User Tools

Site Tools


maintenance:releases:7.0.3_20180215
LDAP: couldn't connect to LDAP server

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision
Previous revision
maintenance:releases:7.0.3_20180215 [2019/07/16 13:33] – ↷ Links adapted because of a move operation jboschmaintenance:releases:7.0.3_20180215 [2019/12/23 16:11] (current) – ↷ Links adapted because of a move operation yspeerte
Line 1: Line 1:
 +{{indexmenu_n>20180215}}
 +
 +===== NetYCE 7.0.3 Build_20180215 =====
 +===== Release notes =====
 +Date: 2018-02-15
 +
 +
 +\\ 
 +<WRAP widths 60% box safety>
 +==== Enhancement ====
 +</WRAP>
 +
 +=== Scheduled jobs ===
 +<WRAP indent>
 +On NetYCE environments using multiple servers, each server runs its own scheduler to 
 +execute the jobs. The 'Operate - Jobs - Scheduled jobs' tool gives a status listing
 +of all the servers job and allow the operator to manage them.
 +
 +Since each server uses its own scheduler, the operator needed to switch to the appropriate
 +server to manage the jobs scheduled there. This task has now been simplified by extending
 +the 'Scheduled jobs' tool with all jobs of all schedulers and enabling the operator to
 +manage these jobs from any server.
 +
 +</WRAP>
 +
 +=== Service-type Add-Port(s) ===
 +<WRAP indent>
 +Two new service-type commands were added that allow the creation of ports for a node. These
 +are ADD - PORT(s) - TYPE_FROM_NAME and permit the operator to pass interface names that 
 +include the interface-type.
 +
 +The interface-type part of the interface-name is validated to determine the required port 
 +type to create. This validation is very flexible in this determination since you can either 
 +specify the type using the NetYCE Port_class abbreviations (Fa, Gi, Te, Ma, Lo, Po, etc) or 
 +the longer generic names (FastEthernet, GigabitEthernet, Port_channel, etc), but also the vendor 
 +specfic interface-names (100GE, xe, Bridge-Aggregation, etc).
 +
 +The examples below demonstrates this behaviour, each format produces the same interface for
 +a HP C5 device:
 +  Gi/0/1/2
 +  Gi00/01/02
 +  Gigabit_ethernet0/1/2
 +  GigabitEthernet/00/01/02
 +
 +Existing service type commands that include the port-type (e.g. ADD - PORT - GIGABIT_ETHERNET) 
 +also support the port-type sepecification but is optional. When included in the port-name, the
 +type overrides the type in the command.
 +
 +</WRAP>
 +
 +=== SUPERNET service_types ===
 +<WRAP indent>
 +The Service_types had so far only very limited support for managing a Clients IP supernets.
 +To allow manipulation of the supernets, the single existing service-type call was replaced
 +for eight new calls:
 +
 +^Name call^Description^
 +|ADD - SUPERNET - IP_SUPERNET|add new ip-supernet range to client. Format value as "<net-address>/<prefix>". Set ip-plan using Assign-Supernet-Ip_plan or use API custom var "ip_plan"|
 +|ADD - SUPERNET - IP_PLAN|add new ip-supernet range to client from pool of free Supernets using numeric ip-plan ID. Or use API custom var "ip_supernet" to specify the supernet|
 +|ASSIGN - SUPERNET - IP_PLAN|assign the numeric ip-plan ID to the supernet-alias. Supernet and plan prefixes must match. Cannot change a supernet plan-id which has active subnets|
 +|ASSIGN - SUPERNET - DNS_DOMAIN|assign the value to the supernet Dns_domain attribute|
 +|LOCATE - SUPERNET - IP_SUPERNET|find the supernet within the client matching the "<address>[/<prefix>]" value|
 +|LOCATE - SUPERNET - IP_PLAN|find the (first) supernet within the client matching the Ip_plan value|
 +|DELETE - SUPERNET - FREE|remove the supernet from the client IF there are no subnets left. Place supernet in free pool|
 +|DELETE - SUPERNET - COMPLETE|remove the supernet from the client after DELETING all its subnets. Place supernet in free pool|
 +
 +</WRAP>
 +
 +=== Device file transfers ===
 +<WRAP indent>
 +To simplify the upload and download of files beween network devices and the NetYCE system,
 +new Scenario commands have been added. 
 +
 +The ''**file_get**'' retrieves a file from the NetYCE system and transfers it to the device. \\
 +The ''**file_put**'' retrieves a file from the node and transfers it to the NetYCE system.
