Rugged Operating System On Linux V2.4.0 Release Notes February 11, 2013

ROX2 v2.4.
0 Release Notes
Rugged Operating system on LinuX v2.4.0 Release Notes

February 11th, 2013
Copyright 2013 RuggedCom Inc.
Overview
ROX2 v2.4.0 is a Generally Available (GA) release of RuggedComs ROX operating system
software and introduces several new features as well as support for new hardware modules. This
second-generation operating system software is required by all models within the listed Siemens
Rugged product family (RX5000/MX5000/RX1500/RX1501/RX1510/RX1511/RX1512).
RX5000/RX15xx models:
Build date:
Filename
File Size
Md5 Checksum
Image
Imagerr2.4.0.tar.bz2
96,424,087
bytes
47c7b312feb1bcccd7b2c6bad2505fa1
Upgrade
Archive
rr2.4.0.zip
101,013,144
bytes
50b9e9d8d1ce17f52eceba29fe5efb32
2013-02-05
17:03
User Guides
All user Guides are available from the RuggedCom Web site at www.ruggedcom.com. Refer to the
Rugged Operating system on LinuX v2.4.0 User Guide with this release.
Last updated on: February 17, 2013
ROX2 v2.4.0 Release Notes

Changes in the v2.4.0 release (4966)
New hardware supported:
88 Gigabit Switch-Module (SM) adds IP/Layer3 support
Type:
New Feature
Products:
RX5000, MX5000
ID:
5208
The RX5000 adds two 88Gbps Switch-Modules to the SM family. Both modules provide four lanes of
gigabit bandwidth (4 Gbps total) to each of the 6 slots on the RX5000. Additionally the SM69 provides
two local / uplink 10G SFP+ Ethernet ports on the front-panel (20 Gbps total) while the SM61 does not
provide any uplink ports. Both modules now add support for Layer 3 (IP) switching in this release.
Hardware acceleration adds support for PIM operation

Type:
New Feature
Products:
RX5000, MX5000, RX1500, RX1501, RX1510, RX1511, RX1512
ID:
3627, 5385
ROX 2 adds hardware acceleration support for Protocol-Independent-Multicasting (PIM) dynamic

routing operation.
Support for Bypass Relay added on M12 LM

Type:
New Feature
Products:
RX1500, RX1501, RX1510, RX1511, RX1512
ID:
5568, 6095
ROX2 adds support on the RX15xx platform for Bypass Relay functionality for the M12 Line-modules.
The M12 connector type is designed explicitly to satisfy requirements within the Railway industry.
Support for new Power Modules (PM) with Active Load Balancing
Type:
New Feature
Products:
RX1500, RX1501, RX1510, RX1511, RX1512
ID:
5582
ROX2 Power Management has been extended to better support the Power-supply Modules with
Active Load Balancing facilities.
New Device Administration features:

Support for Password Complexity Checking
Type:
New Feature
Products:
RX5000, MX5000, RX1500, RX1501, RX1510, RX1511, RX1512
ID:
4020
ROX2 now has support for the following password complexity configuration values:
minimum-length
maximum-length
special-characters-required
upper-case required
lower-case required
digits required
New options for the Restore Factory Defaults command

Type:
Enhancement
Products:
RX5000, MX5000, RX1500, RX1501, RX1510, RX1511, RX1512
ID:
5569, 6279
The ROX2 restore-factory-default command now supports the following optional parameters:
delete-logs
default-both-partitions
delete-saved-configurations
shutdown
Support for ICMP Redirection Configuration

Type:
New Feature
Products:
RX5000, MX5000, RX1500, RX1501, RX1510, RX1511, RX1512
ID:
5572
ROX2 now supports ICMP redirection controls with the following options:
Ignore ICMP ALL
Ignore ICMP Broadcast
TCP Syn Cookies
Send ICMP Redirect

Support for Installation and Upgrading ROX Applications
Type:
New Feature
Products:
RX5000, MX5000, RX1500, RX1501, RX1510, RX1511, RX1512
ID:
5873
ROX2 now supports field-installation of Add-on applications that are compatible with ROX.
Framework support for (future) Crossbow SAC application

Type:
New Feature
Products:
RX5000, MX5000, RX1500, RX1501, RX1510, RX1511, RX1512
ID:
4545, 5873
ROX2 has introduced a framework to support the future installation and configuration of the
RuggedCom CrossBow SAC application. This feature will be demonstrated when a future release of
the ROX2 compliant CrossBow SAC becomes available.
Framework support for (future) eLAN server application

Type:
New Feature
Products:
RX5000, MX5000, RX1500, RX1501, RX1510, RX1511, RX1512
ID:
4552
ROX2 has introduced a framework to support the future installation and configuration of the
RuggedCom eLAN server application. This feature will be demonstrated when a future release of the
ROX2 compliant eLAN server becomes available.
New alarms and SNMP traps available

