Abilis CPX 2000, release 8.6


Abilis CPX 2000, update 8.6.8

Released on August 13, 2018.

Enhancements

System
  • Added support for Gigabyte N3160ND3V motherboard.

Bug fixes

Cti router
  • Added support of transparent RCC for P/R groups when RCC is ordered by the destination in progress/alerting phase.

  • Extended RCC procedure to start transcoding (if necessary and possible) in the Abilis where the routing rule (ctir) was configured to permit transcoding (e.g. CODERSIN:G.711, CODERSOUT:G711,G729).

  • Fixed D D CTIEEC: Echo 'CurDelay'/'MaxDelay' when not converged was wrongly printed as 4294967295 (-1), now it is correctly printed as '-'.

  • Fixed D CTICE: 'EECI-DELAY'/'EECO-DELAY' when not converged was wrongly printed as 4294967295 (-1), now it is correctly printed as '-'.

  • Fixed the missing release of the auxiliary AC when C(IDSA)toV call transfer is performed. The bug caused unnecessary allocation of such an AC up to the connection end.

  • Fixed overall disconnection cause computation when F0 xx is involved in alternative routings. Now it is thread as 80 xx thus with highest priority over the other causes.

Cti Cluster
  • Fixed procedure of cluster opening/reopening that caused unnecessary W: CTICL misconf-PLINK (RD) in the peer Abilis.

  • Fixed the missing log of W: CTICL misconf-PLINK (LD) (misconfigured cluster locally detected) that occurred in a specific case, when the peer side re-opened the cluster very quickly.

Swac
  • Removed SWAC-EC-NLP-MODE:CNG because the comfort noise was in some cases annoying. The new default is CLIP and old CNG value is converted to CLIP.

Pots
  • Fixed POTS port state in case of VOSLAC chip failure: the state was wrongly indicated as ON-HOOK, now it is properly set to FAILED.

  • Fixed log messages when VOSLAC chip doesn't work: better descriptive and avoid system log flood.

  • Improved handling of permanent VOSLAC failures detected at boot.

Sip
  • Added support of SDP parsing and codec selection in incoming 180 Ringing response.

  • Added support of codec change in ringing and progress state, i.e. upon reception of 180 Ringing or 183 Session Progress that requires to change the currently selected codec.

    It is obtained by means of RCC procedure executed after sending PROGRESS or ALERT to cti router.

  • Added support of codec change when the received 200 OK indicates a codec different from the currently selected one.

    It is obtained by means of RCC procedure ordered after sending CONNECT to cti router.

  • Fixed the parsing of the SDP body: an exception occurred if CR+LF+CR+LF boundary was missing.

  • Added support of RTP/RTCP port change after receiving a 18x provisional message with SDP when SIP-REMOTE-NAT or SIP-LOCAL-NAT is being used: the symmetric RTP detector is reset.

Virtual Office
  • Removed misplaced FRMWR that in some situation caused an unnecessary system log flood.

Aipt2
  • Fixed bug that caused path state misalignment with subsequent possible effect of not being able to open the path again. The condition was very seldom to met.

  • Fixed a bug that in a rare case caused wrong statistic and throughput at path level (higher than real).

    The case is when the network between the two Abilis repeats the same path packet. It is very uncommon, but it can occur if there are devices with improper ethernet full/half duplex configuration along the way, the half-duplex device repeats a packet when detects the collision caused by the full-duplex device.

Aipt
  • Fixed bug that caused AIPT tunnels to count outgoing data twice. This bug is present since version 8.6.4.

    Output statistics affected are: DG, CHAR, ICMP, TCP, UDP, ESP, AH.

Vrrp
  • Fixed parsing of incoming VRRP packets when authentication type is not present.

  • Added BAD VERSION statistic.

  • Added IP and MAC information into LOG upon wrong checksum detection.

Smtp
  • Moved QUEUE-LIFETIME and MAIL-TRY-DELAY from 'Local SMTP relay' section to common parameters section.

EthUsb
  • Fixed crash caused by accessing device statistic after the device is disconnected.

Videosurveillance
  • Fixed software exception and system reboot that was generated when an invalid file number was used in storage debug commands 30, 31, 32 and 33.

