Smart Ringswitch Software Release 4.4 ===================================== Release date: May 2002 Copyright (c) 2002 Madge Networks Ltd. Table of Contents ================= 1. Introduction 2. Software Version Information 3. What's New 3.1 New Features 3.2 Bug Fixes Since Release 4.3 4. Release Notes 4.1 New Issues and Restrictions in Release 4.4 4.2 Ongoing Issues from Previous Releases 4.3 Hints and Tips 5. How to contact Madge for support and new software 1. Introduction =============== This file contains the latest information about the Smart Ringswitch Software Release 4.4, including software version data and full release notes. Please Note: The software in this release is for the Smart Ringswitch Express, Ringswitch Express Select and Smart Ringswitch Plus only. Please read the Release Notes in section 4 before installing the software. 2. Software Version Information =============================== Software Version File Name ------------------ -------- ------------ TrueView platform 6.10 TrueView.exe Ringswitch Manager 4.33 rstv.exe Configuration Manager 3.01 contv.exe Service Manager 2.06 srvtv.exe Alert Manager 6.06 alerttv.exe Multi-download image 4.40 rel4_4.bin FDDI module microcode 2.16 srsf216r.bin Ringswitch microcode 4.40 srpw440r.bin Notes: The Multi-download image contains: - runtime microcode 4.40 - boot flash upgrade 4.09.02 - ATM Firmware 3.10 - HSTR XL Firmware 1.00.25 - TLS Firmware 1.06 - HSTR XLA Firmware 1.01.01 - Ethernet Firmware 1.01.07 - Gigabit Firmware 1.04.01 Updating to Smart Ringswitch Software Release 4.4 We recommend performing the software update in the following order. Failure to do so may cause problems. 1. Update your TrueView management software. ============================================ Note: The TrueView Management software in this release is 32bit and can not be installed over an old 16bit version. A database conversion program is also installed so you can convert your 16bit TrueView database files and layouts to your new 32bit version. Other 32bit Managers are available from the Madge website (www.madge.com). 2. Upgrade your microcode:- =========================== EITHER 2a.The 'Upgrade Code' option. ============================= To use the 'Upgrade Code' option, (right mouse click on the Reset button, and select the 'Upgrade code' menu item) which will automatically download all relevant files including Switch boot code, Switch microcode, and microcode for installed modules. Note: The Ringswitch will reboot twice during this process. DO NOT ATTEMPT MORE THAN ONE DOWNLOAD SESSION AT THE SAME TIME AS THIS WILL CAUSE THE RINGSWITCH DOWNLOAD TO FAIL. If too many other processes are running on the machine while download is occurring the download may fail and need to be repeated. OR 2b. The active download method. =============================== Using Active Download, right mouse click on the reset button, and select the 'Download (active)' menu item. Select the runtime microcode and start the download. Reboot the switch when this download has finished. Again using Active Download, select the Multi-download image rel4_4.bin and start the download. After the Multi-download is complete, reboot the switch to complete the upgrade. (See 'Getting Started: Smart Ringswitch Family' part number 100-315-09 before adding or removing any option modules) 3. What's New in release 4.4 ============================ 3.1 New Features ================ a) SNMP Security ================ This latest version eliminates the SNMPv1 vulnerabilities for the Ringswitch. This vulnerability existed in the decoder & encoder implementations. The ASN.1 BER Encoder / Decoder was unable to handle the NULL tag values. This is now fixed. b) TLS module ================= The Third Layer Services module can now support load balancing in an ECMP(Equal Cost Multi-Path) environment. Additional software required for this feature is available from Madge by special request. Please contact Madge Sales or Technical Support for details. 3.2 Bug Fixes since Release 4.3 =============================== * The previous versions didn’t have a valid checking for the Multicast type range. This is fixed in this version by correctly making a comparison with Broadcast type range. * In the previous version the Ringswitch used to reset under an IPX SAP broadcast. The previous version did not contain the switching of a thread for ticking the watchdog timer while handling IPX frames. The fix in this version implements the periodic ticking of the watchdog timer, so as not to let the timer go-off in the event of a broadcast storm of IPX SAP traffic. * The previous version causes a reset ( 07 : 43) triggered by the timeout of the watchdog timer while handling the IPX , IP & SNMP frames, as the thread gets blocked. Potential fix for the above in case of IPX causing the reset. * Fix for the reset 13:81’s caused by the NDS resolve name reply (intermittent reset/crash) on Ethernet. Bug in the Ethernet Module. Updated the ethr from ver 1.01r to ver 1.01.07. Fix for reset 13:81’s caused by the NDS resolve name reply (intermittent reset/crash) on Ethernet. Bug in the Gigabit Ethernet Module. Updated the gigr from ver 1.03r to ver 1.04.01 * The ARE frames were blocked at the Switch having the Ethernet uplink. The problem was because of the Ethernet rules implemented to avoid broadcast loops at the Ethernet end. The