From ImageStream Router Documentation
ImageStream Linux Version 4.2.11 is now available as a general availability (GA) release for all ImageStream routers except the Envoy.
This software release is provided at no charge to all ImageStream customers. Version 4.2.11 is a maintenance release that is recommended for all customers who wish to run the latest GA release on routers other than the Envoy.
This release note documents commands and features added between version 4.2.10 and version 4.2.11.
The following bugs have been fixed in Version 4.2.11:
Up to 4 GB RAM now Supported
- Previous versions of ImageStream Linux supported a maximum of 1 GB RAM.
- Version 4.2.11 now supports up to 4 GB of RAM.
- Version 4.2.11 fixes stability and scalability problems with L2TP. CPU usage has been
- decreased dramatically resulting in the ability to support thousands more connections
- on the Gateway platform.
PCI 530-DE Transmit FIFO Underrun Handling Changes
- The PCI 530-DE driver will now dynamically increase the transmit FIFO size when
- underrun errors occur.
PCI 440 T1/E1/SSI Fixes
- Version 4.2.11 adds support for the PCI 440 T1/E1 and SSI cards. Later releases fixed various bugs
- related to the drivers and firmware for the cards.
Detailed revision history:
date: 2008/03/05 Fixed a bug with MLFR introduced in revision 25. We stopped adding MLFR headers to LMI packets and protocol wasn't coming up!
date: 2008/02/28 Fixed a setnprobe bug that would cause the script to crash and nprobes to shut down when more than one interface was configured.
date: 2008/02/20 530-TEJ, 440-TEJ: Fix timeslot display for E1 mode. It was displaying one too high (timeslot+1). Also fixed the handling of timeslots separated by a ',' in E1 mode. It was adding one to any timeslot separated by a comma making it impossible to specify non-contiguous timeslot mappings for E1. Inetics: Fixed the "Protocol xxx is buggy" messages that occur when a port is in promiscuous mode. Yes this has been fixed in the past but recently broke when I made a change to support the newest 2.6 kernel with a completely different skb structure which didn't have the skb->nh field. I set the mac pointer but not the network pointer for locally generated packets like HDLC keepalives, PPP LCP packets and Frame Relay queries.
date: 2008/02/13 Commit the latest 440 firmware changes into the 4.2.11 release.
date: 2008/02/12 Revert back e1000 driver from 7.3.20 to 6.3.9 to solve a tx timeout problem on Gateways with a particular P4 SBC. We updated to 7.3.20 in release 44 for ICH8 support which we don't use currently.
date: 2008/01/25 Remove dead gateway detection for all routes except default gateway.
date: 2007/12/28 Revert back to old 440 firmware - SSI cards do not always init properly - stats locked.
date: 2007/12/20 Reduce the bridge command line length to 1900 from 2048 to fix a customer config which was hanging while adding ports to bridge groups. Bash version 2.04 does not like commands > 2k.
date: 2007/12/06 Added USB mass storage support and boot support from USB flash drives.
date: 2007/12/05 Added the latest e1000 driver from the 22.214.171.124 kernel.
date: 2007/11/29 Fix kernel pppol2tp problem with openl2tpd being signaled for every packet transmitted.
date: 2007/11/26 Added ucarp 1.3
date: 2007/11/21 Added powercode install script and menu option.
date: 2007/11/15 Add sip connection tracking support. Usage: modprobe ip_conntrack_sip modprobe ip_nat_sip iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT iptables -A INPUT -p udp --dport 5060 -j ACCEPT iptables -A FORWARD -p udp --dport 5060 -j ACCEPT # Nat as usual -- nothing special needed in the nat rule. iptables -t nat -A POSTROUTING -s 192.168.10.0/24 -j SNAT --to 126.96.36.199
date: 2007/11/14 Added a packet mirroring chain. Use this chain on the receive chains and it will make a copy of the packet and retransmit on the specified interface. Use the rx_ddp chain to mirror the packet without the L2 protocol header. The rx_edp chain will mirror it with the L2 protocol header. Usage: addchain mirror <chain to insert on> <priority> <output device name> Example: # Mirror all traffic received on Serial0 without the PPP headers. This will not # mirror any of the PPP negotiation traffic (LCP/IPCP/Keepalives). loadchain mirror.o mirror interface Serial0 encapsulation ppp ip address 192.168.66.1 255.255.255.252 addchain mirror rx_ddp RX_DDP_DEFAULT Ethernet1 !