Type:
New Feature
Products:
RX5000, MX5000, RX1500, RX1501, RX1510, RX1511, RX1512
ID:
6004, 4580, 3834, 5916, 4787, 6038
ROX2 now has support for several new alarm types:
Link Up/Down Alarms/Traps for fe-cm-1, fe-em-1, WAN Interfaces, and Cellmodem Interfaces
RTC Battery Low Alarm
Module Type Mismatch Alarm/Trap
Crypto Certificate Expiry Alarm
DS1 Line Status Change Trap

New Certificate Management feature
Type:
New Feature
Products:
RX5000, MX5000, RX1500, RX1501, RX1510, RX1511, RX1512
ID:
4597, 5936
ROX2 now stores the PKI Keys and Certificates used by IPSec, eLAN, and Crossbow applications
within configuration store. Private Keys are encrypted using AES-CFB128 for added security.
Setting device time is now more user-friendly

Type:
Enhancement
Products:
RX5000, MX5000, RX1500, RX1501, RX1510, RX1511, RX1512
ID:
2406
The ROX2 command for setting device time is now more user friendly.
Configurable Login authentication method (Local and/or RADIUS)

Type:
Enhancement
Products:
RX5000, MX5000, RX1500, RX1501, RX1510, RX1511, RX1512
ID:
2805
ROX2 now supports the configuration of the User Authentication method for either Local Only or
RADIUS then Local operation.
New routing features:

Support for MPLS Label-Switched Paths
Type:
New Feature
Products:
RX5000, MX5000, RX1500, RX1501, RX1510, RX1511, RX1512
ID:
4905, 4918
ROX2 now supports Layer 3 MPLS forwarding and the creation of static LSPs.
New Update-Source Configuration Option for BGP

Type:
Enhancement
Products:
RX5000, MX5000, RX1500, RX1501, RX1510, RX1511, RX1512
ID:
5410
ROX2 has a new BGP neighbor configuration value called update-source. It is needed whenever the
dummy0 IP address is used as the neighbor IP address on both BGP peers.

New tunneling features:
IPSec supports configuration for IKE Lifetime
Type:
Enhancement
Products:
RX5000, MX5000, RX1500, RX1501, RX1510, RX1511, RX1512
ID:
6282
The ROX2 IPSec configuration now includes the ability to configure the IKE lifetime. This extension
improves interoperability with Siemens Scalance devices.
IPSEC now supports using ID_DER_ASN1_DN for left/right ID

Type:
Enhancement
Products:
RX5000, MX5000, RX1500, RX1501, RX1510, RX1511, RX1512
ID:
5275
The ROX2 IPSec support now includes the ability to configure the ID_DER_ASN1_DN for the IPSec
left/right ID values.
L2TP support for Windows 7 clients has been improved

Type:
Enhancement
Products:
RX5000, MX5000, RX1500, RX1501, RX1510, RX1511, RX1512
ID:
4911
The ROX2 L2TP support for Windows 7 clients has been improved for the case where the client is
using PSK with NAT-Traversal enabled.
L2Tunnel now supports replacing sender's MAC Address

Type:
Enhancement
Products:
RX5000, MX5000, RX1500, RX1501, RX1510, RX1511, RX1512
ID:
5635
The ROX2 Layer 2 Tunnel feature now includes the option to replace the sender's MAC Address.

New Ethernet features:
Support for switched Ethernet Routed mode port configuration
Type:
New Feature
Products:
RX5000, MX5000, RX1500, RX1501, RX1510, RX1511, RX1512
ID:
3566
ROX 2 now supports a simple way to configure switching Ethernet ports to operate in a routed port
mode. This routed port mode isolates the IP traffic on that port from other switched IP traffic. By
default all switched Ethernet ports are in switchport Mode.
SFP media Information is now available

Type:
Enhancement
Products:
RX5000, MX5000, RX1500, RX1501, RX1510, RX1511, RX1512
ID:
3593
ROX 2 now displays the media type information for SFP plug-ins.
Static MAC learning wildcard support

Type:
Enhancement
Products:
RX5000, MX5000, RX1500, RX1501, RX1510, RX1511, RX1512
ID:
4083,3584
ROX 2 now supports up to 6 wildcard entries ('*') for the lower order values as part of Static MAC
configuration.
New Serial features:

Support for Raw Socket UDP Transport via Serial Server
Type:
New Feature
Products:
RX5000, MX5000, RX1500, RX1501, RX1510, RX1511, RX1512
ID:
5571
The ROX2 Serial server now supports a Raw Socket UDP Transport option.
Support for hot-swap on the Serial LM

Type:
New Feature
Products:
RX5000, MX5000, RX1500, RX1501, RX1510, RX1511, RX1512
ID:
4563

ROX2 now supports the hot-swapping of Serial Line-modules. Note that for hot-swap of serial LM to
work fully, the replacement LM must be of the same type as the one being replaced.
Support for IPv6 addresses with Serial Server

Type:
Enhancement
Products:
RX5000, MX5000, RX1500, RX1501, RX1510, RX1511, RX1512
ID:
5694,4538
The ROX2 Serial server now supports the use of IPv6 Addresses. The Serial server has improved log
messages whenever encountering error conditions.
Support for updating of DNP device address tables

Type:
Enhancement
Products:
RX5000, MX5000, RX1500, RX1501, RX1510, RX1511, RX1512
ID:
4532
The ROX2 Serial Server now supports the updating of DNP Device Address Tables.
Serial server now more efficient

Type:
Enhancement
Products:
RX5000, MX5000, RX1500, RX1501, RX1510, RX1511, RX1512
ID:
4384
The ROX2 Serial server's performance has been optimized to improve its efficiency while supporting a
large number of serial ports.
New WAN features:

Extended T1/E1 Statistics
Type:
New Feature
Products:
RX1500, RX1501, RX1510, RX1511, RX1512
ID:
5405
ROX2 now supports the display of additional T1/E1 Statistics. These new fields include reliability,
create-time, last-status-change, txload, and rxload counters.

