=================================================================== WebOS 5.2.37 Fixes and Enhancements. Released On - 18 February 2000 =================================================================== Bug 2618: WebUI Issue (L4Admin Cannot Manage Real Servers) Now allows WebUI users with L4Admin privleges to enable and disable Real Servers from the Dashboard's Real Server window. Bug 2694: VLAN name change on TFTP of Configuration Reversed the order that the VLAN information is dumped out while exporting the switch's configuration. This eliminates nuisance message during gtcfg stating that the VLAN names have changed. Bug 2722: Slb sessions thru trunking limited to 8K per port Changed the medhod used to select the port used during trunking so that the load is more evenly distributed. Bug 2755: Panic (MP NANNY) in slb_real_tcp_close() Added a check to prevent accessing an invalid memory location to prevent this particular switch crash. Bug 2756: Need Stateless UDP Redirection (uncached) The switch now supports uncached stateless UDP redirection. =================================================================== WebOS 5.2.36 Fixes and Enhancements. =================================================================== Bug 2667: Allow old lnet/lmask commands on upgrade, or from old saved config file. Now reads the old config commands for lnet/lmask and adds the network into the new LocalNet list, unless the new list has been saved, in which case the new values take precedence. Also updates the (now hidden) lnet/lmask fields to preserve the config in case of software downgrade. Bug 2677: On upgrade the original lnet/lmask is stored in the first entry of the multiple lnet/lmask list. Now loads the original lnet/lmask entry into the multiple lnet/lmask list. Once the multiple lnet/lmask list is saved this copy of the datais no longer performed. Bug 2692: Can't change VLAN for any IP Interface. (From 5.2.34) Correctly display the difference and permit apply/save. Bug 2699: Prevent Multi VIP/Vport per RIP/rport without DAM Added check to prevent illegal configuration of more than one VIP/Vport for the same servers/services, unless in DAM. (DAM permits additional VIPs to be separately mapped to the same services, since each session's address mapping is kept on the client port.) Bug 2700: Allow Port mapping with DAM when using URL parsing or PIP. Remove blanket denial of port mapping (vport != rport) in DAM and allow port mapping when the session table structure permits it - if USLB, or PIP (even "dummy" PIP) is configured. Enhancements: A change was also included to forward UDP packets with the port greater than 33,000 to the MP assuming that these are tracert messages. The previous limit was 30,000. =================================================================== WebOS 5.2.35 Fixes and Enhancements. =================================================================== Bug 2669: IP interface cannot be inside the imask range, resulting in wasted addresses. The imask parameter allows a VIP to cover a range of addresses, mapping them to servers of similar "width". Enhancement - allow VIP/imask to overlap switch interface address. Also ensure that correct MAC (Interface or VMAC) is returned to ARP. =================================================================== WebOS 5.2.34 Fixes and Enhancements. =================================================================== Bug 2659: Incorrect /cfg/dump output for lnet/lmask parameters (lmask twice). Fixed dump output to permit save/copy/paste of config with lnet/lmask set. Bug 2660: RADIUS secret not set correctly on command line. If the RADIUS secret is configured in line, such as "/cfg/radius/secrt password", rather than waiting for the prompt, the password would be stored incorrectly. Bug 2661: Config blocks spanning two flash regions not cleared. When config data crossed a boundary between two regions of flash memory, it was not deleted, resulting in some parameters that could not be removed from the configuration. Bug 2633: Panic if no port number entered for /cfg/snmp/linkt CLI command. Improved fix giving better error message. Bug 2606: Allow definition of multiple "local" networks for improved ARP and route cache management. (lnet/lmask) Improved version uses less flash memory. =================================================================== WebOS 5.2.33 Fixes and Enhancements. =================================================================== Bug 2604: PBIND - Persistent Entries Not Removed (also affects FTP). PBIND creates two session table entries, one for the specific IP ports in the session, and one for persistency. When aging out persistent entries, the second entry would not be removed, causing gradual session table growth. Bug 2633: Panic if no port number entered for /cfg/snmp/linkt CLI command. Forced port number to zero if not entered, causing error message instead of crash. =================================================================== WebOS 5.2.32 Fixes and Enhancements. =================================================================== Bug 2606: Allow definition of multiple "local" networks for improved ARP and route cache management. Switch now supports up to 5 "local" networks defined by a list of lnet/lmask parameters. =================================================================== WebOS 5.2.30 Fixes and Enhancements. =================================================================== Bug 2605: 15 Character SLB names cause problems. When entering 15 character real server or group names, the name is displayed incorrectly as the name entered and the next name, which could cause problems when copying and pasting or synchronizing configurations. =================================================================== WebOS 5.2.29 Fixes and Enhancements. =================================================================== Bug 2599: GSLB in redundant switch scenario not working properly on AD3/180E. Secondary switch was incorrectly interpreting 65536 available sessions as zero (16 bit number), and advertising 0 available connections. Thus remote switches would be shown as down, although real servers were up. Now advertise 65535 available sessions when switch is idle. =================================================================== WebOS 5.2.28 Fixes and Enhancements. =================================================================== Bug 2527: Minor revision to 49 day timer fix. No operational effect. Bug 2584: During a VRRP changeover, sessions through the backup switch may hang. When the VRRP backup switch becomes master, clear the session tables to allow sessions to re-establish. Bug 2585: Improved SYN attack resistance. When the session table is full, reject all new socket opens (SYNs) to reduce the impact on the switch and real servers. Bug 2586: Spanning tree information