ZyXEL ES-3124F V3.80(AIV.2)C0 Release Note/Manual Supplement

ZyXEL ES-3124F V3.80(AIV.2)C0
Release Note/Manual Supplement
Date: May 10, 2010
This document describes the features in the ES-3124F product for its 3.80(AIV.2)C0 release.
Support Platforms:
ZyXEL ES-3124F V3.80(AIV.2)C0 supports models: ZyXEL ES-3124F
Version:
ZyNOS Version: V3.80(AIV.2) | 6/22/2010 11:52:30
BootBase Version: V1.0 | 07/06/2007 16:26:46
Enhanced Features
1.
2.
3.
4.
5.
6.
7.
8.
9.
10.
11.
12.
13.
14.
15.
16.
17.
18.
19.
20.
21.
802.1s MSTP
SNMPv3
enlarge syslog buffer
802.3ah OAM
Multilevel CLI
SNMP trap group
configurable multicast VLAN
independent IGMP snooping and MVR setting
enlarge concurrent telnet session
IP source guard(Static binding, DHCP snooping, ARP inspection)
Two rate three color marking
IP subnet VLAN
RADIUS MAC login
RADIUS accounting
TACACS+ authentication
TACACS+ accounting
IGMPv3 snooping
Loop guard
Daylight saving
Bootbase changes to v1.0 for manufacturer only
There is no effect upon present products of changed Bootbase
Default Bootbase Setting:
ZyNOS Version
Bootbase Version
Vendor Name
Product Model
ZyNOS Code Model
HTP Code Model
ZyNOS ROM address
System Type
First MAC Address
Last MAC Address
V3.80(AIV.2) | 6/22/2010 11:52:30
V1.0 | 07/06/2007 16:26:46
ZyXEL Communications Corp.
ES-3124F
ES-3000
Unknown
50080000
10
0019CB000001
0019CB000002
MAC Address Quantity
02
Default Country Code
FF
Boot Module Debug Flag
01
RomFile Version
8A
RomFile Checksum
a506
ZyNOS Checksum
fd97
SNMP MIB level & OID
060102030405060708091011121314151617181920
Main Feature Bits
C0
Other Feature Bits
01 13 00 00 00 00 00 00-00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00-00 41 13 00 00 00
Features:
1.
2.
3.
4.
5.
6.
7.
8.
9.
10.
11.
12.
13.
14.
15.
16.
17.
18.
19.
20.
21.
22.
23.
24.
25.
26.
27.
28.
29.
30.
31.
32.
33.
34.
35.
36.
37.
38.
39.
40.
41.
42.
43.
44.
MAC address learning
Support IEEE 802.1D transparent bridge
Support IEEE 802.1Q tagged VLAN
Support Port-based VLAN
Support IEEE 802.1X
Support IEEE 802.1W
Support IEEE 802.3AD
Support GVRP
IGMP snooping
Support IEEE 802.1p
Automatic age out
Specific MAC addresses forwarding per port
MAC Filtering
Port Trunking
Port Mirroring
Bandwidth Control
Broadcast Storm Control
Support Strict Priority and WRR queuing method
Static IP management or dynamic IP(DHCP client)
Multiple IP address management
Firmware upgrade and configuration backup/restore.
Remote manageable.
Cluster Management
WEB manageable
Support RFC-1213 MIB II
Support RFC-1493 Bridge MIB
Support RFC-1643 Ethernet MIB
Support RFC-1757 Four group of RMON
Support RFC-2674 VLAN MIB
NEW CLI supported
System configuration backup / restore in text-mode
Multiple login supported
Radius management authentication
SSH/SSL support
Syslog
Protocol based VLAN support
DiffServ feature (DSCP – 802.1p priority mapping)
MRSTP
RADIUS enhancement(for 802.1X enhancement and multiple radius servers)
Administration user management
IGMP enhancement
Web enhancement (Select all, Clone)
Reserve multicast group support
Support high speed fan module. (Up to 7000 RPM).
Bug Fix:
1. Fix memory leak issue that the console will show “cli_proc: cli_init out of memory“.
2. Fix MVR broken configuration that after running MVR for a period, the IGMP-QuerierMode will turn to <NULL>.
3. Fix that static MAC forwarding may be cleared from mac-address table while ARP
inspection enabled.
