From ImageStream Router Documentation
ImageStream Linux Version 4.4.0-72 is now available as a general availability (GA) release for all ImageStream routers.
This software release is provided at no charge to all ImageStream customers. Version 4.4.0-72 is a is a maintenance release that is recommended for all customers who wish to utilize the latest software enhancements for their ImageStream router.
This release note documents commands and features added between version 4.3.1 and version 4.4.0-72.
Router Minimum Requirements:
The 4.4.0 distribution requires a minimum of 128 MB RAM and a 128 MB flash drive.
KNOWN BUGS/Missing functionality:
PPPoA support is non-functional. The 4.4.0 release currently has no PPPoA support as the pppoany module has not been ported from 2.4 to 2.6.
The following bugs have been fixed in Version 4.4.0:
Multicast problems with VLANs affecting OSPF
Version 4.4.0-71 fixes an uninitialzed field bug in the kernel which can cause multicast addresses to be removed instead of added to VLAN interfaces. This bug affects OSPF and can prevent neighbor packets from being received on an interface if VLANs are configured on that interface.
All customers who are running OSPF on VLAN interfaces should upgrade to release 71 or later.
PCI 530 DS3/E3 Fixes
Version 4.4.0-34 fixes a transmit timed out race condition in the 530-DE driver.
Multilink PPP small packet performance improvements
Version 4.4.0-63 changes the default transmit queueing method which dramatically reduces the number of dropped packets with small packet sizes and bursty traffic. This change improves Multilink PPP performance with 64, 128 and 256 byte packet sizes.
New Features in Version 4.4.0
4.4.0 utilizes the 2.6 kernel which adds many new features and performance improvements, SIP connection tracking, enhanced multi-processor support, and improved PPPoE/PPPoA/L2TP performance.
Detailed revision history:
date: 2010/07/28 MLPPP: Fix interoperability bug with Cisco IOS 12.3+ negotiating IPCP and IP6CP on the bundle. Add ATM length calculation to QOS library. To use, simply add "--calc_atm" to your QOS_IFACE statement and increase the bandwidth values to the true ATM cell rate of your DSL or ATM link.
Example for Embarq 3Mb / 512K service:
QOS_IFACE --name brSerial0.1 --policy default --max_in 3520 --max_out 768 \ --max_latency 150 --fair_queue --calc_atm
date: 2010/07/22 OSPF/Multicast bugfix: Fix an uninitialized field bug with multicast addresses which could cause newly-added addresses on a VLAN to actually be removed from both the VLAN and master device instead of added. The da_synced field was not initialized to 0 and as soon as the address was added to the VLAN a sync was called to copy the address to the master, but with da_synced being uninitialized, if the value was non-zero the address would be removed.
Symptoms of this bug are OSPF sometimes fails to see neighbors on VLAN interfaces or master interfaces when running a mixed tagged/untagged setup on the same interface. Setting either the master or VLAN into promiscuous mode (tcpdump, etc) would allow the OSPF neighbors to establish a session as it would allow for the reception of packets on the special multicast MAC address for the 126.96.36.199 group.
date: 2010/07/19 PPP: Don't restart LCP if IPCP times out - not the right thing to do and can lead to kernel panic.
date: 2010/07/01 MLPPP: Ignore LCP requests with multilink headers. If IPCP is negotiated on the multilink bundle instead of an individual link, don't attempt to restart LCP on the multilink bundle if IPCP times out.
date: 2010/06/25 PPP: Fix a problem with IPv6CP not being negotiated from the timeout procedure.
date: 2010/06/17 Inetics: Re-enable IPv6 negotiation by default in PPP.
date: 2010/06/15 Add daemon keepalives to quagga daemons.
date: 2010/06/11 Recompile iptables/xtables modules to match kernel change in release 62.
date: 2010/06/09 SNMP: Update to version 5.5 which fixes a problem with an off-by-one interface index problem caused by an IPv6 tunnel interface in the 2.6 kernel. dhcprelay: Bind to the first client IP address and use this address as the "gateway" IP reported to the server. Quagga: Update to version 0.99.16. Also fix the menuTitle path that changed and caused init scripts to throw errors in release 62.
date: 2010/05/18 MLPPP: Do not strip off PPP header in the decapsulate function which fixes a bug where a queued packet would have its PPP header removed. Normally packets are sent immediately, but a control packet sent while the device was one packet away from being full would trigger this bug.