fix involved disabling the source route blocking rule already implemented for the ARE forwarding on the Ethernet uplink which now enables the forwarding of the ARE frames. The spanning tree implementation takes care of the Loops. * The changes done in patch 4.33.03 for the periodically ticking of the watchdog timer was improper as the ticking occurring was at a very fast rate. This gave rise to problems of late ping replies and also SNMP Timeouts when ARE frames are flooded on the port as the thread are busy in ticking rather than handling the frames. This version contains the fix for the late ping replies, SNMP timeouts and also takes care of the WDT. 4. Release Notes ================ Sections 4.1 and 4.2 cover issues and restrictions relating to this software release. Section 4.3 provides some general hints and tips. Some additional documentation can be found on the CD under the directory '\online_docs'. Use the index.pdf file to browse and access these files. 4.1 New Issues and Restrictions =============================== a) Gigabit module ================= i) Spanning Tree loops can occur in a Source Routed environment when multiple routes to an Ethernet network exist. Read 'Source Route networks: why Spanning Trees must block on Gb Ethernet' from the Ringswitch Online Help. This can be found by selecting the contents page, then selecting 'Using Ringswitch Manager' --> 'Using a Gigabit Module' --> 'Gigabit Ethernet connections and Spanning Tree' ii) Auto-negotiation on the Gigabit module only functions if both interfaces support and enable auto-negotiation. If this is not possible, then both interfaces should be manually configured. iii) If jumbo frame support (>1.5Kbytes) is used, then it must be configured on both the Gigabit module and all gigabit Ethernet switches in the enterprise to ensure full connectivity. If only some devices are configured to large frame sizes, then connectivity will be lost when, for example, a Token Ring endstation sends large packets. iv) Jumbo frame sizes are only possible with Ethernet II type frame formats. All other Ethernet frame formats use a length field which has a maximum value restricting the total frame size to 1514 bytes. v) If the Gigabit module is configured for source route forwarding, then all unknown, multicast and broadcast frames from Ethernet are transmitted onto token-ring as spanning tree explorer frames. This means that they will not be forwarded to any transparent-only ports on the Ringswitch. b) TFTP configuration upload and download ========================================= i) Prior to this release, the Configuration Manager, using SNMP upload and download, only supported backing-up and restoring configuration data relevant to Smart Ringswitch Software Release 3.0 and earlier. Specifically, it did not backup configuration data for TLS, Ethernet, Gigabit, HSTR and ATM modules or protocol filtering. We do not recommend you download SNMP config files onto Ringswitch Software Releases after release 3.0. TFTP configuration data upload and download supports all configuration information in Release 4.4. ii) Configuration data can only be downloaded to a Ringswitch that is 'equivalent' to the one from which the configuration data was uploaded. In this context, 'equivalent' means : - Both Ringswitches must have the same modules in the same slots. The hardware revision of these modules is not important. - The microcode running on the download unit must be the same or a later version than that running on the upload unit. iii) Once the configuration data has been downloaded, the receiving Ringswitch will reboot immediately so it can use this configuration information. c) Microcode downloads ====================== i) A timed download can be performed on a Ringswitch. To perform a timed download, select the Ringswitch from the main TrueView window, then, in the Timed download dialog, click the 'Select Icons from the Map' button. (Then, you will not need to complete all the fields in the Timed download entry dialog.) If you prefer, you can select a Ringswitch for Timed download using its IP or IPX address. However, if you do this, you have to complete the Write password field in the Timed download entry dialog using the password you have set or the default password of 'public'. ii) Download will fail if downloading using IPX to a Ringswitch from an Ethernet workstation via an Ethernet or Gigabit Module. However if IP is used, then the download will work. This is due to an embedded MAC address in the SNMP request sent by TrueView not being converted to noncanonical format. See TrueView online help: 'Specifying an Ethernet address in noncanonical format'. (This help file can be found by searching for 'canonical' in the TrueView help, or via a link from the online help for 'SNMP Authorization' dialog box.) To work around this problem, create a Server Alias from the download dialog box for the Ethernet workstation with the Node address being that of the workstation but in noncanonical order. iii) The individual microcode files have been provided on the CD in '\TrueView\Mcode\Rswitch\'. We strongly recommend that you carry out a standard installation with all the components together. We do not recommend using the files individually because of the risk of running untested or incompatible microcode version combinations. The files are :- Gigabit: Gig10401.bin ATM: Srsa310r.bin Ethernet: Eth10107.bin Hstr Xl: Hstr1025.bin Hstr Xla: Hstx1101.bin Tls: Tls1600.bin Boot113: Srpb4902.bin Boot113b: Srpv4902.bin iv) The TrueView error TV0170 'File name and path are too long. Please move file to shorter path and retry', can occur when the download file is not valid for the Ringswitch. For example, if you try to download the boot113b code, srpv4902.bin, to an older CPU-3 Ringswitch you can get this message. 