Resolved Issues in ExtremeXOS 22.1
The following issues were resolved in ExtremeXOS 22.1. ExtremeXOS 22.1 includes all fixes up to and including ExtremeXOS 11.6.5.3, and earlier, ExtremeXOS 12.0.5, ExtremeXOS 12.1.7, ExtremeXOS 12.2.2-patch1-12, ExtremeXOS 12.3.6, ExtremeXOS 12.4.5, ExtremeXOS 12.5.5, ExtremeXOS 12.6.3, ExtremeXOS 12.6.5, ExtremeXOS 12.7.1, ExtremeXOS 15.1.5, ExtremeXOS 15.2.4, ExtremeXOS 15.3.3, ExtremeXOS 15.4.1, ExtremeXOS 15.5.1, ExtremeXOS 15.5.2, ExtremeXOS 15.6.1, ExtremeXOS 15.6.2, ExtremeXOS 15.7.1, ExtremeXOS 16.1, ExtremeXOS 16.1.2, ExtremeXOS 16.1.3, and ExtremeXOS 21.1. For information about those fixes, see the release notes for the specific release.
CR Number | Description |
---|---|
General | |
xos0055511 |
While configuring STP (802.1d) with port-encapsulation mode as EMISTP where the L2PT-enabled VMAN and access VLAN have the same tag, the designated bridge is not accepting the L2PT tunneled BPDUs from the root bridge, and thus causes a loop (designated bridge also becomes a root bridge). This problem does not occur:
|
xos0058668 | After rebooting DHCPv6, client remains in rebooting state. |
xos0063183 | Chalet's web login requires RADIUS Netlogin to be enabled for RADIUS authentication to succeed when only Mgmt-Access should be required. |
xos0063331 | VLAN IP address is unconfigured when modifying the VLAN name/port information from Chalet. |
xos0063554 | The following vulnerability in OpenSSL exists that impacts ExtremeXOS (CVE-2015-3197): A malicious client can negotiate SSLv2 ciphers that have been disabled on the server and complete SSLv2 handshakes even if all SSLv2 ciphers have been disabled, provided that the SSLv2 protocol was not also disabled via SSL_OP_NO_SSLv2. This issue affects OpenSSL versions 1.0.2 and 1.0.1. |
xos0064043 | Unable to use a configuration file that has been copied from an existing configuration file. |
xos0064216 | Unable to ping a destination which is reachable, if the destination is also present locally but disabled. |
xos0064220 | Calling-station-id attribute is missing in the RADIUS request for mgmt-access. |
xos0064240 | No log message appears by default when a BGP peer transitions to established or from the established state. |
xos0064436 | When adding ports to VLAN from Chalet, IPforwarding gets disabled for that VLAN. |
xos0064446 | Vulnerability CVE-2016-2108 Negative Zero. |
xos0064447 | Creation of user accounts through XML does not work. |
xos0064459 | Nettools process ends unexpectedly with signal 11 when processing router advertisement packets with DNSSL option. |
xos0064682 | Enabling egress VMAN CEP filtering on a CEP port sends a tagged packet, even though it should be forwarded as untagged. |
xos0064722 | Setting a CoS component IRL or IUB to none (0) in Policy manager (Extreme Management Center) should imply an interpretation by the platform of rate equivalent to "unlimited." However when "0" or "none" is enforced to a Summit Ingmeter this does not mean unlimited, but instead a literal 0 rate |
xos0064863 | Hostname is not getting resolved via DNS while initiating SSH/SCP/TFTP from switch. |
xos0064890 | Kernel oops occurs randomly when there is a lot of slow path forwarded traffic and continuous link flaps. |
xos0064956 | EDP neighbors are not displayed when remote mirroring is disabled or after unconfiguring a monitor port of remote mirroring. |
xos0064960 | Multicast traffic is forwarded through MVR receiver port in a VLAN even if there is no active receiver. |
xos0065073 | Kernel oops observed when IPv6 duplicate address detected in the switch. |
Summit Family Switches | |
xos0058437 | For Summit X460 and X670-G2 series switches, the buffer for Weighted Random Early Detection (WRED) queues is incorrectly allocated at 10% of shared memory plus minimum guarantee, when it should be 100% of shared memory plus minimum guarantee. |
xos0062972 | Add Support for the following optics on Summit X670-G2
and X770 series switches:
|
xos0063433 | On Summit X670 series switches, process rtmgr pid 1554 ends unexpectedly with signal 6 after disabling/enabling links in the active LSP path. |
xos0064068 | When booting with policy enabled or enabling policy after booting, the writing of policy rules is slow. This can also block the saving of the configuration. |
xos0064232 | On Summit X670-G2 and X770 series switches, after changing a VPWS service VLAN tag, traffic continues to be forwarded with the prior tag. |
SummitStack | |
xos0062753 | System-health-check previously ran only on master and backup modules. As a result, any errors on the standby modules of the stack were not checked and reported. The system-health-check process now runs on all ?operational‘ or ?alive‘ modules in the stack, including standby modules. |
xos0063743 | On SummitStacks, after a save, and then reboot, the master node does not reboot and the following error "Timed out - HAL is not responding" appears. |
xos0063788 |
The following error appears continuously in backup/standby nodes when node is put in the failed state due to a license/ExtremeXOS mismatch: <Erro:DM.Error> Slot-2: Node State[185] = FAIL (License Mismatch) |
xos0063919 | On standby nodes, IP ARP refresh and Neighbor refresh are now disabled on VR-Mgmt. Primary and backup nodes use the configured enabled/disabled setting. |