Trfa
  • IP: Fixed bug on DEBUG LSN:10 used for purge level: if the value TO: was not specified the purge did not take place.

Script
  • Fixed bug in 'iohub.get_device_handle' when RIO-x or RVS-x higher than 1 is opened. The bug caused the wrong function failure.

Snmp
  • VRRP: added cxVrrpStDropBadVer (BAD-VER) variable in of cxVrrpStTable. Updated MIB and html document.

Known bugs


Abilis CPX 2000, update 8.6.7

Released on June 6, 2018.

Enhancements

none

Bug fixes

Aipt2
  • Fixed a bug in AES hardware cipher in Abilis equipped with VIA C3 and C7 processors.

    In some very special cases the cipher key was not set correctly, causing wrong cipher and decipher.

Ssl
  • Fixed a bug in AES hardware cipher in Abilis equipped with VIA C3 and C7 processors.

    In some very special cases the cipher key was not set correctly, causing wrong cipher and decipher.

  • Fixed bug that in a very special case caused a memory leak during elliptic curves processing, and upon multiple repetition it lead to a denial of service.

    It happened when a combination of remote disconnection and session timeout takes place simultaneously.

Vrrp
  • Increased number of receive buffer from 10 to 200 to tolerate a larger burst of VRRP packets.

    In some configurations, where large bursts were present, the VRRP lost messages causing improper flapping of the states.

Pv
  • Fixed RS-BUF range: it was 1..255 instead of 1..1000 Kibyte.

Cti router
  • Fixed unsuccessful call statistics when an outgoing call fails immediately (e.g. NOCHAN), they were not increased..

Videosurveillance
  • Fixed bug in RVS camera extended statistics, values were always 0.

Snmp
  • VS: Obsoleted STORED-ALARMS, STORED-LIVE, LAST-STORED-ALARM and LAST-STORED-LIVE of cxVsDgTable

Known bugs


Abilis CPX 2000, update 8.6.6

Released on May 10, 2018.

Enhancements

none

Bug fixes

Aipt2
  • Fixed a bug that caused a path deadlock in a rare situation.

    When this happened we had client in state UP and server in state DOWN, and bug was that server answered the client monitor packets although being down, thus preventing client to detect the server down state and restart with the opening phase.

  • Fixed a bug when data compression (COMP) is in use.

    In some cases a multipacket (two or more packets optimised in a single tunnel packet, very probable for TCP ACKs) was incorrectly threated and discarded as BAD-COMP.

Tcp
  • Fixed bug when receiving window is full: a spurious TCP retransmission of 1 BYTE is now it sent every 30 seconds to get remote window update status instead of being frozen forever.

  • Changed keepalive behaviour: now it is sent even if sending window is not 0. This because is possible that it is frozen due to missing remote acknowledges.

Dhcp server
  • Fixed transmission DHCPOFFER and DHCPACK answers.

    They were always sent indicating broadcast IP address instead of obeying the bit set in the previous client request for requiring unicast or broadcast.

    In some situation and with some clients this caused malfunction, actually seen with DHCPINFOM only.

Traffic Analyser
  • TRFA IP:

    Added recovery procedure of corrupted files.

    When the file is detected to be corrupted it is now renamed with .BAD extension and a new file is created.

    Before this fix it happened that the error was logged in system log but the situation was not recovered, thus loosing all subsequent recordings.

Cti router
  • Added MAXBW-OVR and MAXCON-OVR in CTIL statistics.

  • Fixed computation of GROUP-MAXBW-OVR in CTIL statistics of CTIL and CTILG.

    In some cases the counter was not increased.

  • Fixed computation of MAXBW-OVR in CTILG statistics

    In some cases the counter was not increased.

  • Removed unnecessary FRMWR indicating legal situation when NOTIFY request is sent to the GroupIn side.

Videosurveillance
  • VS resource: removed the diagnostics that were indented to be global among all camera; STORED-ALARMS, STORED-LIVE, LAST-STORED-ALARM,and LAST-STORED-LIVE diagnostics. They were actually not supported and not of real usefulness to implement.

    These diagnostics are present individually for each camera.

System
  • Removed support of "SW6" button for system shutdown.

    Such button was present only in certain obsolete Abilis models.

    In recent models its is absent and it happened that in some situation the software got false indication of "button pressed", causing undesired system shutdown.