enhancement for improved network diagnosis. /info/stp now displays the time since the last STP topology change, plus the designated bridge and designated port for each port. Bug 2555: Dynamic (many to 1) Network Address Translation broken from 5.2.24. When server source addresses from a private network were translated using a Proxy IP and NAT filter on the server port, reply frames from the Internet were not correctly delivered to the requester. =================================================================== WebOS 5.2.27 Fixes and Enhancements. =================================================================== Bug 2551: VRRP redirection override initialization =================================================================== WebOS 5.2.26 Fixes and Enhancements. =================================================================== Bug 2527: Health checks and switch management fail after 49 days. After 49.7 days (32 bits of milliseconds) some timers stop incrementing and several functions fail. VRRP advertisements stop. TCP connections do not close. After a few minutes, there are no TCP connections available for health checks or for switch management. The internal millisecond counter is now forced back to zero when it becomes full, ensuring correct operation of timers and calculations dependant on it. Uptime and other long term counters are correctly maintained. Related Bug: Do not let failure to allocate a STEM message cancel all timeouts. Fixed a problem which would stop all timers if a specific, rare, OS condition occurred. Bug 2403: Config sync since 5.2.22 causes panic in Rx switch. Addition of password check exposed timing problem in TCP which caused the receiving switch to watchdog. Fixed. Bug 2450: Config Sync may be received corrupted for large configs. Receiving switch needs time to parse config commands from file. Lack of pacing at sending end could result in lost data, or out of memory condition at sender, accompanied by temporary health check failures. Fixed by adding pacing to config sync send routine. Bug 2454: Backup Phy speed shown as "100" when backup configured as none. Fixed config display to show "none" when no backup phy configured. Bug 2514: Redirection of non-TCP packets with NAT causes switch panic. Fixed bug where, if packet was not TCP or UDP, switch would attempt to free a memory pointer which had never been allocated. Bug 2525: For UDP stateless load balancing, a small client population was not well distributed across the servers. Sessions were actually cached for about 1 second. Sessions are no longer cached at all for UDP stateless operation. Bug 2531: Default gateway health checks were being routed via other interfaces, causing "flapping". If all ports in a VLAN are down, IP routing would send ICMP echo for default gateway via next available interface. If gateway was indirectly reachable, it would go up and down. Only directly attached gateways will now be marked "up". Bug 2252: "Flash Clear Error" messages in units with Intel flash memory. Vendor spec error. To access upper bank of the flash memory, the select line needed to be high for a longer period than originally specified. =================================================================== WebOS 5.2.25 Fixes and Enhancements. =================================================================== Bug 2397: Radius health checks- a) Did not work for both port 1812 and 1645. b) UDP load balancing only used ICMP health checks. Now support UDP Radius health checks. Added support for old Radius port 1645. Bug 2476: Virtual MAC (VMAC) is learned on, and moves between, Server ports. As part of server port processing, server source MAC address is replaced with VMAC. This modified frame then goes through normal L2 MAC address learning process. If there are multiple server ports, VMAC is going to move from server port to server port constantly. The switch no longer learns it's own addresses (EG VMAC). But 2482: Static route configuration does not allow same destination with different masks. Multiple static routes with the same destination but different prefix lengths now permitted. (The destination is a network, NOT the gateway!) Enhancements: Allow Server load balancing or redirection across VLAN boundaries onto 802.1Q trunks Added redirect filter override such that when there are no VRRP masters on a switch, redirect filters become deny filters. =================================================================== WebOS 5.2.24 Fixes and Enhancements. =================================================================== Bug 2387: PANIC at ../../../../../src/ts/mp/sys/timer.c:742 in thread 0 Caused by abnormal termination of telnet session. Now clean up after abnormally terminated telnet sessions. Bug 2465: When DSSP update span multiple packets, the receiving switch signals an error and sends syslog message. Also drops the data. DSSP updates now use single packets. Configuring a name for a port could panic the switch. Fixed. Enhancements: For response time weighting in GSLB, added local weight for local VIPs. Real server weight is used for remote VIPs. =================================================================== WebOS 5.2.23 Fixes and Enhancements. =================================================================== Bug 2388: When lnet/lmask is enabled, 'route' entries are still added to the ARP table for anything sent from the Master Processor. No longer create Route/ARP cache entries for Master Processor. For safety, limit the number of connections that can be used by passive TCP opens. Bug 2389: Destination NAT filters always assume that IP addresses will be remapped. This is incorrect. A DNATfilter might only remap port numbers. Now permit DNAT filters that only map ports. =================================================================== WebOS 5.2.22 Fixes and Enhancements. =================================================================== Bug 2332: Aceswitch 180 /cfg/port X/name some_string doesn't work. You have to run /cfg/port X/name and then follow the prompts. Nuisance from cmd line - causes errors with TFTP config. /cfg/port x/name command fixed. Bug 2347: Port 3121 (used for sync) did not require password. Now send (and check for) password when opening the sync connection, otherwise reset the connection. Bug 2311: DNS udp load-balancing causes switch watchdog. Issue: Switch watchdogs when a dns request hits the vip. Fixed bug when DNS response arrives at MP with dport 53 Enhancements: Only use upper 24 bits of IP SA when filter sport is 80, so that when cache server masquerades as client, the responses can be redirected to the same cache server based on the same web server address as used for the outbound redirection. Allow VRRP VIR to be pinged Allow VRRP virtual router to be pinged ===================================================================