Professional Documents
Culture Documents
0 Release Notes
Overview
ROX2 v2.4.0 is a Generally Available (GA) release of RuggedComs ROX operating system
software and introduces several new features as well as support for new hardware modules. This
second-generation operating system software is required by all models within the listed Siemens
Rugged product family (RX5000/MX5000/RX1500/RX1501/RX1510/RX1511/RX1512).
RX5000/RX15xx models:
Build date:
Filename
File Size
Md5 Checksum
Image
Imagerr2.4.0.tar.bz2
96,424,087
bytes
47c7b312feb1bcccd7b2c6bad2505fa1
Upgrade
Archive
rr2.4.0.zip
101,013,144
bytes
50b9e9d8d1ce17f52eceba29fe5efb32
2013-02-05
17:03
User Guides
All user Guides are available from the RuggedCom Web site at www.ruggedcom.com. Refer to the
Rugged Operating system on LinuX v2.4.0 User Guide with this release.
New Feature
Products:
RX5000, MX5000
ID:
5208
The RX5000 adds two 88Gbps Switch-Modules to the SM family. Both modules provide four lanes of
gigabit bandwidth (4 Gbps total) to each of the 6 slots on the RX5000. Additionally the SM69 provides
two local / uplink 10G SFP+ Ethernet ports on the front-panel (20 Gbps total) while the SM61 does not
provide any uplink ports. Both modules now add support for Layer 3 (IP) switching in this release.
New Feature
Products:
ID:
3627, 5385
New Feature
Products:
ID:
5568, 6095
ROX2 adds support on the RX15xx platform for Bypass Relay functionality for the M12 Line-modules.
The M12 connector type is designed explicitly to satisfy requirements within the Railway industry.
Support for new Power Modules (PM) with Active Load Balancing
Type:
New Feature
Products:
ID:
5582
ROX2 Power Management has been extended to better support the Power-supply Modules with
Active Load Balancing facilities.
New Feature
Products:
ID:
4020
ROX2 now has support for the following password complexity configuration values:
minimum-length
maximum-length
special-characters-required
upper-case required
lower-case required
digits required
Enhancement
Products:
ID:
5569, 6279
The ROX2 restore-factory-default command now supports the following optional parameters:
delete-logs
default-both-partitions
delete-saved-configurations
shutdown
New Feature
Products:
ID:
5572
ROX2 now supports ICMP redirection controls with the following options:
New Feature
Products:
ID:
5873
ROX2 now supports field-installation of Add-on applications that are compatible with ROX.
New Feature
Products:
ID:
4545, 5873
ROX2 has introduced a framework to support the future installation and configuration of the
RuggedCom CrossBow SAC application. This feature will be demonstrated when a future release of
the ROX2 compliant CrossBow SAC becomes available.
New Feature
Products:
ID:
4552
ROX2 has introduced a framework to support the future installation and configuration of the
RuggedCom eLAN server application. This feature will be demonstrated when a future release of the
ROX2 compliant eLAN server becomes available.
New Feature
Products:
ID:
Link Up/Down Alarms/Traps for fe-cm-1, fe-em-1, WAN Interfaces, and Cellmodem Interfaces
New Feature
Products:
ID:
4597, 5936
ROX2 now stores the PKI Keys and Certificates used by IPSec, eLAN, and Crossbow applications
within configuration store. Private Keys are encrypted using AES-CFB128 for added security.
Enhancement
Products:
ID:
2406
The ROX2 command for setting device time is now more user friendly.
Enhancement
Products:
ID:
2805
ROX2 now supports the configuration of the User Authentication method for either Local Only or
RADIUS then Local operation.
New Feature
Products:
ID:
4905, 4918
ROX2 now supports Layer 3 MPLS forwarding and the creation of static LSPs.
Enhancement
Products:
ID:
5410
ROX2 has a new BGP neighbor configuration value called update-source. It is needed whenever the
dummy0 IP address is used as the neighbor IP address on both BGP peers.
