Dell™ Networking PC8100/N4000/N3000/N2000/N1500 series switches

Dell Networking
6.2.6.6 Firmware Release Notes

Date: September 2015

System Firmware Version 6.2.6.6

Information in this document is subject to change without notice.

© 2003 – 2015 Dell Inc. All rights reserved.

Reproduction in any manner whatsoever without the written permission of Dell Inc. is strictly forbidden.

Trademarks used in this text: Dell, the DELL logo and PowerConnect are trademarks of Dell Inc; Intel and Pentium are registered trademarks and
Celeron is a trademark of Intel Corporation; Microsoft and Windows are registered trademarks of Microsoft Corporation.
Other trademarks and trade names may be used in this document to refer to either the entity claiming the marks and names or their products. Dell
Inc. disclaims any proprietary interest in trademarks and trade names other than its own. All rights reserved. This document may not, in whole or
in part, be copied, photocopied, reproduced, translated, or reduced to any electronic medium or machine-readable form without the prior written
consent of Dell. Dell reserves the right to make changes without further notice to any products or specifications referred to herein to improve
reliability, functionality or design.

Reproduction, adaptation or translation without prior written permission is prohibited, except as allowed under the copyright laws.
Table of Contents

Introduction 1

Global Support 1

Firmware Specifications 1

Firmware Upgrade 2

Firmw are Dow ngrade 3

Boot Code Dow ngrade 4

Hardware Supported 4

Matrix 5

Supported Firmw are Functionality 5

Added Functionality in this Release 6

Changed Functionality in this Release 8

Issues Resolved 9

CLI Reference Guide Update 23

radius-server attribute 31 .................................................................................................................................... 23
Ip http timeout-policy........................................................................................................................................... 24
switchport mode dot1q-tunnel ............................................................................................................................. 28
switchport dot1q ethertype.................................................................................................................................. 29
switchport dot1q ethertype.................................................................................................................................. 31
show switchport ethertype .................................................................................................................................. 32
show dot1q-tunnel .............................................................................................................................................. 33
show interfaces switchport.................................................................................................................................. 34

User’s Configuration Guide Updates 36

Known Issues 39

Known Restrictions and Limitations 46

End of Release Notes 48

2 System Firmware Version 6.2.6.6

Dell Networking N1500/N2000/N3000/N400 Series Switches Release Notes

Introduction
This document provides specific information for the Dell Networking
N4064/N4064F/N4032/N4032F/PC8132/PC8164/PC8132F/PC8164F/N3048P/N3048/N3024P/N3024/N3024F/N2048P/N2048/
N2024P/N2024/N1548P/N1548/N1524P/N1524 switches firmware version 6.2.6.6

It is recommended that this release note be thoroughly reviewed prior to installing or upgrading of this product.

Global Support
For information regarding the latest available firmware, release note revisions, or additional assistance, please visit
support.dell.com.

Firmware Specifications

Firmware Version
Firmware Image Name Version Number Release Date
N4000v6.2.6.6.stk 6.2.6.6 September 2015
N3000_N2000v6.2.6.6.stk 6.2.6.6 September 2015
N1500v6.2.6.6.stk 6.2.6.6 September 2015

Version Numbering Convention

Version number Description
Dell Networking 6 2 6 6 Four part version number
Series
 Denotes the build number.
 Denotes an ad hoc release of the product software.
 Denotes a scheduled maintenance release of the product software.
 Denotes a major version number.

System Firmware Version 6.2.6.6 Page 1

Firmware Upgrade
Dell Networking N3000/N2000 series switches support firmware version 6.0.1.3 or higher (6.2.6.6). If an N3000/N2000 switch
has an earlier version of firmware (for example, 6.0.0.7), download the latest firmware release version from support.dell.com and
upgrade the switch. It is recommended that the latest version of switch firmware (6.2.6.6) be used as it contains multiple bug
fixes and enhancements.

Dell Networking 8100 series switches can support both 5.x.x.x and 6.x.x.x firmware versions. Dell Networking N4000 Series
Switches support 6.0.0.8 or later firmware. Both Dell Networking 8100 Series and Dell Networking N4000 Series Switches
shares the same firmware image version from 6.0.0.8 firmware release onwards (for example. N4000v6.2.6.6.stk). After
upgrading Dell Networking 8100 Series Switches to firmware version 6.0.0.8 or later, the System Model ID will show as N4000
in CLI, Web UI and SNMP interfaces.

Dell Networking 8100 series switches can be stacked with Dell Networking N4000 series switches. Dell Networking N4000
series switches require firmware version 6.0.0.8 or later and cannot be downgraded to 5.x releases. If N4000 series switch is to be
deployed as a member within a stack of 8100 series switches, the entire stack will be required to run 6.0.0.8 or later firmware.

Administrators upgrading Dell Networking 8100 series switches from 5.x.x.x or 6.x.x.x versions of firmware MUST follow the
instructions documented in the Upgrading Dell Networking 8100 Series Switches from Version 5.x.x.x or 6.x.x.x to 6.2.6.6
Firmware procedure. It is strongly recommended that you save your current configuration when upgrading your firmware.
Failure to follow the procedures described in that document when upgrading from 5.x.x.x or 6.x.x.x firmware may result in an
inoperable switch!

Administrators upgrading Dell Networking N4000 series switches from 6.x.x.x versions of firmware MUST follow the
instructions documented in the Upgrading Dell Networking N4000 Series Switches from Version 6.x.x.x to 6.2.6.6 Firmware
procedure. It is strongly recommended that the current configuration be save to flash when upgrading the firmware. Failure to
follow the procedures described in that document when upgrading from 6.x.x.x firmware may result in an inoperable switch!

Administrators upgrading Dell Networking N3000 and N2000 series switches from 6.x.x.x versions of firmware MUST follow
the instructions documented in the Upgrading Dell Networking N3000_N2000 Series Switches from Version 6.x.x.x to 6.2.6.6
Firmware procedure. It is strongly recommended that you save your current configuration when upgrading your firmware.
Failure to follow the procedures described in that document when upgrading from 6.x.x.x firmware may result in an inoperable
switch!

2 System Firmware Version 6.2.6.6

Dell Networking N1500/N2000/N3000/N400 Series Switches Release Notes

IMPORTANT: Below Dell Networking N4000 Series switches with HW revision of 4 require firmware
version 6.2.6.6 or later and cannot be downgraded to earlier 5.x.x.x/6.1.x.x/6.2.x.x releases. Dell Networking
N4000 series switches with HW revision of 4 can be stacked with N4000/PC8100 series switches with HW
revision of 3 or older. If N4000 unit with HW Rev.4 is to be deployed as a member within a stack of
N4000/PC8100 Series switches with HW revision of 3 or older, the entire stack will be required to run 6.2.6.6
or later. The “show version” CLI command will help to identify the Switch Hardware version of the switch.

Part Numbers for Dell Networking N4000 Series P/N

Dell Networking N4032 M0P6C
Dell Networking N4032 TAA 2DM31
Dell Networking N4032F JH9TW
Dell Networking N4032F TAA 9FPR2
Dell Networking N4064 4DP8H
Dell Networking N4064 TAA M40JD
Dell Networking N4064F G4H0V
Dell Networking N4064F TAA J7YMY

Firmware Downgrade
Downgrading from 6.2.6.6 to an earlier 5.x.x.x release is supported only on Dell Networking 8100 series switches. It is NOT
supported on Dell Networking N4000/N3000/N2000 switches. Migration of configuration information from a later release to an
earlier release is not supported. It is strongly recommended that the current configuration be save locally (i.e., not on the switch)
prior to downgrading the firmware. The existing configuration may or may not work with the earlier version of firmware,
therefore, it is best to be physically present at the switch site and to be prepared to access the switch over the serial port if
necessary when downgrading firmware.

Auto-downgrade of a stack is enabled by default. To avoid accidentally downgrading a stack, be sure to disable auto-downgrade
(CLI command: no boot auto-copy-sw allow-downgrade).

Dell Networking N4000 series switches can only run firmware version 6.0.0.8 or later firmware (6.2.6.6). Dell Networking 8100
series switches can run firmware versions 5.x.x.x or 6.x.x.x firmware. It is possible to stack N4000 switches with 8100 switches.
This means that mixed stacks of N4000 and 8100 switches must both run the same version of 6.x.x.x firmware and cannot run
5.x.x.x firmware.

System Firmware Version 6.2.6.6 Page 3

Boot Code Downgrade
Never downgrade the boot code! The 6.2.6.6 boot code supports all earlier versions of firmware and never needs downgrading.

Hardware Supported
• Dell Networking N4064 Ethernet Switch
• Dell Networking N4064F Ethernet Switch
• Dell Networking N4032 Ethernet Switch
• Dell Networking N4032F Ethernet Switch
• Dell Networking 8100 Series Ethernet Switch
• Dell Networking N3048P Ethernet Switch
• Dell Networking N3048 Ethernet Switch
• Dell Networking N3024P Ethernet Switch
• Dell Networking N3024 Ethernet Switch
• Dell Networking N3024F Ethernet Switch
• Dell Networking N2048P Ethernet Switch
• Dell Networking N2048 Ethernet Switch
• Dell Networking N2024P Ethernet Switch
• Dell Networking N2024 Ethernet Switch
• Dell Networking N1524 Ethernet Switch
• Dell Networking N1524P Ethernet Switch
• Dell Networking N1548 Ethernet Switch
• Dell Networking N1548P Ethernet Switch

4 System Firmware Version 6.2.6.6

Dell Networking N1500/N2000/N3000/N400 Series Switches Release Notes

Matrix
Since not all functionality is supported on all switches, the following matrix identifies the major differences among the Dell
Networking switch models. A check mark indicates support for the feature. All other features listed in the release notes are
supported on all switches.

Feature/Switch Priority Data DOT1AG ETS MLAG RSPAN PBR Tiered Hot
Flow Center Authenti Swap
Control and cation Cards
DCBx

        
Dell Networking
N4000 Ethernet
Switch

        
Dell Networking
8100 Ethernet
Switch

    
Dell Networking
N3000 Ethernet
Switch

   
Dell Networking
N2000 Ethernet
Switch

  
Dell Networking
N1500 Ethernet
Switch

Supported Firmware Functionality

For more details regarding all the supported firmware features and functionality, please refer to the Dell Networking N1500,
N2000, N3000 and N4000 Series CLI Reference Guide and the Dell Networking N1500, N2000, N3000 and N4000 Series User’s
Configuration Guide.

System Firmware Version 6.2.6.6 Page 5

Added Functionality in this Release
This section contains a list of features added in this release that are new for at least one switch listed in the Hardware Supported
section above.

Release 6.2.6.6

 Added lower-case dot1x MAB user-name/password support to radius-server

 Added ssh public key authentication support
 Added TLSv1.0 as HTTPS protocol by default and disabled SSLv2 and SSLv3 by default

Release 6.2.5.3

 Added N1500 Ethernet Switch

Release 6.2.1.6

 Added Sticky MAC – Port-Security

 Support configuration of AdvLinkMTU, and include option MTU in Router Advertisement Message
 Added support for character ‘.’ (period) in the hostname
 Kernel updates and SSL version upgrade to 1.0.1.m

Release 6.2.0.5

 BGPv4 (N3000 and N4000 switches only through CLI)

 VRF-Lite (N3000 and N4000 switches only through CLI)
 Audio/Video Bridging (N4000 switches only through CLI)
• IEEE 802.1as Timing and Synchronization

• IEEE 802.1ak Multiple VLAN Registration Protocol (MVRP)

• IEEE 802.1ak Multiple Multicast Registration Protocol (MMRP)

• IEEE 802.1Qat Multiple Stream Reservation Protocol (MSRP)

 RADIUS Change of Authorization (COA)

 IPv6 Router Advertisement (RA) Guard
 MLAG Enhancements
• Virtual MAC address per MLAG domain

 Bidirectional Forwarding Detection (BFD) (N3000 and N4000 switches only through CLI)
 IP unnumbered VLAN interfaces
 Support Explicit Congestion Notification (ECN) capability
 Support to configure storm-control action
 Display PIM protocol statistics and multicast forwarding cache
 Link debounce hysteresis on physical interface link loss.

6 System Firmware Version 6.2.6.6

Dell Networking N1500/N2000/N3000/N400 Series Switches Release Notes

 Buffers command to configure CPU thresholds for messages



Release 6.1.2.4

 No added functionality in this release

Release 6.1.1.7

 No added functionality in this release

Release 6.1.0.6

 No added functionality in this release

Release 6.1.0.1

 STP-PV and RSTP-PV protocol support

 Added storm control “action” support for broadcast and multicast streams
Release 6.0.1.3

 Support POE+ for N3048P/N3024P/N2048P/N2024P switches

 DHCPv6 Snooping/IPv6 Source Guard
 100FX transceivers are supported (only supported on N30xx series)
 Command to configure Single Rate Three Color Marking (srTCM) is available
Release 6.0.0.8

 MLAG
 Remote SPAN
 Policy Based Routing/Forwarding
 Tiered Authentication
 IPv4/IPv6 ACL Enhancements
 Per Port Flow Control
 Source Specific Multicast support
 Load Statistics
 Full Memory Core dump
 Remote Packet Capture
 Added support for LAG flap counters
 Logging Enhancements
 Enhanced Ping and Traceroute feature
 Serial access to remote members in a stacking environment
 Ability to enable or disable stack ports
 Give option to encrypt TACACS and RADIUS keys
 Ability to track stack path in the stacking environment
 Support packet capture of CPU packets with Wireshark decode
 Protect U-boot access with password

System Firmware Version 6.2.6.6 Page 7

Changed Functionality in this Release
This section contains commentary on significant differences from previous releases of firmware on Dell Networking Series
switches, e.g. the N1500/N2000/N3000/N4000 series switches. Dell Networking series switches closely conform to networking
industry standard operational capabilities and administrative interfaces. The differences below should be studied carefully as
attempting to configure or operate the Dell Networking switches in the same manner as for previous releases of firmware for Dell
Networking N1500/N2000/N3000/N4000 series switches may lead to unexpected results.

