Коммутатор доступа MES2324B

Firmware Version 4.0.23.1


Added:
 

• Added the ability to configure static ospf neighbors;
• Added ospf network type non-broadcast, point-to-multipoint, non-broadcast operating modes;
• Added the ability to send SNMP trap and Syslog messages when the signal level exceeds the threshold values;
• Added the ability to work together ip unnumber and dhcp relay;
• Added support for the NTPv4 protocol;
• Added support of the FTP client;
• Added sending an SNMP trap when connecting a new unit to the stack;
• Added the ability to enable temporary blocking of a local user in case of a number of unsuccessful authorization attempts;
• Added the ability to work together on the dot1x guest vlan and dot1x radius-attributes vlan ports;
• Added support for the Termination-Action Radius attribute for Dot1x sessions;
• Added support for the Session-Timeout Radius attribute for Dot1x sessions;
• Added the ability to configure 802.1x critical-vlan;
• Added the ability for Voice VLAN traffic to ignore 802.1x authentication;
• Added the ability to force multicast EAP Request Identity packets to be sent, regardless of the authorized clients behind the port;
• Added support for processing unicast EAP packets;
• Added setting of the TMPDO parameter for PoE.
   

Fixed:

• Fixed the location of the AAA settings in the configuration file;
• Fixed an error in the operation of sntp unicast;
• Fixed an error in the output of the show ntp command;
• Fixed device reboot when trying to enable STP in a non-existent VLAN in PVST mode;
• Fixed a critical error that occurs when changing the mode from MST to RPVST;
• Fixed an error in the operation of the no portfast command in PVST+/RPVST+ mode;
• Fixed the possibility of displaying the GRT table when specifying a non-existent VRF in the show command;
• Fixed vulnerability of the Web interface;
• Fixed an error that causes ports to drop out of LAG when there is a high traffic load on the CPU;
• Fixed the error of displaying the role of ospfv2 neighborhoods;
• Fixed an authorization error for several dot1x clients with the dACL attribute;
• Fixed the error of deleting the standard ACL;
• Fixed an error in studying the MAC address of the applicant successfully authenticated by dot1x;
• Fixed a configuration synchronization issue in the stack, leading to stack unit freezes and critical errors;
• Fixed the error of synchronization of ECMP routes in the stack, leading to critical errors on stack units;
• Fixed a dot1x authorization timer error that caused the device to reboot;
• Improved the stability of the ERPS sub-columns (changed the logic of configuration application);
• Fixed the error that causes the switch to reboot when polling certain OIDs over SNMP.
   

Firmware Version 4.0.22.7

Added:

• Added an additional storm protection mechanism in the ring stack topology;
• Added the ability to change the next-hop attribute in reflected BGP routes;
• Added the ability to work with route 0.0.0.0/2;
• Added the ability to limit the number of active ports in LAG with LACP;
• Added separation of dynamic ACL/Filter-Id attributes for multiple supplicant devices per port.

Fixed:

• Fixed a problem with traffic interruption in the stack with NSF;
• Fixed a problem with the LAG interface hanging when the link is quickly turned off/on;
• Fixed a behavior in which routed traffic with two VLAN tags did not initiate sending an ARP Request;
• Fixed the error of installing the dynamic route 192.0.0.0/2 in FIB;
• Fixed a switch reboot that may occur when connecting a new unit to a stack of several units with a configured VRF;
• Fixed the error of re-authenticating multiple users with the presence of the dACL radius attribute;
• Fixed device reboot when several users are connected via ssh at the same time;
• Reduced the time when ports are in the UP state when they are initialized at the boot stage of the MES3324 switch;
• SSH server operation has been stabilized;
• Fixed a dot1x authorization error that led to a reboot when receiving a dynamic ACL with a name of more than 31 characters;
• Fixed an error that led to a reboot when replacing the IP address on the VLAN interface with an address from the same network;
• Fixed memory leak during dot1x reauthentication of supplicant devices with dACL attribute;
• Fixed CDB blocking during dot1x authorization and dACL attribute assignment.

Firmware Version 4.0.22

Added:

• Added the ability to configure the TCP adjust-mss parameter;
• Added the ability to configure description in the context of a BGP neighbor;
• Added the ability to change the password during TACACS authentication+;
• Added VRF support in BGP;
• Added PIM support for GRE tunnels;
• Added the ability to disable the study of mac addresses in the Data vlan from devices that fall under the OUI when the voice vlan is running;
• Added the ability to set the size of the RSA key;
• Added the ability to enable BFD for the OSPF neighborhood;
• Added the ability to copy the license for the specified unit in the stack;
• Added support for new algorithms in SSH for KEX, HostKey/PubKey, Ciphers, MAC;
• Added command to enable/disable multicast traffic replication restriction;
• Added support for encryption algorithms: aes128-ctr, aes192-ctr, aes256-ctr, aes128-gcm@openssh.com , aes256-gcm@openssh.com , chacha20-poly1305@openssh.com;
• Added the ability to display s/n SFP by command show inventory;
• Added the ability to display licenses for each unit in the stack (show license unit x).
   

Fixed:

• Fixed reboot of the switch when the mtu overflows in the pim join/purne message;
• Fixed an error when deleting a VLAN whose SVI interface is associated with a VRF;
• Fixed behavior in which OSPF routes were not transferred from the NSSA zone to BGP;
• Fixed an issue where instances could block the DHCP Offer/Request when using DHCP Snooping and MSTP;
• Fixed incorrect display of queue counters on MES5324;
• Fixed erroneous allocation of PVST instance for vlans missing from vlan database;
• Fixed a behavior where a rejected route was not created when configuring summary-address;
• Fixed an error when configuring a large number of BGP peer-groups;
• Fixed sending PVST+ BPDU from the access port when nsf functionality is active;
• Fixed an error in switching to UP SVI after rebooting when running rapid-pvst;
• Fixed an error related to the present/not present states of copper SFP modules;
• Fixed an error in logs when working together with dhcp snooping and port security;
• Fixed an error that occurs when adding a large number of routes accepted on the device using dynamic routing protocols;
• Fixed the display of qos statistical interface counters for devices with 48 ports;
• Fixed erroneous allocation of PVST instance for vlans missing from vlan database.

