SWX3220 Firmware V4.02.13
- Please read before updating the firmware.
Security measures were strengthened for accessing the unit.
- The following OpenSSL vulnerabilities were addressed.
CVE-2021-3712 (JPCERT/CC JVNVU#99612123)
- The following OpenSSL vulnerabilities were addressed.
CVE-2022-0778 (JPCERT/CC JVNVU#90813125)
- Measures were implemented to address the following ISC DHCP vulnerabilities.
CVE-2022-2929 (JPCERT/CC JVNVU#96924367)
How to update the firmware
For details, please refer to the "Yamaha LAN Monitor User Guide" and the Web GUI help menu.
- Connect the SWX3220 and the computer with a LAN cable.
Please connect to a port of SWX3220 set as VLAN1.
- Start the Yamaha LAN Monitor.
- Select the SWX3220 to be updated in the tree view.
- Click the [Web GUI] button on the device detail view.
With the factory settings, the username and password are not specified, so entering a username and password would be unnecessary in that case.
- Select [Management] -> [Maintenance] -> [Update firmware], then click the [Next] button on "Update firmware from PC."
- Click the [Select a file] button, then select the downloaded and decompressed firmware file with extension .bin.
- Click the [OK] button.
- Click the [Execute] button.
Wait until completing the update. SWX3220 will automatically restart and become ready to use.
Main Revisions and Enhancements
- The following command can now forward multicast packets without discarding part of the multicast communication even if “l2-unknown-mcast discard” is specified.
- Support for “summertime” time zones was added.
User settings for the summertime period and offset hours were added to the “clock summer-time” command.
On the Web GUI [Management]->[Interface settings] page, a [Time zone setting] page was added for setting the time zone and summer time settings.
- Support for auto-configure via LLDP functionality was added. https://manual.yamaha.com/pa/interfaces/swx3220/Rev_4_02_12/en/basic/index.html#!/oam_lldp
- A new cable diagnostics function was added.
In addition, a cable diagnostics page was added to the [Management]->[Maintenance] menu of the Web GUI.
- The SDVoE optimization function was added.
- Support for the automatic SD card booting function was enabled.
- A command for changing the authentication order was added in case the same authentication method is also used for the port authentication function.
- auth order
- Commands that can be registered in the FDB as static entries were added to the MAC authentication function.
- auth-mac static
- IGMP snooping features were expanded to support the following:
- A command for enabling/disabling the report suppression function was added.
- ip igmp snooping report-suppression
- A command for enabling/disabling the multicast router port data forwarding suppression function was added.
- ip igmp snooping mrouter-port data-suppression
The following settings were added to the [Multicast]->[IGMP snooping]->[IGMP snooping settings] field in the Detailed settings screen of the Web GUI:
- Report Suppression Function
- Multicast Router Port Data Forwarding Suppression Function
- SYSLOG facility values became changeable.
- syslog facility
In addition, the ability to change/display SYSLOG facility value settings was added in the [Management]->[Maintenance]->[SYSLOG management] field of the Web GUI.
- syslog facility
- Commands were added to restrict access to the SNMP server.
- snmp-server access
In addition, the [Access via SNMP] settings screen was added to the [Management]->[Access management]->[Various server settings] field of the Web GUI.
- snmp-server access
- Private MIB support was added for loop detection.
- Support for the following was added to the Web GUI:
- A [Multicast basic settings] page was added to the Detailed settings.
- The following settings were enabled in the [Traffic control]->[QoS] field in the Detailed settings:
- [CoS]->[Transmit queue mapping table] settings
- [DSCP]->[Transmit queue mapping table] settings
- The following settings are now displayed in the [Management]->[Dante optimization] field:
- Unknown multicast frame settings
- QoS settings
- If PTP functionality is enabled for the overall system and “l2-unknown-mcast discard” is specified, PTP packets are forwarded without being discarded.
- The PTP input/output delay was corrected.
- The maximum number of characters in shared passwords used for port authentication and RADIUS server functionality was increased from 64 to 128.
RADIUS server shared password setting (radius-server key)
RADIUS server host setting (radius-server host)
RADIUS client setting (NAS)
- Improvements were made to multicast address registering and deleting processes for IGMP/MLD snooping.
- The following terminology was changed for Yamaha network products:
|SNMP (Private MIB)||ysl2msFindSlave||ysl2msFindAgent|
- The following ARP changes were made:
- ARP entries are no longer generated when ARP requests are received.
- ARP replies are now received for only a fixed period after an ARP request is sent by that unit.
