3comc02581935

8/3/2019 3comc02581935

1/56

3ComRouter 5000 and Router 6000Release Notes

Software version 3.11Part Number: 10016400 Rev AA

Published October 2007

8/3/2019 3comc02581935

2/56

3Com Router 5000 and Router 6000 Family 2Release Notes Software v3.11

Contents1. Introduction ..................................................................................................................................................3

1.1 Scope .....................................................................................................................................................31.2 Supported Routers ..................................................................................................................................31.3 Online Resources.....................................................................................................................................31.4 New Software Features for V3.11............................................................................................................41.5 New Bug Fixes for V3.11.......................................................................................................................111.6 New Software Support for FIC Modules in V3.11...................................................................................11

2. Software Issues Resolved in Previous Releases ..............................................................................................122.1 Issues Resolved in Router 5000 Bootrom ...............................................................................................122.2 Software Issues Resolved in v3.00..........................................................................................................122.3 Documentation Issues Resolved in v3.00................................................................................................132.4 Software Issues Resolved in v2.41..........................................................................................................132.5 Software Issues Resolved in v2.21..........................................................................................................142.6 Software Issues Resolved in v2.21..........................................................................................................152.7 User Documentation Issues resolved in v2.21.........................................................................................162.8 Software Issues Resolved in v2.30/31.....................................................................................................162.9 Documentation Issues Resolved in v2.30/31...........................................................................................17

3. Known Issues in Release v3.01.....................................................................................................................173.1 System Access.......................................................................................................................................173.2 SNMP ...................................................................................................................................................183.3 System Management ............................................................................................................................183.4 Interface Management..........................................................................................................................183.5 Link Layer Protocol ................................................................................................................................193.6 Network Protocol..................................................................................................................................203.7 Routing Protocol ...................................................................................................................................203.8 Multicast Protocol .................................................................................................................................213.9 Security/VPN .........................................................................................................................................213.10 Quality of Service (QoS).......................................................................................................................223.11 MPLS ..................................................................................................................................................223.12 Voice and Router Interoperability 3Com VCX and NBX issues..........................................................233.13 Documentation Errors .........................................................................................................................24

4. Known Issues in Release v3.11.....................................................................................................................244.1 System Management ............................................................................................................................244.2 Security/VPN .........................................................................................................................................244.3 Voice and Router Interoperability 3Com VCX and NBX issues............................................................24

5. Upgrading Software ....................................................................................................................................245.1 Upgrading the Router 5000 Software....................................................................................................245.2 Upgrading the Software for the Router 6000/RPU .................................................................................325.3 Software Upgrade for the Router 6000/RPU2 ........................................................................................44

5.4 Maintaining Application Program and Configurations Using the Command Line ....................................52

8/3/2019 3comc02581935

3/56


1. Introduction

1.1 Scope

This document contains the release notes for the Router 5000 and Router 6000 v3.01

software listed in Table 1.This software release provides an update to the Router 5000 and Router 6000. Please notethat the software for the Router 6000 RPU2 will not load on the Router 6000 RPU.

Table 1: Software Release v3.11

Software Filenames Description

R6y03_11e.bin Encrypted software agent for the Router 6040 and 6080 RPU2(including bootrom)

R6y03_11v.bin Basic software agent for the Router 6040 and 6080 RPU2 (includingbootrom)

R6x03_11e.bin Encrypted software agent for the Router 6040 and 6080 RPU(including bootrom)

R6x03_11v.bin Basic software agent for Router 6040 and 6080 RPU (includingbootrom)

R5y03_11v.bin Basic software agent for the 5012, 5232, 5642, 5842 Routers

R5y03_11e.bin Encrypted software agent for the 5012, 5232, 5642, 5842 Routers

bootromfull9-23.bin Router 5000 Boot ROM file for 5012, 5232, 5642, 5842 Routers

1.2 Supported RoutersThese release notes summarize the operational requirements and issues for the followingrouters:

Router 5012 3-Slot (3C13701)

Router 5232 3-Slot (3C13751)

Router 5642 4-Slot (3C13755)

Router 5682 8-Slot (3C13759)

Router 6040 4-Slot (3C13840)

Router 6080 8-Slot (3C13880)

1.3 Online Resources

Visit the 3Com web site for the latest documentation and software updates:www.3Com.com

Obtain a copy of the Router 5000 or Router 6000 Installation Guide, CommandReference Guide, or Configuration Guide.

Obtain current software updates (maintenance releases) and associated release notesfor the Router 5000 and Router 6000 and other 3Com products.

8/3/2019 3comc02581935

4/56


1.4 New Software Features for V3.11The following software support has been added for V3.11

1.4.1 SIP Server Registration using a DNS Name

V3.11 accepts DNS names as well as IP addresses for the 'sip-server' command. This makesit easy for Service Providers to change the SIP Server address.

1.4.2 SIP Early-Media Parameter

V3.11 sends a SIP message 183 Session Progress Response with SDP instead of SIP message180 Ringing. This allows the media stream to be set up prior to the call being answered.

1.4.3 Management Protocol IP Address Parameter

V3.11 allows defining an IP address or the loopback interface as the source address foradministrative protocols including NTP, FTP, TFTP, and SCEP. This ensures that the Routerremains reachable by management traffic even when it's on a different AS to themanagement station and the Router's management traffic is using a physical interface.

1.4.4 Enhanced 'show ppp mp' Command

The output of the 'show ppp mp' command is enhanced to include load information(x/255). This helps with identification of problems.

1.4.5 Source Specific Multicast (SSM) Mapping

V3.11 supports Source Specific Multicast (SSM) Mapping. This enables efficient handling ofone-to-many multicast streams.

1.4.6 SNMP v3 USM-User Passwords

(RFC 3414 User-based Security Model (USM) for version 3 of the Simple NetworkManagement Protocol (SNMPv3))

This supports proper password copying when taking a configuration including a password,from one router and loading it onto another router.

1.4.7 OSM | CA MIBOSN|CA MIB Support

The OSM|CA MIB is supported. This enables applications running on an installed OSMmodule to communicate with the Router. The prime purpose of this is to allow anapplication running on the OSM to request specific traffic flows to be forwarded, copied orre-directed to it.

1.4.8 IGMP version3 (RFC 3376 Internet Group Multicast Protocol, Version3)

IGMP Version 3 adds support for "source filtering," which enables a multicast receiver hostto signal to a router which groups it wants to receive multicast traffic from, and from whichsource(s) this traffic is expected

1.4.9 PIM SSM (RFC 4607 Source-Specific Multicast for IP)

PIM-SSM supports one-to-many model. Initial commercial multicast Internet applications arelikely to be available tosubscribers (that is, receivers that issue join messages) from only a

8/3/2019 3comc02581935

5/56


single source (a special case of SSM covers the need for a backup source). PIM-SSM buildsshortest path trees (SPT) rooted at the source immediately because in SSM, the routerclosest to the interested receiver host is informed of the unicast IP address of the source forthe multicast traffic. That is, PIM-SSM goes directly to the source-based distribution treeinstead of the RP through shared distribution trees. PIM-SSM operation is guaranteed onlyin the 232/8 range (232.0.0/24 is reserved).

1.4.10 Kentrox T3/E3 subrate support

The T3/E3 interface offers the new feature of interoperating with Kentrox DataSMARTT3/E3 IDSU.

1.4.11 CLI command to specify the source address of PKI communication

The system administrator now can specify the source address used during PKIcommunication.

1.4.12 Fast forwarding with Policy Routing Support

After policy routing is enabled on an interface, packets on the interface are fast forwardedto enhance the IP forwarding efficiency.

1.4.13 QoS in GRE Tunnel Fast Forwarding

The GRE Tunnel fast forwarding process supports QoS as in the normal forwarding process.

1.4.14 OSPF Fast-Hello Function

OSPF fast hello packets refer to hello packets being sent at intervals of less than 1 second ascompare to 10 seconds for an Ethernet link and 30 seconds for a non broadcast link.

1.4.15 SIP supports all standard 18x Temporary Response

This feature implements standard handling for 18x temporary responses in the case of SIPcalls, and the ringback tone can be correctly played upon internetworking with devicesfrom other vendors

1.4.16 HWPing Enhancement

I. Enhanced HWPing Functions

This version enhances the routers HWPing functions, including:

Support NQA MIB and expand SNMPs manageability for HWPing.

Support NQA MIB display of multiple test results of a single test instance.

Support storage and search for test groups in alphabetic order of the references.

A single test instance can send over 3000 packets continuously.

Support concurrent scheduling of test instances.

