Scribd
Upload
31 views29 pages

GV OS ReleaseNote v5104

GV-OS-ReleaseNote-v5104

Uploaded by

priya18lal
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
31 views29 pages

GV OS ReleaseNote v5104

GV-OS-ReleaseNote-v5104

Uploaded by

priya18lal
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 29

GigaVUE OS v5.1.

04 Release Notes
Updated: August 20, 2018

Table of Contents
About This Document ...............................................................................................................................1
Upgrade Instructions .................................................................................................................................1
Line Card or Module Removal Procedure (Hot Removal) ........................................................................ 3
What’s New ...............................................................................................................................................4
New Features in 5.1.01 .......................................................................................................................4
New Features in 5.1.00 .......................................................................................................................5
Resolved Issues .....................................................................................................................................11
Resolved Issues in 5.1.04 .................................................................................................................11
Resolved Issues in 5.1.03 .................................................................................................................11
Resolved Issues in 5.1.02 .................................................................................................................12
Resolved Issues in 5.1.01 .................................................................................................................13
Resolved Issues in 5.1.00 .................................................................................................................14
Known Issues .........................................................................................................................................19
Available Documentation ........................................................................................................................28
Contacting Gigamon Support..................................................................................................................29

About This Document


These Release Notes describe the New Features and Enhancements, Resolved Issues, and Known
Issues for the GigaVUE H Series and TA Series Visibility Fabric™ Nodes and Certified Traffic
®

Aggregation White Boxes running the GigaVUE-OS v5.1.04 software release, as well as the H-VUE™
Web-Based GUI.
The GigaVUE H Series and TA Series Nodes include GigaVUE-HB1, GigaVUE-HC1, GigaVUE-HC2,
GigaVUE-HC3, GigaVUE-HD4, GigaVUE-HD8, GigaVUE-TA1, GigaVUE-TA10, GigaVUE-TA40,
GigaVUE-TA100, and GigaVUE-TA100-CXP manufactured by Gigamon . The GigaVUE H Series and
®

TA Series deliver performance and intelligence in each of its Visibility Platform nodes, with port density
and speeds that scale to network needs, from 1Gb to 100Gb.
With an intuitive web-based interface (H-VUE) and a powerful CLI, the Visibility Platform is able to
replicate, filter, and selectively forward network traffic to monitoring, management, and security tools. In
addition, the optionally available GigaVUE-Fabric Manager (FM) provides extended visibility fabric
management and reporting capabilities.

Upgrade Instructions
To upgrade to 5.1.xx, the recommended procedure is to install the image, then if needed,
upgrade uboot as a separate step.
Refer to the GigaVUE H Series Upgrade Guide and GigaVUE TA Series Upgrade Guide for the
procedure.

1 8/20/2018
GigaVUE OS v5.1.04 Release Notes

Upgrading Systems in Clusters


All GigaVUE H Series, TA Series, and Certified Traffic Aggregation White Boxes in a cluster
must run the same GigaVUE-OS software version. GigaVUE TA Series nodes and GigaVUE-OS on
a white box require a clustering license. Refer to the GigaVUE-OS CLI User’s Guide to set up the
clustering license.
If you plan to introduce, for example, a new GigaVUE node, with GigaVUE-OS 5.1.xx, to an existing
cluster, update all existing nodes to GigaVUE-OS 5.1.xx before introducing the new node to the cluster.
The new node should not have any traffic-related configuration on it. Gigamon recommends the
following upgrade procedure:
1. Start by upgrading all non-Master nodes in the cluster to the new release.
2. Once all non-Master nodes have been upgraded, upgrade the Master to the new release
and use the cluster reload command from the Master to reestablish the cluster settings.
3. Add the GigaVUE-HC2 to the cluster.

Credentials for admin Account on New Systems


All GigaVUE H Series, TA Series, and Certified Traffic Aggregation White Boxes shipped have the
following default login credentials:
 Username: admin
 Password: admin123A!
Starting in software version 4.7, a password change will be enforced when logging in with these default
login credentials.

Compatibility with GigaVUE-FM


GigaVUE-FM 5.1.xx supports GigaVUE-OS 5.1.xx as well as earlier versions.

Supported Browsers for GigaVUE-OS H-VUE and GigaVUE-FM


GigaVUE-OS H-VUE and GigaVUE-FM support the following browsers:

Browser Version

Mozilla Firefox™ Version 49.00 and higher

Windows® Internet Explorer® Version 11 and higher

Apple® Safari® Version 9.1 and higher

Google® Chrome® Version 54.0 and higher

NOTE: IE11 Compatibility view mode is not supported.

2 GigaVUE-HC3 BPS-HC3-C25F2G Module 8/20/2018


GigaVUE OS v5.1.04 Release Notes

Line Card or Module Removal Procedure (Hot Removal)


Line cards or modules are hot-swappable – they can be installed or removed from the chassis with the
power on. To remove a card safely with the power on, you must follow the procedures defined in the
Hardware Installation Guide. Hot removal without following the steps defined in the respective
document can cause system instability and require a reboot.

3 GigaVUE-HC3 BPS-HC3-C25F2G Module 8/20/2018


GigaVUE OS v5.1.04 Release Notes

What’s New
New Features in 5.1.01

Feature

GigaVUE-HC3 BPS-HC3-C25F2G Module


The BPS-HC3-C25F2G module is a bypass combo module with two 100Gb SR4 inline network port
pairs and sixteen 10Gb SFP+ port cages. The inline network ports support physical bypass on 100Gb
ports.
The 10Gb ports in the BPS-HC3-C25F2G module can be used as network, tool, or hybrid ports. They
support SFP+ 10GBASE-SR4 and 10GBASE-LR4 optics. However, stack-link ports are not supported.
Gigamon Resiliency for Inline Protection (GRIP)™ is supported on GigaVUE-HC3 only when there are
other modules installed in the node that can provide the stack link. The GRIP solution synchronizes the
nodes through a signaling link using a stack link between two stack ports. The BPS-HC3-C25F2G
module does not support stack ports, so another module such as PRT-HC3-C08Q08 or SMT-HC3-C05
must be available to be used for that purpose.
NOTE: The BPS-HC3-C25F2G module does not support 1Gb.
Products: GigaVUE-HC3
Documents: Refer to “BPS-HC3-C25F2G Module” in GigaVUE-HC3 Hardware Installation Guide,
“Configuring Inline Bypass Solutions” in GigaVUE-OS CLI User’s Guide, and “About Inline
Bypass Solutions” in GigaVUE-OS H-VUE User’s Guide

Common Criteria Enhancements


Enhancements have been made to support additional Common Criteria requirements for future
certification of GigaVUE-HC1 and GigaVUE-HC3 as follows:
 view a log message when an SSH session is rekeyed
 generate and upload a Certificate Signing Request (CSR)
 validate the revocation status of a certificate using a Certificate Revocation List (CRL)
Products: GigaVUE-HC1, GigaVUE-HC3
Documents: Refer to “Common Criteria Enhancements for GigaVUE-HC1 and HC3” in GigaVUE-OS
CLI User’s Guide

4 GigaVUE-HC3 BPS-HC3-C25F2G Module 8/20/2018


GigaVUE OS v5.1.04 Release Notes

Feature

Secure Uni-Directional, Simplex Cable/Links Support on PRT-HD0-C06X24


Enhanced 100Gb network ports on the GigaVUE HD Series PRT-HD0-C06X24 line card to support
unidirectional simplex cables. Normal 100Gb link negotiation requires bi-directional signals, which is not
allowed in some highly secure organizations that require isolation of data through unidirectional links.
By setting the network port to forcelinkup, the port is forced up into an RX-only mode and ignores link-
based errors caused by the simplex cabling.
Use the following CLI command to enable forcelinkup:
port <port list> params forcelinkup enable
For example:
port 1/3/c3 type network
port 1/3/c3 params forcelinkup enable
When forcelinkup is enabled on a port, the output of the show port and show port params commands
display RXon in the ForceLnkUp column.
Products: GigaVUE-HD4, GigaVUE-HD8
Documents: Refer to “Secure Uni-Directional, Simplex Cable/Links” in GigaVUE-OS CLI
User’s Guide

