Known Issues - SD-WAN Edge
This table lists the known issues in version 8.2.0.0.0
| ID | Description | Severity | Found In |
|---|---|---|---|
| 30792564 | A service impacting memory dump may happen when dynamic conduit between two sites is enabled and a config change happens where auto-path group has different DSCP value than the previous config file. | 2 | 8.2.1.0.0 |
| 30781290 | A service impacting memory dump may happen on the D6000 platform during a reboot or disable/enable of services. | 3 | 8.2.1.0.0 |
| 30654905 | A service impacting memory dump may happen due to MySQL corruption during reboot. | 2 | 8.2.1.0.0 |
| 30817956 | When Dynamic conduit is enabled with HA enabled on client, and IPSec on the Conduit between client and NCN, dynamic conduit paths may disappear. | 2 | 8.2.1.0.0 |
| 30835202 | In the virtual environment, when Path MTU is updated in sites -> WANlinks for 1 site, it automatically gets applied for all the WANlinks for the whole network. | 2 | 8.2.1.0.0 |
| 30850275 | OS swap from OS_7.0.0.0.0_GA_11122019 to OS 5.1 may fail for Virtual appliance (KVM). | 3 | 8.2.1.0.0 |
Resolved Issues
The following issues have been fixed in this release.
| ID | Description | Found In | Fixed In |
|---|---|---|---|
| 30701124 | A service impacting memory dump may happen when a configuration is uploaded that has dynamic NAT policy configured for Intranet service utilizing multiple MPLS Queues in a primary, secondary configuration. | 8.2.0.0.0 | 8.2.1.0.0 |
| 30777788 | If the total WAN links available to a Conduit exceed 4Gbps, the Link Share value will wrap, resulting in a low Upper Limit provisioning. | 8.2.0.0.0 | 8.2.1.0.0 |
| 30292834 | When stopping a VT800 VM in Hyper-V environment, it might get stuck in the Stopping (0%) state. Workaround: reboot the host machine. | NA | 8.2.0.1.0 |
| 30340596 |
Adding whitelisted management interfaces in with the Configure --> Local Network Settings --> Management Interface Whitelist option does not work. Workaround: Add whitelisted management interfaces with the CLI:
|
SD-WAN OS7.0 | 8.2.0.1.0 |
| 30361515 |
When SSHing into Oracle SD-WAN Edge 8.2 running on OS7 with a RADIUS or TACACS+ username, users are incorrectly prompted to enter the "talariuser" password in the CLI and shell. Workaround: Log in as a local user or use the web console for SD-WAN Edge administration. |
8.2.0.0.0 | 8.2.0.1.0 |
| 30214096 | The functionality of "Autonegotiate" checkbox in "Ethernet Interface Settings" is automatically changing the Speed and Duplex to 1000Mb/s and Full respectively for a particular mac address. | NA | 8.2.0.0.0 |
| 30214104 | T5200 CPU profile optimizations as well as general packet scheduler enhancements have been made to significantly improve performance and stability during heavy load across large networks. | NA | 8.2.0.0.0 |
| 30214110 | Help text referencing "Classification:" is updated | NA | 8.2.0.0.0 |
| 30214176 | User-defined application which includes DSCP tag as a match criteria. This fix address the scenario if the DSCP value differs with in a flow, then the correct application match should happen based on the new DSCP value, instead of always matching the old DSCP value. | NA | 8.2.0.0.0 |
| 30214328 | From web UI, stats for rule, the WAN egress kbps may show number bigger than actual throughput. No impact to other functions. | NA | 8.2.0.0.0 |
| 30038195 | Internet/intranet traffic may not be able to fully use the bandwidth available when its fair share is set relatively low compared to conduit service on the WAN link with high bandwidth. | 8.1.0.1.0 | 8.2.0.0.0 |
| 30214140 | When using ZTP to bring up the secondary site with a package size greater than max file upload and post size , ZTP Web UI continuously appears to upload the package. Secondary site never receives the package. | NA | 8.2.0.0.0 |
| 30214128 | When doing config update to remove internet/intranet service and its corresponding NAT rule with port forwarding, it may cause service impacting memory dump. | NA | 8.2.0.0.0 |
| 30203564 | The count of Application Live Sessions may be off after reducing the number of application match. | NA | 8.2.0.0.0 |
| 30141581 | Multiple config changes localized in rules and classes may result in rules not getting applied. | NA | 8.2.0.0.0 |
Customer Build Notes
The following table reflects bugs fixed through the latest release.