Bug fixes:
Added password configuration for the BIST and Maint-Login modes
Type:
Security
Products:
RX5000, MX5000, RX1500, RX1501, RX1510, RX1511, RX1512
ID:
5570
ROX2 now supports optional password protection for accessing the Build-In-Self-test (BIST) mode
available via the local console when the device is rebooted. The password required for an
administrator role user to access the maint-login shell (a.k.a. the Linux 'root' user password) can also
be changed. The commands set-boot-password and set-maint-password can be found under
admin authentication.
HTTP to HTTPS Redirection can now be disabled

Type:
Security
Products:
RX5000, MX5000, RX1500, RX1501, RX1510, RX1511, RX1512
ID:
5955
ROX2 now provides users the option to disable automatic redirection of HTTP connection requests to
the HTTPS interface. This option was added to allow users to no longer listen on port 80.
Authentication credentials used in SSH and HTTPS are static in ROX2

Type:
Security
Products:
RX5000, MX5000, RX1500, RX1501, RX1510, RX1511, RX1512
ID:
5689
Previous versions of ROX2 all shipped with a common set of credentials (private keys/certificates for
SSH and HTTPS). Now all ROX2 devices ship with factory generated uniquely credentials. Customers
may also refresh these credentials using a special script stored under the maint-login access
(Maintenance Shell).
Web API allowed users to execute commands above their privilege level
Type:
Security
Products:
RX5000, MX5000, RX1500, RX1501, RX1510, RX1511, RX1512
ID:
5348
Previous versions of ROX2 were vulnerable to Javascript Hacking. By manipulating the WebUI
javascript a remote, authenticated user could execute commands that exceeded their privilege level.
This problem has been fixed.

Device unmanageable during Denial of Service SYN attack
Type:
Security
Products:
RX5000, MX5000, RX1500, RX1501, RX1510, RX1511, RX1512
ID:
4803
Previous versions of ROX2 were vulnerable to a form of Denial of Service attack known as SYN
Flooding. This has been corrected.
Port 111 (rpcbind) is always open

Type:
Security
Products:
RX5000, MX5000, RX1500, RX1501, RX1510, RX1511, RX1512
ID:
5644
Previous versions of ROX2 always left port 111 (rpcbind) in an open state. Now this port is only open
whenever the L2TP service has been configured.
Crashes repeatedly on configuring DHCP server and relay

Type:
Critical
Products:
RX5000, MX5000, RX1500, RX1501, RX1510, RX1511, RX1512
ID:
5623
Previous versions of ROX2 could crash, if the DHCP Server and the DHCP Relay services were both
configured on the same device. This has been corrected.
Device with simultaneous dual-cell modem interface can cause kernel

exception
Type:
Critical
Products:
RX1500, RX1501, RX1510, RX1511, RX1512
ID:
5814
Previous versions of ROX2 could crash if two cell modems were used simultaneously. This has been
corrected.
CM reboots continuously when time is invalid

Type:
Critical
Products:
RX5000, MX5000, RX1500, RX1501, RX1510, RX1511, RX1512
ID:
5814
Previous versions of ROX2 could exhibit indefinite rebooting when the Real-Time-Clock (RTC) time
was in an invalid state. This might occur if the RTC time exceeds the capacity of the 32-bit unix
storage class. This has been corrected.
10

Unexpected Switch Internal Configuration Alarms/Errors
Type:
Major
Products:
RX5000, MX5000, RX1500, RX1501, RX1510, RX1511, RX1512
ID:
6057
Previous versions of ROX2 could raise Switch Internal Configuration Alarms unexpectedly. This has
been corrected.
High-count (64-bit) SNMP counters in IF-MIB are stuck at zero

Type:
Major
Products:
RX1500, RX1501, RX1510, RX1511, RX1512
ID:
5919
Several 64-bit counters in the IF-MIB always return zero for the following interface types: cellular,
serial, route-only Ethernet, and virtual switch. This has been fixed.
Traffic Control (qos) interface name allows incorrect values

Type:
Major
Products:
RX5000, MX5000, RX1500, RX1501, RX1510, RX1511, RX1512
ID:
5764
Previous versions of ROX2 allowed invalid interface names to be configured under the Traffic Control
(QoS) feature. This has been corrected.
Learned MAC address not shown in Static MAC table

Type:
Major
Products:
RX5000, MX5000, RX1500, RX1501, RX1510, RX1511, RX1512
ID:
2261
Previous versions of ROX2 did not display learned MAC address values in the Static MAC Table. This
has been corrected.
Link Alarm behavior is inconsistent with ROS

