SecureStack C3, firmware 1.01.06.0007 and lower
SecureStack C2, firmware 5.01.06.0007 and lower
SecureStack B3, firmware 1.01.06.0007 and lower
SecureStack B2, firmware 4.01.06.0007 and lower
G-Series, firmware 1.00.03.0002 and lower
D-Series, firmware 1.00.04.0001 and lower
Configured Policy on a port.
The first (possibly ARP) packet ingressing the switch port is lost, not being forwarded for switching or routing.
The remainder of ingressed traffic is treated as configured per the policy.
The first ingressed packet attempting to pass through the policy is consumed by the CPU.
For the C3, upgrade to firmware 1.02.01.0004 or higher.
For the C2, upgrade to firmware 5.02.01.0006 or higher.
For the B3, upgrade to firmware 1.02.01.0004 or higher.
For the B2, upgrade to firmware 4.02.01.0006 or higher.
For the G-Series, upgrade to firmware 1.02.00.0043 or higher.
For the D-Series, upgrade to firmware 6.03.01.0008 or higher.
Release notes state, in the '
Firmware Changes and Enhancements
Corrected an issue where the first packet through the switch is dropped with policy applied, subsequent packet transmissions are successful.
This symptom will recur each time the relevant Source Address Table (SAT) entry times out, as it is being relearned. One possible workaround is to increase the MAC Agetime ('
set mac agetime...
show mac agetime