This section identifies the known issues in this release.
Issue number |
Description |
Workaround |
---|---|---|
HTTPS connection fails for CA-signed certificate with certificate inadequate type error on FF. |
Ensure End-Entity, Intermediate CA and Root CA certificates are all SHA256 based and RSA2048 key signed, and Extended key usage field is set to TLS webserver Auth only for subject and root. For intermediate, it must be set with other required bits to avoid this issue. Add the root, intermediate CAs in the trust store of the browser for accessing the EDM with HTTPS. |
|
VOSS-1265 |
On the port that is removed from a T-UNI LACP MLT, non T-UNI configuration is blocked as a result of T-UNI consistency checks. |
When a port is removed from a T-UNI LACP MLT, the LACP key of the port must be set to default. |
VOSS-1280 |
The following error message occurs when performing shutdown/no-shutdown commands continuously: IO1 [05/02/14 06:59:55.178:UTC] 0x0011c525 00000000 GlobalRouter COP-SW ERROR vsp4kTxEnable Error changing TX disable for SFP module: 24, code: -8 |
None. When this issue occurs, the port in question can go down, then performs a shutdown/no-shutdown of the port to bring it up and resumes operation. |
VOSS-1285 |
CAKs are not cleared after setting the device to factory-default. |
None. Currently this is the default behavior and does not affect functionality of the MACsec feature. |
VOSS-1288 |
Shutting down the T1 link from one end of the link does not shut down the link at the remote end. You could experience traffic loss if the remote side of the link is not shut down. |
This issue occurs only when a T1 SFP link from one end is shutdown. Enable a dynamic link layer protocol such as LACP or VLACP on both ends to shut the remote end down too. As an alternative, administratively disable both ends of the T1 SFP link to avoid the impact. |
VOSS-1289 |
On a MACsec-enabled port, you can see delayed packets when the MACsec port is kept running for more than 12 hours. This delayed packet counter can also increment when there is complete reordering of packets so that the application might receive a slow response. But in this second case, it is a marginal increase in the packet count, which occurs due to PN mismatch sometimes only during Key expiry, and does not induce any latency. |
None. |
VOSS-1309 |
You cannot use EDM to issue ping or traceroute commands for IPv6 addresses. |
Use CLI to initiate ping and traceroute commands. |
VOSS-1310 |
You cannot use EDM to issue ping or traceroute commands for IPv4 addresses. |
Use CLI to initiate ping and traceroute commands. |
VOSS-1335 |
In an IGMP snoop environment, after dynamically downgrading the IGMP version to version 2 (v2), when you revert back to version 3 (v3), the following is observed:
|
Use a v3 interface as querier in a LAN segment that has snoop-enabled v2 and v3 interfaces. |
VOSS-1344 |
In EDM, you cannot select multiple 40 gigabit ports or a range of ports that includes 40 gigabit ports to graph or edit. You need to select them and edit them individually. |
None. |
VOSS-1349 |
On EDM, the port LED for channelized ports only shows the status of sub-port #1, but not the rest of the sub-ports. When you remove sub-port #1, and at least one other sub-port is active and online, the LED color changes to amber, when it should be green because at least one other sub-ports is active and online. The LED only shows the status of sub-port #1. |
None. |
VOSS-1354 |
An intermittent link-flap issue can occur in the following circumstance for the copper ports. If you use a crossover cable and disable auto-negotiation, the port operates at 100 Mbps. A link flap issue can occur intermittently and link flap detect will shut down the port. |
Administratively shutdown, and then re-enable the port. Use auto-negotiation. Disabling auto-negotiation on these ports is not a recommended configuration. |
VOSS-1358 |
Traffic is forwarded to IGMP v2 SSM group, even after you delete the IGMP SSM-map entry for the group. |
If you perform the delete action first, you can recreate the SSM-map record, and then disable the SSM-map record. The disabled SSM-map record causes the receiver to timeout because any subsequent membership reports that arrive and match the disabled SSM-map record are dropped. You can delete the SSM-map record after the receivers time out. |
VOSS-1359 |
The 4 byte AS confederation identifier and peers configuration are not retained across a reboot. This problem occurs when 4 Byte AS is enabled with confederation. |
Reconfigure the 4 byte AS confederation identifier and peers on the device, and reboot. |
VOSS-1360 |
After you enable enhanced secure mode, and log in for the first time, the system prompts you to enter a new password. If you do not meet the minimum password requirements, the system displays the following message: Password should contain a minimum of 2 upper and lowercase letters, 2 numbers and 2 special characters like !@#$%^*(). Password change aborted. Enter the New password: The system output message does not display the actual minimum password requirements you need to meet, which are configured on your system. The output message is an example of what the requirements need to meet. The actual minimum password requirements you need to meet are configured on your system by the administrator. |
