2000/05/01 ComOS 4.2 Release Note for the PortMaster 4 _______________ Introduction The Lucent Technologies ComOS(R) 4.2 software release is now available for general availability (GA) for the PortMaster(R) 4 Integrated Access Concentrator. This release note applies only to the PortMaster 4. This release is provided at no charge to all Lucent customers. This release note documents commands and features added between ComOS 4.1 and ComOS 4.2 on the PortMaster 4. This release contains the same modem code as did ComOS 4.1c1 for the PortMaster 4. Before upgrading, thoroughly read "Upgrade Instructions." _______________ Contents Introduction Supporting Documents Bugs Fixed in ComOS 4.2 New Features in ComOS 4.2 L2TP Improvements Redundant System Manager Module (RSMM) Additional New and Modified Commands SNMP Enhancements SNMP Alarms Added RADIUS Authentication Failover RADIUS Accounting Timers Upgrade Instructions Technical Support _______________ Supporting Documents * PortMaster 4 User Manual Addendum For detailed installation and configuration instructions, simple troubleshooting instructions, and command descriptions for ComOS 4.2 on the PortMaster 4, see this addendum at http://www.livingston.com/tech/docs/manuals.html. * PortMaster 4 Installation Guide * PortMaster 4 Configuration Guide * PortMaster 4 Command Line Reference For general PortMaster 4 documentation, see these manuals, also at http://www.livingston.com/tech/docs/manuals.html. (Or see the PortMaster 4 User Manual binder, which contains these manuals in printed form). * MIB for PortMaster 4 SNMP Agent For ComOS 4.2 extensions to the PortMaster Management Information Base (MIB), go to ftp://ftp.livingston.com/pub/le/snmp/le42.mib. _______________ Bugs Fixed in ComOS 4.2 The following bugs are fixed in ComOS 4.2: * The Point-to-Point Protocol (PPP) counters are now always reset when a port is initialized. Previously, incorrectly set counters sometimes caused the second link of a PPP multilink connection to fail. * The default temperatures for the "set shutdown-temp" command have been raised. Boards and modules are turned off at 65 instead of 55 degrees C (149 instead of 131 degrees F). A Simple Network Management Protocol (SNMP) alarm is issued at 60 instead of 50 degrees C (140 instead of 122 degrees F). * Multilink PPP (MLPPP) fragmentation has been disabled. * The "set maximum pmconsole" command now takes effect immediately. Previously, active connections on port 1643 had to be reset before changes would take effect. * The "show session" command no longer returns garbage characters at the end of a 12-character location name. * PMVision now properly backs up passwords of 16 characters. * A secondary RADIUS accounting server, if enabled, now receives all Start and Stop accounting records. * ISDN lines that become available are now quickly identified. * PPP disconnects are no longer lost. * IP pool operation has been improved. * TCP connections now start with a random sequence number. * The Open Shortest Path First (OSPF) protocol now treats local IP addresses as internal rather than external addresses. * The Ether1 interface no longer sends Proxy Address Resolution Protocol (ARP) requests to itself. * The PortMaster 4 now supports alternate redundant Signaling System 7 (SS7) gateways. The following bugs are fixed in ComOS 4.1c1 and ComOS 4.2: * For an ISDN Primary Rate Interface (PRI) with a Net5 switch type, the PortMaster 4 now attempts to activate Layer 2 if it is inactive during a dial-out attempt or when an inbound call arrives, so as not to miss the first call. * A "show isdn" command directed at a Tri E1 board no longer crashes the system. * Communication between a PortMaster 4 Layer 2 Tunneling Protocol (L2TP) access concentrator (LAC) and L2TP network server (LNS) is improved because new sessions can no longer be created while an existing tunnel is being torn down. This former behavior caused the sessions to be stuck in a CLOSING state. * This release improves non-facility associated signaling (NFAS) performance. * Modem performance under high loads is improved through enhancements to the modem driver software. This release improves modem support by fixing the following modem problems: - 3Com modem connections are now more reliable. - U.S. Robotics (USR) Telepath V.34 modems can now establish Link Access Procedure for Modems (LAPM) error correction. Previously under certain conditions, the modem was choosing too high a connection rate