ACL support, 802.1X authentication and MAC authentication implementations support dynamically applying IPv6 ACLs to a port. o Configurable URL for External Web Authentication (URL re-direct) o IPsec—Internet Protocol security (IPsec) is supported on the Brocade ICX 7450 platform to provide secure communication between devices at the network layer (Layer 3) across public and private networks. o PBR support on interface in a VRF—Policy-based routing can be applied on interfaces that belong to VRFs. PBR can also be used to map IP traffic into a GRE tunnel or IPsec tunnel, wherein the VRF of the tunnel interface is considered as the VRF of the next hop. FastIron 08.0.50 for Brocade ICX Switches Release Notes Version 1 9 o CoA extended options: Brocade vendor-specific Foundry-COA-Command attribute for RADIUS server o Two-factor authentication with TACACS+ server • LLDP port ID subtype configuration for E-911—The LLDP port ID subtype is now configurable and can be set to advertise information about the physical location of a port on Brocade ICX 7750, Brocade ICX 7450, and Brocade ICX 7250 devices. • Time Zone configuration enhancements: o Global time zone support—Supports new time zones added for Australia and European countries. o Ability to set summer-time start and end dates for non-US time zones—System clock configuration of time zones and summer time intervals is supported using CLI commands. • Remove temperature threshold for shutdown (battle short mode) • Layer 2 mode querier configurable source IP address for multicast snooping—This feature allows you to configure a Layer 2 mode querier IP address in IPv4 and IPv6 environments. • Resilient hashing—Resilient hashing is a load balancing method to minimize the destination path remapping in case of LAG link failure. Resilient hashing works in conjunction with static hashing algorithm. • Multiple PVLAN support per port—Brocade FastIron devices allow users to configure ports in multiple primary or secondary PVLANs. Dual mode support is also added for PVLANs. The PVLANs must be of the same type (primary, isolated, community) on each port. Each PVLAN on a port belongs to a different PVLAN domain. • OOB interface enhancements—The out-of-band (OOB) management port is now a member of the management VLAN and can be configured to be a member of the management VRF, with additional options. • DHCP option 82 (ASCII support) • Change IP address using replace keyword—You can change Management IP address across many interfaces in one step. • IPv6 default gateway support • VRF support on ICX 7250. In addition, VRF on the ICX 7450 is increased to 32. • Route only—This feature provides the ability to enable or disable Layer 2 switching. • ICX 7750 simultaneous front and rear panel stacking—ICX 7750 Modules 2 and 3 can support stacking simultaneously. FastIron 08.0.50 for Brocade ICX Switches Release Notes Version 1 10 • VRRP-E hitless upgrade—When enabled, VRRP-E hitless upgrade decreases the priority of the master router VRID to allow upgrades or troubleshooting on the master router. When combined with the short-path forwarding functionality, traffic loss can be avoided. • OpenFlow Layer 2 Hybrid Port Mode—Layer 2 protocols support and MAC learning for OpenFlow hybrid ports • SNMP updates— o SNMP support for 802.1BR Phase II—Introduced ICX 7250 to PE units on the 802.1BR system. o NMS support for ZeroTouch—ZeroTouch discovers new PE-capable units, assigns IDs, defines SPX-ports/LAGs, and converts them to PE mode to join the system. o SNMP support for optical monitoring for Brocade ICX 7450 and ICX 7250 devices. o NMS support for ISSU—Stack upgrade avoids the entire stack going down for a reload at once for an image upgrade process. o SNMP MIB support for VRRP (RFC 2787)—Support extended for ICX 7750, ICX 7450, and ICX 7250 devices. o SNMP MIB support for Entity MIB (RFC 4133)—Supporting Entity MIB for a standalone or a stacking system on ICX 7750, ICX 7450, or ICX 7250 devices. CLI changes The following section lists new, modified, and deprecated commands for this release. New commands in 8.0.50 The following commands are new in this release: • aaa accounting mac-auth—Enables RADIUS accounting for MAC authentication sessions. • authentication (IKEv2)—Configures an authentication proposal for an Internet Key Exchange version 2 (IKEv2) profile. • clear ikev2 sa—Clears Internet Key Exchange version 2 security associations (IKEv2 SAs). • clear ikev2 statistics—Clears IKEv2 statistics by resetting the various IKEv2 counters to zero. • clear ipsec sa—Clears IPsec security associations (SAs). • description (IKEv2)—Describes an IKEv2 profile. • description (IPsec)—Describes an IP security (IPsec) profile. • dhcp snooping relay information circuit-id—Configures a unique circuit ID per port. • dhcp snooping relay information remote-id—Configures a unique remote ID per port. • dhgroup—Configures a Diffie-Hellman (DH) group for an IKEv2 proposal. • encapsulation-mode—Specifies the encapsulation mode for an IPsec proposal. FastIron 08.0.50 for Brocade ICX Switches Release Notes Version 1 11 • encryption—Configures an encryption algorithm for an IKEv2 proposal. • encryption-algorithm—Configures an encryption algorithm to protect data traffic for an IPsec proposal. • ike-profile—Configures an IKEv2 profile for an IPsec profile. • ikev2 auth-proposal—Creates an IKEv2 authentication proposal and enters configuration mode for the proposal. • ikev2 exchange-max-time—Configures the maximum setup time for IKEv2 message exchange. • ikev2 limit—Configures limits for the number of IKEv2 security association (SA) sessions. • ikev2 policy—Creates an IKEv2 policy and enters IKEv2 policy configuration mode. • ikev2 profile—Creates an IKEv2 profile and enters IKEv2 profile configuration mode. • ikev2 proposal—Creates an IKEv2 proposal and enters IKEv2 proposal configuration mode. • ikev2 retransmit-interval—Configures the delay time for resending IKEv2 messages. • ikev2 retry-count—Configures the maximum number of attempts to retransmit an IKEv2 message. • initial-contact-payload—Configures sending an initial contact message to a peer for an IKEv2 profile. • integrity—Configures an integrity algorithm for an IKEv2 proposal. • ipsec profile—Creates an IPsec profile and enters IPsec profile configuration mode. • ipsec proposal—Creates an IPsec proposal and enters IPsec proposal configuration mode. • issu abort—Initiates an in service software upgrade (ISSU) termination. • issu primary—Initiates an in-service software upgrade (ISSU) using the image on the primary partition and configures the system to reload from either the primary image or the secondary image if the upgrade fails. • issu secondary—Initiates an in-service software upgrade (ISSU) using the image on the secondary partition and configures the system to reload from the image in either the primary partition or the secondary partition should the upgrade fail. • keepalive (IKEv2)—Configures the interval between IKEv2 messages that are sent to detect if a peer is still alive. • lifetime (IKEv2)—Configures the lifetime period of an IKEv2 security association (SA) for an IKEv2 profile. • lifetime (IPsec)—Configures the lifetime period of an IPsec security association (SA) for an IPsec profile. • lldp advertise port-id-subtype—Specifies the Link Layer Discovery Protocol (LLDP) port ID subtype information to advertise as the port ID. FastIron 08.0.50 for Brocade ICX Switches Release Notes Version 1 12 • local-identifier—Configures the local system identifier for an IKEv2 profile. • logging enable ikev2—Enables system log messages and traps for IKEv2 events. • logging enable ipsec—Enables system log messages and traps for IPsec events. • match address-local—Configures matching an IKEv2 policy based on local IPv4 address. • match fvrf—Configures matching an IKEv2 policy based on a front-door virtual routing forwarding (fvrf). • match-identity—Configures match options for an IKEv2 profile based on local or remote identity parameters. • multicast querier-address—Configures the IPv4 querier address per VLAN. • multicast6 querier-address—Configures the IPv6 querier address per VLAN. • prf—Configures a pseudorandom function (PRF) for an IKEv2 proposal. • proposal (IKEv2)—Configures an IKEv2 proposal for an IKEv2 policy. • proposal (IPsec)—Configures an IPsec proposal for an IPsec profile. • protected—Configures VRF traffic protection for an IKEv2 profile. • radius-server accounting—Configures to send interim updates of accounting messages to the RADIUS server at regular intervals. • radius-server test—Sets the user name to be used in the RADIUS request packets for RADIUS dead server detection. • remote-identifier—Configures a remote identifier for an IKEv2 profile. • responder-only—Configures responder-only mode for an IKEv2 profile. • set next-hop-ip-tunnel—Configures an IPsec or GRE tunnel interface as the next hop of a PBR route map. • show ikev2—Displays global IKEv2 configuration information. • show ikev2 auth-proposal—Displays configuration information about IKEv2 authentication proposals. • show ikev2 policy—Displays configuration information about IKEv2 policies. • show ikev2 profile—Displays configuration information about IKEv2 profiles. • show ikev2 proposal—Displays configuration information about IKEv2 proposals. • show ikev2 sa—Displays configuration information about current IKEv2 security associations (SAs). • show ikev2 session—Displays IKEv2 session information that includes rekeys and other negotiated information. • show ikev2 statistics—Displays statistical information about IKEv2. FastIron 08.0.50 for Brocade ICX Switches Release Notes Version 1 13 • show inline power debug-info—Displays inline power debug information. • show inline power emesg—Displays a history of Power over Ethernet (PoE) events. • show ip dhcp relay information—Displays the configured DHCP relay information options. • show ip dhcp relay information brief—Displays the configured DHCP relay information options in brief. • show ipsec card-utilization—Displays information about the utilization of the IPsec interface module that includes the administration status of the module and traffic statistics. • show ipsec profile—Displays configuration information about IPsec profiles. • show ipsec proposal—Displays configuration information about IP security proposals. • show ipsec sa—Displays IPsec security association (IPsec SA) database information. • show issu errors—Displays stack upgrade error information when an upgrade is in progress. • show issu sequence—Displays the sequence in which units will be upgraded. • show issu status—Runs a pre-ISSU check and monitors the status of the current upgrade. • show module—Displays module information for stack members. • show running ikev2—Displays current IKEv2 configuration information. • show spx connections—Displays information on SPX port connections. • show spx-mon—Gives a snapshot of the SPX system. • show tech-support—Displays technical support information. • spx allow-pe-movement—Allows you to move PE units to other CB SPX ports without changing the PE ID or changing any related port configuration. • spx interactive-setup—Allows you to configure several options interactively: change existing PE IDs, discover and assign IDs to new PE units, and convert existing or new standalone devices to PE units. • spx zero-touch-deny—Configures a standalone unit so that it cannot be discovered by the SPX zero-touch or SPX interactive-setup utility. • spx-mon enable—Enables spx-mon analysis tools. • transform—Configures a transform set for an IPsec proposal. • trunk-type—Configures the resilient hashing mode as the load sharing type for active ports in a link aggregation group (LAG). • vlan-config—Configures Virtual Local Area Network (VLAN) tasks such as adding ports to a VLAN, moving untagged port membership between VLANs, and removing ports from a VLAN. • zero-touch-enable—Allows the CB in a Campus Fabric (SPX) domain to discover PE candidates and convert them to active PE units. FastIron 08.0.50 for Brocade ICX Switches Release Notes Version 1 14 • zero-touch-ports—Defines additional ports on which candidate PE units can be discovered when the zero touch provisioning utility or spx interactive-setup is enabled. Modified commands in 8.0.50 The following commands have been modified in this release: • aaa authorization coa ignore—Added the disable-port, flip-port, and reauth-host options. • pvlan type—Beginning with this release, member ports of isolated and community VLANs cannot be member ports of any other VLAN • radius-server host—Added the mac-auth and web-auth options. • set ip next-hop—Added the vrf option. • show cpu-utilization—The command output was modified to show information for cpu0 and cpu1. • show dot1x ip-acl—The command output was updated. • show dot1x sessions—The command output was updated. • show inline power—Added the debug-info keyword. • show inline power detail—Added the debug-info keyword. • show lag—The command was modified to display a changed output for the “resilient-hash” trunk type in the LAG configuration. • show mac-authentication ip-acl—The command output was updated. • show mac-authentication sessions—The command output was updated. • show spx—Added the PE ring and zero-IPC parameters. • show statistics tunnel—The command was modified to display IPsec tunnel information on the Brocade ICX 7450. • show vlan—The command was modified to display the VLAN membership type in the show vlan brief ethernet command output. • spx cb-configure—The command was modified to include zero-touch-enable and zerotouch-ports commands. • spx unconfigure—The unit-id key word was added to allow for a list of IDs to be unconfigured simultaneously. FastIron 08.0.50 for Brocade ICX Switches Release Notes Version 1 15 Newly supported RFCs and standards The following RFCs and standards are newly supported in the 8.0.50 release: • • RFC 4133—Entity MIB (Version 3) RFC 5176—Dynamic Authorization Extensions to Remote Authentication Dial In User Service (RADIUS) FastIron 08.0.50 for Brocade ICX Switches Release Notes Version 1 16 Hardware support Supported devices The following devices are supported in this release: • • • ICX 7250 Series (ICX 7250-24, ICX 7250-24G, ICX 7250-24P, ICX 7250-48, ICX 7250-48P) ICX 7450 Series (ICX 7450-24, ICX 7450-24P, ICX 7450-32ZP, ICX 7450-48, ICX 7450-48F, ICX 7450-48P) ICX 7750 Series (ICX 7750-26Q, ICX 7750-48C, ICX 7750-48F) Supported power supplies For a list of supported power supplies, refer to the Data Sheet for your device. Data Sheets are available online at www.brocade.com. Supported optics For a list of supported fiber-optic transceivers that are available from Brocade, refer to the latest version of the Brocade Optics Family Data Sheet available online at www.brocade.com. FastIron 08.0.50 for Brocade ICX Switches Release Notes Version 1 17 Software upgrade and downgrade Image file names Download the following images from www.brocade.com. Device ICX 7250 Boot image file name spz10108.bin ICX 7450 spz10108.bin ICX 7750 swz10108.bin Flash image file name SPS08050.bin (Layer 2) or SPR08050.bin (Layer 3) SPS08050.bin (Layer 2) or SPR08050.bin (Layer 3) SWS08050.bin (Layer 2) or SWR08050.bin (Layer 3) PoE firmware files The following tables lists the PoE firmware file types supported in all 08.0.50 releases. The firmware files are specific to their devices and are not interchangeable. For example, you cannot load ICX 7250 firmware on an ICX 7450 device. Note: The PoE circuitry includes a microcontroller pre-programmed at the Brocade factory. The software can be loaded as an external file. The initial release of the microcontroller code is still current and does not need to be upgraded. The PoE firmware version string will be kept updated to match the corresponding FastIron software version; however, this is only a cosmetic change, and the firmware itself remains unchanged. If a new version of the code is released, Brocade will notify its customers of the needed code upgrade. Finally, in the remote case that a failure occurs during an upgrade process, the switch would still be functional but without PoE circuitry. If you encounter such an issue, please contact Brocade Technical Support. Table 1 PoE firmware files Device Firmware version File name ICX 7250 1.6.7 b013 icx72xx_poeplus_01.6.7.b013.fw ICX 7450 1.6.7 b013 icx74xx_poh_01.6.7.b013.fw FastIron 08.0.50 for Brocade ICX Switches Release Notes Version 1 18 Defects Closed with code changes in release 8.0.50 This section lists software defects with Critical, High, and Medium Technical Severity closed with a code change as of November 15, 2016 in 8.0.50. Defect ID: DEFECT000468783 Technical Severity: Medium Probability: Medium Product: Brocade FastIron OS Technology Group: Security Reported In Release: FI 07.3.00 Technology: 802.1x Port-based Authentication Symptom: Users will not be able to authenticate via 802.1x when there are communication issues with primary Radius server even if secondary Radius server is online. Condition: This issue is observed when there is a primary Radius server failure. Workaround: Remove the primary RADIUS server configuration Defect ID: DEFECT000526560 Technical Severity: High Probability: Medium Product: Brocade FastIron OS Technology Group: Monitoring Reported In Release: FI 08.0.20 Technology: Hardware Monitoring Symptom: If the ICX7750 stack is configured using one unit's module 2 stack port connected to other unit's module 3 stack port then some CRC errors are observed on these module 2 and module 3 ports on running the traffic. Condition: This issue happens when the ICX7750 stack is formed using one unit's module 2 stack port connected to other unit's module 3 stack port using any 40G optics Defect ID: DEFECT000553444 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: Stacking Reported In Release: FI 08.0.20 Technology: Traditional Stacking Symptom: In ICX7450 or 7750 stack, outgoing IP packets from standby/member unit are updated with the source MAC of the unit's mac-address instead of stack MAC Condition: This issue is seen with 7450 or 7750 stack units after a reload, with stack mac not synchronized to standby and member unit. Workaround: Disable standby stack unit Defect ID: DEFECT000560318 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: IP Multicast Reported In Release: FI 08.0.40 Technology: IPv4 Multicast Routing Symptom: Multicast pruning may not work as expected after prune time out. Condition: The condition may be triggered by prune timer expiry. Workaround: Not Applicable. Recovery: Not Applicable. FastIron 08.0.50 for Brocade ICX Switches Release Notes Version 1 19 Defect ID: DEFECT000560785 Technical Severity: High Product: Brocade FastIron OS Reported In Release: FI 08.0.10 Probability: High Technology Group: Layer 3 Routing/Network Layer Technology: DHCP - Dynamic Host Configuration Protocol Symptom: Dynamic IP is not received by the DHCP client. Condition: Dynamic IP is not received by the DHCP client after reload. Defect ID: DEFECT000562755 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: Layer 2 Switching Reported In Release: FI 08.0.30 Technology: LAG - Link Aggregation Group Symptom: Trunk deploy fails during boot up. Condition: This issue is seen on system boot with LAG configured on 10G/1G dual-speed port where the port is configured as 1G. Defect ID: DEFECT000564114 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: Stacking Reported In Release: FI 08.0.30 Technology: Traditional Stacking Symptom: After reload of ICX 7750 12U stack, some ports randomly flap Condition: Observed when high number of 10G ports on ICX 7750 are connected to 1G peer ports and a reload is done Recovery: Reload the peer port of an interface that flaps Defect ID: DEFECT000566183 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: Layer 3 Routing/Network Layer Reported In Release: FI 08.0.30 Technology: IP Addressing Symptom: When the customer configures global route-only or route-only on an interface, he can still observe loop in the network depending on the network topology. Condition: Customer discovers traffic loops via route-only interfaces. Workaround: Enable STP on the interfaces that are potentially part of the physical loop. Defect ID: DEFECT000569399 Technical Severity: Medium Probability: High Product: Brocade FastIron OS Technology Group: Management Reported In Release: FI 08.0.40 Technology: PoE/PoE+ - Power over Ethernet Symptom: ICX7450-32ZP showing inappropriate power draw and link issues. Condition: Ports are connected to another PoE Switch. Workaround: Remove inline power configuration on both ports involved. Recovery: Remove inline power configuration on both ports involved. FastIron 08.0.50 for Brocade ICX Switches Release Notes Version 1 20 Defect ID: DEFECT000570014 Technical Severity: High Probability: Medium Product: Brocade FastIron OS Technology Group: Security Reported In Release: FI 08.0.40 Technology: ACLs - Access Control Lists Symptom: IPv4 ACLs having same names with IPv6 ACLs are deleted when performing upgrade from earlier releases to FI 08040 image. The following error is shown; IPv6 ACL with same name already exists! Please choose unique names. Invalid input -> permit ip any any , permit ip any any Type ? for a list It may cause IPv4 ACL to be deleted. Condition: During an upgrade from a prior release to FI 08040, if IPv4 and IPv6 ACLs have the same name. FI08040 release onwards, IPv4 ACLs and IPv6 ACLs can not have same name. This was permitted in the prior releases. Workaround: Don't have IPv4 and IPv6 with same ACL names prior to upgrade to FI08040 release. Reconfigure IPv4 ACLs after upgrade Recovery: Reconfigure IPv4 ACLs after upgrade Defect ID: DEFECT000571597 Technical Severity: High Probability: Low Product: Brocade FastIron OS Technology Group: Layer 3 Routing/Network Layer Reported In Release: FI 08.0.40 Technology: IP Addressing Symptom: In some scenarios, IP multicast packets receiving on route-only port gets flooded out of other routeonly ports Condition: More than 1 port [physical interface] has route-only configuration The route-only port has no IP multicast routing configuration Defect ID: DEFECT000571676 Technical Severity: High Probability: Medium Product: Brocade FastIron OS Technology Group: Layer 2 Switching Reported In Release: FI 08.0.40 Technology: LAG - Link Aggregation Group Symptom: CPU spike to 99% after enable/disable port causing multiple protocols flap viz. Lag and re convergence. Condition: enable/disable of port when the system is scaled with many L2, L3 and Multicast features viz. - 3.5K IGMP groups and .5K MLD groups spread across L2MC and L3MC , 25 VRRP instance, OSPFv3 , 1600+ ARP, Spanning tree, Lag etc. Defect ID: DEFECT000571792 Technical Severity: High Probability: High Brocade FastIron OS Product: Technology Group: Layer 2 Switching Reported In Release: FI 08.0.10 Technology: MCT - Multi-Chassis Trunking Symptom: External VRRP MAC address not showing on the correct port of ICX7750 MCT cluster after VRRP failover Condition: This is seen on VRRP failover in MCT cluster. FastIron 08.0.50 for Brocade ICX Switches Release Notes Version 1 21 Defect ID: DEFECT000572311 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: Layer 3 Routing/Network Layer Reported In Release: FI 08.0.40 Technology: ARP - Address Resolution Protocol Symptom: Ingress Gratuitous ARP on route-only lag port floods to other route-only ports. Condition: Observed when route-only configuration is given (Disabling L2 switching on an interface/globally) Workaround: No Workaround available Defect ID: DEFECT000572395 Technical Severity: High Product: Brocade FastIron OS Reported In Release: FI 08.0.30 Probability: High Technology Group: Management Technology: SNMP - Simple Network Management Protocol Symptom: SNMP walk on the management interface stops working and the CPU UDP traffic gets dropped. Condition: This issue is seen when adding a default route to the management VRF with SNMP walk on the management interface. Recovery: The following CLI is added to allow SNMP walk on Management interface to respond out of the Management interface instead of looking at the routing table available in FI 8.0.30e and later releases: [no ] ip follow-ingress-vrf By default, the CLI is not enabled. Once configured, it can be turned off by disabling. Defect ID: DEFECT000572533 Technical Severity: Medium Probability: Medium Product: Brocade FastIron OS Technology Group: Layer 3 Routing/Network Layer Reported In Release: FI 08.0.30 Technology: OSPF - IPv4 Open Shortest Path First Symptom: Packets will get looped between two OSPF neighbors and the source would get ICMP-Error as TTL expired. Condition: For an IP-address, static route is configured and an alternative route is learnt through OSPF for same IP-address. The outgoing interface of static route is flapped. Defect ID: DEFECT000572919 Technical Severity: Medium Product: Brocade FastIron OS Reported In Release: FI 08.0.30 Probability: Medium Technology Group: Security Technology: AAA - Authentication, Authorization, and Accounting Symptom: AAA authentication not working for standby and member console. Condition: This issue is seen during Rconsole to standby or member unit. Defect ID: DEFECT000572961 Technical Severity: High Product: Brocade FastIron OS Reported In Release: FI 08.0.40 Probability: High Technology Group: Layer 3 Routing/Network Layer Technology: DHCP - Dynamic Host Configuration Protocol Symptom: When DHCP client renews the ip with new list of options, previously received options are remaining across reloads Condition: When DHCP client renews the ip with new list of options, previously received options are persistent across reloads FastIron 08.0.50 for Brocade ICX Switches Release Notes Version 1 22 Defect ID: DEFECT000573611 Technical Severity: High Probability: Medium Product: Brocade FastIron OS Technology Group: Layer 2 Switching Reported In Release: FI 08.0.40 Technology: xSTP - Spanning Tree Protocols Symptom: The spanning tree on specific VLAN would malfunction, due to which customer traffic cannot be properly distributed. Condition: The issue only happens in specific ports in VLAN runs 802.1w, and those ports in 802.1D compatible mode and when original ROOT bridge disappear. Workaround: Enable/disable ports can be used as workaround. Recovery: By enable/disable ports involved to trigger STP converge can quickly get the customer out of issue condition. Defect ID: DEFECT000573664 Technical Severity: Medium Probability: Medium Product: Brocade FastIron OS Technology Group: Security Reported In Release: FI 08.0.30 Technology: 802.1x Port-based Authentication Symptom: On FastIron devices, when "radius-server retransmit" is configured as x then it is not transmitting x times to radius-server. Condition: On FastIron devices, when "radius-server retransmit" is configured as x then it is not transmitting x times to radius-server. Defect ID: DEFECT000574609 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: Management Reported In Release: FI 08.0.30 Technology: Configuration Fundamentals Symptom: Newly connected PDs do not power up. Condition: With PSE to PSE connected and PoE enabled, other PSE might get detected as PD and power gets injected. This could cause the newly connected PDs to not power up. Workaround: User need to identify which port is being injected power and disable power from that PSE to this port. Recovery: User need to identify which port is being injected power and disable power from that PSE to this port. Defect ID: DEFECT000574850 Technical Severity: Medium Probability: Medium Product: Brocade FastIron OS Technology Group: Security Reported In Release: FI 08.0.30 Technology: ACLs - Access Control Lists Symptom: When customer has the IPV6 TCP established ACL on the switch it still allows new TCP connections for servers inside the network against dropping the connection. Condition: When port range is used while configuring the ACL, it is not applied on all the ports. Defect ID: DEFECT000574981 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: Management Reported In Release: FI 08.0.40 Technology: Configuration Fundamentals Allocated power is not released when PD goes to a fault state while power is allocated Symptom: Condition: When a PE is reloaded in SPX topology Workaround: Disable power on the ports that is connected to the other switch. Normal PDs will not go to fault state. FastIron 08.0.50 for Brocade ICX Switches Release Notes Version 1 23 Defect ID: DEFECT000575026 Technical Severity: High Product: Brocade FastIron OS Reported In Release: FI 08.0.40 Probability: High Technology Group: Layer 3 Routing/Network Layer Technology: DHCP - Dynamic Host Configuration Protocol Symptom: The dynamic options received by the DHCP client is not syncing to the standby unit except for the dynamic IP. The output of the CLI "show ip dhcp-client options" is empty in the standby unit. Condition: This issue happens when dynamic options received by DHCP client is failed to sync to standby Defect ID: DEFECT000575155 Technical Severity: High Probability: Medium Product: Brocade FastIron OS Technology Group: Layer 2 Switching Reported In Release: FI 08.0.40 Technology: Switch Port Extender Symptom: PEs getting detached in high CPU conditions Condition: High CPU and or network congestion due to over-subscription of high priority traffic Defect ID: DEFECT000575189 Technical Severity: High Probability: Medium Product: Brocade FastIron OS Technology Group: Management Reported In Release: FI 08.0.40 Technology: Configuration Fundamentals Symptom: In ICX7750-48C some of the output value of the command "phy dump_maumib" is not proper. Condition: This issue is on ICX7750-48C when the command "phy dump_maumib" is issued Defect ID: DEFECT000575759 Technical Severity: Medium Probability: Medium Product: Brocade FastIron OS Technology Group: Layer 3 Routing/Network Layer Reported In Release: FI 08.0.30 Technology: OSPFv3 - IPv6 Open Shortest Path First Symptom: In the Fastiron device, OSPFv3 hello timer does not reflect the value configured on the fly. Condition: When the hello interval timer is changed multiple times on the fly, the Fastiron device does not reflect the confgiured value and sends more hello packets within one second. Defect ID: DEFECT000577109 Technical Severity: High Probability: Medium Product: Brocade FastIron OS Technology Group: SDN Reported In Release: FI 08.0.40 Technology: OpenFlow System may become unresponsive when a large number of flows are installed in a single shot. Symptom: Condition: The system is unresponsive due to installation of large number (4000) of flows. This is usually seen during testing with IXIA with large number of flows in burst mode without ACK wait period between the flows. Workaround: Use alternative controllers like OVS those who wait for ACK after each flow is pushed or Install flows one by one with a second or so delay which gives adequate time to finish. Defect ID: DEFECT000577220 Technical Severity: Medium Probability: Medium Product: Brocade FastIron OS Technology Group: Monitoring Reported In Release: FI 08.0.30 Technology: Hardware Monitoring Symptom: The SNMP Trap is not generated when the FAN unit is removed from the ICX7450 stack member unit Condition: This issue is reported on ICX7450 stacking member unit when the FAN unit is removed from that member unit FastIron 08.0.50 for Brocade ICX Switches Release Notes Version 1 24 Defect ID: DEFECT000577328 Technical Severity: Medium Probability: High Product: Brocade FastIron OS Technology Group: SDN Reported In Release: FI 08.0.30 Technology: OpenFlow Symptom: OpenFlow connection will not be stable while using Brocade Vayata Controller / Brocade SDN Controller. Condition: If TLS option is used for OpenFlow connection from Brocade Vayata Controller, then the connection may not be successful. Workaround: CLI command "openflow hello-reply disable" can be used to overcome this behavior Defect ID: DEFECT000577483 Technical Severity: Critical Probability: Medium Product: Brocade FastIron OS Technology Group: Management Reported In Release: FI 08.0.40 Technology: Configuration Fundamentals Symptom: On ICX7450 system some of the interfaces which are Up and in Forwarding state shows the speed and duplex value as "non" in the "show interface" command output Condition: This happens on ICX7450 interfaces when "show interface" command is issued Defect ID: DEFECT000577510 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: Management Reported In Release: FI 08.0.40 Technology: Configuration Fundamentals Symptom: Link is Up both sides when local end is configured 1G and remote side is 100M using TX optic Condition: Observed after a reboot