530-DE: Increase the hardware queueing from 1.9 ms to 24 ms. Also add locking around the rx interrupt routine and go ahead and process the rx and tx queues from the interrupt routine if hardware is down (OOF set).
Configmgr: Change the default queueing discipline to byte fifo (BFIFO) instead of the PFIFO which counted packets. This allows precise control of maximum latency and avoids problems with dropped packets when dealing with a burst of small packets. Queue lengths are set to 100 ms for T1/E1 and 50 ms for DS3/E3/OC3/OC12 and 10/100/1000 Ethernet. VLANs and tunnels default to 50 ms at the 100 Mbps rate which still provides 5 ms at GigE.
Configmgr: new command keyword added to allow setting the tx queue length in terms of bytes: "hold-queue <length in bytes> bytes". So to set the queue length on a T1 to 50 ms or 9600 bytes (1,536,000/8 = 192,000 bytes per second / 20 ) why /20? because 50 ms is 0.05 seconds and 1/0.05 is 20 (one-twentieth of a second).
date: 2010/05/07 Ramdisk resize: resize prior to extracting configuration to avoid an out of space condition with large configurations. Remove gated menu options to fix a problem with long pathnames. This fixes menu bugs with certain Quagga menu items not functioning properly such as the OSPF enable script. SNMP bugfix: Add sensors library to fix the broken snmpd daemon caused by the new sensor package in release 60.
date: 2010/05/05 Add support for the new R8168 GigE drivers for the R1 Atom board.
date: 2010/04/29 Voltage/Temperature sensors now function but may not show correct ALARM status.
date: 2010/04/29 Add Coova-Chilli captive portal package.
date: 2010/04/26 Disable kernel preempt to avoid some locking issues with the e1000 driver.
date: 2010/04/23 Forced speed/duplex now takes the interface down prior to setting. Previously if the interface was up and transferring traffic a bug in the Intel E1000e driver could be triggered when restarting N-Way autonegotiation. This bug would lead to an overload of kernel debug statements about scheduling while not atomic. Taking down the interface when changing speed or duplex on an interface solves this problem. ADSL(PCI 300): Update to latest firmware/hardware driver. 530-TEJ: Fix a bug which prevented the configuration of 56K timeslots. PPP: Fix a negotiation problem which caused an entire IPCP configure request to be rejected when the peer was asking for his IP address and an unsupported parameter was present. We now NAK the request for his IP address but only if we accept all other parameters. The symptom of this problem was that protocol would come up for a fraction of a second and go back down until the next configure cycle.
date: 2010/04/05 PPP: bwlimit_iface: change default setting of verbose to off. Inetics: Compile configmgr shared in RBE to avoid PPPoE/PPPoA server crash.
date: 2010/03/29 Remove NO_HZ option from the kernel which was causing problems on certain hardware platforms.
date: 2010/03/10 PPP: Fix a RADIUS plugin bug which caused the ppp daemon to hand out a pool IP address instead of the RADIUS server assigned IP and also failed to negotiate because the peer was not authorized to use the pool IP.
date: 2010/02/26 Configmgr: Fix a bug which caused RADIUS information to be ignored for Virtual Template interfaces other than the first. Change default PPPoE/PPPoA bwlimit type from POLICER to HTB.
date: 2010/02/22 Bridging: Use 1024 bytes instead of 1900 for the command length as bash can fail at around 1890+. 530-TEJ: Fix an Rx overflow problem that could cause a port to stop receiving data in channelized mode when the T1/E1 loses signal and comes back.
date: 2010/02/03 Fix problems with bridges not removing IP addresses properly. Fix shutdown problems with bridges, Ethernet, VLANs and tunnels. - If an interface was marked as shutdown when Inetics loaded the interface could not be brought up without changing a parameter on the interface.