Release 6.2.6.6

 Kernel updates and SSL version upgrade to 1.0.1.o

 PoE Controller firmware updated to 265_1

Release 6.2.1.6

 Kernel updates and SSL version upgrade to 1.0.1.m

Release 6.2.0.5

 Change allowed monitor sessions from one to four to be configured

 Moved the “port security” commands from interface command tree to interface switchport command tree
 Updated MAC access-list commands
 Improved “show spanning-tree” commands

Release 6.1.2.4

 No changed functionality in this release

Release 6.1.1.7

 No changed functionality in this release

Release 6.1.0.6

 Improved fan noise level for N3000/N2000 series switches.

 Updated PoE controller firmware version to 263_75

Release 6.1.0.1
 Modified DVLAN tunnel UI to enable QinQ tunneling on customer edge (CE) interfaces.

Release 6.0.1.3
 PoE commands for N3000/N2000 PoE switches with PoE controller.
 Modified CLI to configure system wide MTU for all interfaces for all frame types.
 Enhanced IP route commands to display all connected and configured routes under one command.

Release 6.0.0.8
 Enhanced multicast commands to align with Industry Standard CLI
 Increased maximum number of iSCSI Sessions to 252

8 System Firmware Version 6.2.6.6

Dell Networking N1500/N2000/N3000/N400 Series Switches Release Notes

 Increased maximum number of units stackable to 12 for the N4000 and 8100
 Increased maximum number of VLAN’s supported to 4k
 Increased maximum number of static routes supported from 512 to 1024
 Increased maximum number of dot1x clients per port to 64
 Enhanced “show interface status” to display default VLAN participation
 Enhanced show tech-support, show version

Issues Resolved
The following issues from previous releases have been corrected. The issues listed here may have been discovered on any of the
switches listed on the title page.

Release 6.2.6.6
Summary User Impact Resolution Affected
Platforms
web timeout (HTTPS) does not https web sessions are getting logged- Corrected use of All
depend on exce-timeout configuration out/timed-out even though web sessions are configured timer values Platforms
active.
SNMP MIB Walk OID snmpwalk allways gives the URL as Corrected retrieval of All
"1.3.6.1.4.1.674.10895.3000.1.2.100" http://0.0.0.0 OID value. Platforms
returns URL http://0.0.0.0
Help content for the loopback Help content for the loopback interfaces is Corrected Loopback N20XX
interfaces is still present eventhough still present eventhough provision to interface help page for
provision to configure is deleted from configure is deleted from web in L2 switch N2K switches.
web in L2 switch
dot1x mac based authentication,clients When phone moved to another port dot1x Corrected issue with All
behind phones can't forward traffic lost track of it. adding new port Platforms
information
MLAG/LACP issue "Error allocating Port channel flapping after some up-time, Corrected MLAG packet N40XX
buffer pools for the received dot3ad when multiple VPC's are enabled on the format error. N30XX
data message" switch. N20XX
Switchport is not removed from After switchport is authenticated, the port Corrected port All
unauth VLAN even after passing still remains in the list of unauthenticated authentication update. Platforms
dot1x authentication. ports
IPv6 Multicast not filtered by MLAG IPv6 Multicast (mDNSv6) not filtered by Corrected conflicting N40XX
Peer-Link MLAG Peer-Link rules for MLAG peer-link N30XX
egress N20XX
Front panel 10G SFP ports are Hot swapping the plug-in module results in Updated the WC40 driver N30XX
flapping while inserting the plug-in a front panel port flap
module
Front 10G ports goes down when 10G Hot swapping the plug-in module results in Corrected port probe N30XX
SFP extension module is removed the loss of the front panel ports error
from the slot
Ports flapping when port-channel Ports flapping when port-channel Corrected update of port- All
membership is being modified via membership is being modified via WebUI channel information when Platforms
WebUI using the WebUI
dot1x unauth-vlan not working with When connected client on switch interface Corrected internal index N30XX
authentication order enabled fails authentication, the port is not put in error. N20XX
UNAUTH-VLAN but it keeps trying to
authenticate endlessly.
Aastra 6725IP phone not getting Aastra 6725IP phone not getting power Updated PoE controller N30XXP
power when connected to switch when connected to switch firmware N20XXP
PoE interoperability issue with D-Link Unable to power on D-Link POE splitter Updated PoE controller N30XXP

System Firmware Version 6.2.6.6 Page 9

 PoE Splitter due to under load firmware N20XXP
Dot1x authentication issues Occasionally, the he radius communication Corrected buffer overflow N30XX
will fail, resulting in failure of issue. N20XX
authentication mechanism, and network
connectivity.
CDC RX FIFO entry 45 ECC error Erroneous ECC errors seen because Changed HW PC8024F
seen SolarFlare PHYs insert an additional configuration to make
preamble byte into the stream switch more tolerant to
PHY errors.
Ping to VRRP Virtual IP with payload Ping to VRRP Virtual IP with payload size Allow fragmented ping All
size more than 1473 is failing more than 1473 is failing because of packets. Platforms
fragmented Ping packets

stack when issuing 'show' CLI causing On a stack when issuing a ‘show’ CLI Corrected routing in CPU All
his ping to timeout command the ping timesout when ip routing when IP routing is turned Platforms
is turned off. off.
Multiple vulnerabilities (CVE-2011- Presence of weak and vulnerable ciphers Applied patches for these All
3389, CVE-2013-2566 and CVE- causing the vulnerabilities to be reported reported issues Platforms
2015-2808) during the Nessus Scan.
IPv6 neighbor solicitation multicast Traffic Loss is seen on IPv6 Neighbor Increased the COS All
not distributed to non-management solicitation packets on the member of the priority for ICMPv6 Platforms
stack members stack traffic
Switch crashes or hangs after multiple Switch crashes or hangs after multiple SSH Corrected internal data All
SSH session retries on switch session retries on switch issue when SSH session Platforms
is retried.
BGP AS Number Range (Unassigned IANA reserved AS Numbers can be used. Updated range of IANA N40XX
by IANA) IANA has revised the reserved AS numbers reserved AS numbers. N30XX
range.
show buffers command shows show buffers command shows incorrectly Corrected formatting All
incorrectly spaced or garbled output spaced or garbled output via telnet/SSH issue Platforms
via telnet/SSH
Observed "LLDP entry delete failed" Expecting more verbose information of Added the MAC address All
log messages LLDP error messages. and interface number to Platforms
the existing log message

Switch stack unresponsive with Switch crash in mcastMapTask process Corrected internal data All
mcastMapTask crash logs error. Platforms
Layer3 interface (vlans) stays down Layer 3 interfaces are not in sync between Corrected master and unit All
when stack master is powered off the units and the master when the master is sync issue Platforms
abruptly powered off
RSTP BPDU packet dropped if hello RSTP BPDU packet dropped if hello timer Corrected hello timer All
timer mismatch mismatch mismatch by honouring Platforms
the peer switch
configuration in the range
of 1 to 2 seconds.
Stacked and running RPVST is often Stacked and running RPVST is often unable Corrected internal stale All
unable to learn GARP address after to learn GARP address after failover. data check Platforms
failover.
ip ospf and rip authentication encrypt ip ospf and rip authentication encrypt string Encrypted authentication All
string is showing in clear-text is showing in clear-text string Platforms
UNH-IPv6-USGv6 Interoperability Conformance failures will result in Applicable kernel patches N30xx
and Basic Conformance failures interoperability issues with other vendor applied and MTU N40xx
equipment changes done
Preflix-list command does not permit The ability to use "/" notation to quantify CLI command enhanced All
use of "/" slash notation -error the number of consecutive bits in the mask to accept prefix length Platforms
message text for prefix lists is missing. and network mask

10 System Firmware Version 6.2.6.6

Dell Networking N1500/N2000/N3000/N400 Series Switches Release Notes

Packet drop when removing default Traffic loss for about 5millisecond duration Excluded host entry All
route cleanup for default route Platforms
Radius thru SSH line fails the 1st User need to enter the credentials twice Corrected a deadlock on All
connection socket resource platforms
"show spanning-tree active" does not Information displayed is not consistent for Corrected the display root All
say this is the root all instances info for each instance Platforms
Disable SSL Version 2 and 3 Protocols CLI Command "ip http All
and user TLS1.0 or higher SSL2.0 & SSL3.0 suffer from several secure-protocol" allows Platforms
cryptographic flaws. An attacker may be to configure the desired
able to exploit these flaws protocol.
Incorrect info in 'show port-security The number of dynamic addresses learned Checks were added to All
dynamic <infc>' CLI Command are reported erroneously prevent unconditional Platforms
couner increments.
USL error messages making switch This issue is seen when ARP cache is full at Corrected mass ARP All
console unresponsive when ARP high ARP reply rate entries aged out process Platforms
cache tests are run
Issues with Port-Security (Sticky Sticky MAC entry for Voice VLAN is not Issue with packet padding All
MAC) with voice VLAN when added is fixed Platforms
connected to phone and PC
Supported 1G optics are reported as Some supported Dell part numbers are Supported list of 1G All
Not Supported reported as not supported transceivers are now Platforms
considered as supported
parts.
Port-security violation is not logged No notification about the Violation Violation trap is now All
for ports with Sticky MAC enabled logged Platforms
switch stack takes a very long time to The command which retrieves optics data Removed The commands All
respond for any sh commands requires too much dedicated CPU cycles. which retrieve optics data Platforms
from the show tech-
support command
Switch crashes or hangs after multiple Switch crashes or hangs after multiple SSH Corrected web handling All
SSH session retries on switch session retries on switch of SSH sessions. Platforms
Incorrect Dynamic MAC Address- Ssource MAC address from LLDP frames Corrected internal LLDP All
table entry for Data-VLAN learned in bridge address table policy issue. Platforms
Banner is not displayed in running Banner is not displayed in running Corrected check for All
configuration after a reboot configuration after a reboot system reload. Platforms
Auth doesn't fails when wrong/no Auth doesn't fail when wrong or no Corrected password All
password entered at enable prompt password is entered at the enable prompt initialization parameter Platforms
error.
Stack member crash Stack member crash "hapiMcAsyncTask" Corrected table index All
"hapiMcAsyncTask" and and "hapiRxTask" problem. Platforms
"hapiRxTask"

Release 6.2.1.6
Summary User Impact Resolution Affected
Platforms
WebUI timeout (HTTPS) does not WebUI (HTTPS) sessions are getting Added CLI commands to All
depend on exce-timeout logged-out/timed-out even though web allow the hard timeout to Platforms
configuration sessions are active because of hard timeout. be changed.
Port-Security VoIP/PC issue The source MAC address from LLDP frames Corrected issue that All
learned in bridge address table caused learning Platforms
VoIP phones assigned to wrong VoIP phones will be assigned to wrong Corrected an issue All
VLAN VLAN, as the search for the ISDP entry for searching for VLAN tree. Platforms
the interface index will yield incorrect

System Firmware Version 6.2.6.6 Page 11

 results.
IPv6 connectivity failure after stack When switch failover, IPv6 Neighbor Corrected IPv6 Neighbor N40XX
member failure on N4064F stack solicitation(NS) packets are dropped solicitation packet drop
issue.
Routing issue, null address in ARP NULL MAC entries being present in ARP Corrected ARP hand-off All
table after VLAN manipulation table learned on a wrong VLAN after failover Platforms
ARP entries with 0000.0000.0000 NULL MAC entries being present in ARP Corrected ARP hand-off All
mac-address table learned on a wrong VLAN after failover Platforms
Stack master unit crashing issuing "show ip igmp snooping groups" command Corrected page pagination All
some 'show' CLIs throws an exception when displaying long issue. All Platforms Platforms
list of ports.
ARP resolution not happening for ARP response packets are being dropped for Corrected control traffic All
iSCSI traffic when iSCSI iSCSI traffic. identification issue. Platforms
optimization is enabled
Ports on VLAN with PVST/RPVST Ports on a VLAN where PVST/RPVST is Corrected VLAN All
disabled not learning MAC addresses disabled are not learning MAC addresses initialization issue. Platforms
after reboot after a switch reboot
SNMP MIB Walk OID SNMP get of productIdentificationURL is Corrected data retrieval All
"1.3.6.1.4.1.674.10895.3000.1.2.100" zero IP address issue for this OID. Platforms
returns URL http://0.0.0.0
Switch not sending snmp trap UP/DOWN trap events on loopback Removed associated CLI N20XX
notification for UP/DOWN status on interfaces are not supported on the N2XXX commands on the
loopback interfaces switch. N2XXX switch.
Receive and transmit packets VLAN tagged frames size(1519 to 1522) are Corrected counter bug. All
dropped > MTU counters increasing reported as dropped on trunk ports Platforms
Interop issues found during testing User may run into few interop issues and Added MTU All
for USGv6 Basic, Address non-conformances configuration and Platforms
Architecture, SLAAC and upgraded kernel to
IPv6 Ready Logo Core support the interop
N2000 - Switch ports intermittently Packet drops on various interfaces and the Fixed in 6.2 SDK upgrade All
drop packets in green mode problem normally goes away when the Platforms
interface is bounced (shut/no-shut).
Dot1x mac based authentication, Dot1x application and hardware maintains Corrected dot1x All
clients behind phones can't forward different MAC entries when PCs moved application issue. Platforms
traffic after clients moved between from one port to the other behind phones
ports. and this in turn leads to traffic loss
N3000 - Front 10G ports goes down 10G ports on front-pannel of N3000 switch Corrected port N30xx
when 10G SFP extension module is goes down when SFP+ module is hot initialization issue.
removed from the slot plugged out.
Dell 1G SFP LX Optics (PN# Dell 1G LX Optics is showing as N/A when Added transceiver to table N40XXF
FTRJ1319P1BTL) is showing as ran “show interfaces transceiver” CLI of supported transceivers. N20XXF
N/A in CLI command output. command. N30XXF
"show vlan" output does not match Inconsistent information displayed in show Corrected the processing All
"show dot1x clients" for assigned commands of COA messages and Platforms
vlan vlan assignment on the
logical interfaces.