Workaround: If forced mode 1000 is required, the user may set speed 1000-full-master or 1000-full-slave Defect ID: DEFECT000577663 Technical Severity: Medium Probability: High Product: Brocade FastIron OS Technology Group: Layer 2 Switching Reported In Release: FI 08.0.30 Technology: VLAN - Virtual LAN Symptom: L2 control packets and ARP packets are getting flooded while receiving it on the route-only enabled interface(route-only is configured on interface level). Condition: Flooding of L2 control packets and ARP packets is not prevented when the packets received on interface which is configured as route-only interface using interface level command. Recovery: Upgrade to FI 8.0.30f or FI 8.0.40a, but Multicast traffic will still be flooded with route-only configuration. This is being addressed in FI 8.0.50. Defect ID: DEFECT000577741 Technical Severity: Medium Probability: Medium Product: Brocade FastIron OS Technology Group: Security Reported In Release: FI 08.0.30 Technology: ACLs - Access Control Lists In L3 FastIron device, a physical port configured with 'acl-logging' cannot be made member of a Symptom: VLAN without virtual-router interface. Condition: 'acl-logging' command is configured on a physical interface and the port need to be made member of a VLAN. FastIron 08.0.50 for Brocade ICX Switches Release Notes Version 1 25 Defect ID: DEFECT000578555 Technical Severity: High Probability: Medium Product: Brocade FastIron OS Technology Group: Layer 2 Switching Reported In Release: FI 08.0.40 Technology: LAG - Link Aggregation Group Symptom: When stack mac is removed, the dynamic lag's secondary port's admin state will be disabled on standby unit. As the result, if you do a switch over, those ports will be disabled although user never intend to disable them. Condition: Removing stack mac for the system with dynamic lag configured in the system. Recovery: By re-configuring stack mac after switchover. Defect ID: DEFECT000578581 Technical Severity: High Probability: Medium Product: Brocade FastIron OS Technology Group: Traffic Management Reported In Release: FI 08.0.40 Technology: QoS - Quality of Service Symptom: The PFC (Priority flow control) does not work as expected on ICX7450 4x10F module port Condition: This issue happens on ICX7450 4x10F port when PFC is configured Defect ID: DEFECT000578773 Technical Severity: High Probability: High Brocade FastIron OS Product: Technology Group: Management Reported In Release: FI 08.0.40 Technology: Configuration Fundamentals Symptom: The remote link partner port does not go down when ICX7450-48F port with copper SPF optics is Disabled Condition: This issue happen on ICX7450-48F port with copper SFP optics Defect ID: DEFECT000579008 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: Stacking Reported In Release: FI 08.0.40 Technology: Mixed Stacking Symptom: High cpu may be observed during multivaln configuration when there are more telnet session Condition: When there are multiple telnet sessions, high cpu may be triggered with multivlan configuration Defect ID: DEFECT000579222 Technical Severity: High Product: Brocade FastIron OS Reported In Release: FI 08.0.40 Probability: High Technology Group: Layer 3 Routing/Network Layer Technology: DHCP - Dynamic Host Configuration Protocol Symptom: DHCP server bindings are not displaying when dhcp client is received the IP on management port. Condition: the dhcp server bindings are not displaying the provided ip, when dynamic ip is assigned to DUT management port. Defect ID: DEFECT000579240 Technical Severity: Medium Probability: High Product: Brocade FastIron OS Technology Group: Layer 3 Routing/Network Layer Reported In Release: FI 08.0.40 Technology: DNS - Domain Name System Symptom: statically configured dns server address is retained even after the configuration is removed Condition: statically configured dns server address is retained even after the configuration is remove FastIron 08.0.50 for Brocade ICX Switches Release Notes Version 1 26 Defect ID: DEFECT000579507 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: Traffic Management Reported In Release: FI 08.0.40 Technology: QoS - Quality of Service Symptom: PFC packets are not transmitted to the remote switch. Condition: When PG priority in an ingress profile is set to Level6 Workaround: With level6 on the ingress profile, the user can enable "priority-flow-control 1" to send PFC packets to the remote switch. Defect ID: DEFECT000580211 Technical Severity: High Probability: Medium Product: Brocade FastIron OS Technology Group: Stacking Reported In Release: FI 08.0.40 Technology: Mixed Stacking Symptom: In 802.1br configurations, few minutes after power on the ICX device, may experience high CPU for few seconds because of LLDP protocol operations. High CPU may occur periodically on occurrence of LLDP PDU transmit interval expiry too. Condition: In 802.1br configurations, when number of interface configurations are increased and if LLDP is enabled on all the interfaces,then, may experience high CPU for few seconds because of LLDP protocol operations. High CPU may occur periodically on occurrence of LLDP PDU transmit interval expiry too. Workaround: When 802.1br is configured on the ICX device, by default all the 8021br capable interfaces and regular interfaces are enabled with LLDP protocol. Customer may manually disable LLDP on "Non 802.1br" capable interfaces to avoid the high CPU. Brocade Lab experiment shown that LLDP can be enabled on max 250 interfaces, including 802.1br and regular interfaces, without spiking the CPU. Defect ID: DEFECT000580274 Technical Severity: High Product: Brocade FastIron OS Reported In Release: FI 08.0.40 Probability: High Technology Group: Layer 3 Routing/Network Layer Technology: DHCP - Dynamic Host Configuration Protocol Symptom: TFTP server ip address received from DHCP server does not sync to standby units Condition: TFTP server ip address received from DHCP server does not sync to standby units Defect ID: DEFECT000580321 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: Management Reported In Release: FI 08.0.40 Technology: Configuration Fundamentals Symptom: On ICX7250-48P the communication is lost between PoE controller and PoE Port after disable/enable operation on POE ports. Condition: This issue happens on ICX7250-48P POE ports Defect ID: DEFECT000580571 Technical Severity: Medium Probability: High Product: Brocade FastIron OS Technology Group: Monitoring Reported In Release: FI 08.0.40 Technology: Hardware Monitoring On ICX7750-48C 10G copper port the link toggle (up-down) event was observed when it does not Symptom: have any connection and it was up sometime back in the past Condition: This issue happens on ICX7750 10G copper port only FastIron 08.0.50 for Brocade ICX Switches Release Notes Version 1 27 Defect ID: DEFECT000580572 Technical Severity: Medium Probability: High Product: Brocade FastIron OS Technology Group: Management Reported In Release: FI 08.0.40 Technology: Configuration Fundamentals Symptom: On ICX7450-32ZP 2.5G port if the port is configured with "speed-duplex 2500-full-master" or "speed-duplex 2500-full-slave" command then issuing the CLI "no interface ethernet" does not remove the earlier configuration from the port Condition: This issue happens on ICX7450-32ZP 2.5G port having configuration: "speed-duplex 2500-fullmaster" or "speed-duplex 2500-full-slave" Workaround: The user can go to the interface and change the speed to default Defect ID: DEFECT000580643 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: Stacking Reported In Release: FI 08.0.40 Technology: Mixed Stacking Symptom: SNMP tool allows to disable SPX ports in Switch port extender topology Condition: When SPX port is disable from SNMP tool Defect ID: DEFECT000580689 Technical Severity: Medium Probability: High Product: Brocade FastIron OS Technology Group: Security Reported In Release: FI 08.0.40 Technology: 802.1x Port-based Authentication Symptom: User does not get authenticated after standby reloads Condition: When standby reloads and stops at boot prompt in a 2 unit stack Defect ID: DEFECT000580790 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: Stacking Reported In Release: FI 08.0.40 Technology: Mixed Stacking Symptom: During spx-lag to spx-port conversion, PE may get detached. Condition: when many ports are being changed in one shot using multi-spx-lag/spx-port CLI, PE can get detached. Workaround: Try with very few ports changes while using multi-spx-lag/spx-port CLI. Defect ID: DEFECT000580812 Technical Severity: Medium Probability: Medium Product: Brocade FastIron OS Technology Group: Stacking Reported In Release: FI 08.0.40 Technology: Mixed Stacking In 802.1br configuration, if VP (virtual port) interface is configured as un-tagged interface port, CB or Symptom: Controller Bridge which receiving the LLDP packets from this interface may drop the packet. Condition: Enable 802.1br configuration, and configure VP interface as un tagged interface port. Receive untagged LLDP packets on this interface. Workaround: workaround: enable the CLI command "lldp tagged-packets process" on the interface to receive and process the LLDP packet on this interface. Defect ID: DEFECT000580816 Technical Severity: High Probability: Medium Product: Brocade FastIron OS Technology Group: Security Reported In Release: FI 08.0.40 Technology: ACLs - Access Control Lists Symptom: In a fully scaled scenario when there is no space to fit more ACL, the configuration is still accepted and shows up in running configuration Condition: In a fully scaled scenario when there is no space to fit more ACL FastIron 08.0.50 for Brocade ICX Switches Release Notes Version 1 28 Defect ID: DEFECT000580819 Technical Severity: High Probability: Low Product: Brocade FastIron OS Technology Group: Management Reported In Release: FI 08.0.30 Technology: Configuration Fundamentals Symptom: Some specific vendor PDs gets to overload state Condition: Upon reload of the PD Defect ID: DEFECT000581166 Technical Severity: Medium Probability: High Product: Brocade FastIron OS Technology Group: Security Reported In Release: FI 08.0.40 Technology: ACLs - Access Control Lists Symptom: Stack traces are seen on the console when "no dual-mode" is configured on a dual-mode port Condition: When no dual -mode command is configured on a dual-mode port and it has mac filter configured this issue occurs. Defect ID: DEFECT000581737 Technical Severity: Medium Product: Brocade FastIron OS Reported In Release: FI 08.0.30 Probability: High Technology Group: Management Technology: SNMP - Simple Network Management Protocol Symptom: Snmpwalk of the snRtIpStaticRouteTable returns ''No Such Object available on this agent at this OID" # snmpwalk -v2c -c public 1.3.6.1.4.1.1991.1.2.2.2 SNMPv2-SMI::enterprises.1991.1.2.2.2 = No Such Object available on this agent at this OID Condition: snRtIpStaticRouteTable is polled from SNMP using GET/GETNEXT Defect ID: DEFECT000582613 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: Layer 2 Switching Reported In Release: FI 08.0.40 Technology: QnQ - IEEE 802.1Q Traffic drop due to stale entry at interface level in Hardware TCAM. Symptom: Condition: When "Route-only" feature is enabled at global level and when "no vlan " is executed. This issue will be seen. Defect ID: DEFECT000582687 Technical Severity: Medium Probability: High Product: Brocade FastIron OS Technology Group: Management Reported In Release: FI 08.0.30 Technology: Management GUI Symptom: Port may flap when changing the port name through GUI web interface. Condition: Configuring port name through WEB interface. Defect ID: DEFECT000582883 Technical Severity: High Probability: High Brocade FastIron OS Product: Technology Group: Stacking Reported In Release: FI 08.0.40 Technology: Stack Management Symptom: SNMP response for the port identifier in snIfIndexLookup2Table is not matching with CLI, for slot 2 of ICX7750 device in SPX stack mode. Condition: User will see the identifier mismatch between CLI and BNA when SNMP get or walk is performed for the port identifier in snIfIndexLookup2Table, for slot 2 of ICX7750 device in SPX stack mode. FastIron 08.0.50 for Brocade ICX Switches Release Notes Version 1 29 Defect ID: DEFECT000583536 Technical Severity: Medium Probability: Medium Product: Brocade FastIron OS Technology Group: Security Reported In Release: FI 08.0.30 Technology: SSH - Secure Shell Symptom: FI device does not provide provision to use Yubikey for authentication. Condition: SSH access to the FI device is to be allowed through Yubikey. Defect ID: DEFECT000583613 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: Layer 3 Routing/Network Layer Reported In Release: FI 08.0.50 Technology: IPv6 Addressing Symptom: An API for allocating memory was previously not used. As part of IPSEC we used that API and found a defect and fixed it. Condition: An API for allocating memory was previously not used. As part of IPSEC we used that API and found a defect and fixed it. Defect ID: DEFECT000583955 Technical Severity: Medium Probability: Medium Product: Brocade FastIron OS Technology Group: Layer 3 Routing/Network Layer Reported In Release: FI 08.0.30 Technology: ARP - Address Resolution Protocol Symptom: The unicast ARP reply is flooded in the VLAN. Condition: In ICX7xxx devices, the unicast ARP reply destined to the device is flooded to other ports in the VLAN. Defect ID: DEFECT000584012 Technical Severity: Medium Probability: Medium Product: Brocade FastIron OS Technology Group: Layer 3 Routing/Network Layer Reported In Release: FI 08.0.30 Technology: RIP - IPv4 Routing Information Protocol Symptom: High CPU utilization due to UDP traffic destined for port 520 forwarded to CPU. Condition: UDP traffic with destination port as 520. Defect ID: DEFECT000584250 Technical Severity: Medium Probability: Medium Product: Brocade FastIron OS Technology Group: Monitoring Reported In Release: FI 08.0.30 Technology: Hardware Monitoring Fans connected are oscillating high & low when the temperature crosses threshold temperature. Symptom: Condition: 4x10G copper modules inserted in slot 3 & 4 with high fan speed in ICX7450. Workaround: Remove redundant fan to keep the threshold temperature higher than the actual value. Defect ID: DEFECT000584788 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: Management Reported In Release: FI 08.0.40 Technology: CLI - Command Line Interface Symptom: Media is not being detected when Mellanox QSA with SR,LR and USR SFP+ Condition: Support for QSA adapter is new feature in 8040a. This issue will exist only with older releases. FastIron 08.0.50 for Brocade ICX Switches Release Notes Version 1 30 Defect ID: DEFECT000584814 Technical Severity: Medium Probability: Low Product: Brocade FastIron OS Technology Group: Stacking Reported In Release: FI 08.0.30 Technology: Stack Management Symptom: Following error gets printed on the console. Doesn't have any functional impact. Error: Module 256 is not a POE module Condition: Following error gets printed on the console. Doesn't have any functional impact. Error: Module 256 is not a POE module Defect ID: DEFECT000584820 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: Management FI 08.0.30 Reported In Release: Technology: PoE/PoE+ - Power over Ethernet Symptom: The VOIP phone will be detected as Non-PD device. Condition: When the POE interface is disabled and enabled, the phone will be detected as Non-PD device. Defect ID: DEFECT000584829 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: Security Reported In Release: FI 08.0.30 Technology: 802.1x Port-based Authentication Symptom: 802.1X and MAC-Authentication are enabled on interface. If client sends traffic without sending 802.1X packet. The client fails MAC-Authentication and remains in blocked state. When client tries 802.1X authentication, the client is not authenticated and remains in blocked state forever. Condition: 802.1X and MAC-Authentication are enabled on interface. When client fails MAC-authentication and it tries 802.1X authentication. Defect ID: DEFECT000584837 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: Layer 2 Switching Reported In Release: FI 08.0.40 Technology: Switch Port Extender Symptom: PE unit MAC entries are not aging out. Condition: PE unit is connected via member unit of CB stack Defect ID: DEFECT000584843 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: Layer 2 Switching Reported In Release: FI 08.0.40 Technology: xSTP - Spanning Tree Protocols Symptom: Primary port of SPX LAG in disabled state after reloading the device when SSTP is enabled on the device. Condition: When SPX units are reloaded following the configuration of "spanning-tree single 802-1w," the Primary port of the SPX lag comes up in Disable state FastIron 08.0.50 for Brocade ICX Switches Release Notes Version 1 31 Defect ID: DEFECT000584913 Technical Severity: Medium Probability: High Product: Brocade FastIron OS Technology Group: Layer 2 Switching Reported In Release: FI 08.0.40 Technology: LAG - Link Aggregation Group Symptom: There is no console message indicating that port is being disabled by system due to removed from lag. In 7.x image, there was console message. Condition: When customer remove a 'secondary' port from dynamic/static lag, there is no console message indicating the removed port is disabled. Workaround: Check sys log, user can observe the log message about those removed port being disabled by system. Defect ID: DEFECT000585162 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: Security Reported In Release: FI 08.0.40 Technology: 802.1x Port-based Authentication Symptom: Memory usage is increasing Condition: As number of users authenticated by using 802.1X increase Defect ID: DEFECT000585173 Technical Severity: Medium Probability: High Product: Brocade FastIron OS Technology Group: Layer 2 Switching Reported In Release: FI 08.0.40 Technology: Switch Port Extender Symptom: High CPU observed on SPX system due BUM traffic in a VLAN with STP configured is not flooded correctly. Condition: Seen on VLANs that have SPX PE Ports configured in it. Defect ID: DEFECT000585197 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: Layer 2 Switching Reported In Release: FI 08.0.40 Technology: VLAN - Virtual LAN Symptom: The BUM traffic flooded to a VLAN is not forwarded on PE (Port Extender device/switch) ports in an SPX system. Condition: Addition or deletion of ports in a VLAN running STP/RSTP or an SPX reload/switchover may result in modifying the PE forwarding entry (Multicast ECIDs) with no member ports. Defect ID: DEFECT000585394 Technical Severity: High Product: Brocade FastIron OS Reported In Release: FI 08.0.40 Probability: High Technology Group: Security Technology: AAA - Authentication, Authorization, and Accounting Symptom: The device hangs and impacts control protocol traffic resulting in session flaps. Condition: When username or password is changed, the device hangs and impacts control protocol traffic resulting in session flaps. Defect ID: DEFECT000585403 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: Security FI 08.0.40 Reported In Release: Technology: ACLs - Access Control Lists Symptom: IPV6 egress ACL rules blocking ICMP packets and bringing OSPFv3 Neighbor ship down Condition: When device has OSPFv3 and IPV6 egress ACL configured, ICMP packets are blocked FastIron 08.0.50 for Brocade ICX Switches Release Notes Version 1 32 Defect ID: DEFECT000585440 Technical Severity: Medium Probability: Medium Product: Brocade FastIron OS Technology Group: Management Reported In Release: FI 08.0.30 Technology: Management GUI Symptom: FI device may unexpectedly reload on WEB/HTTPS session logout. Condition: Web/HTTPS session logout or manually copying following configuration from file to CLI, where extra space may be added to the contact or location. snmp-server location VS-RZ1 snmp-server contact IT06-1 Defect ID: DEFECT000585493 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: Management FI 08.0.30 Reported In Release: Technology: PoE/PoE+ - Power over Ethernet Symptom: Cisco 7960 phone connected to the standby unit is detected as Non-PD. Condition: When non-pd-detection is enabled in ICX7450, the Cisco phone connected to the standby unit is detected as Non-PD device. Defect ID: DEFECT000585518 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: Management Reported In Release: FI 08.0.30 Technology: PoE/PoE+ - Power over Ethernet Symptom: Power is allocated to the Non-PD device connected to the POE port. Condition: When non-pd-detection is enabled, failed to detect Non-PD device connected to the POE port. Defect ID: DEFECT000585534 Technical Severity: High Probability: Medium Brocade FastIron OS Product: Technology Group: SDN Reported In Release: FI 08.0.40 Technology: OpenFlow Symptom: Installed Generic flows are not cleared impacting the functionality. Condition: 1. Add generic flows from the controller to device. 2. Clear openflow all command fails to delete these generic flows. Defect ID: DEFECT000585578 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: Management Reported In Release: FI 08.0.30 Technology: PoE/PoE+ - Power over Ethernet Symptom: A valid PD device is detected as Non-PD when it is connected to the primary port of the LAG. Condition: When non-pd-detection is enabled, the valid PD device connected to the primary port is detected as Non-PD. Defect ID: DEFECT000585681 Technical Severity: High Probability: High Brocade FastIron OS Product: Technology Group: Security Reported In Release: FI 08.0.40 Technology: 802.1x Port-based Authentication Symptom: Flexauth port is not moved to auth-def-vlan Condition: Port is disabled with active flexauth sessions on the port. In this scenario it is observed that port is not moved from radius assigned dynamic vlan to auth-defvlan FastIron 08.0.50 for Brocade ICX Switches Release Notes Version 1 33 Defect ID: DEFECT000585796 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: Security Reported In Release: FI 08.0.40 Technology: 802.1x Port-based Authentication Symptom: unexpected reload is seen Condition: When User is authenticating with incorrect credentials Defect ID: DEFECT000585812 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: Traffic Management Reported In Release: FI 08.0.40 Technology: Rate Limiting and Shaping Symptom: Flow based ACL fixed rate-limit is not taking effect on PE ports. Condition: Configure traffic policy with fixed rate-limit. Configure this traffic policy in ACL and apply on VE having PE ports. Verify traffic is limiting at fixed limit or not. It was not taking effect. Defect ID: DEFECT000585815 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: Traffic Management Reported In Release: FI 08.0.40 Technology: Rate Limiting and Shaping Flow based adaptive rate-limit is not taking effect on PE port in SPX topology. Symptom: Condition: Configure traffic policy with adaptive rate-limit. Configure this traffic policy in ACL and apply on VE having PE ports. Verify if traffic is limiting at configured limit or not. It was not taking effect. Defect ID: DEFECT000586015 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: Stacking Reported In Release: FI 08.0.50 Technology: Stack Failover/Switchover Symptom: L2 Multicast data traffic stops forwarding to some ports with receivers. Condition: The above symptom is observed when a vlan is configured with pimism-snooping and also the global command "no ip/ipv6 pimsm-snooping" is configured. This command triggers removal of router-ports from each vlan without checking the local configured state. Workaround: Do not remove the global configuration when local configuration are present. Or do not configure both at the same time. Recovery: "clear ip multicast cache" will recover the 'OIFs' Defect ID: DEFECT000586341 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: Management Reported In Release: FI 08.0.40 Technology: Configuration Fundamentals Symptom: Unexpected reload observed Condition: When "format disk0" command is issued for USB flash Defect ID: DEFECT000586351 Technical Severity: High Probability: Medium Product: Brocade FastIron OS Technology Group: Stacking Reported In Release: FI 08.0.30 Technology: Stack Failover/Switchover Symptom: Unable to get configuration mode in CLI using "config t" with following message. mailto:telnet@T1-CORE-SW-ICX7750#conf t Standby unit not ready yet, please try again. Condition: CLI Configuration mode can be unavailable in a stack after configuration update or image update. FastIron 08.0.50 for Brocade ICX Switches Release Notes Version 1 34 Defect ID: DEFECT000586759 Technical Severity: Medium Product: Brocade FastIron OS Reported In Release: FI 08.0.40 Probability: High Technology Group: Monitoring Technology: OAM - Operations, Admin & Maintenance Symptom: Peer ports go down and packets are not received at switch Condition: Issue was observed when the peer was reset and the links did not come up. Defect ID: DEFECT000586791 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: Layer 2 Switching Reported In Release: FI 08.0.30 Technology: MCT - Multi-Chassis Trunking Symptom: MCT unable to synchronize the LACP configuration after the LAG is re-deployed and LACP stuck in inactive or blocked state. Condition: Re-deploy MCT LACP to server Defect ID: DEFECT000587072 Technical Severity: Low Product: Brocade FastIron OS Reported In Release: FI 08.0.30 Probability: High Technology Group: Security Technology: AAA - Authentication, Authorization, and Accounting Symptom: RADIUS server receives ACCESS-REQUEST packet without NAS-PORT-ID attribute. Condition: FI device is configured to authenticate clients using RADIUS server and 802.1X or MACauthentication is enabled on a port.. Defect ID: DEFECT000587195 Technical Severity: Medium Probability: High Brocade FastIron OS Product: Technology Group: Security Reported In Release: FI 08.0.40 Technology: 802.1x Port-based Authentication Symptom: stack traces are seen on console Condition: During a reload when standby is being elected and there are already authenticated Users Defect ID: DEFECT000587308 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: Stacking Reported In Release: FI 08.0.40 Technology: Traditional Stacking Symptom: The configuration "speed-duplex 100-half" and "speed-duplex 10-half" was restricted on ICX7450 and ICX7250 1G copper ports Condition: When the CLI "speed-duplex 100-half" or "speed-duplex 10-half" was executed for ICX7450 and ICX7250 1G copper ports Defect ID: DEFECT000587411 Technical Severity: High Probability: High Brocade FastIron OS Product: Technology Group: Layer 3 Routing/Network Layer Reported In Release: FI 08.0.40 Technology: IP Addressing Symptom: sFlow packets may not be reaching collector, connected over data port in a stacking system Condition: Routed L3 unicast traffic with UDP source port 8888 is dropped in the system. And this impacts sFlow, since sFlow uses UDP source port 8888 to export packets to Collector FastIron 08.0.50 for Brocade ICX Switches Release Notes Version 1 35 Defect ID: DEFECT000587488 Technical Severity: High Probability: Medium Product: Brocade FastIron OS Technology Group: Layer 2 Switching Reported In Release: FI 08.0.30 Technology: LAG - Link Aggregation Group Symptom: In a stacking configuration with ICX 7450, the LAG ports for internal trunk to the stack member stays down after reload. Condition: LAG ports of internal trunk to the stack member are stuck in block state on reload, after upgrade to FI 8.0.30e or FI 8.0.30f. Defect ID: DEFECT000587494 Technical Severity: High Probability: Medium Product: Brocade FastIron OS Technology Group: Management Reported In Release: FI 08.0.30 Technology: LLDP - Link Layer Discovery Protocol Symptom: FI device may unexpectedly reload when plugging/unplugging phone by LLDP. Condition: This issue may occur on FI device connected to a phone with LLDP Workaround: Remove "lldp enable snmp med-topo-change-notifications ports" configuration Defect ID: DEFECT000587882 Technical Severity: Medium Probability: Medium Product: Brocade FastIron OS Technology Group: Management Reported In Release: FI 08.0.40 Technology: Configuration Fundamentals Symptom: while copying startup configuration file from external USB to the ICX system, if the file is not present in the USB, this command could erase the already existing startup configuration in the system. Condition: The startup configuration in the ICX system was removed before copying the new startup configuration from external USB. When a valid configuration file is not present in external USB before copying the startup configuration, the existing configuration in the system is removed. Workaround: Copy a valid configuration file in the external USB, before attempting copy of configuration file from external USB to ICX system Recovery: Copy a valid configuration file in the external USB, and retry the command to copy the configuration file from USB to ICX system. Defect ID: DEFECT000587959 Technical Severity: High Product: Brocade FastIron OS Reported In Release: FI 08.0.40 Probability: High Technology Group: IP Multicast Technology: IGMP - Internet Group Management Protocol IGMP Static groups are not deleted when user un-configures through CLI. This happens only when Symptom: last physical interface is removed from IGMP static route configuration and VE interface is in down state. If VE interface is in Up state then this issue is not observed. Condition: This issue exists in release 8.0.20, 8.0.30, 8.0.40 FastIron 08.0.50 for Brocade ICX Switches Release Notes Version 1 36 Defect ID: DEFECT000587960 Technical Severity: Medium Product: Brocade FastIron OS Reported In Release: FI 08.0.40 Probability: High Technology Group: IP Multicast Technology: IGMP - Internet Group Management Protocol Symptom: Incomplete output for command "show ip igmp group". Condition: This is observed in ICX devices with 48 port, when static IGMP group is enabled on all ports. Example: interface ve 4050 ip igmp static-group 239.0.0.1 ethernet 1/1/1 to 1/1/48 Workaround: As a workaround, user can use command "show ip igmp group" with filters for any specific port or option. Defect ID: DEFECT000588524 Technical Severity: Medium Probability: High Product: Brocade FastIron OS Technology Group: Security Reported In Release: FI 08.0.40 Technology: 802.1x Port-based Authentication Symptom: Syslog mentions user as MACAUTH, even though mac-auth is not enabled on the port Condition: When source guard is enabled on the ports with dot1x and sending host traffic with an IP Address that doesn't exist in the snooping table, traffic is blocked. But the syslog message wrongly mentions User as mac-auth user. Defect ID: DEFECT000588616 Technical Severity: High Probability: High Brocade FastIron OS Product: Technology Group: SDN Reported In Release: FI 08.0.40 Technology: OpenFlow Symptom: Unexpected reload observed. Condition: When openflow flows are installed and "stack switch-over" is done. After the purge timer has expired (600sec i.e "openflow purge-time ), the device reloads. Defect ID: DEFECT000588652 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: Stacking Reported In Release: FI 08.0.30 Technology: Traditional Stacking Symptom: After upgrading from FI 8.0.30d to FI 8.0.30f, the standby unit stuck in synchronizing state. Condition: Upgrade of stack from FI 8.0.30d to FI 8.0.30f and use of stack trunk ports. Workaround: Use 40G stack port instead of stack trunk ports. Defect ID: DEFECT000588685 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: Security Reported In Release: FI 08.0.40 Technology: 802.1x Port-based Authentication Symptom: Authenticated user is unable to get IP address using DHCP Condition: User authentication is triggered by tagged traffic and subsequently user is authenticated. However, authenticated user is unable to get IP address using DHCP FastIron 08.0.50 for Brocade ICX Switches Release Notes Version 1 37 Defect ID: DEFECT000588844 Technical Severity: Medium Probability: High Product: Brocade FastIron OS Technology Group: Security Reported In Release: FI 08.0.50 Technology: ACLs - Access Control Lists Symptom: Repeated display output for MAC filter show command. Condition: It happens if MAC filters configured are >10. Defect ID: DEFECT000589127 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: IP Multicast Reported In Release: FI 08.0.40 Technology: PIM - Protocol-Independent Multicast Symptom: Unconfiguring PIM SM Snooping global command is affecting the PIM SM MCache that have vlan level PIM SM Snooping enabled. This leads to deletion of PIM SM OIFs in snooping MCache causing a traffic drop. Condition: Multicast traffic drop for some time when unconfiguring PIM SM Snooping global command. Workaround: