Tip

This is the documentation for the 24.06 version. Looking for the documentation of the latest version? Have a look here.

TNSR 20.10.1 Release Notes

About This Release

This is a maintenance release for TNSR software version 20.10 with bug fixes.

Warning

For more information on changes in TNSR 20.10, including important information about upgrading from versions prior to TNSR 20.10, see TNSR 20.10 Release Notes.

Warning

TNSR Home+Lab installations cannot be updated. Reinstall with TNSR Business or install a new version of TNSR Home+Lab. See Configuration Backups for information on backing up and restoring configurations.

Note

TNSR Home+Lab users can keep running their existing version and update only the operating system components as needed.

All versions of TNSR, including Home+Lab, can update the operating system even without the TNSR update certificate in place. Only TNSR-related packages require authentication to update.

Changes

DHCP Server

  • Fixed: Unable to set value for a custom DHCP option [4917]

  • Fixed: DHCP Server client reservations cannot be removed [5166]

Dataplane

  • Changed: Remove IP heap startup configuration and add main heap configuration [5163]

  • Changed: Fix VPP default interface names for DPDK-managed Mellanox ports [5164]

  • Fixed: Dataplate per-node-counters option cannot be enabled [5168]

SNMP / IPFIX / Prometheus

  • Fixed: IPFIX NAT logging reports internal FIB index instead of VRF ID [5067]

  • Fixed: IPFIX sends an incorrect value in NAT Quota Exceeded event [5135]

  • Fixed: Configuration changes stop Prometheus feed [5181]

Known Issues

ACLs

  • Output ACLs do not work with directly connected IP addresses [2057]

  • DHCP responses blocked by TNSR input ACLs since reflect on output ACLs does not work for DHCP requests [3570]

BFD

  • Unable to setup “delayed” option for an existing BFD session via REST [2709]

  • IPv6 session is not restored when virtual direct link gets disabled/enabled [4916]

Bridge

  • Bridge domain ARP entries not displayed via CLI [2378]

  • Bridge domain ARP entry cannot be removed via CLI [2380]

  • Bridge domain mac-age cannot be removed via CLI [2381]

CLI

  • CLI does not always return from a shell prompt [2651]

  • Deleting the startup_db does not fully remove the active configuration [3723]

Dataplane

  • RESTCONF query fails to TNSR interface with >1 worker thread when NAT is active [2031]

  • Binary API times out in some dual NUMA environments [2383]

  • Link state is always up when using e1000 network drivers [2831]

  • VPP service does not start if an interface name uses a reserved keyword [3234]

  • Cannot create rx-queues for interfaces on KVM and VirtualBox [3674]

  • DPDK does not work with Mellanox ConnectX-3 drivers [3781]

  • VPP service crashes on attempt to connect to Azure TNSR VM or perform a REST request [3850]

DHCP Server

  • CLI incorrectly offers option to delete mac-address from DHCP host reservations [5203]

General

  • Non-root users cannot access the FRR log file [4826]

Host

  • Cannot remove an IP address assigned to a host interface during the installation process via TNSR CLI [3013]

  • Cannot configure the default gateway for host namespace via TNSR CLI [3702]

  • VRF interface for a custom route table persists in the operating system after restarting services [4866]

Host Netfilter

  • Sequence numbers displayed in state data for host ACLs do not match the configuration database [4789]

IPsec

  • IPsec tunnels take much longer than expected to be marked down when connectivity to the peer is interrupted [3533]

Installation

  • When installing TNSR via iDRAC Virtual Media redirector the text installer screensaver starts in before the installation can complete [3182]

  • Software selection in the installer changes after network configuration [3834]

Interfaces

  • Packets do not pass through VLAN subinterface after subinterface configuration has been modified [1612]

  • VLAN subinterfaces do not work with virtio network drivers on KVM [2189]

  • Unable to set IPv6 link-local address on an interface [2394]

  • Configuration of host OS interface clears TNSR TAP interface configuration [2640]

  • Unable to create subinterface with dot1q “any” tag [2652]

  • Subinterface settings aren’t applied on change without restarting dataplane [2696]

  • Invalid routes remain in table when next-hop IP address is no longer directly connected [3161]

  • TX queues utilized based off RX queue count [3624]

  • Unable to set a TAP object as part of a host bridge [4427]

  • Unable to delete a MAC address explicitly set for the TNSR side of a TAP interface [4433]

  • RESTCONF interfaces-state response contains “host-namespace”: “(nil)” value in tap-table, when the namespace is specified as “host” [4867]

  • Jumbo frames do not pass on vmxnet3 adapters [4891]

  • Interface subnet routes are left within VRF route table after detaching interface from that VRF [4949]

  • Interface subnet IPv6 route is left within default route table after attaching interface to a custom VRF [4950]

  • Conflicting IP addresses remain on interfaces after VRF deletion [5035]

  • Restoring a configuration database with named interfaces requires loading, restarting the dataplane, then loading again [5144]

Memif

  • Unable to connect to memif interface using default socket [4448]

NAT

  • Twice-NAT does not work [1023]

  • NAT interfaces drop packets that do not match existing NAT sessions or static NAT mappings [1979]

  • 1:1 NAT drops packets with ttl=2 from inbound interface [2849]

  • VPP fails on DS-Lite AFTR router when packets from B4 are being received before pool is configured [3024]

  • Clixon service fails when deleting dslite-ce role [3030]

  • Reassembly timeout isn’t working when full IP reassembly is configured [3269]

  • Shallow virtual reassembly cannot be disabled when it is implicitly enabled by other features [3361]

  • Second fragment of a packet is not virtually reassembled when max-reassemblies is set to 1 [3384]