and was unable to establish LAPM error correction. The modem code now detects these conditions and forces the connection speed down by one rate to allow LAPM to be negotiated. - For modems with Rockwell Semiconductor Systems (RSS) K56flex chipsets, fast rate changes now work properly. Previously, a retrain was forced after a rate change. (RSS is now Conexant Systems Inc.) - For all modems, retrain detection has been improved to prevent some client disconnections. - In the presence of LAPM retransmission errors, the modem code retrains to allow the link to adjust to a lower speed and improve throughput. - The modem code now suspends LAPM transactions during any rate changes or retrains and thereby eliminates some connection failures, connections without error control, and some disconnections. - Changes in ComOS 4.2 modem and controller code have improved modem handling. ______________ New Features in ComOS 4.2 The following commands and features have been added in ComOS 4.2. For detailed command descriptions and instructions for installing, configuring, and troubleshooting the redundant system manager module (RSMM), see the PortMaster 4 User Manual Addendum. _______ L2TP Improvements ComOS 4.2 adds a new L2TP command and a new L2TP attribute, and supports RADIUS enhancements for authorization, authentication, and accounting of L2TP users. ____ "set l2tp id-for-host" Command This command sets a LAC to report itself using the RADIUS Tunnel-Assignment-ID value instead of its IP address or hostname during tunnel negotiations. set l2tp id-for-host on | off on Sets a LAC host to identify itself by its RADIUS Tunnel-Assignment-ID during tunnel negotiations. off Sets a LAC host to use its hostname or IP address during tunnel negotiations. This is the default. Example: command> set view 3 view set to 3 command 3> set l2tp id-for-host on OK Bearer Type Attribute The bearer type L2TP attribute identifies the type of calling device, analog or digital, being used in an L2TP connection. The LAC sends this information to its L2TP peer (the LNS). The LNS then passes the information to the RADIUS accounting server in the NAS-Port-Type attribute. ____ New RADIUS Attributes for L2TP ComOS 4.2 supports the following RADIUS tunnel attributes and value for L2TP: * Tunnel-Client-Endpoint (66). This attribute contains the address of the initiator end of the L2TP tunnel (the LAC) to identify the tunnel uniquely for accounting and auditing uses. * Tunnel-Password (69). This attribute supports an encrypted password between a RADIUS server and a LAC. * Tunnel-Assignment-ID (82). This attribute enables RADIUS to inform the tunnel initiator (the LAC) about how to assign the session---to a multiplexed tunnel or to a separate tunnel. * Tunnel-Preference (83). This attribute indicates the relative preference assigned to each tunnel if more than one set of tunneling attributes is returned by the RADIUS server. For example, if two different tunnel endpoints are included in the RADIUS attributes, then the tunnel endpoint with the lowest value specified in the value field is given highest preference. For RADIUS to support these attributes, you must be running Lucent RADIUS 2.1 or a RADIUS server with equivalent functionality. If the attributes are not already in your data dictionary, add them as follows: ATTRIBUTE Tunnel-Client-Endpoint 66 string ATTRIBUTE Tunnel-Password 69 string ATTRIBUTE Tunnel-Assignment-ID 82 string ATTRIBUTE Tunnel-Preference 83 integer ____ RADIUS Tunnel Attribute Tags In versions of RADIUS that support this feature, you can now tag all RADIUS tunnel attributes so that ComOS can manage redundant tunnels more easily. The tag field can assign the same ID to each attribute for a particular tunnel server end point to group the attributes and identify the tunnel more clearly. NOTE: Lucent RADIUS 2.1 does not support the tagging feature. _______ Redundant System Manager Module (RSMM) WARNING! To use the redundant system manager module (RSMM) feature, make sure of the following: * Your PortMaster 4 chassis must be Revision C. (Locate the revision letter behind slot 2.) * Both system manager modules must be capable of redundancy. (Verify that the model number on each module ends in "R," or that the label on the shipping box for each module shows a manufacture date after July 1999.) * You are running ComOS 4.2 or later on each module. Earlier ComOS versions can damage PortMaster 4 hardware. For detailed instructions, see