Vyatta documentation

Learn how to install, configure, and operate the Vyatta Network Operating System (Vyatta NOS) and Orchestrator, which help drive our virtual networking and physical platforms portfolio.

Show Page Sections

Patch release notes 2110a

Vyatta NOS patch release notes 2110a.

Released January 12, 2022

Issues Resolved

Issues resolved in 2110a.

Issue number

Priority

Summary

VRVDR-56634

Blocker

PTP: Inconsistency in the support ranges on antenna-delay when cmd moved under GNSS, and no negative delays too

VRVDR-56598

Blocker

PTP: gnssd leaks file descriptors when updating the antenna delay

VRVDR-56254

Blocker

QoS fix for VRVDR-56203 results in dataplane cores due to function qos_sched_res_grp_update()

VRVDR-56609

Critical

Commit Rollback functionality is not functional in Azure

VRVDR-56209

Critical

PTP: GNSS APTS re-alarms are too frequent; should be hourly

VRVDR-56208

Critical

PTP: unable to stay within end-to-end timing requirements during APTS failure when using G.8275.2

VRVDR-56263

Critical

I2C bus lock and bad SFP

VRVDR-56238

Critical

PTP: Intermittently APTS profile does not lock to GPS following SIAD power cycle

VRVDR-56203

Critical

SIAD QoS on Bonding interface "show policy QoS" statistics intermittently blank

VRVDR-56188

Critical

bgpd dumps core when setting password for peer group

VRVDR-56134

Critical

IPsec Scale : SPD entry inconsistent with no.of tunn conns across scaled tests

VRVDR-56127

Critical

PTP: IPv6 session cannot be established successfully to BC

VRVDR-56119

Critical

PTP: Intermittently "show gnss" does not return

VRVDR-55860

Critical

PTP: SIAD intermittently (once every 3 minutes) sends DELAY_REQ with bad UDP checksum

VRVDR-51539

Critical

Repeated FAL BCM "L3 Interface" for VSI 0 Syslog

VRVDR-56420

Major

PTP: change IDT servo to write debug timestamps to a separate file

VRVDR-56386

Major

Config validation rule changes result in SIAD boot up with no config during upgrade scenario

VRVDR-56299

Major

Need a way to prevent i2c bus hangs after MUX resets interrupt a transaction

VRVDR-56222

Major

KVM qcow2 appliance: default DHCP enabled interface fails due to being configured on nonexistent interface

VRVDR-56106

Major

Multicast traffic punted to CPU after EVC failure or recovery

VRVDR-56095

Major

Vyatta /system/hardware/sensor terminates abnormally when out of range data is processed

VRVDR-56039

Major

PTP: failed to log 'GNSS 0: antenna status has changed to OK'

VRVDR-56036

Major

PTP: show gnss returns KeyError: 'state'

VRVDR-56026

Major

Missing .json files reported during booting

VRVDR-55735

Major

Add operational state data model to SFP permit list related commands

VRVDR-55733

Major

'EEPROM- Status' field missing from show interface dataplane physical

VRVDR-55570

Major

BGP is not selecting IGP for path selection and using ROUTER-ID

VRVDR-49650

Major

Interface L1 state not correctly propagated to kernel

VRVDR-47554

Major

Validate gre tunnel transport local-ip

VRVDR-47352

Major

mcast: deleted mroutes are repopulated when dataplane restarts

VRVDR-56218

Minor

PTP: attVrouterPtpGNSSFailure is specific to GNSS, should be APTSFailure

VRVDR-56204

Minor

PTP: SIAD has some inherent propagation delay

VRVDR-56560

Minor

gnss: use UBX-NAV-SAT to get visible satellites

VRVDR-56216

Trivial

survey-precision should be unknown or n/a if there have been no surveys

Security vulnerabilities resolved

Security vulnerabilities resolved in 2110a.

Note: When multiple CVE numbers are addressed in a single update, the highest CVSS score is listed.

Issue number

CVSS score

Advisory

Summary

VRVDR-56706

7.5

DSA-5019-1

CVE-2021-22207, CVE-2021-22222, CVE-2021-22235, CVE-2021-39920, CVE-2021-39921, CVE-2021-39922, CVE-2021-39923, CVE-2021-39924, CVE-2021-39925, CVE-2021-39926, CVE-2021-39928, CVE-2021-39929: Debian DSA-5019-1: wireshark – security update

VRVDR-56656

9.8

DSA-5016-1

CVE-2021-43527: Debian DSA-5016-1 : nss — security update

VRVDR-56624

5.5

DSA-5014-1

CVE-2020-21913: Debian DSA-5014-1 : icu — security update

VRVDR-56453

6.5

DSA-4997-1

CVE-2020-19143: Debian DSA-4997-1 : tiff — security update

VRVDR-56405

5.3

DSA-4994-1

CVE-2021-25219: Debian DSA-4994-1 : bind9 — security update

VRVDR-56315

7.5

DSA-4989-1

CVE-2021-41991: Debian DSA-4989-1: A denial-of-service vulnerability in the in-memory certificate cache was discovered in strongSwan

Antenna delay

The following command has been marked as deprecated in 2110a:
set service ptp instance <instance-number> antenna-delay <antenna-delay>
Antenna delay is now configured with the new command:
set service gnss instance [N] antenna-delay [0-25000]
The antenna delay is a number in nanoseconds. It defaults to 0 nanoseconds.

This command is typically used to compensate for the antenna cable length or processing delays associated with signal distribution networks. A typical calculation would be cable length × velocity factor of the cable = antenna-delay.

This command is preferred to the deprecated command, which only compensates PTP and not the entire timing subsystem, which includes PTP.