 +
 +The transfer uses SFTP or TFTP depending on the available support from the vendor and the 
 +connectivity available. The implementation of these commands is at its introduction only
 +available for the Juniper junos vendor. Others will follow shortly.
 +
 +</WRAP>
 +
 +=== Mpls / Vrf type attribute ===
 +<WRAP indent>
 +To assist creating 'categories' of Mpls vrfs and Node vrfs, the attributes 'Mpls_type' and 
 +'Vrf_type' have been added to their respective object types.
 +
 +The values for these attributes are defined in the 'Lookup' using the 'Mpls_type' variable 
 +of the 'Translation' class. As many entries as desired can be created using this lookup
 +variable. These values will be presented as drop-down menu lists from which one value can be selected.
 +
 +</WRAP>
 +
 +=== IPv6 Extra buttons ===
 +<WRAP indent>
 +The Create IPv6 Subnets form has been modified with four extra buttons in order to get more control over the start and end of the range of subnets you want to assign.
 +
 +</WRAP>
 +
 +=== Customer special update: RN3 Core vlans ===
 +<WRAP indent>
 +The custom tool "RN3 Core - Add/remove vlan" could not modify the RN3 core vlan in the migration scenario
 +where a local node form a different location (changed ip-ranges) was to be attached to an existing
 +EVPN connection. Changes to the evpn 'identifier' and the used relation were required.
 +
 +Changes to the evpn 'identifier' and the used relation were required to visualize these extra 
 +connections and schedule their related change jobs. The embedded scenario was updated to 
 +the version 7 syntax. An updated Relation definition for "RX_core_vlan" is required.
 +
 +</WRAP>
 +
 +=== IP Subnet Plans Layout ===
 +<WRAP indent>
 +Tweaked the layout for the IP subnet create forms a bit so that it's more clear where every option belongs. 
 +
 +</WRAP>
 +
 +=== Service type records multiselect ===
 +<WRAP indent>
 +Multiselect now works for the records of a service type. 
 +You can select multiple records using the shift-key. The edit form disappears, but you can delete mulitiple records at the same time using this. 
 +
 +</WRAP>
 +
 +=== IPv4 subnet range delete extra check ===
 +<WRAP indent>
 +Deleting an IPv4 plan now first checks whether there are any subnets using this plan. 
 +If there are: this will be displayed to the user as a warning. This way the user won'
 +have to go all the way back to the build menu to check. This also applies when deleting
 +IPv4 subnet ranges. 
 +
 +</WRAP>
 +
 +=== IPv6 subnet range grid columns ===
 +<WRAP indent>
 +Column names for IPv6 subnet ranges were rearranged to be more in line with IPv4
 +subnet ranges. 
 +
 +</WRAP>
 +
 +=== Customer logo ===
 +<WRAP indent>
 +Customers that want to include their corporate logo in the NetYCE application can do so using the
 +gui. In the "Admin - System - System status" tool, using the 'Full report' option, the section 
 +'Current license info' now includes to buttons that allow the system manager to upload a logo 
 +image file or restore the original NetYCE logo.
 +
 +It will be displayed in the upper left corner above the menu in a 118 by 30 pixel space. The
 +image will be downscaled to fit this size and should support a transparent background for best
 +effect. The preferred file format is '.png'.
 +</WRAP>
 +
 +=== IPv6 subnet range delete extra checks ===
 +<WRAP indent>
 +Deleting an IPv6 plan now first checks whether there are any subnets using this plan. 
 +If there are: this will be displayed to the user as a warning. This way the user won'
 +have to go all the way back to the build menu to check. This also applies when deleting
 +IPv6 subnet ranges. 
 +
 +</WRAP>
 +
 +
 +\\ 
 +<WRAP widths 60% box safety>
 +==== Change ====
 +</WRAP>
 +
 +=== Job tools selection simplification ===
 +<WRAP indent>
 +Most of the job tools require the user to make a number of selections before the job can be submitted
 +or an action is executed. This selection usually involves selecting a set of clients, then a set of
 +nodes, each time clicking an 'add' or 'next' button.
 +
 +To simplify this selection process, double-clicking is now added in many such places allowing
 +the user to select and 'add' or select and 'next' using but a single mouse action.