Release 6.2.0.5
Summary User Impact Resolution Affected
Platforms
VLAN 1 IP address/mask VLAN configuration is not applied with CLI Corrected error with data All Platforms
from easy setup wizard not wizard. being over written.
saved in configuration.

12 System Firmware Version 6.2.6.6

Dell Networking N1500/N2000/N3000/N400 Series Switches Release Notes

Global Health Status is SNMP MIB (productStatusGlobalStatus) - Corrected check for All Platforms
abnormal System with a single Power Supply, which is power supply status.
powered up, should be reported as OK rather
than NON-CRITICAL.
User password length is not User could enter password that ends up Corrected check for All Platforms
checked when using the Easy being truncated. password length
Setup Wizard.
port-channel goes down when When the 10G port is shutdown, other 10G Updated error in pre- All N30XX
primary link is restored port flaps. emphasis setting. All N20XX
Temperature sensor read Temperature sensor read failure, POE Corrected timing issue N30XXP
failure, POE Controller X Controller X log message only appears during system boot-up. N20XXP
error message in log. during reboot/reload process and will not
appear again once box is stable
Debug logs prints a wrong Says the "New user has been added" when it Corrected user creation All Platforms
message. is not. error
Inconsistent error message The GUI is producing a different message Corrected the error All Platforms
b/w Web GUI and CLI for from the CLI. message to be the same as
GARP Join Timer the CLI.
OpenSSH vulnerability OpenSSH vulnerability Applied OpenSSH All Platforms
patches
Unable to enable/disable Unable to enable/disable HTTPS from web. Corrected web page error All Platforms
HTTPS from web. Error is thrown.
Port display & config error Problem when navigating "Switching Corrected multicast All Platforms
when configuring bridge >Multicast Support>Bridge Multicast display function.
multicast group with Web UI Groups"
MLAG SNMP MIB Walk MLAG SNMP MIB Walk result is Corrected error in All Platforms
result is incomplete for incomplete for reporting status table
"agentVpcPeerMember "agentVpcPeerMemberStatusTable" information.
StatusTable"
Port security CLI output error "Dynamic Address Count" of port security Corrected error in All N30XX
configured interface won't reduce. updating this count. All N20XX
Strange behavior on VLAN 1 Host interfaces are flooding unicast traffic in Corrected check for entry All Platforms
VLAN even if FDB entry is learned. in FDB.
VRRP issue The switch does not appear to be updating Corrected error in All Platforms
ARP table when switching back to standby updating ARP entry status
PCI DSS Compliance medium strength SSL ciphers and Applied patches for both All Platforms
insecure renegotiation of TLS / SSL these issues.
Ports down with PHY status Randomly ports are showing not supported Corrected CPLD reset All N40XX
as Not Supported and debug output shows that external PHYs function.
are not getting attached to the switch
Console LED issue Console LED green in GUI even with no Corrected function All N30XX
console cable attached to it. returning console cable All N20XX
status
IP address range issue with When configuring static DHCP snooping Corrected range check on All N30XX
DHCP Snooping entries, if IP address fourth octets were IP address All N20XX
higher than 223 then it is not accepting and it
throws invalid parameter error.
GVRP issues GVRP registration-forbid is not working if Corrected error in check All Platforms
there are two interfaces b/w GVRP client for forbidden interfaces
and Server
SNMP traps with wrong SNMP agent address is not shown in the Corrected error in All Platforms
agent-address SNMPv1 trap. The agent-addr field value retrieving address
shows zeroes in trap PDU.
SSH public key authentication Once a user logs-in via SSH service, CLI Corrected public key All Platforms
doesn't work falls back to unprivileged mode. initialization error.

System Firmware Version 6.2.6.6 Page 13

 SNTP server address issue Error shown while adding SNTP server Corrected range check on All N30XX
address if fourth octet address range is from IP address All N20XX
224-239 from web.
Static IP Routing Issue Route is not added in the ip stack and hence Corrected error in All N40XX
the route lookup leads to the default route. updating the route.
Switch stops responding to User will not have access serial console, Corrected error in All Platforms
Serial console, Telnet, SSH SSH, telnet sessions releasing management
and WebUI access.
IPv6 DHCP address IPv6 DHCP address assignment doesn't work Corrected packet length All Platforms
assignment doesn't work while while IPv6 MLD snooping is enabled check.
IPv6 MLD snooping is
enabled
IS-IS Multicast traffic not IS-IS Hello packets are being not forwarded Corrected check for IS-IS All Platforms
forwarded by the switch Hello packets

Firmware upgrade failure with New Firmware is not being saved in flash Corrected error in saving All N30XX
"can't write fw_env to flash" memory FW update to flash All N20XX
error message. memory.
Port-channel misconfigured Upon firmware update, Port-channel does Corrected port channel All Platforms
after firmware update not include all interfaces. validation check.
Port-channel misconfigured Upon reload update, Port-channel does not Corrected port channel All Platforms
after reloading the switch include all interfaces. validation check.

Release 6.1.2.4
Summary User Impact Resolution Affected
Platforms
Wrong "Bind IP subnet All VLANs showing as "1" when performing any Corrected VLAN data All 6.1
to VLAN" mapping sorting or navigating to the next page on: update issue. supported
displayed via GUI Switching > VLAN > Bind IP to Subnet: Show platforms
All
WebUI displays only 64 WebUI displays only 64 port-channels for VLAN Corrected problem All 6.1
port-channels for VLAN membership. More than 64 Port-channel ID’s displaying VLAN IDs supported
membership, even though exist in the switch configuration. with port-channel IDs platforms
Port-channel IDs over 64 over 64.
configured.
Private VLAN Private VLAN association configuration is not Corrected issue applying All 6.1
association breaks after retained after reboot PVLAN configuration supported
reboot platforms
Tagged frames are VLAN tagged frames sizes from 1519 to 1522 are Corrected the calculation All 6.1
reported as dropped on reported as dropped on trunk ports of dropped counter for supported
trunk ports trunk ports. platforms
SNMP walk returned in SNMP OID Walk of the object Corrected Endian issue All 6.1
reverse order “lldpRemManAddrIfSubtype” is returned in with this OID. supported
reverse order platforms
"Dependent port cannot When using WebUI to "add" a port or configure Corrected link All 6.1
be a member port of "depends-on" port on an existing link-dependency dependency conflict supported
another group" error group, an error message will pop up and the entire issue. platforms
when configuring a link-dependency group is deleted
dependency group
IF-MIB ifSpeed OIDs N20XX/N30XX platform is not handling the Corrected speed status N20XX/N30XX
populated only for master interface speed status correctly for the ifSpeed error for member ports in
unit ports OID the stack.
PoE interface power Error "TRAPMGR[122383956]: traputil.c(740) Corrected “Main Power N20xxP/N30xxP
down condition when 506162 %% PoE: Gi1/0/24 power down Supply Absent”
connected to another PoE (Overload Condition)" when N30xxP/N20xxP informational message as
switch. switch connected to another PoE switch. “Main Power Signature

14 System Firmware Version 6.2.6.6

Dell Networking N1500/N2000/N3000/N400 Series Switches Release Notes

Absent"
Logs are filled with the Logs are filled with "Copy of running Corrected issue when All 6.1
output stating "Copy of configuration to backup unit complete" saving the DHCP supported
running configuration to configuration. platforms
backup unit complete"
Stack not able to enable Issue with OSPF area 0 configured on loopback Corrected checks for All 6.1
OSPF interfaces after save and reload. loopback interface supported
platforms
STP status of a physical After adding a VLAN, the STP status of the Corrected check for LAG All 6.1
port bound to a port- physical interfaces bound to the port-channel interfaces. supported
channel interface changes interface is transitioned from discarding to platforms
from DSC to Forward forwarding state
after adding VLAN

ifSpeed table shorter than ifSpeed object returns entries only for physical Corrected problem which All 6.1
the rest of IF-MIB tables interfaces. Logical interfaces are not included. prevented logical supported
interfaces from being platforms
included.
'show passwords result' When passwords with errors were entered, the Corrected issue when All 6.1
causes switch to crash ‘show passwords result’ command would crash. retrieving the password supported
value. platforms
SVI down after stack After stack failover the SVI is down Corrected check for All 6.1
failover. VLAN interfaces on supported
stack failover. platforms
VoIP & 802.1x issue The phones are being placed in the wrong VLAN Corrected race condition All 6.1
occasionally while the phone is being booted and between VoIP and supported
going through the authentication process 802.1x authentication platforms
“dot1x timeout supp- “dot1x timeout supp-timeout” option is missing Corrected issue that All 6.1
timeout” option is for N-Series platform. caused the “dot1x supported
missing. timeout supp-timeout” platforms
command to not be
available.
PVST/R-PVST mode Disabling STP on a port and then changing the Corrected port state All 6.1
sends BPDUs on STP mode globally causes BPDUs to be sent on check supported
spanning-tree disabled spanning tree disabled ports. platforms
ports
startup-config backup via Script to transfer “startup-config” file from the Corrected file type error. All 6.1
SNMP switch to the TFTP server fails. supported
platforms
SNMP Requests not While trying to retrieve the MIB object Corrected port display All 6.1
working as expected “dot1qVlanStaticUntaggedPorts” with default value error. supported
configuration, the switch is returning all zero's for platforms
VLAN 1 for all ports.
CDC/ECC Errors on the When a burst of 81 byte packets are presented to Changed RX FIFO N20XX/N30XX
switch console the switch the RX FIFO which is 4 bytes deep can timing.
overflow causing packet drops and the CDC RX
FIFO error message.
VOIP phone not VOIP Phones are not getting a correct IP address Corrected handling of All 6.1
receiving IP from correct for the Voice VLAN from the DHCP server. Endianness issues which supported
VLAN L2Relay not working correctly with the error caused the drop of DHCP platforms
displayed in the log file "<187> Sep 11 04:38:16 discover packets.
172.22.0.70-1 IP_HELPER[138717076]:
relay_main.c(576) 62652 %% Received an invalid
udp relay pkt from interface Vl5 Src ip 0.0.0.0:
Src port 68 Dst ip 0.0.0.0: Dst port67 len 312"
Certificate fields Certificate fields populated with previous Provided checks for All 6.1

System Firmware Version 6.2.6.6 Page 15

 populated with cached certificate values on Web UI required fields. supported
values on Web UI platforms
Cannot add SNTP server Cannot add SNTP server if fourth octets IP Corrected error in All 6.1
if fourth octets IP address address is in the range of 224-239. validating IP address. supported
is range of 224-239. platforms
IPv6 DHCP address IPv6 DHCP address assignment doesn't work Corrected check for All 6.1
assignment doesn't work while IPv6 MLD snooping is enabled DHCP address packet supported
while IPv6 MLD length. platforms
snooping is enabled
Clearpass Filters are not If a filter is defined using Class Maps, Corrected filter update All 6.1
applied to switch Policy Maps and Service Policies on a issue on dot1x re- supported
interface(s) occasionally. ClearPass RADIUS server, the filter on the switch authentication. platforms
for the specific authentication port is not applied.
Radius communication Radius source-ip parameter causes authentication Corrected “radius source- All 6.1
issues when switch to fail. ip” address validation supported
configured with the error. platforms
radius source-ip address.
Error when trying to add DHCP server option 42 support was not available Added DHCP server All 6.1
dhcp option 42 when DHCP server was integrated. option 42 support. supported
platforms
RADIUS authorized RADIUS authorized clients were removed from Corrected Dot1x re- All 6.1
clients were removed authorized VLAN. authentication issue on supported
from authorized VLAN. stacked switches platforms
POODLE vulnerability in The Padding Oracle On Downgraded Legacy Disabled SSLv3. TLS All 6.1
SSLv3 Encryption (POODLE) vulnerability allows a support is available supported
man-in-the-middle attacker to decrypt cipher-text. platforms

Release 6.1.1.7
Summary User Impact Resolution Affected
Platforms
When applying ACL to Route-maps are taking higher priority than Corrected ACL priority All 6.1supported
VLAN interface PBR ACL's when applied on the same interface. platforms
stops working
Random FAN and PMBUS Write failure and FAN state change Corrected power monitor bus All 6.1supported
PMBUS errors related logs are flooding the console. communication issue platforms
During initiate stack Loss of multicast traffic during stack failover. Corrected Multicast sync All 6.1supported
failover, multicast traffic error platforms
loss is seen for longer
time and also few log
messages are observed on
the console
IGMP snooping/flooding When a static mrouter is defined and the link Corrected flooding issue All 6.1supported
implementation across goes down, flooding occurs. regardless of link state platforms
the range
Power negotiation fails Cisco 9971 IP Phone fails to power up Corrected error in Power
with Cisco 9971 IP attached devices like USB camera when using TLV handling.
Phone PoE power negotiation.
QinQ feature does not QinQ feature is not working on LAG ports Corrected LAG initialization
work after reload of after reload of individual units or Stack problem
individual units or Stack Reload or Stack unit reload.
Reload or Stack unit
reload
Switch crash with Occasionally switch crashes with Corrected memory leak All 6.1supported
emweb_main task emweb_main task issue. platforms