- Support for the IGMP snooping fast-leave function was also included in IGMPv3.
- The maximum number of settings for the “bind host” command was changed in the DHCP function.
Before change: Maximum of 64 settings per pool
After change: Maximum of 4,096 settings for all pools
- Improvements were made to the time required by the logical interface to link up for LACP link aggregation.
- The use of characters " ' ` and \ were disallowed in URLs.
- If stacking is enabled, an error message is displayed if a PTP “show”-based command is executed.
- In the Web GUI login screen, a scroll bar is displayed if the browser display is small.
- The accordion menus for Detailed settings and Management screens of the Web GUI were reorganized.
- The “Change the settings related to the community accordingly.” or “Delete from related settings as well.” checkbox can be selected when changing/deleting community settings in the Web GUI [Management]->[SNMP]->[Community] field. These settings specify which clients can access the SNMP servers that determine whether the community is now also changed/deleted accordingly.
- A bug was fixed that caused the system sometimes to reboot if the CPU usage ratio increased after receiving a portion of the IGMP packet.
- A bug was fixed that sometimes returned unwanted IGMP reports if an IGMP report was received from a multicast router port.
- A bug was fixed that sometimes stopped multicast streams from being forwarded correctly if a LAN/SFP port associated with a logical interface is linked up/down with IGMP/MLD snooping.
- A bug was fixed that sometimes caused unwanted log events to be output if an IGMP snooping group registration was deleted.
- A bug that sometimes prevented authentication when a guest VLAN was enabled during MAC authentication was fixed.
- A bug was fixed that resulted in rebooting if an invalid LLDP frame was received.
- A bug that prevented using the following commands to make revisions via an SSH connection was corrected.
- firmware-update execute
- firmware-update sd execute
- A bug that prevented obtaining tech support via an SSH connection if a stack was configured was fixed.
- In the stack function, a bug was fixed that sometimes prevented communication via a member switch port if a stack was configured concurrently starting up in standalone mode.
- A bug was fixed that enabled a user to log in to the console without a password if the “username” command was used to change only the privilege settings for an existing user without entering the password.
- A bug was fixed that resulted in not reflecting associated LAN/SFP ports in settings when there are port authentication settings for a logical interface, and VLAN access to the logical interface was changed.
- A bug was fixed that sometimes prevented properly load-balancing unicast packets during link aggregation if they were addressed to MAC addresses registered in the FDB.
- A bug that sometimes prevented communication with devices connected to member switches in stack configurations was fixed due to ARP entry inconsistencies between stacks when many ARP entries were registered or deleted simultaneously.
- A bug was fixed that sometimes prevented transmitting packets when the half-duplex mode was used for port communication.
- A bug was fixed in the SNMP function that sometimes prevented obtaining a MIB after a MIB was obtained while rebooting a member switch in a stack.
- A bug was fixed that sometimes prevented transmitting multicast packets to some ports, because IGMP snooping did not function correctly during stack reconfiguration.
- A bug that sometimes resulted in not transmitting streams requiring a multicast router port when “l2-unknown-mcast discard” is specified was fixed.
- A bug that sometimes did not reflect VLAN IP address settings in the sender IP address settings for sending IGMPv2 report messages during IGMP snooping was fixed.
- A bug was fixed that sometimes cleared authentication information before the FDB aging time was complete during MAC authentication.
- A bug was fixed that sometimes caused some functionality to become unstable after the current time setting was changed, such as after the NTP time setting was corrected.
- A bug was fixed that sometimes prevented registering received packets from being routed for stack configurations.
- A bug that prevented URL encoding values from entering HTTP proxy server settings for updating firmware was fixed.
- A bug that sometimes outputted error log events if a dashboard page was opened in the Web GUI while rebooting a stack member switch was fixed.
- A bug in the port security function was fixed that sometimes prevented the blocking status in port security information after a stack was reconfigured.
- A format error in the “no switchport multiple-vlan group” command was corrected.
- A bug that sometimes prevented properly updating information in the “Device details and settings” view in the LAN map screen of the Web GUI was fixed.
- A bug was fixed that prevented some of the physical interfaces from displaying in the [Port authentication] field in the Detailed settings screen of the Web GUI if logical interface settings are deleted after stack reconfiguration.
- A bug was fixed that prevented displaying errors correctly after trying to specify dynamic VLAN settings for trunk ports using the [Interface settings]->[Port authentication]->[Port authentication settings] in the Detailed settings screen of the Web GUI.