date: 2010/02/02 Add ltmodem support for dialout-ppp.
date: 2010/01/29 Revert back to Quagga 0.99.15 without MPLS support to resolve IPv6 problems. Add BGP scan timer load check to avoid a condition where the workqueue is never able to be depleted due to lack of CPU time.
date: 2010/01/21 Recompile kernel with virtualization support. dhcprelay: Fix a crash bug in options parsing from malformed packets. Inetics: All interfaces now default to point-to-point which eliminates the need to set the point-to-point flag in Quagga for OSPF.
date: 2010/01/18 Add RADIUS login support.
date: 2010/01/15 Configmgr bugfix: Allow PPPoE server mode to run on bridge interfaces (bvi).
date: 2010/01/13 Bugfixes for TACACS+ login support.
date: 2010/01/11 Fix TACACS+ login support so local users do not have to be present in /etc/passwd. Add OSPFv3 (ospf6d) support for OSPF and IPv6.
date: 2009/12/21 Kernel: Add support for the latest Intel E1000e chipsets. Inetics: Fix a long-standing bug with Frame Relay IARP replying with 0.0.0.0 as our IP. Failsafe: Fix a kernel boot bug with older ramdisks that had serial numbers.
date: 2009/12/07 Allow multiple ip helper commands (DHCP Relay)
date: 2009/11/17 Add Quagga 0.99.15 with MPLS and LDP support.
date: 2009/11/13 Add pufq support to qos library.
date: 2009/10/27 Add Quagga 0.99.15.
date: 2009/10/20 Configmgr: missed a commit that fixes argument parsing for user chains. Previously only the first argument was read.
date: 2009/10/14 Add logger and eth_header user chains to allow cross-connecting a WAN port with Ethernet.
date: 2009/10/08 Add new QoS library and default QoS script for low latency queueing and class-based queueing.
date: 2009/10/06 Change transmit queue on VLANs from 0 to 1000 so QoS can be configured. Dead gateway detection now only works on the default route so that interface routes don't get routed out a default gateway on wireless networks that throttle ARP requests.
date: 2009/09/16 sandcore: Call hardware reset routine via workqueue (thread context can sleep) 440: Add hardware reset routine which calls load_firmware(). configmgr-ppp: Add load average and memory limits based on free + cache.
date: 2009/09/18 PPP: Don't initiate IPV6CP by default but respond if the other end request it. Also clean up include files to allow compilation under 4.2 530-DE: Fix a race condition bug which caused the driver to detect a transmit timeout when none had really occurred. This race was much more likely to occur when a substantial amount of traffic is transmitted from a userspace thread such as OpenVPN rather than forwarded from another card in interrupt context.
date: 2009/09/04 ISDN fixes and updates. Add preliminary IPv6 support to configmgr and PPP (IPV6CP support).
date: 2009/08/26 Add support for the new PMC version of the QuadISDN adapter.
date: 2009/08/23 DHCP server: Fix a segmentation fault problem with the recent shared-network update.
date: 2009/08/19 Add fixed Quad-port ISDN driver. Fix image-based update scripts to support images larger than 25 MB.
date: 2009/08/19 Add support for Image-based updates.
date: 2009/08/14 POS OC3: Use watchdog polling again for hardware status detection. Asterisk: Add support for Asterisk 188.8.131.52, dahdi 184.108.40.206 and web-gui 2.0.4.
date: 2009/07/30 Add support for Perl 5.10.0 add-on package.
date: 2009/07/29 Add POS/OC3 support for the 4.4 distro. Support multiple cards and integrate latest OC3/OC12 DDK. Sandnone: Increase max rx buffers to 512 for high speed.
date: 2009/07/26 dhcp server: Allow multiple subnets per interface via automatic shared network support for subnets on the same interface.
date: 2009/07/06 Configmgr: Fix ISDN shutdown problem with 4.4. Fix for ISDN switch protocol not being set with 4-port card.
date: 2009/07/02 Add snmpset utility.
date: 2009/06/30 Quagga: Add 0.99.13 which fixes a problem with BGP and IPv6. Also added support for ospf6d.