Support the increase of sub-test instances from 150 to 1000. The test typessupported include ICMP, UDP, Jitter, DNS, HTTP and FTP. Of them, the number ofconcurrent FTP tests can reach 50, and the number of concurrent tests on ICMP tothe same IP address can reach 5.

Support the removal of all test instances (supporting CLI and NMS configuration).

8/3/2019 3comc02581935

6/56


Support classifying HTTP statistics based on DNS resolution, TCP connection andtransaction time.

FTP statistics can include the measurement of the file downloading rate.

Support the configuration of the file path and the uploaded file size during FTPtesting (supporting CLI and NMS configuration).

Add DNS measurement.

Support the DNS test configuration count.

II. HWPing Threshold Statistics Requirement

Based on the existing threshold alarm function, HWPing supports a new function thatcounts the number of monitored objects (including jitterrtt, jitterowd-sd, and

jitterowd-ds) in a jitter test whose thresholds are exceeded, and this information canbe displayed through a command.

III. Jitter Test through ICMP

The original HWPing uses UDP packets for jitter tests to analyze the networkperformance. Now HWPing supports the use of timestamped ICMP packets for jittertests to obtain network performance metrics.

IV. HWPing Supports Unidirectional Performance Test

This version can test the unidirectional delay in the performance asymmetricalnetwork. This feature needs the enabling of NTP.

This feature does not involve new configuration commands. You can refer to theHWPing jitter test configuration and NTP configuration. It does not matter whetherNTP or HWPING is configured. However, the unidirectional delay test result makessense only when NTP synchronization has finished before the test.

1.4.17 Filtering of command logs to be sent to TACACS Server

Administrators can configure not to send command logs that contain certain keywords ormatch specific rules to the TACACS server.

1.4.18 Switchover between HWTACACS Server

Administrators can configure three HWTACACS servers as theauthentication/Authorization/Accounting (AAA) server, including a primary server and twobackup servers. The user can send AAA requests to the device (HWTACACS client), and thedevice then selects a server from the above three servers to send AAA packets

1.4.19 Switching over to local authentication in the case of incorrectTACACS configuration

Local authentication is used in the case of incorrect TACACS configuration:

You can switch over to local authentication only when authentication fails.

You can switch over to local authentication when the IP address of the server isincorrectly configured (servers unreachable).

You can switch over to local authentication in the case of incorrect key configuration.The only option is to calculate the length of packets returned by servers and compare it

8/3/2019 3comc02581935

7/56


with the length of packets calculated through local key. If the lengths are not the same,you can tell that it is a key error.

You can switch over to local authentication in the case of incorrect NAS-IPconfiguration, including errors that occurred before the socket was connected.

1.4.20 RADIUS and TACACS supports VRF ApplicationsThis feature extends the applications of RADIUS and HWTACACS in MPLS/VPN networkingenvironments, including:

You can use commands to configure the VPN to which the RADIUS and HWTACACSschemes belong.

The VPN name configured in the RADIUS and HWTACACS schemes can be displayed.

The RADIUS and HWTACACS modules can receive and handle packets from privatenetworks correctly.

The RADIUS and HWTACACS modules can send packets to a specified server in aprivate network correctly.

You can configure the nas-ip in RADIUS and HWTACACS schemes as a private networkIP address.

You can configure a global private network nas-ip.

You can display the global private and public network nas-ip information.

1.4.21 SIP responses to options requests of Softswitch

Upon receiving an options request from the Softswich, the SIP protocol stack sends aresponse, so that the Softswtich can obtain the following information without waiting forthe ringing of the opposite side: methods supported, content type, extension name and

encoding/decoding method. In addition, the Softswitch can use options for heartbeatdetection with SIP.

1.4.22 Supporting the RFC2833-Defined Packet Format for Carrying DTMFSignals

This feature uses the RTP packets to transmit DTMF numbers by using the RFC2833-definedpacket format.

1.4.23 Supporting the VRRP Virtual Address Serving as the Voice GatewayAddress

By using the VRRP virtual address as the voice gateway address, backup of the voice

gateway can be implemented through the backup capability of VRRP.

1.4.24 Global Configuration of the QoS Module Supports Hot Swapping

This feature enables the global configuration of the QoS module to support hot swapping:

After an interface board is pulled out, the match rules turn invalid. You can view thevalidity of rules by displaying the rule information.

After an interface board is inserted, the rules referencing that interface should be valid.

After an interface board is deleted, the rules referencing that interface are deleted aswell.

8/3/2019 3comc02581935

8/56


1.4.25 Increase MTU of E1/T1 interface to 1620

1.4.26 CBWFQ Supports the Configuration of Remaining BandwidthPercentage

In the original implementation, bandwidth configuration of LLQ and BQ involves the

percentage configuration mode and the absolute value configuration mode. The twomodes cannot be used for hybrid configuration.

This feature allows the EF queue on the same interface to support the hybrid configurationmode of percentage bandwidth and absolute value bandwidth. Moreover, it offers theremaining bandwidth percentage configuration mode for AF queues. In this way, usersnetworking requirements are satisfied in a better way, meeting the demand for handlingdifferent types of EF services on the same interface. Moreover, through the configuration ofremaining bandwidth percentage for AF queues, the bandwidth requirements for AFqueues are met.

This feature removes the restriction from the original CBWFQ feature: if the percentageconfiguration mode is adopted for LR in the main policy, that configuration mode must be

used for queues in the sub-policies.

1.4.27 Using QoS CAR to Implement Address-by-Address Rate LimitationBased on Network Segments

QoS CAR is a solution to traffic policing. To limit the rate of a host at a certain IP address,you need to configure the IP address-based CAR policy. However, one such policy can limitthe rate of one host only. To address this issue, this feature can use simple commands toconfigure a network segment-based CAR ACL, and to apply that ACL in the CAR policy,thus restricting the rate of the entire network segment. Meanwhile, when configuring thenetwork segment-based CAR ACL, you can use parameters to restrict the rate of each hostor the rate of the entire network segment.

1.4.28 QoS extension

Support CAR in FRTS classes

Support to remark DSCP in CAR behavior

1.4.29 X2T Supports Carrying the Called Number

The feature implements the routers function that X2T carries the called X.121 address.After this function is enabled, the packets sent by X.25 terminals can be relayed multipletimes by means of X2T.

1.4.30 XOT Supports DNSBased X.121 Address Resolution

The DNSbased X.121 address resolution function is used to support XOT of the SVCapplication. This function takes the idea of DNS, putting the mapping relations betweenX.121 addresses and IP addresses in a network on the same DNS server for unifiedmaintenance. The mapping relations between X.121 addresses and IP addresses are similarto those between domain names and IP addresses. When sending packets, XOT sendsresolution requests to the DNS Server based on the current X.25 route configuration. Uponreceiving the requests, the DNS Server responds with the resolution replies. According tothe replies, the destination IP addresses of the X.25 packets can be determined. Centralizedmaintenance of the mapping between X.121 addresses and IP addresses reduces thecomplexity, improves the maintenance efficiency, better adapts to the changes of mappingrelations, and simplifies the XOT switching configuration.

8/3/2019 3comc02581935

9/56


1.4.31 X25 CLI commands enhancement

I. Adding the Command for Deleting X.25 Facility

This feature offers the function of deleting the windows size and packet sizeparameters from the X.25 facility field, meeting the requirements for internetworkingwith different devices.

II. X25 Switching Supports Packet Fragmentation and Reassembly

This feature adds the function of disabling X.25 from using the windows size andpacket size parameters in the facility field to conduct flow negotiation. Instead, flowcontrol is conducted solely based on the local user configuration. Moreover, thepacket reassembly and fragmentation functions are added when the device isundergoing X.25 switching.

III. T4 Parameter Is Supported

The T4 parameter is added based on LAPB (Link Access Procedure on B-Channel).Moreover, after N2 RR is sent upon T4 switching over to T1, T1 sends SABM messagescontinuously.

IV. X.25 Many-to-Many Address Translation Is Implemented

It is implemented that a command with the regular expression can replace multiplex25 switch svc commands.

1.4.32 HoPE Supports the Sending of Detailed Routes

In the SPE/UPE networking environment, SPE not only can send default routes to UPE, butcan send detailed routes. Meanwhile, you can control which detailed routes are sent towhich UPE by extending the community attributes, thus isolating the mutual access of someSites via UPE in the same VPN.

1.4.33 Policy-Based Routing Supports Auto-DetectBy configuring the association between policy-based routing (PBR) and the auto-detectfunction, collaboration between the two can be implemented. That is, when the auto-detect function finds a route currently used by PBR fails, PBR will be notified of this. Then,PBR can conduct link switchover by either selecting another route automatically or using theroute determined by the dynamic routing protocol.