- A bug was fixed that resulted in an error if a VLAN had frame transmission disabled when optimization settings were executed on the following pages in the [Management] settings of the Web GUI:
- [Dante optimization]
- [SDVoE optimization]
- Inconsistencies in how some information was displayed in the Web GUI help information were corrected.
License Agreement and Download File
PLEASE READ THIS SOFTWARE LICENSE AGREEMENT ("AGREEMENT") CAREFULLY BEFORE USING THIS SOFTWARE. YOU ARE ONLY PERMITTED TO USE THIS SOFTWARE PURSUANT TO THE TERMS AND CONDITIONS OF THIS AGREEMENT. THIS AGREEMENT IS BETWEEN YOU (AS AN INDIVIDUAL OR LEGAL ENTITY) AND YAMAHA CORPORATION ("YAMAHA").
BY DOWNLOADING, INSTALLING, COPYING, OR OTHERWISE USING THIS SOFTWARE YOU ARE AGREEING TO BE BOUND BY THE TERMS OF THIS LICENSE. IF YOU DO NOT AGREE WITH THE TERMS, DO NOT DOWNLOAD, INSTALL, COPY, OR OTHERWISE USE THIS SOFTWARE. IF YOU HAVE DOWNLOADED OR INSTALLED THE SOFTWARE AND DO NOT AGREE TO THE TERMS, PROMPTLY ABORT USING THE SOFTWARE.
1. GRANT OF LICENSE AND COPYRIGHT
Subject to the terms and conditions of this Agreement, Yamaha hereby grants you a license to use copy(ies) of the software program(s) and data ("SOFTWARE") accompanying this Agreement, only on a computer, musical instrument or equipment item that you yourself own or manage. The term SOFTWARE shall encompass any updates to the accompanying software and data. While ownership of the storage media in which the SOFTWARE is stored rests with you, the SOFTWARE itself is owned by Yamaha and/or Yamaha's licensor(s), and is protected by relevant copyright laws and all applicable treaty provisions. While you are entitled to claim ownership of the data created with the use of SOFTWARE, the SOFTWARE will continue to be protected under relevant copyrights.
- You may not engage in reverse engineering, disassembly, decompilation or otherwise deriving a source code form of the SOFTWARE by any method whatsoever.
- You may not reproduce, modify, change, rent, lease, or distribute the SOFTWARE in whole or in part, or create derivative works of the SOFTWARE.
- You may not electronically transmit the SOFTWARE from one computer to another or share the SOFTWARE in a network with other computers.
- You may not use the SOFTWARE to distribute illegal data or data that violates public policy.
- You may not initiate services based on the use of the SOFTWARE without permission by Yamaha Corporation.
- You may not use the SOFTWARE in any manner that might infringe third party copyrighted material or material that is subject to other third party proprietary rights, unless you have permission from the rightful owner of the material or you are otherwise legally entitled to use.
Copyrighted data, including but not limited to MIDI data for songs, obtained by means of the SOFTWARE, are subject to the following restrictions which you must observe.
- Data received by means of the SOFTWARE may not be used for any commercial purposes without permission of the copyright owner.
- Data received by means of the SOFTWARE may not be duplicated, transferred, or distributed, or played back or performed for listeners in public without permission of the copyright owner.
- The encryption of data received by means of the SOFTWARE may not be removed nor may the electronic watermark be modified without permission of the copyright owner.
This Agreement becomes effective on the day that you receive the SOFTWARE and remains effective until terminated. If any copyright law or provision of this Agreement is violated, this Agreement shall terminate automatically and immediately without notice from Yamaha. Upon such termination, you must immediately abort using the SOFTWARE and destroy any accompanying written documents and all copies thereof.
4. DISCLAIMER OF WARRANTY ON SOFTWARE
If you believe that the downloading process was faulty, you may contact Yamaha, and Yamaha shall permit you to re-download the SOFTWARE, provided that you first destroy any copies or partial copies of the SOFTWARE that you obtained through your previous download attempt. This permission to re-download shall not limit in any manner the disclaimer of warranty set forth in Section 5 below.
You expressly acknowledge and agree that use of the SOFTWARE is at your sole risk. The SOFTWARE and related documentation are provided "AS IS" and without warranty of any kind. NOTWITHSTANDING ANY OTHER PROVISION OF THIS AGREEMENT, YAMAHA EXPRESSLY DISCLAIMS ALL WARRANTIES AS TO THE SOFTWARE, EXPRESS, AND IMPLIED, INCLUDING BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT OF THIRD PARTY RIGHTS. SPECIALLY, BUT WITHOUT LIMITING THE FOREGOING, YAMAHA DOES NOT WARRANT THAT THE SOFTWARE WILL MEET YOUR REQUIREMENTS, THAT THE OPERATION OF THE SOFTWARE WILL BE UNINTERRUPTED OR ERROR-FREE, OR THAT DEFECTS IN THE SOFTWARE WILL BE CORRECTED.