    Since it was of almost no use, and shown problems in recent Abilis, it's support in software has been removed.

  • When shutdown is ordered from CP the log message has been changed from I: SHUTDOWN to I: CP SHUTDOWN.

Cp
  • SYS DIR command: fixed wrong value of Total/Used/Free counters (values related to 'C' were always printed even for other disks).

  • When shutdown is ordered from CP the log message has been changed from I: SHUTDOWN to I: CP SHUTDOWN.

Snmp
  • CTI Links: Added cxCtiSysStLinkMaxBwOvrIn, cxCtiSysStLinkMaxBwOvrOut, cxCtiSysStLinkMaxConOvrIn and cxCtiSysStLinkMaxConOvrOut to cxCtiSysStLinkTable. Updated MIB and html document.

Known bugs


Abilis CPX 2000, update 8.6.5

Released on April 19, 2018.

Enhancements

none

Bug fixes

Ip Router
  • Fixed a bug that prevented NAT-LOOPBACK to properly work.

    When the problem occurred it was visible in DEBUG RES:IPRTR LSN:4 output, Bad parameters passed to function statistic increased.

IPres, PPP subtype
  • Fixed a bug in IP res state change when in case of LOWRES:CTISLINK (dial-up PPP) the call did not succeed.

    A transition to DOWN state occurred while it was not required.

    Now dial-up PPP stays in state UP until it eventually ends in STOPPEDx states.

  • Fixed a bug in IP res state when in case of LOWRES:CTISLINK (dial-up PPP) the US (unattended site retry) is entered.

    The state was wrongly set to DOWN during the US retry, now it is kept UP until STOPPEDx states are eventually reached.

Aipt2
  • Fixed a bug that prevented to configure LOCIPx:*, although it was forcedly set when changing role from client to server.

Ssl
  • Fixed a memory leak in EC pool that in some rare circumstances caused a blockage of the SSL service.

  • Fixed a bug in creation of SSL session ID that in some rare cases triggered a never-ending loop and subsequent system restart.

  • Added ssl debug statistics available with "debug res:ssl lsn:4"

Web Filter
  • Made fields borders visible.

Ethernet
  • Fixed UNK-VLAN-ID, FRM-UNKPRT, FRM-DROP statistics that was not properly counted in all situations.

    Now:

    • UNK-VLAN-ID is counted when:

      • a packet with ethertype 0x8100 is received and the indicated VLAN-ID is not opened for none of IP/ARP/PPoED/PPPoES protocols.

      • an untagged packet is received and untagged session not opened for none of IP/ARP/PPoED/PPPoES protocols.

    • FRM-UNKPRT is counted when:

      • a received packet has none of the supported ethertypes (0x0800 IP, 0x0806 ARP, 0x8863 PPPoED, 0x8864 PPPoES, 0x8100 VLAN).

      • a packet received with ethertype 0x8100 (VLAN) has a VLAN-ID that is opened for at least one of the IP/ARP/PPPoED/PPPoES protocols, but it is carrying none of IP/ARP/PPPoED/PPPoES protocols.

    • FRM-DROP is counted when:

      • a packet with ethertype 0x8100 is received and the indicated VLAN-ID is opened for at least one of the IP/ARP/PPPoED/PPPoES protocols, but the carried protocol although supported is currently not opened (e.g. VLAN-ID opened for IP and ARP but packet is PPPoED or PPPoES).

      • untagged is opened for any of IP/ARP/PPPoED/PPPoES and the received packet is for a supported but not opened protocol (e.g. untagged opened for IP and ARP but packet is PPPoED or PPPoES).

Cti Router
  • Fixed processing of INFORMATION message.

    Empty INFORMATION message are not passed anymore.

    It was found that certain ISDN devices, like PABX with IVR, drop the call if they receive an empty INFORMATION message instead of silently ignore it.

    The problem was evident when sending DTMF to the IVR that in turn dropped the call.

Voice Recorder
  • Fixed bug in recording of calls being transcoded by MCD when TC-SESNUM > 0. The bug caused the empty (silent) recording.

Known bugs


Abilis CPX 2000, update 8.6.4

Released on April 5, 2018.

Enhancements

Bug fixes

Ip Router
  • Added optimizations during thread creation:

    • if IPSH is not present the RecvIPSHInFifoTask thread is not created.