Enhancement
Products:
ID:
6282
The ROX2 IPSec configuration now includes the ability to configure the IKE lifetime. This extension
improves interoperability with Siemens Scalance devices.
Enhancement
Products:
ID:
5275
The ROX2 IPSec support now includes the ability to configure the ID_DER_ASN1_DN for the IPSec
left/right ID values.
Enhancement
Products:
ID:
4911
The ROX2 L2TP support for Windows 7 clients has been improved for the case where the client is
Enhancement
Products:
ID:
5635
The ROX2 Layer 2 Tunnel feature now includes the option to replace the sender's MAC Address.
New Feature
Products:
ID:
3566
ROX 2 now supports a simple way to configure switching Ethernet ports to operate in a routed port
mode. This routed port mode isolates the IP traffic on that port from other switched IP traffic. By
default all switched Ethernet ports are in switchport Mode.
Enhancement
Products:
ID:
3593
ROX 2 now displays the media type information for SFP plug-ins.
Enhancement
Products:
ID:
4083,3584
ROX 2 now supports up to 6 wildcard entries ('*') for the lower order values as part of Static MAC
configuration.
New Feature
Products:
ID:
5571
The ROX2 Serial server now supports a Raw Socket UDP Transport option.
New Feature
Products:
ID:
4563
Enhancement
Products:
ID:
5694,4538
The ROX2 Serial server now supports the use of IPv6 Addresses. The Serial server has improved log
messages whenever encountering error conditions.
Enhancement
Products:
ID:
4532
The ROX2 Serial Server now supports the updating of DNP Device Address Tables.
Enhancement
Products:
ID:
4384
The ROX2 Serial server's performance has been optimized to improve its efficiency while supporting a
large number of serial ports.
New Feature
Products:
ID:
5405
ROX2 now supports the display of additional T1/E1 Statistics. These new fields include reliability,
create-time, last-status-change, txload, and rxload counters.
Security
Products:
ID:
5570
ROX2 now supports optional password protection for accessing the Build-In-Self-test (BIST) mode
available via the local console when the device is rebooted. The password required for an
administrator role user to access the maint-login shell (a.k.a. the Linux 'root' user password) can also
be changed. The commands set-boot-password and set-maint-password can be found under
admin authentication.
Security
Products:
ID:
5955
ROX2 now provides users the option to disable automatic redirection of HTTP connection requests to
the HTTPS interface. This option was added to allow users to no longer listen on port 80.
Security
Products:
ID:
5689
Previous versions of ROX2 all shipped with a common set of credentials (private keys/certificates for
SSH and HTTPS). Now all ROX2 devices ship with factory generated uniquely credentials. Customers
may also refresh these credentials using a special script stored under the maint-login access
(Maintenance Shell).
Web API allowed users to execute commands above their privilege level
Type:
Security
Products:
ID:
5348
Previous versions of ROX2 were vulnerable to Javascript Hacking. By manipulating the WebUI
javascript a remote, authenticated user could execute commands that exceeded their privilege level.
This problem has been fixed.
Security
Products:
ID:
4803
Previous versions of ROX2 were vulnerable to a form of Denial of Service attack known as SYN
Flooding. This has been corrected.
Security
Products:
ID:
5644
Previous versions of ROX2 always left port 111 (rpcbind) in an open state. Now this port is only open
whenever the L2TP service has been configured.
Critical
Products:
ID:
5623
Previous versions of ROX2 could crash, if the DHCP Server and the DHCP Relay services were both
configured on the same device. This has been corrected.
Critical
Products:
ID:
5814
Previous versions of ROX2 could crash if two cell modems were used simultaneously. This has been
corrected.
Critical
Products:
ID:
5814
Previous versions of ROX2 could exhibit indefinite rebooting when the Real-Time-Clock (RTC) time
was in an invalid state. This might occur if the RTC time exceeds the capacity of the 32-bit unix
storage class. This has been corrected.