16 System Firmware Version 6.2.6.6

Dell Networking N1500/N2000/N3000/N400 Series Switches Release Notes

No way to enable IGMP IGMP is enabled by the switch when needed. Removed the option from the All 6.1supported
globally from CLI, can The option to enable it on the GUI is an error. GUI. platforms
only enable IGMP
globally from GUI.
traffic-shape minimum Traffic-shape minimum bandwidth is 64 kbps Corrected traffic-shape N4032/N4032F
bandwidth configuration but CLI displays the traffic shape minimum minimum bandwidth value
issue bandwidth as 0 kbps
“show ip igmp There is no such command “ip igmp” Corrected the message. N20XX/N30XX
membership” command
shows incorrect
messaging about "ip
igmp" command
Customer complaints on Current fan/temperature table runs fans at Changed fan speed profile. N20XX/N30XX
N2000 fan noise speeds higher than necessary resulting in more
noise.
Switch crashes Occasionally switch crashes with Corrected IP header length All 6.1supported
intermittently with tArpCallback & IpHelperTask tasks due to check. platforms
tArpCallback & corrupted packets
IpHelperTask tasks
VLAN1 down after When try to assign a static IP address to dhcp Corrected static IP address All 6.1supported
assigning static IP enabled interface and giving “no ip address”, check platforms
address the interface state goes down.
GS_REFCLK Input Switching fabric GS_REFCLK Input Applied Errata fix for N20XX/N30XX
termination is not termination issue GS_REFCLK Input
enabled termination
Stack's management IP Loss of stack’s management IP address after Corrected static and dynamic N20XX/N30XX
can't be pinged after failover route initialization.
stack failover
SNMP MIB for Power The power-supply and fan info should be Added index to allow unit All 6.1supported
Supply and Fan Tray info shown for all stack members while executing selection. platforms
of all units in the stack SNMP MIB Walk and not just the master.
Port Channel member Dynamic Port Channel member links are Corrected LACP BPDU All 6.1supported
links are flapping up and flapping frequently issue platforms
down
OpenSSL SSLTLS OpenSSL vulnerability CVE-2014-0224 Applied OpenSSL suggested All 6.1supported
MITM vulnerability fix platforms
CVE-2014-0224
Switch crashes when Switch crashes when PBR with MAC ACL is Corrected ACL processing All 6.1supported
PBR with MAC ACL is applied on the VLAN routing interface issue platforms
applied on the VLAN
routing interface
PBR: ACL associated to ACL associated to a VLAN interfaces displays Corrected ACL error All 6.1supported
a VLAN interfaces the message below: "<188> Jun 27 06:47:29 message processing issue platforms
display the message on 10.130.178.162-1 ACL[105366052]:
the console. acl_mac_api.c(2533) 4631 %% Access groups
are not supported when configured on the
same interface as a PBR route map. ", when
the VLAN interface is already associated with
the route-map.
Hapi dvlan notification In legacy DVLAN mode, some ports are Corrected legacy mode issue. All 6.1supported
handler is trying to getting configured as neither customer nor platforms
configure customer ports service provider ports which is not supported
in legacy mode in legacy mode.

Dell 1G SFP PN# GF76J Dell 1G SFP PN# GF76J is showing as N/A Added transceiver to table of N40XXF
is showing as N/A in CLI when ran “show interfaces transceiver” CLI supported transceivers. N20XXF
command output. command. N30XXF

System Firmware Version 6.2.6.6 Page 17

 Continuous LACP flap User might see the LACP SM not converging Corrected secondary MLAG All 6.1supported
on Dell Force10 switches for ports connected to secondary MLAG device issue platforms
when used with N-series device
MLAG implementation
PBR: IP Precedence is There is a chance that route-map might not be Corrected ACL validation All 6.1supported
not working when we applied properly on vlan interface if vlan acl is issue platforms
delete and re-configure present on the same interface.
route-map
Console hang on User might observe console hang on enabling Corrected VLAN validation All 6.1supported
enabling "ip routing" "ip routing" with PBR rule and ACL rule for route-map. platforms
with PBR rule and ACL applied on same VLAN interface.
rule applied on same
VLAN interface.

Traffic is forwarding to a Traffic is forwarding to a routing interface Corrected PBR rule error All 6.1supported
routing interface even even though PBR rule is not applied on that platforms
though PBR rule is not interface
applied on that interface
Switch DTL crash Observed switch DTL crash Corrected DTL memory All 6.1supported
problem. platforms
Stack showing memory Observed “ATP RX: Failed to alloc for Increased the ATP buffers All 6.1supported
errors on members 8-11 reassem" in stacking environment. size. platforms
When default route is PBR policy fails due to group allocation Correct group allocation All 6.1supported
present, the default next- failure. error. platforms
hop option of PBR fails
Configured 10G ports Irrespective of 10G port is configured as Corrected configuration All 6.1supported
return to default 1G+forced or 1G+auto, after reload or hot initialization issue. platforms
configuration after power plugin, port is getting set to 1G + auto.
on reboot.

Release 6.1.0.6
Summary User Impact Resolution Affected
Platforms
Issues powering up POE When dot13af and legacy mode is enabled and Fixed high port powering N2xxxP/N3xxxP
devices on certain switch the first 12/24 switch ports are in error status, issue by updating the PoE
port interfaces. the last 12/24 ports are stay off. controller firmware version
to 263_75.

Please wait for few minutes

for PoE controller firmware
update to complete on switch
boot-up.
You will see the below log
messages on switch boot-up
after switch firmware
upgrade.
<187> Jun 17 04:51:57
172.25.136.215-1
POE[144021428]:
hpc_poe_pwrdsne.c(6733) 582
%% PoE firmware controller
upgrade started. PoE will be re-
enabled when upgrade
completes. Note: this could take
a few minutes.
<187> Jun 17 04:53:44
172.25.136.215-1
POE[144021428]:

18 System Firmware Version 6.2.6.6

Dell Networking N1500/N2000/N3000/N400 Series Switches Release Notes

hpc_poe_pwrdsne.c(6852) 623
%% PoE firmware upgraded to
263_75
<187> Jun 17 04:53:44
172.25.136.215-1
POE[144021428]:
hpc_poe_pwrdsne.c(6854) 624
%% PoE firmware controller
upgrade completed. PoE is
enabled and ready for use

Fan noise level User experiences high fan noise level with Optimized the fan noise N2000/N3000
improvements N2000 and N3000 series switches. level.

Release 6.1.0.1
Summary User Impact Resolution Affected
Platforms
Switch fails to load If user makes changes to configuration, saves Startup-configuration file is N2xxx/N3xxx
startup-configuration configuration to startup-configuration file and saved immediately when
after hard power cycle then within a short period of time (60 seconds copy command is issued and
or so depending on configuration file size) console prompt does not
removes power from the system, the startup- return until save is complete.
configuration file will be empty and
configuration will be lost.
Multicast traffic loss at Traffic loss for few groups at random interval Fixed the timing issue where All 6.1.0
irregular interval for two of time the expiry is processed supported
group ranges before the timer is updated. platforms
Auto-negotiation Combo ports on a stack member will not link Error codes are handled All 6.1.0
capabilities of combo up after rebooting the member in a stack. correctly while getting auto- supported
ports were getting reset negotiation capabilities platforms
to '0'
Need support for dot1q When user configures dvlan tunnel mode on a When user configures dot1q All 6.1.0
tunnel mode port, that port gets configured as service tunnel mode on an interface, supported
configuration per port provider port and all other ports would only that interface would be platforms
and per port ether type become customer ports set as customer port
configuration
DOT3AD helper sending Dynamic LAG will be up on partner, even stop sending LACP PDUs All 6.1.0
LACP PDUs even though it does not exist in DUT. for LAG interface upon supported
though LAG is down receipt of detach event platforms
"Login time" stamp does “show users login-history” doesn't show the Modify CLI to convert the All 6.1.0
not match the switch correct login time given raw time to UTC supported
clock platforms
802.1x authentications Authentication fails for 802.1x users using EAP packet length N2xxx/N3xxx
fails for EAP type EAP type PEAP computation corrected and
PEAP(protected EAP) on used only for first fragment
N2xxx/N3xxx platform while inserting the AVP's
Fiber Combo Port LED Wrong indication of the LED reporting port Fixed code such that LED N3024F
on partner switch reports down. microprocessor to react to
'DOWN' after an initiate linkscan callback only for
Failover on a stack ports that it manages.
Access list name is If the Access list name has a ‘-‘ character the Fixed the java script on web All 6.1.0
getting truncated in the name is not displayed properly page supported
web interface platforms
DCPDP packets are not MLAG Peer Detection continuously flaps Fixed the logic to send All 6.1.0
transmitted every one DCPDP packet every one supported
second second platforms

System Firmware Version 6.2.6.6 Page 19

 Web interface freezes VLAN membership web page cannot be Fixed the java script on web N4032/N4032F
when trying to view accessed. After accessing the VLAN page
VLAN membership membership web page, the browser will hang
and the browser must be restarted to access the
web interface again
VoIP VLAN reply not VOIP phones won't receive Voice VLAN Corrected Voice VLAN All 6.1.0
being sent via CDP\ISDP configuration from switch if there is an ISDP indexing problem. supported
entry on a port ID which is one port less from platforms
VOIP phone connected port.
OOB packet loss after After upgrading the switch firmware OOB Corrected timing issue with N4xxx
upgrading firmware port can occasionally experience packet loss. OOB port driver
Certificate fields When entering SSL certificates via GUI the Corrected GUI initialization N4xxx
populated with cached second certificate values are populated from issue.
values cached values.
Unable to reconfigure User is not able to delete the configured SSH Corrected SSH port All 6.1.0
standard SSH port port number. validation. supported
platforms
SNTP KoD packet stops The switch will not respond properly to KoD Corrected back off time All 6.1.0
time synchronization packets with INIT or STEP codes. problem supported
platforms

Release 6.0.1.3
Summary User Impact Resolution Affected Platforms

Traffic loss due to IGMP join expiry for Periodic multicast packet loss Prioritizing the PIM All 6.0.1
some of the groups over lag when active lag port is on a join/prune messages as they supported
member unit were dropped when bursts of platforms
messages were received
IPMC deletes fail which can cause During failovers, when ports Enhanced the lookup and All 6.0.1
subsequent IPMC inserts to also fail. are down a condition might delete procedures. supported
cause subsequent IPMC inserts platforms
to also fail
MAC address learning fails after There will be traffic loss if the Primary to send proper STP All 6.0.1
secondary MLAG Reboot on setup port on which the STP status is updates to secondary. supported
running MSTP not updated properly is on platforms
traffic path
802.1p priority value discarded & reset Priority value in the vlan tag Fixed the snooping N3000/N2000
to default value for ICMPv6 packets gets reset to default value by application to retain the platforms
snooping application priority
Failure to change the port-channel Port channel mode changes MLAG port databases All 6.0.1
mode on MLAG (primary/secondary) from dynamic/static may fail handling is corrected supported
device or port state may move to platforms
discarding.
On stack configured with more than 2 There may not be traffic loss Proper checks on ether types All 6.0.1
units, the PBR traffic fails to fall back but the policy is not applied. for mac acl and ip acls. supported
to immediate next-hop after initiating platforms
failover
LAG membership detail page fails to All the needed information is Fixed the javascript to N4000/PC-81xx
display configured max 126 Dynamic not displayed on the page. properly handle the XML switches
LAGs tags
Fixed Speed 100 does not work on Link will not come up Corrected the MDIX setting for All platforms that
combo ports operationally. combo ports support combo
ports
Failure to revert to port default speed Clear config should clear and Order of the interface state All 6.0.1
after clear configuration. revert to defaults. checks corrected supported
platforms
Stack port numbering in software was Mismatch exists between the unit and port data base reworked N3000 platforms

20 System Firmware Version 6.2.6.6

Dell Networking N1500/N2000/N3000/N400 Series Switches Release Notes

not consistent with physical numbering physical numbering and ports according to HW spec updates
on the switch displayed in CLI.

Release 6.0.0.8
Summary User Impact Resolution Affected
Platforms
SCCP protocol functionality is not Voice call clarity is poor if both data Prioritization of data packets is All 6.0
working when you have data and and voice data are going through the based on layer 4 port of data supported
voice going through the same link same link session. Updated protocol to platforms
identify layer 4 port based on
SCCP based phone models.

H323 protocol functionality is not Voice call clarity is poor if both data Update code to install hardware All 6.0
working when you have data and and voice data are going through the rules properly supported
voice going through the same link same link platforms

Switch reports PSU/FAN failure Switch reports PSU/FAN failure Raise an error only if four N40xx
because of under-Voltage Input because of under-Voltage Input consecutive read cycles indicate series only
power power that there is an under voltage
input power.
Ping to VRRP master IP would fail Ping to VRRP master IP fails. When it transitions to VRRP All 6.0
when there is an unresolved data Master, the Virtual IP and Virtual supported
traffic flooding the CPU MAC addresses need to be added platforms
as a local host entry to the
hardware. These results in
prioritizing the packets coming to
CPU destined to VRIP.
Incorrect statistics displayed under "No of email Failures so far" in Added a check to communicate All 6.0
"show logging email statistics" command "show logging email with the logging email server only supported
command statistics" is incrementing even if if we have any log messages to be platforms
there are no failures. sent.