PIM SM Snooping MCache OIFs will be added again during the reception of next Join messages and that will restore the multicast traffic. Defect ID: DEFECT000589186 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: Traffic Management Reported In Release: FI 08.0.30 Technology: Rate Limiting and Shaping Symptom: Spirent reporting re-order packets in one direction Condition: ICX 7450 sends out of order packets when traffic mix consists of 64B and 9000B frames. Since these frames carry the same L2/L3/L4 header, they should be considered as one flow and hashed to same link in a trunk. Defect ID: DEFECT000589342 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: Management Reported In Release: FI 08.0.50 Technology: Management GUI Symptom: The device may hang while opening Lag Port Configuration page in Web GUI, when the setup is having more than 255 ports. Condition: In case the setup is having more than 255 ports, the device may hang while opening Lag Port Configuration page in Web GUI Defect ID: DEFECT000589732 Technical Severity: Medium Product: Brocade FastIron OS Reported In Release: FI 08.0.40 Probability: High Technology Group: Layer 3 Routing/Network Layer Technology: DHCP - Dynamic Host Configuration Protocol Symptom: DHCP Client does not display TFTP IP address. Condition: When the TFTP IP address is not received or not configured, then the DHCP client does not display TFTP IP address. Defect ID: DEFECT000589912 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: Security Reported In Release: FI 08.0.40 Technology: IP Source Guard Symptom: Dot1x Authentication is not happening Condition: Seen with PPPV enabled and IPSG is enabled with Dot1x FastIron 08.0.50 for Brocade ICX Switches Release Notes Version 1 38 Defect ID: DEFECT000590019 Technical Severity: Low Probability: Low Product: Brocade FastIron OS Technology Group: IP Multicast Reported In Release: FI 08.0.30 Technology: PIM - Protocol-Independent Multicast Symptom: In FastIron Products, Rate counter always displays zero in 'show ip pim mcache'. Condition: Multicast traffic with PIM SM configured and execution of 'show ip pim mcache' CLI command. Defect ID: DEFECT000590032 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: Stacking Reported In Release: FI 08.0.40 Technology: Traditional Stacking Symptom: The LFS (Link Fault Signalling) does not work on ICX7750-26Q module 1 ports. Whereas this command works on module 2 ports Condition: When link fault signalling is enabled on ICX7750-26Q unit module 1 ports Defect ID: DEFECT000590263 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: Security Reported In Release: FI 08.0.40 Technology: ACLs - Access Control Lists IPv4 ACL not taking effect or working as expected, though config shows it is applied. Symptom: Condition: IPv4 ACL applied on a virtual interface only to a subset of ports that belong to PE units. Reload of the entire stack or reload of PE unit to which the port belongs. Defect ID: DEFECT000590315 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: Stacking Reported In Release: FI 08.0.40 Technology: Stack Failover/Switchover Symptom: In an SPX setup, doing a switch over causes PE unit to unexpectedly reload with a watchdog timeout. Condition: During a switchover Defect ID: DEFECT000590363 Technical Severity: High Product: Brocade FastIron OS Reported In Release: FI 08.0.40 Probability: Low Technology Group: Layer 3 Routing/Network Layer Technology: DHCP - Dynamic Host Configuration Protocol Mac-address of dhcp (ipv6) clients is stored as 0000.0000.0000 in dhcpv6 snooping table when the Symptom: client renews its address. Condition: Issue is seen after a stack switch-over followed by renewal of clients IP address. Defect ID: DEFECT000590388 Technical Severity: Medium Probability: High Product: Brocade FastIron OS Technology Group: Management Reported In Release: FI 08.0.40 Technology: NTP - Network Time Protocol Symptom: output of ntp status will have just a number if the ntp source-interface is ve or loopback Condition: when ntp source-interface is configured as ve or loopback, ntp status will always displays a integer value. FastIron 08.0.50 for Brocade ICX Switches Release Notes Version 1 39 Defect ID: DEFECT000590442 Technical Severity: Critical Probability: High Product: Brocade FastIron OS Technology Group: Security Reported In Release: FI 08.0.40 Technology: HTTP/HTTPS Symptom: In some scenario, FastIron device may get reset when HTTPS connection is initiated. Condition: when HTTPS connection is initiated, to FastIron device, it resets at times. Defect ID: DEFECT000590454 Technical Severity: Medium Product: Brocade FastIron OS Reported In Release: FI 08.0.30 Probability: Medium Technology Group: Management Technology: SNMP - Simple Network Management Protocol Symptom: SNMP GET/GETNEXT on snAgGblDynMemFree, snAgGblDynMemTotal OIDs returns negative values. Condition: When snAgGblDynMemFree or snAgGblDynMemTotal objects are polled from SNMP. Defect ID: DEFECT000590787 Technical Severity: Medium Probability: High Product: Brocade FastIron OS Technology Group: Management Reported In Release: FI 08.0.40 Technology: NTP - Network Time Protocol Symptom: NTP server clock was not send to NTP client if NTP is a broadcast client . Condition: NTP server will not send synchronized clock if NTP broadcast packet was received. Defect ID: DEFECT000590803 Technical Severity: Medium Probability: High Product: Brocade FastIron OS Technology Group: Layer 2 Switching Reported In Release: FI 08.0.40 Technology: VLAN - Virtual LAN Symptom: "Scope" field in "show mstp configuration" command output will be INVALID i.e. "VLAN 0 to 0" for MSTP PVST mode. Condition: On Issuance of "show mstp configuration" in MSTP PVST mode, the error condition is seen. Defect ID: DEFECT000590858 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: Stacking Reported In Release: FI 08.0.30 Technology: Traditional Stacking BNA SNMP polling of FI device may cause the device to unexpectedly reload. Symptom: Condition: FI device managed by BNA or SNMP query to fetch dot1dBasePortIfIndex (1.3.6.1.2.1.17.1.4.1.2 ) OID with the index value as 0 or out of port value. Defect ID: DEFECT000591258 Technical Severity: Medium Probability: High Product: Brocade FastIron OS Technology Group: Stacking Reported In Release: FI 08.0.40 Technology: Mixed Stacking Symptom: On ICX7750 when "show media" command is executed then sometime the following error message comes up on console "M:9 L:0 - hal_pp_media_read, error in port 1/1/18 dev 0x50" Condition: This happens on ICX7750 in rare cases when "show media" command is executed FastIron 08.0.50 for Brocade ICX Switches Release Notes Version 1 40 Defect ID: DEFECT000591296 Technical Severity: Medium Probability: High Product: Brocade FastIron OS Technology Group: Security Reported In Release: FI 08.0.40 Technology: ACLs - Access Control Lists Symptom: IPV6 ACL produces error: "Insufficient hardware (TCAM) resource" and TCP Established rule not programmed for Egress direction. 7750switch(config-vif-124)# ipv6 traffic-filter IPv6printervlan-out out Error: Insufficient hardware resource for binding the V6 ACL IPv6printervlan-out to interface v124. ERROR: Insufficient hardware (TCAM) resource on unit 17410 for binding the IPv6 ACL IPv6printervlan-out to interface 124 Condition: Configuring egress TCP established ACL rule. Defect ID: DEFECT000591401 Technical Severity: Medium Probability: High Product: Brocade FastIron OS Technology Group: Stacking Reported In Release: FI 08.0.30 Technology: Stack Management Symptom: In ICX6450, show interface command output is inconsistent on stack member. Condition: In ICX6450 stack ports, the output of STP and flow control are incorrect in show interface command. Defect ID: DEFECT000591453 Technical Severity: Medium Probability: High Product: Brocade FastIron OS Technology Group: SDN Reported In Release: FI 08.0.40 Technology: OpenFlow Symptom: Flow with action as VLAN modification and out put action as a group of type SELECT is not modifying VLAN Condition: Flow with action as VLAN modification and out put action as a group of type SELECT. Defect ID: DEFECT000591492 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: Security Reported In Release: FI 08.0.50 Technology: ACLs - Access Control Lists Symptom: In SPX topology, IPv6 Ingress Deny ACL is blocking egress traffic Condition: IPv6 Ingress Deny ACL is applied on VE Defect ID: DEFECT000591509 Technical Severity: Medium Product: Brocade FastIron OS Reported In Release: FI 08.0.40 Probability: High Technology Group: Management Technology: SNMP - Simple Network Management Protocol Symptom: IPv6 access list not usable for SNMPv3 access control Condition: SNMPv3 access control with Switch Image Defect ID: DEFECT000591641 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: Stacking Reported In Release: FI 08.0.40 Technology: Traditional Stacking In the setup having ICX7750-48C to ICX7750-48C connected through the copper link, if the interface Symptom: speed is changed to 10Mbps full duplex using the CLI "speed-duplex 10-full" on both the sides then the link does not come up Condition: This happens on the ICX7750-48C to ICX7750-48C connection through the copper link, if the interface speed is changed to 10Mbps full duplex using the CLI "speed-duplex 10-full" on both the sides FastIron 08.0.50 for Brocade ICX Switches Release Notes Version 1 41 Defect ID: DEFECT000591832 Technical Severity: Medium Probability: High Product: Brocade FastIron OS Technology Group: Management Reported In Release: FI 08.0.40 Technology: Software Installation & Upgrade Symptom: The following message is observed - "Error! get_breakoutPort_from_swport(port=FF, module=3" with a stack trace Condition: After initiating Support save with breakout on SPX Defect ID: DEFECT000591846 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: Layer 2 Switching Reported In Release: FI 08.0.30 Technology: VLAN - Virtual LAN Symptom: After several consecutive enable/disable of route-only on global/interface level may not protect from IPv6 traffic flooding. Condition: IPv6 traffic flooding/loop is observed after changing route-only configuration several times from global to interface and vice versa. Defect ID: DEFECT000591873 Technical Severity: Medium Probability: Medium Product: Brocade FastIron OS Technology Group: Layer 2 Switching Reported In Release: FI 08.0.30 Technology: BPDU Guard - Bridge Protocol Data Unit Symptom: Continuous error messages are printed in the TELNET/SSH session for RSTP BPDU validation. Rstp_Tx(T=3674,port=1/1/48,vlan=1244): RSTP_CONFIG BPDU validation failed, portTimer{max_age=20,hello_time=2,fwd_delay=15) Rstp_Tx: TX BPDU, invalid 802.1w (len=64) 01 80 c2 00 00 00 cc 4e 24 e3 41 a5 00 27 42 42 03 00 00 02 02 7e 00 14 00 12 f2 20 94 00 0b ec 10 20 80 00 cc 4e 24 e3 41 76 80 30 00 02 00 14 00 02 00 0f 00 00 00 00 10 00 00 01 10 00 10 00 Rstp_Tx(T=3674)(vlan=1244,port=1/1/48) TYPE=Rstp_Bpdu pdu{rid=00140012f2209400,dbid=8000cc4e24e34176,rpc=200020000(0xbec1020),pid=0x830,msg_age=2,max_age=20,hello_time=2,fwd_delay=15} Condition: When RSTP is configured on the FI device, with Max allowed port path cost (i.e. Max - 200,000,000 as per standard) it results in total RPC [Root Path Cost] to be more than 200,000,000, based on the number of nodes in the Topology. Workaround: User have to configure the port path cost such that, the total RPC does not exceed 200,000,000 for any non-root bridge Defect ID: DEFECT000591963 Technical Severity: Medium Probability: High Product: Brocade FastIron OS Technology Group: Security Reported In Release: FI 08.0.40 Technology: ACLs - Access Control Lists Symptom: The following error is observed - "lc_is_port_vlan_member: vlan id 0 is invalid" on PE Condition: While applying access group on the VE interface on CB (ip access-group). FastIron 08.0.50 for Brocade ICX Switches Release Notes Version 1 42 Defect ID: DEFECT000591967 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: Security Reported In Release: FI 08.0.40 Technology: 802.1x Port-based Authentication Symptom: 802.1x guest-vlan command is missing from the config file Condition: Configure guest-vlan and enable 802.1x on the device. Then guest-vlan is no longer seen in config file. Defect ID: DEFECT000592035 Technical Severity: High Probability: Low Product: Brocade FastIron OS Technology Group: Stacking Reported In Release: FI 08.0.41 Technology: Stack Management Symptom: Stack formation takes 15-20 minutes under very rare conditions between ICX 7450-48P and ICX 7450-32P in a 2U stack Condition: Stacking with 40G between ICX 7450-48P and ICX 7450-32P units. The issue is not consistently observed and is very rare. Recovery: Stack formation happens by itself. Defect ID: DEFECT000592196 Technical Severity: Medium Probability: High Product: Brocade FastIron OS Technology Group: Monitoring Reported In Release: FI 08.0.40 Technology: Hardware Monitoring In a connection between ICX7750-48F fiber port having Copper GBIC optics and ICX6610 1G Symptom: copper port, the link remains Down on ICX7750 side whereas it remains Up in ICX6610 side. Condition: This happens when ICX7750-48F and ICX6610 are connected together using a copper cable with Copper GBIC optics on ICX7750-48F port Defect ID: DEFECT000592295 Technical Severity: High Probability: Medium Product: Brocade FastIron OS Technology Group: Security Reported In Release: FI 08.0.30 Technology: 802.1x Port-based Authentication Symptom: After receiving EAPOL-LOGOFF packet, FI device sends IDENTITY-REQUEST to supplicant. Condition: When 802.1X authentication is enabled on the interface and if the supplicant logs off, FI device sends IDENTITY_REQUEST. Defect ID: DEFECT000592332 Technical Severity: Medium Probability: High Product: Brocade FastIron OS Technology Group: Management Reported In Release: FI 08.0.40 Technology: NTP - Network Time Protocol Symptom: The clock on the member and PE units may not show synchronised time with the active unit Condition: The clock on the member and PE units may show the GMT+00 time, even though the clock on the active is configured to specific time zone. FastIron 08.0.50 for Brocade ICX Switches Release Notes Version 1 43 Defect ID: DEFECT000592550 Technical Severity: High Product: Brocade FastIron OS Reported In Release: FI 08.0.40 Symptom: ICX7250-48P Router# standby active +---+ +---+ +---+ | 3 |2/5==2/5| 2 |2/7==2/5| 1 | +---+ +---+ +---+ Probability: High Technology Group: Stacking Technology: Traditional Stacking trunk probe results: 2 links Link 1: u1 -- u2, num=2 1: 1/2/5 (T0) <---> 2/2/7 (T1) 2: 1/2/6 (T0) <--- 2/2/8 (T1) *** error: one-way Link 2: u2 -- u3, num=2 1: 2/2/5 (T0) <---> 3/2/5 (T0) 2: 2/2/6 (T0) ---> 3/2/6 (T0) *** error: one-way CPU to CPU packets are fine between 3 units. ICX7250-48P Router# Condition: 1. You have a stacking trunk in a stack system 2. When the system boot, you do "show stack connection". You might see this issue Workaround: This is a timing issue. Sometimes, reloading the stack system will work Defect ID: DEFECT000592680 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: Layer 2 Switching Reported In Release: FI 08.0.40 Technology: MRP - Metro Ring Protocol Symptom: Metro ring fail to converge if default tag-profile value is changed. Condition: Metro ring protocol will not converge, if tag-profile value is configured to any value other than its default value "0x8100" Workaround: Change the tag-profile value to its default value "0x8100" Recovery: Change the tag-profile value to its default value "0x8100" Defect ID: DEFECT000592735 Technical Severity: Critical Product: Brocade FastIron OS Reported In Release: FI 08.0.30 Symptom: Random ports state issues in ICX7750 Probability: Medium Technology Group: Management Technology: High Availability 1) Customer tries connecting server/laptop, ICX7750 reports Up/Blocking 2) With no device connected to port, ICX7750 reports Up/Blocking Condition: ICX7750 with no device connected to the ports. FastIron 08.0.50 for Brocade ICX Switches Release Notes Version 1 44 Defect ID: DEFECT000592864 Technical Severity: Medium Probability: High Product: Brocade FastIron OS Technology Group: Monitoring Reported In Release: FI 08.0.40 Technology: Port Mirroring Symptom: [FI08040a]:: "Error - Port 1/1/12:2 is already being monitored for inbound traffic!",seen after enabling port-monitoring and reloading.1BR-CBSTACK Condition: Name all ports in a lag same name. Then do "monitor named-port-monitored PORT_NAME ethernet 1/1/1 both". Write memory and reload. The error message will pop up when parsing startupconfiguration. Workaround: Don't name different ports same port name. Recovery: Remove same port name Defect ID: DEFECT000592903 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: Management Reported In Release: FI 08.0.40 Technology: NTP - Network Time Protocol Symptom: NTP may not work if Management VRF is configured on peer. Condition: peer[syn_active] mode will not have any synchronized clock if the communication happens over management VRF. Defect ID: DEFECT000593074 Technical Severity: Medium Probability: High Product: Brocade FastIron OS Technology Group: Layer 2 Switching Reported In Release: FI 08.0.40 Technology: VLAN - Virtual LAN Symptom: Conflicting error and success message while configuring static MAC address in a VLAN group. Success message message in syslog: Static Mac entry with Mac Address 0304:8000:0001 is added to portnumber 1/1/8:1 on VLANs 4030 to 4086 : No Src Port Suppression Error message on the screen: Error - Static MMAC address table is full. Condition: Configuring static MAC using a multicast MAC address in a VLAN group with a large amount of VLANs. Recovery: Delete the static MAC and add again with less VLANs in the VLAN group. Defect ID: DEFECT000593270 Technical Severity: Critical Probability: Low Product: Brocade FastIron OS Technology Group: Stacking Reported In Release: FI 08.0.40 Technology: Stack Management Symptom: After spx interface is converted to spx-lag from spx-port, a PE unit is reset unexpectedly. Condition: After spx interface is converted to spx-lag from spx-port, sometime some of PE packets do not reach CB during spx-port to spx-lag conversion. Workaround: Try with very few ports changes while using multi-spx-lag/spx-port CLI. Defect ID: DEFECT000593312 Technical Severity: Low Probability: High Product: Brocade FastIron OS Technology Group: Layer 3 Routing/Network Layer Reported In Release: FI 08.0.30 Technology: ARP - Address Resolution Protocol Symptom: Typo in help string for "show arp resource" command Condition: while using "sh arp resource" command , typo in help string FastIron 08.0.50 for Brocade ICX Switches Release Notes Version 1 45 Defect ID: DEFECT000593453 Technical Severity: High Product: Brocade FastIron OS Reported In Release: FI 08.0.40 Probability: High Technology Group: Management Technology: SNMP - Simple Network Management Protocol Symptom: SNMP walk for brcdSPXCBSPXPortTable and brcdSPXPEGroupTable may not display port 1/1/1 if it is configured as SPX-Port Condition: While doing SNMP walk for brcdSPXCBSPXPortTable and brcdSPXPEGroupTable, the port 1//1/1 may not get displayed even if it configured as SPX port Defect ID: DEFECT000593933 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: Layer 2 Switching Reported In Release: FI 08.0.40 Technology: VLAN - Virtual LAN Symptom: Unable to add the 64th VLAN to a VLAN group with static MAC configured Condition: Adding the 64th VLAN via "add-vlan " command to the VLAN group with a static MAC configured will get the error complaining that static MAC table is full. Workaround: Remove all static MAC from the VLAN group, then add all the needed VLANs to the VLAN group followed by configuring the static MAC. Defect ID: DEFECT000593972 Technical Severity: Medium Probability: High Product: Brocade FastIron OS Technology Group: Layer 3 Routing/Network Layer Reported In Release: FI 08.0.50 Technology: IP Addressing Symptom: VRRP will not work for ve interface. Condition: When VRRP is enabled on ve, which have only PE ports. Workaround: Add at least one CB port under ve interface. Defect ID: DEFECT000593994 Technical Severity: Medium Probability: Medium Product: Brocade FastIron OS Technology Group: Layer 2 Switching Reported In Release: FI 08.0.30 Technology: LAG - Link Aggregation Group Symptom: Dynamic LAG does not stay UP when ports are connected to openDBSD server. Condition: Dynamic LAG does not stay UP when ports are connected to server which supports Marker protocol. Defect ID: DEFECT000593998 Technical Severity: Critical Product: Brocade FastIron OS Reported In Release: FI 08.0.40 Probability: High Technology Group: Security Technology: AAA - Authentication, Authorization, and Accounting Symptom: Device may unexpectedly reload on login to console with local user name and password with AAA RADIUS configurations. Condition: AAA RADIUS for console is configured along with console time out and on login to console using local user /password, the device may unexpectedly reload. FastIron 08.0.50 for Brocade ICX Switches Release Notes Version 1 46 Defect ID: DEFECT000593999 Technical Severity: Medium Probability: Medium Product: Brocade FastIron OS Technology Group: Monitoring Reported In Release: FI 08.0.30 Technology: Syslog Symptom: Excessive syslog messages will be observed, when MAC movement happens on secure permanent MAC address. "SYSLOG: <12>Jan 1 00:56:31 Security: Port Security secure MAC address XXXX.XXXX.XXXX is refreshed on interface ethernet and not moved to interface ethernet in vlan " Condition: When a MAC is configured as secured MAC with port security enabled on a FI device and the MAC is moved to another port. Workaround: "no logging buffered warnings" will suppress all warning syslog in console. Defect ID: DEFECT000594429 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: Management Reported In Release: FI 08.0.30 Technology: LLDP - Link Layer Discovery Protocol Symptom: After receiving EAPOL-LOGOFF packet from 802.1X supplicant, the FI device would send LLDP packet with TTL set to 0. Condition: MAC authentication and 802.1X authentication are enabled on an interface in FI device. An LLDP endpoint device and a PC are connected to the interface. PC sends EAPOL-LOGOFF which causes FI device to send LLDP packet with TTL=0. Defect ID: DEFECT000594434 Technical Severity: High Probability: Medium Brocade FastIron OS Product: Technology Group: Management Reported In Release: FI 08.0.30 Technology: CDP - Cisco Discovery Protocol Symptom: The CDP packets with voice VLAN query is replied by FI device till the 802.1X supplicant is authenticated. Condition: 802.1X authentication and CDP-Pass-through feature are enabled. IP Phone running CDP does voice VLAN query before initiating 802.1X authentication. Defect ID: DEFECT000594566 Technical Severity: Low Probability: High Product: Brocade FastIron OS Technology Group: Layer 2 Switching Reported In Release: FI 08.0.30 Technology: LAG - Link Aggregation Group Symptom: LAG member ports transmits LACP/Marker protocol packets with agreegator MAC address as source MAC address. Condition: From section section 6.2.1 in IEEE 802.1AX standard, LACP/Marker protocol packets should be transmitted by member ports with port's unique MAC address as source MAC address. Defect ID: DEFECT000594933 Technical Severity: High Probability: Medium Product: Brocade FastIron OS Technology Group: Layer 2 Switching Reported In Release: FI 08.0.30 Technology: xSTP - Spanning Tree Protocols Symptom: Continuous STP flaps will be observed, when running spanning tree between ICX, Cisco and VDX switches due to forwarding of BPDU with wrong designated bridge Id by port belonging to Non root bridge. Condition: Running spanning tree between ICX, Cisco and VDX switches. With (ICX-1)Root, (ICX-2)Non-Root and VDX acting as a transparent switch which floods BPDU to Cisco. FastIron 08.0.50 for Brocade ICX Switches Release Notes Version 1 47 Defect ID: DEFECT000595017 Technical Severity: Medium Product: Brocade FastIron OS Reported In Release: FI 08.0.30 Probability: High Technology Group: Security Technology: AAA - Authentication, Authorization, and Accounting Symptom: When telnet idle timeout is configured as 1 minute, the telnet session times out before 1 minute (10 or lesser seconds prior). This will be observed from console logs. Condition: Telnet session times out randomly between 51 to 59 seconds, when the user configures idle timeout Defect ID: DEFECT000595043 Technical Severity: Critical Probability: High Product: Brocade FastIron OS Technology Group: Security Reported In Release: FI 08.0.40 Technology: RADIUS Symptom: FastIron device may reset while accounting with system events Condition: System reset may be observed when user tries to login with invalid credentials while accounting is configured for system events Defect ID: DEFECT000595220 Technical Severity: Medium Probability: High Product: Brocade FastIron OS Technology Group: Management Reported In Release: FI 08.0.50 Technology: CLI - Command Line Interface Symptom: When telnet authentication is enabled on FI devices and user attempts to login from telnet session with wrong login credentials the login prompt will wait indefinitely for the next user/password combination unless correct credentials are given or maximum login tries is reached Condition: When a telnet authentication is enabled on the device and if user tries with an invalid credentials Defect ID: DEFECT000595590 Technical Severity: Medium Probability: High Brocade FastIron OS Product: Technology Group: Layer 2 Switching Reported In Release: FI 08.0.30 Technology: VLAN - Virtual LAN Symptom: “password Override” is misspelled in “show mac-authentication configuration”. 7450-48P-5(config)#show mac-authentication configuration | inc ^Pass Passwird Override : Disabled Password Format : xxxxxxxxxxxx Condition: Execution of "show mac-authentication" command Defect ID: DEFECT000595882 Technical Severity: High Probability: Medium Product: Brocade FastIron OS Technology Group: Layer 2 Switching Reported In Release: FI 08.0.30 Technology: UDLD - Uni-Directional Link Detection Symptom: In ICX7450 3-unit stack, the link keepalive port is disabled on upgrade to the latest code version. Condition: When we upgrade ICX7450 3-unit stack to the latest code, after reload the link keepalive port is disabled. Defect ID: DEFECT000596008 Technical Severity: Medium Probability: High Product: Brocade FastIron OS Technology Group: Security Reported In Release: FI 08.0.41 Technology: SSH - Secure Shell Symptom: Crash is observed when executing show tech command or any huge output commands. Condition: Crash observed when executing show tech command in telnet, SSH or console FastIron 08.0.50 for Brocade ICX Switches Release Notes Version 1 48 Defect ID: DEFECT000596199 Technical Severity: Low Probability: Low Product: Brocade FastIron OS Technology Group: Monitoring Reported In Release: FI 08.0.30 Technology: Hardware Monitoring Symptom: Port flaps are observed in ICX7400-4X1GF module. Condition: When ICX7400-4X1GF module is connected to 1G fiber port of SX or MLX, port flaps are seen. Defect ID: DEFECT000596380 Technical Severity: High Probability: Medium Product: Brocade FastIron OS Technology Group: Layer 2 Switching Reported In Release: FI 08.0.30 Technology: MRP - Metro Ring Protocol Symptom: The temporary loop will be seen in the RING configuration. Condition: When the interfaces within the RING configuration are brought down and up back, the temporary loop is seen. Defect ID: DEFECT000596582 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: Management Reported In Release: FI 08.0.30 Technology: High Availability Continuous flaps seen in 1G ports on fiber ports of ICX7450-48F. Symptom: Condition: FI device with 1G fiber port. Defect ID: DEFECT000597185 Technical Severity: Critical Product: Brocade FastIron OS Reported In Release: FI 08.0.30 Probability: High Technology Group: Security Technology: AAA - Authentication, Authorization, and Accounting Symptom: When TACACS+ accounting is configured for commands, the password is sent as plain-text to TACACS+ server. Condition: TACACS+ accounting is configured for commands and CLI commands with password/secret-key are executed. Defect ID: DEFECT000597367 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: Management Reported In Release: FI 08.0.30 Technology: CLI - Command Line Interface Symptom: The active unit in a two unit ICX7250 stack may unexpectedly reload. Condition: When image update is performed with a file without '.bin' extension from uboot or from USB Workaround: Update image with '.bin' extension Defect ID: DEFECT000597441 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: Management Reported In Release: FI 08.0.30 Technology: PoE/PoE+ - Power over Ethernet Symptom: PD is detected and power is drawn when connection is made between active and member unit ICX 7450 stack or between ICX and another PSE .This could result in a PD Detection fault for the PDs on other ports of the switch Condition: Seen when ICX is connected to another PSE or ports are connected back to back with inline power enabled FastIron 08.0.50 for Brocade ICX Switches Release Notes Version 1 49 Defect ID: DEFECT000597712 Technical Severity: Critical Product: Brocade FastIron OS Reported In Release: FI 08.0.40 Probability: High Technology Group: Management Technology: SNMP - Simple Network Management Protocol Symptom: Device may unexpectedly reload while performing an SNMP walk on MAU MIB objects. Condition: Perform the MAU MIB table snmpwalk 'snmpwalk -Os -v2c -c public 1.3.6.1.2.1.26.2.1 13' Defect ID: DEFECT000597722 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: Layer 2 Switching Reported In Release: FI 08.0.50 Technology: VLAN - Virtual LAN Symptom: System reloads upon execution of " vlan-config remove all " command Condition: System reloads upon execution of " vlan-config remove all " command only from SSH sessions Workaround: Command " vlan-config remove all " can be executed from all other sessions like telnet, Console Defect ID: DEFECT000597864 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: Security Reported In Release: FI 08.0.10 Technology: IP Source Guard Symptom: DHCP-Snooping entries and IP Source-guard entries are not in sync. Condition: When both DHCP-Snooping and IP Source-guard features are enabled, DHCP-Snooping table and IP Source-guard are not in sync if the DHCP Client disconnects. Defect ID: DEFECT000597923 Technical Severity: Medium Probability: Medium Product: Brocade FastIron OS Technology Group: Management Reported In Release: FI 08.0.10 Technology: High Availability Symptom: The message "Write startup-config Done" will be printed in the console. Condition: When DHCP snooping is enabled, "Write startup-config Done" message will be printed on the console in every 100 sec. Defect ID: DEFECT000598182 Technical Severity: Medium Probability: High Product: Brocade FastIron OS Technology Group: Management Reported In Release: FI 08.0.40 Technology: CLI - Command Line Interface Symptom: The "Compiled on" date for uboot code is wrongly displayed, when booting from primary partition. Condition: When booting device from the primary uboot partition. Defect ID: DEFECT000598305 Technical Severity: High Probability: Medium Product: Brocade FastIron OS Technology Group: IP Multicast Reported In Release: FI 08.0.30 Technology: PIM - Protocol-Independent Multicast Symptom: Multicast traffic is not forwarded to correct LAG port if the receiver is on Standby and Member units. Condition: This symptom shows only when the receiver is on non-active units. FastIron 08.0.50 for Brocade ICX Switches Release Notes Version 1 50 Defect ID: DEFECT000598536 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: Security Reported In Release: FI 08.0.30 Technology: ACLs - Access Control Lists Symptom: "Insufficient hardware resource" error message is displayed while applying IPv4 ACL to a port. Condition: IPv4 ACL has more than 24 unique port range filters. Defect ID: DEFECT000598620 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: Stacking Reported In Release: FI 08.0.40 Technology: Traditional Stacking Symptom: On ICX7750-26Q stacking setup some CRC errors are observed on 40G stack LAG ports when traffic is run across stacking units Condition: This issue happens on ICX7750-26Q stacking setup on stacking LAG ports on running traffic Defect ID: DEFECT000598621 Technical Severity: High Probability: Medium Product: Brocade FastIron OS Technology Group: IP Multicast Reported In Release: FI 08.0.30 Technology: IPv4 Multicast Routing In show ip pim resource PIM Timer Data get-fail counter increments Symptom: show ip pim