1.4.34 RIP Supports Modifying the COST Value of Particular Routes

This feature allows routing policies to filter certain receiving/sending RIP routes and tochange their cost values to a specified one.

Before this function is implemented, the metric-in and metric-out commands can be usedon an interface to configure the cost values of RIP routes advertised by that interface.

The problem with the old method is that, the cost values of routes advertised by thatinterface all changed and precise control cannot be conducted, for example, you cannotmodify the cost value of routes in a specified network segment.

1.4.35 Displaying the Device Manufacturing Information

You can use the display device manuinfo command to view the device manufacturinginformation, including:

DEVICE_NAME

8/3/2019 3comc02581935

10/56


DEVICE_SERIAL_NUMBER

MAC_ADDRESS

MANUFACTURING_DATE

VENDOR_NAME

1.4.36 Supporting Levellized Logging of Commands

You can use the new command record { log | accounting } level INTEGER toconfigure levellized logging of commands or levellized accounting of commands. After thiscommand is configured, the system starts to log the commands or count the commandsonly after the command at or higher than the specified is executed.

1.4.37 Telnet Server Supports Displaying or Hiding the Copyright Noticeupon User Login

The new command [undo] vty copyright-info enable applies to all the login users.

The vty copyright-info enable command restores the default. That is, the copyrightnotice is shown when any telnet users logs in.

The undo vty copyright-info enable command hides the copyright notice when anytelnet user logs in.

1.4.38 Supporting SNMP Query of ADSL/G.SHDSL Uplink/Downlink Rate

After the ADSL interface and G.SHDSL interface are connected on a physical link, a workrate is obtained through link negotiation. Such rate is inconsistent with the baud rate of theinterfaces. Normally, the uplink rate and downlink rate of these two interfaces are different.

This feature adds two read-only MIB tables, and the table index is the index of the ADSLinterface and G.SHDSL interface used to read the actual work rate of these two interfaces

through SNMP.

1.4.39 Supporting the Statistics of Traffic Within the Last Five Minutes

Using the private MIB, you can view the statistics of traffic within the last five minutes oninterfaces via the SNMP NMS.

1.4.40 IP Host Command Supports Telnet Port Configuration

The ip host command is used to configure the correspondence between host names and IPaddresses. This feature adds the option of specifying a port number to that command,recording the correspondence between IP addresses and ports simply through the domainnames.

This configuration applies to the telnet command only, and is mainly used to supportreverse telnet.

1.4.41 NAT Server Supports Load Balancing Among Servers in the SameServer Group on the Internal Network

This feature uses NAT Server to implement load balancing among servers in the same servergroup on the internal network. Each type of users sees only one server, while multipleinternal servers are working for them. NAT Server allocates users access based on thecurrent load status of respective servers, implementing load sharing.

8/3/2019 3comc02581935

11/56


To implement load sharing, you need to define a server group on the NAT device and addthe internal network servers offering the same service to that server group. Moreover, youneed to set the right of each internal network server based on its handling capacity. Applythat server group to the public network interface on the NAT device and specify a publicnetwork address and port, that is, configure a server group-style NAT Server. When anexternal access reaches the NAT device, the NAT Server selects an appropriate internal

network server based on the load and right of each internal network server, directing thataccess to that internal network server, and thus implementing load sharing in the servergroup.

1.4.42 PBR Supports Modifying the DF Value of IP Headers

In special networking environments like GRE, etc, the DF bit of a packet can be set to 1while the packet size might exceed 1500 bytes. In that case, if fragmentation is needed, thisconfiguration can be used.

1.5 New Bug Fixes for V3.11

The following bugs were fixed in this release.

1.5.1 Backup IPSec on Loopback Interface

A backup IPSec Tunnel created between two loopback interfaces does not work when themain interface is down.

1.5.2 Outputing debugging messages to logbuffer

Debugging messages cannot be output to logbuffer

1.5.3 CLI command display ft1 displays the main physical FT1 interfaceand all the subinterfaces that are assocated with it.

Executing CLI command display ft1 display the main physical interface as well as all thesub-interfaces that are associated with it.

1.5.4 Frame Relay statistics are not computed correctlyThe incoming and outgoing packets are not counted properly in the Frame Relay circuit

1.5.5 5012/FT1 module: No message indicating FT1 is in BERT test mode

When BERT test is executed on a FT1 module on a 5012 router, there is no messageindicating the interface is in BERT test mode.

1.6 New Software Support for FIC Modules in V3.11

3C# Description

3C14832 ROUTER 4-Port CE1/PRI FIC

3C14833 ROUTER 8-Port CE1/PRI 120 FIC

3C14834 ROUTER 4-Port Fractional E1 FIC

3C14836A ROUTER 4-Port Fractional T1 FIC

8/3/2019 3comc02581935

12/56


3C14850 ROUTER 1-Port CE3 FIC

3C14851A ROUTER 1-Port FT3/CT3 FIC

2. Software Issues Resolved in PreviousReleases

2.1 Issues Resolved in Router 5000 Bootrom

V9.21 corrects an issue with the use of RoHS-compliant memory chips in which theclash memory sometimes cause software upgrade to fail.

V9.23 improves compatibility with Transend, Kingston, and Ramaxel memory chips.

2.2 Software Issues Resolved in v3.00The following issues have been resolved since the last release, v2.41, of this software.

VCX V7000 Inter-Operability Issue with Router 5000/6000:

Removal of the Master SIP server from a voice configuration will remove the followingfrom the configuration:

Slave SIP server if one exists

address sip proxy for SIP VoIP entities

When saving a configuration to a non-existing directory the following message displays:Cannot open the configuration file, this may be caused by insufficient memory space.

This is an incorrect message and is displayed when the user is trying to save a file to anon-existent directory. To solve the problem, create the directory first.

When rebooting the router, the Current Configuration change detection sometimesdetects changes when there were none, and a warning message is displayed.

Display interface for an ATM interface with sub-interfaces will display the samecumulative statistical information - no individual statistics are provided; Instead use,display atm interface to show more individualized statistics.

ACL matches for IPSec only count the first packet used to open the tunnel - subsequentpackets will be logged in the IPSec SA.

A frame relay link will not come up if the IP Address is changed, because the fr inarptable is not refreshed. The user must reset the fr inarp table manually.

The select-rule type-first command under the voice/dial view includes an option forVoFR. VoFR is not supported in this release. Make it the last choice in the select list.

Voice is barely audible when an NBX T1 is attached to the router configured runningQSIG master (network side). Voice quality is poor over a T1 link when the T1VI moduleis configured for QSIG master (configured for ISDN network side.). QSIG masterfunctions correctly over E1 using the E1VI module.

CLI doesnt support pre-defined ringing tones for the following countries: Egypt, SouthAfrica, and Australia.

8/3/2019 3comc02581935

13/56


MIB object isdnBearerOperStatus (OID 1.3.6.1.2.1.10.20.1.2.1.1.2) will report the statusof ISDN B channel

The standby timer delay 0 0 command will activate standby interface immediatelyonce the cable on the main interface is disconnected

DHCP relay agent will recognize BOOTP and DHCP protocol messages and process(relay) them appropriately.

2.3 Documentation Issues Resolved in v3.00

User Documentation issues resolved since the last release, v2.41, of this software.

Spanning Tree is listed as not supported in Router 5000-6000 Configuration Guide.Spanning Tree is supported.

Ike peer-name does not seem to work as documented in the NAT-Traversal Example; Inorder to get name authentication to work, both sides must have id-type nameconfigured. Both sides must have remote-names configured, and one side must haveremote-ip configured (the initiator).

Changing MLPPP parameters will not take effect until the Virtual-Template or Mp-groupis reset via bringing down all the physical interfaces and bringing them back up again.

A Router running DHCP client cannot obtain the default gateway address automatically.This parameter must be manually configured.

Where Static Routes point to Ethernet interfaces, ARP responses are ignored. The next-hop must be specified for static routes on Ethernet interfaces.

The router will continuously reboot if the MSDP configuration references an interfacethat is not available; this would most likely occur when a module is removed or replacedand the saved configuration still has a reference to the old interface.

IPSec card-proposal does not have an option for ESP encapsulation. Those options donot show up until the use command is issued to specify which encryption module touse.

All busy signals on voice cards are the same type: fast-busy signal.

2.4 Software Issues Resolved in v2.41

The following issues have been resolved since the v2.30/2.31 release of this software.

VCX calls fail across a NAT network.

NBX phones fail to load across a NAT network.

IPX is now supported on Frame Relay, Ethernet and PPP. IPX is not supported on, HDLC,and X25.

