This is the documentation for the 20.02 version. Looking for the documentation of the latest version? Have a look here.
TNSR 19.02.1 Release Notes¶
About This Release¶
This is a maintenance release for TNSR software version 19.02 with bug fixes and Azure support.
For more information on changes in TNSR version 19.02, see TNSR 19.02 Release Notes.
TNSR is now supported on Azure 
Fixed a problem with removing MAP entries after restarting TNSR 
Attempting to create an ACL containing only a description fails 
Workaround: Define one or more rules on the ACL.
Attempting to change a BFD local/peer address fails 
TNSR does not send BGP updates without restarting service with
redistribute from connectedoption 
0.0.0.0does not appear in TNSR route table 
BGP sessions may fail to establish or rapidly reconnect when receiving more prefixes than defined by
maximum-prefix restartcommand does not work 
TNSR installs multiple paths for received routes even though support for multiple paths is not enabled 
systemctl reset-failed frrfrom the shell to clear the error which will allow the BGP service to start again.
update-sourcefrom an IP address to
loop1allows a session to establish but remote prefixes do not appear in the FIB until reboot 
IPv6 BGP neighbors get entered as
import-checkfeature does not work 
show route tablecauses the backend to die with large numbers of routes in the table 
For example, this crash happens with a full BGP feed.
service dataplane restartcan cause clixon_backend to lose its configuration 
The DHCP server does not function if an interface is configured as a DHCP client 
Corrected in the next release under development (19.05).
DHCP server uses default VPP interface IP address (169.254.0.x) as a source address for DHCP packets and as a DHCP Server Identifier 
Adding a DHCP reservation without a MAC address causes Kea to fail and the entry cannot be removed 
Workaround: A MAC address is required for DHCP reservations, so always enter a MAC address when creating an entry.
Configuring Kea to log all names with
*does not work 
Workaround: Configure each name separately instead of using a wildcard.
Local zone FQDN handling for forward (A) and reverse (PTR) data is inconsistent, only allowing one or the other to work as expected for a given FQDN 
HTTP Server / RESTCONF¶
nginxdoes not behave as expected with
authentication type noneand TLS 
This mode is primarily for testing and not production use.
Workaround: Use password or certificate-based authentication for RESTCONF.
HTTP server runs even though it’s not configured to run after TNSR services restart 
Workaround: Manually stop the
RESTCONF get of
/restconf/data/does not properly return state data 
RESTCONF query replies may contain CDATA tags in JSON 
Adding an ACL rule entry via RESTCONF may appear to add a duplicate ACL 
Loopback interface responds to ICMP echo from an outside host even when in a Down state 
Unable to delete an interface if has had an ACL or MACIP applied [1177, 1178]
Workaround: Remove the entire ACL or MACIP entry. Then, the interface may be removed.
MACIP ACL remains in the interface configuration after being removed 
Bond interfaces in LACP mode will send LACPDUs even when configured for passive mode 
Non-LACP bond interfaces may experience packet drops when a bond member interface is down 
MAC address change on tap interfaces may not be reflected in the dataplane until the dataplane is restarted 
Workaround: Restart the dataplane after changing an interface MAC address.
MAC address change on bond interfaces may not be reflected in the dataplane until the dataplane is restarted 
Workaround: Set the MAC address when creating the bond interface.
VLAN tag rewrite settings are only available in subinterfaces 
Packets do not pass through a subinterface after the subinterface configuration has been modified 
QinQ VLAN termination is not working 
ARP replies received from another host on a VLAN subinterface are not processed correctly 
An IPsec tunnel which was removed and then added back in may take longer than expected to establish 
Permitted default read and write operations cannot be executed if default exec policy is set to
twice-natdoes not work 
NAT mode is not deleted from VPP startup configuration after TNSR services restart 
NAT forwarding is not working for
NAT static mappings are not added as expected when only the
port-localvalue differs 
NAT static mapping with defined ports leads to
clixon-backendcrash after restart 
DS-Lite is not functional; B4 router sends encapsulated IPv4-in-IPv6 packets, but AFTR replies with an error 
DS-Lite B4 endpoint is not shown by
show dslitecommand 
Unable to view a list of NAT sessions [975, 1456]
Deleting a non-empty route table fails with an error and the table remains in the configuration, but it cannot be changed afterward 
Workaround: Remove all routes from the table before deleting. Alternately, copy the running configuration to startup and restart TNSR, which will make the route table appear again so the routes and then the table can be removed.
When deleting a user key from the running configuration it is not removed from the user’s
Workaround: Manually edit the
authorized_keysfile for the user and remove the key.
For issues, please contact the Netgate Support staff.
Send email to firstname.lastname@example.org
Phone: 512.646.4100 (Support is Option 2)