 +
 +</WRAP>
 +
 +=== Chrome mouse scroll behaviour ===
 +<WRAP indent>
 +For those users that access the NetYCE front-end using the Google Chrome browser a new feature
 +of that browser has been put to good use: overscroll. The normal behaviour is that when the top
 +or bottom of a scrolling object (e.g. data grid) is reached, the parent object (e.g. the page)
 +will then start scrolling. In many applications resulting in an annoying experience.
 +
 +With this feature in place, only the object where the mouse is currently pointing at will scroll.
 +So while scrolling a grid, the end of the grid will not result in the page scrolling. And while 
 +scrolling the page, the page keeps scrolling until the mouse enters the grid.
 +
 +Currently only the latest Chrome browser version (63) supports this feature. Firefox is expected to
 +follow in the upcoming releases.
 +
 +</WRAP>
 +
 +=== Vendor configuration items ===
 +<WRAP indent>
 +With a growing number of configuration items for Vendor-types in the Lookup we decided this
 +information was more efficently managed and retrieved using a dedicated database table.
 +
 +The 'Vendor_type' and other vendor related items in the 'Vendors' class were removed from
 +the Lookup and can now be accessed using the "Admin - Custom data" menu as the YCE table "Vendors".
 +Access requires 'system' level priveleges. 
 +
 +The Vendors table now includes setting for the file-transfer options for each vendor. The use
 +of these settings will gradually be implemented in each of the vendor-modules.
 +
 +</WRAP>
 +
 +
 +\\ 
 +<WRAP widths 60% box safety>
 +==== Fix ====
 +</WRAP>
 +
 +=== Long cyphers ===
 +<WRAP indent>
 +Recently the various password fields in the database were made significantly longer
 +allowing strings to be stored up to 200 characters. But since password fields are
 +generally sorted in encrypted format, some overhead is consumed limiting the unencrypted
 +length somewhat.
 +
 +The implementation of the database column encryption features of NetYCE are described
 +in the [[guides:reference:database:encryption|Encryption]] article.
 +
 +This implementation uses checksums to validate the encrypted string before attempting decryption.
 +As a consequence of the much longer encryption strings, the checksums also became longer,
 +which was not taken into account and caused strings of more than 63 characters to fail
 +unencryption.
 +
 +This situation has been corrected, providing transparent database encryption of sensitive 
 +information once more.
 +
 +</WRAP>
 +
 +=== Junos indentation ===
 +<WRAP indent>
 +Evaluating the commands in the Command job 'Evaluate' function now properly ignores
 +comments in the indentation if they contain '{' or '}'
 +
 +</WRAP>
 +
 +=== Copy port-setup ===
 +<WRAP indent>
 +When migrating some existing forms to a newer technology shared files with other forms
 +were removed along with the obsolete. Unfortunately, one of these shared files was
 +not obsolete since is still being used in the Ports 'Copy' function where port configurations
 +can be copied from one switch to another.
 +
 +This broken functionality has been restored.
 +
 +</WRAP>
 +
 +=== Template function arguments ===
 +<WRAP indent>
 +The templates an use over 20 functions to perform dynamic calculations, conversions or formatting.
 +Most of these functions accept multiple arguments that are specific to to the function. A problem
 +was identified when using multiple arguments that where quoted but separated by commas as is 
 +mandatory, but also with spaces for readability.
 +
 +These extra spaces were parsed incorrectly and were concatenated with the arguments resulting in
 +incorrect (or none) output. The parsing of the function arguments has been reworded to prevent
 +these problems.
 +
 +</WRAP>
 +
 +=== Port_name correction ===
 +<WRAP indent>
 +When adding ports using the web GUI, some ports were assigned incorrect (internal) Port_names.
 +
 +If the slot was blank (no slot-id) and the port-type is one of the non-Sys ports, the port_name
 +would be set using the port-id without a padding '0'. So would a GigabitEthernet port be named
 +like 'Gi5' and not using the convention 'Gi05'. This behaviour was corrected.
 +
 +</WRAP>
 +
 +=== Node selection in tools ===
 +<WRAP indent>
 +An odd node selection issue with several operational tools would occurr when the client-code 
 +and the node-name were the same.
 +
 +In those cases the inclusion of the node-name would result in the list of select nodes to be
 +extended with the liar of nodes from the client with taht same name. Some nodes would be included
 +twice due to this issue.
 +
 +By separing the node selection by node name from the node selection by client-code could this issue
 +be resolved.
