Features in 276-02

 

 

 

15

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

CR

Module

Level

Description

AR44x / AR450

AR7x5

AR750S

 

Rapier i

AT-8800

AT-8600

 

AT-8700XL

AT-8948

AT-9900

AT-9800

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

CR00012613

Firewall

2

When the WAN load balancer was used with IP NAT (instead of firewall NAT), and

Y

Y

Y

 

-

-

-

 

-

-

-

-

 

 

 

an FTP session was established to a server on the public network, the router did

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

not correctly establish a return session. This meant data was unable to flow

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

correctly back from the server, and the router rebooted.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

This issue has been resolved.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Note that the WAN load balancer is not designed for use with IP NAT, because IP

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

NATs are not associated with interfaces. Configurations that use an IP NAT cannot

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

vary the global IP address (the gblip parameter) based on the outgoing interface,

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

so the WAN load balancer sends all traffic out with the same source address.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Therefore, the return traffic probably comes back via the WAN load balancer

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

resource that is associated with the global IP. The impact is that the WAN load

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

balancer balances the outgoing traffic but not the return traffic.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

We recommend using firewall NAT instead of IP NAT with the WAN load balancer.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

CR00012649

Switch,

2

The switch sometimes flooded IPv6 multicast traffic undesirably, if the MLD All

-

-

-

 

Y

Y

-

 

-

Y

Y

Y

 

MLD Snooping

 

Routers snooping group contained more than one port and another snooping

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

group contained no ports. In this situation, when a port timed out of the All

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Routers group, multicast traffic from the empty snooping group was flooded to

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

all ports on the switch. Flooding continued until the last port timed out of the All

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Routers group.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

This issue has been resolved.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

CR00012689

IP Gateway,

2

When IGMP proxy was configured and a user first deleted the upstream

Y

Y

Y

 

Y

Y

Y

 

Y

-

-

-

 

IGMP proxy

 

interface, then deleted a downstream interface, the router or switch sometimes

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

rebooted. Note that this issue did not occur if the downstream interface was

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

deleted first.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

This issue has been resolved.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Version 276-03

C613-10474-00 REV B

Page 15
Image 15
Allied Telesis AT-9900 Series manual CR00012613, CR00012649, MLD Snooping, CR00012689, Igmp proxy