jetNEXUS ALB-X Accelerating Load Balancer Software Version 4.2.6 (Build 1826) 19th February 2019 ================================================================================================ *** NOTE: Do not re-load previous versions of software. See "Software Revert Notes" for special instructions - JNALB-9624 *** New =========== JNALB-9576 Make flightPATH query matches case-insensitive JNALB-9166 Speed up new connections when flightPATH is in use on a service JNALB-9538 In persistent policies, ignore drain for new "persistent" connections (browser behaviour) and clear persistence sessions when drain is complete JNALB-2271 Drain alterations to cater for browsers using multiple connections inappropriately JNALB-9432 When editing IP Services, update connections seamlessly to new VS, preventing 7-day problems JNALB-9487 Re-evaluate named RS details if monitoring should fail Fixed =========== JNALB-9406 Solved unexpected server restart JNALB-9480 CESA-2014:0917 platform update JNALB-9577 Add-ons are restored on reboot JNALB-9448 flightPATH use server with persistent load balancing caused incorrect server selection JNALB-9542 Improve accounting of RS client connections giving IP-List-Based better load distribution with use server actions JNALB-9252 Better UDP session management - maintain most-recently-used sessions JNALB-9437 Prevent restart caused by use server, then normal server, then close connection JNALB-9429 Prevent restarts that sometimes occurred during pre-authentication timeouts JNALB-9428 Remove excess pre-authentication logging and correct pre-authentication session timeout JNALB-8868 Pre-authentication sessions are no longer prompted to reauthenticate after a few minutes of inactivity JNALB-8966 Negative statistics corrected (flightPATH use server affected figures) JNALB-8964 Log information about logins by add-ons benignly JNALB-8967 GUI filter - focus-shift corrected JNALB-9023 Correct monitoring of WAF add-on and other named servers JNALB-9054 Service added by REST can now use flightPATH straight away without editing JNALB-9268 Prevent a restart when adding more UDP services to existing configuration JNALB-9349 Clear UDP sessions for a failed real server JNALB-9346 Add timeout control for UDP sessions JNALB-9257 Security improvement in GUI guarding against disconnect/reconnect JNALB-9203 Solve error message - add-on already running JNALB-9232 Prevent restart during UDP attack JNALB-9243 Prevent restart in random UDP behaviour JNALB-9244 Controllable UDP session number and UDP status information JNALB-9248 Improve add-on start/stop on Azure JNALB-9250 Prevent WAF sometimes showing as unlicensed after a restart JNALB-9374 Re-select original server when subsequent use server conditions are not matched on keep-alive connections JNALB-9418 Logging + special setting to help for occasions with extreme content replacements causing 60s + replacements JNALB-9442 Correct load-balancing after use server happens on the first request in a keep-alive session JNALB-9474 Correct monitoring apps to allow cluster sharing of monitoring scripts JNALB-9483 Updates to fix TCP SACK (MSS) vulnerability in libraries JNALB-9191 Network capacity is maintained when add-ons are deployed JNALB-9528 Immediate transfer of traffic to updated virtual service avoiding the need to restart Known Issues ====================== JNALB-9578 Azure VA unable to boot after software update JNALB-9378 Sometimes flighPATH body replace can cause problems if unsuitable content is replaced JNALB-8976 TCP monitoring can say failed if a service is added before a custom monitor is installed JNALB-9119 When DSR is in use, the status report shows 100% compression because no content is being sent JNALB-9337 Secure LDAP may need to use IP addresses Software Upgrade Notes ======================= JNALB-8590 If an invalid RegEx in a flightPATH condition is configured, the actions are not carried out. If updating from 4.2.4 or before, please check for errors in the system log about flightPATH conditions having invalid regular expressions. JNALB-8757 After upgrading from some earlier versions there is an error message "your session has expired. please login again." This is a consequence of the improved GUI security. Use the log out drop-down and log in again. Software Revert Notes ====================== ** URGENT ** JNALB-9624 Contact support to get an update suitable for rolling back build1764-4547-v4.2.4-Sprint2-safe-rollback.software.alb This has been caused by an update to the kernel in the new release that is not handled correctly by previous updates JNALB-8744 