10
Major
Products:
ID:
6057
Previous versions of ROX2 could raise Switch Internal Configuration Alarms unexpectedly. This has
been corrected.
Major
Products:
ID:
5919
Several 64-bit counters in the IF-MIB always return zero for the following interface types: cellular,
serial, route-only Ethernet, and virtual switch. This has been fixed.
Major
Products:
ID:
5764
Previous versions of ROX2 allowed invalid interface names to be configured under the Traffic Control
(QoS) feature. This has been corrected.
Major
Products:
ID:
2261
Previous versions of ROX2 did not display learned MAC address values in the Static MAC Table. This
has been corrected.
Major
Products:
ID:
5817
Previous versions of ROX2 did not support the automatic clearing of conditional alarms. This feature
has been added (see the new auto-clear toggle under alarm configuration).
11
Major
Products:
ID:
5424
Previous versions of ROX2 could boot in a bad state recognized as identified by unexpected LED
flashing on the fe-cm-1 and fe-em-1 ports. Data packets being forwarded through these interfaces
may also be dropped in this state. This has been corrected.
One out of 32 channels is down after enable PPP over max E1 channels
Type:
Major
Products:
ID:
5958
Previous versions of ROX2 were unable to use all 32 E1 channels after PPP service was enabled.
This has been corrected.
Save/load commands may fail on some variants of the RX15xx if they have
conformal coated parts on the CM
Type:
Major
Products:
ID:
5611
Previous versions of ROX2 on RX15xx devices may be unable to reload their configuration if they
have conformal coated sub-assemblies. This has been corrected.
Major
Products:
ID:
5192
Previous versions of ROX2 would not send IGMP queries out interfaces with dynamic multicast routing
enabled. This has been corrected.
Major
Products:
ID:
5404
Previous versions of ROX2 could drop MLPPP logical interfaces at high load. This has been corrected.
12
Major
Products:
ID:
5534
Previous versions of ROX2 could fail to apply a PVID change if the set of changes included the
configuration of the Forbidden Ports value. This has been corrected.
Major
Products:
ID:
5270
Previous versions of ROX2 could be left unable to configure the device without a reboot if NETCONF
is used to configure an empty interface name. This has been corrected.
Major
Products:
ID:
6163
Previous versions of ROX2 did not apply the cost on GRE tunnel configuration. This has been
corrected.
Major
Products:
ID:
6156
Previous versions of ROX2 did not delete GRE tunnels properly as part of a configuration change.
This has been corrected.
Major
Products:
ID:
6125
13
Major
Products:
ID:
5188
Previous versions of ROX2 had low MLPPP performance, especially while the device was heavily
loaded. This has been corrected.
Major
Products:
ID:
4270
Previous versions of ROX2 had a behavior whereby enabling on-demand on a T1/E1 interface of one
unit would not bring down the T1/E1 logical interface on both devices. This has been corrected.
Major
Products:
ID:
5775, 5333
In previous versions of ROX2, the command load-full-configuration did not work properly. One
reason for this is that there was a conflict between the CLI's built-in commands load and save and
the commands for load-full-configuration and save-full-configuration. To address this these
commands have been renamed to full-configuration-save[load]. In addition the load-fullconfiguration was not working correctly. This has been corrected.
Major
Products:
RX5000, MX5000
ID:
5607
Previous versions of ROX2 would show the Backplane Link as permanently down between the 88G
SM and the Serial LM. This has been corrected.
Major
14
ID:
5990
In previous versions of ROX2, the device may (rarely) get into a state where the Switch Interface
status stops updating and a series of syslog errors are displayed. This has been corrected.
Major
Products:
ID:
5757
In previous versions of ROX2, the device would not generate a Cold Start SNMP trap after rebooting
the device. This has been corrected.
Major
Products:
ID:
5464
In previous versions of ROX2, committing any configuring or enabling SNMP in config exclusive
mode reports "Aborted: access denied". This has been corrected.
