Applies To:

Show Versions Show Versions

Archived Release Note: 3-DNS Controller, version 4.5 PTF-02
Release Note

Software Release Date: 01/05/2003
Updated Date: 03/05/2007

This article has been archived, and is no longer maintained.

Summary:

This product temporary fix (PTF) provides enhancements and fixes for the 3-DNS Controller, version 4.5. The PTF includes all fixes released since version 4.5, including fixes originally released in prior PTFs.  The latest version of the PTF notes can be found on http://tech.f5.com.

Contents:

- Installing the PTF
     - Updating the big3d agent
- Software enhancements and fixes
     - What’s new in this PTF
     - What’s fixed in this PTF
     - Enhancements and fixes released in prior PTFs
- Configuration changes
     - Required configuration changes
     - Optional configuration changes
- Known issues
- Work-arounds for known issues
     - Turning off the checkd process
     - Reformatting the /VERSION file


Installing the PTF

The current PTF installs fixes from all PTFs released after 3-DNS Controller, version 4.5. (For details, see the following section, Software enhancements and fixes.)  The latest version of the PTF note is available at http://tech.f5.com.

Note:  If you are updating the 3-DNS Controller module on a BIG-IP system, refer to the BIG-IP, version 4.5PTF02 note for instructions on installing the PTF.

Apply the PTF to the 3-DNS Controller, version 4.5 using the following process.  Note that the installation script saves your current configuration.

Note:  If you have installed prior PTFs, this installation does not overwrite any configuration changes that you made for prior PTFs.

  1. Change to the /var/tmp/ directory by typing:
    cd /var/tmp/

  2. Connect to the F5 Networks FTP site (ftp.f5.com).
    Use FTP in passive mode from the 3-DNS Controller to download the file.  To place FTP in passive mode, type pass at the command line before transferring the file.

  3. Download the following PTF file to the /var/tmp/ directory on the target 3-DNS Controller.
    3DNS_4.5PTF-02.im

  4. To install the PTF, type the following command:
    im 3DNS_4.5PTF-02.im

    The 3-DNS Controller automatically reboots once it completes installation.

Updating the big3d agent

After the PTF installation has completed, you need to install the new version of the big3d agent on all BIG-IP systems and EDGE-FX Cache systems known to the 3-DNS Controller, as follows:

  1. Log on to the 3-DNS Controller at the command line.

  2. Type 3dnsmaint to open the 3-DNS Maintenance menu.

  3. Select Install and Start big3d, and press Enter.
    The 3-DNS Controller detects all BIG-IP systems and EDGE-FX systems in the network, and updates their big3d agents with the appropriate version of the agent.

  4. Press Enter to return to the 3-DNS Maintenance menu.

  5. Type Q to quit.

For more information about the big3d agent, see the 3-DNS Reference Guide.

[ Top ]

Software enhancements and fixes

What’s new in this PTF

Enhancements to load balancing

This PTF adds two new load balancing modes, Drop Packet and Explicit IP. We recommend that you use these new load balancing modes only for the fallback method. The 3-DNS Controller uses the fallback method when the preferred and alternate load balancing modes do not provide at least one virtual server to return as an answer to a query. When you specify the Drop Packet mode, the 3-DNS Controller does nothing with the packet, and simply drops the request. (Note that a typical LDNS server iteratively queries other authoritative name servers when it times out on a query.) When you specify the Explicit IP mode, the 3-DNS Controller returns the IP address that you specify as the fallback IP as an answer to the query. Note that the IP address that you specify is not monitored for availability before being returned as an answer. When you use the Explicit IP mode, you can specify a disaster recovery site to return when no load balancing mode returns an available virtual server.

You can configure the new load balancing modes for the fallback method either using the Configuration utility or from the command line. For information on configuring the fallback method with the new load balancing modes, see the Configuring the Drop Packet and Explicit IP load balancing modes section of this PTF note.

[ Top ]

What’s fixed in this PTF

Large configurations and misleading error messages (CR19843)
When the 3dnsd process is loading a large configuration, you may see a warning message now, instead of an error message.

Updated 3-DNS Reference Guide PDF (CR22017)
The 3-DNS Reference Guide has been updated to include Appendix A, 3-DNS Configuration File. The updates to this appendix include the revised data structures and the new configuration options for routers and links.

UDP checksums and TFTP packets  (CR22113, CR25181)
In rare instances, the checksums for TFTP packets were incorrect. This issue has been resolved.

Apache web server and the CERT Coordination Center vulnerability, VU#672683 (CR24689)
This PTF addresses the vulnerability in the Tomcat package for the Apache web server that is described in Vulnerability Note VU#672683 on the CERT® Coordination Center website. For more information on the vulnerability, see http://www.kb.cert.org/vuls/id/672683.

