Platform CANT-P
RTEMS BootP file - CANT-P : TG576(i)v7 / TG585(i)v7: ZZ5YAA8.277.bli
RTEMS operational - CANT-P : TG576(i)v7 / TG585(i)v7: ZZ5XAA8.277
New Features
* IP-in-IP tunnelling support.
* TR-064 service extensions:
The TR-064 framework has been extended to allow configuration of the static WAN IP address via TR-064 with the WANIPConnection and LANHostConfigManagement parameter sets.
* Improved WPS interoperability with Windows 7:
The WiFi-certified WPS mechanism applied on all Gateway products has been extended to support the configured AP WPS functionality to improve the interoperability with MS Windows 7’s WPS implementation.
* Ethernet debug CLI command extensions:
The following expert CLI debug commands have been made available to support advanced debugging and monitoring of the Ethernet interface:
+ :ethd state
Show the state of the Ethernet interface
+ :ethd trace
Enable ETHD tracing
+ :ethd spool
Show memory pools
+ :ethd sdata
Show driver data
+ :ethd cdata
Clear driver data
+ :ethd smode
Show interface mode
+ :ethd stats
Show interface statistics
+ :ethd clear
Clear interface statistics
+ :ethd help
Display help info.
* Configurable Internet LED behaviour:
Internet LED behaviour has been made configurable via the :system config optional wanconnection=<IP interface> CLI command to decide its LED state according to not only the default WAN connection interface state, but also upon optional (fall-back, or second service) WAN connection interface states if these are configured.
+ By default, the behaviour is identical as before: only the default WAN connection is taken into account.
+ Via defining optional WAN connections, the Gateway monitors the default WAN connection and all optional WAN connections, if configured.
+ If more than one WAN IP interface is configured, the first interface that is “up” is used to affect the Internet LED.
+ If both default WAN connection and optional WAN connection are not defined, the Internet LED follows the state of the Broadband LED (for example in case of bridged scenarios without Internet IP interface).
+ On applicable products, if the WAN port auto-sensing feature is applied, the Internet LED behaviour based on the WAN port Auto-Sensing Lua script overrules the optional WAN connection configuration.
* ARP probing extensions:
By default, ARP probing remains RFC826 compliant. When the ARP process does initial broadcast probing and only later on performs unicast probing, the ARP daemon has been extended and made configurable to force exclusively broadcast ARP probing.
BugFixes:
* Game & Application Sharing not supported for hosts with fixed IP address:
The issue where it is not possible to assign a Game & Application service to a local host configured with a static IP address via the GUI, has been solved.
* Cross-Site Scripting (XSS):
Various Cross-Site Scripting (XSS) flaws in the GUI have been fixed.
* ARP table overflow causes restart:
The issue where an overflow of the ARP table (for example, by DOS attack flooding the ARP table) may cause the Gateway to restart, or where due to a full ARP table, no new host connections are possible anymore, has been solved.
* UPnP port mapping too slow when port mapping list is big:
The issue where UPnP port mapping is too slow (particularly if the port map list is long, causing port mappings to fail on some applications due to a time-out), has been solved.
* The first IP address of the IPCP pool is always reserved for virtual unnumbered PPP interface:
The issue where, in an IPCP scenario with PPP set to unnumbered and DHCP to numbered, the Gateway doesn’t take the expected IP address from the DHCP pool as gateway IP address, has been solved:
+ By default for PPP-Public-Subnet, and PPP-Public-Subnet Passthrough, the last IP address of the received IPCP pool is used for configuring the PPP interface (i.e. virtual IP address) and the first IP address to configure the LAN interface (i.e. DHCP gateway IP address).
+ The assignment of the virtual IP address to be used by the PPP interface is made configurable by the subnetfirstip parameter (which allows to specify if the first or the last IP address from the received range is to be used to configure the PPP interface).
* IPSec / VPN / Tunnelling:
The issue where FTP transfers through a GRE, or IP-in-IP tunnel may fail because the Gateway does not forward the ACK acknowledgment packets, has been solved.
* CLI downstream transmit power wrong:
The issue where the downstream transmit power displayed via the dsl info expand=enabled CLI command is wrong (in fact always zero), has been solved.
* HTTP server not HTTP/1.1 compliant when using Download RPC:
The issue where the Gateway always included a host IP address 0.0.0.0 in the HTTP header in all its HTTP/1.1 request messages, causing interoperability issues with ACSs using Virtual Web hosting, has been solved.
* ADSL1 annex B fast mode with Alcatel-Lucent NALT-D line card:
The issue where high frame loss rate (high Bit Error Ratio (BER)) in the downstream direction and many Code Violation (CV) packets have been observed if the Gateway operates in ADSL1 annex B fast mode against an Alcatel-Lucent NALT-D line card (while the problem is not seen if interleave mode is used), has been solved.
