Versions Compared

Version Old Version 13 New Version 14
Changes made by

Tracy Yang (Unlicensed)

Tracy Yang (Unlicensed)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

These notes summarizes PICOS PicOS 3.8 new features, new hardware, known bugs, and bug fixes. Best practices recommend that you read all the content before upgrading to this release. For more detailed feature information, refer to the configuration guides.

Table of Contents

New Features

Layer 2 and Layer 3

Bug IDReleaseDescription
128143.8.0

VXLAN Routing
The VTEP enabled VXLAN routing behaves as a VXLAN L3 gateway under centralized routing mode. Please have detailed at VXLAN Routing.

130983.8.0

Enable VXLAN on NAC Ports
VXLAN is not allowed to be configured on the ports with NAC, such as 802.1x and MAB and web authentication, enabled. This restriction is removed in release 3.8.0.

131013.8.0

DNS Domain Search List
Add a CLI command "set system dns-search-list xxxx" to configure the search list of DNS lookup with the host name.

131953.8.0.4

Multi-line Announcement

The content of login announcement with multiple lines can be configured by new added CLI command "set system login multiline-announcement ...".

136183.8.0.4

Specify Source Interface for SNMP Trap Configuration

Support to specify source interface for SNMP Traps. The source interface could be loopback or l3-interface. The specified source interface is used to derive the source IP address for the SNMP traps sent, so that traps received from each switch will always have a single consistent source IP address.

135973.8.0.4

SNMPwalk Fails

It's possible that SNMPwalk fails when switch has multiple VLANs enabled inband because the returned SNMP reply message can only be sent back via the l3 interface on which the associate SNMP query message is received. It is fixed in 3.8.0.4 by lookup the l3 routing tables to send the SNMP reply messages to SNMPwalk client.

131953.8.0.4

Multi-line Banner

The content of banner with multiple lines can be configured by new added CLI command "set system login multiline-banner ...".

Hardware

Bug IDReleaseDescription
124963.8.0

Support AS5835-54T
AS5835-54T consists of 48X10G RJ ports and 6X100G QSFP28 uplink ports on the front panel.


Fixed Issues

Layer 2 and Layer 3 Features

Bug IDReleaseDescription
131063.8.0

Cannot Read out EEPROM Data on AS7326-56X
The I2C address is changed on the new model of AS7326-56X.  The driver code is modified to fix this issue on the update model of AS7326.

131723.8.0.1Aquantia PHY Firmware is Not in SPI Flash on N3224PX-ON
Ports cannot link up if Aquantia firmware is not loaded to the RAM of the external PHY on N3224PX-ON. In case that Aquantia PHY firmware is not in SPI flash attached to the external PHY, PICOS PicOS will get CLD image of Aquantia PHY firmware programmed into the SPI flash. And then reset the external PHY to load Aquantia PHY firmware and make ports up automatically.
131713.8.0.1Cannot Forward Traffic if Link Speed is 5G on N3224PX-ON
If link speed is negotiated to 5G with a connected device, the traffic from the attached device cannot be forwarded. This issue was fixed in 3.8.0.1.
131613.8.0.1Cannot Recognize PoE Device of Class 4-8 on N3224PX-ON
By testing with PoE tester, PD class 4-8 cannot be recognized on N3224PX-ON. This issue was fixed in 3.8.0.1.
131733.8.0.1NAC: Downloadable ACL Rules with L4 Port Range don't Work on Trident3-X3 Platforms
A DACL rules to match a L4 port range cannot be applied to the ASIC hardware on Trident3-X3 Platforms such as Dell N32XX and EdgeCore AS4630. This issue was fixed in 3.8.0.1.
131593.8.0.1PoE Cannot Work on N3132PX-ON
PoE cannot work on specific port randomly on N3132PX-ON. This issue was fixed in 3.8.0.1.
132073.8.0.1

Static MAC Address is Changed to Dynamic on MLAG peer-link Port 

On an MLAG spine switch called spine A for convenience of expression, configure a static MAC address on the peer-link port. If this MAC address is learned on a single-homed port on the peering spine switch, it will be synchronized to spine A on peer-link port. And then the type of this configured static MAC address on the peer-link port is changed to dynamic.

136393.8.0.4

VXLAN Cannot Work on LAG Port

Supposing a LAG is in the network interface of a specific VXLAN instance, if get a member port of this LAG down and then up, the incoming traffic on the access port cannot go into the VXLAN tunnel. This issue is fixed in 3.8.0.4.

136543.8.0.4

802.1X Authorization Failure on VXLAN Access Port

When reset VXLAN configuration from Ampcon SDN controller, 802.1x authorization on the VXLAN access port may be failed. This issue is fixed in 3.8.0.4.

135863.8.0.4

Different MAC Addresses of VRRP IP Returned

In case of active-active VRRP over MLAG, when a client requests the MAC address binding to VRRP virtual IP address via ARP/NS, different MAC address may be returned. This issue is fixed in 3.8.0.4.

136583.8.0.4

Upgrade Failure on SquashFS Platforms

On SquashFS platforms, N3100 and N3000, with customer's configuration, upgrade from 2.11.25.x to 3.8.x will fail. This issue is fixed in 3.8.0.4.

131583.8.0.4

Ports Cannot Link up on S5248

Ports 13~16 and 37~40 and 48 cannot link up.

137723.8.0.6

Traffic with Duplicate Source MAC Received on both MLAG Spine Switches

In some kind of abnormal circumstance, traffic with duplicate source MAC address may be received on both MLAG spine switches at the same time. Therefore, in a specific MALG spine switch, this MAC address will be moved between a single-homed port and the peer-link port. If this kind of traffic is only received on a spine switch after a while, on the other spine switch, the MAC address should be learned on the peer-link port only.

129213.8.0.6

Login ACL Rules Should not Applied to SNMP Access

The configured login ACL rules are also applied to SNMP access. This issue is fixed in 3.8.0.6.

137133.8.0.6

OpenVPN iptables Rules Removed When Restart PicOS

The iptables rules allowing OpenVPN connection between local AmpCon agent and the remote AmpCon server is removed when PicOS is restarted with command such as "systemctrl restart picos". AmpCon agent will have no way to connect to the remote AmpCon server. This issue is fixed in 3.8.0.6.

136893.8.0.6

Have VXLAN Traffic Loop if Underlay Routing Being Changed

If underlay routing is being changed constantly, a traffic loop of VXLAN overlay may appear. Namely, on a specific VTEP, a MAC address of a host is learned on both access port and the network port with regarding a VXLAN instance.

136913.8.0.6

Access Port Disappear After Add/Delete VXLAN Repeatedly

Repeat the procedure, delete VXLAN configuration and then rollback, access ports in a VXLAN instance may disappear when "run show vxlan vni xxxx".

138503.8.0.7

RADIUS/TACACS+ Authentication for NETCONF Session

Authenticated RADIUS/TACACS+ users can access to PicOS switch via NETCONF.

138163.8.0.7

Public Key Authentication for NETCONF Session

Users authenticated via public key can access to PicOS switch via NETCONF. Please note the public keys of a specific user are supposed to be restored at the home directory, i.e ~/.ssh/authorized_keys.


OVS Features

Bug IDReleaseDescription
131503.8.0

OVS Web Service is Still up Even If It is Disabled in PICOS ConfigurationPicOS Configuration

The lighttpd service is brought up by systemd because the setting of the option "WantedBy" in lighttpd.service, which walks around the toggle option (ovs_enable_lighttpd=false) in /etc/picos/picos_start.conf.

...