Applies To:

Show Versions Show Versions

Archived Release Note: 3-DNS Controller Release Note
Release Note

Updated Date: 07/23/2001

This article has been archived, and is no longer maintained.

Summary:

This release note documents version 3.0 of the 3-DNS Controller.  You can apply the software upgrade to both crypto and non-crypto 3-DNS Controllers, versions 2.1.2 and later.  For information about installing the software upgrade, please refer to the instructions below.

Contents:

     - Using the Global Availability load balancing mode within a pool

Installing the upgrade

The following instructions explain how to install the 3-DNS Controller, version 3.0 onto existing crypto or non-crypto systems that are running version 2.1.2 and later.

Important:  If you are running 3-DNS Controller, version 2.1 or earlier, you must first upgrade to version 2.1.2.  You can then upgrade to version 3.0.

If you want to upgrade from 3-DNS Controller, version 2.X non-crypto to version 3.0 crypto, you must first upgrade to version 2.1.2 crypto, and then upgrade to version 3.0 crypto.

  1. On the 3-DNS Controller, change to the /var/tmp/ directory:
    cd /var/tmp/

  2. Connect to the F5 Networks FTP site at ftp.f5.com.

    To find out how to download software from the F5 FTP site, see SOL167: Downloading software from F5 Networks

  3. Download the upgrade file to the /var/tmp/ directory on the target 3-DNS Controller:
    • For crypto 3-DNS Controllers, download the 3dns3.0upgrade.tgz file.
    • For non-crypto 3-DNS Controllers, download the 3dns3.0upgrade-nocrypto.tgz file.

  4. Download the sum file to the /var/tmp/ directory on the target 3-DNS Controller.

  5. Verify the integrity of the upgrade file by typing the sum command where <file name> is the name of the upgrade file:
    sum <file name>

    If the checksum numbers match, the upgrade file is valid.  If they do not match, open a new FTP connection, and try to download the upgrade file again.

  6. Extract the kit file in the /var/tmp/ directory as follows:

    • For crypto 3-DNS Controllers, type the following command:
      tar -xvzf 3dns3.0upgrade.tgz

    • For non-crypto 3-DNS Controllers, type the following command:
      tar -xvzf 3dns3.0upgrade-nocrypto.tgz

  7. Verify the integrity of the extracted files by typing the following command:
    ./checksum

  8. Run the upgrade_install script in the /var/tmp/ directory:
    ./upgrade_install

    The upgrade_install script performs a backup of your critical system files and executables.  When the script is done, it automatically reboots your system.

  9. Once you install the 3-DNS Controller software, you need to install the new version of the big3d agent on all BIG-IP Controllers and EDGE-FX Caches managed by the 3-DNS Controller, as follows:

    1. Log in to the 3-DNS Controller.
    2. Type 3dnsmaint to open the 3-DNS Maintenance menu.
    3. Select Install and Start big3d, and press Enter.
      The 3-DNS Controller detects all BIG-IP Controllers and EDGE-FX Caches in the network and updates their big3d agents.
    4. Press the Enter key to return to the 3-DNS Maintenance menu.
    5. Press the Q key to quit.

Once you install the software update, refer to the Configuring and using the new software section, which contains important information about required configuration changes and new configuration options.


New features and enhancements

3-DNS Console
If you are running a browser on a Windows-based PC, you can configure your 3-DNS Controller using command line entries, in the Configuration utility, by clicking the 3-DNS Console item in the navigation pane; this opens an SSH (version 1) console.

big3d agent
The big3d agent now runs as a single process.

CDN
You can now configure a wide IP pool to work as part of your content delivery network (CDN).  After you configure a CDN pool, you can specify the CDN provider with which you are working.  The 3-DNS Controller then delegates requests to the CDN provider, based on the terms of the service level agreement you have set up with the CDN provider.  For information on configuring CDN pools using the Configuration utility, view the online help for the Select CDN Pool screen.  For information on configuring a CDN, see Chapter 4, Configuring a Content Delivery Network, in the 3-DNS Controller Administrator Guide.