New Features in 5.1.00

Feature

Hardware: QSFP+ PLR4 Optics, QSF-506


The 40Gb QSFP+ 40GBASE-PLR4 transceiver, QSF-506, is supported on the following:
 GigaVUE-HC3: PRT-HC3-C08Q08 (100Gb ports and 40Gb ports) and SMT-HC3-C05 (100Gb
ports)
 GigaVUE-HD4 and GigaVUE-HD8: PRT-HD0-C06X24 (100Gb ports)
 GigaVUE-TA10 (40Gb ports), GigaVUE-TA40 (40Gb ports), and GigaVUE-TA100 (100Gb ports)
Products: GigaVUE nodes listed above
Documents: GigaVUE-HC3 Hardware Installation Guide, GigaVUE HD Series Hardware Installation
Guide, GigaVUE TA Series Hardware Installation Guide

5 Secure Uni-Directional, Simplex Cable/Links Support on PRT-HD0-C06X24 8/20/2018


GigaVUE OS v5.1.04 Release Notes

Feature

GigaStream: Increased Number of Tool Ports


The maximum tool ports per GigaStream have increased for many GigaVUE products. For example,
the maximum tool ports on a GigaVUE-TA100 is now 32 for 100Gb or 40Gb, or 128 if the 32 ports are
broken out into 4 x 10Gb. In addition, the maximum stack ports per GigaStream may have increased.
Refer to the tables in the GigaStream chapter.
Products: All GigaVUE nodes
Documents: GigaVUE-OS CLI User’s Guide, GigaVUE-OS H-VUE User’s Guide

GigaStream: Controlled GigaStream on Expanded Platforms


Controlled GigaStream provides controlled traffic distribution, which gives more granular control over
hashing to the tool ports.
All GigaVUE H Series and TA Series nodes support controlled GigaStream, with the following
distinctions:
 On GigaVUE HD Series nodes, the following line cards are supported: PRT-H00-Q02X32,
PRT-HD0-C06X24, and PRT-HD0-Q08.
 On GigaVUE HD Series nodes, the following line cards are not supported: PRT-H00-X04G44,
PRT-H00-X12G04, PRT-H00-X12TS, PRT-HD0-C01, PRT-HD0-C02X08 and C02X08A.
 GigaVUE-HB1 is not supported.
GigaVUE nodes with controlled GigaStream are supported in a cluster environment. Controlled
GigaStream can only be used as a packet egress destination (tool GigaStream).
Products: GigaVUE nodes listed above
Documents: GigaVUE-OS CLI User’s Guide, GigaVUE-OS H-VUE User’s Guide

6 GigaStream: Increased Number of Tool Ports 8/20/2018


GigaVUE OS v5.1.04 Release Notes

Feature

GigaStream: Advanced Hashing with MPLS


GigaStream MPLS hashing adds the ability to hash on MPLS labels as well as the following IP address
fields inside an MPLS tunnel: ipsrc, ipdst, ip6src, and ip6dst.
Advanced hashing with MPLS is supported on PRT-H00-Q02X32, PRT-HD0-Q08, and PRT-HD0-
C06X24 line cards on GigaVUE-HD4 and GigaVUE-HD8 nodes, and on GigaVUE-HC1, GigaVUE-HC2,
GigaVUE-HC3, GigaVUE-TA1, GigaVUE-TA10, GigaVUE-TA40, and GigaVUE-TA100 nodes.
The gigastream advanced-hash command can detect up to three MPLS labels. Packets with one to
three MPLS labels can be hashed, along with IP address fields, if present. If a packet has more than
three MPLS labels, IP address fields after the third MPLS label cannot be hashed.
Products: GigaVUE nodes listed above
Documents: GigaVUE-OS CLI User’s Guide, GigaVUE-OS H-VUE User’s Guide

Clustering: Layer 3 Out-of-Band Discovery


A node residing on a different management subnet can join an out-of-band cluster using Layer 3 (L3)
out-of-band manual discovery. A node residing on a different IP subnet manually discovers the IP
address of the current master node in the cluster and the IP address of the standby node. After
discovering the IP addresses, the node residing on a different subnet establishes the connection with
the current master node in the cluster. Once the node joins the cluster, it automatically receives a
complete copy of the cluster’s database.
Products: All GigaVUE nodes
Documents: GigaVUE-OS CLI User’s Guide

7 GigaStream: Advanced Hashing with MPLS 8/20/2018


GigaVUE OS v5.1.04 Release Notes

Feature

Clustering: Leaf and Spine with Multiple Paths (Beta)


The leaf and spine architecture is a two-layer architecture used for network aggregation. There are two
kinds of nodes in this architecture, as follows:
 leaf nodes, which are edge nodes and can also have TAPs or tools attached to them
 spine nodes, which are the nodes to which the leaf nodes attach
In this architecture, each leaf node connects to every spine node. This forms a mesh between the leaf
and spine nodes.
With multiple paths between the nodes in a cluster, the leaf and spine architecture protects against
failures, such as stack link or spine node failures. In the event of a failure, the traffic on one path fails
over to the other path.
Products: All GigaVUE nodes
Documents: High Availability in a Cluster Beta Guide

Security: Disabling/Enabling Blank Passwords


To enhance security on the node, logging into a GigaVUE system without a password is no longer
allowed, by default. The upgrade to software version 5.1 will go smoothly, but user accounts with blank
passwords that were created in software versions prior to 5.1 will be disabled in software version 5.1.
An admin user must take explicit action to re-enable those accounts.
An admin user will be able to change the default and enable logging in with blank passwords.
CLI commands and error messages have been added to manage blank passwords. The CLI
commands are for local authentication only.
Products: All GigaVUE nodes
Documents: GigaVUE-OS CLI User’s Guide, GigaVUE-OS H-VUE User’s Guide

8 Clustering: Leaf and Spine with Multiple Paths (Beta) 8/20/2018


GigaVUE OS v5.1.04 Release Notes

Feature

GigaSMART: Load Balancing across Tunnel Endpoints


L2GRE tunnel encapsulation now supports load balancing. Traffic from a tunnel port can be sent to
multiple destinations defined by IP address. The traffic is distributed using stateless hashing or stateful
load balancing.
License: Advanced Tunneling (GigaVUE-HD4, GigaVUE-HD8, GigaVUE-HC2, and GigaVUE-
HC3), Tunneling (GigaVUE-HC1 and GigaVUE-HB1)
Products: GigaVUE-HD4, GigaVUE-HD8, GigaVUE-HC1, GigaVUE-HC2, GigaVUE-HC3, GigaVUE-
HB1
Documents: GigaVUE-OS CLI User’s Guide, GigaVUE-OS H-VUE User’s Guide