xos0064575 | "Operation draining timed out" error message appears while saving the configuration in stacking switch. |
ExtremeSwitching X440-G2 Series Switches | |
xos0062583 | Policy: Dynamic VLAN is not removed from backup slot after issuing unconfigure policy maptable. |
xos0064964 | Misleading fan failure may be reported on ExtremeSwitching X440-G2-12t and X440-G2-12p switches due to internal fans running at 0 RPM. Fans in these models may operate at 0 RPM if the system temperature is maintained without running the fans. This is normal operation. |
ExtremeSwitching X620 Series Switches | |
xos0062890 | On ExtremeSwitching X620 series switches, 100 mbps SFPs (100FX, FX/LX, BASET) fail to link on reboot. |
Summit X460-G2 Series Switches | |
xos0063811 |
Summit X460-G2 series switches with ExtremeXOS 15.6 through 21.1, have the
following limitations for SyncE input reference frequency:
|
xos0063960 | Several help options do not appear for the show fdb command. |
xos0064472 | SyncE clock switchover does not occur when the clock source ports medium are different. When the clock source configured on a fiber port is then unconfigured, and reconfigured, for another copper port, the clock status goes into holdover mode. After a reboot it gets locked. |
xos0064713 | In SummitStacks, memory leak happens in NetLogin process when continuous MAC authentication occurs leading to a backup node reboot. |
Summit X670-G2 Series Switches | |
xos0064568 | After slot reboot, traffic drop occurs on VPLS service VLAN LAG port. |
ACL | |
xos0064170 | When ClearFlow is enabled with around 4,000 rules with separate counters, the HAL process utilization almost always stays at 40%. |
xos0064496 | BGP route policy performs improper community delete operation. |
xos0064523 | Dynamic ACL rule is not removed properly when turning off packet capture. |
xos0064573 | ACL process ends unexpectedly after refreshing a policy with clear-flow rules. |
BGP | |
xos0064884 | "remove-private-AS-numbers" setting in BGP is not preserved after switch reboot. |
xos0065189 | BGP secondary best path is not active when primary best path goes down. |
MLAG | |
xos0056368 | Kernel errors occur after disabling sharing configuration on ISC ports of MLAG. For example: "exvlan: handleVsmKernelRequest:8545: handleVsmKernelRequest Invalid Ingress port: 1000008 got" |
MPLS | |
xos0063968 | HAL process ends unexpectedly after changing/reverting service VLAN tag. |
xos0064386 | With L3VPN, deleting the user VR type VPN-VRF causes process rtmgr to end unexpectedly with signal 11. |
Python | |
xos0064122 | The command show tech-support terminates prematurely when 40G or 100G optics are present in the switch. |
Security | |
xos0062721 | With Policy enabled, UPM scripting is not executed on an authentication. |
xos0061359 | Policy has no PVID after unconfiguring the switch. |
xos0062850 | When upgrading ExtremeXOS to 15.7 or later releases, the web HTTP access is enabled even though it is disabled in the configuration. |
xos0063190 | Session timeout value is inappropriately overwriting the idle time-out value whenever both session timeout and idle timeout values are same, or the idle timeout value is 0. |
xos0064029 | Cannot delete prefixes for VLAN router advertisement messages after setting them. |
xos0064334 | With both dot1x and MAC enabled on same port and with default protocol order, UPM auth profile is executed only for MAC authentication; dot1x is not executed. Logoff profile is also executed only for MAC user and not for dot1x user. |
SNMP | |
xos0057212 | SNMP traps not sent after changing or saving configuration, even though respective traps are enabled. |
xos0064114 | SNMP process ends unexpectedly with signal 6 after running the switch for a long time. |
SSH | |
xos0062368 | Key based authentication happens for the users without the userS being bound to the key. Any user in the switch is authenticated provided the key is present. |
xos0062431 | Disabled accounts and locked out users can logon using keys. |
xos0063347 | IPv6 address is not supported in SCP client present in the device. |
VLAN | |
xos0063761 | Traffic is not forwarded after disable/enable sharing when traffic ingressing port is part of both port specific tag (PSTag) and service VMAN (untagged port). |
xos0062912 | SNMP trap sent for link up/down status change does not include port instance. |
xos0063837 | After deleting pstag port from a VLAN that has two LAG ports added as untagged, an error message appears. |
xos0064094 | Removing subscriber VLAN from one PVLAN affects traffic in another PVLAN. |
xos0064100 | With policy enabled, switch reloads with kernel oops when deleting a port from a VLAN that also has the same port added to PSTag. |
xos0064491 | The configuration of a disabled VLAN without any ports does not appear in the output of the show configuration command. |
xos0064909 | Traffic loss occurs while changing and reverting the base VID of VLANs with PSTag ports. |
xos0064910 | The following error message occurs while changing tag value in VLANs having port-specific tag configured ports: <Erro:Kern.MPLS.Error> MPLS bcm_esw_mpls_port_match_vlan_del failed |
VRRP | |
xos0063346 | With multiple (greater than two) VRRP instances and host-mobility enabled, FDB flush sent during topology change from other L2 protocols does not occur. |