date: 2009/06/23 Add updated sed utility.
date: 2009/06/18 Add ixb Intel GigE driver. Patch to kernel to remove WARN_ON debug message in skb_gso_segment() which was causing certain routers with bridging and vlan configurations to become overloaded and drop packets.
date: 2009/06/16 Added powercode package.
date: 2009/06/12 Added iptraf/iftop to stats. Fix a firewall status bug that didn't detect when NAT is loaded and would not offer to show NAT rules.
date: 2009/06/11 Fix ADSL problem overwriting chap & pap secrets file when each client launches. Add "ppp debug" option to ADSL & BRI interfaces.
date: 2009/06/09 Recompile with 586 support for Transports.
date: 2009/06/05 Update 300 series ADSL driver with hardware status support.
date: 2009/05/22 OpenSSH: Update to 5.2p1 OpenSSL: Update to 0.9.8k
date: 2009/04/30 Quagga: Bugfix for bgpd crash on long 32-bit ASNs: (http://lists.quagga.net/pipermail/quagga-users/2009-February/010342.html)
date: 2009/04/23 Added pcnet32 net driver for VMs.
date: 2009/04/02 Add ISis300 PCI ADSL2/2+ support.
date: 2009/02/24 Add the Envoy reboot patch to Envoy routers properly soft reboot.
date: 2009/02/13 Fix for BGP TCP/MD5 with Quagga 0.99.11.
date: 2009/02/04 POS/OC12: Change DDK to use wait queues instead of semaphores and debug level from 9 to 7 to avoid long boot times.
date: 2009/02/03 POS/OC12: Really add the new ddk.
date: 2009/02/03 POS/OC12: Added xsconsole debug utility, update OC12 firmware to fix a problem with high number of phy interrupts caused by the last update.
date: 2009/01/30 Recompile kernel and modules in original build environment.
date: 2009/01/27 POS/OC12: Remove Rx patch for the OC12 DDK. 520,600/800,POS/OC12,1000: Added proprietary license.
date: 2009/01/23 POS/OC12: Add support for jumbo frames via ethernet cross connect up to 9K.
date: 2009/01/17 Kernel: Added tcp advanced congestion routines to allow better performance on satellite links. Added all current addon package support from 4.2.12.
date: 2008/12/11 Start of 4.4.0 from 4.4.0-pre53
Detailed revision history for 4.4.0-pre:
date: 2008/12/09 RADIUS: Fix NULL pointer dereference if no gateway is sent for the Framed-Route option.
date: 2008/12/08 E1000/E1000E: Set netdev->irq right before request_irq(). It wasn't being set at all resulting in configmgr's inability to set up SMP affinity.
Configmgr: Run the SMPAffinity routine after interfaces are brought up because under 2.6 some ethernet devices have their IRQs remmaped on open.
ATM: Fix encapsulation aal5autoppp so that it will properly sense frames without SNAP headers. Previously we required SNAP headers to autosense. Now we also switch our transmit mode between SNAP and MUX PPP to match the frames being received.
date: 2008/12/08 Fix e1000/e1000e drivers to add netdev->irq so smp affinity works from configmgr.
date: 2008/12/06 e1000e driver: Change watchdog interval from 2s to 1s so stats updates properly. Fix a tx spinlock issue that was causing requeues. This driver was using a common adapter->tx_queue_lock in both the tx and tx_cleanup routines. The e1000 driver uses a tx_ring->tx_lock for the tx routine and the adapter->tx_queue_lock for the tx_cleanup routine. I changed the e1000e driver to use 2 locks like the e1000 driver.
date: 2008/12/04 Increase per-process file limit from 1024 to 8192 in /usr/share/profile.d/00enviroment.sh so L2TP can support more than 512 tunnels.
date: 2008/12/02 17:46:29; author: sandcomp; state: Exp; lines: +1 -1 Integrage l2tp support with configmgr. Also use my original ippool with pppd. Update quagga to 0.99.10 from 4.2.12.
