beautypg.com

Allied Telesis 86241-06 User Manual

Page 15

background image

Patch 86241-06 For Rapier Switches

15

Patch 86241-05 for Software Release 2.4.1
C613-10340-00 REV E

IPSec no longer logs packets that match an ACTION=ALLOW policy. The
overhead of this logging was affecting non-IPSec traffic.

The LOCALRSAKEY parameter in the CREATE ISAKMP POLICY and SET
ISAKMP POLICY commands was not accepting the value zero. This issue
has been resolved.

The PURGE IPSEC command caused a fatal error. This issue has been
resolved.

If a packet with a destination IP address equal to a VRRP IP address was
received when the router didn’t own the IP address, (because it didn’t have
an interface with that IP address) the router incorrectly tried to forward the
packet and send an ICMP “redirect” message to the source. Now, if such a
packet is received, it will be discarded and an ICMP “host unreachable”
message will be sent to the source.

If a DNS relay agent was configured with overlapping subnets, sometimes
the DNS server response was returned to the client with a source IP address
of an interface on the relay agent that was different from the interface the
request was received on. This issue has been resolved.

The default router lifetime value has been corrected. Also, the SET IPV6
INTERFACE command now updates valid and preferred lifetimes correctly.

When enabling or disabling feature licences, a message will now be
generated with a warning that changes to feature licences may not take
effect until after a reboot.

VRRP used the wrong source IP address in ICMP redirects. RFC 2338 states
that the source IP address of ICMP redirects should be the IP address that
the end host used when making its next hop routing decision. In the case of
a packet sent to a VRRP virtual MAC address, this is the primary VRRP IP
address associated with the MAC address, provided such a VR exists and is
in the master state. This issue has been resolved.

On models except Rapier i Series Switches, the ENABLE STP DEBUG PORT
command did not work correctly. This issue has been resolved.

It was possible to set the trunk speed to 10/100M, even if the port within the
trunk was not capable of this speed. This issue has been resolved.

PCR: 02292

Module: IPSEC

Network affecting: No

PCR: 02294

Module: IKMP

Network affecting: No

PCR: 02298

Module: IPSEC

Network affecting: No

PCR: 02299

Module: VRRP

Network affecting: No

PCR: 02301

Module: IPG

Network affecting: No

PCR: 02302

Module: IPv6

Network affecting: No

PCR: 02303

Module: INSTALL

Network affecting: No

PCR: 02304

Module: VRRP

Network affecting: No

PCR: 02309

Module: STP

Network affecting: No

PCR: 02311

Module: SWI

Network affecting: No

See also other documents in the category Allied Telesis Computer Accessories: