SWX2320 Firmware V2.05.13 (Previous version)
Important Notice
- Please read before updating the firmware.
Security measures were strengthened for accessing the unit.
- The following OpenSSL vulnerabilities were addressed.
CVE-2021-3712 (JPCERT/CC JVNVU#99612123) - The following OpenSSL vulnerabilities were addressed.
CVE-2022-0778 (JPCERT/CC JVNVU#90813125)
How to update the firmware
For details, please refer to the "Yamaha LAN Monitor User Guide" and the Web GUI help menu.
- Connect the SWX2320 and the computer with a LAN cable.
Please connect to a port of SWX2320 set as VLAN1. - Start the Yamaha LAN Monitor.
- Select the SWX2320 to be updated in the tree view.
- Click the [Web GUI] button on the device detail view.
With the factory settings, the username and password are not specified, so entering a username and password would be unnecessary in that case. - Select [Management] -> [Maintenance] -> [Update firmware], then click the [Next] button on "Update firmware from PC."
- Click the [Select a file] button, then select the downloaded and decompressed firmware file with extension .bin.
- Click the [OK] button.
- Click the [Execute] button.
Wait until completing the update. SWX2320 will automatically restart and become ready to use.
Main Revisions and Enhancements
New Functionality
- The following command can now forward multicast packets without discarding part of the multicast communication even if “l2-unknown-mcast discard” is specified.
l2-unknown-mcast forward - Support for “summertime” time zones was added.
User settings for the summertime period and offset hours were added to the “clock summer-time” command.
On the Web GUI [Management]->[Interface settings] page, a [Time zone setting] page was added for setting the time zone and summer time settings. - Security measures were strengthened for accessing the unit.
- A new cable diagnostics function was added.
In addition, a cable diagnostics page was added to the [Management]->[Maintenance] menu of the Web GUI. - The SDVoE optimization function was added.
- Support for the automatic SD card booting function was enabled.
- A command for changing the authentication order was added in case the same authentication method is also used for the port authentication function.
- auth order
- Commands that can be registered in the FDB as static entries were added to the MAC authentication function.
- auth-mac static
- IGMP snooping features were expanded to support the following:
- A command for enabling/disabling the report suppression function was added.
- ip igmp snooping report-suppression
- A command for enabling/disabling the multicast router port data forwarding suppression function was added.
- ip igmp snooping mrouter-port data-suppression
The following settings were added to the [Multicast]->[IGMP snooping]->[IGMP snooping settings] field in the Detailed settings screen of the Web GUI. - Report Suppression Function
- Multicast Router Port Data Forwarding Suppression Function
- SYSLOG facility values became changeable.
- syslog facility
In addition, the ability to change/display SYSLOG facility value settings was added in the [Management]->[Maintenance]->[SYSLOG management] field of the Web GUI.
- syslog facility
- Commands were added to restrict access to the SNMP server.
- snmp-server access
In addition, the [Access via SNMP] settings screen was added to the [Management]->[Access management]->[Various server settings] field of the Web GUI.
- snmp-server access
- Private MIB support was added for loop detection.
- Support for the following was added to the Web GUI:
- A [Multicast basic settings] page was added to the Detailed settings.
- The following settings were enabled in the [Traffic control]->[QoS] field in the Detailed settings:
- [CoS]->[Transmit queue mapping table] settings
- [DSCP]->[Transmit queue mapping table] settings
- The following settings are now displayed in the [Management]->[Dante optimization] field:
- Unknown multicast frame settings
- QoS settings
Improvements
- The maximum number of characters in shared passwords used for port authentication and RADIUS server functionality was increased from 64 to 128.
RADIUS server shared password setting (radius-server key)
RADIUS server host setting (radius-server host)
RADIUS client setting (NAS) - If PTP functionality is enabled for the overall system and “l2-unknown-mcast discard” is specified, PTP packets are forwarded without being discarded.
- The PTP input/output delay was corrected.
- Improvements were made to multicast address registering and deleting processes for IGMP/MLD snooping.
- The following terminology was changed for Yamaha network products:
Function | Before | After |
---|---|---|
L2MS | Master | Manager |
Slave | Agent | |
Stack | Master | Main |
Slave | Member | |
URL Filter | Black-list | Reject-list |
White-list | Pass-list | |
Backup route | Master | Main |
SNMP (Private MIB) | ysl2msFindSlave | ysl2msFindAgent |
- The following ARP changes were made:
- ARP entries are no longer generated when ARP requests are received.
- ARP replies are now received for only a fixed period after an ARP request is sent by that unit.
- Support for the IGMP snooping fast-leave function was also included in IGMPv3.
- Improvements were made to the time required by the logical interface to link up for LACP link aggregation.
- The use of characters " ' ` and \ were disallowed in URLs.
- If stacking is enabled, an error message is displayed if a PTP “show”-based command is executed.
- In the Web GUI login screen, a scroll bar is displayed if the browser display is small.
- The accordion menus for Detailed settings and Management screens of the Web GUI were reorganized.
