A printable plain text version is also available.
Date: Tue, 2 Apr 2002 18:23:05 -0500 (EST)
From: ImageStream Support 
Subject: (SUPPORT) Enterprise Linux 4.0-beta4 for routers available

Version 4.0-beta4 of ImageStream's Enterprise Linux is now available as an
open beta for all ImageStream router customers.

This software release is provided at no charge to all ImageStream
customers.  Version 4.0-beta4 is highly recommended for all customers,
especially those who wish to test the new functionality before the general
availability release of Version 4.0.

VERSION 4.0 RELEASES ARE BASED ON THE LINUX 2.4 SERIES KERNELS.  LINUX 2.4 USES
iptables AS A PRIMARY TOOL INSTEAD OF ipchains.  WHILE ipchains IS PROVIDED FOR
BACKWARDS COMPATIBILITY, ALL CUSTOMERS ARE STRONGLY ENCOURAGED TO USE iptables
WITH VERSION 4.0 RELEASES.

This release note documents commands and features added between Version
4.0-beta1 and Version 4.0-beta4.


----------------------------


New Features in Version 4.0


Filesystem Layout Change

Version 4.0 simplifies the filesystem layout.  All binaries are now located in
/bin. The /sbin, /usr/bin, /usr/sbin, /usr/local/bin, and /usr/local/sbin
directories are symbolic links to /bin.  Similarly, all libraries are now in
/lib. The /usr/lib and /usr/local/lib directories are symlinks to /lib.


Menu Navigation Improved

Version 4.0 includes a new version of menuEngine.  In addition to navigation by
number in the menu, menu options are highlighted and may also be navigated by
use of the arrow keys.  The new version is also more efficient.


SAND Version 3.5.1 Included

ImageStream's SAND Version 3.5.1 release is included in the Version 4.0-beta4
release.  Version 3.5.1 is the development branch of Version 3.4.0.  Version
3.5.1 includes beta support for GRE tunnelling. See the release notes for
Version 3.4.0 for more information about the SAND Version 3.4.0 software
release.  This SAND release corrects a timeslot allocation issue with fractional
E1 support with the WANic 600 series cards. SAND 3.4.0 also corrects an internal
clocking problem with the WANic 520 series serial cards.


router-utils Package Includes Time Configuration Utility

Version 4.0-beta4 includes a "set_time" utility available from the command line
to configure localtime for the routers.  This utility is also available from the
Configuration and Update Menu under the Global Configuration submenu.


router-utils Package Includes Serial Console Configuration Utility

Version 4.0-beta4 includes a /etc/sconsoled.conf file available from the command
line and menu to configure the serial console port for modem or terminal
connections.  This utility is available from the Configuration and Update Menu
under the Service Configuration submenu.


IPSec/FreeSWan Package Added

Linux FreeSWan, the IPSec VPN package, is included in Version 4.0.  The current
version of FreeSWan also supports opportunistic encryption.


IP-Takeover Package Added

ImageStream routers can now be configured in a fault-tolerant, high availability
setup from the command line using IP-Takeover.  IP-Takeover provides less than
50 ms switchovers in the case of a primary router failure.  The failover
software is similar to other software failover implementations, such as Cisco
Systems (R) Hot Swap Router Protocol (HSRP), in that it does not provide for
switching of physical cabling. Separate, relay-based devices are required for a
full failover setup.


Quality of Service Package Updated

The bandwidth limiting front-end for quality of service has been updated in
Version 4.0.  The new bandwidth limiting script supports additional options and
interfaces directly with the command-line "tc" utility. Bandwidth limiting
commands are translated into tc commands and stored in /tmp on the router.


GateD Dynamic Routing Package Updated

The GateD dynamic routing program has been updated for Version 4.0.  The
interactive interface to gated, gii, now is only available on through a direct
connection on the router (localhost) and ipchains/iptables rules are not
required to block outside access.  The "show bgp summary" and "show bgp peeras "
commands now also reflect the number of route announcements sent to and received
from each peer.


Boot Times Significantly Reduced

Version 4.0-beta4 contains an efficiency update to the router boot procedure.
Routers running Version 4.0-beta4 should boot approximately 50% faster than
under previous versions.


OpenSSH Upgraded To OpenSSH 3.1p1

The version of OpenSSH included in Version 4.0-beta4 addresses recent security
advisories.  Version 3.1p1 included with this release does not allow users to
pass environment variables to login when "UseLogin" is enabled and is not
affected by the "Off-by-one error in the channel code" advisory.


Base-libraries Package Updated

The version of the Base-libraries package included in Version 4.0-beta4
addresses a vulnerability in the zlib compression library.  Although no exploits
for this issue are known to exist, this potentially serious vulnerability has
been patched in this release.


Base-networking Package Updated

The version of the Base-networking package included in Version 4.0-beta4
addresses a buffer overflow vulnerability in the netkit utilities for ping, ftp,
telnet, in.telnetd and inetd.  Previous versions of netkit used by ImageStream
are not vulnerable, but the programs have been updated as a precaution.


net-snmp Upgraded To Version 4.2.2

The version of net-snmp included in Version 4.0-beta4 addresses multiple
vulnerabilities in trap and request handling in version 1 of SMNP. Although no
exploits for this issue are known to exist, this potentially serious
vulnerability has been patched in this release.


Backup Flash/Restore Flash Options Added To Menu

Previous Enterprise Linux versions omitted "Back configuration up to flash" and
"Restore configuration from flash" menu options.  These options were previously
available only from the command line but have been added to the menu as well in
Version 4.0-beta4.