4. Fix that ARP inspection will block all traffic if too many ARP packets come into trust ports.
5. Fix that cable-diagnostics for FE port isn't stable.
6. Fix looping in fiber port when restore configuration.
7. Fix that port with bandwidth control enabled conflicts with trunking if bandwidth control is
global active.
8. Fix arp inspection issue for Vista gratuitous ARP.
9. Fix that web access fail for IE7+Silverlight.
10. Fix that when we try to get MAC-table from specific VLAN via snmpwalk, the result is
wrong.
11. Fix that while setting up port-security and bcp-transparency at the same time, BPDU
would flood out from the port configured bpdu discard.
12. Fix that the related ARP entry will be cleared after mac-flush.
13. Fix a TACACS+ issue on DUT. Use DUT and ClearBox TACACS+ Server 3.1.6 for using
accounting type Commands, but the server don’t display info about command completed.
14. Fix login will fail by adding cisco avpair that we don’t support.
15. Fix when use ftp login, DUT may cause crash somewhere.
16. Fix DHCP renew packet cannot be forwarded to trunk port when enabling DHCP
snooping.
17. Fix our switch will keep printing “…” infinitely, when use TFTP server backup running
configuration.
18. Fix all management will lose after unsuccessful login via SecureCRT SSH2 if the operator
changes login account.
19. Fix connect with DUT in SSH protocol without correct name or password, and that will
cause memory leak.
20. Fix VLAN-Static VLAN Web GUI bug (because of more than 256 VLAN setting).
21. Fix static MAC forwarding entries cannot be deleted as anticipation.
22. Fix when the DHCP snooping and DHCP relay are enabled in the same time, DHCP relay
will relay dhcp request to server that coming from DHCP snooping vlan.
23. Fix vlan1q port-isolation can only be set while vlan-type is 802.1q.
24. Avoiding looping by ignore the dhcp snooping pkt when the port is STP block port.
25. Fix when arp inspection is turn on and there are ARPs with CPU mac, do not add it into
black list.
26. Fix multicast group entry is getting less and less,when l2 table hash has collision or l2
table full.
27. Fix enable lacp and no trunk member, vlan will disappear (after reboot or restore
configuration).
28. Fix that port security can not work correctly after mac-flush.
29. Fix that DUT will crash on web-interface while delete un-existed policy entry by CLI.
30. Fix system may crash when receiving a crafted IP packet with a null length of data portion.
31. Fix that DUT may hang while doing oam loopback test.
32. Keep hw monitor fan when low temperature (<10oC).
33. Fix the MSTP can not work when our devices cooperate with HUAWEI device.
34. Fix the authentication will fail when first authentication by tacacs then radius.
35. Fix static route rule can be created with the destination IP address ‘255.255.255.0’ in web,
but CLI can’t.
36. Fix enabled port intrusion, and do port test can cause port link down.
37. Fix the Port link down but port state of spanning-tree still forwarding or the root bridge
have blocking port ( port link up ) when topology change over night.
38. Fix when using SilverCreek to test the multicastPortIgmpFilteringProfile (OID:
1.3.6.1.4.1.890.1.5.8.47.26.1.1.4) with incorrect indices, DUT will crash.
39. Fix when user key in “|,” in CLI, the system will be hung.
40. Fix when enable remote management, but not enable any service (telnet, http...), after
reboot DUT, DUT will pop error message.
41. Fix the DHCP option82 will be cascaded if enable DHCP snooping and option82 on the
DUTs that cascaded. Option82 will only be added while DHCP packets come from untrust
ports.
Known Issues:
1.
2.
3.
4.
5.
6.
7.
8.
9.
10.
11.
12.
Management port test fail in 100M long cable.
Management port has compatible issue with Cnet Pro 2000 network interface card.
The packets which destination address is marked in the filter setting will always send to port 1.
Symbol and dribble error packets will count into FCS error counter.
Filtering: In some special cases, setting one MAC with discard-source will cause device filter all
packets with this MAC, ether source MAC or destination MAC.
Do not suggest cooperate LACP with RSTP more than ten ports.
Do not support tagged frame forwarding in the Port-Based VLAN.
If the contact between RJ45 and wire cable or the wire cable is unstable, the cable diagnostics
maybe fail.
The system-wide rule entries are shared with CIR rate control and policy rules. So you may fail
to load max policy rules while enabling CIR rate control on all ports.
Ports configured to run RSTP will not synchronize with peers if the port is in BLOCK mode.
Packets’ MAC with tagged vlan id which is not configured in device will be learned.