Firmware Version 4.0.21.7

Fixed:

• Improved device stability when using SSH;
• Improved device stability when using RPVST;
• Fixed memory leak in STP processes;
• Fixed problem of ARP Reply passing in stack.
   

Firmware Version 4.0.21.5

Added:

• The Framed-IP-Address attribute has been added to radius requests for 802.1x sessions;
• Added NAS-Port-Id attribute in radius requests for 802.1x sessions;
• Implemented NTP server selection mechanism;
• Increased the maximum device uptime value;
• Added support for filtering by the value of the as-path attribute in BGP;
• Added the ability to include the Calling-Station-Id attribute in CoA;
• Expanded the number of DHCP Relay servers to 32;
• Expanded the number of OSPF processes to 20.

Fixed:

• Fixed voice vlan operation in conjunction with 802.1x;
• Fixed a bug that caused the switch to reboot with an error when changing the STP mode from RPVST to any other;
• Fixed a bug that caused MAC addresses to stop learning after resetting the port to factory settings;
• Fixed a bug that caused the connection to break when copying firmware over SCP;
• Fixed a bug that caused the null instance to block the DHCP offer/request when using MSTP;
• Fixed a bug that caused the switch to reboot when copying files over SCP;
• Fixed an error when changing the skill in the stack of 8 units due to which the switch was rebooted;
• Fixed RequestId counter in SNMP Trap;
• Fixed a bug that caused the VPC group to not gather after the link was broken;
• Fixed an issue where Peer Link goes into Error Disable state when VPC is turned off;
• Fixed a problem with synchronization of route records between devices in the stack;
• Fixed error with sntp time synchronization after switch reboot;
• Fixed error authorization of clients by Radius with VLAN attribute after reboot of the switch;
• Fixed erroneous rebuilding of PVST in the stack when there is a qos wrr-queue wrtd command in the configuration;
• Fixed a problem with SNTP;
• Fixed a problem with VRF and stack;
• Improved stability of OSPF;
• Improved stability when working together DHCP Relay and VRRP;
• Improved PVST stability.

Firmware Version 4.0.20

Added:

• Added support for static ARP entries with Multicast MAC address;
• Added support for BGP community;
• Added support for OSPF auto-cost reference-bandwidth.

Fixed:

• Fixed port going into UP state even though there was no physical connection in the stack;
• Fixed the shortened version of the show ip interface vrf command not being accepted;
• Improved device stability when SSH and Tacacs server work together;
• Fixed an error in the PoE functionality, leading to a reboot of one of the stack units;
• Fixed an error that occurred when negotiating an ssh key error;
• Fixed issue with FIBO FT-S10-X3110LD SFP transceivers.

Firmware Version 4.0.19

Added:

• SFTP-server is now supported;
• Added Trunk port mode that allows you to not specify the list of allowed VLANs;
• Added the ability to relearn MAC addresses between switch ports and VPC peer-link;
• Added BGP route-map support when redistributing routes from other protocols;
• Added the ability to select the checksum calculation method for VRRPv3;
• Added ability to change Administrative Distance for static routes and for OSPF routes;
• Added the ability to specify tags for routes;
• Added the ability to create multiple port isolation groups;
• Added the ability to disable sending an empty packet to check the availability of the TFTP server;
• Added show-commands to view SNMP configuration in VRF;
• Added the ability to use the default interface command for interfaces in VRF;
• Added SNMP Trap for stack link state changing;
• Added support for simplex communication lines for MES3508;
• Added support for NNI/UNI interfaces;
• Added the ability to authorize MAC and 802.1x clients on different RADIUS servers;
• Increased the number of IP addresses leased by the DHCP server.

Fixed:

• Fixed error when trying to add description for Prefix-List;
• Fixed display of ip ospf mtu-ignore command;
• Fixed DHCP Snooping interaction algorithm with QinQ;
• Fixed error when deleting TACACS servers from the configuration;
• Fixed bugs when disabling Spanning-Tree on ports;
• Fixed bug in L2Protocol-Tunneling operation with PVST;
• Fixed too long transition of links to DOWN after the reload command on MES3508;
• Fixed TACACS+ command authorization processing error for multiple servers;
• Fixed bug with a possible traffic blocking through the L3 interface with the added ip policy route-map;
• Fixed bug in displaying LSDB records in OSPFv3;
• Fixed error when forwarding LSA from NSSA to backbone in OSPFv3;
• Fixed bug in sending wrong LSA type from ASBR to ABR;
• Fixed bug of mutual influence of optical ports 11 and 23 on MES3324F models when connecting some models of SNR Qtech switches;
• Fixed error when polling via SNMP OID eltCountersQosPktsDroppedCounter (1.3.6.1.4.1.35265.1.23.1.8.1.2.1.1.1.5);
• Fixed false occurrence of i2c bus error messages;
• Fixed error when issuing show inventory;
• Fixed device error when a VRRP packet is received on an IP interface added to VRF;
• Fixed bug with high CPU utillization in stack with emabled NSF;
• Fixed problem with POE controller;
• Fixed problem with VPC operation.

Firmware Version 4.0.18.4

Added:

• Added command that disables the preliminary TFTP server availability check when copying files;
• Added VPC support on industrial switches;
• Added VRF support in the snmp-server source-interface command.