None. |
VOSS-1367 |
The configuration file always includes the router ospf entry regardless of whether OSPF is configured. This line does not perform any configuration and has no impact on the running software. |
None. |
VOSS-1368 |
When you use Telnet or SSH to connect to the switch, it can take up to 60 seconds for the log in prompt to appear. However, this situation is very unlikely to happen, and it does not appear in a standard normal operational network. |
Do not provision DNS servers on a switch to avoid this issue altogether. |
VOSS-1370 |
If you configure egress mirroring on NNI ports, you do not see the MAC-in-MAC header on captured packets. |
Use an Rx mirror on the other end of the link to see the packets. |
VOSS-1371 |
A large number of IPv6 VRRP VR instances on the same VLAN can cause high CPU utilization. |
Do not create more than 10 IPv6 VRRP VRs on a single VLAN. |
VOSS-1389 |
If you disable IPv6 on one RSMLT peer, the switch can intermittently display COP-SW ERROR and RCIP6 ERROR error messages. This issue has no impact. |
None. |
VOSS-1390 |
If you delete the SPBM configuration and re-configure SPBM using the same nickname but a different IS-IS system ID without rebooting, the switch displays an error message. |
Reboot the switch after you delete the SPBM configuration. |
VOSS-1403 |
EDM displays the user name as Admin, even though you log in using a different user name. |
None. |
VOSS-1406 |
When you re-enable insecure protocols in the CLI SSH secure mode, the switch does not display a warning message. |
None. |
VOSS-1418 |
EDM displays the IGMP group entry that is learned on a vIST MLT port as TX-NNI. |
Use CLI to view the IGMP group entry learned on a vIST MLT port. |
VOSS-1428 |
When port-lock is enabled on the port and re-authentication on the EAP client fails, the port is removed from the RADIUS-assigned VLAN. This adds the port to the default VLAN and displays an error message. This issue has no impact. |
The error message is incorrect and can be ignored. |
VOSS-1433 |
When you manually enable or disable IS-IS on 40 Gbps ports with CR4 direct attach cables (DAC), the port bounces one time. |
Configure IS-IS during the maintenance period. Bring the port down, configure the port and then bring the port up. |
VOSS-1438 |
In a rare scenario in Simplified vIST configuration when vIST state is toggled immediately followed by vIST MLT ports are toggled, one of the MLT ports will go into blocking state resulting in failure to process data packets hashing to that link. |
Before enabling vIST state ensure all vIST MLT ports are shut and re-enabled after vIST is enabled on the DUT. |
VOSS-1440 VOSS-1441 |
When you configure a scaled Layer 3 VSN (24 Layer 3 VSN instances), route leaking from GRT to VRF on the local DUT does not happen. The switch displays an incorrect error message: Only 24 Layer 3 VSNs can be configured. |
None. |
VOSS-1463 VOSS-1471 |
When you use Fabric Extend over IP (FE-IP) and Fabric Extend over Layer 2 VLAN (FE-VID) solution, if you change the ingress and egress .1p map, packets cannot follow correct internal QoS queues for FE tunnel to FE tunnel, or FE tunnel to regular NNI traffic. |
Do not change the default ingress and egress .1p maps when using Fabric Extend. With default ingress and egress .1p maps, packets follow the correct internal QoS when using the Fabric Extend feature. |
VOSS-1473 |
If the I-SID associated with a Switched UNI or Fabric Attach port does not have a platform VLAN association and you disable Layer 2 Trusted, then the non IP traffic coming from that port does not take the port QoS and still uses the .1p priority in the packet. |
None. |
VOSS-1530 |
If you improperly close an SSH session, the session structure information does not clear and the client can stop functioning. |
Disable and enable SSH. |
VOSS-1584 |
The show debug-file all command is missing. |
None. |
VOSS-1585 |
The system does not generate a log message, either in the log file or on screen, when you run the flight-recorder command. |
None. |
VOSS-1608 |
If you use an ERS 4850 FA Proxy with a VOSS or Fabric Engine FA Server, a mismatch can exist in the show output for tagged management traffic. The ERS device always sends traffic as tagged. The VOSS or Fabric Engine FA Server can send both tagged and untagged. For untagged, the VOSS and Fabric Engine FA Servers send VLAN ID 4095 in the management VLAN field of the FA element TLV. The ERS device does not recognize this VLAN ID and so still reports the traffic as tagged. |
There is no functional impact. |
VOSS-1706 |
EAPOL: Untagged traffic is not honoring the port QOS for Layer 2 trusted/ Layer 3 untrusted. This issue is only seen on EAPOL-enabled ports. |