* Wireless: performance issues:
Wireless performance issues seen with the previous Main Track Slotted Release R8.2.6 (compared with R8.2.5 performance), have been solved from this Main Track Slotted Release onwards.
* Wireless: SSID returns to the factory default:
The issue where the SSID returns to the factory default value or another unexpected value after a restart (when the SSID contains one or more spaces, or quotation marks), has been solved.
* Wireless: SSID prefix variables disappear:
The issue where the wireless SSID prefix variables disappear after running the embedded wizard has been solved.
General Fixes:
* DNS routing table sorting to support conditional DNS forwarding:
Sorting criteria and order is as follows:
1. DNS entries with domain labels are sorted first.
2. If the source/source mask is specified, routes with a longer source mask have higher priority.
3. When routes have an equal source mask, the routes with the lower metric are sorted first.
Changes:
* Wireless Distribution System removed from GUI:
From this Main Track Slotted Release onwards Thomson Gateway products no longer support the use of the deprecated non-standardized Wireless Distribution System (WDS) via the GUI.
* ST585v6 / TG585v7: Reduced feature set:
Upon applicability following standard features are either removed, reduced or changed to optimize memory occupation:
+ Tracelevel reduced to one.
+ RIP not supported.
+ USB master, slave port functionality removed
+ SNMP and ILMI not supported.
+ Ethernet driver trace and debug commands removed.
+ KPML removed.
+ Call logging not supported.
+ Phone book GUI page removed.
+ Accelerated IP not supported.
+ ScheduleInform RPC not supported.
+ Reduced Differentiated Service Delivery (DSD) functionality:
# Address-based web site filtering removed
# Content-based web site filtering removed
Open Issues:
* Physical Layer - ADSL/ADSL2+:
o A large value of data rate spread that can exceed 5Mbps has been observed if the Gateway operates in ADSL2+ Interleave mode against an Alcatel-Lucent NVLT-C line card.
* ATM:
ATM loopback can’t work correctly and cannot capture any ATM cells at ax4000.
* Bridge / VLAN / Bridge Filter / Ethernet:
o Ethernet switch storm control and shaping (used for Ethernet switch flow control) cannot be configured and as a consequence does not work.
o VLANs are not properly configured on an Ethernet port that has been configured as non-bridge Ethernet WAN interface. This causes tagged packets to be dropped by the Thomson Gateway Ethernet switch. As a workaround, enable unknownVLAN on the other (LAN-assigned) Ethernet ports of the switch so that the Ethernet switch is forced to flood the packets received on the WAN Ethernet port.
o When sending a unicast packet from an unknownVlan LAN port, the learned MAC address is lost on the unknownVlan WAN port.
* CWMP / Datamodel:
o If restarted during the delay period of a delayed platform software upgrade (indicated by the ACSs), after the restart the Gateway sends a ‘9010 Download Interrupted’ in the transferComplete to the ACSs or simply nothing instead of resuming the platform software download. As a consequence the Gateway is not upgraded.
o Changing NAPT port mappings via the IGD data model is not possible; it is only possible to set the port mapping via TR-069 using the same internal and external port on the first attempt.
o CWMP packets may not be forwarded according to QoS label rules.
o Some datamodel parameters of type ‘boolean’, ‘int’ and ‘unsignedint’ are empty in the IGD datamodel, which is not in line with TR-098 specification. This may cause problems with ACSs test scenarios.
o When the ACSs server’s DNS name is resolved by the Thomson Gateway DNS server to multiple IP addresses, the Thomson Gateway will only use the first resolved IP address to connect to the ACSs. As a consequence, CWMP actions may fail.
o It is not possible to reconfigure the Thomson Gateway DHCP server and DHCP pool configuration via the IGD datamodel with SetParameterValues.
* DHCP / IPCP:
o The Gateway crashes when the assigned IP address of the PPP interface is part of the DHCP server’s DHCP pool range.
o Crashes have been observed when, with Device Discovery enabled (default setting), the DHCP leases are flushed whilst a high number of DHCP hosts are connected to the Gateway.
o When changing the default IP address of the Gateway via the GUI (for example from the factory default 192.168.1.254 to 192.168.1.1), the gateway IP address parameter of the Gateway DHCP server’s default DHCP pool configuration is not changed (i.e. the gateway IP address remains 192.168.1.254).