GigaSMART: NetFlow IPFIX Enhancements


NetFlow for IPFIX has been enhanced as follows:
 handles IPv4/IPv6 mixed traffic. A mix of IPv4 and IPv6 collect fields (IPv4 source/ destination
and IPv6 source/destination) are not supported in one record. Instead, create two records, one
for IPv4 collect fields and one for IPv6 collect fields. When the IPv4/IPv6 collect fields are in
separate records, an exporter will only send out records with non-blank elements. For NetFlow
version v5 and v9, when collecting both IPv4 and IPv6 elements, some of the fields might be
exported as blank if the incoming traffic is a mix of IPv4 and IPv6. The workaround is to use
IPFIX.
 supports multiple sampling rates. A NetFlow monitor can have multiple records with different
sampling rates. The records are only updated with packets at the rate specified.
 supports an exporter for a record. An option is added to assign different exporters to different
records. Instead of records being sent to all exporters, you can add an exporter to a record,
which defines the exporter to which the record is sent.
 supports text format for certain metadata elements. Eight DNS elements, two SSL certificate
elements, and two SSL server elements can be collected in text format, which is more readable
than hexadecimal.
License: NetFlow Generation
Products: GigaVUE-HD4, GigaVUE-HD8, GigaVUE-HC1, GigaVUE-HC2, GigaVUE-HC3, GigaVUE-
HB1
Documents: GigaVUE-OS CLI User’s Guide, GigaVUE-OS H-VUE User’s Guide

9 GigaSMART: Load Balancing across Tunnel Endpoints 8/20/2018


GigaVUE OS v5.1.04 Release Notes

Feature

GigaSMART: APF Pattern Matching Enhancement


Adaptive Packet Filtering (APF) pattern matching has been enhanced as follows:
 supports multiple pattern matches. A map can have multiple GigaSMART rules, each rule can
have a pattern matching expression, and a single packet can match multiple rules.
 supports multiple pattern matches with masking. If there is masking associated with a rule and a
packet matches multiple rules, the masking action is enforced for all the matching rules in the
map.
License: Adaptive Packet Filtering
Products: GigaVUE-HD4, GigaVUE-HD8, GigaVUE-HC1, GigaVUE-HC2, GigaVUE-HC3, GigaVUE-
HB1
Documents: GigaVUE-OS CLI User’s Guide, GigaVUE-OS H-VUE User’s Guide

Inline Bypass: Support GRIP on BPS-HC0-Q25A28


Support for Gigamon Resiliency for Inline Protection (GRIP) is added on the GigaVUE-HC2 40Gb BPS
module, BPS-HC0-Q25A28.
Products: GigaVUE-HC2
Documents: GigaVUE-OS CLI User’s Guide, GigaVUE-OS H-VUE User’s Guide

Documentation Feedback
All user documents contain the following documentation feedback link in the “Additional Sources of
Information”. The link takes you to a survey in which you can send feedback and report issues in the
documentation.
https://www.surveymonkey.com/r/gigamondocumentationfeedback

10 GigaSMART: APF Pattern Matching Enhancement 8/20/2018


GigaVUE OS v5.1.04 Release Notes

Resolved Issues
This section contains lists of resolved issues for 5.1.00 and each MR within the 5.1.xx branch.

Resolved Issues in 5.1.04


HD-48135 Resolved the issue where users were unable to login to GigaVUE H-VUE due to a
"Server error. Please try again," error.
HD-48134 Resolved the issue where GigaVUE-FM failed to sync up with a device due to
recursive session locks. The workaround was to restart the REST API to get the
nodes to sync up.
HD-47994 Resolved an issue in H-VUE in which a syslog error message pertaining to a tornado
application was received, Method Not Allowed was displayed in the GUI, and the
Maps page became unusable.
HD-47897 Resolved the configuration errors that occurred while trying to delete a map.
HD-47854 Resolved the issue where you could not edit a first-level map, when other maps
shared the same sources. This was observed when editing the traffic param control
of a map that shares this source with approximately 20 other maps. Failure occurred
in the apply phase.
HD-46667 Hybrid ports are now supported on 1Gb transceivers inserted in 10Gb ports (either
optical or copper).
HD-45830 Resolved the issue where 40G QSFP+ ports were flapping and showing "Invalid"
status after upgrading to 5.2.01 on a TA40 TRQORL32.
HD-45570 Resolved an issue in a spine-leaf cluster in which there were more than the
maximum number of GigaStream, which caused packets at one of the spine nodes
to be duplicated over the stack GigaStream ports rather than being load balanced.
The maximum GigaStream number was increased.
HD-45565 Resolved an issue on GigaVUE HD Series and GigaVUE-HC2 in which devices
experienced management interface connectivity failures.
HD-44406 Resolved an issue with classic inline bypass in which editing the destination port of
an out-of-band passall map caused the inline network ports to drop traffic. The traffic
path of the inline network ports was configured as either bypass or monitor.

Resolved Issues in 5.1.03


HD-44458 Resolved an issue in which the fan speed on GigaVUE-HC3 stayed the same and
did not change when card temperature increased.
HD-41188 Resolved an issue with controlled GigaStream in which editing the GigaStream ports
to change hash buckets caused hashing not to work.

11 Documentation Feedback 8/20/2018


GigaVUE OS v5.1.04 Release Notes

HD-39779 Resolved an issue that occurred when there was an overlapping network port and a
tool port that was shared in common with a byRule map and a passall map.
HD-39060 Resolved an issue in which a GigaSMART operation (GSOP) could not be removed
after editing the source port in the map. When removing the GSOP, the following
error message was displayed: Not enough resource.

Resolved Issues in 5.1.02


HD-42875 Resolved an issue with inline bypass in which the traffic on the inline tools was
double when the traffic path of the inline network was set to monitoring.
HD-42735 Resolved an issue in which a particular log message (Recovery Successful - line_card
eeprom) was repeatedly printed.
HD-42538 Resolved an issue in which entering the syslog server domain name, rather than its
IP address, caused an infinite system reload loop. Domain name configuration for
the syslog server is now allowed only when there is a static host to IP mapping for
IPV4 addresses.
HD-42537, HD-42989
Authentication failure traps flooded GigaVUE-FM when the SNMP agent received a
request with an incorrect community name. The following message was displayed on
the Events page: Protocol message is not properly authenticated.
HD-42536 Resolved an issue in which a GigaSMART crash was observed on GigaVUE-HC3
when multiple drop rules were present in a second level map using two different
GigaSMART operations (GSOPs), where buffer Application Session Filtering (buffer
ASF) was applied to a single virtual port and the incoming traffic was greater than
25Gb.
HD-42467 Resolved an issue on GigaVUE-HC1 in which some alarm and alert thresholds for
ports were incorrectly displayed in the output of show port params.
HD-42425 Resolved an issue on a GigaVUE-HD8. When multiple PRT-HD0-C06X24 line cards
are loaded into the system, CPU usage is no longer high and the CLI response is
normal after enabling breakout mode on the 100Gb ports.
HD-42397 Resolved an issue for inline SSL decryption in which a virtual port flap on one
GigaSMART card, removed the configuration on the second GigaSMART card.
HD-42375 Resolved issues with deleting inline SSL blacklist and whitelist entries and clearing
inline SSL profiles.
HD-42238 Resolved an issue with GigaSMART NetFlow Generation in which exporter filters
were not matching rules properly.
HD-42137 Resolved an issue in which the timestamp was not included in certain syslog
packets.

12 Documentation Feedback 8/20/2018


GigaVUE OS v5.1.04 Release Notes

HD-42030 Resolved an issue in which a child process (python) was killed but the REST API did
not relaunch the process.
HD-41878 Resolved an issue for which an inline-bypass configuration with inline-tool-group
having shared mode false, caused the incoming VLAN of the packet to be stripped.
HD-41841 SFP power log messages were incorrectly set at notice (normal but significant) level
and flooded the system, filling up the log files. The message severity level has been
changed to info (informational messages).
HD-41108 Resolved an issue after reloading a GigaVUE-HC2 with inline bypass configuration,
traffic between the network ports was dropped when the failover action was
configured as per-tool in the inline serial configuration and the source was a single
inline network.
HD-40954 H-VUE is now supported when using Internet Explorer.
HD-40131 Resolved an issue in which the hybrid port type was not supported when 1Gb SFPs
were installed.