Extended content verification (ECV)
With ECV monitoring, you can monitor not only the availability of a port or service on a server or virtual server, but also the availability of a specific file on a particular server or virtual server.  If the server or virtual server responds appropriately to the query, the server or virtual server is marked as up; if the server or virtual server does not respond as expected, the server or virtual server is marked as down.  You can use ECV to test the HTTP, HTTPS, or FTP protocols.  For information on how to configure this option using the Configuration utility, view the online help for the Modify Wide IP screen.

EDGE-FX Cache
The 3-DNS Controller now supports the F5 Networks EDGE-FX Cache as a standalone server type.  For information on how to configure an EDGE-FX Cache server type in the Configuration utility, view the online help for the Add EDGE-FX Cache screen.  For general information on configuring the EDGE-FX Cache server type, see the 3-DNS Controller Reference Guide.

FreeBSD
The 3-DNS Controller now runs on the FreeBSD platform.

Geographic load balancing
For crypto 3-DNS Controllers, the IP geolocation classifier has been updated, and now accurately and reliably supports IP address resolution at the country level, in addition to the continent level.

Host load balancing
The 3-DNS Controller can now load balance hosts that are not managed by a BIG-IP Controller (or similar local traffic director) when you choose the Packet Rate or Kilobytes/Second load balancing modes.

Limits for current connections
You can now set limits for current connections for BIG-IP Controllers, EDGE-FX Caches, hosts, and their respective virtual servers and pools.  For information on setting metric limits, see the online help for the Modify Limit Settings screens in the Configuration utility.

Metrics collection
The 3-DNS Controller now captures metrics for several new host devices.  For the BIG-IP Controller and the EDGE-FX Cache, the 3-DNS Controller uses iQuery to capture the metrics indicated in the following table.  For the other hosts listed in the table, the 3-DNS Controller uses SNMP to capture the metrics.  For more information on iQuery, see Chapter 3, big3d Agent, in the 3-DNS Controller Reference Guide.  For more information on SNMP metrics, see Chapter 10, SNMP, in the 3-DNS Controller Reference Guide.

Note:  New host devices are highlighted in yellow.

Server/OS Kilobytes/
Second
Packets/
Second
CPU Memory Disk Current Connections
BIG-IP Controller X X       X
EDGE-FX Cache X X X     X
Windows 2000 Server X X X X   X
Windows NT 4.0 X X X X   X
BSD, UC Davis X X X X X X
Linux, UC Davis X X   X X X
Sun Solaris X X X     X
Cisco LocalDirector1  X X       X
Alteon Ace Director X         X
Foundry ServerIron X X       X
Cisco CSS series2 X X       X
CacheFlow X X     X

1  The Cisco LocalDirector metric shows new connections per second rather than current connections.
2  Formerly ArrowPoint Communications.

Network Map
The Network Map displays physical and logical networks together on one screen using an illustrative tree.  By viewing the Network Map, you can see the relationships between the different components of your networks, such as how wide IPs are related to data centers, and how virtual server pools are related to servers.  For more information on the Network Map, in the Configuration utility view the online help for the Network Map screen, or see Network Map in the 3-DNS Controller Reference Guide.

Open SSH
The 3-DNS Controller now runs OpenSSH 2.3.0, which is compliant with SSH1 and SSH2.

Pool limits
You can now define or modify system resource thresholds or limits at the wide IP pool level.  When a pool exceeds any resource threshold, the 3-DNS Controller marks the entire pool as unavailable and directs load-balancing traffic to another pool in the wide IP.  For information on how to configure this option using the Configuration utility, view the online help for the Modify Limit Settings screen.

Scripts
We have added a new script, called 3dns_add, to the 3-DNS Maintenance menu.  This script facilitates the process of adding a new 3-DNS Controller to an existing network and sync group.  For information on how to use the 3dns_add script, see Chapter 5, Adding 3-DNS Controllers to the Network, in the 3-DNS Controller Administrator Guide.

Virtual server dependencies
With the virtual server dependencies feature, you create a list of virtual servers that must all be available for load balancing so that the virtual server you are configuring is also available for load balancing.  For more information on virtual server dependencies, view the online help for the Virtual Server Dependencies List screen, in the Configuration utility.

Wide IPs
When you create a new wide IP, you must enter a fully-qualified domain name (for example, www.f5.com) in the Wide IP Name box.  If you do not enter a fully-qualified domain name, the 3-DNS Controller displays a message reminding you to do so.