  • Full IP reassembly does not work with MAP [3386]

  • MAP-T: bogus zeroes when translating short IPv4 to IPv6 [3460]

  • NAT pool route table option only available when specifying a range [3628]

  • Packets larger than 2034 bytes are dropped when performing IPv4 to IPv6 MAP translation [3742]

  • MAP-T domain usage causes IPv6 traffic class value to always be copied from IPv4 ToS value [3774]

  • TCP MSS value is not applied to IPv4 packets when IPv6 to IPv4 decapsulation is performed on MAP-E BR [3783]

  • MAP does not relay IPv6 ICMP error messages to IPv4 [3809]

  • Deterministic NAT mode prevents local clients from communicating with local services on TNSR [4356]

  • Deterministic NAT mappings in the configuration database prevent the dataplane from starting when switching to endpoint-dependent mode [4371]

  • NAT static mappings for ICMP do not work [4373]

  • NAT static mappings for TCP/UDP protocol on “any” port result in translation for port 0 instead [4384]

  • NAT static mappings assume external port 0 when port is omitted [4432]

  • Deterministic NAT users experience sluggish performance and lag on video calls [4492]

  • Unable to verify NAT sessions in deterministic mode [4562]

  • Default NAT session timeouts do not work in endpoint-dependent mode [4600]

  • NAT forwarding does not work in deterministic and simple modes [4604]

  • VPP service fails on receiving packet when NAT simple mode along with static-mapping-only option is configured [4610]

  • Packets that aren’t destined to NAT pool are dropped when NAT simple mode with out2in-dpo option is configured [4927]

  • Ping to outside NAT interface produces a NAT session when forwarding is disabled [4960]

NTP

  • NTP does not properly handle IPv6 restrictions [4626]

Neighbor / ARP / NDP

  • Packet loss during ARP transactions [2868]

  • The MAC address of a static IPv6 neighbor cannot be changed [4454]

RESTCONF

  • Adding a user via RESTCONF requires a password even when providing an ssh key [2875]

  • RESTCONF “pretty-printed” JSON contains incorrect indentation [3521]

  • OSPF interfaces are not validated when configured via RESTCONF [3528]

  • Cannot change GRE tunnel type to or from ERSPAN via RESTCONF [4353]

Routing

  • Changing default metric for OSPF server does not result in update on other routers [2586]

  • CLI shows that only IPv4 prefix is available within prefix-list sequence configuration [2689]

  • OSPF RIB is not updated when the ABR type is changed between standard and shortcut [2699]

  • BGP updates for new prefixes ignore the advertisement-interval value and are sent every 60 seconds [2757]

  • RIP “timeout” timer does not work [2796]

  • ttl-security hops value can be set when ebgp-multihop is already configured [2832]

  • BGP session soft reset option does not work for IPv6 peers [2833]

  • extended-nexthop capability isn’t being negotiated between IPv6 BGP peers [2850]

  • Unable to verify received prefix-list entries via CLI when using ORF capability [2864]

  • BGP network backdoor feature isn’t working without service restart [2873]

  • BGP next-hop attribute aren’t being sent unmodified to the eBGP peer when route-server-client option is configured [2940]

  • BGP listen range option disappears from active FRR configuration after restarting BGP [3043]

  • Unable to verify dynamic BGP peer information from TNSR CLI [3044]

  • Unable to delete OSPF3 config for an interface [3481]

  • Error occurs when using “match ipv6 address <acl_name>” in route-map configuration [3619]

  • Change made to a prefix-list used in a OSPF3 route-map doesn’t affect redistributed routes [3644]

  • TNSR does not prevent creating static routes for directly connected networks [3813]

  • OSPF conditional default route injection does not work [3846]

  • Unable to verify received routes when high number of routes received via BGP [3918]

  • Cannot disable IPv4 in BGP [4399]

  • FRR prefix list synchronization lost after dataplane restart [4456]

  • TNSR allows OSPF network type for a loopback interface, which is rejected by FRR [4800]

  • Unable to set a custom path for the FRR log file [4825]

  • Unable to verify BGP session information when BGP is configured for the non-default VRF [4966]

  • Static routes in custom VRFs are not available to FRR [4975]

  • Invalid IPv6 routes are shown when searching by prefix [5033]

  • TNSR responds to IPv6 Router Solicitation messages with default Router Advertisement when not configured to do so [5097]

  • TNSR resolves output interface via default routing table when VRF static route is configured without interface name [5134]

SNMP / IPFIX / Prometheus

  • SNMP does not accept changes made using a write community [2567]

  • Restarting SNMP daemon causes NMS software to report a device reboot [3901]

  • SNMP results are returned at approximately 3 per second [4670]

  • RESTCONF returns an incorrect response code when removing IPFIX destinationIPAddress [5045]

  • Configuring IPFIX collector address to directly connected host in Azure causes continuous VPP crash [5117]

Tunnel Protocols

  • Changes to an existing VXLAN tunnel configuration do not apply until the dataplane is restarted [1778]

  • Unable to modify GRE tunnel settings [2698]

  • TNSR IPv6 interface address does not appear in traceroute when next-hop is IPsec tunnel interface [5178]

VRRP

  • VRRP cannot change the MAC address on ixgbevf interfaces [4551]

clixon

  • Clixon allows invalid prefix lists [3603]

  • log_upgrade does not print cxobj paths correctly in tnsr-upgrade.log [4747]

httpd

  • Clients receive an SSL certificate error when querying the HTTPS server if it uses a certificate with an MD5 digest [2403]

  • HTTP server retains its configuration after restarting TNSR services [2453]