Type:
Major
Products:
RX5000, MX5000, RX1500, RX1501, RX1510, RX1511, RX1512
ID:
5817
Previous versions of ROX2 did not support the automatic clearing of conditional alarms. This feature
has been added (see the new auto-clear toggle under alarm configuration).
11

LEDs flash and packets dropped for fe-cm-1 and fe-em-1 ports
Type:
Major
Products:
RX5000, MX5000, RX1500, RX1501, RX1510, RX1511, RX1512
ID:
5424
Previous versions of ROX2 could boot in a bad state recognized as identified by unexpected LED
flashing on the fe-cm-1 and fe-em-1 ports. Data packets being forwarded through these interfaces
may also be dropped in this state. This has been corrected.
One out of 32 channels is down after enable PPP over max E1 channels
Type:
Major
Products:
RX1500, RX1501, RX1510, RX1511, RX1512
ID:
5958
Previous versions of ROX2 were unable to use all 32 E1 channels after PPP service was enabled.
This has been corrected.
Save/load commands may fail on some variants of the RX15xx if they have
conformal coated parts on the CM
Type:
Major
Products:
RX1500, RX1501, RX1510, RX1511, RX1512
ID:
5611
Previous versions of ROX2 on RX15xx devices may be unable to reload their configuration if they
have conformal coated sub-assemblies. This has been corrected.
No IGMP queries are sent out of dynamic multicast routing enabled

interfaces
Type:
Major
Products:
RX5000, MX5000, RX1500, RX1501, RX1510, RX1511, RX1512
ID:
5192
Previous versions of ROX2 would not send IGMP queries out interfaces with dynamic multicast routing
enabled. This has been corrected.
MLPPP logical interface lost under load

Type:
Major
Products:
RX1500, RX1501, RX1510, RX1511, RX1512
ID:
5404
Previous versions of ROX2 could drop MLPPP logical interfaces at high load. This has been corrected.
12

Changing PVID may not take effect if combined with manipulating
'Forbidden Ports" setting involving the port
Type:
Major
Products:
RX5000, MX5000, RX1500, RX1501, RX1510, RX1511, RX1512
ID:
5534
Previous versions of ROX2 could fail to apply a PVID change if the set of changes included the
configuration of the Forbidden Ports value. This has been corrected.
Configuring interface with name "" through NETCONF locks the

configuration database
Type:
Major
Products:
RX5000, MX5000, RX1500, RX1501, RX1510, RX1511, RX1512
ID:
5270
Previous versions of ROX2 could be left unable to configure the device without a reboot if NETCONF
is used to configure an empty interface name. This has been corrected.
Cost on GRE tunnel didn't take affect

Type:
Major
Products:
RX5000, MX5000, RX1500, RX1501, RX1510, RX1511, RX1512
ID:
6163
Previous versions of ROX2 did not apply the cost on GRE tunnel configuration. This has been
corrected.
GRE tunnel deletion didn't work properly

Type:
Major
Products:
RX5000, MX5000, RX1500, RX1501, RX1510, RX1511, RX1512
ID:
6156
Previous versions of ROX2 did not delete GRE tunnels properly as part of a configuration change.
Layer3 ARP config table may encounter corruption on system initialization

Type:
Major
Products:
RX5000, MX5000, RX1500, RX1501, RX1510, RX1511, RX1512
ID:
6125
13

Previous versions of ROX2 could create corruption in the Layer 3 ARP Configuration affecting the
Switch ASIC (data-plane) initialization File. This has been corrected.
Bad MLPPP performance, especially while device heavily loaded

Type:
Major
Products:
RX1500, RX1501, RX1510, RX1511, RX1512
ID:
5188
Previous versions of ROX2 had low MLPPP performance, especially while the device was heavily
loaded. This has been corrected.
Enabling on-demand on T1/E1 interface of one unit should bring down

the T1/E1 logical interface on both
Type:
Major
Products:
RX1500, RX1501, RX1510, RX1511, RX1512
ID:
4270
Previous versions of ROX2 had a behavior whereby enabling on-demand on a T1/E1 interface of one
unit would not bring down the T1/E1 logical interface on both devices. This has been corrected.
The CLI command full-configuration-load failures

Type:
Major
Products:
RX5000, MX5000, RX1500, RX1501, RX1510, RX1511, RX1512
ID:
5775, 5333
In previous versions of ROX2, the command load-full-configuration did not work properly. One
reason for this is that there was a conflict between the CLI's built-in commands load and save and
the commands for load-full-configuration and save-full-configuration. To address this these
commands have been renamed to full-configuration-save[load]. In addition the load-fullconfiguration was not working correctly. This has been corrected.
Backplane link is permanently down between 88G SM and Serial LM

Type:
Major
Products:
RX5000, MX5000
ID:
5607
Previous versions of ROX2 would show the Backplane Link as permanently down between the 88G
SM and the Serial LM. This has been corrected.
Switch Interface status stops updating and starts to log errors