 +
 +</WRAP>
 +
 +=== Database auto-increment validation ===
 +<WRAP indent>
 +Due to a still unknown cause, one table could not accept additional data rows because the
 +maximum value of the autonumber function would be exceeded. Although the highest column
 +value that is assigned this autonumber was still at least a billion short of the maximum,
 +the internal table administration had somehow concluded it had reached the maximum. A simple
 +manual adjustment of the auto-increment value fixed the issue, but because the issue could not
 +be explained, a workaround is now implemented.
 +
 +The daily maintenance of log files and databases is extended with a function that validates
 +and corrects any table using an autonumber where the auto-increment value does not match the
 +maximum value of the column using the autonumber value.
 +
 +</WRAP>
 +
 +=== Unauthorized redirects ===
 +<WRAP indent>
 +Instead of being redirected to the login page when you visit a vmenu page you do not have access to, you simply see a message. 
 +
 +</WRAP>
 +
 +=== Custom attribute password ===
 +<WRAP indent>
 +Password custom attributes used to disappear when you clicked on them. Now, when you click on them they are visible. 
 +
 +</WRAP>
 +
 +=== Scenario empty string ===
 +<WRAP indent>
 +String replacement in scenarios now also works for variables containing an empty string.
 +
 +</WRAP>
 +
 +=== IE11 login ===
 +<WRAP indent>
 +Internet Explorer 11 in 'EDGE'-mode can be used with NetYCE but is not recommended. The performance
 +using IE is very poor compared with the Firefox and Chrome browsers. Other caveats concern the 
 +improper rendering of some elements weakening the user experience.
 +
 +Recent customer experiences however demonstrated that logging in using IE11 was not possible. 
 +This was caused by a slight difference in the request header. This situation is corrected.
 +</WRAP>
 +
 +=== Inverted Checkpoint's enabled / disabled state ===
 +<WRAP indent>
 +When developing the Checkpoint vendor module there was only a account provided which 
 +defaulted to bash mode, therefore the vendor module first disabled when it logged in 
 +to get to the 'clish' (default shell on Checkpoint devices). As it turns out this 
 +is not default behaviour because the norm is to log in in clish mode. The necessary 
 +changes are incorporated in the State_actions table and in the vendor module.
 +
 +</WRAP>
 +
 +=== checking for OS file presence in ios dir ===
 +<WRAP indent>
 +The path we use to check for the presence of a OS file in the ios dir was incorrect, this has been fixed.
 +
 +</WRAP>
 +
 +=== Daily database maintenance ===
 +<WRAP indent>
 +The NetYCE database uses several tables to collect logging information on the users' actions,
 +the API actions and the node configuration sessions. With high levels of mutations, these tables
 +grow quickly. A daily process ('log_maint') removes the oldest of each of these tables as per 
 +the settings in the Lookup.
 +
 +Some customers experienced problems with this maintenance where these tables became corrupted and
 +consequently interrupted the master/master replication. The underlying cause proved to be dependent 
 +on the table defragmentation that is part of the daily maintenance. Without table defragmentation
 +the removal of old records would not result in freeing disk space and so is deemed essentail.
 +
 +This table defragmentation is executed by a database command that proved very sensitive to a lack
 +of disk space and is and prone to corruption or even crashes. To alleviate these issues, the 
 +daily maintenance process has been reworked to consider each of these known issues and take 
 +appropriate action. It now also repeats the entire process up to three times to ensure the integrity 
 +of the database. Should spontaneous table corruption occurr (likely when disk space is low), this
 +same process will automatically attempt the repair.
 +
 +</WRAP>
 +
 +=== Job logs engineer permissions ===
 +<WRAP indent>
 +Engineers now have permissions to access the job logs form. 
 +
 +</WRAP>
 +
 +=== HTML files caching ===
 +<WRAP indent>
 +The NetYCE web front-end adoped the 'appcache' mechanism of controlling the browser cache in version 6.3.
 +The support of the appcache did not see the expected adoptation of this mechanism in other browsers,
 +but instead its support dwindeled away over time.
 +
 +In an earlier release we reverted back to include versioning information with some files to force
 +chache renewal. This behaviour has now been extended to other file types which should result in fewer
 +cases where chaching is preventing poper display or behaviour after a version update.
 +
 +</WRAP>
 +
 +=== Node VRF Dropdown ===
 +<WRAP indent>
 +The new vrf dropdown in the node vrf form is now properly sorted.
 +</WRAP>
 +
  
maintenance/releases/7.0.3_20180215.txt · Last modified: 2019/12/23 16:11 by yspeerte