date: 2007/11/07 Fix HFSC qdisc support.
date: 2007/11/06 440: latest firmware sandcore: remove old add_routes and remove_routes routines that were causing wait_on_irq messages on routers with thousands of interfaces when the link transitioned
date: 2007/11/05 Fix broken conntrack support in esfq. Their #ifdef CONFIG_NF_CONNTRACK needed to be CONFIG_NETFILTER
date: 2007/10/31 Commit latest SAND release with the following changes:
date: 2007/10/16 Fix bwinit/bwadd so that it doesn't always specify "burst 2k" and artifically limit fast classes - 100Mbps classes could only get about 35Mbps. Also make bwinit calculate r2q like configmgr does and pass through the bandwidth value the user specified instead of recomputing in bytes per second. This means the root class will now show "100mbit" instead of 12500000 which was confusing as it's in bytes per second!
date: 2007/10/04 Added latest (4.1.5) version of GNU sed to the distro to support \n
date: 2007/10/01 Fix tc pfifo_fast so it doesn't display an error for that qdisc. Not sure why this broke but something we linked against must have changed!
date: 2007/09/27 pppd: Fix a problem with a BAS server resending an LCP config request immediately after we sent an auth request and LCP was already open. I had pppd die in this case because radius cannot reauth without crashing. I changed pppd so that it only dies if it had authenticated.
date: 2007/09/25 Add pppol2tp module with hash table lookups for multiple L2TP tunnels running over one socket. In reality what's happening is Linux does not bind an incoming UDP connection to the proper secondary ip address - it only binds to the primary.
date: 2007/09/21 Fix l2tp problem with multiple tunnels on one socket - didn't work. Really it's happening when we've got multiple IPs bound to one interface and the LACs are round-robining between them. We bind to the primary IP only so all our sockets are coming from the one address and were causing the kernel not to find the session as it was looking at the wrong socket / tunnel.
date: 2007/09/19 Change revision.
date: 2007/09/13 L2TP: Added global "l2tp max-sessions" and "l2tp max-tunnels" commands to limit the number of L2TP sessions and tunnels on a system. By default we set max-sessions to 4000. I have tested 6000 successfully with 2GB of RAM on a 2.4GHz Core2 Duo Gateway. 440: Commit firmware which fixes the Tx problems we were having with T1/E1. Not sure if it was the rise time change on the outputs from the FPGA, rerouting due to the loopback additions or due to the updated software used to synthesize.
date: 2007/09/04 Fix problem with iproute2's ip utility not showing interface names but if%d instead caused by my recent performance changes.
date: 2007/08/28 Add support for PPP over Frame Relay and add memory leak check to logging functions.
date: 2007/08/23 530-DE: When a Tx FIFO underrun occurs increase the fifo threshold to the next value. Default is 128 bytes, then 256, 512, 1024 and finally store and forward (entire frame must be in the fifo before transmitting onto the line) These FIFO underruns occur when the card cannot perform PCI bus read request to fetch more data for the FIFO before the FIFO empties. It only takes 23 microseconds to empty 128 bytes at DS3 speeds. A 32 bit 33 MHz PCI bus should be able to transfer 128 bytes in approximately 2 microseconds.
date: 2007/08/20 Fix problems with esfq not being recognized by tc - change the main structure from esfq_qdisc_util to esfq_util so the tc from iproute2-2.4.7 would recognize it. Compile as a module which will get probed by tc.