resource alloc in-use avail get-fail limit get-mem size init NBR list 256 26 230 0 512 30 96 256 RP set list 256 0 256 0 1536 0 49 256 Static RP 64 1 63 0 64 1 42 64 LIF Entry 512 0 512 0 512 0 47 512 Anycast RP 64 0 64 0 64 0 190 64 timer 256 26 230 0 59392 39008 63 256 PIM Timer Data is not freed for every PIM flow expiry Condition: Defect ID: DEFECT000598664 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: Stacking Reported In Release: FI 08.0.50 Technology: Mixed Stacking Symptom: Port Mac security related configurations might get enabled on the SPX ports when PMS is configured globally. Condition: Globally configuring Port MAC security related parameters like age,violation,etc.,can result in same configuration getting enabled on SPX ports. Workaround: Unconfiguring Port MAC security globally will recover from the issue Recovery: Unconfiguring Port MAC security globally will recover from the issue Defect ID: DEFECT000598730 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: Layer 2 Switching Reported In Release: FI 08.0.30 Technology: MRP - Metro Ring Protocol Symptom: MRP phase 2 deployment, disable/enable of shared interface can sometimes result in temporary loop condition. Condition: Network deployments using MRP phase 2 in combination with Topology group (with scaled member vlan's and dynamic MAC) configurations, on disable/enable of shared interface (or) few ringinterfaces can result in temporary loop condition for couple of seconds. Workaround: This usually recovers on it's own as long as ring interfaces stay physically stable. Recovery: This usually recovers on it's own as long as ring interfaces stay physically stable. FastIron 08.0.50 for Brocade ICX Switches Release Notes Version 1 51 Defect ID: DEFECT000598815 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: Layer 2 Switching Reported In Release: FI 08.0.30 Technology: LAG - Link Aggregation Group Symptom: DHCP-Snooping and LAG are configured in FI device. DHCP-Client is able to get IP-address but the DHCP-Client is unable to send IP-packets to devices beyond FI device. Condition: DHCP-Snooping and LAG are enabled in the FI device. DHCP-Server or DHCP-Client is connected to FI device through LAG. Defect ID: DEFECT000599232 Technical Severity: High Probability: Medium Product: Brocade FastIron OS Technology Group: Security Reported In Release: FI 08.0.41 Technology: IPsec - IP Security Symptom: Console freezes upon reload on ICX 7450 Condition: Observed infrequently after multiple reloads (80 to 100 reloads) executed in a sequence Workaround: No workaround Recovery: Power recycle the device to recover from this state Defect ID: DEFECT000599359 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: IP Multicast FI 08.0.30 Reported In Release: Technology: IPv4 Multicast Routing Symptom: If a switch is forwarding multicast traffic (from a source S) in hardware using SG forwarding mcache entry, and if the switch looses the route to the source S, then switch will end up forwarding traffic in software using WG mcache entry. Condition: Switch should loose route to multicast source Recovery: Once the switch learns the route back to the source, traffic will get forwarded in hardware. Defect ID: DEFECT000599376 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: Management Reported In Release: FI 08.0.30 Technology: CLI - Command Line Interface Symptom: "Warning: route-only setting on tagged port or ve member port 1/1/1 has no effect!" printed out when configured a vlan and assigned tagged port to the vlan even though there is no route-only configuration on the switch. Condition: Not Applicable Defect ID: DEFECT000599419 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: Management FI 08.0.30 Reported In Release: Technology: Management GUI Symptom: FI device may unexpectedly reload when initiating a SSH/TELNET to the device. Condition: Hostname is configured with more than 255 characters using web-management and the device is accessed through SSH/TELNET. FastIron 08.0.50 for Brocade ICX Switches Release Notes Version 1 52 Defect ID: DEFECT000599421 Technical Severity: Medium Probability: Medium Product: Brocade FastIron OS Technology Group: Layer 2 Switching Reported In Release: FI 08.0.30 Technology: MRP - Metro Ring Protocol Symptom: Temporary loop is observed in MRP topology when an interface in one ring is disabled/enabled, another ring(s) can flap between preforwarding/blocking states. Condition: while doing interface admin disable/enable on metro-ring configured with multiple rings, temporary loop will be seen for few seconds. Defect ID: DEFECT000599715 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: Security Reported In Release: FI 08.0.30 Technology: IP Source Guard Symptom: FastIron Switch unexpectedly rebooted when the DHCP snooped client moved from one port to another and the DHCP lease period is just about to expire. Condition: DHCP snooping is enabled on a VLAN Client has acquired an IP address through DHCP and switch has snooped the entry . When the DHCP assigned IP address is about to expire (around 5 to 10 seconds left in the DHCP lease period), Client moves to another port on the switch and acquires an IP address (Same or different IP address) on the new port through DHCP. Defect ID: DEFECT000599729 Technical Severity: Medium Product: Brocade FastIron OS Reported In Release: FI 08.0.50 Probability: High Technology Group: Layer 3 Routing/Network Layer Technology: DHCP - Dynamic Host Configuration Protocol Symptom: DHCP Client is not getting enabled once the dhcp client is disabled Condition: DHCP client cannot be enabled once it is disabled Defect ID: DEFECT000599800 Technical Severity: Medium Probability: High Product: Brocade FastIron OS Technology Group: Security Reported In Release: FI 08.0.30 Technology: IP Source Guard Symptom: DHCP-Snooping and IP-Source guard are enabled in ICX7450 stack. The ICX7450 switch reboots spontaneously while it is undergoing switchover and the DHCP-Clients request for IP-address simultaneously. Condition: DHCP-Snooping and IP-Source guard are enabled in ICX7450 stack. The ICX7450 receives DHCPpacket while it undergoes switchover. Defect ID: DEFECT000600035 Technical Severity: High Probability: Medium Product: Brocade FastIron OS Technology Group: Monitoring Reported In Release: FI 08.0.40 Technology: sFlow SFLOW samples are not received from ports in member unit of FI stack. Symptom: Condition: FI device has SFLOW enabled in member unit ports of FI stack. Defect ID: DEFECT000600074 Technical Severity: Medium Probability: High Product: Brocade FastIron OS Technology Group: Security Reported In Release: FI 08.0.30 Technology: IP Source Guard Symptom: Switch reboots while adding entries to DHCP snoop table Condition: DHCP snooping and IPSG is enabled on a port. DHCP snooping learns a client IP and tries to update the IPSG table FastIron 08.0.50 for Brocade ICX Switches Release Notes Version 1 53 Defect ID: DEFECT000600470 Technical Severity: Medium Product: Brocade FastIron OS Reported In Release: FI 08.0.30 Symptom: Seeing stale 0 entries in dev 4 IPSG rule: Probability: Low Technology Group: Security Technology: IP Source Guard G30-422-1#dm pp-dev 4 pcl stat br _Device Data__ Pcl Id HwPCL #Refs Pcl Type ACL ID S Rule E Rule Number Of Filters Contiguous ====== ===== ===== =============== ====== =========== =========== ================= ========== 9 0 8 TRAP_ARP | PPPV 428 135 135 1 1 DHCP | PPPVLANA 426 131 132 2 1 IPSG | PPPVLANA 506 11268 11269 122 0 IPSG | PPPVLANA 507 0 0 2 0 IPSG | PPPVLANA 508 0 0 2 0 IPSG | PPPVLANA 509 0 0 2 0 Condition: configued the DHCP, IPSG and mac movement Defect ID: DEFECT000600586 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: Security Reported In Release: FI 08.0.30 Technology: SSH - Secure Shell Symptom: Device may unexpectedly reload after upgrade from 7.4.xx to 8.0.30x. Condition: An unknown user tries for the SSH access continuously with bad login and password after upgrade from 7.4.xx to 8.0.30x image Workaround: Avoid using SSH access with bad login and password Recovery: Upgrade to 8.0.30j or later Defect ID: DEFECT000600729 Technical Severity: Medium Probability: High Product: Brocade FastIron OS Technology Group: Layer 2 Switching Reported In Release: FI 08.0.40 Technology: BPDU Guard - Bridge Protocol Data Unit Symptom: Device may unexpectedly reload when we configure "no raguard trust" on an interface Condition: Configuring "no raguard trust" on an interface. Workaround: Avoid configuring "no raguard trust" in the interface Defect ID: DEFECT000600872 Technical Severity: Medium Probability: High Product: Brocade FastIron OS Technology Group: Layer 2 Switching FI 08.0.50 Reported In Release: Technology: LAG - Link Aggregation Group Symptom: When a LACP Lag port goes from link down to up, there is no syslog for this event, instead when the LACP Lag port goes from inactive to operational, FI system generates 2 logs, one syslog about port up and another log about LACP Lag port goes operational. Condition: When there is port physical Link up event happens and that port has either UDLD enabled or the port is member of dynamic LACP lag. FastIron 08.0.50 for Brocade ICX Switches Release Notes Version 1 54 Defect ID: DEFECT000600878 Technical Severity: High Probability: Medium Product: Brocade FastIron OS Technology Group: Security Reported In Release: FI 08.0.30 Technology: IP Source Guard Symptom: Ping failed after Mac movement Device-1#ping x.x.x.x Sending 1, 16-byte ICMP Echo to x.x.x.x, timeout 5000 msec, TTL 64 Type Control-c to abort Request timed out. No reply from remote host. Condition: Mac movement from active to standby when DHCP bind on the active unit. Defect ID: DEFECT000601006 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: IP Multicast Reported In Release: FI 08.0.50 Technology: IPv4 Multicast Routing Symptom: Layer 3 Multicast traffic ingressing on LAG interface drops when one of the interface in LAG is down. Condition: Layer 3 Multicast is enabled on the LAG interface and one of the lag interface moves to down state. Defect ID: DEFECT000601074 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: Management Reported In Release: FI 08.0.40 Technology: CLI - Command Line Interface Symptom: Executing "dm parse show" command is crashing the switch due to illegal memory access. Condition: Executing the command "dm parse show" crashes the switch Defect ID: DEFECT000601208 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: IP Multicast Reported In Release: FI 08.0.50 Technology: MLD - Multicast Listener Discovery After STACK Failover in 7250 as PE SPX , complete Traffic Drop will be seen. Symptom: Condition: After Stack failover, in 7250 as PE SPX Workaround: Shut the receiver interfaces, clear the IPv6 multicast mcache and 'no shut' the interface, once the MLD joins again, traffic gets forwarded to receivers. Recovery: Shut the receiver interfaces, clear the IPv6 multicast mcache and 'no shut' the interface, once the MLD joins again, traffic gets forwarded to receivers. Defect ID: DEFECT000601389 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: Layer 2 Switching Reported In Release: FI 08.0.40 Technology: LAG - Link Aggregation Group Symptom: When we quickly unplug and plug in a LACP lag port, This log message indicating the port goes directly to Logical Up after (physical) state up, expected behavior was that the port need to go and log Logical Down before goes to Logical Up and generating a log for that. SYSLOG: <14> Jan 1 00:15:51 System: Interface ethernet 1/1/47, state down SYSLOG: <14> Jan 1 00:15:53 System: Interface ethernet 1/1/47, state up SYSLOG: <14> Jan 1 00:15:53 System: Logical link on dynamic lag interface ethernet 1/1/47 is up. Condition: Quickly unplug and plug in a LACP Lag port. FastIron 08.0.50 for Brocade ICX Switches Release Notes Version 1 55 Defect ID: DEFECT000601484 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: Security Reported In Release: FI 08.0.50 Technology: ACLs - Access Control Lists Symptom: After user tried to create extended ACL with invalid syntax repeatedly for more than 100 times, the next extended ACL creation even with correct syntax will fail. Condition: 1) If customer uses single line ACL syntax to create extended ACL 2) ACL filter has wrong parameters 3) User tried to create 100 different such ACLs. Workaround: Use of multi line ACL syntax will avoid running into this problem. Recovery: Use of the already tried ACL name as part of correct filter definition will successfully create the ACL. Defect ID: DEFECT000601508 Technical Severity: Medium Product: Brocade FastIron OS Reported In Release: FI 08.0.30 Symptom: Stale entries found on standby unit [STBY]local-1@G30-422-1#0b dm pp-dev 0 pcl stat br Probability: High Technology Group: Security Technology: IP Source Guard _Device Data__ Pcl Id HwPCL #Refs Pcl Type ACL ID S Rule E Rule Number Of Filters Contiguous ====== ===== ===== =============== ====== =========== =========== ================= ========== 9 0 2 TRAP_ARP | PPPV 425 62 62 1 1 DHCP | PPPVLANA 423 58 59 2 1 IPSG | PPPVLANA 429 0 0 2 0 DHCP6SNP | PPPV 424 60 61 2 1 36864 0 1 ECPU 414 27 28 2 1 36865 0 1 ECPU_PORT_EXCLD 415 29 29 1 1 655 Condition: when abort the DHCP hosts on STC and switch over before age out. Defect ID: DEFECT000601780 Technical Severity: High Probability: Medium Product: Brocade FastIron OS Technology Group: Stacking Reported In Release: FI 08.0.40 Technology: Stack Failover/Switchover Symptom: When the active stack unit goes down, the new active unit fails to send ICMP ECHO request. Condition: LAG configured between the ports in active and standby units. The active unit goes down and ping through management VLAN after the new active unit is selected. Defect ID: DEFECT000601961 Technical Severity: Medium Probability: High Product: Brocade FastIron OS Technology Group: Security Reported In Release: FI 08.0.30 Technology: IP Source Guard Symptom: Stale entry seen upon stack switch over and port movement from active to standby(new active) Condition: when enable the DHCP snooping on the VLAN and bind the DHCP hosts . Perform the the stack switch over and initiate the port movement. FastIron 08.0.50 for Brocade ICX Switches Release Notes Version 1 56 Defect ID: DEFECT000601980 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: Layer 2 Switching Reported In Release: FI 08.0.30 Technology: MRP - Metro Ring Protocol Symptom: MRP phase 2 deployment, disable/enable of shared interface can sometimes result in temporary loop condition. Condition: Network deployments using MRP phase 2 in combination with Topology group (with scaled member vlan's and dynamic MAC) configurations, on disable/enable of shared interface (or) few ringinterfaces can result in temporary loop condition for couple of seconds. Workaround: This usually recovers on it's own as long as ring interfaces stay physically stable Recovery: This usually recovers on it's own as long as ring interfaces stay physically stable Defect ID: DEFECT000602073 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: Monitoring Reported In Release: FI 08.0.40 Technology: sFlow Symptom: Configuration of command ''sflow source ve' fails when VE value is more than 255. Condition: Configuration of command ''sflow source ve' fails. Defect ID: DEFECT000602077 Technical Severity: Medium Probability: High Product: Brocade FastIron OS Technology Group: Layer 3 Routing/Network Layer FI 08.0.30 Reported In Release: Technology: IP Addressing Symptom: On ICX7K series platform hardware is configured to NOT punt the Multicast packets with TTL errors to CPU. So the software always shows the multicast packets with TTL errors counters as zero. Condition: On ICX7K series platform, if the TTL errors counters are zero even though expectations are to see the TTL non-zero error count. Defect ID: DEFECT000602159 Technical Severity: High Product: Brocade FastIron OS Reported In Release: FI 08.0.40 Probability: High Technology Group: IP Multicast Technology: IGMP - Internet Group Management Protocol Symptom: In Fast Iron ICX devices with Switch BUILD , IGMP Snooping doesn't work in default VLAN (1) and works in user-defined VLAN. Condition: IGMP Snooping do not work in default VLAN 1. Workaround: Moving all the ports members of default VLAN 1 moved to user defined VLAN. Recovery: Moving all the ports members of default VLAN 1 moved to user defined VLAN. Defect ID: DEFECT000602242 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: Management Reported In Release: FI 08.0.30 Technology: Software Installation & Upgrade CRC error may be observed when the 1G copper ports are connected to devices which are configured Symptom: with 10-half or 100-half speed. Condition: If the 1G copper port speed is configured to 10-half or 100-half, and bi-directional traffic is running, you may observe CRC error. Workaround: At half-duplex speed if bi-directional traffic is running change it to uni-directional. FastIron 08.0.50 for Brocade ICX Switches Release Notes Version 1 57 Defect ID: DEFECT000602267 Technical Severity: Medium Probability: Medium Product: Brocade FastIron OS Technology Group: Management Reported In Release: FI 08.0.30 Technology: CLI - Command Line Interface Symptom: With 'banner motd require-enter-key' configured, console access to the device prints the MOTD banner again instead of showing the CLI prompt. Condition: FI device has 'banner motd require-enter-key' configuration and the device is accessed through console. Defect ID: DEFECT000602449 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: Security Reported In Release: FI 08.0.50 Technology: ACLs - Access Control Lists Symptom: Accounting is not getting enabled unless ACL is configured completely Condition: Seen when empty named ACL is created followed by enabling accounting on the interface Defect ID: DEFECT000602516 Technical Severity: High Probability: Medium Product: Brocade FastIron OS Technology Group: Stacking Reported In Release: FI 08.0.40 Technology: Traditional Stacking Symptom: One of the customer stack on ICX7450 stack unit crash unexpectedly. Core file was provided. Condition: the condition for this crash is CPU sampling signal - which is enabled by default, and a system call from an application task occurs simultaneously. Defect ID: DEFECT000603544 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: Security Reported In Release: FI 08.0.50 Technology: MAC Port-based Authentication Symptom: PMS (Port MAC Security) is allowed to be configured on interface even when route-only is either configured on global level or on the interface of interest. The configuration of PMS with route-only can have undesirable behavior. Condition: PMS is enabled on the interface where route-only is already configured on that interface or on a global level. Defect ID: DEFECT000603726 Technical Severity: Critical Probability: High Product: Brocade FastIron OS Technology Group: Layer 2 Switching Reported In Release: FI 08.0.50 Technology: LAG - Link Aggregation Group Symptom: System reloads when a keep alive lag configuration is added. Condition: Configuring keep alive lag may result in result a system reload due to invalid memory access of keep alive configuration sometimes. Defect ID: DEFECT000603732 Technical Severity: High Probability: Medium Brocade FastIron OS Product: Technology Group: Management Reported In Release: FI 08.0.30 Technology: Configuration Fundamentals Symptom: The device may unexpectedly reload while trying to create the DHCP snoop data file. Condition: Memory allocation during DHCP snoop data file creation. FastIron 08.0.50 for Brocade ICX Switches Release Notes Version 1 58 Defect ID: DEFECT000604129 Technical Severity: Critical Product: Brocade FastIron OS Reported In Release: FI 08.0.50 Symptom: No Impact Condition: No Impact Probability: High Technology Group: SDN Technology: OpenFlow Defect ID: DEFECT000604212 Technical Severity: Medium Probability: High Product: Brocade FastIron OS Technology Group: Layer 2 Switching Reported In Release: FI 08.0.30 Technology: VLAN - Virtual LAN Symptom: Stack trace with a message "hal_sw_pp_set_mac_learning(port=1/1/4,enable=1)(T=84924) Error this port is a locked port" is seen on console Condition: When removing port from web-auth enabled VLAN Defect ID: DEFECT000604659 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: SDN Reported In Release: FI 08.0.50 Technology: OpenFlow Protocols enabled on Openflow hybrid ports dont work when flows installed with non-default(0) Symptom: priority.. Condition: When flows are installed with non-default priority. Workaround: Install flows with default priority. Recovery: Remove the flow and reinstall with default priority. Defect ID: DEFECT000604694 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: Security Reported In Release: FI 08.0.50 Technology: ACLs - Access Control Lists Symptom: When user deletes ACL definition associated with router interface for a VLAN with PE members, the ACL will still be in effect for the PE ports. Condition: The ACL definition associated the router interface for a VLAN with PE members. Workaround: Instead of deleting the ACL definition, remove the ACL configuration from the router-interface first and then delete the ACL definition. Recovery: Reload the PE. Defect ID: DEFECT000604961 Technical Severity: Critical Probability: High Product: Brocade FastIron OS Technology Group: SDN Reported In Release: FI 08.0.50 Technology: OpenFlow Symptom: Openflow active crash while trying to update an already present flow with a different matching criteria. Condition: Active unit crashes during update of an existing flow with a different matching criteria. Defect ID: DEFECT000605176 Technical Severity: Critical Product: Brocade FastIron OS Reported In Release: FI 08.0.30 Probability: High Technology Group: Security Technology: AAA - Authentication, Authorization, and Accounting Symptom: show captive-portal profile is not displaying ipv4 address correctly. Condition: This issue is observed if we configure IPv6 address in virtual-ip ipv6 command in captive-portal profile configuration. FastIron 08.0.50 for Brocade ICX Switches Release Notes Version 1 59 Defect ID: DEFECT000605449 Technical Severity: Medium Probability: High Product: Brocade FastIron OS Technology Group: Layer 2 Switching Reported In Release: FI 08.0.40 Technology: LAG - Link Aggregation Group Symptom: When we try to remove auto-lacp port, the In mis-leading error message indicating "add ports" instead of "remove ports" is printed in the display. Error: Cannot add ports to an autolacp LAG using this CLI Condition: configure "no ports" cli command under lag prompt for auto-lag. Defect ID: DEFECT000605488 Technical Severity: Critical Probability: High Product: Brocade FastIron OS Technology Group: Security FI 08.0.50 Reported In Release: Technology: PBR - Policy-Based Routing Symptom: System goes for unexpected reload when doing clear accounting Condition: Clear accounting for a VE port or "clear accounting all" may lead to unexpected reload, if a PBR policy with accounting is applied on a VE and has PE ports in the vlan. Defect ID: DEFECT000605504 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: Layer 3 Routing/Network Layer Reported In Release: FI 08.0.50 Technology: IP Addressing Symptom: IPV6 traffic are forwaded even after ve interface is disabled Condition: Disable of interface transferring V6 L3 traffic. Defect ID: DEFECT000605886 Technical Severity: High Probability: High Brocade FastIron OS Product: Technology Group: Layer 3 Routing/Network Layer Reported In Release: FI 08.0.50 Technology: IP Addressing Symptom: Ping fails on L3 link aggregation interface with URPF enabled on that physical interface. Condition: Ping fails with URPF configured on Layer 3 interface which is a link aggregation Defect ID: DEFECT000605903 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: Layer 3 Routing/Network Layer Reported In Release: FI 08.0.10 Technology: BGP4+ - IPv6 Border Gateway Protocol Symptom: TCB buffer gets exhausted, when BGPv6 neighbor tries to establish a TCP connection with wrong password. FI_Device#sh ipv6 tcp connections | include FREE FREE TCB = 0 percent FREE TCP QUEUE BUFFER = 100 percent FREE TCP SEND BUFFER = 100 percent FREE TCP OUT OF SEQUENCE BUFFER = 100 percent Condition: When BGPv6 neighbor trying to establish a TCP connection with wrong password continuously. Recovery: Reload the device and use correct password between the BGPv6 peers. FastIron 08.0.50 for Brocade ICX Switches Release Notes Version 1 60 Defect ID: DEFECT000605984 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: Management Reported In Release: FI 08.0.30 Technology: Management GUI Symptom: Device may unexpectedly reload, while accessing web interface Condition: 1. Configure MAC hostname,location,contact via CLI 2. Connect the DUT via web(http/https) Defect ID: DEFECT000606035 Technical Severity: Medium Probability: High Product: Brocade FastIron OS Technology Group: Security Reported In Release: FI 08.0.30 Technology: SSH - Secure Shell Symptom: The command 'ip ssh encryption disable-aes-cbc' does not disable CBC mode when configured with 'ip ssh key-exchange-method dh-group14-sha1' command. Condition: FI device has 'ip ssh encryption disable-aes-cbc' and 'ip ssh key-exchange-method dh-group14-sha1' command configurations. Defect ID: DEFECT000606089 Technical Severity: Medium Product: Brocade FastIron OS Reported In Release: FI 08.0.30 Probability: Low Technology Group: Layer 3 Routing/Network Layer Technology: VRRPv2 - Virtual Router Redundancy Protocol Version 2 Symptom: When VRRP Owner is abdicated to become Backup device , the new Master (old Backup) do not receive the ARP request sent from the Host to VIP , instead the ARP Request is sent to old Master (Owner). Condition: During VRRP Owner abdication. ( When VRRP owner’s priority is configured a lower priority than the backup device, the owner device transits to a backup state) Defect ID: DEFECT000606217 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: IP Multicast Reported In Release: FI 08.0.50 Technology: IPv6 Multicast Routing Symptom: IPv6 Control Protocols like OSPFv3, PIM6, RIPng flaps when PIM spt-threshold value is set to higher values due to software forwarding of multicast data packet till spt-threshold is reached. Condition: The IPv6 control protocols (OSPFv3/PIM6, RIPng) flaps in ICX 7450 & ICX 7250 platforms. Defect ID: DEFECT000606219 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: Security Reported In Release: FI 08.0.30 Technology: 802.1x Port-based Authentication Symptom: After creating GUEST VLAN, if 802.1X is enabled globally, it overrides the GUEST VLAN configuration. Condition: Happens always Recovery: Create the Guest VLAN again. FastIron 08.0.50 for Brocade ICX Switches Release Notes Version 1 61 Defect ID: DEFECT000606285 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: Layer 2 Switching Reported In Release: FI 08.0.40 Technology: LAG - Link Aggregation Group Symptom: In show auto-lacp command, port priority is displayed in the system priority field. ICX7750-48C Switch(config-lag-aL-1-0x001517dca114-9)#show auto-lacp Total auto-lacp enabled ports: 6 Auto-lacp port timeout Interval (seconds): 200 Port AutoLacp State LAG id Peer Info (System Priority/Id/Key/Age) 1/1/10 AUTOLAG_PASSIVE 1 255/0015.17dc.a114/9/2 ==> port priority is displayed 1/1/11 AUTOLAG_PASSIVE 1 255/0015.17dc.a114/9/1 1/1/12 AUTOLAG_PASSIVE 1 255/0015.17dc.a114/9/1 1/1/13 AUTOLAG_INIT none 0/0000.0000.0000/0/0 1/1/14 AUTOLAG_INIT none 0/0000.0000.0000/0/0 1/1/15 AUTOLAG_INIT none 0/0000.0000.0000/0/0 Condition: show lag cli command. Defect ID: DEFECT000606296 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: Layer 2 Switching Reported In Release: FI 08.0.40 Technology: LAG - Link Aggregation Group Symptom: The LACP Lag Tx/Rx statistics are not cleared when port is removed from dynamic lag resulting in inaccurate LACP lag statistics. Condition: .Configuring Dynamic LACP lag and removing/adding a port to this lag. Defect ID: DEFECT000606400 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: Stacking Reported In Release: FI 08.0.50 Technology: Stack Management Symptom: System crash which the following info; UNIT1: zero_touch_100ms_timer_callback sys_give_semaphore sw_inf_fi_exec_timer_node_callback appl_main_timer_callback send_timeout_ind timer_lib_timeout itc_process_msgs_internal hal_cmdloop1 cmdloop1 appl_task task_init start_thread __clone Condition: Not known, but it should not happen any more Workaround: reload Recovery: reload FastIron 08.0.50 for Brocade ICX Switches Release Notes Version 1 62 Defect ID: DEFECT000606534 Technical Severity: Critical Probability: High Product: Brocade FastIron OS Technology Group: Layer 3 Routing/Network Layer Reported In Release: FI 08.0.50 Technology: IPv6 Addressing Symptom: IPv6 ping will not work for ve/physical interface. Condition: After boot up of Box, issue will appear only on already configured ve/physical interfaces. Workaround: User need to disable followed by enable to restore L3 IPv6 setting on ve/ physical interface. Recovery: User need to disable followed by enable to restore L3 IPv6 setting on ve/ physical interface. Defect ID: DEFECT000606632 Technical Severity: Medium Probability: High Product: Brocade FastIron OS Technology Group: Management Reported In Release: FI 08.0.30 Technology: CLI - Command Line Interface Symptom: Show commands fails with error message "INFO: all 2 display buffers are busy, please try later." mailto:SSH@E-AAUSYD01-CR01-ICX7750#show ver INFO: all 2 display buffers are busy, please try later. Condition: When "Show access-list accounting ve", "clear access-list accounting ve " or "show pod unit " executed frequently. Recovery: Reload the setup Defect ID: DEFECT000606701 Technical Severity: High Product: Brocade FastIron OS Reported In Release: FI 08.0.50 Probability: High Technology Group: Monitoring Technology: OAM - Operations, Admin & Maintenance Symptom: In ICX7450-48F fiber port connected with Copper SFP when the unit is power cycled then after reboot the Copper SFP links does not come up Condition: This happens in ICX7450-48F fiber port connected with Copper SFP after power cycle Defect ID: DEFECT000606776 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: Security FI 08.0.30 Reported In Release: Technology: MAC Port-based Authentication Symptom: When a port is disabled, the web-auth sessions associated with the port in that VLAN are not removed. They will be removed only when all ports are disabled or removed. Condition: It happens always. Recovery: "Clear webauth authenticated" will clear sessions Defect ID: DEFECT000606920 Technical Severity: Medium Probability: High Product: Brocade FastIron OS Technology Group: Management Reported In Release: FI 08.0.30 Technology: Configuration Fundamentals Symptom: Upon removal and re-insertion of the 100MB optic the 100-fx configured port did not come up. Condition: This issue is seen only when 100-fx is configured on the interface. Workaround: Re-configuring 100-fx again will bring the port up. FastIron 08.0.50 for Brocade ICX Switches Release Notes Version 1 63 Defect ID: DEFECT000607493 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: Stacking Reported In Release: FI 08.0.30 Technology: Stack Failover/Switchover Symptom: Unable to access the stand-by console after performed stack-switchover / reload Condition: This is seen on 6610 platform. Since we don't support 6610 platform in 8.0.50, so this defect has no impact. Defect ID: DEFECT000607507 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: Management Reported In Release: FI 08.0.50 Technology: PoE/PoE+ - Power over Ethernet Symptom: Non-PD detection logic doesn't work in some of the scenarios Condition: Having "inline power non-pd-detection enable" configuration would not work in some scenarios such as when the devices are connected over LAG Defect ID: DEFECT000607598 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: Security Reported In Release: FI 08.0.50 Technology: MAC Port-based Authentication Symptom: User authenticated using Authentication Filter incorrectly moves to global auth-def-vlan Condition: Local-auth-def-vlan is configured on a Flexauth port. Now user is authenticated statically using auth filter. It was expected that those authenticated Users will move to local-auth-def-vlan. But instead Users move to global-auth-def-vlan Defect ID: DEFECT000607640 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: Security Reported In Release: FI 08.0.50 Technology: MAC Port-based Authentication Symptom: Continuous Port MAC security violation restricted MAC's syslog flooding the console. Condition: On ICX-7XXX