When setting the main/backup images, the file pointer does not point to flash:/ bydefault; the flash device must be included in the path; for example, bootfile mainflash:/main.bin rather than just bootfile main main.bin.

When there is a high traffic load on the router, and the CLI response time slows, theCPU usage information is not accurately displayed.

Gigabit Ethernet and POS interfaces do not support auto-install.

8/3/2019 3comc02581935

14/56


SYS MGMT Router 5000 series routers report that the system returned to service viapower-on even if the router is warm booted.

IPSEC policy with a deny rule before a more general permit rule will not enforce thedeny rule.

Resetting the IKE SA does not reset the tunnel completely; Resetting both sides at thesame time is currently required to completely reset the tunnel.

IPSec tunnel resets (resetting IKE SA/IPSec SA) may result in router reboot.

CBR traffic approaching PCR on a PVC will experience packet loss when UBR traffic on aseparate PVC is introduced on the ATM link

Service classes on IMA group interfaces have cell rate limits of just one T1/E1 Linkregardless of how many links are in the bundle.


The following issues have been resolved since the v2.11 release of this software.

In some specific circumstances, displaying virtual-access on a router with MLPPP maycause a reboot. To resolve this, use the command, Display Virtual Template instead.

A virtual baud rate setting of 786000 is not available on a serial interface.

The state of Promiscuous mode on an Ethernet interface is not shown in the displaycurrent command. To view the state, use the display interface Ethernet x/xcommand.

Gigabit Ethernet interfaces will not forward traffic if they are assigned to a bridge-set.Gigabit interfaces should only be assigned to routed interfaces.

When a bridge-set is removed from an Ethernet interface the message Promiscuous

operation mode was removed automatically is displayed. However, promiscuous modemay not have been disabled on that interface. Manually verify that Promiscuous modehas been reset using the display interface Ethernet x/x command. If it has not beendisabled, use the undo promiscuous command in the interface view.

There is no support for ISDN switch type DMS100.

Frame Relay sub-interface definition types (P2MP, P2P) are not displayed. To determinethe interface type, display the interface as follows: Display fr pvc interface .

Frame Relay Classes that contain Frame Relay QoS parameters can be applied to PVCseven though Frame Relay Traffic Shaping is not enabled. Frame Relay Traffic Shapingmust be enabled for PVC queues to be functional.

When IPSec policies are configured on both the incoming and outgoing interfaces, oneof the interfaces needs to have IPSec over GRE configured to allow multicast IPfragments to pass through the router without problems.

The ability to add inline comments to describe an ACL as a whole is available; howeverthe ability to add a specific description to a rule is not available. Example: if an ACL islong and complicated, inline comments for the rule cannot be added. Save the currentconfiguration and then edit in descriptive comments to that configuration.

FDL and remote loop back issues.

B8ZS and ESF issues.

8/3/2019 3comc02581935

15/56


LBO range issues.

Alarm Threshold Settings issues.

Issues with viewing current alarms and error registers.

Various issues with local, payload, and remote loopbacks.

DEBUG commands on the serial interface and physical layer characteristics of the routermodules.

UNDO of the DEBUG function.

Constant DEBUG output issues on the FT1 SIC module.

No indication of resetting (zeroing) traffic statistics.

Lack of input and output rates displayed in bits per second as part of traffic statisticsoutput.

A logging error where VPN information is logged erroneously, when there was noactual VPN configuration.

Only one system user at a time able to access the console.

With the display interface command, packet flow shows double that of the Ethernetinterfaces.

Inaccurate display information with ACL statistics, not properly incrementing for permitstatements.

Frame Relay statistics discrepancies on the sub-interface packet counts.

Statistics on the FT1 and T1 interfaces not properly zeroed upon reset command, resetcounter interface.

Banner information is lost upon FTP or TFTP while obtaining router information. A packet loss problem with small packet sizes configured.

No display of trap settings with status.

NAT traversal is not compatible with Cisco routers. IPsec tunnel is not established withCisco routers when a NAT device is in the path.

Only one security association is used for all traffic flows. IPsec SA is not flow based.IPSec SAs originated from 3COM routers will be ACL based. To obtain flow-basedfunctionality, create multiple ACLs with one rule each.


The following issues have been resolved since the v2.20 release of this software.

Changing the speed and duplex on the Gigabit Ethernet Module does not take effectwithout resetting the interface manually. A manual shutdown and then undoshutdown is required to have the changes take effect.

Loopback LED remains lit solid after remote side sends the loop down code. NoLoopback LED indicator

Banners edited offline in the proper format will be discarded when loaded into thesystem via ftp/tftp

8/3/2019 3comc02581935

16/56


D4, D4/AMI and ones density are not supported.

FDL AT&T payload option issues.

No fdl-att-plb-up and fdl-att-plb-down are available.

Alarm LED No Alarm LED indicator

BERT issues Bits received since test started and Bits received since latest sync do notmatch on a perfect loop

NAT display issues NAT sessions do not display NO-PAT

2.7 User Documentation Issues resolved in v2.20

The following user Documentation issues have been resolved since the v2.20 release of thissoftware.

ACL numbering scheme is different from those documented in the CommandReference Manual. Use the following corrected numbering scheme:

1000-1099 (Interface-based ACL)2000-2099 (Basic ACL)

3000-3099 (Advanced ACL)

4000-4999 (Ethernet Frame Header ACL)

The Command Reference manual states that reset ike sa will clear both phase 1 andphase 2 security associations. Reset ike sa will only clear phase 1 security associations;reset ipsec sa will clear phase 2 security associations.

MPLS LDP loop detect cannot be configured after LDP is enabled on interface. An erroris reported. Enable LDP loop detect under system view before enabling LDP on theinterface.

The virtualbaudrate command is non-existent in the Command Index. Use thevirtualbaudrate command in the Command Line Interface (CLI).[XXXX-3-Serial2/0/4]virtualbaudrate?

300 only for async mode

600 only for async mode

1200 for syn & asyn mode






56000 only for syn mode

57600 for syn & asyn mode64000 only for syn mode






2.8 Software Issues Resolved in v2.30/31

The following issues have been resolved since the last release, v2.21, of this software.

8/3/2019 3comc02581935

17/56


If the user cut and pastes within the BootRom menu to fill in fields (such as filenamesfor TFTP downloads) the display will only show a maximum of 8 characters. If thefilename is longer it will be accepted by the system, but will not display charactersbeyond the initial 8.

The more command truncates large config files(>17KB) on the 5012 routers. If the

file needing to be read is not the saved configuration, transfer the file to a PC disk, andread it from there. If it is the saved configuration, read it with the display saved-configuration command.

Display ft1 will display the same statistics multiple times, once for each Frame Relayinterface/sub-interface configured.

The current IMA aggregate baud rate does not change when links are added orremoved, when using the display interface command. This is a display problem only.

The Gigabit Ethernet module does not support half duplex mode at 100 Mb setting.

Display fr pvc statistics do not account for the outbound packets.

The bridge mac-address command for setting a static MAC entry for a gigabitEthernet interface is not supported.

The bridge mac-address permit interface command is not anoption for a Gigabit type interface. This command is not supported for Gigabitinterfaces.

CRC and PAD errors on the 1-Port ADSL Module interfere with even the lowest trafficloads, of expected normal operation Example 256K traffic on 8Mb link.

PIM is not supported over an IPsec tunnel. PIM hellos are rejected over an IPSec Tunnel.

The first IKE peer with local-address defined will have its address be used for all IKEpeers in the policy.

ATM VBR service classes will fail to be set at Peak Cell Rates higher than 124492 kbps(for OC3-ATM), 41923 kbps (for T3-ATM) and 33340 kbps (for E3-ATM).

2.9 Documentation Issues Resolved in v2.30/31

User Documentation issues resolved since the last release, v2.21, of this software.

Named access list is documented but not supported.

Name based ACLs, as listed in the command reference manual, are not supported.

3. Known Issues in Release v3.01

3.1 System Access

The router does not allow configuring of an FTP server with Radius Authentication Noneoption. FTP Anonymous login is not supported. A username and password is requiredfor FTP access.

The FTP server does not support filenames containing spaces. 3Com recommends usingunderscores instead of spaces as separation delimiters.

To get ftp mputs to work properly from a client, ftp update normal must be set on therouter.

8/3/2019 3comc02581935

18/56


3.2 SNMP

The router does not respond to SNMP when the user is logged into the System View.This causes Network Management Systems such as 3Com Router Manager and 3ComNetwork Director to generate errors. To resolve this, exit the System View.