Resolved Issues in 5.1.01


HD-40712 Resolved an issue on GigaVUE-HC3 in which a packet processing core in the CPU
of a GigaSMART engine crashed when jumbo frames were buffered during transmit
(TX) using a Buffer ASF GigaSMART operation.
HD-40703 Resolved an issue on GigaVUE-HC3 in which the GigaSMART engine watchdog
was enabled but was not working and when it was disabled, caused a software reset.
Use the following CLI command to set a timer for the engine watchdog: gsparams
gsgroup gg1 eng-watchdog-timer 60. The engine watchdog timer detects when a
packet processing core in the CPU of a GigaSMART engine enters a deadlocked
state.
HD-40451 Addressed a security vulnerability identified in GigaVUE-OS that could allow remote
execution of arbitrary code.
HD-40302 Resolved an issue in which H-VUE was not loading using Internet Explorer 11.
HD-39987 Resolved an issue in which the card status on a GigaVUE-HC1 node was not
updated after an upgrade to software version 5.1.01 when the installed GigaSMART
license had been removed.
HD-39964 Resolved an issue in which the output of the show port params command did not
have SFP information for the PRT-H00-X12TS line card on a GigaVUE HD Series
node.
HD-39931, HD-39513
Resolved an issue in which the link status on a GigaVUE-HC2 stack port connected
to a GigaVUE-TA1 with Active Fiber Cable CBL-410, was down following a software
upgrade.

13 Documentation Feedback 8/20/2018


GigaVUE OS v5.1.04 Release Notes

HD-39892 Resolved an issue in which peer ports on PRT-HD0-C02X08 line card on a GigaVUE
HD Series node went down following a reload when forcelinkup was enabled on
ports.
HD-39807 In H-VUE, blocked the configuration of a collector map with a load balance-enabled
port group as a destination as this is unsupported.
HD-39730 Resolved an issue in which an incorrect speed for the eport on the GigaSMART
module on GigaVUE-HC3 was displayed in the output of the show port utilization
command.
HD-39720, HD-39244, HD-38339
Resolved an issue in which GigaSMART engine crashes were seen if the
ModifyBearerReq was missed or had invalid fields so that the respective tunnels
could not be created.
HD-39270 Resolved an issue for inline SSL decryption on GigaVUE-HC2, in which the apps
inline-ssl profile alias <alias> decrypt tool-bypass <disable | enable> command
was not working as expected.

Resolved Issues in 5.1.00


HD-39130, HD-37849
Resolved an issue in H-VUE in which the stack port link displayed a status of down,
following an upgrade to software version 5.0.0.1, but the status was up.
HD-38817 Resolved an issue on GigaVUE-HB1 in which the GigaSMART engine port flapped
continuously following an upgrade to software version 5.0.01.
HD-38708 Resolved an issue in which the GigaSMART engine on GigaVUE-HC2 crashed when
GTP correlation was configured due to unavailable tunnels.
HD-38691 Resolved an issue for inline SSL decryption on GigaVUE-HC2 in which a log
message for a session counter displayed the following: counter negative type 19.
HD-38594 Resolved an issue with GTP overlap flow sampling maps in which a VLAN tag,
numbered 4091, was added to traffic leaving the GigaSMART engine and the
GigaVUE node.
HD-38534 Resolved an issue with inline bypass in which traffic from an out-of-band map was
not sent to the tool port when the tool and source ports were on different modules
and a GigaSMART de-duplication operation was added to the map.
HD-38324 Resolved an issue in which H-VUE only reported the CPU information of the master
and not of the standby node in the cluster.
HD-38322 Resolved an issue for inline SSL decryption on GigaVUE-HC2 when a server used a
self-signed certificate, the following error message was displayed in H-VUE: Unable
to connect to server.

14 Documentation Feedback 8/20/2018


GigaVUE OS v5.1.04 Release Notes

HD-38225 Resolved an issue with inline bypass following a node reload in which the heartbeat
state was up before the inline tool was functional.
HD-38033 Resolved an issue in which a single fiber was connected to a tool port and
forcelinkup was enabled, but traffic was not sent to connected device.
HD-37977, HD-38096
Resolved an issue on GigaVUE TA10 nodes in which control plane CLI slowness
was experienced. One of the software process CPUs showed high usage, and a
power supply and FAN showed absent or had an incorrect status in the show
chassis or show environment commands.
HD-37925 Resolved an issue in which a hybrid port stopped sending traffic after a reload. This
issue affected RJ-45 copper ports (non-SFP ports).
HD-37858, HD-35612
Resolved an issue in which packet drops were not shown in H-VUE in Port Statistics
graphs, though they could be seen in the CLI.
HD-37836, HD-37955
Resolved an issue in which there were management connectivity issues when a
GigaVUE-HD8 node was booting up, due to control card, CC2, being connected to a
network port.
HD-37816 Resolved an issue in H-VUE in which the following error message was displayed
under the log settings so the syslog server could not be configured on a GigaVUE-
TA10: AddressValueError: At least 3 parts expected in '1.1.1.1'.
HD-37714, HD-35182
Resolved an issue with GigaSMART Adaptive Packet Filtering (APF) in which input
packet counters (pkts_in and octets_in) displayed zero values for the GigaSMART
operation statistics.
HD-37693 Resolved an issue on GigaVUE-HC1 in which the auto-negotiation setting on 1Gb
ports could not be changed because they had once been configured as inline
network ports.
HD-37679 Resolved an issue with a port down condition between GigaVUE TA Series and
GigaVUE HD Series nodes with 40Gb optics.
HD-37648 Resolved an issue in which H-VUE displayed a protected inline network port pair on
a copper TAP on GigaVUE-HC1 as unprotected.
HD-37503, HD-33653
Resolved an issue in H-VUE in which unsupported editing of the from port in GTP
second level maps, including flow filtering, flow sampling, and whitelisting maps, was
allowed.
HD-37224 Resolved an issue in H-VUE in which there were packet drops under Ports with
Packet Drops on the Overview Page on a GigaVUE-HB1, but under the Packet
Drops counter, it indicated that no packets were dropped.

15 Documentation Feedback 8/20/2018


GigaVUE OS v5.1.04 Release Notes

HD-37168 Resolved an issue for inline SSL decryption on GigaVUE-HC2 in which the
GigaSMART operation statistics for an out-of-band map were always displayed as
zero.
HD-37071 Resolved an issue in which a map alias containing a special character (an
apostrophe) could not be displayed in H-VUE, but could be displayed in the CLI.
HD-36954 Resolved an issue with inline bypass in which enabling and disabling negative
heartbeat impacted regular heartbeat.
HD-36693, HD-37243
Resolved an issue on GigaVUE-HC1 in which an incorrect LED illuminated for a port
that was enabled and up.
HD-36637 Resolved an issue on GigaVUE-HC3 in which GigaStream on stack ports across
different modules was not supported.
HD-36608, HD-35013, HD-32626
Resolved an issue on GigaVUE-HB1 in which the GigaSMART engine port (e1)
showed a port temperature of 0C.
HD-36592 Resolved an issue with inline bypass in which ingress VLAN tagging (explicit VLAN
tagging) was not working when there were more than eight (8) inline networks in an
inline network group. Traffic only flowed to the first eight inline network port pairs.
HD-36430 Resolved an issue on GigaVUE-HC1 in which the port speed was incorrectly
displayed as 10Gb for a hybrid port with a 1Gb copper SFP. An X port with a 1Gb
copper SFP inserted can no longer be configured as a hybrid port.
HD-36399 Resolved an issue with Role-Based Access Control (RBAC) for map templates in H-
VUE in which a user-configured map template was not displayed on the Map
Templates page.
HD-36344, HD-36179, HD-36345, HD-37487
Resolved an issue on GigaVUE-HC2 nodes equipped with Control Card version 2
(HC2 CCv2) in which TAP modules plugged into slots 3 and 4 failed to initialize and
ports remained down.
HD-36242, HD-36243
Resolved an issue with inline SSL decryption on GigaVUE-HC2 in which the primary
and secondary signing keys were not deleted with the following commands,
however, after the commands were issued, a new certificate/key pair could be
configured, which overwrote the existing certificate/key pair:
1. no apps inline-ssl signing rsa for primary
2. no apps inline-ssl signing rsa for secondary
HD-36058 Resolved an issue in which the display of a local user’s account status was
inconsistent between the CLI and H-VUE. The status in the CLI (Local password
login disabled) is now displayed in H-VUE.