None. |
VOSS-2014 |
IPv6 MLD Group is learned for Link-Local Scope Multicast Addresses. This displays additional entries in the Multicast routing tables. |
None. |
VOSS-2033 |
The following error messages appear when you use the shutdown and no shutdown commands on the MLT interface with ECMP and BGP+ enabled: CP1 [01/23/16 11:10:16.474:UTC] 0x00108628 00000000 GlobalRouter RCIP6 ERROR rcIpReplaceRouteNotifyIpv6:FAIL ReplaceTunnelRec conn_id 2 CP1 [12/09/15 12:27:02.203:UTC] 0x00108649 00000000 GlobalRouter RCIP6 ERROR ifyRpcOutDelFibEntry: del FIB of Ipv6Route failed with 0: ipv6addr: 201:6:604:0:0:0:0:0, mask: 96, nh: 0:0:0:0:0:0:0:0 cid 6657 owner BGP CP1 [12/09/15 12:20:30.302:UTC] 0x00108649 00000000 GlobalRouter RCIP6 ERROR ifyRpcOutDelFibEntry: del FIB of Ipv6Route failed with 0: ipv6addr: 210:6:782:0:0:0:0:0, mask: 96, nh: fe80:0:0:0:b2ad:aaff:fe55:5088 cid 2361 owner OSPF |
Disable the alternate path. |
VOSS-2117 |
If you configure static IGMP receivers on an IGMPv3 interface and a dynamic join and leave are received on that device from the same destination VLAN or egress point, the device stops forwarding traffic to the static receiver group after the dynamic leave is processed on the device. The end result is that the IGMP static groups still exist on the device but traffic is not forwarded. |
Disable and re-enable IGMP Snooping on the interface. |
VOSS-2128 |
EAP Security and Authentication EDM tabs display additional information with internal values populated, which is not useful for the end user. |
There is no functional impact. Ignore the additional information in EDM. Use the CLI command show eapol port interface to see port status. |
VOSS-2207 |
You cannot configure an SMTP server hostname that begins with a digit. The system displays the following error: Error: Invalid IP Address or Hostname for SMTP server |
None. |
VOSS-2208 |
While performing CFM Layer 2 traceroute between two BEBs using a transit BCB, the transit BCB hop is not seen, if the transit BCB has ISIS adjacencies over FE l3core with both source BEB and destination BEB. |
None. |
VOSS-2253 |
Trace level command does not list module IDs when '?' is used. |
To get the list of all module IDs, type trace level, and then press Enter. |
VOSS-2285 |
When on BEB, continuously pinging IPv6 neighbor address using CLI command ping -s, ping packets do not drop, but instead return no answer messages. |
Restart the ping. Avoid intensive CPU processing. |
VOSS-2333 |
Layer 2 ping to Virtual BMAC (VBMAC) fails, if the VBMAC is reachable using Layer 2 core. |
None. |
VOSS-2422 |
When a BGP Neighbor times out, the following error message occurs: CP1 [03/11/16 13:43:39.084:EST] 0x000b45f2 00000000 GlobalRouter SW ERROR ip_rtdeleteVrf: orec is NULL! |
There is no functional impact. Ignore the error message. |
VOSS-2859 |
You cannot modify the port membership on a protocol-based VLAN using EDM, after it has been created. |
Use CLI to provision the port membership on the protocol-based VLAN or delete the protocol-based VLAN, and then re-create it with the correct port member setting. |
VOSS-4255 |
If you run IP traceroute from one end host to another end host with a DvR Leaf in between, an intermediate hop will appear as not responding because the Leaf does not have an IP interface to respond. The IP traceroute to the end host will still work. |
None. |
VOSS-4728 |
If you remove and recreate an IS-IS instance on an NNI port with auto-negotiation enabled in addition to vIST and R/SMLT enabled, it is possible that the NNI port will briefly become operationally down but does recover quickly. This operational change can lead to a brief traffic loss and possible reconvergence if non-ISIS protocols like OSPF or BGP are also on the NNI port. |
If you need to remove and recreate an IS-IS instance on an auto-negotiation enabled NNI port that also has non-ISIS traffic, do so during a maintenance window to minimize possible impact to other non-ISIS traffic. |
VOSS-4840 |
If you run the show fulltech command in an SSH session, do not disable SSH on the system. Doing so can block the SSH session. |
None. |
VOSS-5130 |
Disabling and immediately enabling IS-IS results in the following log message: PLSBFIB ERROR: /vob/cb/nd_protocols/plsb/lib/ plsbFib.cpp(line 1558) unregisterLocalInfo() local entry does not exist. key(0xfda010000fffa40) |
There is no functional impact. Ignore the error message. |
VOSS-5159 & VOSS-5160 |
If you use a CLIP address as the management IP address, the switch sends out 127.1.0.1 as the source IP address in both SMTP packets and TACACS+ packets. |
None. |
VOSS-5173 |
A device on a DvR VLAN cannot authenticate using RADIUS if the RADIUS server is on a DvR VLAN on a DvR Leaf using an in-band management IP address. |
Place the RADIUS server in a non-DvR VLAN off a DvR Leaf or DvR Controller. |
VOSS-5331 |