Type:
Major
14

Products:
RX5000, MX5000, RX1500, RX1501, RX1510, RX1511, RX1512
ID:
5990
In previous versions of ROX2, the device may (rarely) get into a state where the Switch Interface
status stops updating and a series of syslog errors are displayed. This has been corrected.
Cold Start traps aren't generated after reboot

Type:
Major
Products:
RX5000, MX5000, RX1500, RX1501, RX1510, RX1511, RX1512
ID:
5757
In previous versions of ROX2, the device would not generate a Cold Start SNMP trap after rebooting
the device. This has been corrected.
Committing any configuring or enabling SNMP in exclusive mode reports

"Aborted: access denied"
Type:
Major
Products:
RX5000, MX5000, RX1500, RX1501, RX1510, RX1511, RX1512
ID:
5464
In previous versions of ROX2, committing any configuring or enabling SNMP in config exclusive
mode reports "Aborted: access denied". This has been corrected.
High CPU usage when certain clients attempt connection over HTTPS
Type:
Major
Products:
RX5000, MX5000, RX1500, RX1501, RX1510, RX1511, RX1512
ID:
4981
In previous versions of ROX2, the CPU usage statistic could spike when certain Web Browser clients
(e.g. Chrome, w3m, and to a lesser extent Opera) would connect to the device's HTTPS Web
Interface. This has been corrected.
"Application error" occurred when configuring "default" IPSec connection

Type:
Major
Products:
RX5000, MX5000, RX1500, RX1501, RX1510, RX1511, RX1512
ID:
5664
In previous versions of ROX2, an "Application error" occurred when configuring a "default" IPSec
connection. This has been corrected.
Modifying the Serial VLAN/Internal VLAN Range-End does not work

15

Type:
Major
Products:
RX5000, MX5000, RX1500, RX1501, RX1510, RX1511, RX1512
ID:
5733
In previous versions of ROX2, changing the Serial VLAN/Internal VLAN Range-End does not work
correctly. This has been corrected.
Disabling serial LM generates runaway messages in CLI/syslog and

Disabling internal-vlan stops the WebUI operation
Type:
Major
Products:
RX5000, MX5000, RX1500, RX1501, RX1510, RX1511, RX1512
ID:
5680
In previous versions of ROX2, disabling the serial LM would generate many unregister_netdevice
messages in the CLI/syslog and disabling the internal-vlan field would freeze the WebUI. These
issues have been corrected.
Log partition may fail

Type:
Major
Products:
RX5000, MX5000, RX1500, RX1501, RX1510, RX1511, RX1512
ID:
6114
In previous versions of ROX2, the Log partitioning can fail in a way that the log rotation cannot correct.
Device stops forwarding traffic on T1/E1 link when oversubscribed

Type:
Major
Products:
RX1500, RX1501, RX1510, RX1511, RX1512
ID:
3442
In previous versions of ROX2, the device stops forwarding traffic on the T1/E1 link when the link traffic
exceeds the link capacity. This has been corrected.
IP address configuration does not take effect

Type:
Major
Products:
RX1500, RX1501, RX1510, RX1511, RX1512
ID:
5989
In previous versions of ROX2, the IP address configuration does not take effect when the fourth digit
of the T1 PPP peer address is larger than 100. This has been corrected.
16

Cell modem PPP connection fails to re-establish
Type:
Major
Products:
RX1500, RX1501, RX1510, RX1511, RX1512
ID:
5942
In previous versions of ROX2, If a cell-modem's link flips continuously - approximately 15 times or

more - the PPP connection may fail to re-establish itself even after the signal has stabilized. A reboot
was required to get out of this state. This has been fixed.
ICMP, IGMP, and GRE packets are not dropped by firewall

Type:
Major
Products:
RX5000, MX5000, RX1500, RX1501, RX1510, RX1511, RX1512
ID:
5991
In previous ROX2 versions, ICMP, IGMP, and GRE packets are not dropped by firewall under certain
scenarios due to unexpected interaction with the L3 switching subsystem. The Layer 3 Switching
should only learn TCP and UDP flows for hardware acceleration. This has been corrected.
Loading configuration file fails after upgrade

Type:
Major
Products:
RX5000, MX5000, RX1500, RX1501, RX1510, RX1511, RX1512
ID:
5610
In previous ROX2 versions, loading a configuration file may fail after an upgrade on the device
whenever a 2x port SFP line module exists. This has been corrected.
OSPF crashes due to assertion failure

Type:
Major
Products:
RX5000, MX5000, RX1500, RX1501, RX1510, RX1511, RX1512
ID:
6198
In previous ROX2 versions, the OSPF dynamic routing service may (rarely) crash and report an
assertion failure. This has been corrected.
Incorrect message logged when invalid checksum

Type:
Major
Products:
RX5000, MX5000, RX1500, RX1501, RX1510, RX1511, RX1512
ID:
5666
17

In previous ROX2 versions, The message "MF:FrameRx. Could not get buffer for frame transmission"
is logged when receiving an IGMP Membership Report with an invalid checksum. This has been
corrected.
A network loop may occur during RSTP topology change