Port configured in fixed-speed mode (AN is disable) for change may not link up. It could be
linked up with operation SOP (link down then link up manually)
Limitation of Settings:
1.
2.
3.
4.
5.
6.
7.
8.
VLAN 1Q static entry 1024
Static MAC forwarding entry 256
MAC filtering entry 256
Cluster member 24
Management IP address 64
Protocol based VLAN entries per port 7
The number of dhcp snooping can learn is 4094.
The subnet based vlan can support up to 48 rules.
Firmware Upgrade:
The ES-3124F uses FTP to upgrade firmware in run-time through its built-in FTP server. You
can use any FTP client (for example, ftp.exe in Windows) to upgrade ES-3124F. The upgrade
procedure is as follows:
Upgrade ES-3124F FW:
C:\> ftp <ES-3124F IP address>
User : admin
Password: 1234
230 Logged in
ftp> put 380AIV2C0.bin ras
ftp> bye
Where
• User name : the management user name, admin by default
• Password : the management password, 1234 by default
• 380AIV2C0.bin : the name of firmware file you want to upgrade
• ras : the internal firmware name in ES-3124F
Configuration Upgrade:
The ES-3124F uses FTP to upgrade configuration in run-time through its built-in FTP server.
You can use any FTP client (for example, ftp.exe in Windows) to upgrade ES-3124F. The
upgrade procedure is as follows:
Upgrade ES-3124F configuration:
C:\> ftp <ES-3124F IP address>
User : admin
Password: 1234
230 Logged in
ftp> put 380AIV2C0.rom rom-0
ftp> bye
Where
• User name : the management user name, admin by default
• Password : the management password, 1234 by default
• 380AIV2C0.rom : the name of configuration file you want to
upgrade
• rom-0 : the internal configuration name in ES-3124F
ZyXEL ES-3124F V3.80(AIV.1)C0
Release Note/Manual Supplement
Date: May 15, 2008
This document describes the features in the ES-3124F product for its 3.80(AIV.1)C0 release.
Support Platforms:
ZyXEL ES-3124F V3.80(AIV.1)C0 supports models: ZyXEL ES-3124F
Version:
ZyNOS Version: V3.80(AIV.1) | 5/15/2008 13:40:1
BootBase Version: V1.0 | 07/06/2007 16:26:46
Enhanced Features
1.
2.
3.
4.
5.
6.
7.
8.
9.
10.
11.
12.
13.
14.
15.
16.
17.
18.
19.
20.
21.
802.1s MSTP
SNMPv3
enlarge syslog buffer
802.3ah OAM
Multilevel CLI
SNMP trap group
configurable multicast VLAN
independent IGMP snooping and MVR setting
enlarge concurrent telnet session
IP source guard(Static binding, DHCP snooping, ARP inspection)
Two rate three color marking
IP subnet VLAN
RADIUS MAC login
RADIUS accounting
TACACS+ authentication
TACACS+ accounting
IGMPv3 snooping
Loop guard
Daylight saving
Bootbase changes to v1.0 for manufacturer only
There is no effect upon present products of changed Bootbase
Default Bootbase Setting:
ZyNOS Version
Bootbase Version
Vendor Name
Product Model
ZyNOS Code Model
HTP Code Model
ZyNOS ROM address
System Type
MAC Address
Default Country Code
Boot Module Debug Flag
V3.80(AIV.1) | 5/15/2008 13:40:1
V1.0 | 07/06/2007 16:26:46
ZyXEL Communications Corp.
ES-3124F
ES-3000
Unknown
50080000
10
0019CB000001
FF
01
RomFile Version
8A
RomFile Checksum
a506
ZyNOS Checksum
ddd4
SNMP MIB level & OID
060102030405060708091011121314151617181920
Main Feature Bits
C0
Other Feature Bits
01 13 00 00 00 00 00 00-00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00-00 41 13 00 00 00
Features:
1.
2.
3.
4.
5.
6.
7.
8.
9.
10.
11.
12.
13.
14.
15.
16.
17.
18.
19.
20.
21.
22.
23.
24.
25.
26.
27.
28.
29.
30.
31.
32.
33.
34.
35.
36.
37.
38.
39.
40.
41.
42.
43.
44.