When you enable FHS ND inspection on a VLAN, and an IPv6 interface exists on the same VLAN, the IPv6 host client does not receive a ping response from the VLAN. |
None. |
VOSS-5603 |
In a scaled DvR environment (scaled DvR VLANs), you could see a higher CPU utilization while deleting a DvR leaf node from the DvR domain (no dvr leaf). The CPU utilization stays higher for several minutes on that node only and then returns to normal after deleting all the internal VLANs on the leaf node. |
It is recommended to use a maintenance window when removing leaf(s) from a DvR domain. |
VOSS-5627 |
The system does not currently restrict the number of VLANs on which you can simultaneously configure NLB and Directed Broadcast, resulting in resource hogging. |
Ensure that you configure NLB and Directed Broadcast on not more than 100 VLANs simultaneously, assuming one NLB cluster for each VLAN. Also, ensure that you configure NLB on a VLAN first, and then Directed Broadcast, so as to not exhaust the NLB and Directed Broadcast shared resources. The shared resources are NLB interfaces and VLANs with Directed Broadcast enabled. The permissible limit for the shared resources is 200. |
VOSS-6189 |
When you connect to EDM using HTTPS in Microsoft Edge or Mozilla Firefox, the configured values for the RADIUS KeepAliveTimer and CFM SBM MepId do not appear. |
Use Internet Explorer when using an HTTPS connection. |
VOSS-6928 |
On VSP 8000 Series platforms, IPv4 Filters with redirect next hop action do not forward when a default route is not present or a VLAN common to ingress VLAN of the filtered packet is not present. |
Configure a default route if possible. |
VOSS-7139 |
DHCPv6 Snooping is not working in an SPB network as the DHCPv6 Snooping entries are not being displayed. |
Administrator should add manual entries. |
VOSS-7457 |
The switch can experience an intermittent traffic loss after you disable a Fabric Extend tunnel. |
Bounce the tunnel between the devices. |
VOSS-7472 |
EDM shows incorrect guidance for ACL TCP flag mask. EDM reports 0…63 as hexadecimal. CLI correctly shows <0-0x3F | 0-63> Mask value <Hex | Decimal>. This is a display issue only with no functional impact. |
Use CLI to see the correct unit values. |
VOSS-8424 |
A fragmented ping from an external device to a switch when the VLAN IP interface is tied to a non-default VRF fails. |
None. |
VOSS-8516 |
Secure Copy (SCP) cannot use 2048-bit public DSA keys from Windows. |
Use 1024/2048-bit RSA keys or 1024-bit DSA keys. |
VOSS-9516 |
When you connect to EDM using HTTPS, you can see multiple SSL negotiation with client successful messages during your EDM session. The system displays this message, each time a successful SSL_Handshake occurs between the web browser and the web server. The log file cannot show as many messages as the console and the timing between messages can be different because logging does not occur in real time. |
None. |
VOSS-9921 |
Bootup redirection timeout is longer than the UNI port (SMLT) unlock timer. If both vIST nodes boot together in factory default configuration fabric mode or without a nickname, the vIST ports will not enable for up to 4 minutes. During the delay the nickname server is unreachable and vIST is not online. |
None. |
VOSS-10380 |
If you enable and configure IPv6 Source Guard and EAPoL on a port, and create and configure a Guest VLAN on the same port without DHCP Snooping and ND-inspection, no error is shown. The port is not added to the Guest VLAN. |
Configure DHCP Snooping and ND-inspection are not configured on the Guest VLAN. |
VOSS-10381 |
If you enable and configure IPv6 Source Guard and EAPoL MHSA on a port, and create and configure RAVs for Non-EAP clients on the same port without DHCP Snooping and ND-inspection, no error is shown. The client displays as authenticated into RAV, even when port is not a member of RAV. |
None. |
VOSS-10574 |
IS-IS sys-name output is not truncated for show isis spbm nick-name or show ip route commands. If a long character sys-name is in use, the full sys-name display can cause misalignment of the output columns. |
None. |
VOSS-10815 |
DvR over SMLT: Traffic is lost at failover on SMLT towards ExtremeXOS or Switch Engine switches. DvR hosts are directly connected to the DvR controllers vIST pair on SMLT LAG and switched-UNIs are dynamically added using Fabric Attach. Only occurs when the access SMLT is LACP MLT and all the ports in the MLT are down. When all ports in the MLT down and an ARP request is received over an NNI link, there is no physical port that can be associated with the ARP request. The ARP entry is learned against NNI link, and MAC syncs from vIST peer or from a non-vIST peer when bouncing vIST. |
None. |
VOSS-11895 |
In a vIST SMLT environment where streams are both local and remote, if source and receiver port links are removed and reinserted several times, eventually traffic will not be forwarded to local single-homed receivers on one peer if the traffic is ingressing from the vIST peer over the NNI link. If the stream ingresses locally, it is received by the local UNI receivers. |