date: 2008/11/12 440: Added a global 5 second delay in sand_probe() for to allow cards with old firmaware to initialize. This workaround is needed on systems with a mix of old and new cards. configmgr: Remove the sethorizon option for brctl from distributions other than 4.4.0-pre which don't support it.
date: 2008/11/10 440: Update to June 30 drivers which fixes a stuck transmitter bug and an initialization problem on cards with older firmware.
date: 2008/11/04 SAND: Fix a problem with some protocols that use sand_hw_driver_xmit() that wasn't being exported properly.
date: 2008/11/03 Add conntrack util support. We can now add/remove/list connections as well as flush the entire table.
date: 2008/10/31 Add custom ethernet modprobe for RR1000-GE to probe E1000 first.
date: 2008/10/29 Remove udp_csum call that was causing a kernel panic when sessions were being torn down. Fix socket usage count by adding an extra sock_put() call to the session teardown code. This call should be placed elsewhere but I don't know exactly where it belongs.
date: 2008/10/23 Upadted kernel, added Wireless Extensions. Needed to support madwifi. Updated udhcp package from 0.
date: 2008/10/14 Port pppd/radius plugin patches from 2.4.2b3 and change openl2tp to not load the pppd radattr.so plugin that depends on the other radius plugin.
date: 2008/10/03 Added ext3 resizing support to allow ramdisk resizing. Changed the ramdisk to be an ext3 filesystem with only 1M journal (smallest possible).
date: 2008/10/02 Added e1000e PCI Express driver for the Intel E1000. QOS: Remove /etc/rc.d/rc.router/S90QOS symlink from the package. This prevented users from disabling QOS on startup.
date: 2008/09/24 Added updated software packages for openl2tp version 1.15, pppd 2.4.4 and ippool-1.3 which is a network-based IP pool manager allowing pools to be shared between routers.
date: 2008/09/19 POS/OC3/OC12: Added support for ethernet cross-connect for the OC12 port to provide line rate down to 256 byte packets.
New command: service-module oc12 xconnect eth3
Specify the cross-connect ethernet device name using old-school Linux names for 4.4.0-pre.
You must have a GigE SFP in the bottom port on the OC12 card cabled to another GigE port on the router. That other GigE port is the port you specify in the service-module xconnect command. *note* For copper SFPs, use a straight through cable to connect the GigE ports. Fiber should be crossed over Tx <-> Rx. *IMPORTANT* Be sure to configure IP addresses on the cross-connect Ethernet device and not the OC12 Serial device!
Several changes were made to Inetics and our xs155 driver to support x-connect: - Hardware status (netif_carrier) follows protocol status for the OC12 serial interface. This required finally implementing the proto_change chain execution and registering a proto_change callback chain for the xs2000. - Configmgr has hooks to set up bandwidth limits on Ethernet devices. The xs155 hardware module for configmgr sets up a 601 Mbps tx rate limit on the cross-connect device. I just call the same configure_port_bwlimit() function that I call for protocol subs. It sets up a single HTB qdisc+class with the proper rate and r2q values for the rate.
PPP: For testing purposes added a command to ignore loopback. This should disable loopback detection for all L2 protocols. Right now PPP is the only one which does loopback detection.
New command: ignore-loopback
Stats: for ethernet devices make protocol status follow hardware status (down/up didn't make sense!)
revision 35 date: 2008/09/08
xs155: Remove all periodic watchdog timers -- lockup was observed in xs155_sleep(). What those timers do has not been debugged with the new DDKs.
revision 34 date: 2008/09/03
More (hopefully final) fixes for the POS/OC12 driver. Also fix SAND so it brings up interfaces before adding IPs so Quagga sees interface routes properly under 2.6.
date: 2008/08/28 Revert back to 0.99.7 for velocity online
date: 2008/08/27 Finally fix problems with locking around the hw_xmit function to allow the sand_tx_callback to properly retransmit control packets that had to be queued. The last commit had problems and resulted in lockups, BUG: Scheduling while atomic errors.
date: 2008/08/25 sandcore/protocols: Call netif_carrier_on/off on proto up/down for kernel >= 2.6.23 Also change all protocols to call dev->hard_start_xmit() directly again for kernel >= 2.6.23 instead of dev_queue_xmit(). I will have to check all hardware drivers to ensure they don't call the sand_tx_callback with interrupts disabled or their own device spinlocks held. They shouldn't and my old drivers didn't.
