Rackswitch G8264-T Firmware version 7.6.3.10 (released July 2013) ** Changes since the 7.6.3.0 release ** Enhancements: None. Changes: None. Fixes: - A Security vulnerability existed in the OSPFv2 Routing Protocol that is used in IBM System Networking Ethernet Switches (CVE-2013-0149) - A Security vulnerability existed in IBM Switches which support Fibre Channel over Ethernet (FCoE), in that data frames were being flooded out of every port if the destination address was not in the MAC table. (CVE-2013-0570) =================================================================================== Rackswitch G8264-T Firmware version 7.6.3.0 (released May 2013) ** Changes since the 7.6.2.0 release ** Enhancements: None. Changes: None. Fixes: - Random discards of transmitted frames could occur when sending frames of varying odd-numbered lengths, starting at 6749 bytes. (69933) =================================================================================== Rackswitch G8264-T Firmware version 7.6.2.0 (released January 2013) ** Changes since the 7.6.1.0 release ** Enhancements: None. Changes: - Added support for China-certified power supplies 94Y8070 (front-to-rear fan direction), and 94Y8088 (rear-to-front fan direction). (67088) Fixes: None. =================================================================================== Rackswith G8264-T Firmware version 7.6.1.0 (released December 2012) New and Updated Features ======================== ############################# BGP Route Reflection: --------------------- Route Reflection is a technique to avoid a large number of sessions between IBGP peers. In this release, support for RFC4456 (BGP Route Reflection - An Alternative to Full Mesh Internal BGP (IBGP)) has been added. SNMP: Support for 8 Read-Only and Read-Write communities: --------------------------------------------------------- This release adds support for 8 read-community names(Read-Only), and 8 write-community names(Read-Write) with SNMPv1 and SNMPv2. RFC5340: OSPF For IPv6: ----------------------- The switch was previously compliant with RFC2740. Starting with this release, the switch is compliant with RFC5340, which supersedes RFC2740. VLAG and PIM Support: --------------------- Previous releases supported IP Multicast routing through the PIM protocol. Also previously supported was the VLAG (Virtual Link Aggregation) protocol. This release adds support for PIM over a vLAG topology, so that the most efficient multicast routing can be achieved in a vLAG topology. NTP Client Display Improvements: --------------------------------- The Network Time Protocol (NTP) is widely used to synchronize computer clocks in the Internet. With the NTP service enabled, the switch can accurately update its internal clock to be consistent with other devices on the network. In this release, the "show ntp" command has been updated with such details as clock offset, stratum, and reference clock. Also in this release is a dampening of the number of syslog messages generated when the system clock is updated or if NTP synchronization fails. Cisco-like CLI: --------------- As part of this change, some existing ISCLI commands have been modified to look more like those in Cisco's IOS. The commands chosen for modification in this release are ones frequently used for VLAN, Port, and STP configuration. With these changes, those familiar with Cisco-IOS CLI can more readily configure the IBM-NOS VLAN, Port, and STP modules. Support for 4K VLANS: --------------------- Increased the scalability of VLANS from 2K to 4K Openflow support: ---------------- Openflow support has been added. debug enhancement ----------------- Added debug commands to provide more detail than shown in current counters. New commands will be added for LACP packets and spanning tree BPDU packets Diff flash in iCLI ------------------ Provided a command in ISCLI to display the differences between the running configuration and the saved configuration. This functionality is currently available in IBMNOSCLI and should now be added to the ISCLI. VMReady Distributed vswitch Support: ------------------------------------ VMReady distributed vswitch support is added and also support for vSphere 5.0 Syslog Enhancement: ------------------- Support for different configurable severity levels for Syslog on IBM switches. SNMP Trap for Power Failure: ---------------------------- Support SNMP trap generation on power failure. Host Resources MIB(RFC-1514) ---------------------------- Provided support for standards based HOST-RESOURCES-MIB defined in RFC 2790 allowing the switches to be managed by standard objectIDs. Host resources mib defines a uniform set of objects to manage host devices that are independent of the vendor, software or network capabilities. Implementation of the system and interface groups is mandatory Next Hop Self ------------- BGP next hop self feature supported with set the IP address for the next hop and override the default behavior used to select next hop Precision time Protocol ----------------------- Provided support for hardware assisted PTP synchronization to improve the time accuracy between systems in the network. PTP keeps system time of nodes in a network closely synchronized. Its accuracy is s ub-microsecond compared to the millisecond accuracy provided with NTP. The improved accuracy between systems is needed in networks with low latency and increased virtualization networks. SNMP and BBI Support for OSPFv3 and MLDv2 ----------------------------------------- IPSec feature was provided in 6.7 release but only in command line interfaces. This release addded configuration and monitoring support for MLDv2 via the BBI and SNMP interfaces. Terminal-length 0 persistent ---------------------------- Provided Cisco-like commands for configuring the terminal length for CLI sessions. The commands saved in the flash for persistency across resets. Runtime option to change the terminal length for the current session without affecting the saved configuration. vLAG scaling ------------ Increased the number of vLAG groups to 50. VMCheck: -------------------- The switch primarily identifies virtual machines by their MAC addresses. An untrusted server or a VM could identify itself by a trusted MAC address leading to MAC spoofing attacks. Sometimes, MAC addresses get transferred to another VM, or they get duplicated. The VMcheck solution addresses these security concerns by validating the MAC addresses assigned to VMs. The switch periodically sends hello messages on server ports. These messages include the switch identifier and port number. The hypervisor listens to these messages on physical NICs and stores the information, which can be retrieved using the VMware Infrastructure Application Programming Interface (VI API). This information is used to validate VM