High CPU usage when certain clients attempt connection over HTTPS
Type:
Major
Products:
ID:
4981
In previous versions of ROX2, the CPU usage statistic could spike when certain Web Browser clients
(e.g. Chrome, w3m, and to a lesser extent Opera) would connect to the device's HTTPS Web
Interface. This has been corrected.
Major
Products:
ID:
5664
In previous versions of ROX2, an "Application error" occurred when configuring a "default" IPSec
connection. This has been corrected.
15
Major
Products:
ID:
5733
In previous versions of ROX2, changing the Serial VLAN/Internal VLAN Range-End does not work
correctly. This has been corrected.
Major
Products:
ID:
5680
In previous versions of ROX2, disabling the serial LM would generate many unregister_netdevice
messages in the CLI/syslog and disabling the internal-vlan field would freeze the WebUI. These
issues have been corrected.
Major
Products:
ID:
6114
In previous versions of ROX2, the Log partitioning can fail in a way that the log rotation cannot correct.
This has been corrected.
Major
Products:
ID:
3442
In previous versions of ROX2, the device stops forwarding traffic on the T1/E1 link when the link traffic
exceeds the link capacity. This has been corrected.
Major
Products:
ID:
5989
In previous versions of ROX2, the IP address configuration does not take effect when the fourth digit
of the T1 PPP peer address is larger than 100. This has been corrected.
16
Major
Products:
ID:
5942
Major
Products:
ID:
5991
In previous ROX2 versions, ICMP, IGMP, and GRE packets are not dropped by firewall under certain
scenarios due to unexpected interaction with the L3 switching subsystem. The Layer 3 Switching
should only learn TCP and UDP flows for hardware acceleration. This has been corrected.
Major
Products:
ID:
5610
In previous ROX2 versions, loading a configuration file may fail after an upgrade on the device
whenever a 2x port SFP line module exists. This has been corrected.
Major
Products:
ID:
6198
In previous ROX2 versions, the OSPF dynamic routing service may (rarely) crash and report an
assertion failure. This has been corrected.
Major
Products:
ID:
5666
17
Major
Products:
ID:
5022
In previous ROX2 versions, it was possible for a network loop to occur during a RSTP topology
change event, when the topology is a mesh. This has been corrected.
Major
Products:
ID:
5885
In previous ROX2 versions, the MSTP Region configuration was not applied after reboot. This has
been corrected.
Major
Products:
ID:
5310
Heavily fragmented traffic flows may be dropped whenever traffic is hardware-accelerated and the
default Layer 3 switching configuration is used. The Users Guide has been updated to clarify this.
Major
Products:
RX5000, MX5000
ID:
5922
In previous ROX2 versions, the device erroneously reports MOV and Power Supply failure alarms
from time to time. This has been corrected.
Major
Products:
ID:
6001
18
Major
Products:
ID:
4050
In previous ROX2 versions, the routing protocol advertises host routes to self. This has been
corrected.
An internal configuration alarm is raised when all static MACs are removed
Type:
Major
Products:
ID:
3263
In previous ROX2 versions, an internal configuration alarm is raised whenever all static MACs are
removed before applying the 802.1X setting. This has been corrected.
Major
Products:
ID:
3418
In previous ROX2 versions, it was possible to crash the device by exposing it to heavy IP multicast
traffic streams directed at random UDP ports. This has been corrected.
Major
Products:
ID:
4431
On ROX2 versions, disabling the CLI sessions via configuration will restrict SSH access to the
device. It will also disconnect any existing user access from the device console. This has been made
clear in the User Guide.
Major
Products:
RX5000, MX5000
ID:
6112
In previous ROX2 versions, a device with the 88G SM could report PM output voltage exceeds upper
Vout limit in some configurations. This has been corrected.
19
Minor
Products:
ID:
6181
In previous ROX2 versions, a duplicate OSPF neighbour is displayed on the VRP master when the
Virtual MAC option was selected. This has been corrected.