series devices, enabling PMS with violation restriction configuration can result continuous syslog messages flooding the console Workaround: Issue "ctrl+c" on the console to stop continuous syslog message printing Recovery: Issue "ctrl+c" on the console to stop continuous syslog message printing Defect ID: DEFECT000607644 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: Security FI 08.0.50 Reported In Release: Technology: MAC Port-based Authentication Symptom: After a stack switchover, secured MAC remains in hardware but missing in software. This causes the host traffic to still be access the network. Condition: MAC Port-based authentication configured with secured MACs then a switchover/Failover is executed. Recovery: Execute the "clear mac-address" command. FastIron 08.0.50 for Brocade ICX Switches Release Notes Version 1 64 Defect ID: DEFECT000607648 Technical Severity: Low Probability: High Product: Brocade FastIron OS Technology Group: Management Reported In Release: FI 08.0.30 Technology: Configuration Fundamentals Symptom: Management VLAN displays stale gateway IP allocated by old DHCP server and gateway IP from the new DHCP server pool resulting in reachability issue. Condition: 1. Allow FI device to get IP from DHCP server 2. Create a management VLAN and "write memory" 3. Reload the device with new DHCP server pool Workaround: Delete the old gateway IP address. Defect ID: DEFECT000607669 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: Security Reported In Release: FI 08.0.50 Technology: ACLs - Access Control Lists Symptom: Show acl accounting does not working when ACL per port per VLAN flag is enabled and IPV6 Access Control List that as logging enabled is applied on tagged physical port. Condition: On switch Image this was observed, when ACL logging flag with IPV6 filters and ACL Accounting is enabled. Defect ID: DEFECT000607676 Technical Severity: Medium Probability: Medium Product: Brocade FastIron OS Technology Group: Layer 2 Switching Reported In Release: FI 08.0.40 Technology: LAG - Link Aggregation Group Symptom: When a user removes a secondary port from dynamic lag with remote config change detect feature on, sys log like this happens twice without functional impact, SYSLOG: <14> Jan 15 18:03:11 802.1BR_7x System: Logical link on dynamic lag interface ethernet 1/1/15 is down Condition: Remove a secondary port from dynamic lag with remote conifg change detect feature enabled. Defect ID: DEFECT000608053 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: Stacking Reported In Release: FI 08.0.40 Technology: Traditional Stacking Symptom: On ICX7450-48F fiber port connected using Copper SFP, when the link speed is configured to 10Mbps Full duplex mode (10-full) then the link flap is observed twice Condition: This issue happens on ICX7450-48F fiber port connected using Copper SFP, when the link speed is configured to 10Mbps Full duplex mode Defect ID: DEFECT000608166 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: Monitoring FI 08.0.40 Reported In Release: Technology: Hardware Monitoring Symptom: In ICX7250 fiber port connected with Copper SFP, sometimes the link is shown as "Up" even without any physical connection Condition: This happens on ICX7250 fiber port with Copper SFP connected there FastIron 08.0.50 for Brocade ICX Switches Release Notes Version 1 65 Defect ID: DEFECT000608566 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: Layer 3 Routing/Network Layer Reported In Release: FI 08.0.50 Technology: Multi-VRF Symptom: Traffic is not forwarded out IPv6 tunnel after the member unit is reset. Condition: If the customer is using IPv6 tunnel and performs a reset on the Member Unit then the traffic outage can occur. Defect ID: DEFECT000609008 Technical Severity: Critical Product: Brocade FastIron OS Reported In Release: FI 08.0.50 Condition: Probability: High Technology Group: Layer 2 Switching Technology: VLAN - Virtual LAN Defect ID: DEFECT000609044 Technical Severity: Medium Product: Brocade FastIron OS Reported In Release: FI 08.0.30 Probability: Medium Technology Group: Management Technology: SNMP - Simple Network Management Protocol Symptom: Default SNMP read-only community string displayed in the system default values. SNMP_Beck#show default snmp ro community public spanning tree disabled fast port span disabled auto sense port speed port untagged port flow control on no username assigned no password assigned boot sys flash primary system traps enabled ntp disabled radius disabled rip disabled ospf disabled bgp disabled when ip routing enabled : ip irdp disabled ip load-sharing enabled ip proxy arp disabled ip rarp enabled ip bcast forward disabled dvmrp disabled pim/dm disabled vrrp disabled fsrp disabled when rip enabled : rip type:v2 only rip poison rev enabled ipx disabled appletalk disabled Condition: Execution of 'show default' command. Defect ID: DEFECT000609165 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: Layer 3 Routing/Network Layer Reported In Release: FI 08.0.50 Technology: IP Addressing Symptom: In a switch ping to gateway interface fails in certain conditions when management vlan is configured Condition: In a switch image ping fails when the gateway is learnt on a particular vlan and then the management vlan is configured to a another vlan. FastIron 08.0.50 for Brocade ICX Switches Release Notes Version 1 66 Defect ID: DEFECT000609209 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: Monitoring Reported In Release: FI 08.0.30 Technology: Hardware Monitoring Symptom: In a connection between ICX7450 Gig copper port to Label printer copper port with link configured in 10Mbps half-duplex mode, the ping from ICX7450 to the printer fails after 48 hours of operation Condition: This issue is observed in a connection between ICX7450 Gig copper port to Label printer copper port with link configured in 10Mbps half-duplex mode Defect ID: DEFECT000609298 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: Management Reported In Release: FI 08.0.50 Technology: Configuration Fundamentals Symptom: When 'speed-duplex 100-full' is set on TX optic on ICX7250-24G, the port still comes UP at 1000full when the peer is at 1000-full. The port doesn't come UP if the peer is at 100-full. Condition: This applies to only ICX7250-24G model on 1GF port with TX optic and the speed is not default speed. When the speed is set to 100-full, internally the port speed is still in default speed (1G). Support for non-default speed in TX optic on ICX7250-24G is added in 8050 release. Workaround: No workaround possible for 100-full speed with TX optico on ICX7250-24G Recovery: Link comes up fine with default speed with TX optic on ICX7250-24G Defect ID: DEFECT000609305 Technical Severity: High Product: Brocade FastIron OS Reported In Release: FI 08.0.50 Probability: High Technology Group: IP Multicast Technology: IGMP - Internet Group Management Protocol Symptom: Once configured with IGMP snooping version 3, the un-configuration of IGMP snooping on the VLAN don't restore to version 2 even after removing the configuration of IGMP snooping version 3. The desired behavior is to restore to IGMP snooping version 2. Condition: The system is configured with IGMP snooping version 3 and then un-configured after that without force configuration of IGMP snooping to version 2. Workaround: Force configure the IGMP snooping to version 2 after the un-configuration of IGMP snooping version 3. The command is run in VLAN context. Recovery: Force configure the IGMP snooping to version 2 after the un-configuration of IGMP snooping version 3. The command is run in VLAN context. Defect ID: DEFECT000609423 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: Layer 2 Switching Reported In Release: FI 08.0.30 Technology: MRP - Metro Ring Protocol MRP phase 2 deployment, disable/enable of shared interface can sometimes result in temporary loop Symptom: condition. Condition: Network deployments using MRP phase 2 in combination with Topology group (with scaled member vlan's and dynamic MAC) configurations, on disable/enable of shared interface (or) few ringinterfaces can result in temporary loop condition for couple of seconds. Workaround: This usually recovers on it's own as long as ring interfaces stay physically stable Recovery: This usually recovers on it's own as long as ring interfaces stay physically stable FastIron 08.0.50 for Brocade ICX Switches Release Notes Version 1 67 Defect ID: DEFECT000609442 Technical Severity: High Probability: Medium Product: Brocade FastIron OS Technology Group: Management Reported In Release: FI 08.0.30 Technology: PoE/PoE+ - Power over Ethernet Symptom: PDs do not get powered on Ports 1 to 8 of ICX7450 Condition: Some PDs are not getting powered when connected to Ports 1 to 8 of ICX7450 Workaround: Use the new CLI command - #inline power interface-mode-2pair-pse Recovery: Use the new CLI command - #inline power interface-mode-2pair-pse Defect ID: DEFECT000609827 Technical Severity: High Product: Brocade FastIron OS Reported In Release: FI 08.0.50 Probability: High Technology Group: IP Multicast Technology: IGMP - Internet Group Management Protocol Symptom: An interested customer who wants to know the robustness parameters value in IGMP snooping will not be able to query it from the system because there is no command to display Robustness variable, LMQC, LMQI in IGMP snooping. Condition: The show command 'show ip mul vl' doesn't show LMQC and LMQI related values. Defect ID: DEFECT000610042 Technical Severity: Low Probability: High Product: Brocade FastIron OS Technology Group: Security FI 08.0.30 Reported In Release: Technology: 802.1x Port-based Authentication Symptom: DOT1x debugs are disabled when "show debug" command is executed twice. Condition: Execution of "show debug" command after enabling DOT1x debugs Recovery: Enable DOT1x debugs again Defect ID: DEFECT000610288 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: SDN Reported In Release: FI 08.0.50 Technology: OpenFlow Symptom: After a switchover, the traffic is lost even though the Flows are configured properly. Condition: After the switch over there is a traffic loss even though the configuration is correct. Defect ID: DEFECT000610391 Technical Severity: Medium Probability: Medium Product: Brocade FastIron OS Technology Group: Monitoring Reported In Release: FI 08.0.40 Technology: Hardware Monitoring Symptom: “dm diag” on ICX7250s detects I2C error for power supply. Condition: Run "dm diag" Defect ID: DEFECT000611338 Technical Severity: Critical Probability: High Product: Brocade FastIron OS Technology Group: Security Reported In Release: FI 08.0.50 Technology: ACLs - Access Control Lists Symptom: With enable egress-acl-on-cpu-traffic command and traffic coming in from CPU such as protocol traffic, egress ACL is not getting applied. Condition: Apply command "enable egress-acl-on-cpu-traffic" and save config and reload. FastIron 08.0.50 for Brocade ICX Switches Release Notes Version 1 68 Defect ID: DEFECT000611742 Technical Severity: High Probability: Medium Product: Brocade FastIron OS Technology Group: Management Reported In Release: FI 08.0.50 Technology: PoE/PoE+ - Power over Ethernet Symptom: In SPX environment, if PoE firmware download fails, another firmware download command is not getting accepted. Condition: In SPX environment, PoE firmware download cannot be repeated until next reload. Defect ID: DEFECT000612781 Technical Severity: High Probability: Medium Product: Brocade FastIron OS Technology Group: Layer 3 Routing/Network Layer Reported In Release: FI 08.0.50 Technology: IPv6 Addressing Symptom: route-map's "match ipv6 address" statement does not accept IPv6 ACL name but prints the following message:: "IPv6 ACL with same name already exists! Please choose unique names" Condition: CLI config of any route-map of ipv6 ACL. Defect ID: DEFECT000612830 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: Security Reported In Release: FI 08.0.50 Technology: Security Vulnerability Symptom: If MAC ACL is applied on the primary port of a LAG interface, reload of the stack member that is hosting this primary port results in loss of ACL functionality for L2 traffic on the LAG interface. Condition: Reload of the stack member which has the primary port of LAG interface will result in this. Workaround: When configuring a LAG interface select the active member's port as the primary port. Recovery: The system recovers automatically once the reloaded stack member comes up. Defect ID: DEFECT000612889 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: IP Multicast Reported In Release: FI 08.0.50 Technology: PIM - Protocol-Independent Multicast Symptom: PIM neighbor filter settings and PIM-DR priority settings are lost after reloading the switch. Condition: After configuring PIM neighbor filter settings and PIM-DR priority settings on a PIM-DM interface, these settings though effective will NOT be show in "show run". So these settings are lost across reloads even after doing "wr mem". Workaround: None, those settings have to be reconfigured after reach reload. Recovery: none. Defect ID: DEFECT000613086 Technical Severity: High Product: Brocade FastIron OS Reported In Release: FI 08.0.50 Condition: Probability: High Technology Group: Layer 3 Routing/Network Layer Technology: IP Addressing FastIron 08.0.50 for Brocade ICX Switches Release Notes Version 1 69 Defect ID: DEFECT000613227 Technical Severity: High Product: Brocade FastIron OS Reported In Release: FI 08.0.50 Probability: High Technology Group: Layer 3 Routing/Network Layer Technology: VRRPv2 - Virtual Router Redundancy Protocol Version 2 Symptom: vrrp/vrrp-e is configured on the VE interface, which is on top of the default vlan. Later users change the default vlan ID by issueing "default-vlan_id XX" , the traffic to VIP will be dropped 100% Condition: VRRP/VRRP-E is configured on the VE interface, which is on top of the default vlan. Later users change default vlan ID by issuesing "default-vlan_id XX" , the traffic to VIP will be dropped 100% Workaround: Remove the VRRP/VRRP-E configuration before changing the default VLAN ID. Reconfigure the VRRP/VRRP-E after changing the default VLAN ID. Defect ID: DEFECT000613295 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: Layer 2 Switching Reported In Release: FI 08.0.50 Technology: VLAN - Virtual LAN After stack switchover/failover, the vlan level configurations which were configured using multiSymptom: range VLAN cli ,gets removed from second vlan onwards till the last vlan in that range. Condition: If configurations (like spanning-tree , multicast) under a vlan were done using multi range vlan CLI mode then after stack switchover/failover user finds that the configurations which were applied using vlan range feature vanishes from the second vlan onwards till the last vlan in that range. Please refer the config guide for the complete list of commands those can be configured using vlan range. Workaround: Configuration needs to be reapplied by the user. Defect ID: DEFECT000613314 Technical Severity: Medium Probability: High Product: Brocade FastIron OS Technology Group: Layer 2 Switching Reported In Release: FI 08.0.50 Technology: VLAN - Virtual LAN Symptom: Packet forwarding does not happen on port security ports that are member of private vlan. Condition: Port security configured on member ports of a private vlan does forward packets. Defect ID: DEFECT000613462 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: IP Multicast Reported In Release: FI 08.0.50 Technology: PIM - Protocol-Independent Multicast Symptom: Flooding the Mcast traffic in default VLAN , will make the network slow/down. Condition: Customer will observe traffic flooding on all the ports that are part of default VLAN. Defect ID: DEFECT000613562 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: Management Reported In Release: FI 08.0.50 Technology: Management GUI Symptom: User will not be able to login to Telnet/Console while authenticating with TACACS+ if it was configured as second method. Condition: Authentication failure will be observed while authenticating with TACACS+ server if it was configured as second method. FastIron 08.0.50 for Brocade ICX Switches Release Notes Version 1 70 Defect ID: DEFECT000613653 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: IP Multicast Reported In Release: FI 08.0.50 Technology: IPv4 Multicast Routing Symptom: On ICX7450/ICX7250, multicast routing fails on a default VLAN VE interface. Condition: If PIMv4 or PIMv6 routing is enabled on a default VLAN VE interface on ICX7450/(CX7250, then multicast traffic that ingress on this interface will be flooded in default VLAN without getting forwarded to other interfaces. Recovery: none Defect ID: DEFECT000613667 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: IP Multicast Reported In Release: FI 08.0.50 Technology: IPv4 Multicast Routing Symptom: Customer shall observe high CPU during PIM registration process or reload of the first hop router, when there are ECMP paths to RP and some of the paths don't have PIM enabled. Condition: When customer observes HIgh CPU during PIM registration process or during the reload of first hop router. Workaround: Enable PIM-Sparse on all interfaces (including ECMP paths). Defect ID: DEFECT000614545 Technical Severity: High Probability: Medium Product: Brocade FastIron OS Technology Group: Security Reported In Release: FI 08.0.40 Technology: 802.1x Port-based Authentication Symptom: When the RADIUS server is not reachable, the host/client is sent to the critical VLAN. When the server becomes reachable again and re-authentication occurs, the switch reloads. Condition: It happens always Recovery: The box recovers automatically Defect ID: DEFECT000614727 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: IP Multicast Reported In Release: FI 08.0.50 Technology: IPv6 Multicast Routing Symptom: Configuring "ipv6 mld router-alert-check-disable" feature will NOT make ICX Switch ignore MLD packets without IPv6 header option "router-alter". Condition: As per standard MLD & IGMP packet should have IP header option "router-alert" and ICX Switch should ignore and NTO forward MLD & IGMP packets without router-alter IP header option. To support older MLD/IGMP clients (which do not comply the standard fully), ICX Switch has CLI commands ("ipv6 mld router-alert-check-disable" "ip igmp router-alert-check-disable") to enable processing & forwarding of MLD & IGMP packets without router-alter IP header option. But the command does not work for MLD packets. Recovery: none Defect ID: DEFECT000614994 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: Stacking Reported In Release: FI 08.0.50 Technology: Traditional Stacking Symptom: In SPX setup PE unit crashes when it gets detached from the Controller Bridge (CB). Condition: PE unit reloads causing traffic drop. FastIron 08.0.50 for Brocade ICX Switches Release Notes Version 1 71 Defect ID: DEFECT000615151 Technical Severity: Critical Product: Brocade FastIron OS Reported In Release: FI 08.0.50 Condition: Probability: High Technology Group: Layer 2 Switching Technology: VLAN - Virtual LAN Defect ID: DEFECT000615295 Technical Severity: High Product: Brocade FastIron OS Reported In Release: FI 08.0.40 Probability: Low Technology Group: Layer 3 Routing/Network Layer Technology: DHCP - Dynamic Host Configuration Protocol Symptom: With DHCP-server pool deployed for VLAN on local switch, DHCP traffic on other VLANs are affected. Condition: 1. A member port is tagged in both VLAN X & VLAN Y 2. DHCP Address Pool is configured in VLAN X 3. Switch operating as DHCP Server for VLAN X 4. If DHCP request directed to different DHCP Server is received in VLAN Y, then DHCP NAK is sent through VLAN Y Workaround: Avoid tagging of DHCP server based VLAN member ports in other VLANs. Defect ID: DEFECT000616123 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: Layer 3 Routing/Network Layer Reported In Release: FI 08.0.50 Technology: ARP - Address Resolution Protocol Symptom: IP-Follow: Unable to resolve hosts ARP on follow ve interfaces. Condition: When IP-Follow is enabled on the VE interfaces. Defect ID: DEFECT000617010 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: Security Reported In Release: FI 08.0.50 Technology: SSH - Secure Shell telnet task will be generated but there wont be telnet session for the corresponding task. Symptom: Condition: When nmap tries to scan the telnet port with 4 active session, the 5th telnet session goes into stale state of connection. Defect ID: DEFECT000617254 Technical Severity: High Product: Brocade FastIron OS Reported In Release: FI 08.0.50 Probability: High Technology Group: Monitoring Technology: OAM - Operations, Admin & Maintenance Symptom: Fixed memory counters used for per-task statistics. These were using int which was causing the values to be overflown. Modified this to UINT64 variable. Condition: dm mem-leak show resource show memory task, the counters might be shown increasing due to overwrap. FastIron 08.0.50 for Brocade ICX Switches Release Notes Version 1 72 Defect ID: DEFECT000617325 Technical Severity: Medium Product: Brocade FastIron OS Reported In Release: FI 08.0.40 Probability: Medium Technology Group: Security Technology: AAA - Authentication, Authorization, and Accounting Symptom: FI Stack ‘stand-by’ and ‘member’ console ports having CLI access without requiring login credentials or displaying a configured banner. Condition: In FI stacking environment, rconsole authentication not happened for STANDBY and MEMBER units even we enable the console authentication feature. It simply allows the users to access the device without authentication after reload. Defect ID: DEFECT000617380 Technical Severity: Medium Product: Brocade FastIron OS Reported In Release: FI 08.0.30 Probability: High Technology Group: Management Technology: SNMP - Simple Network Management Protocol Symptom: No Syslog and SNMP Trap Generated for faulty fans in ICX7450 Stacking setup Condition: When fans on the standby unit are faulty or blocked Defect ID: DEFECT000617614 Technical Severity: High Product: Brocade FastIron OS Reported In Release: FI 08.0.30 Probability: High Technology Group: Layer 3 Routing/Network Layer Technology: ICMP - Internet Control Message Protocol Symptom: Fast Iron ICX devices running with switch build fails to send ICMP ECHO request. Condition: When the ICX device boots up with switch build , the default ACL rule to trap IP packets to CPU not programmed in all the modules except module #1. Workaround: Configure management VLAN to program the ACL rule in other modules Defect ID: DEFECT000617724 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: SDN Reported In Release: FI 08.0.50 Technology: OpenFlow Symptom: The traffic forwarding doesn't recover when the peer unit is reloaded. Condition: Multiple flows are pointing to the same group and the peer unit is reloaded. Defect ID: DEFECT000618797 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: Security Reported In Release: FI 08.0.50 Technology: ACLs - Access Control Lists Symptom: Under rare circumstances, disable/enable logging on an ACLs with large number of filters and accounting enabled may result in system reboot. Condition: 1) Create ACL with large (>1000) no.of filters and applied on an interface. 2) ACL accounting is enabled. 3) Disable/Enable logging may trigger this issue. Workaround: If you dont enable accounting on large ACLs this issue can be avoided. FastIron 08.0.50 for Brocade ICX Switches Release Notes Version 1 73 Defect ID: DEFECT000619314 Technical Severity: High Product: Brocade FastIron OS Reported In Release: FI 08.0.30 Probability: High Technology Group: Management Technology: SNMP - Simple Network Management Protocol Symptom: ICX7750 device reloads unexpectedly. Condition: When TFTP server IP address is configured through SNMP, ICX7750 reloads rarely. Defect ID: DEFECT000619609 Technical Severity: High Product: Brocade FastIron OS Reported In Release: FI 08.0.30 Probability: Medium Technology Group: Management Technology: SNMP - Simple Network Management Protocol Symptom: The FI device may reload unexpectedly when configuring TFTP server IP address. Condition: When TFTP server IP address is configured through SNMP, FI device reloads rarely. Defect ID: DEFECT000620062 Technical Severity: Low Probability: High Product: Brocade FastIron OS Technology Group: Monitoring Reported In Release: FI 08.0.30 Technology: Syslog Symptom: Invalid information related to session and user are displayed in syslog while adding or deleting IPv6 ACL rules from SSH terminal of FI device. Condition: IPv6 ACL rules are added or deleted from SSH terminal of FI device. Defect ID: DEFECT000620157 Technical Severity: Critical Product: Brocade FastIron OS Reported In Release: FI 08.0.50 Probability: Medium Technology Group: Monitoring Technology: OAM - Operations, Admin & Maintenance Symptom: ICX system could continuously crash if a 'load-interval' is configured on an interface which does not exist Condition: ICX system could continuously crash if a 'load-interval' is configured on an interface which does not exist. Workaround: Do not configure load-interval on an interface which does not physically exist. This configuration is not useful anyways. Recovery: Boot up with no configuration and apply the required configuration.Do not configure load-interval on an interface which does not physically exist. Defect ID: DEFECT000620345 Technical Severity: Critical Probability: Low Product: Brocade FastIron OS Technology Group: Management Reported In Release: FI 08.0.50 Technology: PoE/PoE+ - Power over Ethernet Symptom: With "inline power non-pd-detection enable" configured, some specific PDs might not get powered. Condition: when "inline power non-pd-detection enable" is configured prior to 8050 Workaround: Disable and re-enable power on the ports which did not power PDs and showing as non-PD state. FastIron 08.0.50 for Brocade ICX Switches Release Notes Version 1 74 Defect ID: DEFECT000620761 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: Management Reported In Release: FI 08.0.10 Technology: LLDP - Link Layer Discovery Protocol Symptom: SNMP walk for lldpRemoteTable will not display lldpRemPortDesc, lldpRemSysName, lldpRemSysDesc values beyond Windows machine, and the SNMP walk doesn't complete. Condition: This happens if a Windows 8 or 10 PC is connected as neighbor to ICX. Defect ID: DEFECT000620775 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: Security Reported In Release: FI 08.0.30 Technology: 802.1x Port-based Authentication Symptom: Upgrade from release prior to 8.0.20 or later releases fails for Flexauth feature Condition: When port is dual-mode in sys-def-vlan and dot1x or mac-auth is enabled on the port Defect ID: DEFECT000621112 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: Layer 2 Switching Reported In Release: FI 08.0.30 Technology: RFN - Remote Fault Notification Ethernet remote loop back feature stops working for standby & member unit's ports after save & Symptom: reload. Condition: After reload of stack or any non-master unit, Ethernet remote loopback functionality does not work for slave unit's ports Workaround: To recover, Ethernet remote loopback configuration has to be reapplied. Defect ID: DEFECT000622199 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: Stacking Reported In Release: FI 08.0.50 Technology: Mixed Stacking Symptom: PE detach after switch-over due to keep alive timeout failure, if prior to switch-over spx-port that is up-link is removed from the spx-lag. Condition: This issue may occur when a spx port that is uplink is removed from the spx-lag run time, then later a switchover/Failover. To check the uplink port, sh spx csp pe# CLI can be used. Defect ID: DEFECT000622702 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: Management Reported In Release: FI 08.0.50 Technology: PoE/PoE+ - Power over Ethernet Symptom: Power to the PD's connected to ICX 7450 is cycling. Condition: PD connected to ICX and PD is booting Defect ID: DEFECT000622840 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: Layer 2 Switching Reported In Release: FI 08.0.50 Technology: xSTP - Spanning Tree Protocols Symptom: Lag is not under MSTP control although it is suppose to be under MSTP. Condition: In a MSTP environment, issue lag undeploy and deploy; Workaround: disable and re-enable the primary port of that lag. Recovery: by disable and re-enable the primary port of that lag FastIron 08.0.50 for Brocade ICX Switches Release Notes Version 1 75 Defect ID: DEFECT000623166 Technical Severity: Critical Probability: Low Product: Brocade FastIron OS Technology Group: IP Multicast Reported In Release: FI 08.0.50 Technology: IPv4 Multicast Routing Symptom: Doesn't apply to customer. Condition: Internal defect discovered and fixed in the same release before going to customer. Defect ID: DEFECT000624356 Technical Severity: Critical Probability: High Product: Brocade FastIron OS Technology Group: SDN Reported In Release: FI 08.0.50 Technology: OpenFlow Symptom: Customer might see ICX crash when enabling open flow on the standby ports. Condition: If open-flow is enabled on standby ports then, occasionally the units can crash. Closed without code changes This section lists software defects with Critical, High, and Medium Technical Severity closed without a code change as of November 15, 2016 in 8.0.50. High Defect ID: DEFECT000538767 Technical Severity: Reason Code: Already Fixed in Release Probability: High Product: Brocade FastIron OS Technology Group: Layer 3 Routing/Network Layer Reported In Release: FI 08.0.10 Technology: IP Addressing Symptom: The FIRST TCP ACK packet is lost while trying to establish a TCP connection from a host in one network, to a host in a network that terminates on ICX 7750 devices. Condition: When ARP corresponds to the server is aged or not available and TCP connection attempted, the first TCP ACK is lost. Recovery: This can be improved by configuring the following CLI available for ICX7xxx device, in FI 8.0.30e and later releases: [no] ip add-host-route-first This is suggested when an TCP connection establishment packet is routed to a destination interface for which ARP is not resolved. This helps to establish the connection as a part of first TCP handshake itself. By default, this is not enabled. Medium Defect ID: DEFECT000544620 Technical Severity: Reason Code: Design Limitation Probability: High Product: Brocade FastIron OS Technology Group: Layer 2 Switching Reported In Release: FI 08.0.30 Technology: LAG - Link Aggregation Group Some MAC addresses learned on a trunk port is flushed causing reverse traffic to be flooded till it reSymptom: learns the MAC. Condition: A port is removed from a static or dynamic LAG group Recovery: If the source traffic is still ingressing, the MAC addresses will be relearned again. FastIron 08.0.50 for Brocade ICX Switches Release Notes Version 1 76 Medium Defect ID: DEFECT000550561 Technical Severity: Reason Code: Will Not Fix Probability: Medium Product: Brocade FastIron OS Technology Group: Management Reported In Release: FI 08.0.20 Technology: Configuration Fundamentals Symptom: ICX7450 'show interface management 1' counter did not count up. Condition: When a ping command is issued with 10,000 number (ping x.x.x.x count 10000) on ICX, ping ended up succeeding without loss however, the management counter showed a number less than 10000 on both input and output. Medium Defect ID: DEFECT000557693 Technical Severity: Reason Code: Feature/Function Not Supported Probability: High Product: Brocade FastIron OS Technology Group: Stacking Reported In Release: FI 08.0.20 Technology: Stack Failover/Switchover Symptom: On ICX7450 when the user tries to program the stack multicast MAC address on system the one error message is printed on output. Condition: This issue happens when user tries to configure the stack multicast MAC address on ICX7450 High Defect ID: DEFECT000562133 Technical Severity: Reason Code: Will Not Fix Probability: Medium Product: Brocade FastIron OS Technology Group: Security Reported In Release: FI 08.0.30 Technology: HTTP/HTTPS Symptom: web login using encrypted RADIUS server is not supported Condition: web login using encrypted RADIUS server is not supported Defect ID: DEFECT000566549 Reason Code: Will Not Fix Product: Brocade FastIron OS Reported In Release: FI 08.0.40 High Technical Severity: Probability: Medium Technology Group: Layer 3 Routing/Network Layer Technology: DHCP - Dynamic Host Configuration Protocol Symptom: DHCP Server binding entries lost after reload. Condition: DHCP server entries not retrieved from flash after reload operation. High Defect ID: DEFECT000570190 