Release notes from Factory release 1.08.001 to Factory release 1.10.001

BGP

• Vendor specific SNMP for BGP status

CQM

• Correct for rare race condition leading to multiple graphs of same name

DHCP

• Clear DHCP command now allows range/prefix to clear multiple entries
• Option to kill a DHCP allocation from web interface (DHCP status) now
• Change handling of BOOTP to operate as a REQUEST not DISCOVER so causing allocation of lease

Flash

• Avoid flash fragmentation by deleting old images if necessary before saving new image.

L2TP

• Internal change to RADIUS handling to reduce risk of watchdog under heavy load
• Updated RADIUS to abort authentication request if session closed to reduce load if slow auth replies
• Better "clear l2tp all", depending on speed of RADIUS accounting
• Vendor specific SNMP for L2TP status
• Added min-retry as a minimum session time before retrying an outgoing L2TP connection (default 10 seconds)
• New platform RADIUS logic

Shaping

• Fix incorrect handling of (legacy) tx-interval on shaper

SNMP

• SNMP now has extra logical interfaces which are all named shapers in order, including relevant stats for a shaper.

Release notes from Factory release 1.06.004 to Factory release 1.07.001

• Does not auto update and reboot if in factory reset recovery state

CLI

• New show routes command not BGP specific
• Show dhcp command layout fix

DHCP

• DHCP client sets /32 routes for DNS servers provided

L2TP

• Pressing a key on telnet command "clear l2tp all" stops clearing lines.
• Increased L2TP neg slots to 1024
• Support for RADIUS Framed-IP-Netmask mapped to L2TP PPP IPCP NETMASK (144)
• L2TP client mode asks for DNS on PPP
• Config change was unnecessarily restarting some L2TP sessions
• L2TP failed tunnel timout reduced from 5 minutes to 1 minute
• L2TP error response on duplicate tunnel ID to try and manage restart case better
• Better logging of unexpected L2TP SCCRQ
• Issue with L2TP clients when no hostname and no local system name configured

Web control pages

• Using web interface diagnostics/routing could cause a crash
• Showing associated routes on subnets, dongles, PPPoE, etc.

Release notes from Factory release 1.05.001 to Factory release 1.06.004

• Added memory usage to one second stats
• Possible obscure issue with DHCP server code fixed - probably only when default dhcp server user (i.e. ip not set)
• Added new show status command on telnet, and reformatted web status page
• Ethernet port status shown on FB6000 now

CQM

• Bug if graphs trying to scale to just under 4Gb/s, showed scaled at bottom end in error. Fixed.
• Not including old (off screen) rate changes in max scale on graphs

DHCP

• Additional options in DHCP client
• Changed DHCP server to serve bricks IP as DNS server allowing it to relay, unless explicit servers set in config

Ethernet

• Changed autoneg setting on ethernet ports to default to false if manually setting speed or duplex and not 1G

L2TP

• Changed L2TP logging so relay sessions have same logging as incoming session at the time
• L2TP config change was clearing tunnels if not using a hostname setting
• Changed logic for logging L2TP to try and ensure relayed sessions log correctly
• L2TP relay was dropping first packets exchanged
• Periodic RADIUS accounting was incorrectly showing timestamp less any current dropped packets which could cause a slight discrepancy
• Change of field name (username) not preserving old field (user-name) in l2tp-relay, fixed

Logging

• Log email sending retry logic changed
• Added much more debug for log-debug for logging email sending

Ping

• Ping graphs can now use a host name

PPPoE

• Default if no route= set to also set /32s to DNS servers as well as default route

RADIUS

• L2TP RADIUS for PAP was using cleartext password as message auth (16 byte), changed to random.