Memory Test Boot Option Added

Version 4.0-beta4 adds a "Memory test" option to the router boot menu.
Selecting this option from the boot menu will load a memory testing program that
automatically examines the RAM installed in the router for any physical problems
or errors.  A thorough memory test may take several hours to complete, so this
boot option is recommended for use during maintenance windows and for routers
able to be removed from service for long periods of time.


Ethernet Transceiver Diagnostic And Setup Utility Added

Version 4.0-beta4 contains a set of utilities used to report the link status and
modify the configuration of Ethernet ports.  The MII register diagnostic utility
reports Ethernet link status as read from the MII transceiver management
registers.  A facility is also provided to force various link speeds and duplex
settings on and Ethernet port.  All 10/100 Ethernet cards, including integrated
ports, may be configured with this utility.  Valid settings include 10 or 100
Mbps, full- or half-duplex and forced or automatically negotiated
configurations.  The "setmiiregisters" script is available from the Service
configuration menu or from the router's Bash shell.


Restore Router To Factory Defaults Menu Updated

The "Restore router to factory defaults" menu now provides additional status
information and prompts users to press enter/return before returning to the
menu.  The change allows for easy confirmation that the router has been
successfully reset to the factory defaults.


----------------------------


Bugs fixed in Version 4.0


The following bugs have been fixed in Version 4.0 (including 3.0-beta releases):


Kernel Logging Program Not Started By Default

Previous Enterprise Linux versions started the system message logger (syslogd),
but not the kernel message logger (klogd) by default. Beginning with Version
4.0-beta2, klogd is also started by default.


Quality Of Service Backwards Compatibility Issue

Version 4.0-beta1 inadvertently excluded the original "bwlimit" script included
in previous versions.  Version 4.0-beta2 includes this utility for backwards
compatibility.


Workaround For Cisco IOS Bug in BGP Added to GateD

Certain versions of the Cisco IOS accept and propagate invalid routing
information.  This behavior is in violation of the BGP RFC, and causes
RFC-compliant devices, including ImageStream routers, to properly drop peering
sessions.  When affected Cisco routers are upstream of an RFC-compliant device,
this can cause a loss of connectivity for the downstream router.  ImageStream
has patched GateD to log an error and ignore invalid route announcements in
these situations.  Peering sessions will no longer be automatically terminated.


Gated Display Of "checkconf" Output At Boottime Requiring User Intervention

Gated no longer displays the output of the "checkconf" command at boottime.
Previously, incorrect configurations could cause the router to require user
input at the console to continue the boot process.  Beginning with Version
4.0-beta2, the checkconf output is no longer displayed at boottime.


Gated Menu Options Fixed

Earlier Version 4.0 releases failed to correctly reconfigure Gated after
configuration changes were made from the router menu.  The OSPF configuration
option in the router menu also failed to open the gated.ospf file.  Version
4.0-beta4 corrects these behaviors.


Various Aesthetic Changes To Menu Options

Version 4.0-beta4 fixes small typographical errors in all of the router menus,
and adds clearer descriptions of several menu items.


Console Configuration File Fixed

The console configuration file in earlier Version 4.0 releases has been replaced
with a non-binary version.  The default values used for the console control
program were not affected, but users can now reconfigure the console control
program properly.


----------------------------


Limitations and Upgrade Instructions


*** NOTE! If the upgrade fails, do NOT reboot! Contact ImageStream's
Technical Support without rebooting. ***


Limitations

Upgrading to Version 3.0 or later requires the following:

1. 64 MB of RAM or higher.
2. 32 MB of flash.
3. 300 MHz processor or better.
3. Enterprise Linux Version 2.3.2 or higher.

The upgrade utility will not install Version 3.0 if memory and flash
requirements are not met.  Users can contact ImageStream to purchase a
RAM, processor or flash upgrade.

Users running an Enterprise Linux version less than 2.3.2 must upgrade
before Version 3.0 will be available from the Update menu.  Upgrading any
version prior to 2.3.2 will automatically be upgraded to 2.3.2.  A second
upgrade will be required to install Version 3.0.

The upgrade does not otherwise affect the stored configuration in the
ImageStream router. To back up the router's configuration prior to
upgrading, choose option 4 (Backup/Restore) from the router's main menu.
Choose the Backup methods option (Option 1) and select a method from the
choices listed.  From the router's command line, use the "backup
" command. The backup utility takes four arguments: flash
(to back up configurations to the router's nonvolatile flash memory),
floppy (to back up to a floppy disk), scp (to back up via secure copy), or
file (to back up to a separate file on the router's nonvolatile flash
memory).


----------------------------


Copyright and Trademarks


Copyright 2002 ImageStream Internet Solutions. All rights reserved.

ImageStream is a trademarks of ImageStream Internet Solutions, Inc.  All
other marks are the property of their respective owners.

Notices

ImageStream makes no representations or warranties with respect to the
contents or use of this document, and specifically disclaims any express
or implied warranties of merchantability or fitness for any particular
purpose. Further, ImageStream reserves the right to revise this
publication and to make changes to its content, any time, without
obligation to notify any person or entity of such revisions or changes.

Contacting ImageStream Technical Support

Every ImageStream product comes with a one year hardware and software
warranty. ImageStream provides technical support via voice, FAX,
electronic mail, and the web. Technical support is available 24 hours a
day, 7 days a week.

To contact ImageStream technical support by voice, dial +1 (574) 935-8484
worldwide. By FAX, dial +1 (574) 935-8488. By electronic mail, send mail
to support@imagestream.com. Using the World Wide Web, see
http://support.imagestream.com/