Minor
Products:
ID:
6094
In previous ROX2 versions, the firewall rules allowed the specification of the Any and Related
keywords when they were not appropriate. This has been corrected.
Minor
Products:
ID:
6083
In previous ROX2 versions, SNMP polling of the ifTable object could result in the flooding of the syslog
with error messages. This has been corrected.
Unit replies with SNMP general failure when polling certain MIB objects
using SNMP get and get-next operations
Type:
Minor
Products:
ID:
6010
In previous ROX2 versions, SNMP general failure errors would occur when using get and get-next
operations. This has been corrected
Minor
Products:
ID:
5662
20
Minor
Products:
ID:
5654
In previous ROX2 versions, certain error messages are periodically being logged to the auth-log at 5
minute intervals. This has been corrected
Minor
Products:
ID:
5522
In previous ROX2 versions, The Ethernet port alarm and Link up/down (in Alarms Table) configuration
do not control alarm events properly. This has been corrected
21
Major
Products:
ID:
3611
The full hot-swap functionality for line modules is not part of the ROX 2.4 release. For this release,
only the Power-supply Module (PM) and the Serial LM's are hot-swappable.
Minor
RX1500, RX1501, RX1510, RX1511, RX1512
6465
After an upgrade from previous versions to ROX 2.4, some Cell Modems will reboot into the disabled
state. The Cell Modem interfaces can be re-enabled through any configuration interface.
Major
Products:
ID:
2551
If an LM is manually disabled while operational, this configuration change will be applied on the next
boot. This limitation will be in place until full Hot Swap support is available for Ethernet LMs.
22
ruggedcom# config
2.
You will then be prompted to enter the URL of your upgrade server as well as the target release
version (url below is an example):
The upgrade process will then proceed through three distinct phases: transferring the file-system
to the alternate partition, downloading all updated and new packages and installing the
packages to the alternate partition:
23
---- File Transfer Phase: 301611585 bytes, 6353 files ---progress: 100%
File transfer phase complete.
Starting download of packages...
---- Package Download Phase ---progress: 100%
Download phase complete.
Installing packages...
---- Package Install phase ---progress: 100%
Package installation complete.
Upgrade to partition 2 completed successfully.
A reboot is required to run the upgraded partition.
ruggedcom(config)#
5.
24
25
Type of Changes
Each change to the software is categorized according to the table below which provides guidance as to
whether the change justifies upgrading. As well, each change lists an internal RuggedCom change
number.
Change Type
Description
Critical
Critical changes fix problems that prevent the basic operation of the device and have
no workaround. Any critical changes merit a device upgrade under all
circumstances.
Major
Major changes fix problems that prevent the basic operation of the device but do
have a workaround. Any major changes merit a device upgrade if the workaround is
not acceptable.
New Feature
New features add significant new capability to the device. Such changes may
change the basic operation of the device, the user interface, and how the device is
configured. New features only merit a device upgrade if the feature is required.
Enhancement
Minor
Minor changes fix non-vital problems that may or may not have a workaround.
Minor changes do not necessarily merit a device upgrade unless the specific
problem applies.
Cosmetic
Cosmetic changes have negligible impact on device operation and include such
updates as spelling mistakes, user interface adjustments, and help text
improvements. Cosmetic changes rarely merit a device upgrade.
Security
26
Contacting RuggedCom
For further information on this release or technical support of any nature, please contact RuggedCom at
the locations below:
Corporate headquarters
US Corporate Headquarters
Technical Support
RuggedCom Inc,
300 AppleWood Cres., Unit #1
Concord, Ontario, Canada
L4K 5C7
RuggedCom
1930 Harrison St., Suite-307
Hollywood, Florida
USA, 33020
Toll-free:
Tel:
Fax:
1(888) 264-0006
(905) 856-5288
(905) 760-1995
Web:
Email:
http://www.ruggedcom.com
support@ruggedcom.com
27