Limitations restrictions or behavior changes
While Vyatta NOS does support IKEv1, we strongly recommend that IKEv2 is used to avoid security vulnerabilities associated with IKEv1, such as reflector and Amplifier DoS attacks.
Prohibit MTU configuration of less than 1280 on interfaces with any associated IPv6 configuration.
In previous releases, the kernel would remove all IPv6 addresses and IPv6 kernel parameters if MTU was set below 1280 for an interface. It restored only the Link Local address and set parameters to their defaults if MTU was later set to 1280 or above. This resulted in a mismatch between the configuration and operational state. To overcome this issue, a non-backwards compatible YANG change has been introduced which prohibits an MTU of less than 1280 being applied to interfaces with any IPv6 configuration. Similarly, if the MTU is already set below 1280, then this change in behavior also prohibits IPv6 addresses or IPv6 configuration being added to the interface.
SFP Syslog message change:
In previous releases, syslog messages related to SFPs being inserted or removed were quite high level but with the extended support around SFP management & control being added in this release, the syslog message has now evolved and it is worth pointing out this change, in case existing operations teams are monitoring these older messages.
vyatta-sfpd: SFP 12 has been plugged vyatta-sfpd: SFP 12 has been unplugged
vyatta-sfpd: dp0xe1: SFP FCLF8522P2BTL has been inserted vyatta-sfpd: dp0xe1: SFP FCLF8522P2BTL has been removed