Fixed:

• Fixed problem with PS and fans flapping when connecting SFP FH-ST2;
• Fixed bug with incorrect calculation of CPU load;
• Fixed bug that caused the device to reboot when interacting with Cisco devices via telnet;
• Fixed bug where DDM readings were incorrect;
• Fixed traffic loss during routing if incorrect MAC address was learned;
• Fixed bug in OSPFv3 that caused the backbone of the switch to reboot;
• Fixed bug that caused master device to reboot when adding a unit with a version older than 4.0.15 to the stack;
• Fixed bug that caused the device to reboot when copying a certain configuration from a TFTP server;
• Fixed bug in MSTP, when backup ports were not detected in MST instances other than Instance 0;
• Fixed bug that caused the device to reboot when polling certain SNMP OIDs.

Firmware Version 4.0.18

Added:

• Spanning tree bpduguard support for PVST/PVST+;
• Support for PVST/PVST+ bpdu filtering;
• Basic Multi-VRF support for static routes, DHCP Relay, OSPF, SNMP;
• SCP server support;
• Support for Port-Channel as an egress interface when configuring RSPAN;
• Route-map support for OSPF;
• BGP IPv6 support;
• Implementing the "errdisable recovery interval" setting separately for each physical interface;

Fixed:

• Fixed issue with FiverTool, UpNet, ModuleTech WDM SFP modules;
• Fixed issue where snmp-server source-interface could not work with loopback-interface;
• Fixed an issue when the interface would not change status to UP on a two-pair copper cable with the default configuration;
• Fixed an issue where a hang occurred when copying a configuration to running-config;
• Fixed display of directly connected networks in show ipv6 route command output;
• Fixed a problem that occurred when loading a configuration in startup-config;
• Fixed critical error when configuring VPC on MES35xx;
• Fixed problem with authorization of long commands;
• Fixed memory leak due to copy over SCP;
• Increased the maximum number of characters in the VLAN name (up to 128).

Firmware Version 4.0.17

Added:
 

•  Added NSF (Non-Stop Forwarding) support for stack mode;
• Added restriction on the simultaneous use of different ring protocols;
• Interface state change logging can be disabled now;
• Added the feature to DHCP snooping, which disables the interface when the specified number of DHCP datagrams per second is exceeded;
• Added file copy start event SNMP-trap;
• Added "show lldp neighbors detail" command;
• Added software version display in show lldp neighbors detailed output;
• Traffic transmission between ports on which QinQ is configured in tr101 mode, with the same S-VLAN tags, but different C-VLAN tags is now forbidden;
• Implemented the ability to configure MAC address replacement in IGMP-report when using IGMP-Proxy;
• Implemented restricted-tcn on LAG interfaces;
• Changed TCAM resource allocation mechanism;
• Added port trust mode when replacing source ip/mac in IGMP-report;
• Increased stack throughput in ring topology;
• When assigning a vlan attribute from a radius server, the value of the Tag field in the AVP Tunnel-Private-Group-Id can take any value;
• Added the ability to configure the minimum number of aggregated links for LACP;
• Added the ability to limit the maximum number of CLI sessions;
• The password in the logs when copying files via SCP is not displayed anymore;
• Increased file download speed when issuing copy commands via telnet and SSH;
• Added the ability to assign the backup role to the maximum number of devices in the stack;
• Added full message output when rebooting the device via SNMP.

Fixed:
 

• Fixed "show port jumbo-frame" and "show interfaces mtu" outputs;
• Fixed "show radius-servers status" command;
• Fixed stuck users in "show users";
• Fixed configuration loading issue if it contains "logging events spanning-tree topology-change";
• Fixed issue with incomplete MAC table flushing;
• Fixed traffic breaks when changing aggregated link membership with 4K VLAN;
• Fixed incorrect behavior of GVRP with Jumbo Frame enabled;
• Fixed rate-limit (burst not set) issue where no traffic was transmitted;
• Fixed the issue of stopping traffic that occurs when entering the "traffic-limiter mode pps" command;
• Fixed switch reboot that occurred when entering the "show ip ospf database router" command;
• Fixed %p template value for port-channel in option 82;
• Passwords in unencrypted form are not displayed in syslog anymore;
• Fixed loopback-detection on port-channel;
• Fixed the simultaneous use of QinQ and CFM;
• Fixed port switching in UP state when transmission is disabled on SFP module;
• Fixed offset-list functioning in customer mode with double tagging;
• Fixed power issues when connecting Hikvision cameras;
• Fixed removal of all routes at once by the "no ip default-gateway X.X.X.X" command;
• Snmpbulkwalk request processing has been stabilized;
• Fixed operation of Status indicators when updating the version;
• Fixed the issue when configuring STP protocol after disabling ERPS protocol;
• Fixed the issue when polling stack ports via snmpwalk command;
• Fixed display of "selective-qinq list egress" rule in running-config;
• Fixed discrepancy between the state of Port-Channel and physical ports in it when (R)PVST is running;
• Removed special character <cr> in TACACS accounting packets;
• Fixed SysUptime field value in sFlow packets.

Firmware Version 4.0.16.14


Added:

• Implemented the ability to remove a VLAN from PVST/RPVST instance without first shutting down the port;
• PVST/RPVST settings for VLAN are now grouped. 

Fixed:

• Fixed a bug with the occurrence of a short-term storm of the ERPS ring;
• Fixed error caused by SNMP polling CPU utilization values;
• Fixed RAM allocation error when polling via SNMP;
• Fixed high CPU usage bug when polling via SNMP;
• Fixed reboot of the switch when using voice vlan in conjunction with DHCP snooping in the stack;
• Fixed bug in voice vlan operation in PVST/RPVST modes;
• Fixed reboot while viewing show commands when saving configuration via remote session.

Firmware Version 4.0.16.5

Added:

• Added support for MD5 authentication to BGP;
• Added the ability to configure metric-type when announcing routes in OSPF.

Fixed:

• Fixed incorrect display of Bridge ID in the output of PVST protocol information.
   

