MVRP Support

Multiple VLAN Registration Protocol (MVRP) is a Layer 2 messaging protocol that is used to create and manage VLANs automatically and dynamically in order to reduce the complication and errors of manual management of VLANs. With MVRP enabled, the configured VLANs on one switch can be distributed through all active switches within the network domain. Please have the details by reference of document MVRP.

L2 Traceroute

The Layer 2 traceroute help to find out the Layer 2 path from a source device to a destination device within a specific VLAN by giving the unicast MAC address of the destination device. When run this Layer 2 traceroute tool, will display the system MAC address and ingress & egress ports of each device on the path. Please have the details by reference of document MAC Trace.

Check PoE Status on AS4630_54NPE and AS4630_54PE

PoE status is covered in system diagnosis report when the switch boots up on AS4630_54NPE and AS4630_54PE.

License Update

New items, "Feature Speed" and "Subscription Type", are added on license portal. The 40G and 25G switches are separated from 10G switches with respect to licensing. PICOS 4.3.3 supports these new items as well as be back compatible with old license keys.

MSTP Process Crash

The process of MSTP may crash in the environment of running MSTP over MLAG. This issue is fixed in 4.3.3.3.

MTU on L3 Interface

The jumbo packets with size over 1500 cannot be routed out of the switch by default even though the MTU on the associated physical ports is reset to a number big enough. If reset the MTU of the L3 interface, the jumbo packets generated by CPU will be dropped by the virtual bridge in the Kernel. Additionally, when upgrade to 4.3.3 or 4.3.3.1 from 4.3.2, the configuration will be dropped if the L3 MTU is reset a number over 1500. This issue is fixed in 4.3.3.3. The MTU of L3 interface is not needed to be configured for routing jumbo packets in data plane.

Failed to Be Authenticated by Going with ClearPass TACACS+

If connect to a ClearPass TACACS+ server, a user is failed to be authenticated with prompt message "authentication error , wrong password". This issue is fixed in 4.3.3.3.

Duplicate Traffic in Multihoming EVPN

It is possible that VPLAG of a specific remote ES (Ethernet Segment) cannot succeed to be created on a VTEP. That will lead to duplicate traffic between 2 connected hosts in multihoming EVPN environment. This issue is fixed in 4.3.3.1.

VXLAN Tunnel is Down in Multihoming EVPN

A VXLAN tunnel connecting to a VTEP of a specific ES (Ethernet Segment) in remote multihoming EVPN site may be down when the link to the client host within this ES is down or a VTEP in this ES is rebooted. This issue is fixed in 4.3.3.1.

Delete remote-as BGP Neighbor

If delete remote-as of a BGP neighbor, other sub-nodes under this BGP neighbor must be deleted firstly. Otherwise, it will be failed with prompt error message if execute "commit" or "commit check".

OSPF max-metric cannot be Enabled Administratively

When commit "set protocols ospf max-metric router-lsa administrative", it will fail. This issue is fixed in 4.3.3.

4K Built-in Entries in L2 Table

When PICOS boots up, there are 4K built-in entries in L2 table corresponding to each VLAN. In 4.3.3, if only a VLAN is configured on a specific port, will create a L2 entry pointing to the CPU port, matching system MAC address and this VLAN, in L2 table.

Enable Tagged/Untagged for Private VLAN

When add a private VLAN to a trunk port, this VLAN can be specified as tagged or untagged as a common VLAN.

BPDU Guard Enabled Ports Get Blocked(4.3.2.2)

When LLDP frames are received with destination MAC address 01:80:C2:00:00:00 on the ports with BPDU guard enabled, the ports will be blocked because the frames are identified as BPDU mistakenly based on the destination MAC address. This issue is fixed in 4.3.2.2. If the ethertype is 0X88CC, the frames with destination MAC address 01:80:C2:00:00:00 should be recognized as LLDP other than BPDU.

Firewall Filter Can be Applied to Only Maximum 64 Output Interfaces (2.11.11.2-s1)

A firewall filter can only be applied to maximum 64 output interfaces. This restriction is unnecessary and removed in this version.

PICOS Crashes When Assigning a VLAN by Name Instead of ID (4.3.2.2)

VLAN names are not allowed to be added to "vlan members" on trunk ports. Will give prompt error message if commit that kind of configuration.

SIF Crash (4.3.2.2)

The process pica_sif crashes occasionally on an EVPN switch in either of the following two cases:

• Get all VXLAN network interfaces down.
• l3-interface over a L2 VNI is not configured when arp-nd-suppress is enabled.

Fail to Include Information from BCM Tool in tech_support (4.3.2.2)

When execute "run show tech_support", cannot generate the hardware information from BCM tool with error message ".Bsh open log file failed".

Maximum number of dynamic-author Clients (4.2.3.7)

Lift the maximum number of RADIUS dynamic-author clients from which the switch accepts Change of Authorization (CoA). Allow to configure maximum 20 dynamic-author clients.

Cannot Configure 5G/10G to auto-speeds 4630-54NPE (4.2.3.7)

If the speed of ports, from ge-1/1/37 to ge-1/1/48, is under auto mode, the speed cannot be negotiated into 5G/10G with the peer device. Additionally, 5G/10G cannot be configured to auto-speeds on these ports. This issue is fixed in 4.3.3.

Routing Doesn't Work on L3 Interface over VLAN 1

Directly connected routes cannot be generated on L3 interface over VLAN 1. For example, cannot ping the IP address configured on L3 interface over VLAN 1.

OVS Command "set-port-name" Cannot Work on Unbreakable xe Ports (4.3.2.2)

In PICOS 4.3.2, the OVS command "set-port-name" cannot rename unbreakable ports, for example, xe-1/1/2 on AS5835. This issue is fixed in 4.3.2.1. All ports can be renamed by set-port-name.