Patch 86222-27 For Rapier Switches

9

Features in 86222-24

Patch file details are listed in Table 4:

Table 4: Patch file details for Patch 86222-24.

Base Software Release File

86s-222.rez

 

 

Patch Release Date

6-Mar-2003

 

 

Compressed Patch File Name

86222-24.paz

 

 

Compressed Patch File Size

433360 bytes

 

 

Patch 86222-23 includes all issues resolved and enhancements released in previous patches for Software Release 2.2.2, and the following enhancements:

PCR: 02071

Module: NTP

Network affecting: No

When a NTP packet was received from an NTP server (mode 4) the router acted as a client, and sent a reply back to the server, but did not remove the peer association. This meant that the Dynamic Peers list, viewed using the SHOW NTP command, displayed incorrect dynamic peer associations. This issue has been resolved.

PCR: 02202

Module: FIREWALL/IP NAT

Network affecting: No

Previously, when Firewall or IP NAT was enabled, any fragmented IP packets had to be reassembled so they could be processed. If the fragments could not be reassembled, the packet was dropped. Reassembly could only occur if the combined packet (IP header, and protocol header, and data) was no more than 1800 bytes. An additional limit of no more than eight fragments was also imposed. This PCR implements enhanced fragment handling for Firewall and IP NAT. Each module can now be configured to process fragmented packets of specified protocol types without needing to reassemble the packet. The number of fragments a packet may consist of is also configurable. This enhanced fragment handling is disabled by default.

To enable enhanced fragmentation for Firewall, use the command:

ENABLE FIREWALL POLICY=policy_name

FRAGMENT={ICMPUDPOTHER}

To enable enhanced fragmentation for IP NAT, use the command:

ENABLE IP NAT FRAGMENT={ICMPUDPOTHER}

To disable enhanced fragmentation for Firewall, use the command:

DISABLE FIREWALL POLICY=policy_name

FRAGMENT={ICMPUDPOTHER}

To disable enhanced fragmentation for IP NAT, use the command

DISABLE IP NAT FRAGMENT={ICMPUDPOTHER}

To configure the number of fragments permitted per packet for Firewall, use the command:

SET FIREWALL FRAGMENT=8...50

To configure the number of fragments permitted per packet for IP NAT, use the command:

SET IP NAT FRAGMENT=8...50

Patch 86222-27 for Software Release 2.2.2 C613-10319-00 REV Z

Page 9
Image 9
Allied Telesis 86222-27 manual PCR Module NTP Network affecting No, PCR Module FIREWALL/IP NAT Network affecting No