    • if no X25BSVC interfaces are present TaskChecker thread is not created.

  • Renamed threads names and added the number of ipres into thread name.

  • If no ip address is available, i.e no IP address from ipres and neither r-id, the address 0.0.0.1 is used to allow opening of PPP dialup connections.

  • Minor internal optimizations and simplifications.

Aipt2
  • Improved SPL-OVFL statistic for paths: the 1 sec value is now replaced by an exact calculation based on packet length and encapsulations overhead.

  • Improvements in threads: removed INIT and TEST threads. States "GOING-UP" and "GOING-DOWN" does not occur anymore with AIPT2, the state transition directly reflects the tunnel state, without delays.

Nat
  • Added management of PR: filter in D NAT MAPS layout.

Poecli
  • Added an autorecovery procedure when used with DSL resources when all POECLI sessions goes disconnected. It solves some rare deadlocks in the data transfer.

Virtual office / Abilisphone
  • Removed unnecessary FRMWR that in some rare cases flooded the system log.

Voice Recorder
  • Fixed support of OD-MAX-RECORDING-SIZE parameter.

    The parameter was ignored when recording to VMS files from a packet voice connection (e.g. StoC, CtoC, StoS ...).

Traffic analyser
  • Fixed bug in CTI real-time analysis that caused a software exception and system restart.

    The bug has been introduced in version 8.6.2.

Videosurveillance
  • Fixed a bug in LIVE play out that caused intermittent "Image not found" message and delayed images.

    The bug has been introduced in version 8.6.0.

System
  • Fixed 'NEW RUN' message written in system log at Abilis start-up: when a new version is started the previously running version/build must be written, but starting from 8.4.0 this information was wrongly removed.

  • Enlarged task names to 20 chars in DEBUG TASK command.

Known bugs


Abilis CPX 2000, update 8.6.3

Released on March 22, 2018.

Enhancements

Ip router
  • Performance improvement in some situations, about 10% in AIPT2 tunnels.

Bug fixes

Ethernet
  • On Gigabyte P31-DS3L motherboard the on-board ethernet is seldomly detected incorrectly by BIOS, and therefore it does not work.

    A system restart proven to solve the issue, we then added a system autorestart when the wrong detection is recognised.

Ip Router
  • Fixed two critical bugs that caused leakage of FIFO buffers, down to the limit were almost all packets were discarded. The situation was visible with an abnormal increment of LOST-BUF statistic and with number of buffer occupied >0 even in absence of traffic (debug res:iprtr lsn:10).

    One was introduced in 8.5.0, one in 8.6.0. All users must update to 8.6.3 to prevent the blockage of an IP resource.

  • Several fixes for corner cases of SPEEDLIMIT management. The were different possible effects of the bugs, ranging from imprecise speedlimit with small packets to near blockage of transmission.

  • Fixed bug when both COS BALANCE and IP SHAPING are present: it was possible that normal/lower accumulator was reset even if packet wasn't really sent: this caused COS balancing to not work properly with correct flow percentages.

  • Changed behaviour of AIPT line overhead detection: now it is directly made by PLINKE and also speed-limit correction.

  • Fixed handling of OPSTATE:DOWN. Incoming packets were not discarded.

  • Fixed bug that caused PING-STATE: diagnostic to be shown even if STATE-DETECT:NORMAL.

Aipt2
  • Path with dependency (backup paths) are now ignored for TUNNEL:SOME-UP state, that now considers only the permanent paths,

  • Added TUNNEL:BACKUP-UP state, that is set when at least one path with dependency (backup path) is UP.

  • Fixed bug that caused multi-path to take highest speed-limit value even if the PATH was DOWN. Now it is taken considering only paths UP.

  • Added SPL-OVFL statistic for paths in case speed-limit calculation/accumulator is bigger than maximum allowed.

  • Fixed bug that prevented to use internal addresses and loopback addresses (127.0.0.1).

  • Client: changed behaviour when path state goes to FAILURE: socket is not cleared.

  • Changed DEBUG LSN:5 adding line MAX overhead.

Aipt
  • Changed behaviour of AIPT line overhead detection: now it is directly made by PLINKE and also speed-limit correction. Previously it was made by IPRTR and there was some chance of bad computation in presence of very specific configurations.