The following fields in the output User thinks that the packets are Rename the fields so that it All 6.0
of "show interface counters getting dropped at the egress reflects the counter values against supported
<interface-id>" are misleading interface correct fields there by enhancing platforms
when you have MTU set to non- user experience.
default value.
a) Received Oversize Packets
b) Transmitted Oversize Packets

Some special Characters are not Only alphanumeric characters can be Enhanced validation to accept all All 6.0
allowed for TACACS key while used for TACACS keys while printable characters from web supported
adding a TACACS server in WEB. adding a TACACS server from web interface. platforms
interface.

Error message is displayed, when Failed to configure SNMP Delete SNMP community related All 6.0
configuring SNMP community community through web using entries and target tags so that supported
through web using chrome browser chrome browser, if addition of additional of SNMP community platforms
SNMP community is followed by goes through.
deletion of SNMP community

System Firmware Version 6.2.6.6 Page 21

 RP Group Mapping Summary: 1. "RP Group Mapping Summary: Updated web object handlers to All 6.0
Detail is not getting updated in Detail" page doesn't display the display the missing fields. supported
webpage under both ip and ipv6 current configuration. platforms
pim. 2. "Expiry Time" and "Next CRP
Advertisement" fields are not
displayed for non BSR entries.

Switch is seeing 2 query messages No functional impact, but switch Updated switch settings so that All 6.0
even though partner has sent only sees two messages for every one only one copy is sent to CPU of supported
one. This happens only if the message sent from partner, if the the stack master platforms
receiving interface is on the stack receiving port is on the stack
member member

When maximum neighbor capacity Unexpected routing behavior when Add validation such that no new All 6.0
is reached, it's picking up the old maximum neighbor capacity is neighbors are entertained if the supported
entry randomly and replacing it. reached. router maximum neighbor platforms
capacity is reached.

IPMapForwardingTask and Random crashes are occurring in the Resolved VRRP semaphore All 6.0
Interrupt Thread crashing switch IPMapForwardingTask deadlock. supported
platforms

VRRP causing switch crash and Same issue as: Resolved VRRP semaphore All 6.0
loss of management IPMapForwardingTask and Interrupt deadlock. supported
Thread crashing switch platforms

Stack member unit crash with task Random crashes are occurring in the Corrected failover issue with All 6.0
"hapiMcAsyncTask" "hapiMcAsyncTask" multicast routes supported
platforms

stack member reboots with task Random crashes are occurring in the Corrected problem when all RPC All 6.0
bcmRPC bcmRPC task. buffers are exhausted. supported
platforms

GUI showing medium temp, while GUI showing medium temp, while Corrected temperature value issue All 6.0
the CLI was showing good temp the CLI was showing good temp when displaying temperature in supported
the GUI. platforms

22 System Firmware Version 6.2.6.6

Dell Networking N1500/N2000/N3000/N400 Series Switches Release Notes

CLI Reference Guide Update

Release 6.2.6.6
radius-server attribute 31
Use this command to alter the format of the MAC address sent to the RADIUS server when
authenticating using 802.1X MAC based authentication. Use the no form of the command to
return the MAC address format to the default.

Syntax

radius-server attribute 31 mac format { ietf | unformatted | legacy } [lower-case | upper-

case]
no radius-server attribute 31 mac format

Parameter Description

Ietf – format the MAC address as aa-aa-bb-bb-cc-cc. The default is upper case.
Unformatted – format the MAC address as aaaabbbbcccc. The default is lower case.
Legacy – format the MAC address as aa:aa:bb:bb:cc:cc. The default is lower case.
Lower-case: format hexadecimal characters using the character set [0-9a-f].
Upper-case: format hexadecimal characters using the character set [0-9A-F].

Default Configuration
By default, the switch sends the Calling-Station-Id MAC address in lower case legacy format.

Command Mode
Global Configuration mode

Usage Guidelines
Use this command to override the format of MAC addresses sent in the Calling-Station-Id
(attribute 31) and the User-Name (attribute 1) for authentication requests for ports configured for
MAC based 802.1x authentication (MAB).

This command is only valid for 802.1X authentication.

This command does not override interface configuration for attribute 31 or attribute 1.

Examples
This example globally configures the format of the MAC address sent in the Calling-Station-Id
attribute and the User-Name atribute when using MAC based authentication to IETF lower case.
It also configures interface Gi1/0/1 to use MAB. MAB must be configured on the switch in an
active authentication list, IEEE 802.1X must be configured, and a RADIUS server must also be
configured.

console(config)#radius-server attribute 31 mac format ietf lower-case

console(config)#interface gi1/0/1
console(config-if-Gi1/0/1)#dot1x port-control mac-based

System Firmware Version 6.2.6.6 Page 23

 Ip http timeout-policy

Description
This command configures the timeout policy for closing HTTP and HTTPS sessions to the local
HTTP server.

Conversion and Compatibility

Compatibility Statement
Cisco-like. Cisco has additional parameters

Conversion Notes
Implement the syntax as shown. Keep the following commands in the deprecated command tree
for backwards compatibility:
ip http session hard-timeout
ip http session soft-timeout
ip http secure-session hard-timeout
ip http secure-session soft-timeout

During conversion, use the values from ip http session to configure the timers.
The mapping from the syntax below is:
soft-timeout -> idle
hard-timeout -> life
The parameters to the command below configure both HTTP and HTTPS sessions.

Syntax

ip http timeout-policy idle <seconds> life <seconds>

no ip http timeout-policy

Parameter Description

seconds – for the idle parameter, the approximate number of seconds after which an idle
connection is closed. For the life parameter, the approximate number of seconds since login after
which a session is closed.

Default Configuration

Idle: 180 seconds. Range: 1-3600

Life: 1800 seconds. Range: 1-86400

Command Mode

Global Configuration mode

Usage Guidelines

24 System Firmware Version 6.2.6.6

Dell Networking N1500/N2000/N3000/N400 Series Switches Release Notes

This command configures the timeout for both HTTP and HTTPS sessions. Changes to the
parameters affect existing sessions. Reducing the time parameters may close existing sessions.

The idle timeout closes sessions in which no activity is detected during the configured time, e.g.
no commands are entered. Entering a command resets the timer. The life timeout specifies the
maximum number of seconds a session will be kept open from the time the session was
established. Times are approximate.

Use this command to establish an access policy which maximizes throughput or minimizes
response time for new connections. For minimal response time for new connections, use smaller
values. For maximizing throughput, e.g. with dedicated management connections, use larger
values.

Examples

This example configures the HTTP server for maximum throughput.

console(config)#ip http timeout-policy idle 3600 life 86400

Release 6.2.5.3
 The following commands require a 256 character length encrypted key. It is not always possible to generate a
256 character length key. Use the corresponding unencrypted key command to enter a pass phrase.
 radius-server key encrypted
 key encrypted (RADIUS server command mode)
 tacacs-server key encrypted
 key encrypted (TACACS server command mode)

Release 6.2.1.6
 The following commands were added to support Sticky-MAC Port-Security feature:

Use this command to enable or configure port security (MAC locking) per interface.
Use the no form of the command to disable port security (MAC locking)

switchport port-security [mac-address { sticky | [ sticky ] mac-address vlan {vlan-id }}] |

dynamic value | maximum value ]

no switchport port-security [mac-address { sticky | [sticky] mac-address vlan {vlan-id }}] |

dynamic | maximum ]

mac-address – a static MAC address to be configured on the interface and VLAN.

vlan-id – the VLAN identifier on which to configure the MAC address
sticky – configure a sticky MAC address on the interface. If not given, a statically locked MAC
address is configured on the interface.
dynamic – configure the maximum number of dynamic MAC addresses that be be learned on the
interface.
maximum – configure the maximum number of static MAC addreses that may be configured on
the interface.

 The "show spanning-tree" command is not applicable for PVST/RPVST modes. There are other commands to
display PVST/RPVST mode such as:
console# show spanning-tree vlan <<10>> - configured VLAN of PV(R)ST.

System Firmware Version 6.2.6.6 Page 25

 console# show spanning-tree active - support for PV(R)ST on all VLANS if pvstp is configured.

 The following commands were added to address an HTTP web timeout issue:

ip http secure-session hard-timeout <minutes>

set the hard time out value which begins at the last page access value

Parameter: minutes – minutes since last page access value

ip http secure-session soft-timeout <minutes>

set the soft time out value which begins at the last page activity value

Parameter: minutes – minutes since last page activity value

Release 6.2.0.5
 UDP, TCP and RAW Ports reserved by the switch and unavailable for use or configuration are:
Ports 1, 17, 58, 255, 546, 547, 2222, 4567, 6343, 49160

 DHCP Snooping DDBB not populated when feature enabled on one VLAN

The DHCP snooping table will not be updated unless it is enabled on both the VLANs in customer topology.
The reason being, the DHCP snooping task will only snoop packets received on an interface but not the packets
transmitted out of the interface.

When the snooping is enabled on only VLAN 2, it will only snoop DHCP_DISCOVER, DHCP_REQUEST
packets, as these are the only packets received on the interface in VLAN 2 from the client connected to that
port. So the snooping task will never know if a DHCP address was leased to the client and hence the table will
never get updated.

On the contrary, when it is enabled on VLAN 1 as well, the DHCP snooping task will be able to snoop both
OFFER and ACK packets from the server, and hence when ACK packet is received it will update the snooping
table appropriately with the binding entry.

Hence the reason why customer can notice the binding entry only when it is enabled on both the VLANs

 Shows vrf maximum routes to be 4294967295 on page 1705. Should say 8160.

Release 6.1.2.4
 Message “TRAPMGR[122383956]: traputil.c(740) 506162 %% PoE: Gi1/0/24 power down (Overload
Condition)" is an information message and does not indicate an error on the switch.

 Message “<189> Sep 4 15:02:51 192.168.11.84-1 TRAPMGR[112324196]: traputil.c(740) 434847 %% PoE:

Gi1/0/2 power down (Main Power Signature Absent)” is an information message and does not indicate an
error on the switch.

Release 6.1.1.7

 No Updates

26 System Firmware Version 6.2.6.6

Dell Networking N1500/N2000/N3000/N400 Series Switches Release Notes

Release 6.1.0.1
 The example under MVR immediate command on page 580 configures MVR mode dynamic which is not
available in interface config mode. This is available only in global config mode.
 The “spanning-tree mode” global command supports “no” form but the command is “no spanning-tree” and not
“no spanning-tree mode” as mentioned on page 753.
 On page 765 for “spanning-tree vlan” command, the range is mentioned as 1-4094 it should read as 1-4093 for
accuracy.
 On page 764 for “spanning-tree uplinkfast” command, the range for max-update-rate is mentioned is as 0-3200.
It should read as 0-32000
 The supported TLVs for LLDP MED are only capabilities, network policy. Ignore the other TLVs listed under
command lldp med transmit-tlv on page 556
 On page 1525 “802.1AF” should be “802.3AF”.
 On page 1635 crypto is misspelt as cryptho for command crypto key generate dsa
 The “storm-control broadcast” and “storm-control multicast” commands have a new parameter “action” added.

Interface mode and Interface range mode commands:

Storm-control broadcast {level <level> | rate <rate>} action {shutdown | trap}
Storm-control multicast {level <level> | rate <rate>} action {shutdown | trap}

shutdown – On storm control, the affected interface shall be diag-disabled along with sending of a
trap. If the interface is diag-disabled, user needs to explicitly use “no shutdown” command to
bring back the link.

trap – On storm control, a log message and a trap when the configured threshold is exceeded.
Traffic exceeding the threshold is dropped.

The following example configures any port to shut down if the received multicast traffic rate exceeds 20%
of link bandwidth:

console(config)#interface range gi1/0/1-24

console(config-if)#storm-control multicast level 20
console(config-if)#storm-control multicast action shutdown
console(config-if)#exit

Privileged mode commands:

Show storm-control action {all | <interface-id>}

Example:
console(config)#show storm-control action all
Bcast Mcast
Port Action Action
--------- ---------- ----------
Gi1/0/1 Shutdown
Gi1/0/2
Gi1/0/3

System Firmware Version 6.2.6.6 Page 27

 The following new commands are implemented dlvan tunneling and some of these commands deprecate old
commands.

switchport mode dot1q-tunnel

Description
This is a changed command from the deprecated mode dvlan-tunnel.

Use the switchport mode dot1q-tunnel to enable QinQ tunneling on customer edge (CE) interfaces. Use the
no form of the command to return the interface to the default switchport mode (access).

Syntax
switchport mode dot1q-tunnel
no switchport mode dot1q-tunnel

Parameter Description
N/A

Default Configuration
By default QinQ processing of frames is disabled.

Command Mode

Interface mode (physical and port channel), Interface range mode (physical and port channel)

Usage Guidelines

This command configures a customer edge (CE) port for QinQ tunneling. The dot1q-tunnel mode is an
overlay on switchport access mode. In particular, configuring the access mode PVID sets the outer dot1q-
tunnel VLAN ID. Changing the switchport mode to access, general, or trunk, effectively disables tunneling
on the interface.

Customer edge ports can be physical ports or port channels. Untagged frames received on the CE interface
will be processed as if they belong to the PVID and will be transmitted out the SP interface with a single
VLAN tag. Tagged frames received on the CE interface will be transmitted out the service provider (SP)
interface with an outer tag containing the native VLAN ID and the inner tag as received on the CE
interface.