Configuring and using the new software

Required configuration changes

There are no required configuration changes in this release.


Fixes

The following issues are resolved in the current release.

Type Description Number
Refreshing statistics Clicking the Refresh button in the Statistics screen no longer prompts a web server login error message.

CR11597
Launching online help Clicking the Help button on the tool bar while using Microsoft Internet Explorer 5.5 no longer prompts a warning dialog box to display.

CR12522
Removing host servers from data centers

Removing host servers from data center configurations no longer causes inaccurate displays in the Configuration utility.

CR12624
Adding multiple wide IP aliases

Adding more than three wide IP aliases no longer causes intermittent, irregular system behavior.

CR12116
Metrics values

If you restart the named agent or the big3d agent, the 3-DNS Controller now generates an accurate value for the first calculation of the packets per second or kilobytes per second metrics. 

CR10127
Using static load balancing

When you use a static load balancing method in a pool that has a host virtual server with Unknown status (denoted by a blue ball in the Virtual Server Metrics screen in the Configuration utility), the 3-DNS Controller no longer returns the IP address of that host as the resolution to a DNS request.

 

Known issues

The following items are known issues in the current release.

Type Description Number

Running the upgrade_install script

If you have changed the host name or domain name of the 3-DNS Controller without using the config utility, the upgrade_install script stops with the following messsage:

"Your hostname in /etc/netstart does not match the hostname stored in the configuration database.  Please run the 'config' utility to update your configuration before upgrading the system."

You must update the configuration of the 3-DNS Controller, by running the config utility, before you can perform the upgrade.  To run the config utility, type config at the command line, and follow the prompts.

CR12761
New
Administrative IP addresses in the hosts.allow file and SSH
The config_sshd script writes any administrative IP addresses to the hosts.allow file in the CIDR format, which the hosts.allow file does not properly interpret.  For example, if you type 192.168.100.* for the administrative IP address, the hosts.allow file logs the IP address as 192.168.100.0/24, and SSH communications to the 3-DNS Controller do not work.  You can edit the tweak_sshd script so that the hosts.allow file properly interprets the administrative IP addresses for SSH communications.  Refer to the Editing the tweak_sshd script section (following the Known Issues table) for instructions on modifying the tweak_sshd script. CR15551
New
The NTP utility syntax is incorrect

The syntax for the network time protocol (NTP) utility is incorrect in the rc.conf file.  You can correct the syntax using the following workaround.  Note that you can make this change only from the command line.

To correct the NTP utility syntax

  1. From the command line, change to the /etc/ directory.
  2. Using the text editor of your choice (vi or pico), open the rc.conf file.
  3. Change the xntp_enable parameter to xntpd_enable.
  4. Save and close the file.
CR15548
New
System error log file rotation

The System error log file rotation does not function properly.  You can correct the log file rotation using the following work around.

To initiate log file rotation for the System error log

  1. From the command line, change to the /etc/ directory.
  2. Using the text editor of your choice (vi or pico), open the newsyslog.conf file.
  3. Add the following line to the file:
    /var/3dns/run/syserr.log    644  3  1000   @T00  Z
  4. Save the changes and close the file.
The log file rotation for the System error log now occurs at regular intervals.

CR15573
New
Using Global Availability load balancing within a pool

When you create a pool for a new or for an existing wide IP, and you use the Global Availability load balancing method, you may experience problems under the following circumstances:

  • You are using Internet Explorer 5.0 or 5.5.
  • You select Global Availability in the Load Balancing Modes, Preferred list on the Configure Load Balancing for New Pool screen.
  • You have a large quantity of virtual servers in your configuration.
If you want to use the Global Availability load balancing method, and you meet the previous criteria, please see the Using the Global Availability load balancing mode within a pool section following this table.

CR13112

Synchronizing controllers

The 3-DNS Controller, version 3.0 does not synchronize with 3-DNS Controllers that are running versions prior to 3.0, if your 3.0 configuration includes any of the following new features:  an EDGE-FX Cache server type, ECV functionality, CDN functionality, or pool limits functionality.