The Frame Relay MIB does not use the latest version of the RFC 2115. As a result, publicMIB variables for troubleshooting Frame Relay performance problems are notsupported; (e.g. frCircuitLogicalIfIndex) from the current FRAME_RELAY-DTE-MIB (RFC2115)

The router will send an initial invalid trap packet upon link down/up event, followed bythe correct Trap packet. Ignore the first trap packet, the second packet is correct.

3.3 System Management

On RPU2s when booting from the compact flash, it is possible to get the following erroron boot up: Error encountered during checking disk, format the disk! and the bootwill not complete. Power down the router and power it back up to clear the problem.

Analog Modem debugging shows internal activity when no cable is connected. Thisindicates that the modem is active and ready to receive or make calls.

There is no way to recover if both the Bootrom password and the console password arelost. If both passwords are lost, the router must be returned to 3Com for repair (RMA).

FTP user cannot be cleared; set the ftp time-out to 1 minute to clear an inactive sessionrather than waiting the 30 minutes set by default.

The display current-configuration command with a filter will not recognize theunderscore character(_) alone. Use the backslash character (\) in front of theunderscore to get the desired result. For example, display current-configuration | beginbgp\_peer will display the configuration starting with the line containing bgp_peer

CPU Usage history graph has the time scale backwards; the right side is the most recenthistory.

A 1-Port Channelized E3 MIM card will not operate if inserted in slot 0 on the 5642 orslot 1 on the 5232. Select a different slot for the E3.

3.4 Interface Management

When the Dialer interfaces toggles state (up or down), minor packet loss will occur forany packet passing through the router.

Interface statistics with a flow-interval of under 10 seconds are not accurate. Do not

enter flow- interval values under 10 seconds.

The Virtual-Ethernet interface protocol state displays as being down when runningPPPoE. This is the normal operating state of the Virtual-Ethernet interface.

On an ISDN interface, the Line Protocol state is up when no cable is attached to the porton the interface. It is best to observe the interfaces Current State. The Current Statewill be down if no cable is attached to the interface even though the Line Protocol willshow it as up.

A Frame Relay sub-interface that has been configured as Down transmits packets.

8/3/2019 3comc02581935

19/56


Displaying a Fractional E1 interface displays a Frame Format equal to NONE. The actualFrame Format is no-crc.

Frame Relay Payload Compression is displayed for PVC even after it is removed. Resetthe interface to resolve.

An ATM PVC that is set with rate limiting and is heavily oversubscribed with data, willfail to pass traffic. Other PVCs continue to work on the link.

Changing the speed on a modem interface resets the interface. Do not change themodem interface speed while a dialup session is active.

The activity LED on the T3 ATM Module indicates heavy activity regardless of theamount of traffic passing through it.

Regardless of actual traffic running or not, T3 and E3 activity LEDs blink constantly.

The Bridge-Template interface does not give flow / load interval statistics.

When load is over 4500 active streams, netstream takes an extra few minutes to sendall export data after a flow has expired.

3.5 Link Layer Protocol

Alarm-threshold values are not configurable when a T1-line is configured within a T3link.

Level-4 alarm-threshold is not supported for T1 links setup for SF frame format. The CLIwill not report an error.

ATM AIS/RDI statistics are inaccurate.

ATM OAM Segment Loop cells are not supported.

Frame Relay PVCs can be modified when they are part of a PVC switching endpoint.Verify first that the interface is not a PVC endpoint before making any changes, elsetraffic may be disrupted.

There is no DEBUG support for Multilink Fragmentation (FRF.16.1).

Status and statistics for Multilink Fragmentation (FRF.16.1) cannot be viewed

There is no support for ISDN switch type AT&T for BRI U interfaces. The routerCommand Line Interface and the documentation specifically states that AT&T is onlysupported on PRI interfaces. The default isdn protocol-type dss1 will connect toswitches using AT&T switch type on a BRI interface. This was tested with Lucent 5E,otherwise known as AT&T 5ess.

Bridge-set traffic cannot be routed even though a bridge-set can be configured with anIP address.

FRF.9 Compression is still displayed upon viewing of PVC statistics, after the PVC is re-mapped without FRF.9. After re-mapping a PVC to exclude FRF.9 compression, reset theinterface in order to clear any reference to FRF.9

When removing FRF.9 compression settings from a frame relay static address mapping,the interface needs to be reset (shutdown/undo shutdown) for the configuration to takeplace.

8/3/2019 3comc02581935

20/56


When the ATM OAM and PVC states are all down, the ATM interface is still showingstate:UP and Line:UP; Use display atm pvc-info to see the true state of the individualPVCs.

ATM statistics may be wrong if the traffic rate exceeds the Class of Service settingsconfigured.

PPP STAC compression is not supported on the POS interface.

ATM OAM up/down timers for transitioning the PVC State are not accurate.

ATM T3/E3 Modules require all cables to be connected before link LEDs will be lit.

3.6 Network Protocol

PPP, Frame relay, HDLC, and E1 interfaces do not support DHCP Global subaddressmode.

Certain web sites cannot be accessed when using DSL interfaces. To resolve this, set theoutgoing router (WAN) physical or virtual interface to 1410 as the maximum segment

size for TCP.

The DHCP Server does not remember the DHCP clients after a reboot. The DHCP leaseexpiration, client reboot or client renew request will repopulate the DHCP clients tabletransparent to the user.

ICMP type 3 messages are generated for some but not all instances in RFC 1812(Section 5.2.7.1).

DHCP option 14 cannot be configured. There are no CLI commands for option 14.

3.7 Routing Protocol

When BGP changes states, minor packet loss will occur at the instance of the change,for any packet passing through the router.

OSPF interface costs are not the same on peer DCE/ DTE Frame Relay Serial interfaces. Ifa Frame Relay DTE Serial interface is configured for OSPF, and the DCE has a differingbaud rate, the interface has to be configured with the virtualbaudrate command.Configure this command using the same baud rate as the DCE. After configuring, shutdown and restart the interface.

Undo RIP from interface view removes RIP globally. To remove RIP from interface viewuse the command, Undo RIP work.

BGP route dampening does not work for IBGP routes. BGP dampening is designed towork only for EBGP routes

The 3Com router will not exchange RIP Updates with various 3rd Party vendorsequipment when MD5 usual implementation is configured. The 3Com router willonly exchange RIP Updates with a 3rd Party vendors equipment when MD5 Non-Standard implementation is configured. Use Usual to exchange RIP Updatesbetween 3Com routers.

The BGP route is not advertised if the IGP route is present in the forwarding table.Import the route into BGP from the protocol which owns the route in the forwardingtable.

RIP Poison Reverse is not supported.

8/3/2019 3comc02581935

21/56


IPX does not support X25. IPX is supported on HDLC, Frame Relay, Ethernet, and PPP.

The BGP received and advertised routes for a particular peer (display bgp routing-tablepeer received|advertised) are not displayed in numerical order.

With OAM and PVC states both down, the interface is still considered up and thedirectly connected route is not withdrawn from the routing table; Along the same line,with OAM active, a PVCs going down does not have its learned routes deleted from therouting table. The router will need to rely on the individual routing protocols timeoutfeature to initiate route removal.

Load Sharing statistics are not accurate when more than one next-hop router isreachable via the same physical interface.

BGP Auto-summary does not work with the BGP Network command; Auto-Summaryworks in all other cases.

Redistribution of IGP routes into IBGP will not have the IGP next-hop. Instead, the nexthop will always be the router doing the redistribution.

3.8 Multicast Protocol The default value for the IGMP query interval (60 seconds) does not match the

recommended value in RFC 2236 (125 seconds). Set the query interval to match thequery interval of other routers in the network.

PIM is not supported with IP unnumbered FR interfaces. An IP address must be assignedto the FR interface.

3.9 Security/VPN

The encryption card does not perform as well when passing large byte data (e.g.anything over 1464 bytes for 3DES/SHA1).

Display firewall ethernet-frame-filter all does not work. Specify the exact interface toget the desired information.

NAT traversal does not work in IKE Main Mode. IKE Aggressive Mode is required forNAT traversal to function properly.

Packets with internal addresses appear outside the NAT boundary. NAT does nottranslate ESP or IGMP packets. NAT does not translate any IP protocols other thanICMP, TCP, UDP, and GRE (with respect to PPTP)

The firewall drops FTP connections when ASPF is configured to filter TCP. ASPF must beconfigured with TCP and FTP together.

With CRL checking enabled by default, certificate enrollment cannot be performed andan IPsec tunnel cannot be established without the CRL on the router. CRL checkingmust be disabled for certificate enrollment and the IPsec tunnel if the CRL is not on therouter.

