LoadMaster 7.2.48.1 Release Notes

LMOS Version 7.2.48.1 is a bug-fix release made available in November 2019. Please read the sections below before installing or upgrading.

Contents

Supported Models
Upgrade Path
Issues Resolved
Existing Known Issues

Supported Models

This release of LMOS is supported on the Hardware and Virtual platforms specific in the first two columns of the table below. It is not supported and should not be installed on any of the hardware and software listed in the two columns at right.

Please note that the same update patch can be applied to any supported model regardless of:

  • licensing (e.g., SPLA, MELA)
  • platform (e.g., hardware, local cloud, public cloud)

Supported
Hardware
Models

Supported
Virtual
Models

UNSUPPORTED
Hardware

Models

UNSUPPORTED
Virtual

Models

LM-X3
LM-X15
LM-X25
LM-X40
LM-2400
LM-3000
LM-3400
LM-4000
LM-5000
LM-5400
LM-5600
LM-8000
LM-8020
LM-8020M
Bare Metal

VLM-200
VLM-2000
VLM-3000
VLM-5000
VLM-10G
VLM-GEO
VLM-MAX

LM-2000
LM-2200
LM-2500
LM-2600
LM-3500
LM-3600
LM-5300
LM-5500

LM-Exchange
LM-GEO

VLM-100
VLM-1000

If your model number is not listed above, please see the list of End of Life models.

Upgrade Path

You can upgrade to this release of LMOS from any previous 7.2.x release. For full upgrade path information, please see the article Kemp LoadMaster Firmware Upgrade Path.

Issues Resolved

The following issues, all of which were new in LMOS 7.2.48.0, have been resolved in this release.

PD-14112

SSO: Server side Form-Based authentication doesn't work on VS with WAF and ESP. This bug has been fixed.

PD-14054

Virtual Services with Wildcard URLs:Traffic running through a Virtual Service with a wildcard URL may cause the LoadMaster to reboot. This issue has been fixed.

PD-14047

UDP Virtual Services: UDP services on port 53 that use the Layer 7 non-transparent mode do not work correctly. This issue has been fixed.

PD-14046

Bare Metal: On certain bare metal LoadMasters, network interfaces no longer work after upgrade to 7.2.48. This issue has been fixed.

PD-14038

API: The PowerShell API "Remove-SplaInstance" is broken due to changes in the RESTful API "kill_spla_instance" response. This issue has been fixed.

PD-14036

API: The PowerShell API "Get-LicenseType" is broken due to changes in the RESTful API "alsilicensetypes" response. This issue has been fixed.

PD-14028

Licensing: After upgrade to 7.2.48, Trial LoadMasters have the 'Offline Licensing' option grayed out (non-selectable) on the 'Update License' page. This issue has been fixed.

 

Existing Known Issues

The following known issues appeared in the Release Notes for the previous release.

PD-14100

ESP SSO: After login through the LoadMaster Single Sign On Outlook Web Access forms, the user is immediately logged out.

PD-13904

SSO: Password expiry notifications do not currently work with Forms Based Authentication (FBA) enabled on the server side.

PD-13873

10 Gb Interfaces (AWS only): The AWS driver for 10 Gb interfaces (ENA) does not provide a link indication in its output, and so ‘No Link’ is the status displayed for a 10 Gb interface on AWS. Interface graphs for 10 Gb interfaces on the statistics page are not scaled properly, and so can run off the display; this will be addressed in a future release.

PD-13385

WAF: With WAF enabled on a Virtual Service, HTTP PUT commands that use chunked transfer encoding are dropped. This issue will be fixed in a future release.

PD-12838

ESP / SSO: The ESP Permitted Group SID(s) setting is not working as expected when configured on a on a subVS.

PD-12653

Networking: A Hyper-V VLM won't boot when a 4th NIC is added.

PD-12616

WAF / Compression: With Web Application Firewall (WAF) enabled, compressed files are incorrectly decompressed. As a workaround, ensure compression is enabled in VS Advanced Properties by selecting the Enable Compression option.

PD-12492

Downgrade: If an Azure VLM is downgraded to the LTS firmware release (7.1.35.x), the WUI may display in the top right-hand corner that the VLM is a Hyper-V VLM. This indicates that the Azure VLM Add-On Package must be added to the system to provide full Azure VLM functionality. If this occurs, please contact Kemp Support to get the required add-on package.

PD-12354

Hardware Support: The LoadMasters LM-X25 and LM-X40 do not support the following SFP+ modules in this release: LM-SFP-SX (SFP+ SX Transceiver 1000BASE-SX 850nm, 550m over MMF), LM-SFP-LX (SFP+ LX Transceiver 1000BASE-LX 1310nm, 10KM over SMF).

PD-12237

HA / NTP: Configuring NTP for the first time after the system is running in High Availability (HA) mode and when the current time on the machines is not correct, may cause the systems to both go into the Master state.

PD-12147

ESP / RADIUS: In a LoadMaster configuration with ESP and Radius server-side authentication enabled, sessions may fail to be established.

PD-12058

Browser Support: An issue exists when connecting to the LoadMaster WUI when using newer versions of the Firefox browser on initial configuration of a hardware FIPS LoadMaster.

PD-11861

RADIUS / IPv6: IPv6 is not supported by the current RADIUS implementation in the LoadMaster for both WUI Authorization and ESP Authentication.