4.2 Ongoing Issues from previous releases ========================================= * To operate the TLS module, you need to update the microcode to version 4.2 or later. Some TLS functionality is possible under the manager 4.0 with microcode 4.08. However running the TLS in this condition has not been tested and so is not supported. * When the TLS module has been configured, please note that the TLS leg port list needs to be updated whenever you change the Ringswitch blades, or alter the subnets that ports are attached to. (To open the leg port list, right click on the TLS blade and select Leg Info.) * On the TLS module, changing the OSPF cost of a leg causes the port to close, but it then fails to reopen. Disabling and enabling the port will bring the port back up. * Although NLSP translational bridging is supported on the Gigabit module, it is not supported on the 2-Port Ethernet module. As a result, Novell Netware networks using NLSP rather than RIP/SAP will not be able to see servers across the Ethernet Module. To work around this problem, configure a server on the same IPX segment as the Ethernet Module to use RIP/SAP routing rather than NLSP. As NLSP is designed to integrate with RIP/SAP networks, this allows full communication of all servers via the Ethernet Module. * For the Ethernet module, a straight-through cable should be used to connect to an MDIX port, such as a third party hub or switch. A cross-over cable is required to connect 10/100 module ports to another MDI port such as a 10/100 adapter, a DeskStream Ethernet Module port, or another Ringswitch Ethernet port * LEC Configuration:- When an LEC is configured without specifying an ELAN name, the Ringswitch does not remember the ELAN type when the Ringswitch is rebooted. Specifying an ELAN name solves this problem. * Trap Destinations:- When limiting trap destinations, do not enter both IP and IPX addresses. Some traps are not dispatched when the device is managed using IPX and IP, and IPX and IP trap destinations are specified. If HP Open View is also present on a machine running TrueView, this can cause TrueView problems with traps. * Active Download to FDDI:- The active download functionality is not supported by the FDDI module. To download new code to an FDDI module, you must use the normal download method. * User List Dialog:- If the dialog is open for a long period of time, the 'time since last seen' for some users may stop updating. This is due to the user being timed-out of the list, but not being removed from the dialog. Closing the dialog and re-opening it will remove these users. * GroupSwitch Module Fault Manager:- Traps (Alerts) for Ring Purge or Beacon errors may not be received by TrueView Alert Manager if TrueView is on the same GroupSwitch Hub as the device causing the fault. If the fault action is set to 'Remove', the offending node will still be removed from the network. No alert will be logged. * Source Routing Protocols and Transparent Forwarding:- With certain protocols, it is not possible to turn off Source-Routing. Every frame transmitted from a client running these protocols will therefore contain Source-Routing information. If the Ringswitch is in a Transparent environment, it will ignore any frames that contain Source-Routing information. It will not be possible to communicate across the Ringswitch using these protocols in a Transparent only environment. Further details of this problem can be found on Microsoft's TechNet CD, PSS ID Number: Q120269. The protocols that we have experienced this problem with are: - Microsoft LAN Manager Client running NetBEUI - Microsoft LAN Manager Client running TCP/IP - Microsoft Windows for Workgroups running NetBIOS - Microsoft Windows for Workgroups running TCP/IP - Windows 95 running NetBEUI - Windows 95 running TCP/IP - Madge Smart NETB and Microsoft LAN Manager Client This problem can be avoided by changing the Ringswitch's forwarding mode to source-route transparent plus and setting all the ring numbers to the same value. Note: This option will not work if there are any source routing bridges on your network, or you do not set all the ring numbers to the same value. * NT support on FDDI:- The FDDI NDIS 3.x Windows/NT driver does not currently support source-routing. It is therefore not possible to attach to an NT server on the FDDI ring from a Token Ring client. This problem is documented by Microsoft on their TechNet CD, PSS ID number Q142706. * Network access using IPX over Winsock on Windows 95:- TrueView uses Winsock supplied with Windows 95/98/NT to communicate with network devices that are managed over IP & IPX. In circumstances where Windows 95 Winsock can not locate a route to the requested IPX network, the TrueView display may appear to "freeze" for up to 20 seconds at a time. This will only occur in an IPX routed network. If only IP is used or TrueView is running under Windows NT the problem will not occur. This could happen as a result of an IPX router going down or if a device is manually added to TrueView with an invalid IPX network number. * TrueView can't communicate via IPX if IP is not installed. TrueView uses Winsock to communicate via both IP and IPX and Winsock not installed unless the IP stack is installed. 