the "Installation and Configuration Requirements" section of the PortMaster 4 User Manual Addendum. The redundant system manager module feature prevents or limits downtime of a PortMaster 4 due to a system manager module failure. Two manager modules are installed in the PortMaster 4 chassis---one in slot 4 and one in slot 5. One is the primary manager module, and the other is the secondary. If the primary manager module fails, the secondary manager module takes over. Any failures are reported as SNMP alarms. PMVision(TM) 1.10 supports the redundant system manager module feature. See the PMVision 1.10 release note for more information. ____ Primary Manager Module Selection and Failover The PortMaster 4 uses the following criteria to determine which manager module is primary: 1. A manager module is primary if it does not encounter another manager module for 4 seconds during the bootup process. 2. If two manager modules are booting at the same time, the manager in slot 4 is primary and the manager in slot 5 is secondary. 3. After boot up and once the manager modules have determined which is primary and which is secondary, the secondary manager sends a hello message to the primary manager every second, and the primary manager responds to those hellos. If the primary manager module does not respond to five consecutive hellos, the secondary manager module takes over and becomes primary. The failover process affects PortMaster operation. After failover, the new primary manager module reboots all other modules and boards in the PortMaster 4 chassis. As a result, all callers and network connections to the PortMaster are dropped, and all dynamic routing information is lost. The rebooting process occurs as it normally does on your PortMaster 4, typically in approximately 90 seconds. After reinitialization, the PortMaster 4 begins to take calls and accept routing updates normally. ____ New Commands for the Redundant System Manager Module The following commands have been modified or added so that you can use and test the redundant manager feature. "reboot" Command The "reboot" command has been modified for redundant system manager module support. In addition, three new keywords have been added to enable selective rebooting. reboot [me | system | secondary] * reboot me This command reboots only the system manager module receiving the command. * reboot system This command reboots the entire PortMaster 4 when used on either manager module. * reboot secondary This command reboots only the secondary system manager module when used on either manager module. * reboot When the "reboot" command is used without an argument on the primary manager module, the entire PortMaster 4 reboots. When "reboot" is used on the secondary manager module, only the secondary manager module reboots. "show smm-backup" Command This command shows information about primary and secondary manager modules. show smm-backup Example: Command> show smm-backup System Manager Module Backup Information for slot 4 .My state: Primary My protocol version: 1.0 Non-manager card currently in slot 5. _______ Additional New and Modified Commands ComOS 4.2 also includes the following new and modified commands. ____ "set imt-reject-cause" Command This command sets the cause code to be used when incoming calls are rejected by RADIUS if the call-check feature is enabled. set imt-reject-cause Cause_code Cause_code Value of the reject code, an integer between 1 and 63. The default is 1. ____ "set chapname" Command This command sets the challenge name that the PortMaster 4 uses to identify itself during Challenge Handshake Authentication Protocol (CHAP) negotiations. Previously, the system name was used. This new command enables multiple PortMaster 4 units to act like one system for CHAP purposes if the same CHAP name is set on all of them. set chapname Name Name Name of up to 39 characters. ____ "show bootlog" Command The "show bootlog" command has been modified to include register and version information in the output. Example: show bootlog 000:00:01:21:65 Slot0 - Crash Boot @ 0:19 pm4qt1OS: 4.2 Crash type 3 - Last Proc 0x0 - IP 0x167768 Regs: 00167760 001E7120 00245488 00000000 00210D68 001E7154 00000000 00210D4C 1c4aa7 (8 216 1e7154 0 0 31 206 0) 167768 (245488 210d94 1e7120 1e7154 0 210dac 15b90b 2) 15b4a2 (245488 12df8 ffff000 0 0 0 0 0) 15b8dc (2 1fff28 800 210ddc 210dd8 12df8 ffff000 1) 11ea15 (1bee 14e574 202498 0 0 0 0 0) 11ed5d (1022b9 1bee 0 40 ffff000 ff540 