DGS-3600 Series Release Notes


Firmware 2.82B16

1. Configuration enhancement: 

- Support the filtering keywords: include/exclude/begin when using “show config” and “upload_config” 

- Support “increment” option when downloading cfg_fromTFTP 

If “increment” is specified, then the existing configuration will not be cleared. The new configuration will cover the existing configuration. 

- Allow to specify “src_file”/“dst_file”/ “domain_name” in download/upload functions 

2. Show memory/flash utilization 
3. Show technical_support 
This command is especially used by the technical support personnel to dump the device overall operation information. The information includes the following information. Basic System information system log Running configuration Layer 1 information Layer 2 information Layer 3 information Application OS status Controller?s status 
4. Stacking enhancement: 

- "Change Stacking priority" can work without reboot 

- Stacking force master role feature 

This command „config stacking force_master_role state enable? is used to ensure the master role is unchanged 

- Hot insert/Hot Remove trap/log messages include MAC information 

- Add new log/trap about topology change and role change 

- Show stack information and show log include information about stacking topology 

5. Send a trap while firmware upgrade via SNMP is finished. 

6. Display user-understandable account level in CLI prompt DES-XXXX:3# -> DES-xxxx:user# DES-XXXX:4# -> DES-xxxx:oper# DES-XXXX:5# -> DES-xxxx:admin#. 7. CLI Command logging 8. Password recovery: allows to recover the password if the password is forgotten 9. Password encryption: allows to encrypt the password in configuration file 9. 8-level system log 10. Enlarge the number of trusted hosts to 30 
11. SNMP-server & syslog source-interface appointment : allows to select an IP interface as the source interface to send syslog or trap message. 12. MEF certification 13. STP enhancement: 

- 802.1D 2004 RSTP 

- 802.1Q 2005 MSTP 

- STP Root Restriction 

- Source MAC of BPDUs uses port MAC instead of system MAC 

- Support edge port 

- Support BPDU address setting on NNI port when QinQ is enbled 

- Logging enhancement: The logs for stp topology changes include port and MAC-address 

- Log / show / debug Enhancement 

14. D-LINK Unidirectional Link Detection (DULD) 15. Source MAC of L2 protocols (ERPS/LACP/STP/LBD) uses port MAC instead of system MAC 16. LACP support load-balancing with multicast traffic 17. Cable Diagnostics 18. Support “details” and “media_type” parameters in “show ports” command 19. Storm control enhancement: 

- Change "countdown" to "3-30" 

- Change "time_interval" to "5 - 600" 

- Auto recovery for the shutted-down port 

20. Add 4 counters to gather statistics of various frame sizes, such as 1519-1522, 1519-2047, 2048-4095, 4096-9216 21. Mirror enhancement: 

- Multiple sessions of mirroring 

- Link aggregation ports can be set as a target port 

22. sFlow enhancement: 

- Allow to specify ipv6 server 

- Support TX flow sampling 

23. Microsoft NLB support. 24. IGMP/MLD snooping enhancement: 

- Support IGMP snooping Report suppression 

- Support static IGMP snooping group 

- Support MLD Snooping Host-based Fast Done 

- Support IGMP Snooping Host-based Fast Leave 

25. ISM-VALN enhancement: 

- Support Tagged / Untagged member ports 

- Support Tagged / Untagged source ports 



- Configurable Multicast VLAN priority 

- Do not limit the number of total multicast addresses per ISM-VLAN entry when using “config igmp_snooping multicast_VLAN_group” 

26. Forward protocol packets even the switch is under “filter_unregister_group mode” (Protocol packet: the packets with destination IP address in the range of reserved multicast addresses: 224.0.0.x, such as OSPF hello, PIM hello, and DVMRP probe etc.) 27. Support new OID to clear dynamic FDB by port/by VLAN 28. VLAN Trunking 29. Subnet-based VLAN 30. BPDU Attack Protection 31. ERPS (ITU-T G.8032 Ethernet Ring Protection Switching): support 2 rings 32. Super VLAN 33. ACL supports "IPv6 IP + UDP/TCP port" together. 34. Per queue egress bandwidth control. 
35. WAC enhancement: 

- Identity driven policy assignment: Can assign ingress/egress bandwidth control, ACL and 802.1p default priority to the port according to the attributes dispatched from RADIUS server 

- Add log 

1) To record system stop learning and recovery from stop learning status when reaching the maximum entries 2) To record authentication failure state for IPv4/IPv6 

- Support host-based authentication mode : assign ingress/egress bandwidth control for all hosts to the port; assign VLAN or 802.1p default priority to the host after successful authentication in host-based mode(R2.50 only supports assign VLAN in port-based) 

- Support IPv6 

- Support Per VLAN authentication 

- Support virtual IP: used to accept authentication requests from unauthenticated hosts. Only the requests sent to this IP will get response correctly. 