5. LIMITATION OF LIABILITY
YAMAHA'S ENTIRE OBLIGATION HEREUNDER SHALL BE TO PERMIT USE OF THE SOFTWARE UNDER THE TERMS HEREOF. IN NO EVENT SHALL YAMAHA BE LIABLE TO YOU OR ANY OTHER PERSON FOR ANY DAMAGES, INCLUDING, WITHOUT LIMITATION, ANY DIRECT, INDIRECT, INCIDENTAL OR CONSEQUENTIAL DAMAGES, EXPENSES, LOST PROFITS, LOST DATA OR OTHER DAMAGES ARISING OUT OF THE USE, MISUSE OR INABILITY TO USE THE SOFTWARE, EVEN IF YAMAHA OR AN AUTHORIZED DEALER HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. In no event shall Yamaha's total liability to you for all damages, losses and causes of action (whether in contract, tort or otherwise) exceed the amount paid for the SOFTWARE.
6. OPEN SOURCE SOFTWARE
This SOFTWARE may include the software or its modifications which include any open source licenses, including but not limited to GNU General Public License or Lesser General Public License ("OPEN SOURCE SOFTWARE"). Your use of OPEN SOURCE SOFTWARE is subject to the license terms specified by each rights holder. If there is a conflict between the terms and conditions of this Agreement and each open source license, the open source license terms will prevail only where there is a conflict.
7. THIRD PARTY SOFTWARE AND SERVICE
Third party software, service and data ("THIRD PARTY SOFTWARE") may be attached to the SOFTWARE. IF, in the written materials or the electronic data accompanying the software, Yamaha identifies any software and data as THIRD PARTY SOFTWARE, you acknowledge and agree that you must abide by the terms of any agreement provided with the THIRD PARTY SOFTWARE and that the party providing the THIRD PARTY SOFTWARE is responsible for any warranty or liability related to or arising from the THIRD PARTY SOFTWARE. Yamaha is not responsible in any way for the THIRD PARTY SOFTWARE or your use thereof.
- Yamaha provides no express warranties as to the THIRD PARTY SOFTWARE. IN ADDITION, YAMAHA EXPRESSLY DISCLAIMS ALL IMPLIED WARRANTIES, INCLUDING BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE, as to the THIRD PARTY SOFTWARE.
- Yamaha shall not provide you with any service or maintenance as to the THIRD PARTY SOFTWARE.
Yamaha is not liable to you or any other person for any damages, including, without limitation, any direct, indirect, incidental or consequential damages, expenses, lost profits, lost data or other damages arising out of the use, misuse or inability to use the THIRD PARTY SOFTWARE.
U.S. GOVERNMENT RESTRICTED RIGHTS NOTICE:
The Software is a “commercial item,” as that term is defined at 48 C.F.R. 2.101 (Oct 1995), consisting of “commercial computer software” and “commercial computer software documentation,” as such terms are used in 48 C.F.R. 12.212 (Sept 1995). Consistent with 48 C.F.R. 12.212 and 48 C.F.R. 227.7202-1 through 227.72024 (June 1995), all U.S. Government End Users shall acquire the Software with only those rights set forth herein.
This Agreement shall be interpreted according to and governed by Japanese law without reference to principles of conflict of laws. Any dispute or procedure shall be heard before the Tokyo District Court in Japan. If for any reason a court of competent jurisdiction finds any portion of this Agreement to be unenforceable, the remainder of this Agreement shall continue in full force and effect. All legal notices, notice of disputes and demands for arbitration, and any other notice which purports to change these provisions or to assert legal entitlements must be sent in writing to:
10-1, Nakazawa-cho, Naka-ku, Hamamatsu, Shizuoka, 430-8650, Japan
9. ENTIRE AGREEMENT
This Agreement constitutes the entire agreement between the parties with respect to use of the SOFTWARE and any accompanying written materials and supersedes all prior or contemporaneous understandings or agreements, written or oral, regarding the subject matter of this Agreement.
Yamaha may amend, revise or update this Agreement at its discretion. Any change or update that Yamaha makes to this Agreement will be effective after you agree with the updated terms of this Agreement or use this SOFTWARE.
Last updated :January 28, 2020