4.3 Hints and Tips ================== Copper to Fiber converters for HSTR It is possible to use a fast Ethernet copper to fiber converter on the Ringswitch HSTR modules. We have successfully used an NBASE NX 3101F0 Fiber Optic converter:- - Modify the pinouts for the patch lead between the copper HSTR port and the fiber converter. RJ45 pins HSTR (802.5) Fast Enet (802.3u) 1 nc TX+ 2 nc TX- 3 TX-A (+) RX+ 4 RX-A (-) nc 5 RX-B (+) nc 6 TX-B (-) RX- 7 nc nc 8 nc nc Note: Fast failover will not work if the links contain copper to fiber converters. RMON Support The Ringswitch supports 4 RMON modes on each Token Ring port: None - RMON is disabled on this port MAC Frames Only - Only MAC frames will be monitored All Frames - All frames will be monitored All Frames to Address - All frames destined for a specified node address will be monitored. This mode is not supported on Ringswitch 4-Port Modules with a hardware revision of 0, 1, 2, 3 or 7. To check the hardware revision of the 4-Port module look at the Ringswitch LCD The recommended setting is to enable 'MAC Frames Only' on all ports where you may want to use RMON. If you wish to use 'All Frames' (for instance if you wanted to access the Promiscuous Statistics on a port) you can use Ringswitch Manager to change the RMON mode for a single port. This will not disrupt the network. Enabling RMON on a port where RMON is currently disabled will cause the port to re-open and may disrupt the network. Running 'All Frames' RMON on more than one port simultaneously is not supported. Madge does not recommend using RMON in 'All Frames' mode when 18K support is enabled. Note: RMON must be enabled globally using TrueView before any statistics are available. Version of Ringswitch Boot ROM Ringswitches with very early versions of Ringswitch Boot ROM cannot have FDDI or ATM modules installed until the Boot ROM has been upgraded. If the Boot ROM in the Ringswitch has a version number earlier than 1.00.42, it must be upgraded before any microcode is downloaded to the Ringswitch. If your Boot ROM requires updating, you should contact your local Madge Technical Support Office. Novell NetWare servers with source-routing on FDDI If you are using Novell servers with source-routing on a FDDI ring, an extra parameter will be required when loading ROUTE.NLM. This prevents every frame being sent out from the server as an all-route broadcast. On every FDDI adapter in a Netware server on the FDDI ring, ROUTE.NLM should be loaded as follows: LOAD ROUTE BOARD=x LSB (where x denotes the board number) This parameter will work with all versions of Netware and ROUTE.NLM. FDDI Protocol fixups status must be consistent on all Ringswitches If you have multiple Ringswitches with the FDDI modules installed, protocol fixups must be enabled or disabled for every Ringswitch on the same LAN. If protocol fixups are enabled on a number of Ringswitches and disabled on others, the Ringswitches will not be able to communicate. (See next issue also.) Order in which FDDI protocol fixups are enabled or disabled If you wish to change the status of the protocol fixups, you should enable protocol fixups on the Ringswitch logically furthest from the management station first, and the Ringswitch logically closest to the management station last. If this procedure is not followed, you will be unable to communicate with subsequent Ringswitch devices to enable protocol fixups. Aborted frames and line errors In some cases, PC network adapters may generate aborted frames, for example, if bus timing problems prevent the complete frame being transmitted within the time available. These aborted frames are not visible on the ring. If the Ringswitch receives an aborted frame, it generates a frame with a CRC error on the output port. This will be reported as a line error on the ring attached to the output port. If large numbers of line errors are reported, we recommend that the station(s) generating aborted frames should be identified and corrected. This problem is only visible when the Ringswitch is in cut-through mode, as the Ringswitch cannot tell that a frame it is forwarding has been aborted until it has started sending the frame. Connection over Fiber to Ring-In/Ring-Out If you are connecting a Ringswitch to a Madge SmartCAU Plus or other IBM compatible device, select the option for a RI/RO port in TrueView. The use of alternative port configurations is not supported. We do not recommended connecting the cable to a stand-alone Madge CAU RO port. 5. How to contact Madge for support and new software ==================================================== World Wide Web -------------- Visit Madge Networks at http://www.madge.com ftp.madge.com For all software downloads (including previous versions), visit http://www.madge.com/downloads-software.asp Contacting Madge Networks ------------------------- For technical support go to the website to find the appropriate low tariff telephone number or email contact: http://www.madge.com/support.asp ***** End of README *****