If an undefined ACL is used in a configuration, a warning message is not displayed.

In X.509 the CRL URL format determines which protocol is used to retrieve CRL fromthe CA server. Use one of the following CLI commands depending on specific Serversupport:HTTP: crl url http:///

LDAP: crl url ldap:///

8/3/2019 3comc02581935

22/56


SCEP: crl url "scep"

Manual Ipsec only protects the first match in an ACL with multiple rules;Recommendation: make only one rule per ACL to protect all desired traffic.

IPSec transform negotiation is not compatible with Cisco; configure only one transformfor any policy interacting with a Cisco router.

IKE Keepalive is not accepted by a Cisco router and tears down the tunnel. Do not usethe ike sa keepalive-timer timeout command (default).

Junipers IPSec implementation does not interoperate with the 3Com Router 5000Family with respect to IPSec Fragmentation. If possible, set the MTU to 1438 or loweron devices that will be using the tunnel to avoid having to fragment IPSec packets.

DvPN is not supported

Debug firewall packet (denied/permitted) no longer works; Use debug firewall allinstead.

3.10 Quality of Service (QoS) CBR miscalculates the remaining Bandwidth available after multiple PVCs oversubscribe

the link. An undo service will recover all but 32kbps of the available bandwidth. Arouter reboot will recover the rest.

Once a QOS policy is applied use the CLI command reset IP Fast Cache to re-applythe QoS functions properly.

An under provisioned ATM service class results in link failure for that PVC only.

DAR doesn't detect TFTP traffic fully.

FTP data is not correctly detected by DAR if there is a pause in user activity with the FTP

server for over 5 minutes. DAR reports application packets going out an interface even if it's just ARPs being sent

to find the destination MACs in order to forward those application packets.

QoS CBQ incorrectly drops packets when the guaranteed rate is equal to the traffic rateon the Serial interfaces. This is not a problem on Ethernet/GigabitEthernet interfaces

Hostname support for target host in HWPing is good only if it can be resolvedimmediately; the hostname is only used for ease of use; the saved configuration willhave the resolved ip address.

3.11 MPLS

If there is no response, from pinging a CE Router from a PE Router within an MPLS/BGPL3 network use the command ping -vpn -a xxx.xxx.xxx.xxx xxx.xxx.xxx.xxx, using thesource address of the PE interface that is in the VPN of the intended target.

In an interface view, the undo mpls ldp command will provide the warningWARNING: Executing this command will remove MPLS LDP on all interfaces on thisrouter. Use MPLS LDP DISABLE to remove MPLS LDP on this interface only. Do youwish to continue? [Y/N]

Regardless of what the user responds here, yes or no, the CLI will return to thesystem view instead of the interface view. JK

8/3/2019 3comc02581935

23/56


3.12 Voice and Router Interoperability 3Com VCX andNBX issues

SIP compatibility mode is required for calls between 3Com Convergence Center Clientsto router 5000/6000 analog phones. Execute the sip-comp server command from the

voice view on the router. The undo command does not work for the mode command in the controller/cas

view. To reset the mode to the default value use the mode itu-t command.

By default, voice entities with the same match criteria are chosen at random. Toprioritize VOIP entities use the command select-rule type-first 213 command in thevoice/dial view.

Voice activity detection (VAD) is only supported when the G.723 codec is used.

CAS is not supported on the T1VI module.

RADIUS authentication and accounting is not supported for H.323.

Only voice traffic is supported on E1 and T1 voice cards. This applies to Router 5000 &6000 platforms. Data traffic is not supported over Router 5000 and 6000 Voice cards.

FIC Voice Cards are not hot-swappable; they must be inserted/removed with the poweroff.

A short static noise at the tail-end of the audio transmission is experienced when callsare placed across Router 5000 and Router 6000 FXS cards.

FXS ports do not support modem operations.

One-Stage dialing through POTS may take up to 5 rings before rings are heard on theremote side. Local ringing occurs before the remote side actually hears the rings.

While accessing an outside line (two-stage dialing) the second dial tone takes a littlelonger than normal to be heard; wait for the second dial tone before proceeding.

Caller-ID Name is not supported; the router does not generate the names tied to a localphone line.

Analog voice quality is reduced when using analog lines across three or more routers.

The users call forwarding option is not retained after a router reboot; the user mustreprogram call forwarding after a router reboot to ensure proper forwarding operation.

The router cannot detect when its own E&M, FXO/FXS, or E1 CAS E&M connections aredown. Therefore, if a voice entity using one of these interfaces is routing calls, and theinterface goes down, the router will not check for a voice entity with equivalent match

criteria to use. The router will continue to attempt to send calls through the downinterface.

CLI doesnt support pre-defined ringing tones for the following countries: Colombia,EU, Dubai.

FXO ports on the 5000 series routers might not pick up when receiving a call from adevice other than a 3COM router

3Com VCX 7000 phones do not support SIP outband mode. DTMF digits sent fromrouter 5000/6000 to VCX phones will be disregarded.

8/3/2019 3comc02581935

24/56


3.13 Documentation Errors

The steps to bind the voice MAX-CALL function to a voice entity described in the userguide, is not clear. When configuring voice MAX-CALL you must apply this functioninside the voice entity view.

Bridging over Frame Relay is not listed as being supported in the Router 5000-6000Configuration Guide. Bridging over Frame Relay is supported.

DVPN service is not enabled by default as stated in the user documentation. The usermust enable it if needed.

Firewall ASPF UDP detection does not support the following UDP based applications:TFTP, SSH, DHCP

The documentation incorrectly states that a VLAN port link type can be set to access,hybT operations for HWPing will always send a 50 byte file which does not have to existon the router; FTP GET operations will timeout if the file is large; just increase thetimeout until "Operation timeout" no longer registers a non-zero value.

4. Known Issues in Release v3.11

4.1 System Management

Application download via NET will not prompt to overwrite a file if the target namematches a name already on the flash.

4.2 Security/VPN

IPSec SA renegotiation happens much earlier than the SA byte duration and before theSA time duration when load on the tunnel is low (under 50%).

The "undo ips policy" command if typed as stated will not return an error. Thiscommand does nothing. Use "undo ipsec policy" in interface view to remove the ipsecpolicy.

4.3 Voice and Router Interoperability 3Com VCX andNBX issues

When multiple subscriber lines could be used for an outgoing call, if a line happens to bedown for some reason (cable disconnect, etc), the router will still try to use that line as anoption just because it was configured. Do not configure lines that are not ready for use (notcabled up).

5. Upgrading SoftwareThis section describes how to upgrade the software in your 3Com Router.

5.1 Upgrading the Router 5000 Software

The following diagram shows the process to upgrade the Boot ROM and Comware imagesunder the Comware V3 environment

8/3/2019 3comc02581935

25/56


Y

N

N

Y

Check Boot ROMandsoftware versions

Start

Upgrade software?

Choose correct Boot ROM

Upgrade

Choose correct software

Choose upgrade mode

Upgrade

End

Upgrade BootROM?

XModemupgrad

e

TFTPupg

rade

FTPupgrade

Via netwrokinterface

Note: The entire Boot ROM image file in this section includes two segments: extended andbasic. You can separately upgrade and back up the extended segment.

5.1.1 Understanding the Boot Menu

To view the routers boot menu:

1 Start the router; when the message Press Ctrl-B to enter Boot Menu ..........appears, press . The console screen displays:

Please input bootrom password:

2 Enter the correct password (there is no password by default). The Boot menu isdisplayed, as shown below: (Note that the menu may be slightly differentdepending on the bootrom version)

Boot Menu:

1: Download application program with XMODEM

8/3/2019 3comc02581935

26/56


2: Download application program with NET

3: Set application file type

4: Display applications in Flash

5: Clear application super password

6: Reset console authentication

7: Start up and ignore configuration

8: Enter debugging environment

9: Boot Rom Operation Menu

a: Do not check the version of the software

b: Exit and reboot

Enter your choice(1-b):

These options are described in sequence as follows:

I. Boot Menu 1: Download the application image with XMODEM

Refer to the subsection Upgrading Software through XMODEM in this section.

II. Boot Menu 2: Download the application image with NET

Refer to the subsection Upgrading the application image through Ethernet in this

section. If you select this option, the following Net Port Download Menu appears:Net Port Download Menu:1: Change Net Parameter

2: Download From Net To Flash

3: Download From Net To SDRAM And Run

4: Upload the current config file to PC

5: Exit to Main Menu

Enter your choice(1-5):1

III. Boot Menu 3: Set application file type

Routers with more than 8 Mb of Flash provide a dual-image function. The systemdefines three default application files for booting the router (see below). If you wantto change the order or the boot file, you can select this option from the Boot ROM

menu and make modifications.The default names, types, and selected sequence of main, backup, and secureapplication files are described as follows:

Main application file: default name is main.bin, file type M. This is the defaultfile the system uses to boot.

