LoadMaster LTS Release Notes

1 Software Release Notes Introduction

This document describes the features in the LoadMaster Long Term Support (LTS) releases.

We recommend you fully back up the LoadMaster configuration before upgrading the software. Instructions for backing up the LoadMaster are described in within the documentation which can be found at http://kemptechnologies.com/documentation.

Installation of this software and reloading of the configuration may take up to five minutes, or possibly more, during which time the LoadMaster being upgraded is unavailable to carry traffic.

1.1 Pre-requisites

The following are recommendations for upgrading the software:

The person undertaking the upgrade should be a network administrator or someone with equivalent knowledge.

In case of issues restoring backup configurations, configuring LoadMaster or other maintenance issues, please refer to the LoadMaster documentation which can be found at http://kemptechnologies.com/documentation.

1.2 Support

If there are problems loading the software release, please contact KEMP support staff and a KEMP support Engineer will get in touch with you promptly: http://kemptechnologies.com/load-balancing-support/kemp-support

1.3 Compatible Products

LM-2000

LM-2200

LM-2400

LM-2600

LM-3600

LM-5300

LM-5305

LM-5400

LM-5000

LM-5600

LM-8000

LM-8020 (supported on version 7.1-30 and above)

LM-R320

VLM-100

VLM-200

VLM-Exchange

LM-Exchange

LoadMaster for vCloud Air

LM-3000

LM-4000

VLM-1000

VLM-2000

VLM-5000 

VLM-DR

LM for UCS B Series

LM for UCS C Series

LM for Oracle Sun x86 servers

LM for HP ProLiant servers

LoadMaster for Fujitsu Primergy

LoadMaster for Dell R-Series

LoadMaster for AWS

LoadMaster for Azure

2 Release 7.1.35.3

Refer to the sections below for details about firmware version 7.1.35.3. This was released on 5th April 2017.

2.1 Feature Enhancements

Updated OpenSSH version to 7.4p1.

Updated OpenSSL version to 1.0.2k to mitigate against the following vulnerabilities:

- CVE-2017-3731

- CVE-2017-3730

- CVE-2017-3732

- CVE-2016-7055

Updated BIND to version 9.10.4-P5 to mitigate against the following vulnerabilities:

- CVE-2016-9131

- CVE-2016-9147

- CVE-2016-9444

- CVE-2016-9778

Updated the Copyright Notices on the LoadMaster console and Web User Interface (WUI).

Support added for OWASP CRS 3.0 rules.

 

2.2 Issues Resolved

PD-9042 Removed brackets from IPv6 X-Forwarded-For header.
PD-8643 Increased the connection levels that cause local port exhaustion.
PD-8982 Added an option to not include netstat in backups.

PD-9075

Fixed some session management issues.

PD-8996 Fixed an issue that was causing the SSL open/opening connections limit to be reached incorrectly.
PD-8777 Fixed an issue that prevented clients from authenticating using the Edge Security Pack (ESP) in certain scenarios.
PD-8717 Fixed an issue relating to the ESP Locked_users file.
PD-8569 Stopped an unnecessary error message from being displayed when viewing log files.
PD-9120 The Virtual Service status is listed in the stats Application Program Interface (API) command.

2.3 Known Issues

PD-8009

The listcluster API command does not return a status.

PD-8298

There are some issues relating to IPv6 routing.

PD-8097

There are some issues accessing WebSocket when using Firefox and a LoadMaster.

PD-8005

There are issues with the PowerShell API that are causing errors with Microsoft Service Management Automation (SMA).

PD-8341

The MTU size is getting reset to 1500 when bonding interfaces.

PD-8305

The aslactivate API command always returns a success message even when the activation fails.

PD-8192

The Get-NetworkDNSConfiguration API command returns High Availability (HA) parameters, even when the LoadMaster is not in HA mode.

PD-7778

In some circumstances, the SSL open/opening connections limit is reached, even though there are only a few connections running.

PD-7559

It is not possible to add a comment to a block or whitelist entry in the Access Control List (ACL) when using the API.

PD-8196

There is no validation of the remote URI when enabling WAF logging using the API.

PD-8174

Clusters with a forward slash (/) in the name do not show up in the WUI.

PD-8107

It is not possible to force an NTP update using the API.

PD-8038

In some scenarios, the API is not returning the correct value for the cluster status.

PD-8014

A remote LoadMaster cluster does not respond unless the remote LoadMaster has a Virtual Service.

PD-8225

An incorrect error message is displayed when incorrect credentials are used when licensing the LoadMaster.

PD-8205

When using content rules, the LoadMaster does not match the port when trying to select a Real Server.

PD-7487

When adding a local user and the name of the user is bal, the response is correct but the response stat is invalid – it should be 400/422 or another stat, but not 200.

 

3 Release 7.1.35.2

Refer to the sections below for details about firmware version 7.1.35.2. This was released on 9th November 2016.

3.1 Issues Resolved

PD-8290

Fixed an issue that was causing browsers to execute JavaScript from warning logs.

PD-8240

Fixed an issue with IP assignment in Azure multi-arm LoadMasters.

PD-8193

Fixed a display issue with statistics.

PD-8189

Fixed an issue that allowed unauthorized API commands to be run.

PD-8188

Fixed an issue that caused errors to appear in the Virtual Service when no Web Application Firewall (WAF) rules were assigned.

PD-8187

Updated BIND to version 9.10.4-P3.

3.2 Known Issues

PD-8009

The listcluster API command does not return a status.

PD-8298

There are some issues relating to IPv6 routing.

PD-8097

There are some issues accessing WebSocket when using Firefox and a LoadMaster.

PD-8005

There are issues with the PowerShell API that are causing errors with Microsoft Service Management Automation (SMA).

PD-8341

The MTU size is getting reset to 1500 when bonding interfaces.

PD-8305

The aslactivate API command always returns a success message even when the activation fails.

PD-8192

The Get-NetworkDNSConfiguration API command returns High Availability (HA) parameters, even when the LoadMaster is not in HA mode.

PD-7778

In some circumstances, the SSL open/opening connections limit is reached, even though there are only a few connections running.

PD-7559

It is not possible to add a comment to a block or whitelist entry in the Access Control List (ACL) when using the API.

PD-8196

There is no validation of the remote URI when enabling WAF logging using the API.

PD-8174

Clusters with a forward slash (/) in the name do not show up in the WUI.

PD-8107

It is not possible to force an NTP update using the API.

PD-8038

In some scenarios, the API is not returning the correct value for the cluster status.

PD-8014

A remote LoadMaster cluster does not respond unless the remote LoadMaster has a Virtual Service.

PD-8225

An incorrect error message is displayed when incorrect credentials are used when licensing the LoadMaster.

PD-8205

When using content rules, the LoadMaster does not match the port when trying to select a Real Server.

PD-7487

When adding a local user and the name of the user is bal, the response is correct but the response stat is invalid – it should be 400/422 or another stat, but not 200.

 

Document History

 

Date

Change

Reason for Change

Ver.

Resp

Nov 2016

Release updates

Release 7.1.35.2

1.0

LB

Jan 2017

Minor update

Updated Copyright Notices

2.0

POC

Apr 2017 Release updates Release 7.1.35.3 3.0 LB

 

Was this article helpful?

0 out of 0 found this helpful

Comments