Type:
Major
Products:
RX5000, MX5000, RX1500, RX1501, RX1510, RX1511, RX1512
ID:
5022
In previous ROX2 versions, it was possible for a network loop to occur during a RSTP topology
change event, when the topology is a mesh. This has been corrected.
MSTP Region configuration not applied after reboot

Type:
Major
Products:
RX5000, MX5000, RX1500, RX1501, RX1510, RX1511, RX1512
ID:
5885
In previous ROX2 versions, the MSTP Region configuration was not applied after reboot. This has
been corrected.
Fragmented traffic flows may be dropped when hardware-accelerated

Type:
Major
Products:
RX5000, MX5000, RX1500, RX1501, RX1510, RX1511, RX1512
ID:
5310
Heavily fragmented traffic flows may be dropped whenever traffic is hardware-accelerated and the
default Layer 3 switching configuration is used. The Users Guide has been updated to clarify this.
Erroneously MOV and Power Supply failure alarms reported

Type:
Major
Products:
RX5000, MX5000
ID:
5922
In previous ROX2 versions, the device erroneously reports MOV and Power Supply failure alarms
from time to time. This has been corrected.
Cell Modem driver leaks memory on intermittent connections

Type:
Major
Products:
RX1500, RX1501, RX1510, RX1511, RX1512
ID:
6001
18

In previous ROX2 versions, each time a cell-modem interface loses its signal an estimated 1192 bytes
of memory are leaked by the operating system kernel. This has been fixed.
Routing protocol reflects WAN interface advertisement

Type:
Major
Products:
RX1500, RX1501, RX1510, RX1511, RX1512
ID:
4050
In previous ROX2 versions, the routing protocol advertises host routes to self. This has been
corrected.
An internal configuration alarm is raised when all static MACs are removed
Type:
Major
Products:
RX5000, MX5000, RX1500, RX1501, RX1510, RX1511, RX1512
ID:
3263
In previous ROX2 versions, an internal configuration alarm is raised whenever all static MACs are
removed before applying the 802.1X setting. This has been corrected.
Device vulnerable to heavy IP multicast stream with random ports

Type:
Major
Products:
RX5000, MX5000, RX1500, RX1501, RX1510, RX1511, RX1512
ID:
3418
In previous ROX2 versions, it was possible to crash the device by exposing it to heavy IP multicast
traffic streams directed at random UDP ports. This has been corrected.
Disabling CLI sessions disconnects the user from device console

Type:
Major
Products:
RX5000, MX5000, RX1500, RX1501, RX1510, RX1511, RX1512
ID:
4431
On ROX2 versions, disabling the CLI sessions via configuration will restrict SSH access to the
device. It will also disconnect any existing user access from the device console. This has been made
clear in the User Guide.
Unit with 88G SM could log false PM report

Type:
Major
Products:
RX5000, MX5000
ID:
6112
In previous ROX2 versions, a device with the 88G SM could report PM output voltage exceeds upper
Vout limit in some configurations. This has been corrected.
19

Duplicate OSPF neighbor is shown on the VRRP master
Type:
Minor
Products:
RX5000, MX5000, RX1500, RX1501, RX1510, RX1511, RX1512
ID:
6181
In previous ROX2 versions, a duplicate OSPF neighbour is displayed on the VRP master when the
Virtual MAC option was selected. This has been corrected.
Firewall rules checking is too lax

Type:
Minor
Products:
RX5000, MX5000, RX1500, RX1501, RX1510, RX1511, RX1512
ID:
6094
In previous ROX2 versions, the firewall rules allowed the specification of the Any and Related
keywords when they were not appropriate. This has been corrected.
SNMP polling of ifTable results in error syslog messages for fe-cm-1

Type:
Minor
Products:
RX5000, MX5000, RX1500, RX1501, RX1510, RX1511, RX1512
ID:
6083
In previous ROX2 versions, SNMP polling of the ifTable object could result in the flooding of the syslog
with error messages. This has been corrected.
Unit replies with SNMP general failure when polling certain MIB objects
using SNMP get and get-next operations
Type:
Minor
Products:
RX5000, MX5000, RX1500, RX1501, RX1510, RX1511, RX1512
ID:
6010
In previous ROX2 versions, SNMP general failure errors would occur when using get and get-next
operations. This has been corrected
Upgrade procedures are incomplete

Type:
Minor
Products:
RX5000, MX5000, RX1500, RX1501, RX1510, RX1511, RX1512
ID:
5662
20

In previous ROX2 versions, NTP packages were not upgraded from ROXv2.2.x to ROXv2.3.0, and
obsolete packages were not removed. This has been corrected.
Unexpected error messages are logged in auth-log

Type:
Minor
Products:
RX5000, MX5000, RX1500, RX1501, RX1510, RX1511, RX1512
ID:
5654
In previous ROX2 versions, certain error messages are periodically being logged to the auth-log at 5
minute intervals. This has been corrected
Alarm configurations are behave incorrectly

Type:
Minor
Products:
RX5000, MX5000, RX1500, RX1501, RX1510, RX1511, RX1512
ID:
5522
In previous ROX2 versions, The Ethernet port alarm and Link up/down (in Alarms Table) configuration
do not control alarm events properly. This has been corrected
21