ffff000 a) 10272f (0 0 0 0 0 0 0 0) -- Press Return for More -- 10f0f4 (0 0 0 0 0 0 0 0) ff1e1 (0 0 0 0 0 0 0 0) 0 (0 0 0 0 0 0 0 0) }}} _______ SNMP Enhancements SNMP has been enhanced to better support the PortMaster 4. The Livingston MIB now has additional fields to indicate the slot number of each component so that SNMP information can be easily mapped to physical boards and modules within the system. The MIB also has new tables to provide statistics and error counts for each board. These improvements will help to trace any problems detected through SNMP to the corresponding hardware component within the system. _______ SNMP Alarms Added The following new SNMP alarms have been added to ComOS 4.2: * Address conflict: " is using ." The PortMaster 4 has detected some other node on the Ethernet using an IP address assigned to the PortMaster 4. * External T1 clock source state change for a MUX card: "Slot : {Primary | Secondary } T1 clock { Up | Down }" The alarm tells which slot is providing the external clock signal, whether the clock in question is being used as the primary or secondary clock source, and the new status of the clock, up or down. The following alarms have been added for events related to the redundant system manager module feature. In these alarm descriptions, "slot " can mean either slot 4 or slot 5. Typically, the primary manager is in slot 4 and the secondary manager is in slot 5. * Primary reporting: "Slot becoming primary manager." This alarm is generated when a system manager module recognizes itself as the primary manager module. This event can take place after the bootup decision process or after a failover has occurred. * Secondary reporting: " Slot becoming secondary manager." This alarm is generated when a system manager module recognizes itself as the secondary manager module. * Secondary reporting: "Primary manager in slot failed." This alarm is generated by the secondary manager module after it fails to get a response to its hello messages for 5 seconds---five hello messages are ignored by the primary manager module. * Primary reporting: "Secondary manager in slot failed." This alarm is generated when the primary manager does not receive hello messages from the secondary for 30 seconds. * Primary reporting: "Secondary manager detected in slot ." This alarm is generated by the primary manager module when it detects a secondary manager module in slot n. This alarm conveys the same information as "I'm the Secondary," but it comes from the primary module. * Either manager module reporting: "Can't hear manager in slot." This alarm is generated when the communication between managers has failed. The manager module in slot n determines that the manager in the other manager slot (slot 4 or 5) is still running because it can still detect a heartbeat. _______ RADIUS Authentication Failover Authentication failover allows the PortMaster 4 to dynamically switch primary and alternate RADIUS authentication servers according to their response. Use the following commands: set authentication interval Seconds set authentication failover on | off The first command sets the response interval. The PortMaster 4 sends a RADIUS access-request packet every "interval" number of seconds. If no response is received from the primary RADIUS server, the PortMaster switches or "fails over" to the secondary authentication server. The secondary RADIUS server then is treated as the primary, and is marked with an asterisk (*) in "show global"output. set authentication interval Seconds Seconds A value between 1 and 255. The number of seconds must elapse between RADIUS access-request retransmissions if the PortMaster receives no response. If the primary server does not respond, failover occurs after two times the Seconds value. For example, if "set authentication interval 6" is used, failover occurs in 12 seconds. The default is 3 seconds, and 0 resets the value to the default. The second command enables the failover feature on the PortMaster 4. set authentication failover on | off on If the primary server fails to respond three times in a row, the PortMaster sends the packet to both the primary and secondary servers for the next seven retransmissions. If the secondary server replies before the primary server, the PortMaster switches the primary and secondary servers. Then on the next login attempt, the PortMaster tries the secondary server first. If the secondary server fails to respond three times in a row, the