16 Documentation Feedback 8/20/2018


GigaVUE OS v5.1.04 Release Notes

HD-36028 Resolved an issue in which the use of the configuration delete-all command on
devices in the cluster, did not correctly synchronize further configuration changes.
HD-35929 Starting in software version 5.0, an X port with a 1Gb copper SFP inserted cannot be
configured as a hybrid port. Added an error message in the output of the show port
command that the hybrid port type is not supported for this SFP.
HD-35891, HD-34931
Resolved an issue in which editing a second level map for an Adaptive Packet
Filtering (APF) GigaSMART operation to delete one GigaSMART rule (gsrule),
caused traffic for other gsrules in the map to stop flowing.
HD-35883 Resolved an issue in H-VUE in which the display for Under-Utilized Ports and Over-
Utilized Ports was interchanged.
HD-35842 Resolved an issue on GigaVUE-TA1 in which the U-Boot binary from active/booted
image was not displayed in the output of the show uboot command.
HD-35805 Resolved an issue in which GigaSMART crashed after GTP and another
GigaSMART application (APF) was configured on the same GigaSMART engine.
HD-35802 Resolved an issue in GigaSMART NetFlow records in which two-way binding is not
propagated from the GUI to the model. NetFlow Collector fields are not removed
when they are deleted using the GUI, but they are removed when deleted using the
CLI.
HD-35687 Resolved an issue on the PRT-HC3-C08Q08 module on GigaVUE-HC3 in which
subports remained down on switching from one port mode to a different port mode
(4x or 2q) using the configuration switch-to or configuration text file commands.
HD-35624, HD-30310
Resolved an issue in which an optical 1Gb link between the PRT-H00-X04G44 line
card on a GigaVUE HD Series node and a GigaVUE-HC1 node did not come up due
to auto-negotiation settings.
HD-35577 Resolved an issue in which the node entered safe mode due to editing more than
one map attribute at a time, such as changing a tool port and changing roles in the
same edit (without exiting map prefix mode).
HD-35464 Resolved an issue in some scenarios involving inline tool groups, in which issuing
the configuration switch-to command to restore a saved configuration might have
caused one of the inline tool members to incorrectly remain in a down state.
HD-35337 Resolved an issue with a 40Gb stack-link port on a connected node that stayed up
when a GigaVUE-TA40 was disabled because the GigaVUE-TA40 was not turning
the laser off on disable.
HD-35335 Resolved an issue for an inline bypass configuration with an inline network group
and an inline tool group, when only one inline tool pair in the inline tool group was
up, configuring an out-of-band (OOB) map with one of the inline tool ports as the
source caused traffic drops.

17 Documentation Feedback 8/20/2018


GigaVUE OS v5.1.04 Release Notes

HD-35314 Resolved an issue with GigaSMART Application Session Filtering (ASF) in which the
output of show map stats for the second level map displayed incorrect byte counts.
HD-35133 Resolved an issue for inline bypass in which there were traffic drops when an inline
tool group was configured with a spare inline tool and explicit VLAN tagging in an
inline serial arrangement.
HD-34785 Resolved an issue with pattern matching masking using regular expressions (RegEx)
in GigaSMART Adaptive Packet Filtering (APF) in which only 8 bytes were masked
instead of the 12 specified in the GigaSMART rule (gsrule).
HD-34684 Resolved an issue in which editing maps containing overlapping (subset of) network
ports, then adding a new network port in a map which is last in the map priority order
resulted in the following error message: % Configuration failed.
HD-34312 Resolved an issue in a scaled configuration in which a GigaSMART tunnel license
that could not be synchronized from the master to the non-master nodes across a
cluster was missed on the non-master nodes in the cluster, which might have caused
them to go into Safe mode.
HD-34149 Resolved an issue in which a large value (12992277 minutes) for the web session
auto-logout command prevented Web login through H-VUE.
HD-34128 Resolved an issue in which an ingress interface was a fanned out port (a subport)
and the GigaSMART NetFlow ifname was blank in the exported flow record after
reloading the node.
HD-34106 Resolved an issue with PRT-HD0-C06X24 on GigaVUE HD Series nodes in which
the power level on stack ports might be displayed as -40.00dBm in the output of
show port commands after an upgrade from a pre-5.1 release to the 5.1 release.
To correct this issue, turn the power to the node off and on again.
HD-33500 Disallowed the creation of a GTP whitelist with a hyphen (-) as the first character of
the alias as this caused the whitelist to be inaccessible from the CLI.
HD-33382 Resolved an issue with the show aaa authentication attempts command in which
the output was different for an admin user and a monitor user after logging in
following several failed login attempts and being locked out.
HD-31579 Resolved an issue in which maps could not be edited in H-VUE by a user with edit-
only access to the map.
HD-22895 Resolved an issue in which the configuration text file <filename> apply verbose
fail-continue command failed if the text file contained Application Session Filtering
(ASF) with Buffering configuration.

18 Documentation Feedback 8/20/2018


GigaVUE OS v5.1.04 Release Notes

Known Issues
This is a list of known issues in this release.
HD-47022 For HB1, the clock cannot be set to a new time. If the clock is changed to a time
other than the current time, after rebooting, the clock changes back to the original
time.
HD-42979 For classic inline bypass in a many-to-many scenario, with an inline network group
feeding an inline serial passall map and the traffic path set to monitoring, disabling
an inline tool to trigger failover results in traffic being forwarded back to the disabled
inline tool. This is expected behavior.
HD-42859 For classic inline bypass, with inline network and inline tool ports configured with
shared mode disabled and the traffic path of the inline network set to either bypass
or monitoring, when there is a rule based map or shared collector sending traffic from
the inline network to the inline tool port, adding or deleting a passall out-of-band
(OoB)map that uses one of the inline network ports as a source causes the traffic
matching the rule in the inline map or shared collector to be dropped between the
inline network port. The workaround is as follows:
• Step 1: Enable physical bypass before adding or deleting the passall OoB map
and once the passall OoB map is configured, change the traffic path of the inline
network to bypass or monitoring.
• Step 2: Disable physical bypass.
HD-42186 For classic inline bypass inline serial tool arrangement, when the inline network is set
to monitoring and the failover action of the inline tools is set to tool-bypass, when the
first inline tool in the series fails, one-way traffic is sent to the second inline tool. This
is expected behavior.
HD-42073 For classic inline bypass, when the inline network group is in monitoring mode, the
inline serial failover action per-tool is not taken into account. This is expected
behavior for monitoring mode for inline classic deployments and there are no further
plans to enhance monitoring mode in classic inline bypass. This issue/use case is
resolved with flexible inline arrangements (GA in software version 5.3), which offers
better traffic path monitoring behavior that is highly customizable and adaptable to
per tool failures.
HD-41895 For classic inline bypass, the traffic coming from an inline network group, with a
traffic path of monitoring, and going to an inline tool is missing a VLAN tag. Note that
the traffic to the inline tool is untagged only when the source is an inline network
group and the traffic path is set to monitoring.
HD-41053 For inline SSL decryption, deleting a GigaSMART out-of-band map results in loss of
access to HTTPS from client-server. The workaround is upgrade to software version
5.2.xx.