To synchronize a version 3.0 controller with a version 2.1.2 controller, create a symlink from the /usr/contrib/bin/rsync file to the /usr/local/bin/rsync file on all 2.1.2 versions of the controller, as follows:

To create a symlink

At the command prompt on each 3-DNS Controller that is running version 2.1.2, type:
'ln -s /usr/contrib/bin/rsync /usr/local/bin/rsync'

CR11186
Using encrypted communications

(This applies only to crypto 3-DNS Controllers.)  When you rebuild a 3-DNS Controller (or BIG-IP Controller) using a CD, the RSA key for sshd changes.  This breaks the trust relationship between the updated controller and any devices with which it interacts.  As a result, synchronization between the controllers in the sync group stops, and you cannot update the big3d agent.  You can correct this situation by removing the newer RSA key and synchronizing the updated controller with other F5 devices.

To reset the RSA key for an updated 3-DNS Controller

  1. In the /root/.ssh/known_hosts file of each controller in the sync group that has not been updated, remove the RSA key for the replaced controller.
  2. Type 3dnsmaint at the command line to open the 3-DNS Maintenance menu.
  3. Choose Configure secure communication between all 3-DNS and BIG-IP systems, and press Enter. 
    The 3-DNS Controller updates the RSA key with the correct information.
  4. Press Enter to return to the 3-DNS Maintenance menu.
  5. Press Q to quit.

 

Running Netscape Navigator 6.0

The Configuration utility does not currently support Netscape 6.0.

CR12116
Running Netscape Navigator on UNIX systems

If you are running Netscape on a UNIX (LINUX, *BSD, Solaris) system, the 3-DNS Console item is not available in the navigation pane of the Configuration utility.  Instead you can access the 3-DNS Controller command line utility using an SSH connection.

CR12132
Displaying the Network Map

The Network Map does not display large configurations properly when you run Netscape on a UNIX or LINUX platform.  We recommend that you use a Windows-based browser to view large network configurations with the Network Map.

CR11161
Creating wide IP production rules

When you create a wide IP production rule with a Date/Time time variable, the production rule action does not stop in the time frame that you specify in the Stop Time box.

When you create a wide IP production rule using the Configuration utility, in the Select Local DNS screen, you must type the IP address and subnet mask in the appropriate boxes.  You cannot use the CIDR format (for example, 192.168.10.10/24) in these boxes.

CR11710

CR11202
Connecting to an EDGE-FX Cache using RSH

When using an RSH session to connect to an EDGE-FX Cache that does not have SSH available (a non-crypto EDGE-FX Cache), you may get a connection refused error message.

To use an RSH session with a non-crypto EDGE-FX Cache

  1. Use Telnet or a terminal console to connect to the EDGE-FX Cache.
  2. In the /etc/inetd.conf file, remove the comment (#) character from the line:
    #shell stream tcp nowait root /usr/libexec/rshd rshd
  3. Type the following command:
    kill -HUP `cat /var/run/inetd.pid`

    This causes the inetd daemon to re-read its configuration.

CR11035
Viewing prober statistics

Sometimes NAN (not a number) appears in the Probers Statistics screen.  This error is harmless and does not affect the operation of the 3-DNS Controller.

When you are viewing Histograms or Metrics on the Prober Statistics screen, you might encounter errors if you are using Microsoft Internet Explorer 5.0 or later.  We recommend using the following procedure view the Histograms or Metrics:

  1. In the navigation pane, expand the Statistics item, and click Probers.
  2. In the Prober Statistics screen, click either Metrics or Histogram.
    A dialog box appears.
  3. Select Save this file to disk and click OK.
  4. Add the .xls file extension to the file name.
  5. Click OK.
The browser saves the file, and you can now open it using Microsoft Excel.

CR10153
Using the Configuration utility

Parts of the Configuration utility for the 3-DNS Controller use Java applets and require the presence of the Java Virtual Machine (JVM) on your local machine.  However, some default installations of Internet Explorer do not contain the JVM.  If your version of Internet Explorer does not contain a JVM, you can obtain a JVM by going to the Tools menu, selecting the Windows Update link, selecting Product Update, and looking in the Additional Windows Features section.  Alternately, you can go to the Internet Explorer section of Microsoft's web site.

CR10381
Creating wide IP names and aliases

When you add or modify a wide IP definition, either by using the Configuration utility or by editing the wideip.conf file, you cannot use the same fully-qualified domain name (FQDN) more than once.  If you try to use the same FQDN as a wide IP name in one definition, and as an alias in another definition, the Configuration utility stops working.