- The “Change the settings related to the community accordingly.” or “Delete from related settings as well.” checkbox can be selected when changing/deleting community settings in the Web GUI [Management]->[SNMP]->[Community] field. These settings specify which clients can access the SNMP servers that determine whether the community is now also changed/deleted accordingly.
- The explanatory text was changed for the JavaScript and Cookie settings in the Web GUI general help page.
Fixed Bugs
- A bug was fixed that caused the system sometimes to reboot if the CPU usage ratio increased after receiving a portion of the IGMP packet.
- A bug was fixed that sometimes returned unwanted IGMP reports if an IGMP report was received from a multicast router port.
- A bug was fixed that sometimes stopped multicast streams from being forwarded correctly if a LAN/SFP port associated with a logical interface is linked up/down with IGMP/MLD snooping.
- A bug was fixed that sometimes caused unwanted log events to be output if an IGMP snooping group registration was deleted.
- A bug that sometimes prevented authentication when a guest VLAN was enabled during MAC authentication was fixed.
- A bug was fixed that resulted in rebooting if an invalid LLDP frame was received.
- The possibility of rebooting was eliminated after specifying the “send from” command for the email notification function.
- A bug that prevented using the following commands to make revisions via an SSH connection was corrected.
- firmware-update execute
- firmware-update sd execute
- A bug that prevented obtaining tech support via an SSH connection if a stack was configured was fixed.
- In the stack function, a bug was fixed that sometimes prevented communication via a member switch port if a stack was configured concurrently starting up in standalone mode.
- A bug was fixed that enabled a user to log in to the console without a password if the “username” command was used to change only the privilege settings for an existing user without entering the password.
- A bug was fixed that resulted in not reflecting associated LAN/SFP ports in settings when there are port authentication settings for a logical interface, and VLAN access to the logical interface was changed.
- A bug was fixed that sometimes prevented properly load-balancing unicast packets during link aggregation if they were addressed to MAC addresses registered in the FDB.
- A bug that sometimes prevented communication with devices connected to member switches in stack configurations was fixed due to ARP entry inconsistencies between stacks when many ARP entries were registered or deleted simultaneously.
- A bug was fixed that sometimes prevented transmitting packets when the half-duplex mode was used for port communication.
- A bug was fixed in the SNMP function that sometimes prevented obtaining a MIB after a MIB was obtained while rebooting a member switch in a stack.
- A bug was fixed that sometimes prevented transmitting multicast packets to some ports, because IGMP snooping did not function correctly during stack reconfiguration.
- A bug that sometimes resulted in not transmitting streams requiring a multicast router port when “l2-unknown-mcast discard” is specified was fixed.
- A bug that sometimes did not reflect VLAN IP address settings in the sender IP address settings for sending IGMPv2 report messages during IGMP snooping was fixed.
- A bug was fixed that sometimes cleared authentication information before the FDB aging time was complete during MAC authentication.
- A bug was fixed that sometimes caused some functionality to become unstable after the current time setting was changed, such as after the NTP time setting was corrected.
- A bug was fixed that sometimes prevented registering received packets from being routed for stack configurations.
- A bug that prevented URL encoding values from entering HTTP proxy server settings for updating firmware was fixed.
- A bug that sometimes outputted error log events if a dashboard page was opened in the Web GUI while rebooting a stack member switch was fixed.
- A bug in the port security function was fixed that sometimes prevented the blocking status in port security information after a stack was reconfigured.
- A format error in the “no switchport multiple-vlan group” command was corrected.
- A bug that sometimes prevented properly updating information in the “Device details and settings” view in the LAN map screen of the Web GUI was fixed.
- A bug was fixed that prevented some of the physical interfaces from displaying in the [Port authentication] field in the Detailed settings screen of the Web GUI if logical interface settings are deleted after stack reconfiguration.
- A bug was fixed that prevented displaying errors correctly after trying to specify dynamic VLAN settings for trunk ports using the [Interface settings]->[Port authentication]->[Port authentication settings] in the Detailed settings screen of the Web GUI.
- A bug was fixed that resulted in an error if a VLAN had frame transmission disabled when optimization settings were executed on the following pages in the [Management] settings of the Web GUI:
- [Dante optimization]
- [SDVoE optimization]
- Inconsistencies in how some information was displayed in the Web GUI help information were corrected.