PortMaster sends the packet to both servers and designates the server that replies first as the new primary server. off The PortMaster 4 always tries the primary server first. This is the default. _______ RADIUS Accounting Timers The PortMaster 4 attempts to send each RADIUS accounting packet every "interval" seconds, and sends it the "count" number of times before giving up. If an acknowledgement is received from the RADIUS accounting server, the PortMaster no longer tries to resend the accounting packet. If no acknowledgment is sent from the primary server in response to the last retry packet, the PortMaster sends the packet to both the primary and secondary RADIUS accounting servers. set accounting count Number set accounting interval Seconds Number A decimal number between 1 and 99. The number of times the PortMaster sends a RADIUS accounting packet without acknowledgement from a RADIUS server. The default is 5. Seconds A decimal number between 1 and 255. The number of seconds that must elapse between RADIUS accounting packet retransmissions if not acknowledged by the accounting server. The default is 30 seconds. Use the "show global" command to view the Accounting Count and the Accounting Interval settings. Examples: Command> set accounting count 45 Accounting retry count changed from 23 to 45 Command> set accounting interval 60 Accounting retry interval changed from 30 to 60 sec _______________ Upgrade Instructions You can upgrade your PortMaster 4 using PMVision 1.10, or pmupgrade from PMTools 4.4. Alternatively, you can upgrade using the older programs pminstall 3.5.3, PMconsole 3.5.3, or PMconsole for Windows 3.5.1.4. You can also upgrade using TFTP with the "tftp get" command from the PortMaster command line interface. See ftp://ftp.livingston.com/pub/le/software/java/pmvision110.txt for installation instructions for PMVision 1.10. *** CAUTION! If the upgrade fails, do NOT reboot! Contact *** Lucent NetworkCare(TM) technical support without rebooting. The upgrade process on the PortMaster 4 erases the configuration area from nonvolatile memory and saves the current configuration into nonvolatile memory. Never interrupt the upgrade process, or loss of configuration information can result. This upgrade does not otherwise affect your stored configuration in the PortMaster 4. The installation software can be retrieved by FTP from ftp://ftp.livingston.com/pub/le/software/, and the upgrade image can be found at ftp://ftp.livingston.com/pub/le/upgrades/: ComOS Upgrade Image Product _________ _____________ _______________________________ 4.2 pm4_4.2 PortMaster 4 __________________________________________________________ Copyright and Trademarks Copyright 2000 Lucent Technologies. All rights reserved. PortMaster, ComOS, and ChoiceNet are registered trademarks of Lucent Technologies. PMVision, IRX, PortAuthority, and NetworkCare are trademarks of Lucent Technologies. PolicyFlow is a service mark of Lucent Technologies. All other marks are the property of their respective owners. Notices Lucent Technologies makes no representations or warranties with respect to the contents or use of this publication, and specifically disclaims any express or implied warranties of merchantability or fitness for any particular purpose. Further, Lucent Technologies reserves the right to revise this publication and to make changes to its content, any time, without obligation to notify any person or entity of such revisions or changes. Contacting Lucent NetworkCare Technical Support Lucent NetworkCare Professional Services provides PortMaster technical support via voice or electronic mail, or through the World Wide Web at http://www.livingston.com/. Specify that you are running ComOS 4.2 when reporting problems with this release. Internet service providers (ISPs) and other end users in Europe, the Middle East, Africa, India, and Pakistan should contact their authorized Lucent sales channel partner for technical support; see http://www.livingston.com/International/EMEA/distributors.html. For North America, the Caribbean and Latin America (CALA), and Asia Pacific customers, technical support is available Monday through Friday from 7 a.m. to 5 p.m. U.S. Pacific Time (GMT -8). Dial 1-800-458-9966 within the United States (including Alaska and Hawaii), Canada, and CALA, or 1-925-737-2100 from elsewhere, for voice support. Otherwise, send email to support@livingston.com (asia-support@livingston.com for Asia Pacific customers).