Table 4-1 Customer Build Notes for 8.2p1
| Bug ID | Description |
|---|---|
| 30715656 | Refresh option in flow page was redirecting to home page. |
| 3062867 | On a D2000 or D6000 running release 8.2.0.0.0 and OS 7.0, setting the management IP from the ILOM management console can fail when the management port is connected to a live network. There is no reliable workaround, but updating the management port with the management port cable disconnected can get the IP address set on the management port, then when finished re-connect the management port cable. |
| 30620337 | If there are different VLAN¿s set on WAN and LAN ports under ¿Interface Groups¿ and the field ¿Access Interface Failover¿ is not checked under ¿Internet/Intranet¿ section, then the user is not shown any warning with appropriate message to alert him/her regarding VLAN mismatch and recommend the user to enable ¿Access Interface Failover¿ (Internet/Intranet service). |
| 30620119 | The instructions for filtering flows by DSCP tag on the Monitor > Flows page are incorrect. |
| 30614673 | If the route and service type for a flow changes, it may cause a service impacting memory dump. |
| 30586032 | When viewing Statistics > WAN > WAN Link Usage, the "Usage %" column sorts inconsistently. |
| 30573737 | Clicking on the ¿Refresh Page¿ icon while viewing the Event Management > Insert/View Events page will redirect the user to the appliance home page. |
| 30696711 | The option to ping from the Talari appliance (Troubleshoot > Ping) is incorrectly enabled on the standby appliance in an HA pair. |
| 30554939 | The Palo Alto Firewall XML file provided for Service Chaining has a static UUID field. |
| 30546157 | When a user filters for CONDUIT events under Event Management > Insert/View Events, CONDUIT_CLASS_POLICING_THRESHOLD events are shown instead. |
| 30514819 | If Microsoft Extensions are enabled for a VT800 in Azure, a large number of Microsoft log files are generated and cause disk usage alerts on the appliance. |
| 30513588 | Automatically generated firewall rules are removed without warning the user. |
| 30495818 | Turning on Netflow on a D6000 on 8.2 release may cause periodic jitter on data traffic. |
| 30473467 | When change config to remove/disable an application when the session is still running, it may cause service impact memory dump. |
| 30457955 | The ifconfig stats files in Diagnostic dumps contain empty files on SDWAN 8.2 software running on OS 7.0. |
| 30438063 | Periodic status reports preview page is displaying blank page and unable to send email notifications for the reports on scheduled time. |
| 30431299 | Enabling Dynamic Conduits may cause a service impacting memory dump. |
| 30426767 | Empty DNS AAAA Response packets are dropped by the APN when DNS snooping is enabled. |
| 30421465 | There may be a service impacting memory dump when the application statistics for the conduits are updated after a configuration update. |
| 30418787 | For E1000/D2000, there can be latency spike for some internet/intranet traffic. |
| 3041877 | For config update, it may cause service impacting memory dump. |
| 30418064 | In the Firefox browser, it is unable to create a client access interface with a DHCP client virtual interface. |
| 30417955 | Till now we don't have the cloud service/ cloud conduit option in Static NAT, Dynamic NAT and Firewall Policies sections. Now we have enabled the cloud services to them. |
| 30401856 | Using Easy Install [ZTP] to install a client site running 8.1 P1 or earlier when the secondary OS is OS 7.0 or newer may result in the ZTP process getting stuck while attempting to swap to the OS 7.0 partition. The workaround is to use Local Change Management on the client appliance to bring up the site. |
| 30400984 | There may be a service impacting memory dump when TCP termination is enabled. |
| 30361515 | When logging in via SSH an SDWAN-EDGE device running OS 7 and OS 8.2 using a RADIUS or TACACS+ username, the user will be improperly prompted for the 'talariuser' password when running commands in tcon or doing a sudo command from the shell. The workaround is to log in as a local user or use the Web console for SDWAN-EDGE administration. |
| 30355117 | When configuring WAN link usage for a conduit under Connections > [Site] > Conduits > [Conduit Name] > Remote Site > WAN Links for a site with one or more MPLS WAN links, it is possible to get into a state where ¿Use¿ is checked for an MPLS WAN Link but is not checked for its component queues. The MPLS paths are not created in this case. |
| 3035509 | Error messages in the Configuration Editor may disappear before users can see and act on them. |
| 3035492 | When enabling e-mail alerts either under Configure Alarms or Configure Alerts/Events, if a section that has a required field (such as a password) is enabled but not filled in, all pending changes will be cleared when the Apply button is clicked. |
| 30354436 | Service Chaining with Palo Alto does not work as expected. |
| 30354453 | If a Firewall Policy Template is applied under Global > APN Settings and the name of the applied Firewall Policy Template is changed under Global > Firewall > Firewall Policy Templates, the applied Firewall Policy Template will be changed to <none> and Configuration Editor will produce an audit error. |
| 30354274 | Disk usage is calculated incorrectly on appliances running Service Chaining. |
| 30353908 | When WAN-to-WAN Forwarding is enabled and the NCN is acting as an intermediate site, a service impacting memory dump way occur while the NCN statistics are updating. |
| 30353887 | When using the Configuration Editor in Google Chrome, it takes multiple clicks to select an Ethernet Interface to add to an Interface Group after creating a Virtual Interface. |
| 30353858 | When disabling an application which is referenced by a rule, an audit error is displayed which cannot be cleared. |
| 30353832 | When configuring a WAN Link in the Basic View of the Configuration Editor, setting the Physical Rate does not also set the Permitted Rate. |
| 30353516 | The help text and tool tip text in the Configuration Editor for the Custom Silence Period incorrectly states the default as 150ms even though the default silence time threshold is based on 3 nags, which are a dynamic variable depending on the trending network conditions. |
| 303533 | If OSPF Route Learning is enabled and a route is withdrawn from OSPF, a service impacting memory dump may occur. |
| 3035325 | All the DNS request over TCP from the client get dropped in APN. |
| 30352992 | DHCP relay request gets dropped if there is already connection entry exists but in the invalid state. The proposed fix should avoid the delete the invalid connection entry as soon as possible. |
| 3035269 | When APN sends out TCP SYN with timestamp option TSval having non zero value, but the server responds with Time stamp echo option Tsecr with 0 value, which leads wrong RTT calculation. |
| 30340596 | When running OS 7 and R8_2_GA, a Management Interface Whitelist created on the Configuration -> Local Network Settings: Managmeent Interface Whitelist will not persist across a restart and will have to be manually re-applied either via the GUI or by running some commands at the shell prompt upon a reboot. This workaround is : If there's an existing ACL from when the appliance was running OS 5.x, then you can run the following command at the shell and it should set up the ACl under OS 7: /sbin/iptables-restore < /home/talariuser/bin/t2_mgt_acl_iptables_up_rules This command will need to be manually run on every reboot. For adding new rules from CLI: t2_mgt_acl --allow <network> (example: t2_mgt_acl --allow 172.17.200.172/32) For removing rules: t2_mgt_acl --clear |