Backup application file: default name is backup.bin, file type B. This file will beused to boot system when the main file fails.

Secure application file: default name is secure.bin, file type S. This file will beused to boot the router when the main and backup file fails. The system willdisplay a booting failure message if the secure application file also fails.

Table 1 Default names and types of the boot files

Boot file File name File type

Main boot file main.bin M

Backup boot file backup.bin B

Secure boot file secure.bin S

8/3/2019 3comc02581935

27/56


Notes:

Only the application file types M, B, and S can be used to boot the system.Applications marked as N/A cannot be used to boot the router.

The names of the applications in Flash can be modified using CLI commands afterthe router has started. Refer to the System Management document for more

information on the CLI commands. The application file types M, B, and N/A can bemodified in either the Boot ROM menu or by the CLI commands after theapplication is started. Modifications to the file type of applications with type S arenot allowed.

Because the secure boot file is the last file the system uses to boot properly, thefile type of secure boot file is not allowed to be changed, nor is it derived fromany other type of file. It can only be downloaded via the Boot ROM menu, and itsname must be specified as secure.bin. If you change the file name of the securefile using rename command after the system has started, there is no secure bootfile in Flash and you need to download it again.

Only one file of each type (M, B, and S) can exist in Flash. For example, if a file oftype M and a file of type B exist in Flash, it is impossible to have a second file typeof M or B. If the file type of another application is to be changed to B, the existingfile of type B will be changed to N/A.

The name (including the extension) assigned to a boot file is recommended to beless than 16 characters.

Select from the Boot menu. The console screen displays the following menu,provided four application image files exist in Flash memory:

M=MAIN B=BACKUP S=SECURE

*************************************************************************

NO. Name Size Type Time

1 main.bin 5988025 M Jan/10/2006 10:10:102 backup.bin 5985198 B Jan/10/2006 10:10:10

3 a.bin 987491 N/A Jan/10/2006 10:10:10

4 secure.bin 5988022 S Jan/10/2006 10:10:10

*************************************************************************

5 Exit to main menu

Enter your choice(1-5): 3

In this menu select to change the file type of a.bin. The console screen displays:Set this file as:

1. Main

2. Backup

3. Exit


To use a.bin as the main boot file, select in this menu. When the modification isvalidated, the type of the original main file is changed to N/A., and a.bin will be usedto boot the router

IV. Boot Menu 4: Display applications in Flash.

This option is to display the existing applications (and their types) in Flash. Thefollowing information appears when you select option 4 in the Boot ROM menu(suppose that the above modification is validated).

M=MAIN B=BACKUP S=SECURE

**************************************************************************

8/3/2019 3comc02581935

28/56


NO. Name Size Type Time

1 main.bin 5988025 N/A Jan/10/2006 10:10:10

2 backup.bin 5985198 B Jan/10/2006 10:10:10

3 a.bin 5987491 M Jan/10/2006 10:10:10

4 s_system.bin 5988022 S Jan/10/2006 10:10:10

**************************************************************************

There are application files.

Press key to continue

Press to return to Boot Menu.

V. Boot Menu 5: Clear application super password.

Selecting this option allows users without system view privileges to access system viewafter a reboot. This, however, is a one-time operation. You must provide the superpassword at subsequent reboots.

VI. Boot Menu 6: Reset console authentication.

This option allows you to log in from the console port without authentication andreset a password if needed Note that if not saved, the modified configuration will not

survive a reboot,Select the option; exit and then restart the router. The screen displays Loginauthentication ignored, allowing you to log in from the console port withoutauthentication.

Note: This is a one-time operation. It takes effect at the first reboot. Console authenticationis required however at subsequent reboots.

VII. Boot Menu 7: Start up and ignore configuration.

Select in the Boot Menu. The system sets an Ignore flag to Flash memory anddisplays:Flag set successfully.

Thus, a default factory configuration will be used for booting. The system removes theIgnore flag after the reboot completes.

VIII. Boot Menu 8: Enter debugging environment.

Enter the debugging environment to help resolve problems.

IX. Boot Menu 9: Enter the Boot ROM operation menu.

Select to enter Boot ROM Download Menu as follows for upgrade, backup, orrecovery of the Boot ROM program:

Boot ROM Download Menu:

1: Download Boot ROM with XModem

2: Download Extended Segment of Boot ROM with XModem3: Restore Extended Segment of Boot ROM from FLASH

4: Backup Extended Segment of Boot ROM to FLASH


Enter your choice(1-5):

X. Boot Menu a: Do not check the version of the software

Ignore software version check for backward compatibility. The likelihood exists thatyour upgrade attempt fails even when you select the correct software version. If thesystem prompts invalid version in this case, you can select from the Main Menuto have the system skip version check during upgrade. This option applies only oncewhen selected. When the router is rebooted, version checking is restored.

8/3/2019 3comc02581935

29/56


XI. Boot Menu b: Exit and reboot

Select to exit and reboot the router.

Note: To enter Boot Menu, you must press within three seconds after theinformation Press Ctrl-B to enter Boot Menu... appears. Otherwise, the system startsdecompressing images. To re-enter the menu after that, you must reboot the router.

5.1.2 Upgrading Software through XMODEM

You can use the console port to upgrade the software using Xmodem without the need toset up a network environment.

I. Upgrading the application image

1 Enter Boot Menu (refer back to the subsection Boot Menu in this section), press to select the XMODEM protocol for downloading the application image. Therouter supports the following downloading speeds:

Please choose your download speed:

1: 9600 bps

2: 19200 bps

3: 38400 bps

4: 57600 bps

5: 115200 bps

6: Exit and reboot


2 Select an appropriate download speed, for 115200 bps for example. Theconsole screen displays:

Download speed is 115200 bps. Change the terminal's speed to 115200

bps, and select XModem protocol. Press ENTER key when ready.

3 Change the baud rate on the console terminal (see Figure 5-4) to the softwaredownload speed, 115200 bps in this example. After that, select [Dial-in/Disconnect]and then [Dial-in/Dialing] to disconnect and reconnect the terminal. Press tostart downloading. The console screen displays:

Please Select Program File

Downloading ... CCCCC

Note: To validate the new baud rate set on the console terminal, you must disconnect andthen reconnect the terminal emulation program.

4 Select [Transfer/Send file] in the HyperTerminal window. The Send File dialog boxis displayed:

8/3/2019 3comc02581935

30/56


5 Click Browse to select the application image file to be downloaded, selectXMODEM from the Protocol drop down list, then click Send. The following dialogbox appears:

6 After completing download, the system begins writing to Flash memory and uponits completion displays the following message:

Download completed.

For the R5000 series router, the system also prompts you to select the file type uponcompletion of the download.

please select file to be saved as

1. main application file

2. backup application file

3. secure application file

4. cancel downloadingEnter your choice(1-4):

The system starts writing to Flash memory after you enter your choice and displays:

Writing to flash memory...

Please wait,it needs a long time .Please wait...

########################################################

Writing FLASH Success.

Please use 9600 bps.Press key to reboot the system.

Restore the baud rate of the console terminal to 9600 bps as prompted, disconnectthe terminal and dial again. Then, you can see the system boot banner.

II. Upgrading the entire Boot ROM image1 Enter Boot Menu, and select to enter Boot ROM Download Menu as follows:

Boot ROM Download Menu:

1: Download Boot ROM with XModem

2: Download Extended Segment of Boot ROM with XModem

3: Restore Extended Segment of Boot ROM from FLASH

4: Backup Extended Segment of Boot ROM to FLASH



8/3/2019 3comc02581935

31/56


2 Select in Boot ROM Download Menu to download the Boot ROM imagethrough XMODEM. Multiple download speeds are available. The subsequent stepsare the same as those described in the Upgrading the application image section.

Caution:3Com recommends that you upgrade the entire Boot ROM program only whennecessary and with the guidance of technical staff, because no means is available for

on-field recovery in case of an upgrade failure.III. Upgrading the extended segment of the Boot ROM image

1 Enter Boot Menu, select to enter Boot ROM Download Menu.

2 Select in the menu to upgrade the extended segment of the Boot ROM imagethrough XMODEM. Multiple speed options are available. The subsequent steps arethe same as those described in the Upgrading the application image section.

Caution: This upgrade approach upgrades only a portion of the Boot ROM image, so youcan make a second attempt if errors occur.