CE interfaces MUST be configured in dot1q-tunnel mode with the PVID configured with the outer tag
(native) VLAN ID for the associated service provider (SP) interface. Configure the outer VLAN ID using
the switchport mode access vlan command. All MAC address learning and forwarding occurs on the outer
VLAN tag. The VLAN ID must be common to both the SP port and the CE ports.

The service provider interface MUST be configured for egress tagging (trunk or general mode) with a
native VLAN identical to the PVID of the associated CE ports. SP interfaces SHOULD be configured with
a single VLAN ID. A trunk mode port will accept untagged packets on the native VLAN and be a member
of any newly created VLANs by default. In general mode, it is possible to directly configure the port to
only accept tagged packets with a single VLAN ID.

28 System Firmware Version 6.2.6.6

Dell Networking N1500/N2000/N3000/N400 Series Switches Release Notes

It is not possible to configure an inner VLAN TPID value. The inner VLAN TPID value is always 802.1Q
(0x8100).

Multiple groups of associated CE and SP ports can be defined by configuring the groups with unique
VLAN IDs where the VLANs are associated with the outer SP VLAN tag.

The port mirroring logic stage occurs after the tag processing stage on ingress and before the tag processing
stage on egress. When mirroring packets associated with SP or CE ports, the outer VLAN tag may or may
not appear in the frame. Due to the internal processing, of QinQ tagging, the TPID of ingress frames
mirrored from the SP port will always be 0x8100. In addition, packets forwarded internally across a
stacking link may have different tags applied than packets forwarded on a local egress port. This is due to
the processing required for forwarding across a stack.

Examples
This example configures ports Gi1/0/10 through Gi1/0/24 as CE ports using VLAN 10 as the service
provider VLAN ID. See the example for the switchport dot1q ethertype command to configure an
associated SP port.

console(config)#vlan 10
console(config-vlan10)#exit
console(config)#interface range gi1/0/10-24
console(config-if)#switchport access vlan 10
console(config-if)#switchport mode dot1q-tunnel
console(config-if)#exit

switchport dot1q ethertype

Description

This is a changed command from the prior dvlan-tunnel ethertype.

Use the switchport dot1q ethertype to define additional QinQ tunneling TPIDs for matching in the outer
VLAN tag of received frames. Use the no form of the command to remove the configured TPIDs.

Syntax

switchport dot1q ethertype { vman | custom 0-65535 }

no switchport dot1q ethertype { vman | custom 0-65535 }

Parameter Description
Vman – define the Ethertype as 0x88A8
Custom – define the Ethertype as a 16 bit user defined value

Default Configuration

802.1Q is the default Ethertype for both inner and outer VLAN TPIDs. The 802.1Q TPID cannot be
removed from the configuration.

By default QinQ processing of frames is disabled.

System Firmware Version 6.2.6.6 Page 29

 Command Mode

Global Configuration mode.

Usage Guidelines

This command globally defines additional TPIDs for matching of ingress tunnel packet. Ingress packets
matching the tunnel VLAN ID and any of the TPIDs in the outer VLAN tag are accepted into the tunnel.
A TPID must be configured globally before it can be applied to an interface. Up to 3 additional TPIDs can
be configured in addition to the default TPID of 0x8100.

Use the no form of the command to remove an additional TPID. Doing so removes the TPID from all
interfaces. If the removed TPID is the primary TPID for an interface, the interface is configured to use the
default primary TPID 0x8100.

Packets are always transmitted by the system using the primary TPID value in the outer VLAN tag.

It is not possible to configure an inner VLAN TPID value. The inner VLAN TPID value is always 802.1Q
(0x8100).

Use the switchport dot1q ethertype interface configuration mode command to apply a configured TPID
value to an interface.
Examples

This example defines the VMAN (0x88A8) TPID for use on a service provider (SP) port and configures a
service provider port (Te1/0/1) in general mode after creating the common SP/CE VLAN. The port is
configured in general mode and to only allow tagged packets using the outer VLAN ID 10 to ingress the
tunnel. Packets not matching the VLAN or TPID are treated as untagged. Then the port is configured to
accept the VMAN TPID in the outer VLAN on ingress and further configured to tag packets with the
VMAN TPID and VLAN ID 10 in the outer VLAN tag on egress.

This example configures an SP port using general mode.

console(config)#switchport dot1q ethertype vman

console(config)#vlan 10
console(config-vlan10)#exit
console(config)#interface te1/0/1
console(config-if-Te1/0/1)#switchport mode general
console(config-if-Te1/0/1)#switchport general allowed vlan add 10 tagged
console(config-if-Te1/0/1)#switchport dot1q ethertype vman primary-tpid

This example configures an SP port using trunk mode.

console(config)#switchport dot1q ethertype vman

console(config)#vlan 10
console(config-vlan10)#exit
console(config)#interface te1/0/1
console(config-if-Te1/0/1)#switchport mode trunk
console(config-if-Te1/0/1)#switchport trunk allowed vlan 10
console(config-if-Te1/0/1)#switchport dot1q ethertype vman primary-tpid

30 System Firmware Version 6.2.6.6

Dell Networking N1500/N2000/N3000/N400 Series Switches Release Notes

switchport dot1q ethertype

Description
This is a changed command from the prior dvlan-tunnel ethertype.

Use the switchport dot1q ethertype command to apply QinQ tunneling TPIDs to a service provider
interface. Use the no form of the command to remove the configured TPIDs.

Syntax

switchport dot1q ethertype { 802.1Q | vman | custom 0-65535 } [primary-tpid]

no switchport dot1q ethertype { 802.1Q | vman | custom 0-65535 } [primary-tpid]

Parameter Description
802.1Q – allow ingress frames with Ethertype 0x8100
vman – allow ingress frames with Ethertype 0x88A8
custom – allow ingress frames with an 16 bit user defined Ethertype
primary-tpid – set the outer VLAN tag TPID to be used on an SP port for transmitted frames. Also allows
ingress of frames with the configured Ethertype.

Default Configuration

802.1Q is the default Ethertype for both inner and outer VLAN TPIDs.
By default QinQ processing of frames is disabled.

Command Mode

Interface configuration mode (physical and port channel), Interface range mode (physical and port channel)

Usage Guidelines

This command applies a previously defined TPID to an interface. The TPID must be configured using the
global configuration mode command before it can be applied to an interface. Up to 3 additional TPIDs for
use in the outer VLAN tag may be configured.

The outer VLAN tag in tagged packets received on the interface is compared against the configured list of
TPIDs. Frames that do not match any of the configured TPIDs are discarded. Frames transmitted on the
interface are always transmitted with the primary TPID in the outer VLAN tag.

Use the no form of the command to remove the TPID from an interface.

Defining a new primary TPID command overwrites the existing primary TPID for an interface.

The no form of the command with the optional primary TPID specified sets the primary TPID value to
802.1q (0x8100).

If the TPID value was not configured as a primary TPID and the no form the command includes the
optional primary-tpid argument, the command will fail.

System Firmware Version 6.2.6.6 Page 31

 If the TPID value was configured as the primary TPID, and the no form of the command does not include
the optional primary-tpid argument, the command will fail.

If a TPID value is configured as the primary TPID, and it is added again without the primary-tpid optional
argument, the TPID will be treated as the primary TPID (the primary TPID includes the behavior of
secondary TPIDs).

It is not possible to configure an inner VLAN TPID value. The inner VLAN TPID value is always 802.1Q
(0x8100).

Examples
This example defines the VMAN (0x88A8) TPID for use on a service provider port and configures a
service provider port (Te1/0/1) in general mode. The general mode port is configured to only allow tagged
packets on ingress using VLAN ID 10. Then, in the last command, the port is configured to accept the
VMAN TPID in the outer VLAN on ingress and further configured to tag packets with the VMAN TPID in
the outer VLAN tag on egress.

console(config)#switchport dot1q ethertype vman

console(config)#vlan 10
console(config-vlan10)#exit
console(config)#interface te1/0/1
console(config-if-Te1/0/1)#switchport mode general
console(config-if-Te1/0/1)#switchport general allowed vlan add 10 tagged
console(config-if-Te1/0/1)#switchport dot1q ethertype vman primary-tpid

show switchport ethertype

Description

This is a new command.

Use the show switchport ethertype to display the configure Ethertype for each interface.

Syntax

show switchport ethertype [ interface intf-id | all ]

Parameter Description
intf-id – a valid physical interface or port-channel
all – all interfaces

Default Configuration
N/A

Command Mode

Privileged exec mode, all show modes

32 System Firmware Version 6.2.6.6

Dell Networking N1500/N2000/N3000/N400 Series Switches Release Notes

Usage Guidelines

Up to 4 unique TPIDs can be configured.

It is not possible to configure an inner VLAN TPID value other than 0x8100.

Examples

This example defines the VMAN (0x88A8) TPID for use on a service provider port and configures a
service provider port (Te1/0/1) in general mode. The general mode port is configured to only allow tagged
packets on ingress using the outer VLAN ID 10. Then the port is configured to accept VMAN TPID in the
outer VLAN on ingress and further configured to tag packets with the VMAN TPID on egress.

console(config)#show switchport ethertype

Default TPID................................... 802.1Q

Configured TPIDs .............................. vMAN Custom (1010)

console(config)#show switchport ethertype interface gi1/0/1

Interface EtherType Secondary TPIDs

--------- --------- ---------------
Gi1/0/1 802.1Q

console(config-vlan10)#show switchport ethertype interface all

console(config)#show switchport ethertype interface gi1/0/1

Interface EtherType Secondary TPIDs

--------- --------- ---------------
Gi1/0/1 802.1Q
Gi1/0/2 802.1Q VMAN
Gi1/0/3 802.1Q
Gi1/0/4 802.1Q
Gi1/0/5 802.1Q

show dot1q-tunnel
Description

This is a new command.

Use the show dot1q-tunnel command to display the QinQ status for each interface.

Syntax

show dot1q-tunnel [ interface intf-id ]

System Firmware Version 6.2.6.6 Page 33

 Parameter Description
Intf-id – a valid physical interface or port-channel

Default Configuration

If no interfaces are specified, information is shown for all interfaces.

Command Mode

Privileged exec mode, all show modes

Usage Guidelines

Up to 4 unique TPIDs can be configured.

It is not possible to configure an inner TPID value other than 0x8100.

Examples

console(config)#show dot1q-tunnel interface all

Interface Mode EtherType

--------- ------- --------------
Gi1/0/1 Disable 802.1Q
Gi1/0/2 Disable 802.1Q
Gi1/0/3 Disable 802.1Q
Gi1/0/4 Disable 802.1Q
Gi1/0/5 Disable 802.1Q
Gi1/0/6 Disable 802.1Q

show interfaces switchport

Description
This is an existing command.
Use the show interfaces switchport command to display the complete switchport VLAN configuration for
all possible switch mode configurations: access, dot1q-tunnel, general, trunk, and (private VLAN) host or
(private VLAN) promiscuous.

Syntax
No changes

Parameter Description
Intf-id – a valid physical interface or port-channel

Default Configuration
If no interface parameter is given, all interfaces are shown.

Command Mode
No changes

34 System Firmware Version 6.2.6.6

Dell Networking N1500/N2000/N3000/N400 Series Switches Release Notes

Release 6.0.1.3

 The CLI allows the user to enter Ethernet mode commands in interface stack configuration mode. These
commands do not have any effect on the stacking port.

 The show ip route configured command on page 1149 of CLI Reference mentions show ip route configured
commands as deprecated but the command is retained to view the inactive configured routes

 The following note has to be added to the show power inline command on page 1536 for additional clarity.
Get Power Supply Parameters API from the PoE controller returns the “Total Power Consumed” value in
Watts. For this reason, Total Power Consumption value displayed in the CLI might not exactly match the sum of
power in milliwatts consumed by various Power Devices.

The example command to display the power inline details for the single port also need to be corrected as below:
console#show power inline gigabitethernet 1/0/1 detailed
Port Powered Device State Priority Status Class Power[mW]
--------- ------------------------ ----- -------- ---------- ------- ---------
Gi1/0/1 auto Low Searching Unknown
Limit Power High Power
Port Type Limit Mode
--------- -------- -------- -----------
Gi1/0/1 User 32000 Enabled
Overload Counter............................... 0
Short Counter ................................. 0
Denied Counter................................. 0
Absent Counter................................. 0
Invalid Signature Counter...................... 131
Output Volts................................... 0
Output Current................................. 0
Temperature.................................... 39

Release 6.0.0.8
 There is a new CLI Reference Guide for 6.0.0.8.
 The example for the mvr immediate command on page 580 of the CLI Reference contains an incorrect
example. The correct example is:
console(config)#interface Gi1/0/1
console(config-if-Gi1/0/1)#switchport access vlan 10
console(config-if-Gi1/0/1)#mvr
console(config-if-Gi1/0/1)#mvr type receiver
console(config-if-Gi1/0/1)#mvr immediate
console(config-if-Gi1/0/1)#exit
console(config)#mvr mode dynamic

System Firmware Version 6.2.6.6 Page 35

User’s Configuration Guide Updates
The following table lists issues found in the User’s Configuration Guide after publication:

Release 6.2.0.5
 There is contradictory information on the requirement to reboot the switch after the insertion of an new module
in expansion module slots:

"Hot-swap is supported on the N3000/N4000 switch modules. However, the switch must be rebooted for the
new module to be recognized after it is inserted.”

"Each plug-in module has two ports. The plug-in modules include hot-swap support, so you do not need to
reboot the switch after you install a new module."
Answer: The switch does not need to be rebooted unless a module has never been in the expansion module slot
or the module type has changed.