Technical Severity: Reason Code: Already Fixed in Release Probability: High Product: Brocade FastIron OS Technology Group: Layer 3 Routing/Network Layer Reported In Release: FI 08.0.40 Technology: IP Addressing Symptom: On ICX 7K routers, when ip follow is enabled on one vlan which follows a primary vlan, then hosts in one vlan cannot communicate to hosts in another vlan. Condition: As long as ip follow is configured on ICX 7K routers. Medium Defect ID: DEFECT000570276 Technical Severity: Reason Code: Not Reproducible Probability: Low Product: Brocade FastIron OS Technology Group: Stacking Reported In Release: FI 08.0.40 Technology: Traditional Stacking Symptom: On ICX7450 sometimes the 40G stacking port having LR4 optics does not link up after system reload Condition: This issue happen on ICX7450 40G port with LR4 optics working in stacking mode FastIron 08.0.50 for Brocade ICX Switches Release Notes Version 1 77 Defect ID: DEFECT000570283 Reason Code: Not Reproducible Product: Brocade FastIron OS Reported In Release: FI 08.0.30 Medium Technical Severity: Probability: Low Technology Group: Layer 3 Routing/Network Layer Technology: DHCP - Dynamic Host Configuration Protocol Symptom: "write startup-config done" message is displayed in console periodically. Condition: With DHCP-Snooping enabled on any VLAN, FI device displays "write startup-config done" message in console periodically. Defect ID: DEFECT000571113 Reason Code: Will Not Fix Product: Brocade FastIron OS Reported In Release: FI 08.0.40 High Technical Severity: Probability: High Technology Group: Layer 3 Routing/Network Layer Technology: DHCP - Dynamic Host Configuration Protocol Symptom: The leased IP address persists in the DHCP server binding database when disabling the DHCP client. Condition: On disabling the DHCP client, the dynamic IP is not removed from the DHCP server binding database. Defect ID: DEFECT000571491 Reason Code: Not Reproducible Product: Brocade FastIron OS Reported In Release: FI 08.0.30 High Technical Severity: Probability: High Technology Group: Management Technology: SNMP - Simple Network Management Protocol Symptom: iso SNMP walk failure for IPv6 ACLs Condition: Perform the SNMP walk of fdryIpv6Acl MIB snmpwalk -v2c -c public 1.3.6.1.4.1.1991.1.2.16.1.1.1 Low Defect ID: DEFECT000571765 Technical Severity: Reason Code: Not Reproducible Probability: Low Product: Brocade FastIron OS Technology Group: Layer 3 Routing/Network Layer Reported In Release: FI 08.0.40 Technology: OSPFv3 - IPv6 Open Shortest Path First System CPU stays at 99% after few hours of reboot and few OSPFv3 neighbors stuck in exchange Symptom: state. Condition: When OSPFv3 adjacency is stuck in Exchange state due to MTU miss match. As per protocol, MTU should match between neighbors Defect ID: DEFECT000572058 Reason Code: Design Limitation Product: Brocade FastIron OS Reported In Release: FI 08.0.40 High Technical Severity: Probability: High Technology Group: Layer 3 Routing/Network Layer Technology: DHCP - Dynamic Host Configuration Protocol Symptom: In the Fastiron device, the DHCP server running with switch image is not assigning IP address to the client. Condition: When the DHCP server is in non-default VLAN and running with switch image, the dynamic IP address is not assigned to the client. Medium Defect ID: DEFECT000572574 Technical Severity: Reason Code: Will Not Fix Probability: High Product: Brocade FastIron OS Technology Group: Management Reported In Release: FI 08.0.40 Technology: Configuration Fundamentals Symptom: After stack switchover, the dhcp-server does not get the release message when the dhcp-client is disabled and the bindings are not removed form the database. Condition: This happens after stack switchover FastIron 08.0.50 for Brocade ICX Switches Release Notes Version 1 78 Defect ID: DEFECT000572711 Reason Code: Not Reproducible Product: Brocade FastIron OS Reported In Release: FI 08.0.40 High Technical Severity: Probability: Medium Technology Group: Layer 3 Routing/Network Layer Technology: DHCP - Dynamic Host Configuration Protocol Symptom: DHCP server bindings are not removed if DHCP client was disabled. Condition: DHCP release messages are not received from the DHCP client. Defect ID: DEFECT000572980 Reason Code: Will Not Fix Product: Brocade FastIron OS Reported In Release: FI 08.0.40 High Technical Severity: Probability: Medium Technology Group: Layer 3 Routing/Network Layer Technology: DHCP - Dynamic Host Configuration Protocol Symptom: The DHCP server binding entries are not updated after stack switch-over. Condition: During switch-overs, DHCP server binding entries are not synced to Standby unit from Active Unit. Defect ID: DEFECT000573307 Reason Code: Will Not Fix Product: Brocade FastIron OS Reported In Release: FI 08.0.40 High Technical Severity: Probability: Medium Technology Group: Layer 3 Routing/Network Layer Technology: DHCP - Dynamic Host Configuration Protocol Symptom: DHCP server may lose the binding during reload operation Condition: After reload the DHCP server clears the binding database. Medium Defect ID: DEFECT000574015 Technical Severity: Reason Code: Not Reproducible Probability: High Product: Brocade FastIron OS Technology Group: Management Reported In Release: FI 08.0.40 Technology: Configuration Fundamentals Symptom: Sometime the fiber port link on ICX7450-32ZP 4x10F module does not come up in 1G mode Condition: This issue happen on ICX7450-32ZP unit 4x10F module fiber port when configured in 1G mode Defect ID: DEFECT000574699 Reason Code: Will Not Fix Product: Brocade FastIron OS Reported In Release: FI 08.0.40 High Technical Severity: Probability: Medium Technology Group: Layer 3 Routing/Network Layer Technology: DHCP - Dynamic Host Configuration Protocol Symptom: DHCP snooping entries are not removed properly when DHCP client was disabled. Condition: DHCP Snooping entries persists for long time even though DHCP client is disabled by the user. High Defect ID: DEFECT000574779 Technical Severity: Reason Code: Not Reproducible Probability: High Product: Brocade FastIron OS Technology Group: Stacking Reported In Release: FI 08.0.40 Technology: Traditional Stacking Symptom: Sometime the CRC errors are observed incrementing on ICX7450 unit 40G stacking port having LR4 optics. Condition: The issue is seen sometime on ICX7450 40G stacking port having LR4 optics FastIron 08.0.50 for Brocade ICX Switches Release Notes Version 1 79 Defect ID: DEFECT000575161 Reason Code: Not Reproducible Product: Brocade FastIron OS Reported In Release: FI 08.0.40 High Technical Severity: Probability: High Technology Group: Layer 3 Routing/Network Layer Technology: DHCP - Dynamic Host Configuration Protocol Symptom: In the Fastiron device, the number of DHCPv6 snooping entries vary from time to time when more clients are configured. Condition: When DHCPv6 snooping is enabled and more clients are configured, the DHCPv6 snooping entries vary from time to time. High Defect ID: DEFECT000575486 Technical Severity: Feature/Function Not Supported High Reason Code: Probability: Product: Brocade FastIron OS Technology Group: Management Reported In Release: FI 08.0.40 Technology: Configuration Fundamentals Symptom: On ICX7450 4x10G fiber module ports the CRC and InBadPkts counters does not increment when receiving bad CRC packets on the physical port Condition: This issue happens on ICX7450 4x10G fiber module ports High Defect ID: DEFECT000575526 Technical Severity: Reason Code: Not Reproducible Probability: High Product: Brocade FastIron OS Technology Group: Stacking Reported In Release: FI 08.0.40 Technology: Traditional Stacking Symptom: Bandwidth utilization on the .1BR network is different on each hop. Condition: when traffic sent a cross a .1BR network Medium Defect ID: DEFECT000576227 Technical Severity: Reason Code: Feature/Function Not Supported Probability: Medium Product: Brocade FastIron OS Technology Group: Layer 2 Switching Reported In Release: FI 08.0.30 Technology: RFN - Remote Fault Notification Symptom: Link status is in UP state after removal of RX cable on the peer device. Condition: When RX cable is removed on the peer device, VDX. Medium Defect ID: DEFECT000576491 Technical Severity: Reason Code: Design Limitation Probability: High Product: Brocade FastIron OS Technology Group: Stacking Reported In Release: FI 08.0.40 Technology: Mixed Stacking Symptom: In a highly scaled switch port extender setup sometime the system runs quite slow and the commands like "config terminal" or "show running-config" takes quite some time Condition: This issue happens sometimes in a highly scaled switch port extender setup High Defect ID: DEFECT000576805 Technical Severity: Reason Code: Not Reproducible Probability: High Product: Brocade FastIron OS Technology Group: Stacking Reported In Release: FI 08.0.40 Technology: Stack Management Symptom: Tx buffer got lockup, causing the standby stack to be separated. Condition: sending traffic from a 802.1BR network to a 7250 and 7450 stacking. Tx on standby unit got lockup on 7250 or 7450. Workaround: Use show tor sc command to check the tx counter on the standby. If the counter is not zero, after 2-3 trial, it shows the standby buffer are lockup. Reset the standby unit. Recovery: Reset the standby unit when the buffer got lockup on standby. FastIron 08.0.50 for Brocade ICX Switches Release Notes Version 1 80 High Defect ID: DEFECT000577164 Technical Severity: Reason Code: Will Not Fix Probability: High Product: Brocade FastIron OS Technology Group: Monitoring Reported In Release: FI 08.0.30 Technology: Port Mirroring Symptom: Mirror Port Traffic Flooding to Ports in other VLANs when a Hair Pin looped connection to mirror port Condition: When we enable a Hair Pin Looped connection to the Mirror Port High Defect ID: DEFECT000577398 Technical Severity: Reason Code: Not Reproducible Probability: High Product: Brocade FastIron OS Technology Group: Management Reported In Release: FI 08.0.40 Technology: Configuration Fundamentals Symptom: No output with "show inline power" in SPX Condition: After POE firmware uprade and stack switch-over High Defect ID: DEFECT000578085 Technical Severity: Reason Code: Not Reproducible Probability: Medium Product: Brocade FastIron OS Technology Group: SDN Reported In Release: FI 08.0.40 Technology: OpenFlow When stack is reloaded with Openflow flows from BFO controller in scaled scenarios such as with 2k Symptom: plus openflow flows, standby flows are not in sync. Condition: Seen after a stack reload in a scaled scenario. Workaround: After stack reload, start flow installation using the openflow controller Recovery: After stack reload, start flow installation using the openflow controller High Defect ID: DEFECT000578090 Technical Severity: Reason Code: Not Reproducible Probability: High Product: Brocade FastIron OS Technology Group: Security Reported In Release: FI 08.0.40 Technology: ACLs - Access Control Lists Symptom: Issue seen during Failover Debug: Jan 1 01:05:07 M:acl S:rpss_mgr L:0 acl_RPSS_ByAPPL_SendToACL_ItcMsg_HASync_Transact_Delivery_Rsp():[185]: FAILED_HSTDR_ITC_SEND: Transaction-ID[4504], ErrorCode[0x00000008] Condition: Do a failover, these error message were seen. Medium Defect ID: DEFECT000578131 Technical Severity: Reason Code: Feature/Function Not Supported Probability: Medium Product: Brocade FastIron OS Technology Group: Layer 2 Switching FI 08.0.10 Reported In Release: Technology: MCT - Multi-Chassis Trunking Symptom: ICX6650 running MCT may send traffic learnt via CCEP ports back to the same CCEP ports back to the originating switch. Condition: ICX6650 running MCT may send traffic learnt via CCEP ports back to the same CCEP ports back to the originating switch. Medium Defect ID: DEFECT000578444 Technical Severity: Reason Code: Will Not Fix Probability: Medium Product: Brocade FastIron OS Technology Group: Layer 3 Routing/Network Layer Reported In Release: FI 08.0.10 Technology: IP Addressing Symptom: Latency of ping responses when pinging VEs on ICX6610 Condition: Ping to VEs on ICX6610. FastIron 08.0.50 for Brocade ICX Switches Release Notes Version 1 81 High Defect ID: DEFECT000578458 Technical Severity: Reason Code: Will Not Fix Probability: High Product: Brocade FastIron OS Technology Group: Security Reported In Release: FI 08.0.30 Technology: 802.1x Port-based Authentication Symptom: DOT1X authentication failed port, sends tagged frames when authenticated later. Condition: This issue is seen when DOT1x authentication is enabled and port is re-authenticated after authentication failure. High Defect ID: DEFECT000578467 Technical Severity: Reason Code: Not Reproducible Probability: Medium Product: Brocade FastIron OS Technology Group: Security Reported In Release: FI 08.0.40 Technology: ACLs - Access Control Lists Symptom: The unprecedented errors were observed while deleting a port from VLAN when egress ACL is applied. ERROR: Failure encountered when configuring security features on port(s) of a stacking unit that are added to VLAN X. Please take appropriate actions to remove those ports from the VLAN. Condition: These error messages are observed only when egress ACL TCAM is full. High Defect ID: DEFECT000578794 Technical Severity: Reason Code: Not Reproducible Probability: High Product: Brocade FastIron OS Technology Group: Stacking Reported In Release: FI 08.0.40 Technology: Mixed Stacking Symptom: In 802.1br configurations, few minutes after power on the ICX device, may experience high CPU for few seconds because of LLDP protocol operations. High CPU may occur periodically on occurrence of LLDP PDU transmit interval expiry too. Condition: In 802.1br configurations, when number of interface configurations are increased and if LLDP is enabled on all the interfaces,then, may experience high CPU for few seconds because of LLDP protocol operations. High CPU may occur periodically on occurrence of LLDP PDU transmit interval expiry too. Workaround: When 802.1br is configured on the ICX device, by default all the 8021br capable interfaces and regular interfaces are enabled with LLDP protocol. Customer may manually disable LLDP on "Non 802.1br" capable interfaces to avoid the high CPU. Brocade Lab experiment shown that LLDP can be enabled on max 250 interfaces, including 802.1br and regular interfaces, without spiking the CPU. High Defect ID: DEFECT000579106 Technical Severity: Reason Code: Not Reproducible Probability: High Product: Brocade FastIron OS Technology Group: Stacking Reported In Release: FI 08.0.50 Technology: Traditional Stacking Symptom: When stacking cable is unplugged and plugged back in it does not come back up Condition: removing the stacking cable. Workaround: unplugged both side on the stack port. Recovery: unplugged both side on the stack port. High Defect ID: DEFECT000579389 Technical Severity: Reason Code: Not Reproducible Probability: High Product: Brocade FastIron OS Technology Group: Layer 3 Routing/Network Layer Reported In Release: FI 08.0.40 Technology: IP Addressing Mirrored traffic is not getting filtered in outbound direction Symptom: Condition: With an ACL with Permit UDP on a source port and mirror option is configured. FastIron 08.0.50 for Brocade ICX Switches Release Notes Version 1 82 High Defect ID: DEFECT000579465 Technical Severity: Reason Code: Design Limitation Probability: Low Product: Brocade FastIron OS Technology Group: IP Multicast Reported In Release: FI 08.0.40 Technology: IPv4 Multicast Routing Symptom: High CPU issue may be seen in certain conditions on the MCT cluster participating in Multicast Routing without optimization Condition: Issue may be seen only under the following conditions 1. MCT cluster device is configured to act as a Multicast Router 2. IP multicast routing optimization is disabled on MCT cluster 3. MCT cluster is forwarding more than 4K multicast flows. Workaround: Enable IP multicast-routingoptimization. Recovery: Enable IP multicast-routingoptimization. High Defect ID: DEFECT000579630 Technical Severity: Reason Code: Already Fixed in Release Probability: High Product: Brocade FastIron OS Technology Group: Stacking Reported In Release: FI 08.0.40 Technology: Mixed Stacking Symptom: some of the priority 0 packets are classified to 2 from Active CB unit to PE Unit Condition: Sending control packet with priority 0 from CB to PE High Defect ID: DEFECT000579786 Technical Severity: Reason Code: Not Reproducible Probability: Low Product: Brocade FastIron OS Technology Group: Management Reported In Release: FI 08.0.30 Technology: PoE/PoE+ - Power over Ethernet Symptom: Configuration of "inline power power-by-class 4" doesn't take effect Condition: When no power budget is available Medium Defect ID: DEFECT000579832 Technical Severity: Reason Code: Will Not Fix Probability: High Product: Brocade FastIron OS Technology Group: Management Reported In Release: FI 08.0.40 Technology: Software Installation & Upgrade Symptom: In a Switch port Extender setup with breakout configured on ICX7750 40G port, when supportsave is initiated then some error message is printed on console along with the stack trace Condition: This issue happens on a Switch port Extender setup with breakout configured on ICX7750 40G port Medium Defect ID: DEFECT000579873 Technical Severity: Reason Code: Feature/Function Not Supported Probability: High Product: Brocade FastIron OS Technology Group: Monitoring Reported In Release: FI 08.0.30 Technology: Hardware Monitoring Symptom: On ICX6610 when the stack switchover is done then the "show media ethernet" command does not display any value on Stacking Standby unit Condition: This issue happens on ICX6610 after stack switchover is performed High Defect ID: DEFECT000579922 Technical Severity: Reason Code: Not Reproducible Probability: High Product: Brocade FastIron OS Technology Group: Stacking Reported In Release: FI 08.0.40 Technology: Traditional Stacking Symptom: Some units do not join the stack after discovery & reload (new unit id is different) as part of Secure setup. Condition: Secure-setup is used to update the topology in an ICX 7450 stack FastIron 08.0.50 for Brocade ICX Switches Release Notes Version 1 83 High Defect ID: DEFECT000581134 Technical Severity: Reason Code: Feature/Function Not Supported Probability: High Product: Brocade FastIron OS Technology Group: Security Reported In Release: FI 08.0.30 Technology: MAC Port-based Authentication Symptom: The device may unexpectedly reload when MAC authentication entry is removed due to aging. Condition: MAC-Authentication fails for client and the hardware entry removed due to aging. High Defect ID: DEFECT000581402 Technical Severity: Reason Code: Will Not Fix Probability: Medium Product: Brocade FastIron OS Technology Group: Layer 3 Routing/Network Layer Reported In Release: FI 07.3.00 Technology: Static Routing (IPv4) Symptom: In SX800 device, routing loop will be observed. Condition: When SX800 is running with with 7.3p or 7.4m code, the routing loop will be observed since the default route learned through OSPF is used instead of more specific static route. High Defect ID: DEFECT000581476 Technical Severity: Reason Code: Feature/Function Not Supported Probability: High Product: Brocade FastIron OS Technology Group: Layer 2 Switching Reported In Release: FI 08.0.10 Technology: MRP - Metro Ring Protocol High CPU utilization seen when adding VLANs to MRP topology group causing OSPF flaps. Symptom: Condition: This issue is seen when adding member VLAN to topology group High Defect ID: DEFECT000582850 Technical Severity: Reason Code: Will Not Fix Probability: High Product: Brocade FastIron OS Technology Group: Stacking Reported In Release: FI 08.0.40 Technology: Traditional Stacking Symptom: Standby election does not happen because the active controller has problems in sync startup-config flash file to the standby. It happens only when the startup-config flash between the Active and standby are different, and there is an election during startup-config flash sync. Condition: The bug is fixed by avoiding re-initialization of the reliable IPC (inter-processor communication) during election. Workaround: There is no work around. High Defect ID: DEFECT000584787 Technical Severity: Reason Code: Design Limitation Probability: High Product: Brocade FastIron OS Technology Group: Management Reported In Release: FI 08.0.40 Technology: CLI - Command Line Interface Symptom: When a breakout 40G media is used in a port and breakout is not enabled in software, the peer 10G port may see the port as UP. Condition: When a breakout 40G media is used in a port and breakout is not enabled. Workaround: Enable breakout when using breakout media. Recovery: Enable breakout when using breakout media. High Defect ID: DEFECT000585375 Technical Severity: Reason Code: Not Reproducible Probability: High Product: Brocade FastIron OS Technology Group: Layer 3 Routing/Network Layer Reported In Release: FI 08.0.40 Technology: BGP4 - IPv4 Border Gateway Protocol Symptom: The device may unexpectedly reload when BGP is configured. Condition: When BGP is configured executing 'neighbor shutdown' command may cause the device to reload. FastIron 08.0.50 for Brocade ICX Switches Release Notes Version 1 84 High Defect ID: DEFECT000585486 Technical Severity: Reason Code: Not Reproducible Probability: High Product: Brocade FastIron OS Technology Group: Security Reported In Release: FI 08.0.30 Technology: 802.1x Port-based Authentication Symptom: "no dot1x port-control auto" does not clear dot1x session internally though "show dot1x session all" does not show the session. Condition: Configure dot1x authentication followed by MAC authentication on an interface. Send traffic with dot1x session authorized. Clear the dot1x authentication to allow MAC authentication. High Defect ID: DEFECT000585652 Technical Severity: Reason Code: Feature/Function Not Supported Probability: High Product: Brocade FastIron OS Technology Group: Layer 2 Switching Reported In Release: FI 08.0.30 Technology: LAG - Link Aggregation Group Symptom: On ICX6450 and ICX6610 devices, secondary port of the LAG is not set to disabled state while removing it from LAG and results in a loop. Condition: Removing secondary port from LAG in ICX6450 and ICX6610 devices. High Defect ID: DEFECT000585769 Technical Severity: Reason Code: Feature/Function Not Supported Probability: High Product: Brocade FastIron OS Technology Group: Management Reported In Release: FI 08.0.10 Technology: Software Installation & Upgrade Symptom: Sometimes the FCX unit does not boot up from the expected partition (primary or secondary) due to image getting corrupted in flash. This issue is a corner case and happen rarely. Condition: This issue happens when user issues a command to reload the FCX system from a given partition. This is a corner case and happens rarely on some of the units Medium Defect ID: DEFECT000585878 Technical Severity: Reason Code: Already Fixed in Release Probability: Medium Product: Brocade FastIron OS Technology Group: Management Reported In Release: FI 08.0.10 Technology: CLI - Command Line Interface Symptom: The device may unexpectedly reload on execution of "show mac-address ethernet " CLI command. Condition: Execution of "show mac-address ethernet " CLI command. Critical Defect ID: DEFECT000586123 Technical Severity: Reason Code: Design Limitation Probability: Medium Product: Brocade FastIron OS Technology Group: Stacking Reported In Release: FI 08.0.40 Technology: Traditional Stacking Symptom: ICX7450 stack does not come up when connected with BIDI 40G Avago optics Condition: ICX 7450 40G stack links connected with Avago Bi-Di Optics Workaround: Bi-Di cannot be used for 40G stacking. Use supported optics for 40G stacking. Medium Defect ID: DEFECT000586571 Technical Severity: Reason Code: Feature/Function Not Supported Probability: High Product: Brocade FastIron OS Technology Group: Layer 2 Switching Reported In Release: FI 08.0.30 Technology: VLAN - Virtual LAN Symptom: The topology group ID greater than 30 is getting removed from the running configuration in ICX6430. Condition: In ICX6430, the topology group ID greater than 30 is deleted from the configuration when upgrading the code from 7.x to 8.x. FastIron 08.0.50 for Brocade ICX Switches Release Notes Version 1 85 High Defect ID: DEFECT000587698 Technical Severity: Reason Code: Already Fixed in Release Probability: Medium Product: Brocade FastIron OS Technology Group: Management Reported In Release: FI 08.0.30 Technology: Configuration Fundamentals Symptom: Unable to SSH/Telnet to SX device with all 5 sessions held up. Condition: SX device running on FI 8.0.30d with port scanner configured and SSH/telnet login, logouts. Recovery: Reload of the device. High Defect ID: DEFECT000588157 Technical Severity: Reason Code: Not Reproducible Probability: High Product: Brocade FastIron OS Technology Group: Management Reported In Release: FI 08.0.30 Technology: CLI - Command Line Interface Symptom: When customer issues "wr mem" , the config will not be synced to the members Condition: The stack has a one directional cpu. The stack units will not be able to communicate with the members. Workaround: Workaround is to reload the stack. Medium Defect ID: DEFECT000588742 Technical Severity: Reason Code: Will Not Fix Probability: High Product: Brocade FastIron OS Technology Group: Traffic Management Reported In Release: FI 08.0.30 Technology: QoS - Quality of Service Symptom: On upgrade to FI 8.x.x from 7.x.x, "buffer-profile port-region" is missing from config file on ICX6610 Condition: Upgrade to FI 8.x.x from 7.x.x on ICX6610 Medium Defect ID: DEFECT000589022 Technical Severity: Reason Code: Will Not Fix Probability: High Product: Brocade FastIron OS Technology Group: Layer 2 Switching Reported In Release: FI 08.0.30 Technology: LAG - Link Aggregation Group Symptom: In ICX 6650, upgrading the software causes LAG port name to be deleted from the configuration. Condition: Reload or upgrade of FI software on In ICX 6650 after configuring and saving the LAG port. Medium Defect ID: DEFECT000589675 Technical Severity: Reason Code: Feature/Function Not Supported Probability: High Product: Brocade FastIron OS Technology Group: IP Multicast Reported In Release: FI 08.0.30 Technology: IPv4 Multicast Routing Symptom: The static rp-address configuration will be lost on code upgrade. Condition: When upgrading the system from 7.x to 8.x code, the static rp-address configuration will be lost. Workaround: After the upgrade, the static-rp address has to be reconfigured. High Defect ID: DEFECT000589972 Technical Severity: Will Not Fix High Reason Code: Probability: Product: Brocade FastIron OS Technology Group: Layer 2 Switching Reported In Release: FI 08.0.30 Technology: RFN - Remote Fault Notification Symptom: 'sh int br' shows 10G port in down instead of ERR-DIS state after loop-detection timer expiry. Condition: ICX 6450 with 10G port and loop detection enabled. The port state set to DOWN on loop detection timer expiry. FastIron 08.0.50 for Brocade ICX Switches Release Notes Version 1 86 High Defect ID: DEFECT000590055 Technical Severity: Reason Code: Feature/Function Not Supported Probability: Medium Product: Brocade FastIron OS Technology Group: Traffic Management Reported In Release: FI 08.0.30 Technology: QoS - Quality of Service Symptom: ICX 6450 may unexpectedly reload when receiving continuous PAUSE frames after printing below syslog message. SYSLOG: <11>Dec 31 16:06:29 KH Dropping CPU TX packt due to buffer usage more than 95[5979] Condition: ICX 6450 running with FI 8.0.30d and continuous PAUSE frames are received with “buffer-sharingfull” configured. Workaround: Remove the device sending continuous PAUSE frames Recovery: Recommendation: 1. Remove “buffer-sharing-full” configuration and use only when congestion is seen in network 2. Configure symmetric flow-control Defect ID: DEFECT000590179 Reason Code: Already Fixed in Release Product: Brocade FastIron OS Reported In Release: FI 08.0.30 Medium Technical Severity: Probability: High Technology Group: Layer 3 Routing/Network Layer Technology: ICMP - Internet Control Message Protocol Symptom: When ICX7750 generates a Redirect, it contains the originating packet instead of forwarded packet. Condition: As per the RFC 4861, Section 8.2 "Redirected Header: as much of the forwarded packet as can fit without the redirect packet exceeding the minimum MTU required to support IPv6, ICX7750 should generate a Redirect which contains forwarded packet. Medium Defect ID: DEFECT000590283 Technical Severity: Reason Code: Already Fixed in Release Probability: Low Product: Brocade FastIron OS Technology Group: Layer 3 Routing/Network Layer Reported In Release: FI 08.0.30 Technology: IPv6 Addressing Symptom: The switch does not choose the source address that matches the longest prefix. Condition: As per the RFC 4861, "Rule 8: Use longest matching prefix", the device should select the source address based on the longest prefix match. High Defect ID: DEFECT000590316 Technical Severity: Reason Code: Not Reproducible Probability: High Product: Brocade FastIron OS Technology Group: Stacking Reported In Release: FI 08.0.40 Technology: Stack Failover/Switchover Symptom: When the "show media ethernet " command is executed on ICX7750 acting as a switch port extender Standby control bridge then the user need to press "enter" in order to get to the prompt Condition: On ICX7750 acting as a switch port extender Standby when the command "show media ethernet " is executed Medium Defect ID: DEFECT000591029 Technical Severity: Reason Code: Not Reproducible Probability: High Product: Brocade FastIron OS Technology Group: Stacking FI 08.0.40 Reported In Release: Technology: Traditional Stacking Symptom: On removing the LAG port which is a 40G breakout port, the error message appears on console "INFO: 1/1/8:2: optics <-> speed mismatch. Replace with SFP+ to enable link" Condition: This happens on ICX7750 having LAG configured using 40G breakout ports. When the breakout LAG port is removed then this issue is seen FastIron 08.0.50 for Brocade ICX Switches Release Notes Version 1 87 High Defect ID: DEFECT000591105 Technical Severity: Reason Code: Will Not Fix Probability: High Product: Brocade FastIron OS Technology Group: Monitoring Reported In Release: FI 08.0.30 Technology: Hardware Monitoring Symptom: On ICX7450 Gig copper port the half-duplex configuration is not supported. The 100-half and 10-half configuration is not supported in ICX7450 Gig copper port in FI 08.0.30J release. Condition: This issue is on ICX7450 Gig copper port in FI 08.0.30J release Medium Defect ID: DEFECT000591466 Technical Severity: Reason Code: Will Not Fix Probability: Medium Product: Brocade FastIron OS Technology Group: Stacking Reported In Release: FI 08.0.30 Technology: Stack Management Symptom: In FastIron devices, "show tech" or "dm save" can collect stack trace only from respective units. Condition: Users can collect stack trace only from the respective unit after device got unexpected reload. Workaround: Users should go to the corresponding stack units to collect stack trace. Medium Defect ID: DEFECT000591553 Technical Severity: Reason Code: Will Not Fix Probability: High Product: Brocade FastIron OS Technology Group: Layer 2 Switching FI 08.0.30 Reported In Release: Technology: VLAN - Virtual LAN Symptom: In ICX 6xxx devices, Enabling Ethernet loop back on VLAN tagged port is adding another VLAN header to the test packet. Condition: Enable ethernet loopback on a VLAN tagged port and send a packet with VLAN header. Defect ID: DEFECT000591626 Reason Code: Not Reproducible Product: Brocade FastIron OS Reported In Release: FI 08.0.30 Medium Technical Severity: Probability: High Technology Group: Layer 3 Routing/Network Layer Technology: DHCP - Dynamic Host Configuration Protocol Symptom: Dynamically received TFTP server address is not removed, when DHCP client is disabled. Condition: DHCP Client unit displays dynamically learned TFTP details after disabled the DHCP client. Medium Defect ID: DEFECT000592263 Technical Severity: Reason Code: Feature/Function Not Supported Probability: Medium Product: Brocade FastIron OS Technology Group: Management FI 08.0.30 Reported In Release: Technology: Configuration Fundamentals Symptom: ICX6650 device may unexpectedly reload with the following error message "EXCEPTION 1200, Data TLB error". Condition: When we ping to the IPV6 address configured on ICX6650. High Defect ID: DEFECT000595275 Technical Severity: Reason Code: Feature/Function Not Supported Probability: Medium Product: Brocade FastIron OS Technology Group: Monitoring Reported In Release: FI 08.0.30 Technology: Hardware Monitoring Symptom: The "cpssDxChPortSerdesPowerStatusSet failed" error messages are seen in