CR12314
Updating metrics for the Solstice SNMP agent

The Solstice SNMP agent, which runs on some Sun systems, delays the updating of some metrics for longer than 30 seconds.  As a result, in the 3-DNS Controller SNMP Statistics screen, the packet rates and kilobytes per second rates can fluctuate from a zero value to a real value.  If you are polling Sun Solaris servers in your network, you may want to set the SNMP polling time on the 3-DNS Controller to an interval greater than 60 seconds.

 
Editing the snmpd.conf file

If you have SNMP configured on your 3-DNS Controller, the 3dns.log file may fill up quickly.  To correct this, you must edit the snmpd.conf file from the command line.

To edit the snmpd.conf file
  1. At the command line, change to the /etc/snmpd.conf directory.
  2. Using the text editor of your choice, locate the following line in the file:
    trapsink 192.168.101.62
  3. Comment out the line by adding the comment (#) character in front of trapsink.

 
Checking SNMP connectivity

The F5 Networks snmptest utility has been removed from the 3-DNS Controller.  You can use the UC-Davis snmptest utility instead.  Please refer to the following web site, http://net-snmp.sourceforge.net/ for more information about the UC-Davis snmptest utility.

 
Setting screen resolution

If the screen resolution on your monitor is set to less than 1024 x 768 pixels, you may not see the entire 3-DNS Controller toolbar in the Configuration utility.  If your monitor allows it, we recommend that you set your screen resolution to 1024 x 768 pixels.

CR10518
Running the named daemon

The granularity of the IP classifier in the Topology load balancing mode has increased dramatically.  As a result, when you enable the Topology load balancing mode, you may notice the following:

  • The named daemon takes approximately 30 seconds to start.
  • Memory usage is higher, so you may see slower performance on systems with less than 256 MB RAM.
CR10556
Viewing the Network Map

When you view the Network Map, you might get an error when you open additional browser sessions with Internet Explorer or Netscape.  This error only occurs if the additional browser sessions use Java applets.  We recommend that you close any additional browser sessions before viewing the Network Map.

CR11173
Removing dependencies entries

If you remove seven or more entries at one time from a Virtual Server Dependencies List and you are running Internet Explorer 5.0, you may get an error.  To avoid this error, remove fewer entries at a time.

CR11414
Displaying status of a controller in a sync group

When you disable a 3-DNS Controller that is a member of a sync group, the 3-DNS Statistics and Sync Group Statistics screens in the disabled controller's Configuration utility display an inaccurate status (a red ball) for all of the other 3-DNS Controllers in the same sync group.  You can see the correct status of the controllers in the 3-DNS Statistics and Sync Group Statistics screens of any enabled 3-DNS Controller in the sync group.

CR9452
Collecting metrics for Cisco CSS series (formerly ArrowPoint) servers

The 3-DNS Controller cannot collect the packets per second and the kilobytes per second metrics on Cisco CSS series (formerly ArrowPoint) software versions prior to 4.0.

 
Interpreting ArrowPoint CS150 server data

The 3-DNS Controller collects packets per second and kilobytes per second metrics for only http traffic on the current ArrowPoint CS150 server. 

The kilobytes per second rate displayed for the ArrowPoint CS150 is approximately 16 times smaller than it should be.  The total byte counts returned from the ArrowPoint MIB is 16 times smaller than the number of bytes that were actually handled. 

CR10361
Rolling back to
3-DNS Controller, version 2.1.2 from version 3.0BETA1

If you installed 3-DNS Controller, version 3.0BETA1, and you then rolled back to 3-DNS Controller, version 2.1.2, be sure to delete all of the regular files (not the subdirectories) in the /var/tmp/ directory before downloading and installing 3-DNS Controller, version 3.0.

 
Opening multiple instances of the 3-DNS Console in Netscape

If you have more than one 3-DNS Console session open, and you are running Netscape, you can close only one session.  We recommend that you open only one instance of the 3-DNS Console.

CR12121
Probing local DNS servers

We recommend that you use the ICMP, DNS_REV, or DNS_DOT probing methods, and that you do not use the Port Discovery probing method, to probe local DNS servers.