  • Added protection to avoid that a specific AIPT is recursive with its own during line overhead detection.

Ip shaping
  • Fixed range of 'buf' parameter, it was [500..50000] instead of [500..10000].

  • Fixed bug that caused limitation up to 500 users even if IPSH parameter maxuser: was set higher.

  • Added purge of usertable every 30 seconds: it is made for each user direction, in case both directions are deleted, main user is deleted too.

  • Fixed a bug that could cause memory exception in case users are more than maxusers: configured. Check on the limit was missing.

  • Fixed bug in RULE table: time interval made wrong check with day of week.

  • Fixed bug that caused outgoing fragmented packets to be sent only first fragment and not the remaining.

Ssl
  • Unified MAX-SRV and MAX-CLI values into a single MAXSES value.

  • Fixed a bug that caused failure of SSL/TLS sessions with RElliptic Curves when the overall number of sessions was too small, typically < 8.

DHCP server
  • Added a log message when the renew or requests is for an IP address not managed by the dhcp server, i.e. not present in POOLS, BINDS, HOSTS.

Icmp
  • Added a minimum value of reassembly buffers (20) in case parameter loaded from CNFG (IPRTR_ICMPRBN) is less.

Ldap
  • LDAP: fixed Account NAME parameter help, length is 32 and not 16 characters as it was written in the help.

Cti router
  • D CTIC: hidden TON attribute in cgi/cdo when it is equal to 'any/unchanged' (it was wrongly printed staring from build 4226).

  • Fixed preparation of CTIL statistic VFM-OVR. But bug caused the statistic was never increased even in case of discarded packet.

Cellbox
  • Applied workaround for Sim5210/5218 bug that in some installations provided incorrect calling number in received calls. The calling number of the previous call was returned instead of the correct one.

  • Fixed a bug that prevented to work with operator codes for which an operator name was not available.

    This situation can occur since the operator names is provided by the module itself and may not be updated with newer operators.

Sip
  • Added workaround for buggy peers: discard incoming voice packets with payload type (codec) different from negotiated one and force resynchronization when the first voice packets with negotiated codec is received.

  • Fixed RTCP channel to provide appropriate NTP timestamp and SSRC in an outgoing packet.

  • Fixed RTCP channel to provide SSRC also in 'Source description IE' in an outgoing packet.

Snmp
  • AIPT2: Added traps for IP resources over Abilis tunnel v.2 (cxTrapIpTunnelAllDown, cxTrapIpTunnelSomeUp, cxTrapIpTunnelAllUp, cxTrapIpTunnelBackupUp)

  • SSL: added 'cxSslDgMaxSess' to cxCpSslDgTable and obsoleted 'cxSslDgMaxSrv' and 'cxSslDgMaxCli' (no longer supported).

Known bugs


Abilis CPX 2000, update 8.6.2

Released on February 21, 2018.

Enhancements

Ip processing
  • Another step in performance improvements of IP packets processing.

    In some situation the performance gain respect to 8.6.1 is 50% and more.

    A relevant gain has been obtained when historical TRFA is enabled on an Ip Resource, and a even bigger one when TRFA realtime is ongoing. If both are active simultaneously the gain is close to 100% (performances doubled)

    The gain can appear as higher throughput or lower cpu consumption.

Aipt2
  • Improved AES hardware decryption on Intel processors.

    Overall AIPT2 throughput when making hardware AES decryption is nearly doubled.

Cp
  • DEBUG TASK: CT% option now accepts floating point numbers with decimal point.

Nat
  • D NAT MAPS now shows the NAT record (PR) that was used to create the map.

    If the PR record is changed and INIT RES:NAT issued, the PR value in D NAP MAPS is cleared because the map was not created with the record currently configured.

Bug fixes

Sip
  • Temporary removed the RTP reordering introduced in 8.6.0.

    Problems appeared with voice calls being suddenly mute in one direction.

    Although seldom it was not tolerable, and since some problems persisted even after a fix we decided to temporary revert to the solution without reordering being used for years.

    RTP reordering will be reimplemented and re-added in some future version.

  • Fixed a bug with early media in a specific case.