- Support time control for authenticated client (e.g. aging time/idle time/block time) 

- Support Authentication Database failover: Allows to configure the switch to check local database or bypass authentication when configured RADIUS server fails 

- Obsolete authentiation VLAN 

- Support compound authentication 

36. Japanese Web-based Access Control (JWAC) 37. Compound authentication 38. ARP Spoofing Prevention 39. RADIUS accounting 40. RADIUS server setting supports ipv6 41. IP-MAC-Port Binding (IMPB) DHCPv6 Snooping 42. IP-MAC-Port Binding (IMPB) IPv6 ND Snooping 43. IP-MAC-Port Binding (IMPB) 3.8 which can prevent the netcut attack 
44. MAC-based Access Control (MAC) enhancement 

- Enlarger the number of local database from 128 to 1024 

- Support Authentication Database failover: Allows to configure the switch to check local database or bypass authentication when configured RADIUS server 
fails 


- Support compound authentication 

- Support configurable per port/system maximum users 

- Delete the log when passing authentication. 

- Add four logs to record whether the port/system reaches to the maximum or recovers port learing. 

- MBAC enters stop learning state. - MBAC recovers from stop learning state. - Port < [unitID:]portNum> enters MBAC stop learning state. - Port < [unitID:]portNum> recovers from MBAC stop learning state. 45. IP Directed Broadcast 46. ARP enhancement: 

- Show arpentry by mac address 

- Add OIDs to clear ARP 

47. Loopback interface 48. BGP 51. OSPFv2 enhancement: 

- Enlarge OSPF neighbor to 64 

- OSPF areas are increased from 4 to 16 

- OSPF announces via loopback interface 

- OSPF enhancement (log/show/debug) 

54. VRRP enhancement (log/show/debug) 55. Route enhancement: 

- Allow to configure route preference 

- Show ip route “hardware” option: display only the routes written into the chip. 

56. Traceroute support ipv6 57. IPv6 Tunnel enhancement: 

- Support RA for ISATAP Tunnel 

- 6to4 Tunnel 

- Manual Tunnel 

- SATAP Tunnel 

58. Display box and port information in “show ipv6 neighbor_cache” 59. RIPng 60. OSPFv3 61. DHCPv6 Server 62. DHCPv6 Relay 63. DHCPv6 Client 64. Ping enhancement: 

- Specify source IP address for ping request packet 

- Enalbe / disable broadcast ping reply 

65. DNS Client 
66. FQDN support - ping/tracert /tftp/telnet applications support fully qualify domain name. 
67. Remote Copy Protocol (RCP) : allow users to copy firmware images configurations and log files between the Switch and RCP Server 68. SSH provides flexibility to change the default port number (22) 69. DHCP server: enlarge the DHCP pool entries to 1024 along with 8 pools 70. BOOTP/DHCP Relay: 

- Support DHCP local relay function that can insert option 82 information into 

DHCP broadcast packets from clients 

- Block recievied broadcast DHCP discover packets from flooding in local VLAN 

- DHCP Relay option 60 & 61 

71. Traffic control auto recovery 
72. Add traffic control “countdown” parameter: Timer for shutdown mode (only supported in CLI) 73. Change sFlow version from V1 to V5 74. Enable/disable cpu_rx_rate_control (only supported in CLI/MIB) 75. Add digital signature in D-view module 76. Remove "Translate" option from OSPFv3 Area Settings 




FIXES:



1. When telneting to the switch and enter the command „sh tech_support?, the switch may enter EXCEPTION MODE. (DI20091224000005) 

2. sFlow may not represent the correct value of Output_interface_index. (DI20100114000010) 

3. After running for 2~3 weeks, the switch?s management interface can not be accessed. But all VLANs, QinQ and GVRP work well. (DRU20100309000002) 

4. DGS-3627G can not learn default route via OSPF when disconnecting 10G cable from another OSPF Router. (DI20090806000010) 

5. In a stable STP topology, if the Root Bridge's priority is changed to lower one, the STP Topology is unstable for a while and a loop condition appears. (DI20090908000007) 

6. System IPIF does not respond to packets from PC connected on Stacking Member after ?reset config? 

7. The bandwidth control does not work correctly with the values100M bit/s, 150M bit/s, 200M bit/s. (DEUR20091201000002) 

8. When there are mixed IGMPv2 and IGMPv3 reports, the device will not send query packet when an IGMPv3 client sends leave packet. 

9. When pinging to switch in the speed of 1000 pkts/sec, with TTL =1, There are 723 packets lost. (DI20091223000005) 

10. The device sends out the RADIUS packets with incorrect NAS-Identifier. It should be "D-Link". (DI20091217000006) 

11. The device sends many same SNMP traps and syslog packets regarding to RSTP Topology change when Topology Change occurred on the LAG port across stacking units. (DI20100125000020) 

12. The device can not be accessed when the loopdetect function VLAN base mode detects loop happening. (DT20100128000001) 

13. The device freezes and is unavailable to be accessed via any of its interfaces except its console interface when DGS-3600 is used as L3 switch connected to access switches DES-3026, DES-3028 or ES-2024A. (DI20100215000007) 

14. The device will automatically relay the DHCP discover packets via system IP interface when the VLAN that the client resides does not have IP interface and on which dhcp_relay is not enabled. (DRU20100316000006) 