授權合約&下載檔案
注意
使用此軟體前,請仔細閱讀軟體授權協議(「協議」)。您僅可依據此協議的條款和條件使用此軟體。此為您(個人或法律實體)和 YAMAHA CORPORATION(「YAMAHA」)間簽署的協議。
下載或安裝此軟體或以其他方式供您使用,您同意接受此授權條款的約束。如果您不同意此條款,請勿下載、安裝、複製或以其他方式使用此軟體。如果您下載或安裝軟體但不同意條款,請立即刪除軟體。
授權授予和版權
Yamaha 特此授予您依據隨附條款和條件,在您擁有或管理的電腦、樂器或設備上使用程式和隨附此協議並構成軟體一部分的資料檔案,以及未來可能提供您進行軟體升級的任何程式和檔案(統稱「軟體」)的權利。雖然儲存軟體的所有權為您所有,但該軟體本身屬於 Yamaha 和/或 Yamaha 的授權方所有,並受相關版權法和所有適用法規的保護。
限制
- 您不得 從事反向工程、反彙編、反編譯或以任何方式取得軟體任何形式的程式碼。
- 您不得 重製、修改、變更、租賃、出租或散布完整或部分軟體,以製作軟體的衍生品。
- 您不得 以電子方式,從一台電腦傳輸軟體至另一台電腦,或在網路上與其他電腦共用軟體。
- 您不得 使用軟體,散布非法資料或違反公共政策的資料。
- 在未取得 Yamaha Corporation 的同意時,您不得依據軟體的使用,啟動服務。
透過軟體方式取得的版權保護資料,包含但不限於樂曲 MIDI 資料,有您必須遵守的以下限制條款。
- 在未取得版權所有人的同意時,不得將透過軟體方式接收的資料作為商業用途使用。
- 在未取得版權所有人的同意時,不得複製、傳輸或散布或為公開聽眾播放或表演透過軟體方式接收的資料。
- 在未取得版權所有人的同意時,不得移除透過軟體方式接收資料的加密,且不得修改電子浮水印。
終止
如果違反版權法或此協議條款,協議將自動立即終止,Yamaha 恕不通知。如果以此方式終止,您必須立即銷毀授權的軟體、隨附的書面文件和所有副本。
下載的軟體
如果您認為下載流程有問題,可聯絡 Yamaha,Yamaha 可允許您重新下載該軟體,前提是您需先銷毀透過先前下載嘗試取得的軟體的任何副本或部分副本。重新下載的許可不得以任何方式限制以下第 5 節所述保固聲明。
軟體保固聲明
您明示已同意自負使用軟體的風險。軟體和相關文件以「原狀」提供,且無任何保固。儘管本協議另行規定,YAMAHA 明示放棄軟體的所有明示和暗示保固,包括但不限於對適銷性、特定用途的適用性和不侵犯第三方權利的暗示保固。特別是,但不限制上述規定,YAMAHA 不保證軟體滿足您的要求、軟體的操作不會中斷或沒有錯誤或軟體的缺失得以修正。
責任限制
YAMAHA 的全部義務是根據以下條款允許使用本軟體。在任何情況下,對您或任何其他人遭受的任何損害,包括但不限於任何直接、間接、偶然或間接損害、費用、利潤損失、資料遺失或其他因使用而造成的損害、誤用或無法使用該軟體,即使 YAMAHA 或授權經銷商已被告知此類損害的可能性,YAMAHA 概不負責。在任何情況下,Yamaha 對您的所有損害、損失和訴訟原因(無論是合約、侵權或其他方式)的全部責任均不超過為該軟體支付的金額。
第三方軟體
此軟體隨附第三方軟體和資料(「第三方軟體」)。如果軟體隨附的書面材料或電子資料中,Yamaha 將任何軟體和資料標示為第三方軟體,則您確認並同意您必須遵守第三方軟體隨附的任何協議條款以及提供第三方軟體的一方,對與第三方軟體相關或由第三方軟體衍生的任何保證或責任負責。因第三方軟體或使用,Yamaha 概不以任何方式負責。
- Yamaha 不提供第三方軟體的明示保固。此外,對於第三方軟體,YAMAHA 明示放棄所有暗示保固,包括但不限於對適銷性和特定用途的適用性的暗示保固。
- Yamaha 不應提供您第三方軟體的相關服務或維護。
- 對您或任何其他人的任何損害,包括但不限於因使用、誤用或無法使用第三方軟體而導致的任何直接、間接、偶然或後果性損害、費用、利潤損失、資料遺失或其他損害,對您或任何其他人,Yamaha 概不負責。
美國政府限制權利通知:
該軟體是「商業項目」,該術語的定義可見 48 C.F.R. 2.101(1995 年 10 月),由「商業電腦軟體」和「商業電腦軟體文件」組成,這些術語在 48 C.F.R. 12.212 使用(1995 年 9 月)。與 48 C.F.R.一致的 12.212 和 48 C.F.R. 227.7202-1 至 227.72024(1995 年 6 月),所有美國政府最終使用者均應僅以此處規定的權利取得本軟體。
總則
此協議應根據日本法律解釋,不受法律衝突原則的約束。任何爭議或訴訟程序應在日本東京地方法院審理。如果因任何原因,具司法管轄權的法院認定本協議的任何部分無法執行,則本協議的其餘部分仍將維持其完整效力。
完整協議
本協議構成雙方間有關軟體使用和任何隨附書面材料的完整協議,並取代所有先前或同時就本協議達成的書面或口頭理解或協議。除非經 Yamaha 的完全授權代表書面簽字,否則本協議的任何修訂或修正均不具有約束力。