Disable and re-enable Fabric Multicast (spbm <1–100> multicast enable) on the source VLAN to be able to delete the streams and come back in properly. |
VOSS-11943 |
This release does not support per-port configuration of Application Telemetry. Because the feature is enabled globally and VSP 7432CQ supports 32 100 Gbps ports, an undesirable condition could be encountered when an exceeded amount of Application Telemetry mirrored packets are sent to the collector. |
None. |
VOSS-12330 |
When accessing the on-switch RESTCONF API documentation in a web browser, the page does not render correctly. |
Ensure you include the trailing slash (/) in the URL: http(s)://<ip-address>:8080/apps/restconfdoc/. For more information, see Fabric Engine User Guide. |
VOSS-12405 |
To reach a VM, all front panel traffic must travel through an Insight port, which is a 10 Gbps port. If front panel port traffic is over 10 Gbps, this situation represents an over subscription on the Insight port and some of the packets will be dropped. As a result, ExtremeCloud IQ Site Engine can lose connectivity to the Analytics engine if Application Telemetry is enabled. |
None. |
VOSS-13159 |
The ixgbevf Ethernet device driver within the TPVM does not correctly handle the interface MTU setting. Specifically, if you configure the interface in SR-IOV mode, packets larger than the MTU size are allowed. |
To avoid this problem, configure the desired MTU size on both the relevant front-panel port and Insight port from the NOS CLI. |
VOSS-13667 |
An intermittent issue in SMLT environments, where ARPs or IPv6 neighbors are resolved with delay can cause a transient traffic loss for the affected IPv6 neighbors. The situation auto-corrects. |
None. |
VOSS-13794 |
You cannot use SFTP to transfer files larger than 2 GB to the switch. |
Use SCP. |
VOSS-13904 VOSS-13932 VOSS-16503 |
VSP 4900 Series has 2 GB memory in a 64-bit system so the RESTCONF VLAN scaling number is smaller than on VSP 7400 Series, which has 16 GB physical memory. Using RESTCONF on VSP4900-48P or VSP4900-24S reduces the number of port-based VLANs on those platforms:
|
None. |
VOSS-13947 |
After you enable MSTP-Fabric Connect Multi Homing (spbm 1 stp-multi-homing enable), you cannot view the configuration, role, or statistics for the STP virtual port. |
None. |
VOSS-14597 |
Ping (originated from local CP) fails for jumbo frames on Layer 3 VSN interface. |
None. |
VOSS-15079 |
The Extreme Networks 10 meter SFP+ passive copper DAC (Model Number 10307) does not function on ports 2/3 and 2/4 of the VIM5-4X. |
Use the Extreme Networks SFP+ active optical DAC (Model Number AA1403018-E6) with the VIM5-4X. |
VOSS-15112 |
BFD sessions associated with static routes could flap one time before remaining up, when shutting down and bringing back up a BFD peer port. |
None. Ignore the extra BFD session flap. |
VOSS-15391 |
An SNMP walk on the rcIgmpSnoopTraceTable table will fail with an OID not increasing error. CLI and EDM are unaffected by this issue. |
None. |
VOSS-15541 |
You can experience temporary traffic loss when shutting down an LACP SMLT port (and therefore causing the local SMLT to go down), in a network with scaled Multicast traffic over an SPB cloud, while the datapath processes all dpm letter messages during LCAP recovery. This slow LACP recovery situation is only seen with scaled Multicast traffic over an SPB cloud. |
Use static MLTs. |
VOSS-15812 |
Layer 3VSN IPv4 BGP (and static) routes having their next-hops resolved using IS-IS routes could result in traffic loss. |
Choose the following workarounds, based on your deployment and needs:
|
VOSS-15878 |
VSP 4900 Series and VSP 7400 Series do not boot with just the serial console cable connected and no terminating device, for example, a terminal server, PC, or Mac. |
Either attach terminal equipment or disconnect the console cable. |
VOSS-16971 |
On VSP4900-24S, VSP4900-24XE, andVSP4900-12MXU-12XE devices, and on the VIM5-4XE, if a copper SFP is plugged in with the cable inserted and the remote end is also plugged in, the peer box could see a link flap and take 6-8 seconds to link up. |
First, plug in the SFP, and then insert the cable. The link up then happens in 3-4 seconds. |
VOSS-17567 |
Do not use the inter-vrf /32 static routes defined with a next-hop IP address that resides in a different destination next-hop-vrf context. |
None. |
VOSS-18023 |
The management port on the 5520 switch does not support Auto-MDIX (the automatic detection of transmit and received twisted pairs). As a best practice, enable the default auto-negotiation setting on the management port. Because the management port does not support Auto-MDIX, when auto-negotiation is disabled, a crossover cable might be necessary to have the port link up and pass traffic. Note: If the peer device supports Auto-MDIX,
then either a straight through or crossover will work. The issue occurs only if both ends
of the connection do not support Auto-MDIX.