Turning off automatic synchronization and persistent LDNS requests (CR24869)
When you turn off automatic synchronization on a 3-DNS Controller, and if the 3dnsd process on that controller loses network communications with the other 3dnsd processes in the network, the controller now synchronizes LDNS requests that occur during the time that the 3dnsd process is offline.

iControl BaseServer::get_interfaces function and the 3dnsd process (CR24912)
The following iControl function, ITCMGlobalLB::BaseServer::get_interfaces, no longer causes the 3dnsd process to stop running when you specify an invalid type within the function.

Synchronization and the netIana.inc file (CR24928)
The include geoloc "netIana.inc" directive is now synchronized between the members of a sync group.

Root servers list for BIND (CR25064)
The root servers list file for BIND, root.hint, has been updated to include the most current list of root servers.

Errors on the System - General screen in the Configuration utility (CR25143)
You can now change any of the settings on the System - General screen in the Configuration utility, and you no longer see error messages when you do so.

Invalid metrics statistics and graphs for down remote links (CR25146)
The Link Statistics screen, in the Configuration utility, no longer displays very large, invalid values for remote links that are down (red ball). The link statistics graphs now accurately display the data for both the link that is down, and any available links.

Path probing requests and data centers with no defined router (CR25155)
If a data center contains at least one 3-DNS Controller, BIG-IP system, or EDGE-FX system, the big3d agent now issues path probing requests to that data center, regardless of whether you have defined a router for the data center.

Using a serial terminal as a console (CR25183)
This PTF fixes the serial terminal as the console functionality, as described in the 3-DNS Reference Guide, Chapter 6, Monitoring and Administration, so that it works with all 2U controller platforms.

[ Top ]

Enhancements and fixes released in prior PTFs

Version 4.5 PTF-01

CA-2002-31, Multiple Vulnerabilities in BIND
This PTF addresses the security vulnerabilities that are listed in CERT® advisory, CA-2002-31, Multiple Vulnerabilities in BIND. This PTF upgrades the BIND package to version 8.3.4. For more information on the CERT advisory, see http://www.cert.org/advisories/CA-2002-31.html.

[ Top ]

Configuration changes

The following section provides information about both required and optional configuration changes.

Required configuration changes

Updated big3d agent for version 4.5 and later (CR25255)
The big3d agent has been updated, and is not compatible with the previously-released big3d agents. Therefore, you must distribute the updated big3d agent to the BIG-IP systems in your network so that the metrics collection on the 3-DNS Controller functions properly. For details on distributing the updated big3d agent, see the Updating the big3d agent section of the installation instructions for this PTF.

[ Top ]

Optional configuration changes

Configuring the Drop Packet and Explicit IP load balancing modes

You can configure the fallback method using the new load balancing modes either by using the Configuration utility, or by editing the wideip.conf file from the command line. You can specify either the Drop Packet load balancing mode, or the Expicit IP load balancing mode. Note that if you specify the Expicit IP mode, you also specify a fallback IP address.

To configure the fallback method with the Drop Packet mode using the Configuration utility

  1. In the navigation pane, click Wide IPs.
    The Wide IP List screen opens.

  2. In the Wide IP column, click the name of the wide IP that you want to modify.
    The Modify Wide IP screen opens.

  3. On the toolbar, click Modify Pool.
    The Modify Wide IP Pools screen opens.

  4. In the Pool Name column, click the name of the pool that you want to modify.
    The Modify Load Balancing screen opens.

  5. In the Load Balancing Modes, Fallback box, select Drop Packet.

  6. Click Update.
    The Configuration utility updates the configuration with the changes.

To configure the fallback method with the drop_packet mode from the command line

  1. To ensure that the configuration files contain the same information as the memory cache, type the following command:
    3ndc dumpdb

  2. Open the /etc/wideip.conf file in a text editor (either vi or pico).

  3. Use the syntax highlighted below to configure the fallback method with the drop_packet mode.

  4. Save and close the file.

  5. Commit the changes to the configuration by typing:
    3ndc reload

wideip {
...
   pool {
      name     "Pool"
      dynamic_ratio     yes
      preferred     qos
      alternate     rr
      fallback     drop_packet


      address     <vs_ip_address>
      address     <vs_ip_address>

To configure the fallback method with the Explicit IP mode using the Configuration utility

  1. In the navigation pane, click Wide IPs.
    The Wide IP List screen opens.

  2. In the Wide IP column, click the name of the wide IP that you want to modify.
    The Modify Wide IP screen opens.

  3. On the toolbar, click Modify Pool.
    The Modify Wide IP Pools screen opens.

  4. In the Pool Name column, click the name of the pool that you want to modify.
    The Modify Load Balancing screen opens.