When downgrading from 4.2.6 to 4.2.3 or before, there will be a few steps needed to transition back from the improved secure logon in 4.2.5 and 6. After moving to an earlier level of software, the work-around is to use the log out drop-down in the GUI. Once logged out, Log back in as normal to obtain the down-level logon. This is due to the change to a new security model. Older GUIs are not compatible with it. jetNEXUS ALB-X Accelerating Load Balancer Software Version 4.2.6 (Build 1812) 18th July 2019 ============================================================================================ New =========== JNALB-9399 Improved information (content-size and timing) for troublshooting flightpath body replace conditions JNALB-7338 Show reasons if e-mail events cannot be sent JNALB-7843 Improve evenness of load for retrograde RDP clients JNALB-9039 Improved speed for very short communucations JNALB-9080 Improved GUI responsiveness JNALB-9101 Log each strike (monitoring failure) in real server monitoring + improve feedback JNALB-9136 Improve FTP monitoring JNALB-9347 Improved handling of UDP VPN connections JNALB-9429 Improve meaning of troubleshooting trace log messages JNLAB-9274 Improved response to real server activity changes JNALB-7024 DICOM monitor improvements JNALB-7255 FTP resilience Fixed =========== JNALB-9252 Better UDP session management - maintain most-recently-used sessions JNALB-8868 PRe-Authentication sessions are no longer prompted to reauthenticate after a few minutes of inactivity JNALB-8964 Log information about logins by add-on benignly JNALB-8967 GUI filter - focus-shift corrected JNALB-9023 Correct monitoring of WAF Add-On and other named servers JNALB-9054 Service added by REST can now use flightPATH straight away without editing JNALB-9268 Prevent a restart when adding more UDP services to existing configuration JNALB-9349 Clear UDP sessions for a failed real server JNALB-9346 Add timeout control for UDP sessions JNALB-9257 Security improvement in GUI guarding against disconnect/reconnect JNALB-9203 Solve error message - add-on already running JNALB-9232 Prevent restart during UDP attack JNALB-9243 Prevent restart in random UDP behaviour JNALB-9244 Controllable UDP session number and UDP status information JNALB-9248 Improve add-on start/stop on Azure JNALB-9250 Prevent WAF sometimes showing as unlicensed after restart JNALB-8570 No 24-hour limit on connections JNALB-8832 Azure ruggedness JNALB-8894 5s timer for fail-over JNALB-8922 Correct round-robin load-balancing JNALB-8948 Prevent start-up warnings in slow virtual environments JNALB-8952 Correct validation for adapter gateways JNALB-8974 Correct comma-seaparated multi-value lists in flightPATH conditions JNALB-9000 Address openSSH CVE-2018-15473 JNALB-9003 Correction to AWS region JNALB-9020 Prevent pre-authentication causing a restart JNALB-9026 Smoother component interaction at start-up JNALB-9034 Disable weak ciphers in ALB GUI JNALB-9049 Prevent restart after editing a viertual service JNALB-9072 Correction to FTP monitoring, logging and virtual service handling JNALB-9074 AWS deployment speed-up JNALB-9088 Prevent false system-health-check reports JNALB-9089 Address GUI pen-test JNALB-9097 Correct VLAN status JNALB-9117 Controlled shut-down of add-ons JNALB-9119 DSR statistics JNALB-9122 Resume services much sooner after restart JNALB-9147 Update FTP activity changes seamlessly JNALB-9168 Prevent false log messages about updating ALB users JNALB-9211 Faster UDP/DNS services when RS fails JNALB-9213 Prevent round-robin load-balance divide by 0 errors JNALB-9218 Event widget shows up-to-date information JNALB-9274 Prevent real servers going off-line causing a restart JNALB-9301 Control memory usage after 1000s of IP Services changes JNALB-9374 Correct flightPATH use (secure) server when conditions enact it sporadically JNALB-9418 Prevent diagnositc log messages (unless diagnostics are enabled) JNALB-9428 Correct pre-authentication session lifetime management JNALB-9432 Allow for long-lived connections (weeks) JNALB-9437 Prevent restarts when updating IP Services Known Issues ====================== JNALB-9378 Unconditional use of flighPATH body replace can slow traffic JNALB-9023 TCP monitoring says failed if a service is added before its WAF add-on is deployed and configured JNALB-8976 TCP monitoring can say failed if a service is added before a custom monitor is installed JNALB-6952 Status page shows 100% compression when DSR is in use - there is no compression as ALB is not involved in return traffic Software Upgrade Notes ======================= JNALB-8590 