|
None. |
VOSS-18238 |
When a management VLAN with DHCP is used to reach a RADIUS server, and the RADIUS server cannot be reached, the system waits for 15 minutes before attempting to reach the RADIUS server again. This is true even if the RADIUS server becomes reachable before the 15 minutes have elapsed. |
None. |
VOSS-18278 |
On the 5520 switch, when you make any change relating to port speed, the port statistics are cleared. This applies to all front panel fiber and copper ports as well as VIM ports. The following are examples of changes relating to port speed:
|
None. |
VOSS-18360 |
This is an intermittent issue on the VSP 7400 Series with no impact to functionality, ISIS is disabled while the show fulltech command is running on a telnet session. Due to this the fulltech command will not find the expected I-SID value, as it is removed by the no isis command. |
None. |
VOSS-19212 |
After upgrading a VSP 7432CQ switch to VOSS 8.2.5 and rebooting, the presence of a faulty power supply unit will cause the system to terminate. A message in the debug log will report that the software could not read the contents of the power supply's EEPROM (carbonatelib_ps_read_eeprom operation). |
Replace the power supply unit in the switch. |
VOSS-19260 |
Port mirroring does not work on port 1/s1 of VSP 7400-48Y if the connection type is OVS/SR-IOV. |
Use a connection type of VT-d for port 1/s1. |
VOSS-19827 |
LLDP IPv6 neighbors do not display in EDM. LLDP IPv6 is only supported in CLI. |
To display LLDP IPv6 neighbors, use the show lldp neighbor summary command. |
VOSS-20455 |
As the switch starts, it can display the following log messages due to incomplete initialization of the management stack when trying to send the first RADIUS packet:
|
None. This issue has no functional impact. |
VOSS-20456 |
Although the Management Router is not supported in the NOS, you can add a static route for VRF 512 using EDM. The route does not become active even if the next-hop address is reachable from the OOB management interface. |
None. This issue has no functional impact. |
VOSS-21097 |
In Multi-Area where vIST peers are boundary nodes, vIST can briefly flap during connection formation when IS-IS is disabled and then reenabled on both vIST peers. |
None. |
VOSS-21123 |
Brouters on UNIs of VSP 7400 vIST peers cannot ping each other. |
Add a static ARP for the Brouter of the VIST peer. |
VOSS-21233 |
Clearing DvR host entries in a highly scaled Multi-Area DvR environment can trigger DBSYNC WARNING messages (0x00390606 - 00000000 GlobalRouter DBSYNC WARNING Message queue length from DB Sync to tMain reached warning threshold) but these can be expected in a scaled environment and are not a malfunction. |
None. |
VOSS-21964 |
When using Windows SCP application on a switch to transfer a file, an error message displays even if a file transfers successfully. | |
VOSS-22255 |
Ping, which originates from a local CP, fails for ICMP packets bigger than 1500 sent from Layer 3 VSN interface. |
Initiate ping with packets size smaller than 1500. |
VOSS-22522 |
RESTCONF is delayed in a scaled setup with 2,000 VLANs. |
None. |
VOSS-22858 |
LLDP neighbor should not be discovered with mismatch in MKA MACsec on 5520 Series ports. |
Disable MKA on both sides or shut down the port on both sides. |
VOSS-23146 |
Multi-area DvR/SPBM configuration: Timeout: No response message is returned during snmpwalk on one of the DvR controllers. |
Run the snmpwalk command with an increased timeout. You can also run snmpwalk for a specific object. |
VOSS-23181 |
When you enable the boot config flags macsec command, the indiscard counter increments on SPBM-enabled ports. |
None. There is no functional impact. |
VOSS-23216 |
If you do not enable the DvR interface when you configure a dvr-one-ip interface, the dvr-one-ip interface does not display when you issue the show dvr interfaces command. |
Enable the DvR interface. |
VOSS-23229 |
In an E-Tree scenario, IPv6 packets are forwarded between isolated ports on 5520 Series, 5420 Series, and VSP 7400 Series. |
None. |
VOSS-24777 |