  5. In the Load Balancing Modes, Fallback box, select Explicit IP.

  6. In the Fallback IP box, type the IP address for the server or host to which you want the 3-DNS Controller to forward the packet.
  7. Click Update.
    The Configuration utility updates the configuration with the changes.

To configure the fallback method with the explicit_ip mode from the command line

  1. To ensure that the configuration files contain the same information as the memory cache, type the following command:
    3ndc dumpdb

  2. Open the /etc/wideip.conf file in a text editor (either vi or pico).

  3. Use the syntax highlighted below to configure the fallback method with the explicit_ip mode.

  4. Save and close the file.

  5. Commit the changes to the configuration by typing:
    3ndc reload

wideip {
...
   pool {
      name     "Pool"
      dynamic_ratio     yes
      preferred     qos
      alternate     rr
      fallback     explicit_ip
      fallback_ip     <ip_address>


      address     <vs_ip_address>
      address     <vs_ip_address>


[ Top ]

Known issues

The following items are the known issues identified since the release of 3-DNS Controller, version 4.5. For a list of the known issues in the 4.5 release, refer to the 3-DNS Controller, version 4.5 release note on AskF5.

Invalid OID for the shutdown trap in the SNMP MIB (CR25059)
The shutdown trap, in the SNMP MIB, has an invalid object identifier (OID) associated with it. Therefore, this trap does not function properly.

Broken links on the Configuration utility welcome screen (CR25249)
In the Configuration utility, under Additional Software Downloads on the welcome screen, the following links are broken: 3-DNS MIB and DNS MIB. Note that this does not affect the MIBs themselves, which you can view from the command line in the following directory: /usr/local/share/snmp/mibs. For information on working with the MIBs, see Working with SNMP on the 3-DNS Controller, in the 3-DNS Reference Guide, Chapter 5, Probing and Metrics Collection.

BIG-IP virtual server status and node connection limits (CR25473)
When you have configured a node connection limit for a BIG-IP virtual server, the 3-DNS Controller may show that virtual server as down (red ball), if the node connection limit is set to zero (0).

Synchronization and removing The include geoloc "netIana.inc" directive (CR25402)
If you have a sync group configured, and you remove the include geoloc "netIana.inc" directive from one of the sync group members because you are not using Topology load balancing for any pool or wide IP, the synchronization process does not remove the directive from the other members of the sync group. This does not affect performance of the controller.

Error messages for the checkd process on standalone 3-DNS Controllers (CR25476)
If you have a standalone 3-DNS Controller, you may see the following error message in the /var/log/bigd file for the checkd process: checkd: SSL accelerator proxies are not available. The error is benign because the 3-DNS Controller does not use the checkd process. You can safely turn the checkd process off using the Turning off the checkd process work-around following this section of the PTF note.

Interoperating with SEE-IT® Network Manager (CR25573)
In 3-DNS Controller, version 4.5, the format of the /VERSION file changed, resulting in an incompatability with the SEE-IT Network Manager. You can fix the incompatability using the work-around described in the Reformatting the /VERSION file section following this section of the PTF note.

Changes in US and Canada Daylight Saving Time (CR58321)
The Energy Policy Act of 2005, which was passed by the US Congress in August 2005, changed both the start and end dates for Daylight Saving Time in the United States, effective March 2007. Canada is also adopting this change. The resulting changes are not reflected in this version of the product software. To find out more about this issue, refer to SOL6551: F5 Networks software compliance with the Energy Policy Act of 2005.

[ Top ]

Work-arounds for known issues

The following items describe work-arounds for known issues.

Turning off the checkd process

You can safely turn off the checkd process on a standalone 3-DNS Controller using the following steps.

Important:  If you are running the 3-DNS Controller module on a BIG-IP system, do not turn off this process.

To turn off the checkd process

  1. From the command line, type the following command, and press Enter:
    pidof checkd

    The controller displays the process ID number for the checkd process (so you know that the process is running).

  2. Type the following command:
    kill -9 `pidof checkd`

    The controller stops the checkd process, and stops entering error messaages in the \var\log\bigd file.

Note:  If you reboot the controller, you need to repeat this procedure.

[ Top ]

Reformatting the /VERSION file

If you use the SEE-IT Network Manager application to monitor you 3-DNS Controller, make the following change to the /VERSION file on the 3-DNS Controller so that the file is compatible with the SEE-IT application.

  1. From the command line, open the /VERSION file in a text editor (either vi or pico):
    <vi | pico> /VERSION

  2. Move the Version: parameter to the top line of the file.

  3. Save and close the file.
    The SEE-IT Network Manager should no longer experience errors when you are monitoring 3-DNS Controller, version 4.5.

[ Top ]

Was this resource helpful in solving your issue?




NOTE: Please do not provide personal information.



Incorrect answer. Please try again: Please enter the words to the right: Please enter the numbers you hear:

Additional Comments (optional)