date: 2007/08/17 Configmgr: Dramatically decrease the time it takes to install 2000 atm route-bridged interfaces since the chicken/egg fix a month ago. We now combine multiple brctl commands into as many as will fit in 2k Configmgr: Check for invalid proto sub indexes and vlan indexes so Serial0.0 doesn't do nasty things like change the master interface's bandwidth and hang configmgr with an extra module count on sandcore. iproute2: Fix the ip command so it doesn't load the entire interface table on init. brctl: Allow multiple commands to be sent for multiple bridges not just multiple settings on one bridge - i.e. set br = NULL at the end of the loop.
date: 2007/08/16 Added ESFQ support (enhanced SFQ) to the kernel to allow SFQs that can hash based on source or dest IP instead of by connection to provide fair access per machine and not let one machine with heavy P2P traffic dominate.
date: 2007/08/15 Added license support to the 2.4 distro - same as Envoy.
date: 2007/08/10 Fix power on init problem with the r8169 RealTek GigE drivers for the R1. If I ifconfig down/up the interface it starts working. With ethtool it would hang getting stats. Ifconfig showed 0 packets tx and rx. It only happened on cold power start. I simply call the tx_timeout routine to reinit it on open.
date: 2007/08/09 Modify phy init for the single port POS/OC3 card per Andre.
date: 2007/08/07 Added sand 3.5.26 release 9 with loopback support for the 1001/1004-O3 POS/OC3 cards. Commands are the same as DS3/T1: For line loopback (bypasses the framer): interface Serial0 loopback line ! For local loopback (framer sends back to us): interface Serial0 loopback local ! No payload loopback is available meaning we cannot have the remote's data come in to our framer and then go back out thereby testing our framer.
date: 2007/08/03 Added 1104-O3 driver with phy debugging messages/statistics that print every 3 seconds when hardware debug >= 8.
date: 2007/07/31 Remove dead gateway detection debug
date: 2007/07/13 Fix dead gateway detection.
date: 2007/06/22 Configmgr: Fix chicken/egg problem with bridging over tunnels for good this time! I split the bvi configuration out from adding the bridge ports. Now the bvi gets configured and IPs assigned to it. Then tunnels are spawned. Then bridge ports are added. That allows a tunnel to specify a source IP from one bridge group and bridge that tunnel to another bridge group.
date: 2007/06/14 Removed some debug from SoftATM code.
date: 2007/06/08 SoftATM: Tweak tx scheduler table size to avoid CRC errors.
date: 2007/06/07 Major memory leak/crash fixes for SoftATM/IMA - don't try to reset the ring or bad things can happen. Also fix a small memory leak - 4 chains per port were not getting freed properly in ATM/IMA mode. Core: add a logging thread to queue up log messages from PROTO_DEBUG and HW_DEBUG so they don't get sent to the console at hard interrupt time. I had to update all hardware drivers that did printk's instead of SAND_DEBUG.
date: 2007/06/01 Added fix for OpenL2TP crashing on mtu change - mtu didn't really change!
date: 2007/05/30 Disable sconsoled to solve the gateway serial console lockup for a customer. This also fixes the problems with panics not being printed. This should not break SoftCell.
date: 2007/05/22 Added newest tg3 driver for new Gateway with 2xGigE ports Added the latest 440 driver fixes for SSI/high speed mode.
date: 2007/05/17 Added 440 driver changes to support high speed operation with SSI cards.
date: 2007/05/16 Added OpenCalea package to 4.2.11 and changed the udhcpc client script to support load balancing DHCP connections by default. It will add the default route as a nexthop route and add an ip rule to match the local ip and send to a routing table id based on the interface's id as shown by ip link. The interface's subnet and a default route are placed in the separate routing table so that NAT will work properly - packets sourced locally from the router will go out the correct interface.
date: 2007/05/06 Added latest OpenL2TP software and 1 minor sand change - configmgr waits 1 second before blasting configs.
date: 2007/04/25 Added OpenL2TP version 0.17 compiled with DMALLOC enabled - doesn't crash now! PPP: don't take down LCP and exit when receiving a config request over L2TP
date: 2007/04/24 Recompile everything for 4Gig high memory support.