In the following port configurations on 5520 Series, 5420 Series, VSP 4900 Series, and VSP 7400 Series, inVSN ACL entries match ingressing packets that have the same VID as the VLAN associated with the ACL I-SID even if the ACL inVSN I-SID is different:
|
None. |
VOSS-24872 |
If the collector reachability path changes for Application Telemetry, it is not reflected properly in CLI. Packets remain mirrored towards the correct path but CLI does not reflect the next hop. |
None. There is no functional impact. |
VOSS-25023 |
5520 Series, 5420 Series, and 5320 Series platforms can reach 100% CPU utilization during inband transfer (FTP, SFTP, and SCP). |
None. |
VOSS-25162 |
RESTCONF ARP and MAC data: on 5x20 switches with 5K ARP entries and 5K MAC entries, it takes approximately 1 minute to retrieve data. The time increases based on the number of entries. The same occurs on VSP 7400 Series with over 15K entries. |
None. |
VOSS-25288 |
Secure boot information for 5720 Series, 7520 Series , and 7720 Series does not display when you issue the show sys-info command. |
None. |
VOSS-25728 |
You cannot assign a second disk to the second virtual service on the following switches:
|
None. |
VOSS-25874 |
Intermittent issue that causes inconsistency in show output. |
None. |
VOSS-25959 |
On the VSP 4900 Series, VSP 7400 Series, and 5720 Series, the virtual service does not operate properly when you configure e1000 Network Interface Card (NIC) type for SR-IOV and VT-d connect types. |
None. |
VOSS-26028 |
On the VSP 4900 Series, VSP 7400 Series, and 5720 Series, the virtual service does not operate properly when you configure more than 16 virtual ports per Extreme Integrated Application Hosting port. |
None. |
VOSS-26032 | NNI port remains in STP blocking state in a very specific scenario and configuration. | Bounce the NNI port. |
VOSS-26099 |
MACsec Key Agreement (MKA) MACsec does not operate properly when you enable and disable MKA MACsec on the port 15-20 times. |
None. |
VOSS-26122 |
Intermittently, some CLI commands related to sFlow functionality do not display in the CLI log. |
None. |
VOSS-26151 |
MACsec Key Agreement (MKA) does not operate between Fabric Engine 5520 Series and 5720 Series switches and ExtremeXOS 5520 Series and 5720 Series switches when you use GCM-AES-256 MACsec encryption cipher suite on copper ports. |
As a workaround, use GCM-AES-128 MACsec encryption cipher suite to connect Fabric Engine 5520 Series and 5720 Series switches and Switch Engine 5520 Series and 5720 Series switches. |
VOSS-26526 |
After you format a USB drive and issue the ls command, the current date and time does not display. |
None. |
VOSS-26527 |
Intermittently, the show sys-info command does not display the correct part number or serial number for the 2000 W AC PoE power supply (Model XN-ACPWR-2000W with front-to-back ventilation airflow). |
None. |
VOSS-26665 |
Password hash sha2 is present in show running-config and save config. This is the default value. | None. |
VOSS-26692 |
The entry for VLAN used to send/receive VXLAN packets to/from FIGW (for IPSec encapsulation) is missing from my_station_tcam table. In this case, traffic over the corresponding FE tunnel is lost. | Shut/no shut of the used sideband port fixes the problem. |
VOSS-26822 |
Configuration tab for Ports 53-54 (VSP 7400-48Y) cannot be accessed from the first attempt. | Select menu options on your Mozilla Firefox browser. Alternatively, use another browser: Google Chrome, Safari, or Microsoft Edge. |
VOSS-26831 |
Device not able to complete trap registration with ExtremeCloud IQ Site Engine when onboarding with ZTP+. | Use the default Trap profile when using Trap registration with auto onboarding in ExtremeCloud IQ Site Engine. |
VOSS-27235 |
If you delete a VLAN IP interface, the switch does not delete the associated DvR gateway IP address. |
Manually delete the DvR gateway IP address. |
VOSS-27643 |
On 5320 Series, packet port statistics do not increment for multicast traffic ingressing Layer 3 Fabric Extend NNI. |
As a workaround, calculate the number of packets from the total number of bytes received. |
VOSS-27784 |
Layer 3 VSN traffic continues to flow after you delete IP addresses in dual stack scenarios. |