Known Limitations
The following list describes functionality limitations which are known to exist within this software
release.
Only Power Supply Modules and Serial LM's are Hot-swappable

Type:
Major
Products:
RX5000, MX5000, RX1500, RX1501, RX1510, RX1511, RX1512
ID:
3611
The full hot-swap functionality for line modules is not part of the ROX 2.4 release. For this release,
only the Power-supply Module (PM) and the Serial LM's are hot-swappable.
Enabled HSPA+/CDMA Cell Modems become disabled after upgrade

Type:
Products:
ID:
Minor
RX1500, RX1501, RX1510, RX1511, RX1512
6465
After an upgrade from previous versions to ROX 2.4, some Cell Modems will reboot into the disabled
state. The Cell Modem interfaces can be re-enabled through any configuration interface.
Manually disabling an Ethernet LM is applied on next boot only

Type:
Major
Products:
RX5000, MX5000, RX1500, RX1501, RX1510, RX1511, RX1512
ID:
2551
If an LM is manually disabled while operational, this configuration change will be applied on the next
boot. This limitation will be in place until full Hot Swap support is available for Ethernet LMs.
22

ROX2 Upgrade instructions
Upgrading ROX2_using the RuggedCLI Wizard
ROX2 supports a dual-partition file-system offering storage redundancy and rollback features.
Software upgrades are always performed to the alternate partition in order not to disturb your current
running system context which will remain operational and intact during the upgrade progress. It should
be noted that the upgrade process may also be launched through the WWW and NETCONF interfaces.
Details on upgrading using these interfaces are available in the ROX 2.4.0 User Guide.
Follow the steps below to perform an upgrade from the RuggedCLI:
1.
From the RuggedCLI prompt enter configuration mode:
ruggedcom# config
2.
Launch the upgrade wizard with the following command:
ruggedcom(config)# wizard rox_upgrade

3.
You will then be prompted to enter the URL of your upgrade server as well as the target release
version (url below is an example):
The upgrade repository url is set to: http://10.200.17.235/release/rr2

Press <ENTER> to accept this or type a new address to change it:
http://10.200.17.235/rox2/releases/rr2
changing repository
The software release you are upgrading to is: rr2.4.0

Press <ENTER> to accept this or type a different version:
Warning:
You are about to commit changes to upgrade settings. If any other modifications to
the candidate database are pending, they will be committed too.
Continue?
(y/n): y
4.
The upgrade process will then proceed through three distinct phases: transferring the file-system
to the alternate partition, downloading all updated and new packages and installing the
packages to the alternate partition:
Checking for a more recent version of the upgrade system

Already running the most recent version of the upgrade system
********************************************************************
Launching ROXII Upgrade.......
Upgrading system to Partition 2

Estimating size of upgrade.
This may take a few minutes....
23

21 packages to install, 13220468 bytes to download
6353 files, 301611585 bytes will be coppied to Partition 2
Starting upgrade...
Preparing to transfer files to alternate partition.

minutes....
This may take a few
---- File Transfer Phase: 301611585 bytes, 6353 files ---progress: 100%
File transfer phase complete.
Starting download of packages...
---- Package Download Phase ---progress: 100%
Download phase complete.
Installing packages...
---- Package Install phase ---progress: 100%
Package installation complete.
Upgrade to partition 2 completed successfully.
A reboot is required to run the upgraded partition.
ruggedcom(config)#
5.
Reboot the system to boot the upgraded partition
ruggedcom(config)# admin reboot
24

ROX Firmware/User Guide Version Numbering System
The ROX software is labeled with a three digit version numbering system of the form X.Y.Z where
each digit is a number starting from zero. The 'X.Y digits together describe the functional version of
ROX whereas the Z digit represents firmware updates made within a specific functional version
series.
In this release, the X digit identifies the ROX series as being series 2 and therefore referring to
RuggedComs next-generation ROX II operating system support for the RuggedBackbone and
future products to be released. The Y digit identifies the major version number and is incremented for
a major functional updates of the software. The 'Z' digit represents the minor version number and is
incremented for minor software updates including bug fixes, cosmetic enhancements and other minor
issues.
ROX user-guide documentation will follow the same format. In general, a user guide will have the
same 'X.Y' digits as the firmware to which it corresponds.
25
Type of Changes
Each change to the software is categorized according to the table below which provides guidance as to
whether the change justifies upgrading. As well, each change lists an internal RuggedCom change
number.
Change Type
Description
Critical
Critical changes fix problems that prevent the basic operation of the device and have
no workaround. Any critical changes merit a device upgrade under all
circumstances.
Major
Major changes fix problems that prevent the basic operation of the device but do
have a workaround. Any major changes merit a device upgrade if the workaround is
not acceptable.
New Feature
New features add significant new capability to the device. Such changes may
change the basic operation of the device, the user interface, and how the device is
configured. New features only merit a device upgrade if the feature is required.
Enhancement
Enhancements improve existing device capability and do not significantly change