Firmware Version 4.0.16.4

Added:

• Added the ability to determine the type of power supply PM160 revB;
• The range of setting the lifetime of MAC addresses in the corresponding table has been increased to 1,000,000 seconds.

Fixed:

• Fixed incorrect work of the STP protocol in the stack;
• Fixed incorrect work of the LACP protocol in the stack;
• Fixed a slowdown in the CLI when polling the stack via SNMP.

Firmware Version 4.0.16.2

Added:

• Added the ability to configure udp src port for SNTP;
• Added the ability to configure restricted-tcn on LAG interfaces;
• Added the Alarm relay management.

Fixed:

• Fixed incorrect ACL operation on the backup and slave units stack interfaces;
• Fixed incorrect operation of sQinQ rules on the backup and slave units stack interfaces;
• Fixed reboot of the backup unit when configuring "traffic limiter-mode pps";
• Fixed the logic of the deny rules in PBR ACL;
• Fixed incorrect operation of the "negotiation bypass forced" command;
• Fixed incorrect operation of static routes for VLAN interfaces with two or more IP addresses configured;
• Fixed the logic of IP interfaces changing to the "operational status UP" state;
• Fixed a short-lived storm in the ERPS main ring when configuring the sub-ring;
• Fixed transition of IP interfaces to the "operational status UP" state when dynamically adding a VLAN to a physical interface via a RADIUS attribute;
• Fixed reboot of the device due to receiving an IP address through an interface with configured IP Source Guard;
• Fixed the display of FEC status on the backup unit.

Firmware Version 4.0.16

Added:

• Added saving of secure mac-addresses to the device configuration file in port security secure permanent mode;
• Added the ability to authorize entered commands using the TACACS+ protocol;
• Added the ability to forcibly enable/disable the LED indication of interfaces;
• Added the ability to process 802.1ad traffic on the CPU;
• NTP protocol is now supported;
• Added the ability to enable guard root protection for a specific MSTP instance;
• Added the ability to set the limit for ingress traffic in pps;
• Added the ability to limit ingress arp traffic for a specific port;
• RADIUS attribute value Cisco-AVPair = "shell: roles = network-admin" is now supported;
• Added sending SNMP trap and syslog messages when the device is rebooted with the reload command;
• Added the ability to assign master role to the stack unit;
• Added the ability to enable vlan-based loopback-detection in specified VLANs;
• Added the ability to disable IRDP protocol.

Fixed:

• Fixed disabling command completion with the Tab key;
• Fixed MAC address forbidden by MAC ACL learning when DHCP snooping is enabled;
• Fixed device reboot with the backup role in the stack when the ip DHCP snooping database is disabled;
• Fixed telnet session breaking by the device when removing ports from the LAG;
• Fixed incorrect blocking of ports by the disable-port feature in ACL;
• Fixed the behavior where the loopback-detection vlan-based function did not unblock VLANs;
• Fixed device reboot when trying to apply changes to the ACL using the commit command;
• Fixed device reboot in the stack due to incorrect operation of the sFlow application;
• Fixed incorrect output of logging messages and sending SNMP trap for allowed mac-addresses when port-secure is running;
• Fixed VPC connection not being established when there is a large number of VLANs;
• Increased the speed of transferring files using the SCP protocol;
• Fixed device reboot when VPC and STP work together;
• Fixed a behavior where there was a long interruption in traffic passing when rebooting a VPC device with the primary role;
• Fixed incorrect indication when using SFP transceivers from FIBO, Strela, Opticin vendors.

Firmware Version 4.0.15.3

Fixed:

• Fixed switch reboot when trying to configure IP Source Guard on a port without global enabling.

Firmware Version 4.0.15.2

Fixed:

• Fixed incorrect addition of a non-participating port to a VPC group on the MES5324 switch;
• Fixed behavior where both VPC peers were sending STP BPDUs to ports of the same VPC group;
• Decreased CPU load when VPC is running.

Firmware Version 4.0.15

Added:

• Stack port status display;
• Protocol ARP in IP ACL support;
• Protocol GRE support;
• Command «show tech-support» output was expanded;
• Buffers for traffic mirroring were expanded;
• L2PT on top of LAG support;
• Support of the UDLD, RIP, OSPF, VRRP in L2PT;
• Private-vlan trunk mode;
• IP DHCP route [connected/static] feature support;
• Ability to add a "port" field template in TACACS+ packets;
• Power supply type display;
• Information about the attack output in TCP Syn Protection was expanded;
• Ability to view telnet-sessions status;
• Ability to download SW and configuration files via HTTP.

Fixed:

• Fixed duplicating packets when passing through L2PT running on top of LAG;
• Fixed simultaneous operation of voice vlan and 802.1x;
• Fixed operation of client port mode on slave units;
• Fixed accounting of show version command when working with TACACS +;
• Fixed output when trying to create a VPC group with a number outside the valid range (1-63);
• Fixed bug when trying to create more than 9 VPC groups;
• Fixed the "show vpc" command output after deleting a VPC group;
• Fixed error of removing snmp-server host informs;
• Fixed bug of deleting MST config name;
• Fixed switch reboot when trying to establish an SSH connection to itself;
• Fixed bug with changing STP mode on switch ports;
• Fixed switch reboot when using RIP authentication;
• Fixed operation of restricted TCN feature;
• Fixed bugs when learning MAC addresses on ports with PVST and RPVST enabled;
• Fixed switch reboot when establishing multiple SSH sessions;
• Fixed short-term storm in ERPS ring;
• Fixed incorrect operation of P2P mode in the ISIS protocol;
• Fixed switch reboot with periodic Telnet connection;
• Eliminated the need to assign IP addresses from the same subnet to the switch interface and client equipment for correct processing of the igmp report;
• Fixed the switch freezing when displaying a large amount of information on the screen via ssh session;
• Fixed disabling SSH server when trying to log in with an empty password;
• Fixed unused ssh sessions not being closed;
• Fixed incorrect message when trying to reconfigure port security max;
• Fixed incorrect calculation of path cost in STP protocols.

