Original Publication Date: 05/27/1999
You can apply this release to version 2.0.4.
Use the following process to install the software:
International customers need to use FTP in passive mode from the BIG/ip Controller to download the v204ptf1intlkit.tar file. To place FTP in passive mode, type pass from the command line before transferring the file.
tar -xvpf v204ptf1domkit.tar(Domestic HA/HA+ and LB)
tar -xvpf v204ptf1intlkit.tar(International HA/LB)
The install script will back up a copy of snmpd.conf from the /etc directory to /var/save before making any modifications to it.
The checksums for this PTF are available in a file called sums, which can be downloaded from the FTP site.
Once you have installed the PTF software, please refer to the Configuring and using the updated software section below.
The BIG/ip Controller version 2.0.4PTF-01 provides fixes for the following issues.
There are no configuration changes required for this PTF.
A customer is concerned that a Denial-of-Service attack could affect the BIG/ip Controller by making constant log Port Denial messages. A new system control variable was created to allow customers to turn on logging of port denials when desired. This variable reverses the way that logging of port denials works, changing the default from logging to no logging. This variable is:
The variable defaults to zero, specifying no logging. Add any of the following values to affect logging:
|sysctl -w bigip.verbose_log_level=0||No logging.|
|sysctl -w bigip.verbose_log_level=1||Log UDP port denials (to BIG/ip address).|
|sysctl -w bigip.verbose_log_level=2||Log TCP port denials (to the BIG/ip Controller address).|
|sysctl -w bigip.verbose_log_level=4||Log UDP port denials (to VIP address).|
|sysctl -w bigip.verbose_log_level=8||Log TCP port denials (to VIP address).|
|sysctl -w bigip.verbose_log_level=15||Log all of the above.|
In order to set the logging function permanently to other than the default setting, you must set that variable in the system control file.
ECV null send string is not supported in the F5 Configuration utility.
Fix 766 is not currently supported in the F5 Configuration utility. If you set up ECV in the F5 Configuration utility and leave the send string blank (null), the default send string that is issued is GET /. The F5 Configuration utility does not allow the send string to be null. If you require a null in the send string, you should set this up by manually editing the /etc/bigd.conf file.
If you have this set up to use null in the send string, and then use the Global Node Port Properties screen or the Node Properties screen to change any option on this screen (or if you just hit the Apply button), it updates the ECV service check, and will then generate a GET / in the send string.