19 Documentation Feedback 8/20/2018


GigaVUE OS v5.1.04 Release Notes

HD-40829 On GigaVUE-HD8, if the ports do not have any statistics because no traffic has been
sent or the port statistics have been cleared, issuing the show profile current port
command logs the user out of the system. The workaround is to log back in and
issue any other CLI command.
HD-39989 In H-VUE, an unsupported map configuration leads to a GigaVUE node entering safe
mode following an upgrade to software version 5.1.01 from a 5.1 or earlier software
version. A shared collector map should not be configured with a load balance-
enabled port group as a destination. Prior to software version 5.1.01, this type of
configuration was accepted by H-VUE, but on upgrade to software version 5.1.01,
the GigaVUE node enters safe mode. The workaround is to remove the configuration
of the collector map before the upgrade.
HD-39775 For inline SSL decryption on GigaVUE-HC2, defer timeout is only enforced for local
lookup, not cloud lookup.
HD-39121 With GTP load balancing in a cluster in which the load balanced ports can be on a
different node than the GigaSMART group and GigaSMART operation, GigaSMART
crashes and the node reboots when second level maps have been configured first,
followed by a large number of first level maps configured next. After the node
reboots, this issue is resolved because the first level maps are replayed first and the
second level maps are replayed next. However, the workaround is to configure the
first level maps first and then configure the second level maps.
HD-38754 For inline SSL decryption on GigaVUE-HC2, you can configure a non-default value
for the packet buffer overload threshold, but do not disable it as follows:
(config) # gsparams gsgroup <GigaSMART group alias> resource packet-buffer
overload-threshold disable
If the overload threshold is disabled, the GigaVUE node can enter an overload
bypass state from which it cannot recover. If this issue has occurred, change the
overload threshold to the default value and reboot the node to recover from this
state.
HD-38563 With GigaSMART Adaptive Packet Filtering (APF) on GigaVUE-HC1 and GigaVUE-
HC3, when there are multiple Regular Expression (RegEx) rules with wildcards in a
single map where the search possibilities are quite large, the search slows, the
performance decreases, and due to that, there could also be some dropped traffic. If
there are multiple complex wildcard-based expressions, the workaround is to split the
rules into two or more maps. This might use an additional physical port for the
workaround, depending on the RegEx configuration.
HD-38079 With GigaSMART APF pattern matching, masking does not occur for a second
GigaSMART rule, depending on how the Regular Expression (RegEx) is written.
Consider the following GigaSMART rules (gsrules):
gsrule add pass pmatch mask 0x2a protocol tcp pos 1 RegEx [a-z0-9]+
0..10

20 Documentation Feedback 8/20/2018


GigaVUE OS v5.1.04 Release Notes

gsrule add pass pmatch mask 0x2a protocol tcp pos 1 RegEx [a-z0-9]+
67..80
These two gsrules are part of the same map and have the same RegEx. The gsrules
are trying to mask two different sections in the packet. During pattern matching
lookup, APF stores the first 20 occurrences. If each of the gsrules have more than 20
matches, there can only be the first 10 matches of each because a maximum of 20
occurrences are stored. Matches that occur further into the packet (such as at offset
67..80) will not be available, so masking will not occur for the second gsrule. The
workaround is to write Regular Expressions that are not as broad.
HD-37929 For nodes in a cluster, discarded packets (IfInDiscards) are not counted correctly
when a tool port is on a remote node. If the tool port is on the same node as the
network port, discarded packets are counted correctly. If the tool port is on a remote
node, discarded packets are counted on the stack link.
HD-37873 An unsupported map configuration leads to a GigaVUE node entering safe mode
following an upgrade to software version 5.1. A shared collector map and a regular
map should not have same set of network ports. Overlapping network ports should
not be configured and are not supported. Prior to software version 5.1, this type of
configuration was accepted by the system, but on upgrade to software version 5.1,
the GigaVUE node enters safe mode and can be recovered only by deleting the
unsupported map configuration.
HD-36284 Egress port filters do not work for VLAN pass/drop rules for hybrid GigaStream ports.
HD-36014 For inline SSL decryption on GigaVUE-HC2, cannot ping the stack port interface on
the GigaSMART engine from a laptop or client machine. This is because incoming
connections to the stack port interface are blocked for security reasons.
HD-35774 On the PRT-HC3-C08Q08 module on GigaVUE-HC3, stacking is not supported on
2q mode subports.
HD-35564 For inline SSL decryption on GigaVUE-HC2, maps need to be added in a specific
order. The order is as follows: inline SSL first level map, inline SSL second level
map, shared collector, classic inline map, then optional out-of-band map.
HD-35523 Upgrading the coreboot is only available if the GigaVUE-TA100-CXP has a 5.0.xx or
higher software image. Upgrade the GigaVUE-TA100-CXP to a 5.0.xx or higher
image before issuing the coreboot install command or the image install
<filename.img> install-boot command. Otherwise, do not issue these commands,
as they will make the system unrecoverable.
HD-35243, HD-35288
In releases prior to software version 5.0, the show filter-resource command
displays a percentage of the total number of rules used in a map. 100% means that
the maximum number of rules is used. On a node such as GigaVUE-TA100, where
the maximum number of rules is 1024, in fact, the maximum is one less than that, or
1023. In software version 5.0, when a filter template is applied, the show filter-
resource command displays the total number of map rules used in a map as well as

21 Documentation Feedback 8/20/2018


GigaVUE OS v5.1.04 Release Notes

the limit. If the limit is 1024, the output of the show filter-resource command
displays 1023, even though the actual limit is 1022, or two less than the limit. Before
upgrading to software version 5.0 from a previous release, if you already are at the
maximum number of map rules, delete one rule from each map that is at 100%.
Reduce it to 99% on each node or slot.
HD-35093 For any configuration involving a GigaSMART operation (GSOP) with inline network
ports as the source and an out-of-band map with a tool port as the destination, an
error might be seen during configuration, the node might enter safe mode, or the
traffic path might be broken after a reload. The workaround is as follows:
• Configure a passall map with the inline network ports as the source and a hybrid
port as the destination.
• Configure a second map, a rule-based map, with the hybrid port as the source
and the out-of-band tool as the destination, with the GSOP.
This workaround is represented by the following diagram:

Examples of the maps are as follows:


map-passall alias OOB_SSL_RSA_gigastream <-- This is map1 in the workaround
diagram.
roles replace admin to owner_roles
to gigastream
from 1/3/x17..x24 <-- These are inline network ports.
exit

map alias OOB_SSL_RSA_1 <-- This is map2 in the workaround diagram.


type regular byRule
roles replace admin to owner_roles
use gsop SPF_OOBSSL <-- This can be any GSOP.
rule add pass portsrc 443 bidir
rule add pass portsrc 80 bidir
to RSA_WTD
from gigastream
exit