15. The device does not erase IGMP Snooping entries on LACP port. (DI20091110000013) 

16. The device will not be able to send warmstart SNMP trap if the SNMP host resides in the different subnet than DGS-3600 does. (DI20100108000013) 

17. After entering "ping6" command and pressing down "Ctrl+C" or "Esc" to exit quickly, the ping6 session will fail to close. If the user does this for more than 5 times, it will display "Ping6 task is busy !". (HQ20100106000005) 

18. DHCP server would receive duplicate discover or request packets when the DHCP packet traverses via 2 cascading switches both with DHCP Relay enabled. (DI20091130000004) 

19. The device responds with incorrect value to SNMP enquiries and sends abnormal trap when attaching the redundant power supply (DEUR20091016000006) 

20. When using SNMP commands to create/delete policy route, the CPU utilization will be up to 80%. And after 5 hours working (or more), there will be no response and only rebooting it can solve the problem. (DI20091005000007) 

21. It takes around 10 minutes to apply change for MSTP instance priority after setting new priority to the stack slave unit. (DI20091130000004) 

22. DGS-3600 can not use ipv6 for web access management, but can be telneted by IPv6 address.(DT20090520000001) 

23. When customer tries to create ACL rule with access_id auto_assign via SNMP, the rule can not be created.(DI20090708000024) 

24. The device's throughput is low with 4 test PCs each with 1G connection (DT20090906000001) 

25. A client PC with MAC and IP in device's IMPB white list can not ping to a device IP interface which is not bound with system MAC address. (DI20091013000005) 

26. The client joins the multicast group and the traffic can be received by client properly. But after the port to the client links down/links up and the client will not able to receive the traffic anymore. 

(DI20091117000008) 

27. When unplugging/plugging the uplink cable between the PIM-SM BSR switch and multicast source switch (RP), the client directly connected to the RP will stop receiving traffic for few seconds and then be back to normal. (DEUR20100324000002) 

28. After „enable clipaging? and „show config active?, the switch will flush about 68 lines at one page. It should be 25 lines per page by default. (DI20100324000001) 

29. The SFP port in DGS-3612/3612G may sometimes go down and never recover. (DI20100104000003) 

30. The stack will be corrupted after running around one day in the test environment with PIM/DM and IGMP_Snooping enabled. (DI20091216000009) 

31. The device will reboot if checking the LLDP information via WEB interface and this issue only happens when connecting with Cisco ME2400. (DI20090915000023) 

32. The receiving multicast RIP packet was trapped to CPU and did not be forwarded to another RIP enabled switch or server in the same network. (DRU20100413000001) 

33. L2 multicast traffic can not transit through another link to PIM DR when the default link downs. (DI20080625000017) 

34. ISM VLAN can not recognize IGMPv3 join packets 








============================================


Firmware 2.51B14

- Increased max. number of DHCP relay requests per IP Interface


Firmware 2.51B13

- Fixes ARP issue.


============================================

Firmware v2.50B25

New Features:
1.Multicast static route
2.MAC-based access control
3.MAC-based VLAN
4.Loopback Detection (LBD) 4.0
5.Telnet client support
6.DHCP server screening
7.Proxy ARP
8.Support MTU configuration on IP interface
9.RSPAN
10.Per port configurable MDI/MDIX auto negotiation
11.L2 Protocol Tunneling (L2PT)
12.Selective QinQ
13.Serial number display support (Applicable from shipment loaded with this firmware)
14.Change floating static route behavior so that the primary route always has higher priority
15.OSPF ECMP route flag (Enable/Disable capability)
16.Add replace DSCP tag option on Ethernet type of ACL function
17.Change STP port forward BPDU default state to disabled
18.NAP-DHCP environment support
19.Show Fan status (Fan Status log and trap)

Fixes:
1.Sometimes when STP topology changes, the ipfdb table is not correctly updated and reflected.
2.Sometimes in Firefox v3.0.1 for SIM management, the position of the UI is not aligned properly.
3.When accessing switch Web UI via Firefox 3.0.1, the browser cannot refresh by pressing F5.
4.Firefox 3 cannot access switch Web UI correctly via SSL.
5.Openssh 5.1 software will sometimes cause the switch to go into exception mode.
6.Sometimes when IMPB DHCP snooping is enabled and connected to NetScreen 204 DHCP server, the switch fails to create DHCP snooping binding entry and block the client’s MAC address.
7.Sometimes DES-3500 series cannot function properly with DGS-3600 series under SIM management.
8.Sometimes when MSTP is enabled and MSTP instances are configured, the computer will lose visibility to the switch.
9.Sometimes stacking member ports are not able to issue “clear counter ports” command.
10.After setting the bandwidth control on ports, the first 1 second still has burst traffic.
11.Ipfdb will not update when running VRRP + STP and also the STP topology has been changed at the same time
12.New members cannot join the stack after backup master takes over the job of stacking master
13.OSPF neighbor is unstable when enabling LACP in stacking mode
14.In some special environment, running OSPF causes high CPU utilization.