MAC address learning
Support IEEE 802.1D transparent bridge
Support IEEE 802.1Q tagged VLAN
Support Port-based VLAN
Support IEEE 802.1X
Support IEEE 802.1W
Support IEEE 802.3AD
Support GVRP
IGMP snooping
Support IEEE 802.1p
Automatic age out
Specific MAC addresses forwarding per port
MAC Filtering
Port Trunking
Port Mirroring
Bandwidth Control
Broadcast Storm Control
Support Strict Priority and WRR queuing method
Static IP management or dynamic IP(DHCP client)
Multiple IP address management
Firmware upgrade and configuration backup/restore.
Remote manageable.
Cluster Management
WEB manageable
Support RFC-1213 MIB II
Support RFC-1493 Bridge MIB
Support RFC-1643 Ethernet MIB
Support RFC-1757 Four group of RMON
Support RFC-2674 VLAN MIB
NEW CLI supported
System configuration backup / restore in text-mode
Multiple login supported
Radius management authentication
SSH/SSL support
Syslog
Protocol based VLAN support
DiffServ feature (DSCP – 802.1p priority mapping)
MRSTP
RADIUS enhancement(for 802.1X enhancement and multiple radius servers)
Administration user management
IGMP enhancement
Web enhancement (Select all, Clone)
Reserve multicast group support
Support high speed fan module. (Up to 7000 RPM).
Bug Fix:
1.
2.
3.
4.
5.
Fix the bug that too many topology changes in STP.
Fix the bug that the fiber port status display link down, even if it links on.
Fix the bug that received IGMP queries will exhaust our hardware table.
Fix the bug that memory leak problem under log-in attack.
Fix the bug that IGMP queries packets come from trunk ports will send back to trunk
active port.
6. Fix the bug that device can't get correct "port status detail" of member when using cluster
manager from WEB.
7. Classifier precedence will not follow longest prefix match.
Known Issues:
1.
2.
3.
4.
5.
6.
7.
8.
9.
10.
11.
12.
Management port test fail in 100M long cable.
Management port has compatible issue with Cnet Pro 2000 network interface card.
The packets which destination address is marked in the filter setting will always send to port 1.
Symbol and dribble error packets will count into FCS error counter.
Filtering: In some special cases, setting one MAC with discard-source will cause device filter all
packets with this MAC, ether source MAC or destination MAC.
Do not suggest cooperate LACP with RSTP more than ten ports.
Do not support tagged frame forwarding in the Port-Based VLAN.
If the contact between RJ45 and wire cable or the wire cable is unstable, the cable diagnostics
maybe fail.
The system-wide rule entries are shared with CIR rate control and policy rules. So you may fail
to load max policy rules while enabling CIR rate control on all ports.
Ports configured to run RSTP will not synchronize with peers if the port is in BLOCK mode.
Packets’ MAC with tagged vlan id which is not configured in device will be learned.
Port configured in fixed-speed mode (AN is disable) for change may not link up. It could be
linked up with operation SOP (link down then link up manually)
Limitation of Settings:
1.
2.
3.
4.
5.
6.
7.
8.
VLAN 1Q static entry 1024
Static MAC forwarding entry 256
MAC filtering entry 256
Cluster member 24
Management IP address 64
Protocol based VLAN entries per port 7
The number of dhcp snooping can learn is 4094.
The subnet based vlan can support up to 48 rules.
Firmware Upgrade:
The ES-3124F uses FTP to upgrade firmware in run-time through its built-in FTP server. You
can use any FTP client (for example, ftp.exe in Windows) to upgrade ES-3124F. The upgrade
procedure is as follows:
Upgrade ES-3124F FW:
C:\> ftp <ES-3124F IP address>
User : admin
Password: 1234
230 Logged in
ftp> put 380AIV1C0.bin ras
ftp> bye
Where
• User name : the management user name, admin by default
• Password : the management password, 1234 by default
• 380AIV1C0.bin : the name of firmware file you want to upgrade
• ras : the internal firmware name in ES-3124F
Configuration Upgrade:
The ES-3124F uses FTP to upgrade configuration in run-time through its built-in FTP server.
You can use any FTP client (for example, ftp.exe in Windows) to upgrade ES-3124F. The
upgrade procedure is as follows:
Upgrade ES-3124F configuration:
C:\> ftp <ES-3124F IP address>
User : admin
Password: 1234
230 Logged in
ftp> put 380AIV1C0.rom rom-0
ftp> bye
Where
• User name : the management user name, admin by default
• Password : the management password, 1234 by default
• 380AIV1C0.rom : the name of configuration file you want to
upgrade
• rom-0 : the internal configuration name in ES-3124F