22 Documentation Feedback 8/20/2018


GigaVUE OS v5.1.04 Release Notes

HD-35087 For inline SSL decryption on GigaVUE-HC2 with Control Card version 2 (HC2
CCv2), multiple engines in a GigaSMART group are only supported when advanced
hashing is configured as follows:
• gigastream advanced-hash slot cc1 fields ipsrc ipdst protocol
HD-35037 On GigaVUE-HC3, the cluster management stack port link (eth3) is displayed as up
in the output of the show interfaces command, even after the cable was
disconnected. The workaround is to view the link on/off LED on the front panel of the
node.
HD-34914 For inline SSL decryption on GigaVUE-HC2, the inbound SSL deployment does not
work if the primary CA is not configured. The workaround is to configure the primary
CA even though it is unused.
HD-34888 For inline SSL decryption on GigaVUE-HC2, device decrypts inbound SSL traffic
even when both SNI and certificate fingerprint does not match.
HD-34694 After a cluster reload, GigaVUE-TA100 ports that are broken out into subports in 4x
mode do not support NetFlow, which results in incorrect interface names and port
IDs being exported.
HD-34496 Port “ifIndex” re-indexing of the SNMP ifTable on GigaVUE nodes occurs when
upgrading from 4.6.xx or earlier releases to 4.7.xx or later releases. This might
potentially impact monitoring for customers using third party management
applications. As our SNMP implementation is compliant to RFC-2863, it is
recommended the management applications account for agent side re-indexing by
monitoring HOST-RESOURCE-MIBs, for example “sysUpTime”, and have the server
side ifIndex in sync for monitoring the correct ports on GigaVUE nodes.
HD-34349 For inline SSL decryption on GigaVUE-HC2, the behavior of the apps inline-ssl
profile alias <alias> no-decrypt tool-bypass <enable | disable> command differs
depending on the rule type configured in the profile. The rule type is configured with
the apps inline-ssl profile alias <alias> rule add command. If traffic is no-decrypt
and the rule type is IPv4, L4port, or VLAN, traffic is sent through the inline tools.
However, if the rule type is domain, category, or issuer, traffic is not sent through the
inline tools.
HD-34265 For GTP overlap flow sampling maps, when editing the first level map involved in a
map-group, traffic is incorrectly passed to the associated second level port-groups.
Instead, traffic might be passed to other port-groups. The workaround for editing the
first level map is as follows:
• Delete the map-group associated with the virtual port in the first level map by
issuing the no map-group alias <alias> command.
• Edit the first level map.
• Reconfigure the map-group by issuing the map-group alias <alias> command.
HD-34048 When a GigaVUE node that joined a cluster has a local database that is different
from the master database and when the node is reloaded without saving the

23 Documentation Feedback 8/20/2018


GigaVUE OS v5.1.04 Release Notes

downloaded master database, the node enters safe mode because of potential
conflicts between the local database and the master database. Refer to the following
best practices:
1. Before joining a node to a cluster, wipe the local database.
2. If any node in the cluster is offline, avoid modifying the configuration from the
master.
3. If 2. cannot be avoided and the offline node enters safe mode, to fix it, take the
node out of the cluster, wipe the local database, and then join the node back to
the cluster.
HD-34029 On GigaVUE-TA100 and GigaVUE-TA100-CXP, if a GigaStream tool port is disabled
before the GigaStream is created, traffic is not redistributed correctly, although
advanced hashing is configured. The workaround is to disable and re-enable the
GigaStream tool port.
HD-33985 Remote usernames that include a forward slash (/) are not supported in GigaVUE-
OS. A remote username is one created in a remote server. The workaround is to use
the backward slash (\) in remote usernames.
HD-33478 On GigaVUE-HC3 with 4 modules and 4 power supply units (PSUs) installed, the
following sequence will result in all modules to be powered up irrespective of
insufficient power:
• Remove 3 PSUs.
• Reboot the chassis with only a single PSU.
The workaround is to install one more PSU into the node.
HD-33444 For inline SSL decryption on GigaVUE-HC2, an out-of-band map cannot have more
than one destination port. The workaround is to use a hybrid port as a way of
sending decrypted traffic to multiple out-of-band tools as follows:
• Configure a hybrid port (hPort)
• Configure a second level map to hPort
• Use hPort as a source in a conventional map or maps to any tool ports or
GigaStream
HD-32482 On GigaVUE-HC1, GigaVUE-TA100, and GigaVUE-TA100-CXP use the interface
eth0 speed auto command, instead of the manual settings (10/100/1000) as they
have no effect. If the speed has been set manually, the keyword auto is displayed in
the output of the show interface command. For example: Speed: 100Mb/s
(auto).
HD-31932 On some GigaVUE platforms, the MTU size is fixed at 9600 while on other GigaVUE
platforms the MTU size is fixed at 9400. The recommendation is to set the MTU to
9400 on all platforms.
HD-31367 When the configuration switch-to <filename> command is issued on GigaVUE-
HC2 nodes with Control Card version 2, under certain cases the command may fail

24 Documentation Feedback 8/20/2018


GigaVUE OS v5.1.04 Release Notes

and the node may enter safe mode. The workaround is to use the configuration
text filename <filename> apply command with the same configuration.
HD-31158 For GigaVUE-HC2 with Control Card version 2, under certain traffic configurations
involving network, tool, and GigaStream on the same PRT-HC0-X24 module, traffic
on the GigaStream may be affected after a hot swap of the module. The
recommendation is to reload the GigaVUE-HC2 after swapping the PRT-HC0-X24
module.
HD-30686, HD-30687
When using NetFlow v9 or v5, the default size of the interface port ID is 2 bytes, but
the actual interface port ID is 4 bytes. The default for IPFIX is 4 bytes. For v9, do not
use the default of 2. The workaround for v9 is to specify the width of 4 in the
following CLI commands. There is no workaround for v5 because it is predefined.
 apps netflow record alias <alias> collect add interface input physical width 4
 apps netflow record alias <alias> collect add interface output physical width 4
 apps netflow record alias <alias> match add interface input physical width 4
 apps netflow record alias <alias> match add interface output physical width 4
HD-30324, HD-33681
In an out-of-band cluster, a GigaVUE-HC2 with Control Card version 2 lost its
chassis ID when its state changed from standby to master. The workaround is as
follows:
 issue the cluster enable command on the GigaVUE-HC2 with Control Card
version 2 and wait for the state of this node to change to master
 issue the cluster enable command on the second node in the cluster, a
GigaVUE-HC2 with a lower cluster preference
 activate all the cards on the standby node from the master node
HD-30193 When more than one whitelist is used across nodes within a cluster environment,
IMSIs are not properly updated. For example, if the master node has Whitelist-1 and
the standby node has Whitelist-2, when the user adds an IMSI entry on Whitelist-2,
the IMSI addition/fetch is initiated from the master node. But instead of adding the
IMSI to Whitelist-2, which is in standby, the system adds it to the local node’s
whitelist (master). As a result, the master node contains unwanted GTP subscriber
traffic that will be whitelisted. The workaround is to use the same whitelist for all
nodes in the cluster.
HD-29965 When using H-VUE to upgrade older software versions (pre-4.7 software versions),
an error message is displayed if a 4.7.xx image has also been fetched. The error is:
IndexError: list index out of range. The workaround is to delete the 4.7.xx image and
continue to upgrade to the pre-4.7 software version using H-VUE.
HD-29886 When GigaVUE-TA100 is clustered with other GigaVUE node types, inserting and
removing transceivers causes other ports to bounce (come up, go down, then come