Release 6.1.2.4
 RADIUS server can provide VLAN assignments to hosts that connect to the switch. The VLANs are not
configured on the switch. Instead, the switch is configured to allow the dynamic creation of VLANs when a
RADIUS-assigned VLAN does not already exist on the switch. VLANs that are identified on the RADIUS
server as dynamic VLANs should not be configured on the switch. Creating and Configuring VLANs that
conflict with the range of VLANs that the RADIUS server may use it not recommended.
Section “Allowing Dynamic VLAN Creation of RADIUS-Assigned VLANs” in the User’s Configuration Guide
describes and provides examples of dynamic VLAN configurations.
Once a dynamic VLAN has been created by the RADUIS server the VLAN can be used and configured as any other
manually configured VLAN.

Release 6.1.1.7
 No Updates

Release 6.1.0.1
 No Updates

Release 6.0.1.3
 No Updates

Release 6.0.0.8
 There is an Updated User’s Configuration Guide for 6.0.0.8. The following corrections are applicable:
 On page. 62 (Hot Add/Delete and Firmware Synchronization), add the following sentence:

36 System Firmware Version 6.2.6.6

Dell Networking N1500/N2000/N3000/N400 Series Switches Release Notes

“Units to be added to the stack must be powered off prior to cabling into the stack in order to avoid election of a
new master unit and a possible downgrade of the stack.”
 On page.62 (Hot Add/Delete and Firmware Synchronization), add the following note:

“Note: ALWAYS POWER OFF a unit to be added to a stack prior to cabling it into the stack. Newly added
units must be powered on one at a time beginning with the unit directly connected to an already powered on
stack member.”
 On page. 392 (Configuration File), add the following sentence after the phrase “should exist on the USB
device:”
“It must have a .text file name extension. No other file name extension is allowed.”
 On page. 403 (Enabling USB Auto Configuration and Auto Image Download), replace the sentence:

“Otherwise, the switch can obtain an IP address from a DHCP server on the network.”

with the following sentence:

“An IP address and netmask are mandatory elements of each configuration line in the configuration file.”
 On page. 404 (Enabling USB Auto Configuration and Auto Image Download), delete the Note and replace the
switch MAC addresses in Step 4 with suitable IP addresses and netmasks.
 On page. 544 (What Does Captive Portal Do), add the following sentences to the last paragraph:
“In order to support redirection of user entered URLs from a web browser, a DNS server must be configured in
the network. If routing is enabled on the switch, IP helper must be configured and enabled to allow hosts to
obtain an IP address via DHCP.
The only type of wired interface where Captive Portal can be enabled is a physical port. Captive Portal is not
supported on multi-access VLANs or on LAGs.
A physical port’s VLAN membership does not affect Captive Portal. A physical port enabled for captive portal
can be a member of any VLAN or multiple VLANs. The VLAN may be a switching or routing VLAN.
A port enabled for Captive Portal may be directly connected to a single client (e.g., an access switch), or the
port may serve many clients (e.g., a port on an aggregation switch).
Port security and captive portal cannot both be enabled on an interface.
If a physical port configured with captive portal is made a member of a LAG, captive portal is disabled on the
port.
Dell Networking does not support configuring spanning tree on a Captive Portal port. BPDUs received on a port
enabled for captive portal will not receive their normal prioritization.
Captive portal can co-exist on an interface with DHCP snooping and Dynamic ARP Inspection (DAI).
Captive Portal is supported in IPv4 networks only. “
 On page. 652 (Voice VLAN), add the following note:

System Firmware Version 6.2.6.6 Page 37

 “Note: Voice VLAN must be configured on general mode ports. It is not supported on access mode or trunk
mode ports.”
 On page. 691 (Configuring MAC-Based VLANs), insert the following sentence after the phrase “associate a
MAC address with it.”
“However, the associated VLAN must be configured on a port in order for the system to map packets matching
the MAC address to the associated VLAN and to learn the associated MAC address on the associated VLAN so
that packets addressed to the associated MAC address are forwarded properly. VLAN associations operate on
untagged packets on access and trunk ports. Tagged traffic is associated with the VLAN identified in the VLAN
tag.”
 On page. 692 (Configuring IP-Based VLANs), insert the following sentence after the phrase “associate an IP
subnet with it.”
“However, the subnet VLAN must be configured on a port in order for the system to map packets matching the
IP address to the subnet VLAN and to learn the associated MAC address on the subnet VLAN so that packets
addressed to the associated IP address are forwarded properly. It is not necessary to assign IP addresses to
VLANs in order to utilize subnet associations. Untagged packets are switched into the subnet VLAN using the
defined subnet address and from the IP subnet VLAN using the learned MAC addresses. VLAN associations
operate on untagged packets on access and trunk ports. Tagged traffic is associated with the VLAN identified in
the VLAN tag.”

38 System Firmware Version 6.2.6.6

Dell Networking N1500/N2000/N3000/N400 Series Switches Release Notes

Known Issues
The following are all the outstanding known issues from the current and previous releases. The issues listed here may have been
discovered on any of the switches listed on the title page.

Release 6.2.6.6
Description/Summary User Impact Workaround
Very slow response to 'show' CLIs when Sometimes CPU processing will be None
SFP/QSFPs are present delayed while show command is being
gathered.
Storm-control doesn't work without action Receive Packets Discarded does not Use action command like:
command increment when storm control rate is console(config-if-
set for multicast,broadcast and
Te1/0/1)#storm-control multicast
unicast.
action trap
or
console(config-if-
Te1/0/1)#storm-control multicast
action shutdown
"show supported switchtype" lists both N2000 N2000 and N3000 switches are not Don’t stack N2000 switches with
as supported switch stackable together. The Configuration N3000 switches.
Guide clearly states this, however the
"show supported switchtype" lists all
N2K & N3K as supported in both type
of switches, which is misleading.

stack reboots continuously with port-channel The “auto-portfast” option in the Don’t use the “auto-portfast”
in general mode spanning tree mode corrupted option.
memory.
HTTPS cert and key are not synched to stack Failover to the standby unit can cause None.
members certificates and keys to be requested
again causing delay in stack
mastership
DHCP relay and clients takes long time to get Occationally a delay is experienced None
IP address when clients request an IP address
through a DHCP relay.
"show isdp neighbors" output is showing all "show isdp neighbors" command None
downstream switches as neighbors output shows downstream neighbor
switches as ISDP neighbors instead of
showing only the directly connected
neighbors.
Switch become unreachable after receiving a If a ICMP redirect packet with a None
ICMP redirect packet different sub-net IP address is
received, occationally the ARP request
is not sent.

Release 6.2.5.3
Description/Summary User Impact Workaround
N1524 packet drop when removing default No impact during addition of the default No workaround needed for this
route route but deletion of default route temporary condition
results in traffic loss for a brief period of
5msec
On Multiple failovers with max IPv6 routes Missing routes on the new master User need to wait until
configured we notice that the standby when it master/standby are synchronized
becomes master have few routes missing in the before initiating failing
route table command

System Firmware Version 6.2.6.6 Page 39

 With default configuration, when the packets This particular traffic pattern is Configure an ACL to drop the
ingress the switch with source MAC address broadcast. traffic
that matched DUT’s mac address, the packets
are not dropped
Bulwark stack doesn't display correct interface No functional impact. The stack runs None.
in the “show switch stack-path” command when without any functional issues.
N1548 switches are connected in a particular
topology (i.e Te1/0/3 & Te1/04 configured as
stack ports)
When user is trying to connect to the switch Subsequent attempt gets connection. No None
through SSH using Radius authentication fails impact
to connect for the 1st connection

Release 6.2.1.6
Description/Summary User Impact Workaround
N2000 SSH Radius authentication When attempt login to the switch via SSH with radius SSH radius
fails on first attempt credentials, the first attempt always fails, access denied. authentication works
for the second attempt.
Switchport is not removed from Unauth-VLAN does not get removed once dot1x None.
unauth VLAN even after passing authentication is successful and assigned into the correct
dot1x authentication VLAN. So all Broadcast from unauth-VLAN is still visible
on a port where only one successfully authenticated client is
attached.

Release 6.2.0.5
Description/Summary User Impact Workaround
Dell 6.1.x firmware has issues If this configuration is present on the switches running Dell Configure this again after
with displaying the running- 6.1.x firmware, the configuration is corrupted. the upgrade.
config for the below command
“area 0.0.0.2 virtual-link 25.0.0.1
authentication message-digest”
It displays as below instead
“area 0.0.0.2 virtual-link 25.0.0.1
authentication message-digest
message-digest-key 0 md5”
For this reason, command
migration fails when upgraded to
Dell 6.2.
N2000 fail to TFTP config file When TFTP server is not on directly connected subnet, Put TFTP server on same
on in-band ports during Auto- download of configuration file may fail when using Auto- subnet or use out-of-band
Install Install. port (N3000.N4000) or
use USB Auto-Install
N2000 keeps requesting DHCP During DHCP auto-install, the switch receives the IP to Auto-Install with static IP
even after IP is configured VLAN 1 from the DHCP server and downloads the in configuration file
during DHCP auto-install configuration file. The configuration is loaded and contains a requires save of the
static IP address for VLAN 1. This static IP is different from configuration file and a
the one received by DHCP. Once an interface is configured reload the switch.
with a fixed IP it should stop requesting DHCP. However,
interface VLAN 1 keeps requesting DHCP. IP conflict
messages are displayed.
DHCP Server Pool gives When entering an IPv4 address range that is already Do not overlap address
misleading error message on associated with an existing DHCP pool -- the error message ranges.
conflicting pool address space indicates that the IPv4 address is invalid -- not that the IPv4
address range is already in use in another DHCP pool.

40 System Firmware Version 6.2.6.6

Dell Networking N1500/N2000/N3000/N400 Series Switches Release Notes

Incorrect format given in When a user enters an invalid IP address for the DHCP None.
information prompt for setting network command - the information prompt responds with,
the DHCP network for DHCP "Invalid IP address. IP address should be in a.b.c.d format
where range for a, b, c, and d is 1-255.". Range should be “1-
223”
IO Aggregator negotiates to In some instances, when an MIOA (IOA in M1000 chassis) is Manually set DCBX to
DCBx v1.0 (CIN) with N4000 connected to a N4000 switch, the pair negotiate to CIN IEEE.
switch instead of IEEE.
DHCP server debug info shows When “debug dhcp server packet” is enabled on DHCP, None.
interface that does not exist. interface references are confusing.

Release 6.1.2.4
Description/Summary User Impact Workaround
IP address range issue with DHCP When configuring static DHCP snooping entries, if IP address None.
Snooping fourth octets were higher than 223 then it is not accepting and it
throws invalid parameter error.
Fixed in 6.2.0.5
release.
Inconsistent error message CLI produces: "Incorrect input! The leave time must be greater None
between Web GUI and CLI for than or equal to three times the join time."
GARP Join Timer Web GUI produces: "Error! Failed to set "GARP Joi". GARP
Leave Time must be greater than or equal to twice the GARP join Fixed in 6.2.0.5
timer." release.
Debug logs prints a wrong The command is used for creating username and password. First None
message. It says the "New user has the user name will be created and then the password will be
been added" when it is not created. This Log message appears immediately after successful
creation of the username. Then, after the password is validated, Fixed in 6.2.0.5
which may fail due to some validation problems, the new user will release.
be deleted.
gvrp registration-forbid is not The dynamically learned VLAN will not get flushed. None
working if there are two interfaces
between GVRP client and Server
Fixed in 6.2.0.5
release.
Temperature sensor read failure, Temperature sensor read failure, POE Controller X " log message None
POE Controller X " error message in only appears during reboot/reload process and will not appear
log. again once box is stable (reboot/reload has completed)
Fixed in 6.2.0.5
release.

Release 6.1.1.7
Description/Summary User Impact Workaround
CSP # 794992 - N4032 - USB port Occasionally, the USB drive does not mount. When the problem occurs, issue
not working after upgrade to 6.0/6.1 During switch boot up, the USB drive gets "unmount usb" CLI command, then
firmware mounted as a /dev/sda device, but if we plug plug-out and plug-in the USB drive. It
out and plug the USB drive back in, it will be will remount without any issue. Also,
detected on /dev/sdb, and firmware always tries ensure that the "unmount usb" CLI
to mount the USB device at /dev/sda. When a command is issued before removing
mismatch occurs the USB drive will never the USB drive.
mount.
CSP # 809714 - WebUI only Customer cannot configure port channel ID’s These can be configured through the
displays 64 port channels for VLAN greater than 64 through the WebUI. CLI till it’s fixed in the GUI.
membership, even though Port- Fixed in 6.1.2.4 release.
channel ID’s over 64 exists.

System Firmware Version 6.2.6.6 Page 41

Release 6.1.0.1
Description/Summary User Impact Workaround
N20xxP/N30xxP – Issues powering up POE When legacy and dot13af mode is Configure “power inline detection
devices on high switch port interfaces. enabled for power inline detection dot13af” globally to power up all dot13af
[ Fixed in FW version 6.1.0.6] and the first 12/24 ports are in compliant PDs on all ports. This
error/short status (Invalid workaround will not help legacy PDs.
Signature Counter incrementing), Will update PoE Firmware in the next
last 12/24 ports stay off. firmware release to address both legacy
and dot13af PDs.
Group specific query packets are transmitted Protocol behavior does not change. None.
on all the member ports, even when they are Traffic is not flooded but only the
not a part of the group query packets are unnecessarily
sent out.
Unwanted ECC Errors “CDC RX FIFO None. None.
entry 19 double-bit ECC error” noticed in
the console and syslog.
Unwanted MAC flap messages like Low. These messages are seen Disable LLDP and ISDP on the connected
%SW_MATM-4-MACFLAP_NOTIF: Host only on some variants of Cisco links.
001e.xxxx.xxxx may be noticed on Cisco switches.
console the Cisco switch interoperates with
Dell switches.
When MSTP instances are pre-configured MSTP instances are running and Do not configure MSTP instances when
with running spanning tree mode as RSTP, shall influence the port state for running spanning-tree in any mode other
MSTP instances are created and are active. the ports participating in the than MSTP.
instances.
CLI checks and restricts ports of different Will not be able to configure Fiber None.
speed/ auto-negotiation capabilities to be and Copper ports to same port-
added into same port-channel. channel even if same speed.