What does this mean?
Pros: 1) Solve the SMP race bug where setting dev->tx_queue_len++ didn't really guarantee your keepalive packet would get transmitted. 2) Allow netif_carrier_on/off() to be called so the Linux networking layers won't send us packets and we get proper interface status from the kernel and Quagga. Cons: 1) It's now possible for the hardware driver's tx routine to get reentered. All our hardware drivers should already have lock protection in them. 2) Calling dev_queue_xmit() instead of the hardware xmit was the original solution to some transmit timeout errors with proto subs but that code has been totally rewritten. 3) You won't see L2 protocol packets in tcpdump anymore (maybe a pro)
date: 2008/08/22 Remove tickless kernel support - back to 1000 HZ. Add the dead route patch.
date: 2008/08/13 Recompile with tickless kernel.
date: 2008/08/04 Install latest vconfig recompiled without c++ dependancy. Install current libstdc++ library from gcc 3.3.4 required by Squid, Snort and our upcoming configmgr.
date: 2008/07/31 Fix broken OC12 driver from last temp release -- I broke it with compatability code designed to make the xs155.o driver still compile against the old ddk/oc3 card.
date: 2008/07/30 xs155: Fix Rx corruption bug. Add xssfpdiag and a script to run it and fetch information on card 0 port 0 (sfp_diag) temporarily to sand.
date: 2008/07/22 Fix openvpn server mode script bug that logged authentication requests to /tmp/scott
date: 2008/06/25 Increase RAMDISK size to 54MB from 45 MB. Add latest SAND package with new xs155 driver -- (xs-2000) OC12 support. Add lspci to base binaries.
date: 2008/06/02 Add support for addon hard drive, apache and wireshark. Add dev files for hd[bcdefgh] from the latest 4.2.12-pre beta. Add kernel support for ext3 and DMA on hard drives.
date: 2008/03/27 Added new tcpdump
date: 2008/03/24 Add latest quagga/mpls code.
date: 2008/03/17 Opencalea: Add syslog debugging to tap and lea_collection. Add statistics file to both programs as well. tap is in /tmp/tap_%d.status (pid) and lea_collection is /tmp/collector_%d.status (pid).
date: 2008/03/10 Add Web administration base package.
date: 2008/02/21 Fix IPv6 iproute2 command support in configmgr.
date: 2008/02/20 Compiled in IPv6 support into kernel. Removed IPv6 kernel module from kernel-modules package. Add binaries ping6, traceroute6, tracepath6 to Base-networking package. Added support for IPv6 tunnels to iproute2 ip command.
date: 2008/02/15 Add Quagga 0.99.9 with MPLS patches, ldpd and rsvpd.
date: 2008/02/06 Add split horizon support to bridging.
date: 2008/02/05 Recommitting everything due to corrupted repository.
date: 2008/02/04 Fix for kernel panic when frames > dev->mtu are sent via mpls tunnel.
date: 2008/02/01 Change skb headroom from 16 to 32.
date: 2008/01/30 Fixes to allow VPLS bridging over MPLS.
date: 2008/01/25 Change mpls core to allow baby giants up to 40 bytes > device MTU for bridged mpls packets.
date: 2008/01/23 Added MPLS ebtables kernel modules.
date: 2008/01/15 Added quagga 0.99.6 with MPLS support.
date: 2008/01/09 Added base MPLS support.
date: 2007/12/17 Add missing NOTRACK target.
date: 2007/12/14 Add tulip/LMC/SBE patch
date: 2007/12/13 Added KVM support and USB mass storage support.
date: 2007/12/12 Fix loopback support - use modprobe for dummy not insmod
date: 2007/12/07 Rev to rel2
date: 2007/11/19 Start of 4.4.0-pre cut from 4.3.1-13. This tree is designed for 2.6 support for all routers. For now I have ethernet and most wan card support. This release is for SIP NAT and conntrack support for a Rebel customer.