SX. Condition: When SX device is upgraded to 8030g, "cpssDxChPortSerdesPowerStatusSet failed" error messages are seen on booting. FastIron 08.0.50 for Brocade ICX Switches Release Notes Version 1 88 Low Defect ID: DEFECT000595496 Technical Severity: Reason Code: Feature/Function Not Supported Probability: Low Product: Brocade FastIron OS Technology Group: Monitoring Reported In Release: FI 07.3.00 Technology: Hardware Monitoring Symptom: ICX6610 device may unexpectedly reload when connected to MLX. Condition: When ICX6610 box is connected to MLX, the device might reload on configuration and image update by the user or internal tasks like DHCP. High Defect ID: DEFECT000595792 Technical Severity: Reason Code: Not Reproducible Probability: High Product: Brocade FastIron OS Technology Group: Stacking Reported In Release: FI 08.0.30 Technology: Traditional Stacking Symptom: On ICX7250 switch when the stack port link from a trunk was hot-swapped then the link did not come up afterwards. This issue was observed only once during testing Condition: This issue was seen only once on ICX7250 switch when the stack port link from a trunk was hotswapped High Defect ID: DEFECT000596552 Technical Severity: Reason Code: Design Limitation Probability: High Product: Brocade FastIron OS Technology Group: IP Multicast Reported In Release: FI 08.0.50 Technology: IPv4 Multicast Routing Symptom: PIM/OSPF packet received on PIM enabled route-only port in a user VLAN get flooded to other ports in the vlan. If the route only ports are physically loop connection among the router, PIM/OSPF storm will happen. Condition: If the route only ports are physically loop connection among the router, PIM/OSPF storm will happen. High Defect ID: DEFECT000597920 Technical Severity: Reason Code: Not Reproducible Probability: Low Product: Brocade FastIron OS Technology Group: Security Reported In Release: FI 08.0.30 Technology: ACLs - Access Control Lists ACL configuration fails with error 'Unable to add new filter to ACL. Please reconfigure entire ACL Symptom: again' . Condition: Rules in ACL that is bound to a port is modified repeatedly and the FI device throws error ' 'Unable to add new filter to ACL. Please reconfigure entire ACL again' . Defect ID: DEFECT000598323 Reason Code: Not Reproducible Product: Brocade FastIron OS Reported In Release: FI 08.0.30 High Technical Severity: Probability: High Technology Group: Layer 3 Routing/Network Layer Technology: ICMP - Internet Control Message Protocol Symptom: Ping does not work over primary port of static Lag, if the primary port is on standby unit of ICX7750 stack. Condition: Primary port of Lag is on standby unit of ICX7750 stack. Workaround: Disable the Primary port so that traffic switches over other operational lag member ports. Recovery: Problem seen only once, root cause is not known. After reload the problem was problem was not seen. So Reload should recover the system from bad state. FastIron 08.0.50 for Brocade ICX Switches Release Notes Version 1 89 Medium Defect ID: DEFECT000598516 Technical Severity: Reason Code: Feature/Function Not Supported Probability: High Product: Brocade FastIron OS Technology Group: Stacking Reported In Release: FI 08.0.30 Technology: Mixed Stacking Symptom: Issuing disable command on an interface does not remove poe power on the interface. Condition: Interface disable command is used and being expected to disable poe power on the interface Workaround: use "no inline power" command for removing power from the interface. Recovery: use "no inline power" command for removing power from the interface. Medium Defect ID: DEFECT000599577 Technical Severity: Reason Code: Design Limitation Probability: High Product: Brocade FastIron OS Technology Group: Traffic Management Reported In Release: FI 08.0.30 Technology: Rate Limiting and Shaping Symptom: When Broadcast, Unknown-unicast, Multicast port-dampening feature is enabled on a LAG, the time by which port moved to ERR-DISABLE state might be delayed by a minute or more. Condition: Broadcast, Unknown-unicast, Multicast port-dampening feature is enabled on a LAG. High Defect ID: DEFECT000599717 Technical Severity: Reason Code: Already Fixed in Release Probability: High Product: Brocade FastIron OS Technology Group: Security Reported In Release: FI 08.0.30 Technology: IP Source Guard Symptom: DHCP-Snooping is enabled on ICX7450 device. Clearing DHCP-Snooping entries cause ICX7450 to reboot. Condition: DHCP-Snooping is enabled on ICX7450 device. User executes 'clear dhcp' command. Medium Defect ID: DEFECT000599795 Technical Severity: Reason Code: Already Fixed in Release Probability: High Product: Brocade FastIron OS Technology Group: Security Reported In Release: FI 08.0.30 Technology: IP Source Guard Symptom: ICX7450 reboots spontaneously when DHCP-Snooping and IP-Source Guard features are configured on the device. Condition: With DHCP-Snooping and IP-Source Guard configured in ICX7450, the ICX7450 device reboots spontaneously. High Defect ID: DEFECT000599982 Technical Severity: Already Fixed in Release High Reason Code: Probability: Product: Brocade FastIron OS Technology Group: Management Reported In Release: FI 08.0.30 Technology: High Availability Symptom: FI device reboots spontaneously after enabling DHCP-Snooping and IP-Source guard. Condition: DHCP-Snooping and IP-Source guard are enabled on FI device and the FI device reboots spontaneously. Low Defect ID: DEFECT000600578 Technical Severity: Reason Code: Will Not Fix Probability: High Product: Brocade FastIron OS Technology Group: Stacking Reported In Release: FI 08.0.30 Technology: Mixed Stacking Symptom: Error(63) was printed in the stack output for module activation.The wording is misleading and incorrect, it should be suppressed and/or reflects more meaningful information so it does not cause confusion, panel, and double. Condition: normal condition, no special case Workaround: n/a for 8.0.50 since 6610 is not supported. Recovery: n/a for 8.0.50 since 6610 is not supported. FastIron 08.0.50 for Brocade ICX Switches Release Notes Version 1 90 High Defect ID: DEFECT000600620 Technical Severity: Reason Code: Already Fixed in Release Probability: High Product: Brocade FastIron OS Technology Group: Management Reported In Release: FI 08.0.30 Technology: High Availability Symptom: Switch crashed with following stack trace stack: 009d9d78 006a11a4 006a1eb0 002a1710 002a1834 002a37f0 002a40d0 002a45a8 00286f20 00289798 0065a91c 0065a290 00d62a10 00d63ae8 00d72fa4 0065b114 00bb5ae8 01ceee83 Condition: When perform the 1) clear dhcp 2) port movement with DHCP+IPSG on the switch High Defect ID: DEFECT000600675 Technical Severity: Reason Code: Feature/Function Not Supported Probability: High Product: Brocade FastIron OS Technology Group: Security FI 08.0.30 Reported In Release: Technology: HTTP/HTTPS Symptom: HTTPS connection is not established with the Mozilla, Chrome Browser for REAPER device Condition: If Web Browser is configured with the Highest TLS versions/Unsupported Cipher suite, HTTPS connection will not be established for REAPER. This bug is not applicable to FI8.0.50 since Reaper (ICX6650) is not supported. Workaround: configure the lowest SSL version and the supported Cipher suites in Web browser. Recovery: If HTTPS connection is not established, configure the lowest SSL version and the supported Cipher suites in Web browser. High Defect ID: DEFECT000601095 Technical Severity: Reason Code: Already Fixed in Release Probability: High Product: Brocade FastIron OS Technology Group: Layer 2 Switching Reported In Release: FI 08.0.30 Technology: MRP - Metro Ring Protocol Symptom: MRP phase 2 deployment, disable/enable of shared interface can sometimes result in traffic flooding of known unicast flows. Condition: Network deployments using MRP phase 2 in combination with Topology group (with scaled member vlan's and dynamic MAC) configurations, on disable/enable of shared interface (or) few ringinterfaces can sometimes result in traffic flooding of known unicast flows. Workaround: Issue "clear mac-address" command once to recover from Traffic flooding Recovery: Issue "clear mac-address" command once to recover from Traffic flooding High Defect ID: DEFECT000602109 Technical Severity: Reason Code: Already Fixed in Release Probability: High Product: Brocade FastIron OS Technology Group: Security Reported In Release: FI 08.0.30 Technology: IP Source Guard Ping failed on some DHCP clients Symptom: Condition: Seeing ping failed permanently after mac move 1/ Reload stack - with dhcp binding on Stby 2/ Mac move from stby unit to member unit by interface simulating down/up on ixia 3/ Immediate do mac move back from member to stby. 4/ Seeing DHCP binding and IPSG table are updated fine, no stale entries, BUT ping failed permanently. FastIron 08.0.50 for Brocade ICX Switches Release Notes Version 1 91 High Defect ID: DEFECT000602129 Technical Severity: Reason Code: Feature/Function Not Supported Probability: High Product: Brocade FastIron OS Technology Group: Management Reported In Release: FI 08.0.30 Technology: CLI - Command Line Interface Symptom: Configuring the interface for "100-FX" fails with the message "Command not applicable". Core(config-if-e1000-3/5)#100-fx Command not applicable Core(config-mif-3/5-3/6)#sh media ethernet 3/5 Port 3/5:Type : 100M M-FX-SR(SFP) Vendor: Brocade Version: A Part# : 33224-100 Serial#: FAA113280001678 Condition: The issue occurs while trying to configure the interface in 100-fx mode. Medium Defect ID: DEFECT000602231 Technical Severity: Reason Code: Will Not Fix Probability: Medium Product: Brocade FastIron OS Technology Group: Management Reported In Release: FI 08.0.30 Technology: Configuration Fundamentals Symptom: Ports flaps while changing name of the VLAN through Web-GUI. Condition: VLAN name is changed through Web-GUI. High Defect ID: DEFECT000602798 Technical Severity: Reason Code: Feature/Function Not Supported Probability: High Product: Brocade FastIron OS Technology Group: Management Reported In Release: FI 08.0.30 Technology: CDP - Cisco Discovery Protocol Symptom: When 802.1X and MAC-authentication are enabled in a port and CDP pass-through is configured, CDP request is not answered with voice VLAN until the IP phone is authenticated. Condition: 802.1X and MAC-authentication are enabled in a port and CDP pass-through is configured. An IP phone tries to get voice VLAN by sending CDP packets. High Defect ID: DEFECT000603410 Technical Severity: Reason Code: Design Limitation Probability: High Product: Brocade FastIron OS Technology Group: Traffic Management Reported In Release: FI 08.0.40 Technology: Rate Limiting and Shaping Symptom: Reduced VoIP quality with high jitter. Condition: With burst traffic, reduced VoIP quality with bad jitter will be noticed though shaping and queuing are configured. Medium Defect ID: DEFECT000603990 Technical Severity: Reason Code: Already Fixed in Release Probability: High Product: Brocade FastIron OS Technology Group: Management Reported In Release: FI 08.0.30 Technology: CLI - Command Line Interface Symptom: Link does not come up, when configuring "speed-duplex 1000-full" on 10G port connected with 10G optic in the peer node. Condition: 1G speed configured on 10G port connected with 10G optic in the peer node. FastIron 08.0.50 for Brocade ICX Switches Release Notes Version 1 92 Medium Defect ID: DEFECT000604293 Technical Severity: Reason Code: Not Reproducible Probability: High Product: Brocade FastIron OS Technology Group: Stacking Reported In Release: FI 08.0.30 Technology: Stack Failover/Switchover Symptom: On ICX7250 stack setup when the stack switchover is done or the port is flapped then some error messages are seen on the output console Condition: This issue happens on ICX7250 stack setup when either the stack switchover is performed or the port is flapped High Defect ID: DEFECT000604456 Technical Severity: Reason Code: Already Fixed in Release Probability: Medium Product: Brocade FastIron OS Technology Group: Layer 2 Switching Reported In Release: FI 08.0.30 Technology: VLAN - Virtual LAN Symptom: VLAN flooding for the MAC entries not available in the standby device. Condition: ICX 7xxx stack with scaled MAC entries and reload of the stack. Workaround: Clear the MAC for the corresponding VLAN High Defect ID: DEFECT000605398 Technical Severity: Reason Code: Feature/Function Not Supported Probability: Medium Product: Brocade FastIron OS Technology Group: Monitoring Reported In Release: FI 07.3.00 Technology: Hardware Monitoring Symptom: In a connection between SX FI624HF 24-port 100/1000 linecard and Cisco switch both side configured in 100-FX mode, the link state keep changing between Up and Down some times. This issue is observed when peer Cisco switch goes for a reboot. Condition: This issue is seen on a connection between SX FI624HF 24-port 100/1000 linecard and Cisco switch both side configured in 100-FX mode,when the peer Cisco switch goes for a reboot. High Defect ID: DEFECT000605626 Technical Severity: Feature/Function Not Supported High Reason Code: Probability: Product: Brocade FastIron OS Technology Group: Management Reported In Release: FI 08.0.30 Technology: Software Installation & Upgrade Symptom: On boot of GEN III(SX-FI2XGMRXL6) management module in SXL device, the following error message is printed continuously on the console session. "Dev[18] : RXAUI Lock workaround failed Dev[18] : RXAUI Lock workaround failed" Condition: 1. When SXL device is up with an active management module, insertion of standby management module 2. Cold start of SXL device with active and standby management module High Defect ID: DEFECT000605815 Technical Severity: Reason Code: Not Reproducible Probability: High Product: Brocade FastIron OS Technology Group: Security FI 08.0.30 Reported In Release: Technology: ACLs - Access Control Lists Symptom: TCAM entries for IPv6 ACLs are not in sync at times between Active and Standby, that could impact traffic after a switchover or failover. Condition: Issue occurs when filter entries are added dynamically and modifications such as remove and reapply are done multiple times FastIron 08.0.50 for Brocade ICX Switches Release Notes Version 1 93 High Defect ID: DEFECT000606106 Technical Severity: Reason Code: Not Reproducible Probability: High Product: Brocade FastIron OS Technology Group: Security Reported In Release: FI 08.0.30 Technology: RADIUS Symptom: Captive portal fail to show the login page Condition: During an upgrade from 8040x to 8050, and from 8030j to 8040x this issue will be seen Workaround: After upgrade to 8050, change captive portal profile's login page field as per configuration guide Recovery: After upgrade to 8050, change captive portal profile's login page field as per configuration guide High Defect ID: DEFECT000606478 Technical Severity: Reason Code: Feature/Function Not Supported Probability: High Product: Brocade FastIron OS Technology Group: Layer 2 Switching Reported In Release: FI 08.0.30 Technology: MRP - Metro Ring Protocol Symptom: In a stack, traffic in MRP ring is flooding in VLAN in one unit while properly unicast in another unit. Condition: Flapping an interface of the MRP ring with traffic running. Recovery: Execute "clear mac-address " for the VLAN where the traffic is misbehaving. Medium Defect ID: DEFECT000606581 Technical Severity: Reason Code: Feature/Function Not Supported Probability: High Product: Brocade FastIron OS Technology Group: Layer 3 Routing/Network Layer Reported In Release: FI 08.0.30 Technology: BGP4 - IPv4 Border Gateway Protocol Symptom: In a stack, the unit 2 is not elected as Standby and remains as a member unit in non operational state. ICX6610-48P Router#show stack T=24m38.2: alone: standalone, D: dynamic cfg, S: static ID Type Role Mac Address Pri State Comment 1 S ICX6610-48P active 748e.f834.5abc 200 local Ready 2 S ICX6610-48P member 748e.f8ea.a2ce 0 remote NON-OP: ADV: BGP active +---+ +---+ =2/6| 1 |2/1==2/6| 2 |2/1= | +---+ +---+ | | | |------------------------| Note: There is no standby. Reason: u2: not operational, Condition: Stack unit with premier License installed. Unit 2 has BGP and GRE Tunnel in Node Lock state, due synchronization issue between stack units. Defect ID: DEFECT000606713 Reason Code: Will Not Fix Product: Brocade FastIron OS Reported In Release: FI 08.0.40 High Technical Severity: Probability: High Technology Group: Monitoring Technology: OAM - Operations, Admin & Maintenance Symptom: When ICX7450 fiber port with Copper SFP is connected to ICX7250 gig copper port and the ICX7450 is reloaded then the ICX7250 reports link up even before ICX7450 has booted up completely Condition: This issue happens with the connection between ICX7450 fiber port with Copper SFP to ICX7250 gig copper port and the ICX7450 is reloaded FastIron 08.0.50 for Brocade ICX Switches Release Notes Version 1 94 High Defect ID: DEFECT000607959 Technical Severity: Reason Code: Not Reproducible Probability: High Product: Brocade FastIron OS Technology Group: Security Reported In Release: FI 08.0.40 Technology: MAC Port-based Authentication Symptom: Device may unexpectedly reload when LLDP phone re-authenticates. Condition: Phone moved to critical VLAN, when RADIUS not available and re-authentication of phone when RADIUS becomes available. High Defect ID: DEFECT000608205 Technical Severity: Reason Code: Will Not Fix Probability: Medium Product: Brocade FastIron OS Technology Group: Layer 2 Switching Reported In Release: FI 08.0.30 Technology: VLAN - Virtual LAN Symptom: In ICX 6xxx device, when Ethernet loopback is enabled on a VLAN, additional VLAN header is added for tagged loopback traffic. Condition: Ethernet loopback is enabled on tagged interface under VLAN on ICX6xxx device. Recovery: Upgrade to 8.0.30k and enable 'acl-per-port-per-vlan' CLI command before applying ethernet loopback on tagged port under VLAN. High Defect ID: DEFECT000608854 Technical Severity: Reason Code: Not Reproducible Probability: High Product: Brocade FastIron OS Technology Group: Layer 2 Switching Reported In Release: FI 08.0.40 Technology: LAG - Link Aggregation Group On the ICX7xxx platforms when the member ports are added to the existing dynamic LAG then the Symptom: link on the dynamic LAG flaps and goes from Up to Down to Up multiple times Condition: This happens on ICX7xxx series platforms when the member links are added to existing dynamic LAG High Defect ID: DEFECT000610077 Technical Severity: Reason Code: Not Reproducible Probability: High Product: Brocade FastIron OS Technology Group: Management Reported In Release: FI 08.0.30 Technology: Management GUI Symptom: Power Supply Fan Air flow direction shows wrong direction in WEB. Condition: CLI show chassis power supply air flow direction mismatch with WEB interface device page power supply air flow direction. High Defect ID: DEFECT000610696 Technical Severity: Reason Code: Feature/Function Not Supported Probability: High Product: Brocade FastIron OS Technology Group: Security Reported In Release: FI 08.0.30 Technology: HTTP/HTTPS Symptom: On ICX6610 platform, there is a mismatch in the "fan direction" field displayed between CLI and WEB interfaces. Condition: This happens always. This bug is not applicable to the releases after FI8.0.30 since ICX6610 is not supported after FI8.0.30. FastIron 08.0.50 for Brocade ICX Switches Release Notes Version 1 95 Defect ID: DEFECT000612272 Reason Code: Feature/Function Not Supported Product: Brocade FastIron OS Reported In Release: FI 07.4.00 Medium Technical Severity: Probability: Medium Technology Group: Management Technology: SNMP - Simple Network Management Protocol Symptom: Two items:1) SX does not generate correct trap when fan speed is automatically changed to 52) When fan speed 5 is reached, a trap is sent with " system: !!! Temperature Warning: highest fan-speed(#4) has been reached !!!" - This is incorrect since max fan-speed is actually 5Please see packets 21/22 of filename '7400p_replication.pcapng' in the following location:\\brm-us-bloodhound1\SRATTACHMENTS\1635\1635849\Replication Condition: Fan Trap is not generated correctly when change. Workaround: This issue is not applicable for 8.0.50. SX hw is not supported. Recovery: This issue is not applicable for 8.0.50. SX HW is not supported. High Defect ID: DEFECT000612733 Technical Severity: Reason Code: Not Reproducible Probability: High Product: Brocade FastIron OS Technology Group: Security Reported In Release: FI 08.0.30 Technology: 802.1x Port-based Authentication Symptom: While upgrading the device from FI 8.0.10 to FI 8.0.30 release or later, the device may reload unexpectedly. Condition: The device has 802.1x authentication enabled and it has 'dot1x auth-filter' configuration with a filter id that does not exist globally. Workaround: Configure a global mac-filter in FI 8.0.10 before upgrade to FI 8.0.30 or later. Medium Defect ID: DEFECT000614503 Technical Severity: Reason Code: Already Fixed in Release Probability: High Product: Brocade FastIron OS Technology Group: Management Reported In Release: FI 08.0.30 Technology: CLI - Command Line Interface Symptom: In FI 8.0.30h on using "batch" command, device may reload unexpectedly after throwing an error message. Condition: FI device with FI 8.0.30 and usage of 'execute batch ' command Medium Defect ID: DEFECT000614603 Technical Severity: Reason Code: Not Reproducible Probability: Low Product: Brocade FastIron OS Technology Group: Stacking Reported In Release: FI 08.0.30 Technology: Traditional Stacking Symptom: Active unit may unexpectedly reload on removal of port from VLAN with loop detection enabled. Condition: 1. Enable loop detection, shutdown-disable on all ports in the VLAN 2. Disable/enable of the port to avoid loop. 3. Remove a port from VLAN Defect ID: DEFECT000615287 Reason Code: Design Limitation Product: Brocade FastIron OS Reported In Release: FI 08.0.40 Medium Technical Severity: Probability: Medium Technology Group: Security Technology: AAA - Authentication, Authorization, and Accounting Symptom: Windows dot1x client moves to internal error status Condition: Seen when Authentication server goes down FastIron 08.0.50 for Brocade ICX Switches Release Notes Version 1 96 Critical Defect ID: DEFECT000615909 Technical Severity: Reason Code: Not Reproducible Probability: High Product: Brocade FastIron OS Technology Group: Stacking Reported In Release: FI 08.0.30 Technology: Traditional Stacking Symptom: FI device with 802.1x authentication enabled may reload unexpectedly with low memory space. Condition: 802.1x authentication is enabled in the interface. The free memory decreases steeply over time. High Defect ID: DEFECT000616268 Technical Severity: Reason Code: Not Reproducible Probability: High Product: Brocade FastIron OS Technology Group: Monitoring Reported In Release: FI 08.0.30 Technology: Hardware Monitoring Symptom: When the ICX7450 Gig copper port is connected to Data Max printer port with both side configured in 100Mbps half-duplex mode and the continuous ping packets are send to the printer then after some time these ping packets stop reaching to the printer. Condition: This issue happens when the ICX7450 Gig copper port is connected to Data Max printer port with both side configured in 100Mbps half-duplex mode Medium Defect ID: DEFECT000617022 Technical Severity: Reason Code: Feature/Function Not Supported Probability: Medium Product: Brocade FastIron OS Technology Group: Security Reported In Release: FI 08.0.30 Technology: User Accounts & Passwords Symptom: The following syslog message indicating console timed out is printed continuously even thought the console didn't timeout. “2016 Aug 9 11:24:07:I:Security: console timed out by un-authenticated console user from PRIVILEGED EXEC mode” Condition: This problem happens if the “console timeout“ is configured. This issue does not apply to the releases after FI8.0.30 because Reaper (ICX6650) platform is not supported in those releases. Workaround: Don't configure the “console timeout “. Recovery: Remove the “console timeout “configuration. High Defect ID: DEFECT000619912 Technical Severity: Reason Code: Feature/Function Not Supported Probability: High Product: Brocade FastIron OS Technology Group: Monitoring Reported In Release: FI 08.0.30 Technology: Hardware Monitoring Symptom: On the link between ICX7750-48F 10G fiber port configured in 1G mode with Copper SFP and ICX6610 1G fiber port connected with Copper SFP then the ICX6610 side is reloaded then the port on ICX7750 side goes between Up and Down multiple times Condition: This happens on the link between ICX7750-48F 10G fiber port and ICX6610 1G fiber port both side connected using Copper SFP configured in 1G mode when the ICX6610 side is reloaded High Defect ID: DEFECT000621003 Technical Severity: Reason Code: Feature/Function Not Supported Probability: Medium Product: Brocade FastIron OS Technology Group: Layer 2 Switching FI 08.0.01 Reported In Release: Technology: xSTP - Spanning Tree Protocols Symptom: When TI is upgraded from 4.2.00 to 8.0.01e, 802.1w fails to prevent loops in the master vlan Condition: Upgrade from 4.2.00 to 8.0.01e with 802.1w configured on TurboIron. Workaround: 1. Remove/reconfigure “spanning-tree 802.1w” in vlan 1000. 2. Configure “spanning-tree rstp” in vlan 1000. FastIron 08.0.50 for Brocade ICX Switches Release Notes Version 1 97 Critical Defect ID: DEFECT000621135 Technical Severity: Reason Code: Not Reproducible Probability: High Product: Brocade FastIron OS Technology Group: Layer 2 Switching Reported In Release: FI 08.0.30 Technology: RFN - Remote Fault Notification Symptom: Ethernet remote loopback feature stops working on a switch image after reload. Condition: On a switch image, packet loopback doesn't happen for master unit's ports over reload. This issue is applicable in 8.0.3x firmware release version only & not applicable for post 8.0.3x software version. Workaround: All the Ethernet remote loopback configurations has to be removed & reapplied to recover from the issue state. Defect ID: DEFECT000624684 Reason Code: Feature/Function Not Supported Product: Brocade FastIron OS Reported In Release: FI 08.0.30 Medium Technical Severity: Probability: Medium Technology Group: Management Technology: SNMP - Simple Network Management Protocol Symptom: ICX6430 might unexpectedly reload during MIB walk for ipNetToMediaTable Condition: ICX6430 might unexpectedly reload when there are more than 1000 ARP entries and do snmpwalk, 1 Known issues This section lists open software defects with Critical, High, and Medium Technical Severity as of November 15, 2016 in 8.0.50. Defect ID: DEFECT000550376 Technical Severity: Medium Probability: High Product: Brocade FastIron OS Technology Group: Management Reported In Release: FI 08.0.30 Technology: Configuration Fundamentals Symptom: The ports will go down if there a cable cut/fault cable. This issue is present only on 10G fiber ports of on ICX7450 platform. Condition: If there is a TX/RX fiber cable cut, the link fault-signalling will not work and the ports will go down. Fault indication will not be reflected on port status. Workaround: Use good quality fiber cable and keep protected. Recovery: Replace the fiber cable. Defect ID: DEFECT000567305 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: Layer 2 Switching Reported In Release: FI 08.0.30 Technology: MCT - Multi-Chassis Trunking Symptom: In MCT topology, some of the packets are looping causing high CPU. The packet types could be DHCPv4, IGMP report/query, PIM registration, MRP_MAC, Cisco PVST+ etc. Condition: MCT topology observing High CPU due to packet looping. Defect ID: DEFECT000573973 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: Layer 2 Switching Reported In Release: FI 08.0.40 Technology: LAG - Link Aggregation Group Symptom: In a highly scaled keepalive LAG setup between ICX7750-stack and ICX7450-stack when the ICX7750-stack is reloaded then the high CPU condition is observed in ICX7750-stack after system comes up operational FastIron 08.0.50 for Brocade ICX Switches Release Notes Version 1 98 Condition: This issue happens in a highly scaled keepalive LAG setup between ICX7750-stack and ICX7450stack after reload of ICX7750-stack. Defect ID: DEFECT000574969 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: Stacking Reported In Release: FI 08.0.40 Technology: Traditional Stacking Symptom: If there are continuous traffic to L3 hosts connected on stack and ingress port is on standby or member units, then every one minute there will be 1 or 2 packets drop(depends on traffic rate) Condition: 1: There are continuous traffic to L3 hosts connected on Router stack. 