the basic operation of the device, the user interface, or how the device is configured.
Enhancements only merit a device upgrade if the feature is required.
Minor
Minor changes fix non-vital problems that may or may not have a workaround.
Minor changes do not necessarily merit a device upgrade unless the specific
problem applies.
Cosmetic
Cosmetic changes have negligible impact on device operation and include such
updates as spelling mistakes, user interface adjustments, and help text
improvements. Cosmetic changes rarely merit a device upgrade.
Security
Security changes usually do not have a discernible impact on normal device

operation other than to improve the units defensive response to known exploits
and vulnerabilities. This might include such updates as enhanced protection
against newly discovered denial-of-service (DOS) attacks. It is left entirely to the
customers discretion to decide whether or not a security change is appropriate to
merit a device upgrade.
26
Contacting RuggedCom
For further information on this release or technical support of any nature, please contact RuggedCom at
the locations below:
Corporate headquarters
US Corporate Headquarters
Technical Support
RuggedCom Inc,
300 AppleWood Cres., Unit #1
Concord, Ontario, Canada
L4K 5C7
RuggedCom
1930 Harrison St., Suite-307
Hollywood, Florida
USA, 33020
Toll Free: 1(866) 922-7975
Toll-free:
Tel:
Fax:
1(888) 264-0006
(905) 856-5288
(905) 760-1995
Tel: (954) 922-7975
Web:
Email:
http://www.ruggedcom.com
support@ruggedcom.com
27

Rugged Operating System On Linux V2.4.0 Release Notes February 11, 2013

Uploaded by

Document Information

Original Description:

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Rugged Operating System On Linux V2.4.0 Release Notes February 11, 2013

Uploaded by

Copyright:

Available Formats

ROX2 v2.4.

Rugged Operating system on LinuX v2.4.0 Release Notes

Last updated on: February 17, 2013

ROX2 v2.4.0 Release Notes

Hardware acceleration adds support for PIM operation

RX5000, MX5000, RX1500, RX1501, RX1510, RX1511, RX1512

ROX 2 adds hardware acceleration support for Protocol-Independent-Multicasting (PIM) dynamic

Support for Bypass Relay added on M12 LM

RX1500, RX1501, RX1510, RX1511, RX1512

RX1500, RX1501, RX1510, RX1511, RX1512

New Device Administration features:

Last updated on: February 17, 2013

ROX2 v2.4.0 Release Notes

RX5000, MX5000, RX1500, RX1501, RX1510, RX1511, RX1512

New options for the Restore Factory Defaults command

RX5000, MX5000, RX1500, RX1501, RX1510, RX1511, RX1512

Support for ICMP Redirection Configuration

RX5000, MX5000, RX1500, RX1501, RX1510, RX1511, RX1512

Ignore ICMP ALL

Ignore ICMP Broadcast

TCP Syn Cookies

Send ICMP Redirect

Last updated on: February 17, 2013

ROX2 v2.4.0 Release Notes

RX5000, MX5000, RX1500, RX1501, RX1510, RX1511, RX1512

Framework support for (future) Crossbow SAC application

RX5000, MX5000, RX1500, RX1501, RX1510, RX1511, RX1512

Framework support for (future) eLAN server application

RX5000, MX5000, RX1500, RX1501, RX1510, RX1511, RX1512

New alarms and SNMP traps available

RX5000, MX5000, RX1500, RX1501, RX1510, RX1511, RX1512

6004, 4580, 3834, 5916, 4787, 6038

ROX2 now has support for several new alarm types:

RTC Battery Low Alarm

Module Type Mismatch Alarm/Trap

Crypto Certificate Expiry Alarm

DS1 Line Status Change Trap

Last updated on: February 17, 2013

ROX2 v2.4.0 Release Notes

RX5000, MX5000, RX1500, RX1501, RX1510, RX1511, RX1512

Setting device time is now more user-friendly

RX5000, MX5000, RX1500, RX1501, RX1510, RX1511, RX1512

Configurable Login authentication method (Local and/or RADIUS)

RX5000, MX5000, RX1500, RX1501, RX1510, RX1511, RX1512

New routing features:

RX5000, MX5000, RX1500, RX1501, RX1510, RX1511, RX1512

New Update-Source Configuration Option for BGP

RX5000, MX5000, RX1500, RX1501, RX1510, RX1511, RX1512

Last updated on: February 17, 2013

ROX2 v2.4.0 Release Notes

RX5000, MX5000, RX1500, RX1501, RX1510, RX1511, RX1512

IPSEC now supports using ID_DER_ASN1_DN for left/right ID

RX5000, MX5000, RX1500, RX1501, RX1510, RX1511, RX1512

L2TP support for Windows 7 clients has been improved

RX5000, MX5000, RX1500, RX1501, RX1510, RX1511, RX1512

using PSK with NAT-Traversal enabled.

L2Tunnel now supports replacing sender's MAC Address

RX5000, MX5000, RX1500, RX1501, RX1510, RX1511, RX1512

Last updated on: February 17, 2013

ROX2 v2.4.0 Release Notes

RX5000, MX5000, RX1500, RX1501, RX1510, RX1511, RX1512

SFP media Information is now available