Firmware Version 4.0.14.3

Fixed:

• Fixed incorrect operation of SSH, which led to device reboot;
   
• Fixed incorrect work of STP, which led to an error in enabling the flex-link function;
• Fixed incorrect display of fan crashes;
• Fixed a bug with the port security discard-shutdown action;
• The behavior that caused the interface to briefly rise at 1G speed, despite the fact that the configuration is set to 100M, has been eliminated;
• Fixed incorrect display of the amount of RAM for the MES5324 device.

Firmware Version 4.0.14.2

Added:

• Added support for PVST + operation with switchport general port mode.
   

Fixed:

• Fixed operation of the shutdown action in port-security when receiving a packet with a mac address learned on a different port;
• Fixed copying files via SCP;
• Fixed error copying startuр-config file to TFTP server;
• Fixed duplication of interfaces when polling SNMP table entPhysicalDescr on MES5324 devices;
• Fixed restarting devices in the stack with a certain combination of stack ports;
• Fixed restart when connecting devices to the stack with LAG configured.

Firmware Version 4.0.14.1

Added:

• Added the ability to change the default sysDescr;
• Added the ability to limit the number of MAC-addresses for Voice VLAN;
• Added the ability to block a specific VLAN via port security;
• Added the ability to enable ip source-guard for a specific VLAN;
• Protocols VTP, CDP, DTP, PAGP, PVST+ now support L2PT.

Fixed:

• Fixed the disappearence of backup write-memory command while copying configuration to the device via tftp;
• Fixed the reboot at high CPU load and telnet-session break;
• Fixed the failure of dscp-cos map after reboot of the device;
• Fixed the faulty discard of the DHCP discover packets on 10G interfaces;
• Fixed the faulty blocking of traffic addressed to the CPU using the ERPS protocol;
• Fixed the switchport mode change from general to trunk when default-vlan is disabled;
• Fixed the information display of some show-commands  (incorrect symbol placement while moving the bar and changing the line)
• Fixed the freezing after utilizing reload at command;
• Fixed the switch reboot after adding voice vlan on port with clients authorized via dot1x;
• Fixed the reset to default port configuration when general mode is configured.
  
  Firmware Version 4.0.14
  
  Added:
• Added support for 4x10G ports 40G operation mode;
• Added IP SLA function;
• Added support for IS-IS routing protocol;
• Added support for long frames when tunneling the IS-IS protocol;
• The syslog message format has been converted to CEF;
• Added Portfast support in PVST + / RPVST + mode;
• Added "*" mark for inactive routes in the routing table;
• Added support for Intel FTLX1471D3BCVI31 SFP module;
• The display of the hostname in the cli has been increased to 25 characters;
• Added support for AES encryption protocol in SNMPv3;
• Implemented sending snmp trap when receiving DHCP ACK / OFFER from an untrusted interface;
• Added encryption algorithms aes128-ctr, aes192-ctr, aes256-ctr for SSH sessions;
• Added loop / root-guard support for PVST mode;
• Increased queue-limit limits in qos tail-drop profile;
• Added counters for ACL rules;
• Added the ability to work sqinq add_vlan rules in conjunction with igmp snooping / proxy;
• Added display in the "show lldp neighbors" command of the ChassisId output in the IP-address format, if the neighbor's ChassisIdSubtype contains the networkAddress value;
• Edited command set from show tech-support output;
• Added display of information on stack ports in the "show tech-support" command;
• Added support for OpticQ SFP + Transceiver 10Gbps modules, corrected DDM information output;
• The Idle timer in the SSH server has been improved, the SSH session is closed if it is in the FIN-WAIT-1, FIN-WAIT-2, TIME-WAIT, CLOSE-WAIT, LAST-ACK, CLOSING states for more than 60 seconds;
• Added the ability to edit ACL without decoupling from interfaces;
• Added the Change of Authorization (CoA) function;
• Added support for STP protocol on VPC aggregated links;
• Added support for 512 subnets for ipv4 (128 for mes2324 devices) and 128 for ipv6;
• Added command prompt ip dhcp information option format-type remote-id;
• Added support for PoE power supply for Hikvision DS-2CD3625FHWD-IZS cameras on MES3508P devices;
• Added the ability to extend tail-drop profile limits via CLI to maximum values;
• Increased default mirroring limits.

Fixed:

• Fixed incorrect detection of speed of 10Gbps DA-cable;
• Fixed work with some 1Gbps SFP modules;
• Fixed VPC operation at startup without peer-link;
• Fixed portfast operation in STP mode;
• Fixed restart when displaying spanning-tree settings;
• Fixed errors of authorization according to the 802.1x standard using radius-attributes;
• Fixed bugs in the console speed autodetection mechanism that caused the switch to hang;
• Fixed disappearing backup write-memory setting from running-config;
• Fixed restart when trying to auto-negotiate duplex mode;
• Fixed a bug due to which SNMP traps were not sent when mac-notification is enabled when the port is disabled;
• Fixed loading settings from startup-config for vlan 1;
• Fixed looping of igmp packets via peer-link VPC;
• Fixed bug with transit traffic getting into priority queues on cpu;
• Fixed error when configuring errdisable recovery cause;
• Fixed MSTP operation on a device to which the device is connected via an aggregated channel at the time of reboot;
• Fixed restart when connecting to a switch operating in RPVST mode, a switch operating in RSTP mode;
• Fixed restart when removing acl from multiple vlanes at the same time;
• Fixed restart when connecting via ssh - fixed unsafe use of pointers;
• Fixed stack freeze when connecting via com-port at 9600 Baud;
• Fixed operation of the SSH protocol, increased the number of buffers in the SSHD pool;
• Fixed a bug with assigning an ipv6 address to a physical interface;
• Fixed work of BGP and BFD, to avoid desynchronization of tasks using the SOCKG_recv function, the logic of using semaphores was changed, the reference to a pointer was replaced with a safer one;
• Fixed operation of access lists in a situation when acl is removed from one port, which was previously configured for several ports;
• Added traces to SSH in case of an attempt to delete a non-existent user;
• Fixed a bug in RSTP operation: discarding an agreement packet if its BridgeID was less than that on the switch that received the packet;
• Fixed the problem with the transmission of PPPoE IA headers;
• Fixed reboot when checking ping with minimum timeout;
• Fixed the problem of passing CFM packets to alternate port in RSTP;
• Fixed VPC operation when rebooting a primary device.
• Fixed bug with switchport protected-port;
• Fixed a bug when establishing an SSH session;
• Fixed a bug with incorrect PoE operation with Hikvision DS-2CD3625FHWD-IZS cameras;
• Fixed bug with freeing TCP sessions when they were closed;
• Fixed a bug with assigning an IPv6 address to a physical interface.