* GUI / Embedded Help / Embedded Easy Setup / Lua:
o When running the embedded Easy Setup wizard with multiple service templates (i.e. more than the standard set), when going back in the wizard (by clicking the ‘Back’ Button) until the service template list, not all templates are listed anymore.
o It has been observed that, when changing the state of a self-created firewall rule via the GUI, the actual state (enabled/disabled) may not be displayed correctly in the GUI anymore.
o Internet Explorer 8: It is not possible to switch to another user directly via clicking the user name. As a workaround, switch to another user via the User Management page (Toolbox > User Management).
o When one of the default IP addresses of the Thomson Gateway are deleted (192.168.1.254 or 10.0.0.138), running the embedded Easy Setup wizard may cause the Gateway to restart.
o On the Web Cameras GUI page (if supported and enabled) the MAC address is displayed and used instead of the camera’s IP address. As a consequence the web camera cannot be controlled via the GUI.
o When only one LAN IP address assigned to the Gateway, it is not possible to change this IP address via the GUI.
o Once a wireless client has connected to the Gateway, it is not possible anymore to clear the ‘Allowed on WLAN’ check box on the Gateway Home Network > Devices > device’s Configure GUI page. As a consequence it is not possible to disallow that wireless client from connecting to the wireless network.
o Call logging figures shown on the Gateway Telephony > Telephony Statistics GUI page and the Telephony > Call log GUI page may not be consistent.
* IPSec / VPN / Tunnelling:
o The Gateway cannot relay IPSec packets when IKE and ESP connections are bound to a specific port in the connection bind list. As a workaround unbind IKE and ESP via the CLI.
o The IPSec VPN client cannot be configured via CLI, while it can be configured correctly via GUI pages.
o When multiple IPSec tunnels are configured, only one tunnel can be displayed as ‘running’ in the GUI, though more may actually be started.
* NAT ALG:
o In PPP-subnet-passthrough scenarios, no transparent NAT map is added for the public DHCP subnet. As a consequence, address translation is applied on the public subnet lease addresses of local hosts instead of being transparently passed through the Gateway.
o Subsequently connecting and disconnecting the Internet PPP interface may cause the Gateway to restart due to NAT template creations.
o The Gateway PPTP ALG erroneously deletes the NAT mapping after time-out expiry and no traffic passes, though the PPTP control connection exists. As a consequence, GRE data traffic from WAN cannot pass and the local PPTP client can not communicate with the WAN.
* QoS:
o Queue based rate limiting has no impact.
o PPPoE Active Discovery (PAD) messages (PADI, PADO, PADR) do not respect the internal class setting assigned by PPP; as a consequence the derived P-bits are wrong.
* SNMP:
o The ifInOctets and ifOutOctets values of some interfaces (such as eth0, ethport2, ethport3, ethport4) will reset to 0 (zero) if their effective number exceeds 65535.
* UPnP / TR-064:
o The Internet connection state of VDSL2 products configured with IPoE, is unreliable and cannot be controlled via MS Windows’ Network Connection page.
o It is not possible to browse the UPnP AV Server.
o The Gateway does not support configuring WAN IP Interfaces and DNS server via TR-064.
* Wireless:
o When using WEP encryption or WPA-TKIP wireless security, throughput performance of the IEEE802.11n wireless interface is lower than when using no wireless security or WPA2.
o Wireless clients can only associate without encryption (i.e. neither WEP nor WPA(2) are possible) on virtual access points configured on the WLAN interface when configured with multiple SSID and the virtual access point is assigned to a VLAN with separate DHCP pools.
o When the wireless hardware button is used for legacy MAC address based registration, if during the registration phase the wireless interface is disabled (e.g. via CLI), the button LED does not turn off.
o With certain wireless clients on Windows 7 it has been observed that setting up a wireless connection using the Windows 7 connect with wireless security key mechanism (as alternative to the WPS PIN method) may fail.
* Miscellaneous:
o In multiple WAN connection scenarios with specific connections for specific traffic, if a particular WAN connection goes down, traffic designated for that connection uses another WAN connection that may not be designed for that traffic or, in the case of a Dial-on-Demand PPP connection, for example, will continuously trigger the PPP connection to come up. In other words, the Gateway does not support configuring a service to only use a specific WAN connection and to block forwarding when that connection is down.
o In normal operating conditions (i.e. in cases where the Gateway is not overloaded with Ethernet WAN traffic processing), VoIP, Video, TR-069 gets prioritized over normal traffic.
o Physical layer version information cannot be read from the archive of some products.
o Unknown VLAN packets coming from the WAN are dropped when ingress filtering is enabled.
o Using Parental Control, i.e. URL-based, or content-based filtering, negatively impacts download performance.
* TG585v7: Restarts when TR-069 certificates used by the ACSs:
The TG585 v7 may periodically restart when TR-069 certificates are used by the ACSs, and it is configured to use HTTPS with short periodic inform intervals. As a workaround, disable the use of TR-069 certificates, in which case the restarts will not occur.
Bookmarks