 
Accessing documentation for the wideip.conf file

To obtain the most current syntax information for the wideip.conf file, see the Wideip.conf Syntax link on tech.f5.com; the current guides for the 3-DNS Controller do not include this information.

 

Using the Global Availability load balancing mode within a pool

The following instructions describe how to configure the Global Availability load balancing mode within a pool.  You need to use these instructions only if you meet the criteria listed in the Using the Global Availability load balancing mode within a pool item in the Known Issues section.

To configure Global Availability load balancing within a pool in a new wide IP

  1. In the navigation pane, click Wide IPs.
    The Wide IP List screen opens.
  2. On the toolbar, click Add Wide IP.
    The Add a New Wide IP screen opens.
  3. Type the settings for the new wide IP, and click Next.
    The Configure Load Balancing for New Pool screen opens.
  4. Select a load balancing mode other than Global Availability in the following lists:
    • Load Balancing Modes, Preferred
    • Load Balancing Modes, Alternate
    • Load Balancing Modes, Fallback

    Note that you can accept the default settings, rather than changing the settings.
  5. Click Next.
    The Select Virtual Servers screen opens.
  6. Once you have finished configuring the virtual servers for the pool, click Finish to save your changes.
  7. On the Wide IP List screen, select the wide IP you just created.
  8. On the toolbar, click Modify Pool.
    The Modify Wide IP Pools screen opens.
  9. Click the pool you just created.
    The Modify Load Balancing for [pool name] screen opens.
  10. Select Global Availability, as appropriate, in the Load Balancing Modes, Preferred, or the Load Balancing Modes, Alternate, or the Load Balancing Modes, Fallback list, and click Update.
    The Modify Virtual Servers screen opens, where you can determine the order in which the 3-DNS Controller load balances to the virtual servers in the pool.

To configure Global Availability load balancing within a pool in an existing wide IP

  1. In the navigation pane, click Wide IPs.
    The Wide IP List screen opens.
  2. On the toolbar, click Add Pool.
    The Configure Load Balancing for New Pool screen opens.
  3. Select a load balancing mode other than Global Availability in the following lists:
    • Load Balancing Modes, Preferred
    • Load Balancing Modes, Alternate
    • Load Balancing Modes, Fallback

    Note that you can accept the default settings, rather than changing the settings.
  4. Once you have finished configuring the pool, click Finish to save your changes.
    The Wide IP List screen opens.
  5. In the Pools column, select the pools for the wide IP you just modified.
    The Modify Wide IP Pools screen opens.
  6. In the Pool Name column, click the name of the pool you just created.
    The Modify Load Balancing for [pool name] screen opens.
  7. Select Global Availability, as appropriate, in the Load Balancing Modes, Preferred list, or the Load Balancing Modes, Alternate list, or the Load Balancing Modes, Fallback list, and click Update.
    The Modify Virtual Servers screen opens, where you can determine the order in which the 3-DNS Controller load balances to the virtual servers in the pool.

Editing the tweak_sshd script

The following instructions describe how to edit the tweak_sshd script so that the 3-DNS Controller recognizes any specific administrative IP addresses in the hosts.allow file.  Note that if you use the default setting for administrative IP addresses ( *.*.*.* ), SSH communications work properly and you do not need to edit the tweak_sshd script.

To edit the tweak_sshd script from the command line

  1. At the command line, change to the first_time directory, by typing:
    cd /usr/sbin/first_time/
  2. Using the text editor of your choice (vi or pico), open the tweak_sshd script.
  3. Locate the sub add_host function in the tweak_sshd script.
  4. In the sub add_host function, change the following lines:
    s/\*\.\*\.\*/0.0.0\/8/;
    s/\*\.\*/0.0\/16/;
    s/\*/0\/24/;


    to

    s/\*\.\*\.\*/0.0.0\/255.0.0.0/;
    s/\*\.\*/0.0\/255.255.0.0/;
    s/\*/0\/255.255.255.0/;
  5. Save the changes and exit the script.

Note:  If you want to reset the administrative IP addresses after you have modified the tweak_sshd script, you can do so by simply typing config_sshd at the command line, and following the prompts.




Was this resource helpful in solving your issue?




NOTE: Please do not provide personal information.



Incorrect answer. Please try again: Please enter the words to the right: Please enter the numbers you hear:

Additional Comments (optional)