Firmware Version 4.0.13.3

Added:

• Added the ability to remove VLAN_ID in customer mode based on both s-vlan and c-vlan;
• Implemented Per-port fast leave mode;
• Extended list of encryption algorithms for SSH;
• Implemented TC-protection functionality;
• Added support for simultaneous operation of customer mode and MVR function;
• Increased priority of VPC PDUs on the CPU;
• Added a separate output of VPC PDU counters to the CPU;
• Added the ability to configure DHCP options 82 in different VLANs;
• Added support for FiberTrade 80km SFP 8.5G SFP.

Fixed:

• Fixed error deleting protected MAC addresses during reboot;
• Fixed a bug leading to delays in the transmission of multicast traffic;
• Fixed a bug in the auto-detection mechanism for com-port speed;
• The bug of voice-vlan and 802.1x functionality working is fixed;
• Fixed routing error in MES2348B and MES3348 devices;
• Authorization errors using the RADIUS protocol have been fixed;
• Fixed the bug of DHCP Relay and IP Unnumbered collaboration;
• The error of the functionality of Backup after copying files by tftp is fixed;
• Fixed bug with incorrect operation with some SFP / SFP modules;
• Fixed long output show fiber-ports optical-transceiver for SFP without DDM support;
• The error of applying an empty tail-drop profile in the default configuration has been fixed;
• Fixed removal of Voice VLAN when port security is in lock mode.

Firmware Version 4.0.13

Added:

• Added additional syslog message for secure mac address in port-secure functionality;
• Added the ability to view the configuration for the current context of interfaces;
• Added Service-Type attribute to RADIUS request when port-based user authentication;
• Added the ability to accept a list of ACL rules in a response from radius-server for the Dot1x functionality;
• Added functionality for advanced privilege settings for teams;
• Added BFD functionality for BGP;
• Added SSH command execution mode without interactive connection;
• Added functionality MLAG / VPC;
• Added the ability to view the time the port is in the down state;
• Added support for PBR functionality;
• Added functionality for summing external routes OSPF / OSPFv3 on ASBR;
• Added Rapid PVST functionality;
• The number of pools for a DHCP server has been expanded from 16 to 32;
• Added the ability to automatically restart PoE in case of error detection.

Fixed:

• Fixed incorrect processing of IGMPv3 requests with a large number of groups in IGMP Proxy;
• Fixed the bug of incorrect mirroring after changing the skill in the stack;
• The error of incorrect polling of the table "1.3.6.1.4.1.35265.35";
• Fixed incorrect interaction of L2PT with ERPS;
• Removed EAP-Message in the header in radius-request during MAC authorization;
• Fixed error updating lease time in the dhcp snooping table when renewing a lease in renewal timer;
• Fixed errors of incorrect work of PVST when changing to xSTP and vice versa or when disabling / enabling STP;
• Fixed error with the command no spanning-tree disable on portchannel;
• Fixed a bug leading to duplication of multicast traffic on an interface blocked by STP;
• Fixed bug with incorrect installation of speed 10 on devices with optical 1G interfaces;
• Fixed bug of incorrect operation of dot1x radius-attributes vlan;
• Fixed the bug of incorrect operation of Voice VLAN in conjunction with Dot1X;
• Fixed bug with incorrect traffic processing in Dot1X multi-session mode;
• Fixed a bug in the IP ACL assignment mechanism, leading to incorrect filtering in the absence of an IP header in the frame;
• Fixed processing errors for a large number of OSPF LSA;
• Fixed calculation of spanning-tree cost for port-channel;
• Fixed bug of incorrect traffic restriction by Storm-control in some situations;
• Fixed bugs with some SFP / SFP / QSFP modules;
• Improving the stability of devices.

Firmware Version 4.0.12.6

Added:

• Added syslog message for MAC address recorded as secure on another interface;
• Added support for IPv6-mac binding;
• Added support for DHCPv6 LDRA;
• Added support for DHCPv6 Relay agent;
• Added support for PVST bpdu flooding in instances where the protocol is disabled.

Fixed:

• Fixed RPF-check checking in MSDP;
• Fixed problem with copying MSDP configuration to tftp server;
• Fixed the problem with rebooting the switch when using a large number of MSDP groups;
• Fixed problem with OSPF neighborhood crash when changing the active STP port;
• Fixed a problem with the OSPF-neighbor crash when a large STP TCN flow arrives;
• Fixed problems with rebooting the switch when using PVST;
• Fixed L2PT operation as part of the switch stack;
• The compatibility problem with some models of sfp transceivers Huawei and ZTE has been fixed;
• Fixed a problem with releasing tcp connection when closing telnet / ssh sessions;
• Fixed the problem of redistributing static subnets in the second OSPF process;
• Fixed a problem with passing traffic of unauthorized clients in dot1x multi-session mode.