Release 6.0.1.3
Description/Summary User Impact Workaround
Some Traffic loss on Mcast setup at ir- Intermittently without any predefined interval there will None.
regular interval for two group ranges in a be some drop in packets before the traffic restores on few
total of 470 groups. groups.
When 10G ports on stack running Flow control doesn’t work but this only applies on 10G Turning off PFC
N4000/8100 switches are running at 1G ports running at 1G and turning it on
speed PFC may not be operational after may help.
failover
DCPDP control packets are getting None. The system recovers from this failure. When there Use routing
dropped, when OOB port has lot of traffic are a lot of packets to be processed on the OOB port the interfaces instead of
DCPDP control packets are getting dropped. OOB
Configuration issues on the stack ports Stack ports are listed for some commands that do not None
apply to stack ports. The command however is rejected

Unable to learn the max FDB entries on The Secondary FDB application remains out of sync with Sequential address
secondary while sending the line rate the hardware storms should be
traffic with 1, 31,072 sources. avoided
On the web page, right click on the help Low: Very minimal impact. This is very corner case. Copy the address
page, copy the address and paste in a from address bar
different tab/browser may not take you to instead of right click
the intended page
Low: No functional impact except for unwanted entries Configure SNTP to
After failover DHCPv6 snooping device being displayed. synchronize time on
may display some unwanted entries when all units in stack.

42 System Firmware Version 6.2.6.6

Dell Networking N1500/N2000/N3000/N400 Series Switches Release Notes

the DHCP timer value is configured to a

non-default value. This is only observed
when the time all the units in the stack are
not synchronized.
An N3000 switch’s copper combo port Low: Only impacts copper combo port on N3000 Fail over master
will not link up if the switch is a member switches that are members (not master) of a stack. switch to standby
of a stack (not the master) and the switch is switch.
reloaded.

Release 6.0.0.8
Description/Summary User Impact Workaround
Occasional FAN failure messages are seen None – the system recovers from the None.
on the N4000 console. The typical rate of failure and fan operation is not affected.
errors detected is around 4-8 per 24 hours These messages can be safely ignored.
during normal operations. Examples:
<187> Jan 27 14:45:04 172.25.131.236-3
BOXSERV[1193277812]: boxs.c(841)
21345 %% FAN module 2 of unit 2 is now
in FAILURE STATE.
<188> Jan 27 22:40:55 172.25.131.236-1
BSP[841719292]: dps460kb.c(120) 21860
%% Failure writing PMBUS command to set
PSU-1 fan speed
QSFP Transceiver AFBR-79E4Z-D-FT1 does Port may hang and require reload of Dell recommends the use of the
not operate within required tolerances. switch to recover. Dell Qualified T9MJF QSFP
transceiver.
In multi-tier MLAG topology, primary Issue is seen only when 130k different Execute 'no feature vpc' followed
device MLAG is moved to discard state after MACs are learnt on a single MLAG by 'feature vpc' command.
executing "no feature vpc/feature vpc" interface at line rate which is not a
commands while traffic is running from practical scenario and the administrator
130K sources. executes 'no feature vpc'/'feature vpc'
during this process. This issue shows up
very rarely.
USB stick may not be detected on insertion USB device does not get mounted Execute 'unmount usb' command,
if an unmount was not performed inserting a then remove and re-insert the
new USB device. USB device.

“unmount usb” command unmounts the

device but any subsequent access
automatically remounts the device.
Temporary console hang is observed upon The temporary console hang is observed The system recovers in few
disabling the routing mode globally when when you disable and enable routing minutes on its own.
multicast data traffic is forwarding for 300 globally and lasts only a minute or 2, when
hosts at 10% line rate. the system is heavily loaded with a lot of
traffic.
OSPF neighborship state stuck at "Ex- OSPF neighbor relationship is not If PFC needs to be used along
Start/Backup" when PFC is enabled on the established if PFC is used on data with OSPF links on stack
switch and OSPF link is connected to a stack priorities 3-6 that share with other control members, use data priorities 0-2
member traffic. This shows up only if OSPF links for lossless traffic. Lossless
are connected to stack members. configuration for priorities like 3
to 6 which can be used for control
traffic will likely cause this
problem

System Firmware Version 6.2.6.6 Page 43

 In multi-tier MLAG topology, multiple peer- MLAG interfaces are not operational Execute 'no feature vpc' followed
link failovers causes MLAGs to go into wait by 'feature vpc' command.
state.

CPU utilization goes high temporarily when CPU utilization goes high for some time CPU utilization comes down
MVR is used with more than 1K VLAN's automatically even if there are
more than 1K VLAN's
configured on the switch. The
work around is to not use more
than 1K VLAN's when MVR is
enabled on the switch
Secondary MLAG switch doesn't show peer- Primary MLAG switch shows peer- Use “show vpc brief” on primary
member as output of "show vpc brief" members as part of "show vpc brief". switch only.
Secondary MLAG switch doesn't show
peer-members.as part of “show vpc brief”.

Port-Channel interface shows member port Status is mis-leading when shown on Use “show interfaces port-
as "inactive" on Secondary MLAG device Secondary MLAG switch.. channel x” on primary switch
only.

When known unicast traffic is sent with snmpIfInUcastPkts and Send packets with correct data
frame size set to random with minimum of snmpIfHCInUcastPkts shows counts for length values.
64 bytes and maximum of 1518 bytes, it is 64 bytes packets only.
observed that snmpIfInUcastPkts and
snmpIfHCInUcastPkts shows counts for 64
bytes packets only.
This is observed only when mismatch
between data length in the packet and actual
data received.
CPU interface is supported as source CPU interface is not supported as source None
interface for SPAN (Local port mirroring) interface for RSPAN
but not for RSPAN (Remote port mirroring)

DCPDP control packets are getting dropped, A log message will be seen saying peer is 1) Only peer detection would fail
while running SNMP walk on root node. not detected using DCPDP but traffic is during SNMP walk on the root
not affected. node. Peer detection will be
successful once the SNMP walk
operation is complete.
2) SNMP clients should throttle
their requests to no more than 20
per second.
Console stuck at unit prompt when clear Console stuck at unit prompt temporarily. Either wait for few minutes as the
config operation is performed on a system system recovers automatically or
that has maximum IGMP reports learned and stop traffic and issue “clear
lot of multicast traffic running. config” command.

In multi-tier MLAG topology, when 128K This issue shows up only if the sources are Enable and disable MLAG port
sources are sent at line rate, south bound sent at line rate, which is not a practical or send traffic at lower rate.
secondary device is unable to learn all the scenario in the networks.
sources.

44 System Firmware Version 6.2.6.6

Dell Networking N1500/N2000/N3000/N400 Series Switches Release Notes

Temporary console hang for 3-4 minutes is Temporary console hang is observed for 3 Wait for 3-4 minutes if you see
observed on issuing “clear counters all” to 4 minutes. console hang on “clear counters
command when sending lot of multicast all” command.
traffic into the switch.

The maximum supported size of the packet Ping and traceroute fail if command is Use maximum of 13000 and
that is supported by the switch for ping and issued with packets size greater than 39936 as the packet size for ping
traceroute is limited to 13000 and 39936 13000 and 39936 respectively. and traceroute respectively.
respectively.

Traffic is not forwarded based on the static Static route is expected to take precedence, When using PBR, use PBR to
default next hop, instead is forwarded based but PBR policy takes precedence. achieve the default route
on the PBR default next hop. forwarding behavior instead of
configuring default route.

System Firmware Version 6.2.6.6 Page 45

Known Restrictions and Limitations

Release 6.2.5.3
Description User Impact
When data traffic need to be routed by CPU are send at Low
higher rate, CPU can handle maximum of 50 packets per
second Workaround
None
HW link scan for fast detection of link failures is not Low
enabled in the firmware. The link scan is not user configurable parameter. Not able to
enable HW link scan will impact NSF metrics

Workaround
None.

Release 6.2.0.5
Description User Impact
Transceiver information is not available when a Fiber Low
Ethernet port is configured as a stack port. Fiber ports that are configured as Ethernet ports will provide
transceiver information. When the ports are configured as stack
ports there currently is no mechanism to reveal the transceiver
information for that port. This is working as currently designed.

Workaround
None. This will be considered for a future enhancement.
Erasing backup image takes 180-300 seconds on Low
N4000/8100 switches Normal copy commands only erase as much as is required for the
new image but "erase backup" takes longer as the entire partition
gets erased.

Workaround
Use copy commands and overwrite the old images
When N4000/8100 switches are stacked using copper Low
stack link, PFC frames are not being received on the stack Issue seen only with PHY 84834.
link
Workaround
Fiber 10G/40G stack links

Release 6.1.0.6
Description User Impact
CPLD Update on Stacked switches. Low
CPLD update using the command (update cpld) will take at least 3
minutes to complete and then reboot the switch. Also, the CPLD
update command from Master unit in the stack will update the
CPLD code only in the Master switch. User has to update the
CPLD code on other members of the stack individually.

Workaround
None

46 System Firmware Version 6.2.6.6

Dell Networking N1500/N2000/N3000/N400 Series Switches Release Notes

Release 6.1.0.1
Description User Impact
When PBR route maps and ACLs are configured on the Medium
same interface, ACL rules are treated as lower precedence Even though ACLs are configured with higher priority, PBR
than PBR. rules are processed first.

Workaround
None – PBR route maps and ACL access-groups should not be
configured on the same interface as they have potential to
interfere with each other.
PBR route map counters are not incremented Not all PBR route maps are configured in the hardware. The
system optimizes away route maps whose decision logic always
results in falling through to the next route map. This includes
deny ACLs in permit route maps and all ACLs in deny route
maps. PBR counters are not incremented for “fall-through”
ACLs in the above route maps.
Workaround
None
The maximum detection limit for storm-control is 2Gbps. Low
Rates configured in excess of this limit will not detect traffc A 2 Gbps will cover a wide variety of situations where storm
exceeding for the configured type. This limitation applies to control is likely to be deployed (at the edge of the network),
all types of storm-control and includes broadcast, multicast including all 1G links.
and unknown unicast.
Workaround
Add a rate-limit ACL with the appropriate limit. ACLs can be
configured to log or drop exceeds traffic.

Release 6.0.1.3
Description User Impact
The max packet size for traceroute is limited to 39936 and Low
size is limited to 13000 for ping. This applies to Ping and Traceroute are used only during trouble shooting
configuration from CLI, WEB and SNMP. Standard MIB as
per RFC 2925 specifies the value as 65507 but snmpset will Workaround
fail if a value above 39936 for traceroute and above 13000
for is configured. Use the values actually supported and not MIB specified max
values.
Legacy phones that support only 10BaseT without auto- Low
negotiation require a fixed speed 10BaseT connection. Recent IP phone designs support 10m/100m/1G speed with
When such phones are connected to POE interface of auto-negotiation.
switch, the device is powered up but the interface stays
down.
Workaround
Use the speed command on the switch connecting the device
and set the interface to the required speed.

Release 6.0.0.8
Description User Impact
Downgrade to 5.1 and prior versions of code may cause the Medium
5.1 code to crash if any EEE configuration is present in the Switch will reboot after downgrade.
startup configuration. This is a limitation of the 5.1 code.
Workaround
When the switch reboots after the crash, boot into the 6.0 code
contained in the backup image. Remove all non-default EEE

System Firmware Version 6.2.6.6 Page 47

 configurations from the startup configuration prior to
downgrade.
A link flap is observed on the partner if the link is connected Low
to OOB port of the switch and switch is reloaded. The link flap is observed once on the partner switch

The link is brought up during the U-boot stage in order to Workaround

load the image from U-boot prompt. Shutdown the link on the partner before reloading the switch, if
the partner switch is very sensitive to link flaps

Link up during U-boot stage observed when SFP+ DAC Low

cable is plugged into SFP ports. But, the port will enter diag- This is a negative scenario where SFP+ DAC cable is inserted in
disable state after console prompt up. SFP ports and link up is observed for a short duration during U-
boot state. SFP+ transceivers are NOT supported in SFP ports.

Workaround
Remove the SFP+ DAC cable and use the no shut command to
re-enable the port.
40G port on N40xx series switches fails to link up when you Moderate
insert the following transceivers along with cable into the QSFP ports on the switch are not operational.
switch.
0MV31 Workaround
RF2MY Reboot the switch to recover the failed QSFP ports.

This issue happens only when the other end of cable is

connected to the partner switch.

Use of DCPDP is not recommended in 6.0 firmware. Upon Upon peer link failure DCPDP (if enabled) will transition the
peer link failure DCPDP (if Enabled) will transition the roles of MLAG peer devices to none and bring DOWN the
roles of MLAG peer devices to “none” and bring DOWN MLAG interfaces on both MLAG peer devices. This MLAG
the MLAG interfaces on both MLAG peer devices. peers recover once the peer link is UP.

End of Release Notes

48 System Firmware Version 6.2.6.6