2: Ingress port is on standby unit or member unit. 3: Traffic rate is around 5% or more. Defect ID: DEFECT000576125 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: SDN Reported In Release: FI 08.0.40 Technology: OpenFlow Symptom: The CPU usage remains 90% for longer time when openflow controller is configured to auto download the flows and 12K flows are configured. It may cause other L2 and L3 protocol flaps. Condition: This issue is applicable only for manual switchover cases with the highly scaled configuration and flows. Defect ID: DEFECT000577763 Technical Severity: High Probability: Medium Product: Brocade FastIron OS Technology Group: Management Reported In Release: FI 08.0.40 Technology: Configuration Fundamentals Symptom: The link does not come up between ICX7450-32ZP 2.5G port and ICX7750-48C 10G copper port connected using Crossover Ethernet cable with ports configured in 1G speed using "speed-duplex 1000-full-master" command Condition: This issue happen in a connection between ICX7450-32ZP and ICX7750-48C using Crossover Ethernet cable and ports configured in 1G mode Defect ID: DEFECT000593977 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: Management Reported In Release: FI 08.0.40 Technology: NTP - Network Time Protocol Symptom: NTP client server association will not happen when loopback interface is configured as NTP peer. Condition: Configure loopback interface as NTP servers instead of peer. Defect ID: DEFECT000597195 Technical Severity: High Probability: Medium Product: Brocade FastIron OS Technology Group: Layer 3 Routing/Network Layer Reported In Release: FI 08.0.30 Technology: RIP - IPv4 Routing Information Protocol Symptom: No, big impact to the customer. More control packets are trapped to the CPU even when the associated VE Router interface is deleted or IP address is un-configured. Condition: None. Defect ID: DEFECT000599380 Technical Severity: Critical Probability: Medium Product: Brocade FastIron OS Technology Group: Security Reported In Release: FI 08.0.41 Technology: IPsec - IP Security Symptom: A few packet (in order of 10-20) when traffic is at line rate. FastIron 08.0.50 for Brocade ICX Switches Release Notes Version 1 99 Condition: A few packet drops when the operating at temperature and voltage values are the extremes, ie Temperature High, Voltage High, temperateure low voltage high and so forth. Defect ID: DEFECT000600081 Technical Severity: Medium Probability: Low Product: Brocade FastIron OS Technology Group: Monitoring Reported In Release: FI 08.0.40 Technology: Syslog Symptom: MAU mib table ifMauAutoNegCapabilityBits, ifMauAutoNegCapAdvertisedBits OIDs always return the 00, 01 Condition: Perform the SNMPWALK of the MAU table snmpwalk -v2c -c public 1.3.6.1.2.1.26.5.1.1.9.1 snmpwalk -v2c -c public 1.3.6.1.2.1.26.5.1.1.10.1 Defect ID: DEFECT000602938 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: IP Multicast Reported In Release: FI 08.0.50 Technology: IPv4 Multicast Routing Symptom: The customer may observe loss of multicast traffic in case the static LAG is being used for multicast application and he performs deploy/undeploy operation on the LAG. Condition: If the customer have Multicast application running on a LAG interface and he is performs a 'LAG deploy/undeploy' operation in succession, there is a possible loss of Multicast traffic occasionally. Workaround: Trying the same operation again may fix the problem. Defect ID: DEFECT000605256 Technical Severity: High Product: Brocade FastIron OS Reported In Release: FI 08.0.50 Probability: Medium Technology Group: Security Technology: MACsec - Media Access Control security Symptom: In a ICX7450 connected with 4x10F module when MACSEC is enabled then in some case a continuous MACSEC error message was observed on console output Condition: This issue happen on ICX7450 with 4x10F module connected and MACSEC enabled Defect ID: DEFECT000606490 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: IP Multicast Reported In Release: FI 08.0.50 Technology: PIM - Protocol-Independent Multicast Symptom: When a new source starts sending traffic, registration process may take few seconds and it can lead to software forwarding of traffic for that duration. Condition: When a new source starts sending traffic, RP system may take few seconds to send join message to FHR as part registration process. Till registration process is ongoing, the traffic will be software forwarded. Defect ID: DEFECT000607508 Technical Severity: High Probability: Medium Product: Brocade FastIron OS Technology Group: Security Reported In Release: FI 08.0.50 Technology: ACLs - Access Control Lists Symptom: ACL's are not effective for PE ports immediately after the system reload and also a specific PE reload. Condition: 1) Scaled IPv4 ACLs should present i.e. each ACL should have at least 900 filters or more. 2) Large ACL should be applied on port. Workaround: If configuration contains large ACL definitions and if they are not used remove them. Recovery: System auto recovers after certain time depending on the number of ACL rules configured. And the maximum noticed time is about ~13 minutes. FastIron 08.0.50 for Brocade ICX Switches Release Notes Version 1 100 Defect ID: DEFECT000608538 Technical Severity: Medium Probability: High Product: Brocade FastIron OS Technology Group: Security Reported In Release: FI 08.0.50 Technology: IP Source Guard Symptom: Router learns more than 64 DHCP snoop entries on port. Condition: IP Source Guard is enabled on port and multiple DHCP requests are received on the router Defect ID: DEFECT000608563 Technical Severity: Medium Probability: High Product: Brocade FastIron OS Technology Group: Stacking Reported In Release: FI 08.0.50 Technology: Mixed Stacking Symptom: There are multiple issues seen on SPX where in we need to capture pkts in every spx-port, which is not realistic debugging, and time consuming. There should be some easy way to figure out where the pkt is drop is there or likely. Condition: Debugging. Defect ID: DEFECT000608646 Technical Severity: High Probability: Medium Product: Brocade FastIron OS Technology Group: SDN Reported In Release: FI 08.0.50 Technology: OpenFlow Symptom: This does not adversely affect the customer facing functionality but when the user performs a "Switch-over" action on the unit that is configured with "SELECT group" with member ports disabled then the expected traffic disruption is delayed until purge timer expires. When the purge timer expires, the system cleans up the unwanted entries. Condition: When the user is performing "Switch-over" with Select groups configured and member ports disabled, the shall experience this issue. Defect ID: DEFECT000609325 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: IP Multicast Reported In Release: FI 08.0.50 Technology: PIM - Protocol-Independent Multicast Symptom: IP Multicast cache entries does not gets deleted after configured inactivity timer expires. Condition: Multicast cache entries remains in the database even after expiry of the inactivity interval. It may take upto 3x times the inactivity interval to delete the entry. Workaround: Clear the specific multicast entry using clear ip pim mcache Defect ID: DEFECT000610126 Technical Severity: High Probability: Low Product: Brocade FastIron OS Technology Group: Security Reported In Release: FI 08.0.50 Technology: ACLs - Access Control Lists Symptom: ACL TCAM exhaustion errors are seen when replacing ACLs on router interface for default VLAN. Condition: Apply a large ACL on router interface for default VLAN. Replace the large ACL with another ACL, this operation to replace the ACL can fail with error TCAM exhaustion. Workaround: Instead of replacing the ACL on the fly remove the larger ACL on the router interface for default VLAN first and later bind the new ACL on the same router interface. Recovery: N/A FastIron 08.0.50 for Brocade ICX Switches Release Notes Version 1 101 Defect ID: DEFECT000610261 Technical Severity: High Probability: Medium Product: Brocade FastIron OS Technology Group: Monitoring Reported In Release: FI 08.0.30 Technology: Syslog Symptom: Stack dump printed on the console/TELNET session, when ICX7450 boots up with 4x10G module. Condition: Running configuration has module configuration of older module and the ICX7450 is booted with different configuration module in the slot. Recovery: Remove stale/previous module configuration Defect ID: DEFECT000610871 Technical Severity: High Product: Brocade FastIron OS Reported In Release: FI 08.0.50 Probability: Medium Technology Group: Layer 3 Routing/Network Layer Technology: DHCP - Dynamic Host Configuration Protocol Symptom: Few entries are not getting updated in v6 snooping table but v6 sessions are bound. Condition: When there are 10 DHCP hosts and v6 snooping tables are not updated. Defect ID: DEFECT000612108 Technical Severity: High Probability: High Brocade FastIron OS Product: Technology Group: Management Reported In Release: FI 08.0.50 Technology: PoE/PoE+ - Power over Ethernet Symptom: 'show inline power emesg' displays only local unit events. Condition: Remote unit poe events cannot be displayed from Active Unit of stack system using 'show inline power emesg' Workaround: Do a rconsole to remote unit or connect to remote unit console to get the poe events displayed for that remote unit. Recovery: Defect ID: DEFECT000612580 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: Management Reported In Release: FI 08.0.50 Technology: Configuration Fundamentals Symptom: LACP ports could flap while running supportsave. Condition: Supportsave collects a list of information from the system and this operation is CPU intensive. This can cause a momentary high CPU which can result in a LACP port flap. Workaround: support save has an option for collecting logs on specific units instead of running on all units. Recovery: no recovery needed. Once the supportsave operation is complete, CPU usage returns to normalcy. FastIron 08.0.50 for Brocade ICX Switches Release Notes Version 1 102 Defect ID: DEFECT000612883 Technical Severity: High Probability: Medium Product: Brocade FastIron OS Technology Group: Security Reported In Release: FI 08.0.50 Technology: ACLs - Access Control Lists Symptom: If ACL configurations such as adding/deleting ACL, adding/deleting filters and bind/unbind of ACLs to PE ports are done while the PE Hot-Swap is in progress, it can result in unpredictable behavior for that PE such as filter IDs to be out-of-sync with active, ACL not getting bound to ports... etc. Condition: ACL configuration changes on the active when PE hot-swap is in progress. Workaround: When PE hot-swap is in progress do not enter any ACL configurations. The following kind of syslog's will provide information regarding the start and end of a PE hot-swap. SYSLOG: <14> Mar 19 20:49:59 spx_stack Start PE hot-swap for unit-id 54.Please do not enter any security configurations until complete. SYSLOG: <14> Mar 19 20:50:58 spx_stack PE hot-swap for unit-id 54 is complete. Recovery: Reload of the PE. Defect ID: DEFECT000613048 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: Security Reported In Release: FI 08.0.50 Technology: MAC Port-based Authentication Symptom: Untrusted IP Address is shown in show mac-authentication with ip source guard enabled. Condition: When static arp is enabled and IP source guard is enabled with FlexAuth, this issue is seen. Defect ID: DEFECT000613148 Technical Severity: High Product: Brocade FastIron OS Reported In Release: FI 08.0.50 Probability: High Technology Group: Management Technology: SNMP - Simple Network Management Protocol Symptom: SNMPv3 traps are not generated after switchover or failover during ISSU. Condition: Upon switchover or failover during ISSU SNMPv3 traps are not seen. Recovery: There are 2 ways to recover from this issue: 1. Restart the SNMP trap receiver. 2. Disable checking "time window" for SNMPv3, if the trap receiver tool supports it. Defect ID: DEFECT000613376 Technical Severity: Critical Probability: High Product: Brocade FastIron OS Technology Group: Stacking Reported In Release: FI 08.0.50 Technology: Traditional Stacking Symptom: 2 unit stack broke with overnight traffic. Buffer lockup Condition: buffer lockup with mix traffic type on the stacking on the 7250 and 7450 stacking. Workaround: None. Use Reload the unit to recover. Recovery: None. Use Reload the unit to recover. Defect ID: DEFECT000614500 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: Layer 2 Switching Reported In Release: FI 08.0.30 Technology: xSTP - Spanning Tree Protocols Symptom: In FastIron device, Per VLAN xSTP BPDU is looped in MSTP domain causing high CPU. Condition: In FastIron device, When adding MSTP blocked port to a new VLAN causes port as forwarding in Software causing BPDU flooding in blocked port. Workaround: Configure the MSTP forward port to the new VLAN and then other ports FastIron 08.0.50 for Brocade ICX Switches Release Notes Version 1 103 Defect ID: DEFECT000615256 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: Security Reported In Release: FI 08.0.50 Technology: IPsec - IP Security Symptom: CPU shows 3% utilization on 7450 during idle state Condition: In idle states with no configuration. Workaround: none - no functional impact Recovery: none - no functional impact. Defect ID: DEFECT000615573 Technical Severity: High Probability: Medium Product: Brocade FastIron OS Technology Group: Management Reported In Release: FI 08.0.30 Technology: PoE/PoE+ - Power over Ethernet Symptom: ICX7250 Stack units with EPS4000 reporting power failure messages. Condition: This can occur when an Extended Power supply is connected to the device. Defect ID: DEFECT000615629 Technical Severity: High Probability: Medium Product: Brocade FastIron OS Technology Group: Security Reported In Release: FI 08.0.50 Technology: ACLs - Access Control Lists Symptom: Tagged traffic from a Port Extender (PE) port will not be routed after issuing 'clear arp' if the ACL applied on it matches and remarks the 802.1p priority of the packet. Condition: ACL definitions are distributed to PE and applied on PE hardware. If the ACL matches and then remarks the 802.1p priority of the packet and such a packet comes to CPU for ARP resolution it is dropped. Recovery: Send ARP request from the neighbor after doing clear arp. Defect ID: DEFECT000616355 Technical Severity: Critical Probability: High Product: Brocade FastIron OS Technology Group: Management Reported In Release: FI 08.0.50 Technology: CLI - Command Line Interface Symptom: Device crashes during write memory and end command execution in a script continuously Condition: Running a script to perform a write memory and end from a sub level mode Defect ID: DEFECT000616647 Technical Severity: High Probability: Medium Product: Brocade FastIron OS Technology Group: Security Reported In Release: FI 08.0.50 Technology: IP Source Guard Symptom: Removing a vlan using command 'no vlan ' is leading to stale IPSG entries (IPSG entries on a given vlan are removed when the VLAN is deleted). Condition: IP Source-guard is enabled on member ports of a VE port. User VRF is enabled on the VE port. VLAN (corresponding to the VE port) is deleted using 'no vlan ' Workaround: Remove the VRF setting from VE Remove the config on VE interface (no int ve) Remove the vlan (no vlan ) Give a few seconds (around 20 seconds) time gap between executing two commands. FastIron 08.0.50 for Brocade ICX Switches Release Notes Version 1 104 Defect ID: DEFECT000616768 Technical Severity: Medium Probability: High Product: Brocade FastIron OS Technology Group: Management Reported In Release: FI 08.0.50 Technology: CLI - Command Line Interface Symptom: Debug message "M:acl S:task L:0 - [Dev Init Check] Device 255 not valid" seen on console/log in switch image. Condition: Debug messages seen in switch image when a mangament vlan is enabled/disabled Defect ID: DEFECT000617303 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: Management Reported In Release: FI 08.0.50 Technology: Software Installation & Upgrade Symptom: After a BNA request for config upload is done it will prevent further TFTP copy operations on the device. Condition: This is a corner case scenario and specific to a particular setup, where once the DHCP auto download feature downloads the files and a tftp copy operation from the BNA is done , it causes a lock in the flash which prevents the further tftp operations to access the flash. Workaround: Wait for 30 mins for the flash to timeout. Defect ID: DEFECT000617759 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: IP Multicast Reported In Release: FI 08.0.50 Technology: PIM - Protocol-Independent Multicast Symptom: Customer may encounter an Error Message and multicast traffic loss over a GRE tunnel when a GRE tunnel is flapping. Condition: When multicast traffic is going through a GRE tunnel and this tunnel is flapping, then such error message will be seen and traffic will be dropped. Workaround: No work around to avoid such error or traffic drop Recovery: To recover the traffic after the occurrence of error, customer can do "clear ip pim mcache" or go to GRE tunnel interface, do tunnel disable and tunnel enable manually. Defect ID: DEFECT000617855 Technical Severity: High Probability: Low Product: Brocade FastIron OS Technology Group: Layer 3 Routing/Network Layer Reported In Release: FI 08.0.50 Technology: Static Routing (IPv4) Symptom: When maximum (2K) IPv4 Static Routes are configured on a scaled SPX-System, High CPU might be experienced for some period. Condition: When the customer reports High CPU/sluggish CLI on a SPX-System after creation of around 2K static routes. Defect ID: DEFECT000617975 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: Stacking Reported In Release: FI 08.0.50 Technology: Mixed Stacking Symptom: If the customer have a network topology such that the traffic loop is prevented by means of VLAN filtering, then enabling the Openflow on Hybrid ports that are part of the physical loop will prevent VLAN filtering. This may cause sluggish management of that system for 2 to 3 minutes in case of peer stack/unit is reloaded or rebooted. Condition: In a network topology with physical loop prevented by VLAN filtering, when the customer configures OpenFlow on Hybrid ports with control routing protocols enabled like VRRP, OSPF etc., the described issue may be observed. Workaround: Refrain from using Openflow configuration on hybrid ports if there is a physical loop (using the hybrid port) that is prevented by the VLAN filtering. FastIron 08.0.50 for Brocade ICX Switches Release Notes Version 1 105 Defect ID: DEFECT000618110 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: Security Reported In Release: FI 08.0.50 Technology: 802.1x Port-based Authentication Symptom: Flexible authentication based configs are removed Condition: Initially Flexible Authentication is configured and Client is authenticated. Now if all the ports are removed from auth-default-vlan, configuration for Flexible Authentication is removed from Device Defect ID: DEFECT000619315 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: Security Reported In Release: FI 08.0.50 Technology: 802.1x Port-based Authentication Symptom: Using 'no authentication' leaves a port in dynamic VLAN Condition: A Client is authenticated and port is dynamically added to a VLAN. Now if all Flexible authentication are removed using 'no authentication', port is not removed from the Dynamic VLAN, even though session for the client is removed. Defect ID: DEFECT000619415 Technical Severity: Medium Probability: High Product: Brocade FastIron OS Technology Group: Security Reported In Release: FI 08.0.50 Technology: 802.1x Port-based Authentication Symptom: When the following commands are executed and lot of information is available, the page mode doesn't work properly. show dot1x/mac-auth sessions all show dot1x/mac-auth statistics all show dot1x/mac-auth ip-acl all Condition: Happens always Defect ID: DEFECT000619420 Technical Severity: Medium Probability: High Product: Brocade FastIron OS Technology Group: Security Reported In Release: FI 08.0.50 Technology: 802.1x Port-based Authentication Symptom: Users' counts is not not in sync after switch-over Condition: 1)Bring up 1020 dot1x sessions on a PE port 2)Issue "show dot1x sess br" 3)Execute a switch-over and issue command from step 2 again on new Active However, the output from step-3 is not in sync output from step-2 Workaround: No workaround Defect ID: DEFECT000620292 Technical Severity: High Probability: Medium Product: Brocade FastIron OS Technology Group: Stacking Reported In Release: FI 08.0.50 Technology: Traditional Stacking Symptom: Unexpected reload of ICX 7450 Stack after MACSec related errors Condition: Seen during longevity tests FastIron 08.0.50 for Brocade ICX Switches Release Notes Version 1 106 Defect ID: DEFECT000620302 Technical Severity: Medium Product: Brocade FastIron OS Reported In Release: FI 08.0.30 Probability: High Technology Group: Layer 3 Routing/Network Layer Technology: DHCP - Dynamic Host Configuration Protocol Symptom: DHCP discover sent by FI client has MAC address appended to the hostname. Condition: When FI device acts as DHCP client, the hostname field is always appended by the port MAC address. Defect ID: DEFECT000620322 Technical Severity: Medium Product: Brocade FastIron OS Reported In Release: FI 08.0.40 Probability: High Technology Group: Layer 3 Routing/Network Layer Technology: ICMP - Internet Control Message Protocol Symptom: The FI devices send duplicate ICMPv6 packets of type 135 and 136 on management VLAN. Condition: When pinging from a PC to the FI device, the device sends duplicate ICMPv6 packets of type 135 and 136 on management VLAN. Defect ID: DEFECT000620354 Technical Severity: High Probability: Medium Product: Brocade FastIron OS Technology Group: Management Reported In Release: FI 08.0.30 Technology: PoE/PoE+ - Power over Ethernet Symptom: In 7450, PoH port 1/1/7 not delivering power or has operational state Off. Condition: This issue can be seen on ICX7450, with POE device connected to port 1/1/7. Defect ID: DEFECT000620652 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: Security Reported In Release: FI 08.0.50 Technology: 802.1x Port-based Authentication Symptom: Users fail to authenticate when STP is enabled on dynamic VLAN Condition: User is trying to authenticate using dot1x and Radius server provides dynamic VLAN as part of AAA-ACCEPT message. If the Dynamic VLAN has STP enabled, then the User fails to authenticate Workaround: Works with RSTP and issue is seen only with STP (legacy) Defect ID: DEFECT000620979 Technical Severity: Medium Probability: High Product: Brocade FastIron OS Technology Group: Stacking Reported In Release: FI 08.0.30 Technology: Stack Failover/Switchover Symptom: In a secure stack, the reload command reloads only newly added unit(s) and active unit not an existing stack member. Condition: Reload of stack unit after insertion of new units to stack FastIron 08.0.50 for Brocade ICX Switches Release Notes Version 1 107 Defect ID: DEFECT000621103 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: Layer 2 Switching Reported In Release: FI 08.0.30 Technology: RFN - Remote Fault Notification Symptom: Ethernet remote loopback feature doesn't work on multi-unit lag in a stacking system. Condition: When Ethernet remote loopback is enabled on a lag with ports from more than one devices, the ingress traffic doesn't get loop backed. This issue is again specific to those flows where the lag hashing chooses a remote device/unit's port to egress out the traffic instead of the traffic ingress lag member port. Workaround: No workaround available. Defect ID: DEFECT000621398 Technical Severity: High Probability: Medium Product: Brocade FastIron OS Technology Group: Security Reported In Release: FI 08.0.50 Technology: ACLs - Access Control Lists Symptom: Enabling and disabling spanning tree when ACLs with traffic policy meters are applied on interfaces with VLAN results in TCAM exhaustion errors. Condition: Apply ACLs with traffic policy meters on interfaces with VLAN. Enable and disable the spanning tree. Workaround: Remove traffic policy meters from ACLs before enabling/disabling the spanning tree. Recovery: Reloading the units for which this ACL is applied will recover from this situation. Defect ID: DEFECT000621447 Technical Severity: Medium Product: Brocade FastIron OS Reported In Release: FI 08.0.30 Probability: High Technology Group: Monitoring Technology: OAM - Operations, Admin & Maintenance Symptom: In FastIron devices, Loopback enabled VLAN is allowed to configure under topology group Condition: In FastIron devices, after enabling the loopback VLAN and configure the same VLAN under topology group Defect ID: DEFECT000621525 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: IP Multicast Reported In Release: FI 08.0.50 Technology: PIM - Protocol-Independent Multicast Symptom: Switch does not snoop PIM v4/v6 joins/prunes after configuring v4/v6 multicast flooding-disable command and reloading the switch/router. Condition: v4/v6 multicast flooding-disable command is configured followed by reload of the switch/router. Workaround: Apply the multicast flooding-disable command once the reload is complete and system is in stable state. Recovery: Remove and re-apply the multicast flooding-disable command. Defect ID: DEFECT000621801 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: SDN Reported In Release: FI 08.0.50 Technology: OpenFlow Symptom: When the flows with meters are installed using test equipment like IXIA, re-download of flows after stack switchover is failing for new standby ports. Condition: 1) flows must be installed on new standby unit 2) flows must be installed from IXIA 3) flows must contain meters attached 4) purge time would have expired before flow re-download FastIron 08.0.50 for Brocade ICX Switches Release Notes Version 1 108 Defect ID: DEFECT000621812 Technical Severity: High Probability: Medium Product: Brocade FastIron OS Technology Group: Stacking Reported In Release: FI 08.0.50 Technology: Traditional Stacking Symptom: ISSU process aborts suddenly. The command "show issu status" will display Reason for abort as UNEXPECTED_UNIT DELETE DIR along with the unit id on which the unexpected unit delete was observed. After this situation is observed, traffic flow through the specified unit will be seen. Condition: This defect is relevant only for ISSU and not with normal upgrade nor during normal operation. Also, this defect is seen only on the ICX 7450 platform. Recovery: If ISSU is started with "on-error" option defining the recovery behavior in case of error, all stack units are automatically reloaded with the specified recovery partition. If the "on-error" option is not specified the stack can be reloaded to recover to operational state. Defect ID: DEFECT000621847 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: Security Reported In Release: FI 08.0.50 Technology: 802.1x Port-based Authentication Symptom: Authenticated Hosts on ports from Standby/Member unit are not reachable after Active failover Condition: Hosts are authenticated on a flex-auth enabled port. Then Hosts get IP address using DHCPv6 protocol and Hosts are reachable now. However after active fail-over, those Authenticated Hosts on ports from Standby/Member unit are no longer reachable Recovery: Clear all sessions on the port and reauthenticate Defect ID: DEFECT000621999 Technical Severity: Medium Probability: Medium Product: Brocade FastIron OS Technology Group: Layer 2 Switching Reported In Release: FI 08.0.30 Technology: VLAN - Virtual LAN Symptom: MAC/next-hop movements seen on upstream router when PVLAN and Spanning-tree 802.1w configured. Condition: When ICX devices connected to any upstream router in which STP 802.1w is enabled on pvlan ports and secondary vlan ports then mac/next-hop movement seen in router irrespective of STP state in ICX device. Since STP state in pvlan ports and secondary vlan creates loop without adjusting. Defect ID: DEFECT000622119 Technical Severity: High Probability: Medium Product: Brocade FastIron OS Technology Group: Layer 3 Routing/Network Layer Reported In Release: FI 08.0.50 Technology: IP Addressing Symptom: Continious debug messages on console seen when specific debug commands enabled. Condition: Error messages seen only during debugging a GRE specific problem and debug messages are requested to be printed on all sessions of telnet, ssh and console. Defect ID: DEFECT000622275 Technical Severity: Medium Probability: High Product: Brocade FastIron OS Technology Group: Layer 2 Switching Reported In Release: FI 08.0.50 Technology: VLAN - Virtual LAN Symptom: Occurrence of Next Hop Router Movement on UPLINK router connected to multiple Promiscuous Ports. Condition: Deletion & Re-Configuration of Private VLAN mapping with STP/RSTP running in Private VLAN domain. Workaround: Downstream Router with Promiscuous port to be configured as Root Bridge. Recovery: Deletion & Re-Configuration of STP/RSTP configuration in Private VLAN domain. FastIron 08.0.50 for Brocade ICX Switches Release Notes Version 1 109 Defect ID: DEFECT000622551 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: Management Reported In Release: FI 08.0.40 Technology: Configuration Fundamentals Symptom: SSH session will be termined when vrrp interface is enabled Condition: On ICX devices, when enabling vrrp interface on SSH session the SSH session gets terminated/disconnected. Defect ID: DEFECT000622765 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: Stacking Reported In Release: FI 08.0.50 Technology: Traditional Stacking Symptom: sFlow messages not received on network to BNA Condition: Seen when sFlow collector is connected on the management network (works when connected to data ports of the switch) Defect ID: DEFECT000622913 Technical Severity: High Product: Brocade FastIron OS Reported In Release: FI 08.0.50 Symptom: Invalid TCAM entries observed Condition: Seen when restricted VLAN is deleted Probability: High Technology Group: Security Technology: MAC Port-based Authentication Defect ID: DEFECT000622917 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: Layer 3 Routing/Network Layer Reported In Release: FI 08.0.50 Technology: IP Addressing Symptom: All ICX 7K can experience ping drops to directly connected interfaces, when 'reverse-path-check' is globally configured. This can happen if and only if the standalone Unit ID is greater than 1. In stacking scenario, if there is no unit with Unit-ID 1 then this can occur. Condition: When, the ICX 7K system is configured with UnitId greater than 1 or in stacking configuration none of the Unit-Id is 1 and 'reverse-path-check' is enabled globally. Workaround: Change the Unit-ID to 1. Defect ID: DEFECT000623294 Technical Severity: Medium Product: Brocade FastIron OS Reported In Release: FI 08.0.50 Probability: High Technology Group: Management Technology: SNMP - Simple Network Management Protocol Symptom: The lldpRemPortId object represents a string value used to identify the port component associated with the remote system. The value of lldpRemPortId in lldpRemTable is displayed as Hex string. Condition: The value of lldpRemPortId in lldpRemTable is displayed as Hex string. By default, the value is MAC address which is displayed ae Hex string. If user configures the port on the remote system , the value of lldpRemPortId is displayed as Hex string which is not easily readable by the user. Workaround: The user needs to convert the value as ASCII string manually. FastIron 08.0.50 for Brocade ICX Switches Release Notes Version 1 110 Defect ID: DEFECT000623379 Technical Severity: Medium Probability: High Product: Brocade FastIron OS Technology Group: Layer 3 Routing/Network Layer Reported In Release: FI 08.0.30 Technology: OSPF - IPv4 Open Shortest Path First Symptom: ICX7450 may unexpectedly reload when OSPF with distribute-list is enabled. Condition: Enable distribute-list and clear ip ospf routes. When the routes are re-learnt, the system might unexpectedly reload. Workaround: Disable distribute-list from the config. Defect ID: DEFECT000623517 Technical Severity: Medium Probability: High Product: Brocade FastIron OS Technology Group: Stacking Reported In Release: FI 08.0.50 Technology: Mixed Stacking Symptom: Error message - "Invalid device number for ACL stacking buffer" seen along with stack trace Condition: Seen under certain conditions during a SPX Reload and DOS Attack configuration Defect ID: DEFECT000623569 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: Security FI 08.0.50 Reported In Release: Technology: MAC Port-based Authentication Symptom: A Webauth Client gets Authenticated without a RADIUS returned ACL attribute, and then a second client gets authenticated with RADIUS returned ACL. At this time, first user's Session gets removed and needs to be authenticated again. Condition: One or more users get authenticated without an ACL attribute in the radius profile followed by a user with ACL attribute. Recovery: Authenticate the first user again Defect ID: DEFECT000624150 Technical Severity: Medium Probability: High Product: Brocade FastIron OS Technology Group: Security Reported In Release: FI 08.0.50 Technology: MAC Port-based Authentication Symptom: MAC Authentication not initiated with non-dot1x capable client in default auth order Condition: Seen when dot1x timeout tx-period is set to a value greater than 30 secs Workaround: Set dot1x timeout tx-period to a value lesser than 30 secs Defect ID: DEFECT000624341 Technical Severity: Medium Probability: Medium Product: Brocade FastIron OS Technology Group: Management Reported In Release: FI 08.0.30 Technology: FDP - Foundry Discovery Protocol Symptom: 'show fdp neighbor' CLI command displays only one neighbor at a time on a local port although there are multiple neighbors learned by FDP on that local port. Multiple runs of the same command may result in showing a different neighbor. Condition: There are multiple neighbors connected to the same local physical port. FastIron 08.0.50 for Brocade ICX Switches Release Notes Version 1 111 Defect ID: DEFECT000624502 Technical Severity: High Probability: High Product: Brocade FastIron OS Technology Group: Security Reported In Release: FI 08.0.50 Technology: 802.1x Port-based Authentication Symptom: ACL TCAM entries are not as per ACL programming state and may have stale entries. Condition: When the ACL attribute is changed before a re-authentication from the previously configured ACL on Radius and subsequently the session is removed. Workaround: After changing the ACL profile in the RADIUS, clear the session, even before re-authentication triggers. Defect ID: DEFECT000624614 Technical Severity: High Probability: Medium Product: Brocade FastIron OS Technology Group: Layer 3 Routing/Network Layer Reported In Release: FI 08.0.50 Technology: IP Addressing Symptom: On the ICX platform, the incoming packets are dropped when the incoming interface is configured with "rpf-mode strict", and the route to the packet source can only be reached by default route. Condition: When the customer has configured 'rpf-mode strict' on an interface and only route to reach that IP address is by default route then ingress traffic might be dropped. FastIron 08.0.50 for Brocade ICX Switches Release Notes Version 1 112
Source Exif Data:
File Type : PDF File Type Extension : pdf MIME Type : application/pdf PDF Version : 1.6 Linearized : Yes Author : Brocade Communications Inc Company : Brocade Content Type Id : 0x010100380A1FB1AFFE2A418D90BBA17BCC83C7 Create Date : 2016:11:15 18:17:35-08:00 Modify Date : 2016:11:16 08:23:38+05:30 Order : 1900.000000 Source Modified : D:20161116021657 Subject : Tax Keyword : Template Url : Dlc Doc Id : 73DDQ72CQZY2-9-19 Dlc Doc Id Item Guid : 53fb9efa-616c-49d2-8a50-2e8d1044bbbf Dlc Doc Id Url : http://connect.brocade.com/portal/techpubs/_layouts/15/DocIdRedir.aspx?ID=73DDQ72CQZY2-9-19, 73DDQ72CQZY2-9-19 Xd Prog ID : Language : EN-US Tagged PDF : Yes XMP Toolkit : Adobe XMP Core 5.2-c001 63.139439, 2010/09/27-13:37:26 Metadata Date : 2016:11:16 08:23:38+05:30 Creator Tool : Acrobat PDFMaker 11 for Word Document ID : uuid:c4bb767b-3035-44b7-b439-161041a12002 Instance ID : uuid:697e60f3-b37c-4e25-8171-80696088fd10 Format : application/pdf Title : FastIron 08.0.50 Release Notes, v1 Creator : Brocade Communications Inc Description : Producer : Adobe PDF Library 11.0 Tag dlc Doc Id Item Guid : 53fb9efa-616c-49d2-8a50-2e8d1044bbbf Tag dlc Doc Id : 73DDQ72CQZY2-9-19 Tag dlc Doc Id Url : http://connect.brocade.com/portal/techpubs/_layouts/15/DocIdRedir.aspx?ID=73DDQ72CQZY2-9-19, 73DDQ72CQZY2-9-19 Page Layout : OneColumn Page Count : 112EXIF Metadata provided by EXIF.tools