Firmware Version 4.0.12

Added:
 

• Added new functionality for BGP protocol:
• Added support for IP Prefix List functionality;
• Added support for Route Map functionality;
• Added support for Route Reflector functionality;
• Added support for BGP Peer Group functionality;
• Added support for Path MTU Discovery functionality for BGP connections;
• Added support for Multicast Address Family functionality;
• Added the ability to specify a name for a static route;
• Added functionality PIM Passive Interface;
• Added PIM Snooping functionality;
• Added the ability to display a list of MAC addresses for a specific interface via SNMP;
• Added functionality Flex Link;
• Added MSDP functionality;
• Added IGMP Static Groups functionality.

Fixed:

• Fixed a bug where the installation of snmp-server source-interface did not work;
• Fixed incorrect operation of traceroute functionality;
• Fixed bug with incorrect setting of OAM PDU Revision when receiving OAM RLB Request;
• Improving the stability of the device when rebuilding xSTP-tree;
• Fixed a bug leading to traffic loss when routing multicast traffic using the PIM protocol;
• Fixed errors when copying a startup configuration file from startup-config to running-config;
• Fixed a bug leading to incorrect calculation of the utilization of the LAG interface in the first 15 seconds of interface activity;
• Improved device stability.

Firmware Version 4.0.11.1

Fixed:

• Fixed the problem of DHCP snooping and SQinQ working together;
• Fixed a bug leading to incorrect operation of ERPS.

Firmware Version 4.0.11

Added:   

• Added support for the licensing system. In the current version of the software, BGP functionality is licensed.
• Added support for the basic BGP functionality:
•   Establishment of iBGP, eBGP sessions;
•   Support for 32-bit AS;
•   Support for limiting the number of accepted routes;
•   Setting up substitution of Next Hop for your own (next-hop-self command);
•   Announcing subnets with the network command;
•   Announcement of routes of alternative routing protocols;
•   Setting up timers;    
•  Added the ability to select the SSH server operation algorithms;
•  Added the ability to select the size of the ICMP-ping packet;
•  Added extended output of interface status in the show interfaces status command;
•  Added functionality of Dot1x Guest VLAN;
•  Added support for CFM functionality;
•  Added the ability to change the state of the ERPS ring to the events propagation link failure / restore event and Continuity Check Protocol (CCM) connectivity violation in domain CFM MEP;
•  Added the ability to optionally enable IP DHCP Snooping on separate physical interfaces;
•  Added the ability to delete a single entry in IP DHCP Snooping Database;
•  Added the ability to optionally clear the IP DHCP Snooping Database table when the interface crashes;
•  Changed the format of the Hardware Address output in the show ip dhcp declined output;
•  Added the ability to add VLANs received via GVRP protocol to the VLAN Database static table;
•  Added the ability to configure SRC UDP Port in the IP DHCP Relay functionality;
•  Added the ability to select a DHCP Relay server address for different VLANs;
•  Increased the number of local accounts to 10;
•  Added the ability to specify one interface as a stack;
•  The location of the MNGM interface of the MES5324 switch in the SNMP table rlPhdPortsTable has been changed (row has been changed from 5 to 2);
•  Added DDM mapping for individual 40G channels of MES5324 interfaces;
•  Increased the maximum number of port channel to 48;
•  Added the ability to enable half duplex on optical interfaces;
•  Added the ability to optionally enable logging for the STP protocol;
•  Implemented STP New root bridge event logging.

Fixed:     

 

•    IGMP requests that fall under the multicast snooping profile and max-groups restriction are sent to Uplink;
• The IGMP group is added to the igmp snooping table when there is no response from the RADIUS server;
• Fixed operation of the 802.1x multi-session functionality;
• Fixed error of incorrect reading of DDM for DWDM modules;
• The error of the system buffer overflow when using the IP IGMP-Proxy functionality has been fixed, which has caused the services that send traffic from the CPU to freeze;
•  The error of the system buffer overflow when using the IP PIM functionality was fixed, in which part of the MC groups are not added to the ip mroute table;
•  Fixed a bug where the timer for rebuilding the STP tree was not reset;
•  The error of rebuilding the STP tree when adding VLAN to the port is fixed;
•  The error when turning on ip dhcp snooping has been fixed, which leads to a reboot of the backup unit on the stack;
•  Fixed conflicts of column / row numbers and interface indices for SNMP tables ifTable and rlPhdUnitStackPortTable;
•  Fixed the error of the endless output of the show green-ethernet command;
•  Fixed incorrect STP shutdown on ports in PVST mode;
•  Improved device stability.

Firmware Version 4.0.10.1

Fixed:

• Fixed the bug of incorrect operation of the STP Last Topology Change timer;
• Fixed bug of unstable operation of PVST +;
• Fixed a bug in the operation of the PIM protocol, in which more than 120 Multicast groups were not stably processed;
• Improved device stability

Frimware Version 4.0.10

Added:

•     Added the ability to specify a name as the server address in the Backup functionality;
•  Added DHCP Relay support within the same VLAN;
•  The PoE functionality has been improved, when the wizard reboots in the stack, the power on the slave ports does not turn off;
•  Added the ability to send IGMP Query Specific only to ports according to the IGMP Snooping table;
•  Added the ability to clear the MAC table by VLAN number;
•  Added the ability to simultaneously enable DHCP Relay and DHCP Server;
•  Added the ability to force close control sessions on the switch side;
•  Added the ability to bind ACL / Policy on Output interfaces;
•  Added switch IP and client MAC templates for Circuit-id in PPPoE IA and DHCP Snooping;
•  Added output of Threshold parameters of SFP transceivers;
•  Added support for VLAN and ACL assignment for 802.1x functionality;
•  Added PVST + functionality;
•  Added the ability to view the VLAN ID in the output of the show interfaces description command;
•  Added support for responding VRRP IP addresses to ICMP requests;
•  Added setting of TCP SYN and Multicast traffic limiters on the CPU;
•  Implemented PIM, OSPF neighborhood logging.