PD-11166

Networking: Azure LoadMasters are not translating the additional network address between the Master and Slave correctly.

PD-11044

Sharepoint Virtual Services: A second authentication prompt is presented when a file is uploaded to SharePoint with the following configuration: WAF is configured with Process Responses enabled on the main Virtual Service and KCD is enabled on the SubVS level for server-side authentication.

PD-10917

HA: An issue exists when setting up a 2-armed HA Virtual LoadMaster in Azure.

PD-10784

HA: Configuring LoadMaster HA using eth1 on an Amazon Web Services (AWS) Virtual LoadMaster does not work.

PD-10586

GEO: If a GEO FQDN is configured with All Available as the Selection Criteria, IP addresses are returned even if the cluster is disabled.

PD-10490

Content Rules: The vsremovewafrule RESTful API command does not allow multiple rules to be removed.

PD-10474

Intrusion Detection: A SNORT rule is triggering a false positive in certain scenarios.

PD-10466

Hardware Support: The LoadMaster LM-X15 does not support the following SFP+ modules in this release: LM-SFP-SX (SFP+ SX Transceiver 1000BASE-SX 850nm, 550m over MMF), LM-SFP-LX (SFP+ LX Transceiver 1000Base-LX 1310nm, 10KM over SMF).

PD-10193

Exchange 2010 Virtual Services: A WAF, ESP, and KCD configuration with Microsoft Exchange 2010 is not supported.

PD-10188

Browser Support: (Safari) When adding a Real Server to a Virtual Service or SubVS using the Safari browser, the list of available Real Servers is not available.

PD-10159

Statistics: When upgrading firmware from version 7.1.35.n, CPU and network usage graphs are not appearing. As a workaround, reset the statistics in the WUI.

PD-10136

Clustering: In a LoadMaster cluster configuration, a new node can be added with the same IP address as an existing node.

PD-10129

Virtual Services: There is a discrepancy in validation between global-level connection timeout and Virtual Service-level timeout.

PD-9854
PD-13385

WAF: When WAF is enabled, any requests received that have chunked transfer encoding enabled (e.g., POSTs) are not processed properly and are not forwarded to a real server.

PD-9816

WAF: There is an API command to list individual rules in a ruleset, but there is no command to list the available rulesets themselves.

PD-9765

GEO: DNS TCP requests from unknown sources are not supported.

PD-9507

Networking: Unable to add an SDN controller using the RESTful API/WUI in a specific scenario.

PD-9476

WAF: There is no RESTful API command to get/list the installed custom rule data files.

PD-9375

Sharepoint Virtual Services: Microsoft Office files in SharePoint do not work in Firefox and Chrome when using SAML authentication.

PD-8853

GEO: Location Based failover does not work as expected.

PD-8725

GEO: Proximity and Location Based scheduling do not work with IPv6 source addresses.

                              

 

Was this article helpful?

1 out of 1 found this helpful

Comments

Avatar
tm-system

What about the model "VLM-MAX" (virtual appliance with MELA License)? Is this release 7.2.48.1 supported for this model?

Avatar
Paul Crotty

Yes this firmware 7.2.48.1 supports the LoadMaster Model VLM-MAX.
And I have requested the Release notes to be updated to reflect this.

Avatar
james.edwards

What is the minimum version from which this update can be directly updated to?

Avatar
Mark Hoffmann -- Technical Product Manager, LoadMaster Product Owner

Hi James,

You can directly upgrade to LMOS 7.2.48 from any previous 7.2.x version. Please see this article for more information on the upgrade path from various previous releases.

Best Regards,
Mark

Edited by Mark Hoffmann -- Technical Product Manager, LoadMaster Product Owner
Avatar
james.edwards

Thank you! I was looking for the page you linked to, but I didn't find it on my own. Perhaps that should be "stickied" somewhere prominent.

Avatar
Mark Hoffmann -- Technical Product Manager, LoadMaster Product Owner

Hi again,
I was just thinking the same thing...I added an Upgrade Path section to the release notes document above, with a link to this document.
Cheers,
Mark

Avatar
dklicks

Hi,

we just upgraded from 7.2.42.0 to 7.2.48.1. We see a difference in Real Time Statistics > Real Servers. The old version showed overall status "Up" for servers even when the server is disabled (drill into the server) for a certain VS. The new version now shows "Ambiguous" when the server is up for most VS but disabled for a single VS. And I mean intentionally disabled - not faulty.

Is this intended behaviour in displaying the status?

Thanks,
Daniel

Avatar
Naseer Husein

Daniel,

If the status is showing "Ambiguous", it means that the real server is disabled in one VS but enabled in another VS.

https://support.kemptechnologies.com/hc/en-us/articles/115003506643-Ambiguous-real-server-status

Avatar
dklicks

Hi Naseer,

thanks for the very fast reply. It's more are question about why has it changed from one to another OS version.

When a VS is intentionally disabled, for a real server the status up (like it was in the old OS) makes more sense than the status ambigious (like it is in the current OS).

Is it a bug or intentionally changed behaviour?

Avatar
Brian Morich

Hi Daniel,

This was an intentional change, a disabled RS will have the same status as a RS that has failed a healthcheck when determining if the RS displays as 'Ambiguous' or not under Real Time Statistics -> Real Servers.

Avatar
dklicks

Thanks for clarification, Brian!