5.1.3 Backing up and Restoring the Extended Segment of the Boot ROM

ImageI. Back up the extended segment of the Boot ROM image to Flash memory


2 In Boot ROM Download Menu, select to copy the current extended segment toFlash memory.

Backup Extended Segment, are you sure?[Y/N]

3 Enter . For a successful backup, the console screen displays:

Writing to FLASH.Please wait...####

Backuping Boot ROM program to FLASH successed!

4 When Boot ROM Download Menu appears again, select to and reboot therouter.

II. Restore the extended segment of the Boot ROM image from Flash memory

In case faults occur to the extended segment or the upgrade is done inadvertently,take these steps to restore the extended segment of the Boot ROM image from Flashmemory to the Boot ROM:


2 In Boot ROM Download Menu, select to restore the extended segment fromFlash memory.

Restore Extended Segment, are you sure?[Y/N]

3 Enter . The system starts restoring and if successful displays:

Writing to Boot ROM.Please wait...######

Restoring Boot ROM program successed!

4 When Boot ROM Download Menu appears again, select to exit and reboot therouter.

8/3/2019 3comc02581935

32/56


5.2 Upgrading the Software for the Router 6000/RPU

5.2.1 Boot Menu

Software maintenance uses the main Boot ROM menu and the small Boot ROM menu, fordownloading and booting the application image and the main Boot ROM system

respectively.

Build up a configuration environment according to the section Setting up a ConfigurationEnvironment in the chapter Starting and Configuring the Router.

Start the router. The console screen displays:

Do you want to go on checking the sdram? Yes or no(Y/N):

Enter . The screen displays:

Press CTRL+A to Stop AutoBoot!

Starting...

Press within five seconds after the message Starting... appears. Then thesystem enters the small Boot ROM menu.

Notes: To enter the small Boot ROM menu, you must press within five seconds after

the message Starting appears. Otherwise, the system enters the main Boot ROMmenu if the system passes its system check.

If you do not press then, the system checks the code of the main system afterthe small system boots. If an error occurs during the system check or for some otherreason, the system enters the small Boot ROM menu rather than the main Boot ROMmenu.

5.2.2 Small Boot ROM Menu

After the system enters the small Boot ROM menu, the console screen displays:

==========================

| Modify Serial Interface Parameter |

| Update LargeBootrom |

| Boot main system

=========================================================


I. Option 1: Modify Serial Interface Parameter

To modify the serial interface parameters:

1 Enter in the small Boot ROM menu. The screen displays:

=================================================

|Note: Change The HyperTerminal's Baudrate Accordingly.

|

|-----------------------------------------

|

| 9600(Default) |

| 19200 |

| 38400 |

| 57600 |

| 115200 |

8/3/2019 3comc02581935

33/56


================================================================

Enter Your Choice(1-5):

The default baud rate of the serial port is 9600 bps. By changing it to a higher baudrate, you can save the file downloading time.

2 Select a higher baud rate, for 115200 bps for example, and press . The

screen displays:


Change The BaudRate On PC Side First!

3 In the HyperTerminal window, select File > Properties then click .Set the baud rate, to 115200 for example, and click . For more information,refer to the subsection Setting terminal parameters in the section Setting up aConfiguration Environment in the chapter Starting and Configuring the Router.

4 Disconnect and redial to validate new parameters:

a. Disconnect from the system:

b. Redial to validate serial interface parameters:

Note: The baud rate on the router is automatically reset to the default value of 9600 afterthe router reboot. Restore the baud rate in the HyperTerminal to 9600 bps (thedefault) after upgrading the Boot ROM. This is to ensure that information can be

displayed on the console screen after system boot or reboot.II. Option 2: Update LargeBootrom

To upgrade the large Boot ROM system (the large Boot ROM) through the serial port,enter in the small Boot ROM menu and choose to upgrade the large Boot ROMthrough Xmodem. Refer to the subsection Upgrading the main Boot ROM systemin the section Upgrading Image Files Using Xmodem.

III. Optoin 3: Boot main system

To boot the main Boot ROM system enter in the small Boot ROM menu. Thesystem copies the files from the main Boot ROM system to the SDRAM, and then

8/3/2019 3comc02581935

34/56


decompresses the boot file in the SDRAM and reboots them. After that, the systemstarts the main Boot ROM menu.

5.2.3 Main Boot ROM menu

During the boot process, the console screen displays:

*******************************************************

* *

* 3Com Routers BOOTROM, Version 5.25 *

* *

*******************************************************

Copyright (c) 2004-2007 3Com Corporation and its licensors.

CPU type : IBM750FX

CPU L2 Cache : 512KB

CPU Clock Speed : 733MHz

Memory Size : 256MB

Press Ctrl+B to enter Boot Menu... 0

5 To enter the main Boot ROM menu, press as prompted.Note: To enter the main Boot ROM menu, press within four seconds after startup;

otherwise the system boots with the default mode.

The system displays the following prompt:

Main Bootrom password:

6 Enter the Boot ROM password.

Note: You have three chances to provide the correct Boot ROM password (the initial settingis void). If you fail to do that, you need to reboot the system.

After you enter the correct password, the console screen displays:

MAIN MENU

=========================================

| Boot With Default Mode |

| Boot From Flash |

| Enter Serial SubMenu |

| Enter Ethernet SubMenu |

| Boot File Control |

| Modify Bootrom Password |

| Reset Console Authentication |

| Ignore System Configuration |

| Enter Debugging Environment |

| Reboot |

============================================================Enter your choice(1-a): _

Note: If Flash memory is used the first time, the Flash file system formats it when reading orwriting the Flash file and displays the following information:

Formatting Flash, please waiting several minutes...done

8/3/2019 3comc02581935

35/56


I. Option 1: Boot With Default Mode

To boot the main image with the default mode enter in the main Boot ROMmenu. The system downloads the main image to the SDRAM, and theN decompressesand runs it. The console screen displays:

Boot with default mode

Booting from flash...

The main boot file is

Note: Currently the RPU only supports to boot from Flash memory.

II. Option 2: Boot From Flash

Enter in the main Boot ROM menu to boot from Flash memory. The systemdownloads the application image to the SDRAM, and decompresses and runs it. Theconsole screen displays:

Booting from flash

The main boot file is

Decompressing..................................done!Booting from main boot file!

III. Option 3: Enter Serial SubMenu

Enter in the main Boot ROM menu to enter the serial sub-menu. The consolescreen displays:

Boot from serial port.

==============================================

| Download Program To SDRAM And Run |

| Download Main Boot File To Flash |

| Change Boot Parameter |

| Exit To Main Menu |

===============================================================

Enter your choice(1-4): _

Enter to have the system download the application image to the SDRAMthrough the serial interface using Xmodem, decompress, and run it.

Caution: An application loaded this way runs directly without being saved to Flashmemory. When the router reboots, the loaded application is still the old version.Therefore, use this upgrade method with caution.

Enter to have the system download the main boot file to Flash memory usingXmodem.

Enter to modify the baud rate of the serial port on the RPU. The consolescreen displays:

Change serial port parameter.

============================================

|Note: Change The HyperTerminal's Baudrate Accordingly. |

| Press Enter to exit with things untouched |

|-------------------------------------|

| 9600(Default) |

| 19200 |

| 38400 |

| 57600 |

8/3/2019 3comc02581935

36/56


| 115200 |

===========================================+==============

Enter Your Choice(1-5):

The default baud rate of the serial port is 9600 bps. You can change it to a higherbaud rate, 115200 for example by entering . The console screen displays:

Enter your choice(1-5): 5Change The BaudRate On PC Side First!

Change the baud rate of the console terminal. Disconnect the system and redial tovalidate the new baud rate. Refer back to the item Modify the serial interfaceparameters in the subsection Small Boot ROM menu in this section.

Enter in the serial sub-menu to return to the main Boot ROM menu.IV. Option 4: Enter Ethernet SubMenu

Enter in the main Boot ROM menu to access the Ethernet sub-menu. The consolescreen displays:

Boot from net port.=============================================

| Download Program To SDRAM And Run |

| Download Main Boot File To Flash |

| Download Backup Boot File To Flash |

| Download Secure Boot File To Flash |

| Change Boot Parameter |

| Upload config file to PC |

| Exit To Main Menu |

|

|

===============================================================


Enter to have the system download the application image directly to theSDRAM and run it there. The file is not written to Flash memory however and as aresult cannot survive a reboot.

Caution: An application loaded this way runs directly without being saved to Flashmemory. When the router reboots, the loaded application is still the old version.Therefore, use this upgrade method with caution.

Enter , , or to have the syste

3comc02581935

Documents