    If CtiSIp received Session Progress (and thus started audio delivery) and then received a Ringing, the audio was stopped in the called-to-caller direction and replaced by a local tone. Now the audio stream is preserved.

Known bugs


Abilis CPX 2000, update 8.6.1

Released on January 31, 2018.

Enhancements

Ip processing
  • Generalized performance improvements in whole IP packets processing.

    The gain is largely variable but seems to be around 20/30%.

    The gain can appear as higher throughput or lower cpu consumption.

Cp
  • Improved help from DEBUG RES:xxx command. It is now coherent with the specified resource.

  • Improved DEBUG TASK command. It is possible to show only tasks with CPU% consumption above the specified value.

    [12:57:59] ABILIS_CPX:debug task ct%:1
    
    Total Number of Tasks: 1800
    
    Tasks information (cleared 0 days 01:06:42 ago, on 31/01/2018 at 11:51:21):
    
    Name            Prio State      R.Del  MStck     Scheds  CT% WaitingAt
    ----------------------------------------------------------------------------
    IPR:SVC_Recv_Pk    3 BlckdWait          7672  428479563 28.8 IPR_Wait_Send_Ncb
    IPR:SVC_Recv_Pk    3 BlckdWait          7672  428479563 28.8 IPR_Wait_Send_Ncb
    SIM:Pkt_Creator    3 Ready              1784  428479564  7.3
    SIM:Pkt_Creator    3 BlckdWait          1784  428479564  7.8 SIM_Wait_Ncb_Receive
    COR:Svc315-001     3 Suspended          1364 1285438692 13.0
    COR:Svc316-001     3 Ready              1364 1285438691 12.9
    
    [12:58:04] ABILIS_CPX:                                                                 
    [13:01:15] CPX_220:debug task ct%:20
    
    Total Number of Tasks: 1800
    
    Tasks information (cleared 0 days 01:09:54 ago, on 31/01/2018 at 11:51:21):
    
    Name            Prio State      R.Del  MStck     Scheds  CT% WaitingAt
    ----------------------------------------------------------------------------
    IPR:SVC_Recv_Pk    3 BlckdWait          7672  449082170 28.8 IPR_Wait_Send_Ncb
    IPR:SVC_Recv_Pk    3 Ready              7672  449082169 28.8
    
    [13:01:16] ABILIS_CPX:                                                                   
    [13:01:16] ABILIS_CPX:debug task ?
    
    DEBUG TASK CLEAR              Clear the task switch counters and CPU time usage
                                  statistics for all tasks and interrupts
    DEBUG TASK [par:val]          Display Tasks information and statistics
    
    Additional options/parameters:
    
    SIZE:      Size of the buffer used for tasks statistics retrieval    <Optional>
               [64..2048 Kibyte]. Default buffer size is 512 Kibyte.
    F:         Filtering string for task name (max 20 chars)             <Optional>
               Spaces require double quotes (E.g. "aaa bbb").
    MSTCK:     Only values of MStck (Minimal Stack) below or equal the   <Optional>
               specified value are shown [0..99999 byte]
    CT%:       Only values of CT% (Percentage of CPU time) greater or    <Optional>
               equal then the specified value [0..100]
    ALL        Request all available debug information                   <Optional>
    
    [13:01:59] ABILIS_CPX:                                                                 

Bug fixes

Ip router
  • Fixed a bug in SPEEDLIMIT that in some conditions caused an wrong measure with incorrect speed reduction.

    The bug is more visible with small values of speedlimit.

    The bug was introduced in 8.6.0.

Dns
  • The UDP session of internal resolver is now opened at startup. Before it was opened at first request.

Cellkey
  • Fixed a bug that prevented the old DU7200 UMTS cellkey from functioning. The bug was introduced in 8.5.0.

Known bugs


Abilis CPX 2000, update 8.6.0

Released on January 19, 2018.

Enhancements

Ip Resource
  • Added a new IP resource with subtype AIPT2 (please refer to specific AIPT2 paragraph).

  • STATE-DETECT:PING added P-GW:DHCP option to send pings through the default gateway retrieved via DHCP.

    [16:55:11] ABILIS:d p ip-2
    
    RES:Ip-2 ----------------------------------------------------------------------
    ...
           - PING section ---------------------------------------------------------
           P-LOC:IPADD            P-DST1:#                   P-DST2:#
           P-GW:DHCP
    ...
    