Syslog

• Added additional information to emailed logs

VRRP

• Deleting an interface which VRRP master caused a crash

Web control pages

• Improved lists of objects with sub objects present in config editor
• General change to css, layout and menus, and new options for menu/banner controls
• Extra information on DHCP client status page (subnets)
• Change to allow you to stay logged in when clock first sets
• Home page shows if system name is not set is this really should always be set, but is not actually a mandatory field

Release notes from Factory release 1.03.001 to Factory release 1.05.001

ARP

• Internal adjustment to queued packets waiting on ARP

BGP

• Stopped announce of FE80::/10 when subnet has bgp="true"
• No longer logging full BGP packet when discarded due to !allow-own-as or allow-only-their-as
• Added additional per peer counters for ignored and filtered incoming updates

CLI

• The show flash log command is now available to admin users
• Added new command line to clear data pages in flash

Diagnostics

• Tidy up the traceroute command to allow more than one attempt per hop, and some bug fixes
• Access list check (command and web UI)

Documentation

• Started work on addition information on config documenation

Factory default

• Made factory default have local-only set true on http access

FB105-config

• Various corrections to config convertor for latest releases
• Improved fb105 config conversion for VLAN handling

Logging

• Possible fix to issue causing occasional unexplained crashes
• Bug where viewing logs on web pages could cause crash, fixed
• Removed hex dump debug log of DHCPv6 - as cluttred interface debug logs and better done using pcap

PPPoE

• Additional logging of PPPoE PAP/CHAP response message even if failed

Services

• Added new access check for local-only on services. IMPORTANT - defaults to true for telnet, dns, timed, so you will need to set to false if you want remote access to these

SNMP

• snmp was not access locked to routing table, fixed

Web control pages

• Removed WebSite link as caused confusion, and made footer have link to FB website
• Added configurable links on home page and fb105 conversion
• Added optional CSS URL allowing customisation of control pages
• Added ping/traceroute on web interface
• Ping and traceroute now separate diagnostics
• Show route now on web diagnostics menu
• Web config edit has more information shown now, and change to some spacing.
• Missing titles on lists of blackhole and nowhere routes

Release notes from Factory release 1.01.002 to Factory release 1.03.001

• TCP floods (e.g. http) could cause crash, fixed

Config

• Changed default config - using LAN and WAN as interface and port group names and added more comments

L2TP

• Changed to not debug log PAP passwords at all, but showing length of data sent (so length of password)

Logging

• Documentation updated, and console log off/on commands now TROFF and TRON
• log-starts logs start and stop of stats logging
• Occasional crash in logging when lots of information is logged.

Profiles

• Changed wording on logs for inverted profiles

Routing

• Possible issue with watchdog failure being addressed

Web control pages

• Heading on web logs saying which log report shown
• Subnets listed in order
• Icons redrawn
• Changed page title to list name before serial
• Manual s/w upgrade looks nicer now
• Graph names as text on graphs list to allow searching in browser
• Corrected icons for rule-set
• Tweak factory reset menu
• Additional per second stats for http access counts
• Adjust timing on status check to try and ensure we see new s/w first time

Release notes from Factory release 1.00.001 to Factory release 1.01.002

Config

• Increase internal storage for config by 33%
• Password now mandatory on user field, and error if blank and not using OTP
• Added extra notes on localpref to explain highest value wins
• Minor change to wording on web config
• Added <blackhole.../> and <nowhere.../> as explicit routing objects rather than using <route.../> with no gateway.
• as-path only on network object as was not in fact functional on route object
• IPv6 addresses use lower case when output as a config view.

DHCPv6

• Rebind handling corrected (was being ignored)

Documentation

• Corrected description of interface object

FB105-config

• Timezone fixes on config convertor

L2TP

• Fixed DHCPv6 issue on L2TP which was only working on session numbers below 4096
• Incorrect logging of LCP Init Rx, Last Rx, and Last Tx, fixed
• Improved logging where incorrect length proxy challenge or response received on L2TP connect
• Added extra checking on L2TP packets where hidden fields could encode invalid length
• Made error for bad hidden field length non fatal - investigating how this is happening
• Hidden fields stopped working on L2TP tunnels after two config changes after tunnel was established, fixed
• Some internal rework of L2TP code, and answering ICMPV6 router solicitations over L2TP
• Adjusted IPv6 RA for L2TP - now send periodically if IPv6 router solicitation previously received
• Logging of CHAP accept/reject showed wrong length (correct length was being sent)