   Fixed:    

•     The error of duplication of the DHCP request, when using DHCP Relay and DHCP Snooping;
•  Fixed a bug that caused the device to freeze when connected via SSH;
•  Fixed a bug leading to the failure of the Backup functionality;
•  Fixed a bug leading to duplication of OAM functionality log messages;
•  Restored OSPF route summarization;
•  Fixed display of LSA in OSPF Databse;
•  Fixed a bug where DHCP Option 82 was removed by the switch on Trust ports;
•  Fixed a bug leading to routing failure;
•  Fixed incorrect operation of the Proxy-Report functional;
•  Fixed a bug that caused the device to freeze when deleting IGMP-Proxy VLAN;
•  Fixed a bug leading to the OSPF neighborhood crash when viewing the configuration if MSTP is configured;
•  Fixed a bug leading to the OSPF neighborhood crashing while saving the configuration;
•  Fixed a bug leading to the fall of OSPF neighborhood when downloading software from a TFTP server;
•  Fixed a bug leading to the fall of OSPF neighborhood with minimum dead-interval values;
•  Fixed a bug that caused the SFP transceiver laser to turn off when the switch reboots on the opposite side;
•  Fixed a bug leading to a storm in the STP ring when viewing the status of active ports in STP;
•  Fixed a bug that caused the device to freeze when rebuilding STP;
•  Fixed a bug where the LACP was not broken, even if the neighbor did not respond;
•  Improved device stability.

Firmware Version 4.0.9.3

Added:
 

• Added the ability to balance MPLS traffic for LAG groups.
• Fixed:
• Fixed bug with incorrect cleaning of the MAC address table;
• Fixed a bug leading to loss of traffic when rebuilding the ERPS ring;
• Fixed a bug leading to the study of MAC addresses when using MAC ACL and PPPoE IA together.

Firmtware Version 4.0.9

Added:

• Added functionality for resetting interface settings;
• Added DNS Resolver functionality;
• Added support for ECMP technology;
• Added the ability to configure CoS and DSCP for IGMP Proxy functionality;
• Added the ability to set IP addresses with prefixes 31 and 32 on the VLAN interface;
• Added IP Unnumbered functionality;
• Added support for L2protocol-tunnel technology for ports in Trunk and General modes;
• A command has been added to configure the SPF calculation delay, and the LSA Throttling OSPF protocol settings have been implemented;
• Increased the number of ACLs used on interfaces;
• Added PIM DM functionality;
• Added support for MVR functional collaboration in conjunction with PIM;
• Added the ability to redirect the output of Show commands to a file on Flash-memory;
• Removed the display of device ports that are not in the stack.

Fixed:

• The readings of the OOB port counters were incorrectly displayed;
• Port-Channel interface speed displayed incorrectly;
• The source MAC address was studied in the switching table when it fell under the prohibit rule ACL;
• Loss of traffic when updating an ARP table;
• Errors while loading the configuration in startup-config;
• Incorrect display of some configuration entries in show running-config;
• DHCP Server issued Default Gateway from another pool;
• The L2 Protocol Tunnel functionality for LACP did not work;
• With some probability, the Gi0 / 3 port did not rise after rebooting the MES2348B device;
• Loopback SNMP tables
• Simultaneous operation of PIM and MVR;
• Some timer-sensitive services may have been rebuilt during configuration output;
• Incorrect display of PSE temperature in show power-inline;
• Incorrect display of the slot number and interface number in the PoE ladders for the stack of several PoE devices;
• Incorrect operation of the acceptable-frame-type untagged-only functionality in conjunction with PPPoE IA;
• The selective-qinq list ingress add_vlan rule stopped working;
• Traffic interception on the CPU in the presence of a static route;
• Spanning-tree cost setting on Port-Channel was not applied;
• Improved software stability.

Firmware Version 4.0.8.3

• Bugs fixed;
• Improved stability.

Firmware version 4.0.8.2:
 

• Added Media-Type settings for combo ports;
• Added monitoring (logging+trap) and thresholds of RAM and CPU utilization, fan rates (if there are ones) and temperature;
• Added "load average" setting for a Port-channel;
• Added management of unknown multicast traffic filtering per VLAN;
• Added proxy-report mode for static multicast groups;
• The default values of service cpu-rate-limits have been changed for telnet and ssh (extended to 512pps);
• Added DHCP Option 82 Remote-ID setting as a user defined pattern as a line;
• The quantity of management sessions has been extended to 5;
• Extended "show snmp" displaying, added information on the status of all types of traps;
• Added displaying of the interface from which "last topology change STP" has been transmitted;
• Added displaying information on port blocking via Root/Loop Guard to "show spanning tree" output;
• Added configuration of DHCP server options 176, 242;
• Improved settings for all DHCP server options;
• Extended the number of characters of verification key for SNTP (to 32);
• Added displaying of QoS statistics on all queues per interface;
• Added packet counters per VLAN;
• Added opportunity to name vlan via vlan database;
• Added mode with extended number of configurable ACL UDB;
• The displaying of "show" commands has been limited according to ports of units in stack;
• Added option to switch off logging of management ACL;
• Added option to utilize the same names in the ACL/Policy map;
• Added opportunity to test copper cable by an unprivileged user;
• Added option to configure the quantity of unsuccessful authentication attempts before the session ends;
• The displaying of DDM parameters of SFP modules has been extended;
• The indication of Poe is displayed in Unit ID for MES2308P;
• Added option for LLDP TLV transmission: IEEE 802.3 Power Via MDI (RFC 3621).