If an invalid RegEx in a flightPATH condition is configured, the actions are not carried out. If updating from 4.2.4 or before, please check for errors in the system log about flightPATH conditions having invalid regular expressions. JNALB-8757 After upgrading from some earlier versioons there is an error message "your session has expired. please login again." This is a consequence of the improved GUI security. Use the log out drop-down and log in again. Software Revert Notes ====================== JNALB-8744 When downgrading from 4.2.6 to 4.2.3 or before, there will be a few steps needed to transition back from the improved secure logon in 4.2.5 and 6. After moving to an earlier level of software, the work-around is to use the log out drop-down in the GUI. Once logged out, Log back in as normal to obtain the down-level logon. This is a deliberate change to a new security model. However the older GUIs are not compatible with it. jetNEXUS ALB-X Accelerating Load Balancer Software Version 4.2.5 (Build 1791) 5th February 2019 ================================================================================================ New =========== JNALB-9101 Log each strike/hit in monitoring giving more information on RS contact JNALB-9165 Check disk space before an add-on is deployed JNALB-9119 DSR and gateway statistics are shown Improvements ============= JNALB-9174 Connection failsafe removed JNALB-9178 Add-on logs can be cleared JNALB-9162 Improve add-on system logging to show the add-on name JNALB-9000 Update to the latest version of OpenSSH JNALB-9124 Improved restart speed when very busy JNALB-9080 Busy ALB GUI responds better JNALB-9133 Load network tables only as required JNALB-9039 Capacity improved for fleeting connections JNALB-9067 Report gateway configuration errors Fixed =========== JNALB-8974 GUI handles a flightPATH match list using comma in the list JNALB-9170 Unexpected restart - corrections to VS creation and RS deletion JNALB-9136 FTP improvements - drain and other activity changes + corrections to monitoring period and timeout JNALB-9072 FTP now reports service starting and stopping correctly JNALB-7255 FTP is only restarted when required in user changes JNALB-9168 Clustering no longer creates misleading User ID messages JNALB-9102 Improved monitoring sensitivity on busy networks JNALB-9060 Add-On routing compatible with adapter gateway JNALB-9020 Changes to authentication no longer cause a restart JNALB-8746 Adjust for bad browser behaviour with file paths in uploadeds in GUI JNALB-9097 VLAN-tagged routed interface indicators corrected JNALB-9156 Capture download works on slower network speeds JNALB-9104 Ensure details are always available in the software page JNALB-9194 Support file download improved for larger details JNALB-9144 Setting an RS group name containing commas no longer causes problems JNALB-9079 Report more details if system commands have errors reported JNALB-8945 Correct multi-user interaction - read-only access no longer affects outcomes JNALB-9213 Round-robin load-balancing and add+delete RS no longer causes logging of errors JNALB-9187 Real server group name can be changed JNALB-9158 API Logging of service changes contains the correct details JNALB-9211 UDP interactions managed to conserve resources JNALB-9191 Add-ons can start and stop without effects on traffic Known Issues ============= - Software Upgrade Notes ======================= JNALB-8590 If an invalid RegEx in a flightPATH condition is configured, the actions are not carried out. Please check for errors in the system log about flightPATH conditions having invalid regular expressions. JNALB-8757 After upgrading, from earlier versioons there is an error message "your session has expired. please login again." This is a consequence of the improved GUI security. Use the log out drop-down and log in again. Software Revert Notes ====================== ** URGENT ** JNALB-9624 Contact support to get an update suitable for rolling back build1764-4547-v4.2.4-Sprint2-safe-rollback.software.alb This has been caused by an update to the kernel in the new release that is not handled correctly by previous updates JNALB-8744 When downgrading from 4.2.6 to 4.2.3 or before, there will be a few steps needed to transition back from the improved secure logon in 4.2.5. After moving to an earlier level of software, the work-around is to use the log out drop-down in the GUI. Once logged out, Log back in as normal to obtain the down-level logon. This is a deliberate change to a new security model. However the old GUI is not compatible with it.