25 Documentation Feedback 8/20/2018


GigaVUE OS v5.1.04 Release Notes

back up). For GigaVUE-TA1, GigaVUE-TA10, GigaVUE-TA40, and GigaVUE-HC2


nodes, traffic is affected on other ports on the same TA Series node or on the same
module on the GigaVUE-HC2 node.
HD-29231 Enabling autonegotiation is allowed on inline bypass ports after the port speed has
been hardcoded. To prevent any issues, the workaround is to only hardcode the
speed, and not to enable autonegotiation.
HD-29210 On GigaVUE-HC2 with Control Card version 2, the following modules are not hot
swappable:
 PRT-HC0-C02
 PRT-HC0-X24
 Bypass Combo Modules: BPS-HC0-D25A4G, BPS-HC0-D25B4G, and BPS-
HC0-D35C4G
If you try to hot swap them, it is recommended that you reload the GigaVUE-HC2
node.
HD-29073 When editing an inline map on GigaVUE-HC2, when there is a shared collector and
a rule-based map, one of the rules cannot be deleted from the rule-based map using
H-VUE and results in the following error message: the last by-rule map with
a src, a des and some rules defined must exist with a
collector. The workaround is to use the CLI to delete one of the rules in a rule-
based map when a shared collector is present.
HD-27566 In the GRIP solution, if both primary and secondary nodes are powered down or if
there is a power outage causing both primary and secondary nodes to go down,
powering up the secondary alone without the primary ever coming up will cause
network traffic to be bypassed instead of being sent to inline tools. It is not
recommended to power up/recover only the secondary node without the primary.
The recommendation is to eventually bring the primary up also. If the primary node is
prone to failures or frequent power outages, another recommendation is to change
the role of the secondary node to the primary.
HD-27034, HD-26962, HD-29675
On GigaVUE-HC2 with Control Card version 2, buffer usage statistics and thresholds
are not supported. Setting buffer thresholds on cards or ports will not result in any
change from the defaults, and show buffer and show profile <current | history> buffer
commands will not produce meaningful output.
HD-27019 In H-VUE, changing the chassis mode on GigaVUE-HC2 with Control Card version
2, is not supported. The workaround is to use the chassis box-id <box ID> mode
<normal | 100G> command in the CLI to configure the mode. Once the mode is
configured in the CLI, H-VUE will display it.
HD-26990 For the PRT-HD0-C06X24 line card on GigaVUE HD Series nodes, the port MTU is
9416, not 9600 as on other GigaVUE HD Series line cards, however, the output of
the show port parameters command displays 9600.

26 Documentation Feedback 8/20/2018


GigaVUE OS v5.1.04 Release Notes

HD-26981 For the PRT-HD0-C06X24 on GigaVUE HD Series nodes, the packet counters may
wrap, thus providing incorrect packet counts when traffic is either entering or leaving
the card at or close to line rate and the statistics have not been collected for an
extended period of time. In the output of the show port stats command, the
IfInUcastPkts and IfOutUcastPkts counters do not match.
HD-26853 The tcpdump command is not supported.
HD-26042 The GigaVUE-HC2 node and inline bypass BPS modules (BPS-HC0-D25A4G, BPS-
HC0-D25B4G, BPS-HC0-D35C4G) do not support 1Gb ZX SFP optic.
HD-25402 In H-VUE, the Quick View only displays regular network and tool ports, not inline-
network, inline-tool, or hybrid ports. For example, inline-network ports appear to be
mapped to network ports and inline-tool ports appear to be mapped to tool ports in
the Quick View. For physical ports such as inline-network, inline-tool, or hybrid, the
workaround is to use the Port page, or for inline types of ports, the workaround is to
use the Inline Bypass tab.
HD-25195 For the PRT-HC0-C02 module on the GigaVUE-HC2 with Control Card version 2,
after hot swapping the module, the module comes up but the link status of the ports
is down. The workaround is to use the reload command to reboot the chassis to
bring up the port links.
HD-22898, HD-23356
Force link-up is not supported on the 100Gb CFP2 ports on the PRT-HD0-C02X08
line card on GigaVUE HD Series nodes.
HD-20208, HD-25658
For inline bypass on the GigaVUE-HC2, if the protected inline network configuration
involves the traffic-path attribute of to-inline-tool, there is no map configured from
the respective inline-network, and the physical-bypass attribute of disable is saved
as the current active configuration without any map associated with this inline
network, then a power cycle, reload, or configuration restore (via switch-to) of the
GigaVUE-HC2 system will result in enabling the physical protection for this inline
network while presenting the physical-bypass attribute of disable. To disable the
actual physical protection, change the physical-bypass attribute to enable and then
to disable.

27 Documentation Feedback 8/20/2018


GigaVUE OS v5.1.04 Release Notes

Available Documentation
Document Summary

GigaVUE HD Series Hardware how to unpack, assemble, rack-mount, connect, and perform the
Installation Guide initial configuration of GigaVUE HD Series nodes

GigaVUE -HC3 Hardware how to unpack, assemble, rack-mount, connect, and perform the
Installation Guide initial configuration of GigaVUE-HC3 nodes

GigaVUE -HC2 Hardware how to unpack, assemble, rack-mount, connect, and perform the
Installation Guide initial configuration of GigaVUE-HC2 nodes

GigaVUE -HC1 Hardware how to unpack, assemble, rack-mount, connect, and perform the
Installation Guide initial configuration of GigaVUE-HC1 nodes

GigaVUE HB Series Hardware how to unpack, assemble, rack-mount, connect, and perform the
Installation Guide initial configuration of GigaVUE HB Series nodes

GigaVUE-TA1 Hardware how to unpack, assemble, rack-mount, connect, and perform the
Installation Guide initial configuration of GigaVUE-TA1 nodes

GigaVUE TA Series Hardware how to unpack, assemble, rack-mount, connect, and perform the
Installation Guide initial configuration of GigaVUE-TA10, GigaVUE-TA40, GigaVUE-
TA100, and GigaVUE-TA100-CXP nodes

GigaVUE-OS Installation Guide on how to install the GigaVUE-OS on Certified Traffic Aggregation
a White Box White Boxes

GigaVUE-OS CLI User’s Guide all about the GigaVUE H Series nodes, including Initial
Configuration, and CLI usage in this software release

Inline SSL Decryption Guide SSL decryption for inline tools and how to configure it using the
CLI and H-VUE

Application Session Filtering step-by-step recipes that show how to extract relevant flows with
Cookbook ASF, such as filtering YouTube traffic or email with attachments

GigaVUE H Series Upgrade Guide how to upgrade GigaVUE H Series nodes to this software release

GigaVUE TA Series Upgrade Guide how to upgrade GigaVUE TA Series nodes to this software release

GigaVUE-OS H-VUE User’s Guide how to install, connect, configure, and operate the H-VUE Web-
Based GUI for the GigaVUE H Series nodes

28 Documentation Feedback 8/20/2018


GigaVUE OS v5.1.04 Release Notes

Documentation Feedback
To send feedback and report issues in our documentation, complete the short survey at the following
link: https://www.surveymonkey.com/r/gigamondocumentationfeedback

Contacting Gigamon Support


Refer to http://www.gigamon.com/support-and-services/contact-support for Technical Support hours and contact information.
You can also email Technical Support at [email protected]. Refer also to the customer portal at
https://gigamoncp.force.com/gigamoncp/.

Copyright
Copyright © 2018 Gigamon Inc. All Rights Reserved. No part of this publication may be reproduced, transmitted, transcribed,
stored in a retrieval system, or translated into any language in any form or by any means without Gigamon’s written permission

Trademark Attributions
Gigamon and the Gigamon logo are trademarks of Gigamon in the United States and/or other countries. Gigamon trademarks
can be found at www.gigamon.com/legal-trademarks. All other trademarks are the trademarks of their respective owners.

29 Documentation Feedback 8/20/2018

You might also like