Open Issues

The following are new open issues for supported features found in ExtremeXOS 16.1.3-Patch1-8.

Open Issues, Platform-Specific, and Feature Change Requests (CRs)

CR Number	Description
General
xos0061053	ExtremeXOS supports the use of RC4 in one or more cipher suites. The RC4 cipher is flawed in its generation of a pseudo-random stream of bytes so that a wide variety of small biases are introduced into the stream, decreasing its randomness. If plaintext is repeatedly encrypted (e.g., HTTP cookies), and an attacker is able to obtain many (i.e., tens of millions) ciphertexts, the attacker may be able to derive the plaintext.
xos0061052	ExtremeXOS accepts connections encrypted using SSL 2.0 and/or SSL 3.0, which reportedly suffer from several cryptographic flaws. An attacker may be able to exploit these issues to conduct man-in-the-middle attacks or decrypt communications between the affected service and clients.
xos0060993	Nessus scan detects the following medium vulnerabilities in ExtremeXOS: SSH: CBC Mode Ciphers Enabled SSH: Weak Mac Algorithms Enabled
xos0060930	When ONEPolicy is enabled and you reach the configured maximum number of authenticated sessions, sessions continue to attempt to authenticate, and then terminate if successful.
xos0061492	For the Summit X430 series switches, you can only create around 3,900 VLANs, which is short of the limit of 4,094. For Summit X440 series switches, you can only create 4,094 VLANs and 40–43K VPIF, whereas 53K VPIF was obtainable in ExtremeXOS 15.7.1.
xos0063245	With IGMP per-VLAN mode, VRRP flaps occur after adding tagged ports to VLANs.
BlackDiamond 8800 Series Switches
xos0060136	With NetLogin with MAC enabled and with dynamic VLAN configured, if FDB ageout timer is configured as 50, sometimes FDB does not synchronize and the command show netlogin mac shows clients authenticated on nlvlan itself.
Summit X450-G2 Series Switches
xos0061097	On Summit X450G2 stack of eight, back-to-back failovers while sending slow-path traffic across eight slots, produce the following error: 04/01/2015 13:36:33.65 <Erro:Kern.Card.Error> Slot-5: bcm_tx_list() returned -4: Invalid parameter Issue does not occur, if slow-path traffic is stopped.
Summit X670 Series Switches
xos0062312	On Summit X670V-48x-VIM4-40G4X switches, when you disable ports on a peer switch, additional 40G ports may go down. Note: Configuring the debounce timer to 4 seconds on these ports may resolve this issue.
Summit Series Switches
xos0060283	The SMON MIB (RFC 2613) which was used to configure mirroring using SNMP is not available in ExtremeXOS.
ACLs
xos0061183	On BlackDiamond X8 and 8800 series switches, if failover occurs during an active ESVT test, sometimes it might persist in "running" state.
BGP
xos0060352	BGP speaker accepts invalid updates (for example, invalid IP addresses such as 0.0.0.0/24). These are installed in BGP LOCAL RIB, as well as in route table.
Clocking (1588v2)
xos0060785	Precision time feature limitations for ExtremeXOS 16.1: ExtremeXOS 16.1 slave ports sync to grandmasters, such as Symmetricom, and to other ExtremeXOS 16.1 clocks, but not to ExtrememXOS 15.7, and earlier. If networks of clocks are to be upgraded to ExtremeXOS 16.1, complete the upgrades simultaneously or staged starting closest to the grandmaster. Before beginning a staged upgrade, where an earlier version of ExtremeXOS must sync to an ExtremeXOS 16.1 clock, test the particular configuration beforehand. ExtremeXOS 16.1 slave clock ports must be configured with the “slave-only” option to sync to other ExtremeXOS 16.1 clocks.
MPLS
xos0061018	After failover, traffic fails across VPLS configured with 64 LSPs across LAG.
xos0061276	MPLS LSP (LDP/RSVP) is not formed when BGP is used as IGP routing protocol.
xos0061374	With an L2VPN session between two Label Edge Routers (LERs), broadcast packets egressing the LERs are corrupted.
xos0062314	Detour LSP counters display incorrect values in the output of the commands show mpls rsvp-te lsp and show mpls rsvp-te lsp fast-reroute.
NetLogin
xos0060488	With upload and download of NetLogin with UPM XSF file, UPM profile is not executed for the user-authenticate and unauthenticate events.
xos0060280	Enabling NetLogin mac on mirrored ports does not produce an error.
xos0061375	Re-authentication fails for some NetLogin authenticated clients after changing the EXTREME_NETLOGIN_EXTENDED_VLAN VSA (211) with scaled number of NetLogin authenticated clients.
xos0061116	After disabling NetLogin dot1x, attempting to enable NetLogin dot1x produces an error indicating that NetLogin is already enabled on a port.
OSPF
xos0061100	CPU utilization monitor incorrectly displays 99% CPU usage for OSPF while restarting OSPF process.

Published June 29, 2016prev | next

Email this topic

Print this page Print this page

Leave feedback Feedback

Switching

Routing

Wireless

Management & Automation

Analytics & Visibility

Security & Access Control

Remote

Cloud

Security

Machine Learning

Campus Fabric

Data Center Fabric

Internet of Things

Wi-Fi 6

Primary & Secondary Education (K-12)

Retail

Service Providers

Federal Government

Manufacturing

Higher Education

Healthcare

Hospitality

State & Local Government

Sports & Public Venues

Support Portal

Knowledge Base

Documentation

End of Sale

Policies & Warranties

Training & Courses

Maintenance Services

Premier Services

Professional Services

Managed Services

Open Issues