Patch-ID# 118724-04 Keywords: vsrp vrrp vlan lag acl rule tcp shc runningconfig sessions nat cat virtual Synopsis: N2000 Series: V2.0 Service Update 4 Date: Jun/23/2005 Install Requirements: None Solaris Release: SunOS Release: Unbundled Product: Sun Secure Application Switch / N2000 Unbundled Release: 2.0 Xref: Topic: Service update for N2000 Series V2.0 switches Relevant Architectures: n2040 n2120 BugId's fixed with this patch: 6207117 6207125 6211746 6211747 6211754 6211756 6211762 6211764 6211767 6211770 6216137 6221382 6221386 6221508 6223724 6224565 6224649 6227762 6229594 6229913 6233164 6233400 6233404 6237738 6238959 6254873 6254880 6254886 6261354 6261356 6261358 6261362 6261377 6261380 6262878 6262879 6262881 6262882 6262884 6262889 6262903 6262908 6262912 6262914 6270082 6270285 6270287 6270291 6270297 6270304 6270787 6272530 6272534 6272542 6281664 6281667 6281811 6281815 6281826 Changes incorporated in this version: 6233164 6238959 6254873 6254880 6254886 6261354 6261356 6261358 6261362 6261377 6261380 6262878 6262879 6262881 6262882 6262884 6262889 6262903 6262908 6262912 6262914 6270082 6270285 6270287 6270291 6270297 6270304 6270787 6272530 6272534 6272542 6281664 6281667 6281811 6281815 6281826 Patches accumulated and obsoleted by this patch: Patches which conflict with this patch: Patches required with this patch: 119731-01 (or greater) Obsoleted by: Files included with this patch: O_C14M.elf.gz,4 O_Fwd-perf.elf.gz,4 O_Mgmt.elf.gz,4 an2o.elf,4 ckm.elf.gz,4 fpgaHerrlm.elf.gz,4 fpgaRevs.txt,4 fpgalm.elf.gz,4 gated.elf.gz,3 halagent.elf.gz,4 install.elf.gz,4 protoLayers.elf.gz,4 rmon.elf.gz,4 sard.elf,4 slb.elf.gz,4 smeo.elf,4 smf.elf.gz,4 snmp.elf.gz,4 spa.elf.gz,3 sysServices.elf.gz,3 ui.elf.gz,4 vsa.elf.gz,4 vsrp.elf.gz,4 webserv.elf.gz,4 www Problem Description: 6233164 Large Ping and NFS traffic failing to route properly within a vRouter across VLANs (5972) 6238959 Need a utility/tool to compress installed software to make space for future patches/releases (5985) 6254873 clientAddressTranslation should only occur on selected client addresses, not all (6019) 6254880 Missing VIP route entry in system:shared after config replay (6045) 6254886 Frag policy rules from RIPs are added incorrectly (6096) 6261354 Miscalculation of space during installation (5916) 6261356 TCP health checks fail when hosts are using system:shared vrouter (6071) 6261358 Hal policy download time is prohibitive - need to reduce how often download occurs (6115) 6261362 Clearing realServices counters while traffic was flowing produced a Web GUI restart (6120) 6261377 Illegal shapes sourcing SHCs (6135) 6261380 Terminated SHCs not working correctly in system:shared vrouter (6144) 6262878 Crash of VSA when disabling/enabling vSwitch (5865) 6262879 Changing VSRP electionPreference can cause 2 VSRP Masters (5923) 6262881 Creating 2nd vs comes up with Oper status as misconfigured (6050) 6262882 Readding RS to SG which were shared causes a critical error (6101) 6262884 Readding objectRules to existing requestPolicies become unavialable for images objectRule (6139) 6262889 VS oper message shows 'host not configured' when vRouter is disabled (5738) 6262903 When change host vrouter, and change it back again, the 2nd change is not allowed (5969) 6262908 VSRP Redirect Address Change notification is not sent to all vSwitches (6152) 6262912 Dynamic NAT and CAT are not set up in Standby when switch is in VSRP backup (6164) 6262914 VirtualService address is not in route table after reboot from savedcfg (6097) 6270082 VLAN interface using LAG does not pass traffic (6231) 6270285 When many VirtualServices are in same vsGroup, boot up time is very long (6188) 6270287 VSA gets watchdog timeout warning when showing VS summary with many VSs (6185) 6270291 Hal runaway process occurs with large number of nodes (6189) 6270297 SMM sometimes misreports page usage (6194) 6270304 NMI recieved when using the new Spirent gear for a CPS test (5975) 6270787 Handling of HSRP frames during boot does not handle pdu credits properly (6233) 6272530 Implement the ability for an ACL to specify the traffic is to be forwarded without reassembly 6272534 VLAN crash at initialization when VLAN tagging is disabled (6236) 6272542 Adding a host to an existing DNAT host ip range is blocked by the switch (5908) 6281664 ddal hifn / Open for //pci.0//hifn7951.0 FAILED (6259) 6281667 RD crash if changing "Client First Protocol" advanced setting with traffic on (6279) 6281811 VSRP crash overwriting redirect address data in signal (6280) 6281815 SPA crash when entering lag name with more than 20 characters (6265) 6281826 GFZ Potsdam: GetObjectRtn truncating response after first line of headers (6271) (from 118724-03) 6221382 show runningConfig is looping on an interface statement (5932) 6221386 SPA crash trying to move a cdb.dat file from one system to another (5931) 6221508 Eth. Mgmt Default Gateway assignment during Setup is not operational until port bounce (5896) 6223724 show runningConfig is not outputting the private half of SSL certificates (5940) 6224565 SPA crash when license key was removed and system restarted (5945) 6224649 show runningConfig isn't exporting the license key correctly (5947) 6227762 Disabling the VSRP Admin State at the Node and session level and then re-enabling caused crash (5951) 6229594 Def. GW address not in forwarding table with VRRP over a lag with ICMP Echo Enabled for vrrp (5967) 6229913 Switch Eventlog reporting process_open failed for //pci.0//hifn7951.0 (5909) 6233400 When using LAGs in combination with VLANs, a user may notice the first few packets being dropped and not forwarded (5913) 6233404 After running traffic, open sessions are still showing in the statistics (5935) 6237738 For L4-L7 policies, packets larger than 14k bytes will cause the switch not to function (5980) (from 118724-02) 6211746 Object Rule Editor does not always launch properly when using Internet Explorer (5869) 6211747 Object Rule Editor does not update when using IE and rule set is more than 470 characters (5870) 6211754 Intermittent pauses Web GUI and CLI connectivity (5872) 6211756 Object Rule Editor displays incorrect error when entering rules greater than 512 characters (5873) 6211762 Web GUI may restart under high usage with Netscape v6 (5879) 6211764 systemInfo displays DataCenter Switch, should be Sun Application Switch (5880) 6211767 L2 AFT entries are prematurely aged (5881) 6211770 L2 AFT entries are not refreshed properly when using VLANs (5888) 6216137 LAGs do not distribute IP traffic properly across all links (5895) (from 118724-01) 6207125 Under high traffic loads using HTTP 1.1, some TCP connections are not closed properly (5871/5705) 6207117 Reconfiguring VSRP multiple times with multiple sessions can cause VSRP not to function (5593) Patch Installation Instructions: -------------------------------- Refer to the Install.info file and/or the Sun N2000 Series Release 2.0 - Command Reference (Part Number: 817-7636) for generic instructions on using the CLI 'install' command. Special Install Instructions: ------------------------------------------ None. README -- Last modified date: Thursday, June 23, 2005