None. |
VOSS-27875 |
On 7520-48XT-6C copper ports(1/1-1/48) with SLPP enabled, the port LED state is off. |
None. |
VOSS-28101 |
The loss of IP BGP in-route-map and out-route-map from config when you upgrade to Release
8.5.x or later is due to the removal of the following legacy commands in Release 8.5.x that
were not needed on newer platforms:
|
As a workaround, apply incoming and outgoing route-maps for BGB peers or peer groups. |
VOSS-28437 |
Layer 3 routed traffic is discarded in a square topology with two pairs of vIST DVR controllers in different domains when traffic should reach the diagonal switch. |
As a workaround, save the configuration file with the NNI-MSTP flag configured and reboot the system. |
VOSS-28241 |
For a routed Gigabit Ethernet interface, traffic doubles on vIST peers if you issue the action flushALL command. |
None. |
VOSS-28525 |
DHCP clients fail to receive an IP address in scenarios with VRRP over SMLT when SMLT goes down and the DHCP interface is configured to broadcast. |
As a workaround, disable broadcast on the DHCP relay. |
VOSS-28625 |
Boundary Nodes return VRRP packets into the originating area and cause warning messages to display. The issue occurs if you create the following ACL rule on a Multi-area SPB Boundary Node: filter acl 1 type inVsn matchType both filter acl i-sid 1 12990020 filter acl ace 1 1 filter acl ace action 1 1 permit monitor-isid-offset 1 filter acl ace ethernet 1 1 ether-type eq ip filter acl ace 1 1 enable The issue is caused by the interoperability of this specific ACL configured to mirror the I-SID traffic, and the Multi-area filters. |
Remove the ACL used to mirror I-SID traffic on the boundary node. Use Fabric RSPAN (Mirror to I-SID) to achieve similar functionality. Alternatively, use matchtype "uniOnly" instead of “both". |
VOSS-28672 |
IPFIX does not learn MCoSPB NNI-UNI flows on 7520 Series, 7720 Series, and VSP 7400 Series. |
None. |
VOSS-29287 |
Interoperability issues can occur between VOSS/Fabric Engine switches and ExtremeXOS/Switch Engine switches when you use MACsec MKA and disable SCI tagging on both ends. Disabling SCI tagging on both ends works for ExtremeXOS/Switch Engine if the VOSS/Fabric Engine version is earlier than 8.7. |
None. |
VOSS-29711 | If you enter a delayed reboot command for a device with at least one active RADIUS Accounting session, the switch does not send the RADIUS Accounting Stop or RADIUS Accounting Off packets, and console traces display on the screen. | None. |
VOSS-29799 | Using ZTP+ onboarding with the Management Interface value configured as Management Service for a C-VLAN service does not work. The C-VLAN is created but the management port does not move to the C-VLAN. | Onboarding with Management Service for a DvR Leaf is limited to S-UNI services; you cannot use C-VLAN for a DvR Leaf. For non-DvR and DvR Controllers, change the I-SID after onboarding. |
VOSS-30117 | On 5520 ACDC models, the XN-DCPWR-550W-BF and XN-DCPWR-550W-FB power supplies do not properly report voltage and amperage values. | None. |
VOSS-30195 | A potential LLDP flood issue can occur with certain third-party unmanaged devices on Auto-sense ports. | Eliminate the cause of flooding. |
VOSS-30222 | SSH connection is currently unavailable through Layer 2 FE Tunnel or Layer 3 FE Tunnel on the 5320 Series and 5420 Series. | Enable IPv6 Shortcuts. |
VOSS-30292 | If IPv6 Shortcuts are explicitly disabled, SSH connections will not work on VSP 4900 Series. | Enable IPv6 Shortcuts. |
VOSS-30296 | You cannot use SNMP to configure a RADIUS server FQDN with more than 113 characters. | Use CLI or EDM to configure the FQDN. |
VOSS-30864 | After the switch boots, for a short period of time, some IP Shortcut and IP VPN routes may not be installed if the IP Shortcut or IP VPN restart is not immediately followed by an IS-IS computation. This situation is temporary. After the next IS-IS computation, whether triggered or periodic, all routes are installed in the RTM as expected. |
If the issue occurs, you can:
To avoid the issue, configure an IP source address for IP Shortcuts. |