Aktualizacja FortiSwitch do wersji 6.0.2. wnosi kilka nowych właściwości produktu, o których warto tutaj wspomnieć. Mowa tutaj o nowych kolumnach w fizycznych interfejsach FortiSwitcha, czy zmianie miejsca wyświetlania pewnych danych lub ich kombinacji. Więcej poniżej!
Nowości:
- Nowa kolumna na stronie interfejsy portów fizycznych (Switch> Interface> Physical) pokazuje ruch dla każdego z nich w ciągu ostatniego dnia.
- Podobną nowością jest kolumna która wyświetla kiedy dodatkowe adresy IP, DHCP relay, oraz VRRP są włączone na stronie interfejsy systemu fizycznego (System > Network > Interface > Physical).
- Strona Switch > Port > Physical oraz Switch > Port > POE zostały połączone
- Adresy MAC są teraz wyświetlane na stronie Switch > MAC Entries
- Możesz użyć nowej strony Swtich > POE, aby skonfigurować ustawienia PoE dla całego Switcha, zamiast konfigurować każdy port.
- FortiSwitchOS obsługuje teraz dynamiczne przypisanie sieci VLAN według nazwy grupy.
- Możesz teraz użyć interfejsu CLI i GUI, aby wybrać dwie nowe szybkości portów (interfejs miedziany 10 Gb/s i interfejs SFI 10 Gb/s) dla portów SFP+ na obsługiwanych urządzeniach FortiSwitch.
- Funkcja flap-guard została ulepszona:
Możesz teraz skonfigurować stan flap-guard, aby zachować ustawienie po zrestartowaniu switcha. - Teraz można ustawić osłonę flap-guard na każdym porcie zamiast ustawiania na całym przełączniku.
- Obszar operacji na pulpicie nawigacyjnym wyświetla teraz wykres temperatury dla modeli FortiSwitch, które mają
czujniki temperatury.
Rozwiązane problemy:
Bug ID Description
481151 When IGMP snooping and PIM are enabled on the same VLAN, multicast traffic might still flood.
488359 When the same host joins multicast groups from different sources, all multicast routes are deleted if some of the sources are set to Exclude (Record Type 2).
489769 In a two-tier MCLAG topology, some second tier FortiSwitch MCLAG peer groups have high levels of STPD processing.
497248 After enabling mclag-stp-aware, there are “STP state DISCARDING” errors, and some switches go down.
502742 The output of the get switch modules summary command does not identify 10G SFP+ modules correctly.
506762 The FortiSwitch unit cannot be accessed through the GUI or SSH after an IP camera is connected to it.
507257, 511286, 514884, 515100, 515388, 518410 Managed switches randomly go down until the switch-controller CAPWAP control daemon is restarted on the switch.
507488 STP caused network disruption after distribution switches were added to a one-tier MCLAG topology.
507967 After enabling strong-crypto on a FortiSwitch unit in standalone mode, the switch cannot be accessed by SSH.
509043 When the power consumption is more than 25.5 watts, the get switch poe inline command returns the wrong value for power consumption.
509113 A user cannot log in to the GUI with remote admin credentials using a TACACS server.
509115 When a RADIUS administrator account is set up to accept wildcards, the FortiSwitch unit forwards the wildcard name to the RADIUS server instead of the user name.
509427 Logging in to the GUI does not work with the user is configured on an LDAP server.
510229 A user cannot ping between D-series switches and E-series switches when they have different native VLAN configurations on the internal interface and uplink interface.
510885 Error messages refer to initXXXXXXXXXXX instead of the appropriate daemon.
511172 The default interval for DNS resolution for the FortiSwitch Cloud needs to change from 15 to 45 seconds.
511654 “(Class A, B, C)” needs to be removed from the sFlow Collector page (Switch >sFlow).
511802 “Sequence Number” needs to be changed to “ID” for the Router > Config > Static page, Add Static Route page, and Edit Static Route page
511909 Some of the values in the output of the diagnose switch physical-ports cable-diag command are wrong.
511995 After a port is disabled and then enabled, the BPDU guard state machine is not updated.
513389 When the VM is moved to a new switch, the MAC address table entry for the VM is not updated automatically.
513937 When a laptop is connected to a switch, there is a delay in the ARP response for the gateway IP address.
514783 The config switch-controller custom-command command does not work in multi-tier managed FortiSwitch topologies.
517534 An “IP Conflict” message is displayed for a VRRP configuration.
518683 The execute switch-controller custom-command command does not work with an admin account configuration.
Znane problemy do rozwiązania:
Bug ID Description
380239 IGMP-snooped multicast groups are not immediately flushed out of the snooping table when the querier port is shut down.
391607 Switch does not send gratuitous ARP for IP conflict when the system boots up and adds a new switch virtual interface (SVI).
414972 IGMP snooping might not work correctly when used with 802.1x Dynamic VLAN functionality.
416655 When using DHCP, the IPv6 address cannot be configured. Also, the automatic configuration of the global address does not work.
438441 DHCP snooping and dynamic ARP inspection (DAI) do not work with private VLANs (PVLANs).
480605 When DHCP snooping is enabled on the FSR-112D-POE, the switched virtual interface (SVI) cannot get the IP address from the DHCP server.
488044 On a Protocol Independent Multicast (PIM) topology using the assert mechanism, when the assert winner lost the route to the source, no multicast route was created, and the multicast traffic stopped.
510943 When using the cable diagnostics feature on a port (with the diagnose switch physical-ports cable-diag CLI command), ensure that the physical link on its neighbor port is down. You can disable the neighbor ports or physically remove the cables.
521441 The “internal” system interface does not perform hardware offloading of routes and is only software forwarding. Users can use VLAN switched virtual interfaces for full hardware offloading.
Pozdrawiamy,
Zespół B&B
Bezpieczeństwo w biznesie