Logging

• Adjusted email log sending to use CR+LF on all contents lines as per RFC2821, rather than just LF as is convention on linux system
• Fix for rare case causing crash after emailing a log.
• Email has boot date/time in text at top now
• Emailed logs were re-sent on every config change, fixed
• Changed syslog to use UDP non encrypted RFC5424 logging with microsecond precision. Affects all log lines as module name added
• Added option to specify source IP for syslog messages

pcap

• Added more useful error messages for malformed pcap requests
• Can now use pcap to log l2tp session from the start based on calling line id, see documentation for details
• PCAP giving better error messages

Ping

• Ping setting on interface was not always starting the pings, and not stopped when config removed. Fixed

Profiles

• Changed logic so "or" profile with no other settings and none of the "or" profiles match will fail not pass.
• Corrected timeout/recovery logic
• Added initial-state option on profiles
• Profiles tracking ppp did not spot if a PPP went off because it was itself turned off by profile config
• Changed logging for profiles so "still active" and "still inactive" logs are log-debug now

Routing

• Correctly sending ICMP errors for dead end routes
• Routing loop detection improvements
• Minor change to internal routing/ARP cache functions to test a specific bug report.

TCP

• TCP test port (4242) removed
• Increased number of active TCP sessions

VRRP

• VRRP use-vmac default changed to true

Web control pages

• Changed headings on config edit boxes
• Changed the sequence when downloading new code
• Automatically redirects to status page after a short delay when new s/w loaded
• Less margins on web pages
• Changed breadcrumbs in UI to use :: not : as spacing, consistent with website
• Slight changes to layout of software upgrade pages
• Made breadcrumbs larger and easier to read

Release notes from Factory release 0.02.001 to Factory release 0.06.001

• Factory release
• PPP DHCPv6 prefix delegation for initial testing (no DNS yet)
• Faster reboot time
• Sending DHCPv6 DNS responses as well
• config load crashing if FB105 routes on dead tunnel
• fb105 config causing config edit problem
• DHCP server error recently introduced now fixed
• Fixed DHCP client, and reqworked some ARP/ND code
• Slight changes on IPv6 ND timeouts when no response, and also on IPv6 RA options for M and O bits
• Corrected ARP issue introduced in previous version
• Some significant internal changes, but main impact is subtle changes to subnets are now picked up correctly, and you can set gateway=' on a dhcp client to not pick up a gateway now
• Minor tweaks on DHCP server side
• Changed config main page layout, tweak to hopefully fix CQM average latency, additional debug added
• New status reports on web admin pages, more to come
• minor tidy of new status pages
• Issue with handling of some reply packets fixed, e.g. DNS resolver function
• Changes to IPv6 ND handling for FE80::/10 LL addresses, was affecting windows machines
• Session tracking on web interface
• Changed source to source-ip in profiles for pinging. Some prototype web config not finished let. Added profiles to FB6202.
• Minor changes to screen layout and graphics
• Added new experimental web config editor (for users set to level DEBUG) for testing/feedback
• Web config initial release
• IE6 fix for checkboxes
• Candidate factory release. Also, IPv6CP timeout on PPP.
• Factory release candidate - new web config
• Web config not working on all variants, fixed
• Tidy up of some web config and added profiles to subnets
• Slight alteration for session tracking and firwalling to an interface where there is no route to host, should mean fewer lingering sessions. Also added special interfaces to web config.
• Slight alteration for session tracking and firwalling to an interface where there is no route to host, should mean fewer lingering sessions. Also added special interfaces to web config
• Factory release candidate
• Test

Authentication

• OATH/OTP login feature added
• OATH/OTP update - lockout after failed attempts, etc

L2TP

• Minor update to tunnel MTU on relayed L2TP
• Checking fixed on DHCP via L2TP/PPP interface, caused fatal error before
• Minor change to an L2TP parameter for GGSN use

VRRP

• Change to handle unexpected VRRP packet via no ethernet interfaces

Web control pages

• New web based status functions started, subnet list is only one so far
• Various minor UI changes

No changes reported for this release note.