    [16:55:13] ABILIS:d p ip-2 ?
    ...
    ---------- PING ---------------------------------------------------------------
    ...
    P-GW:      IP address of the gateway [1-126.x.x.x, 127.0.0.1,
               128-223.x.x.x] or # or DHCP.            <Only for STATE-DETECT:PING>
    ...

  • Removed IPCOS to VLAN priority LOW/NORMAL/HIGH correspondence in IPRTR and added on a per-resource.basis in IP Over LAN/LAN-PT, POEAC, POECLI.

    Example for IP over LAN:

    [17:02:37] ABILIS:d p ip-2
    
    RES:Ip-2 - --------------------------------------------------------------------
    ...
           - Lan ------------------------------------------------------------------
           ARP-RENEWAL-TIME:120    VLAN-ID:10             PRIO-ARP:0
           PRIO-IP-LOW:1           PRIO-IP-NORMAL:0       PRIO-IP-HIGH:5
    ...
    
    [17:02:40] ABILIS_206:d p ip-2 ?
    ...
    PRIO-IP-LOW: VLAN priority for LOW IPCOS [0..7]
                                                        <Only for VLAN-ID <> UNTAG>
    PRIO-IP-NORMAL: VLAN priority for NORMAL IPCOS [0..7]
                                                        <Only for VLAN-ID <> UNTAG>
    PRIO-IP-HIGH: VLAN priority for HIGH IPCOS [0..7]
                                                        <Only for VLAN-ID <> UNTAG>        
    ...                                                            

  • Increased input and output speedlimit maximal value for 100 Mbps to 1 Gbps.

    [17:02:40] ABILIS:d p ip-2 ?
    ...
    OUTSP:     Output speed limitation value [64..1000000 Kbit/sec]
                                                 <Only for OUTSPL: not equal to NO>     
    ...
    INSP:      Input speed limitation value [64..1000000 Kbit/sec]
                                           <Only for INSPL/OUTSPL: not equal to NO>        
    ...

Ip router
  • Improved performances when IPACL are enabled (ACL:YES).

  • Various improvements and fixes in the handling of priorities when output buffers are full (also input buffers, if used).

AIPT2
  • This new type of resource offers the possibility to create a tunnel with up to 6 paths, and use them for load balancing and/or for redundancy (former AIPT double path now AIPT2 multipath), as well as for backup purposes by means of dependency setting.

    The core characteristics of AIPT2 are:

    • Simplified and more efficient architecture respect to AIPT. It is designed from ground up for IP VPNs (IP in UDP tunnels).

    • Simplified configuration

    • Strong authentication using passwords and/or Abilis id (same as NPV).

    • Strong and fast ciphering with AES256 cipher, and use of Intel AES-NI and VIA ECE processor extensions when available.

    • Embedded multipath redundancy.

    • Embedded load balancing among paths and multipaths.

    • Embedded paths backup by means of dependencies rules (client side).

    • Individual 'per path' speedlimit.

    • Opportunistic packet reordering for each IPCOS priority.

    • TCP-MSS-CLAMP feature to optimize TCP flows.

    • Ciphering and Data compression (data compression requires specific licence) controllable just on one side, the server.

    • IMPORTANT: the tunnel packets, i.e. control and encapsulated payload, that AIPT2 sends out obey IPACL for all parameters except for IPCOS which is enforced by means of C-IPCOS: and D-IPCOS: parameters.

      On the contrary the clean payload, i.e. decapsulated packets, fully obey IPACL.

    In the example below:
    • path 1 is disabled

    • paths 4 and 5 are configured as a redundancy multipath, i.e. packets are duplicated on both path

    • path 6 is activated when either path 2 or 3 goes down

    • load balancing is performed across paths 2, 3, 4/5 as multipath, with path 6 taking place of 2 or 3 or both in case they go down.

    Server:

    [21:56:35] ABILIS_205:d p ip-11
    
    RES:Ip-11 ---------------------------------------------------------------------
           - Abilis IP tunnel v.2 (AIPT2) -----------------------------------------
    Run    DESCR:
           OPSTATE:UP              LOG:NO                 STATE-DETECT:NORMAL
           IPADD:172.020.011.205   MASK:255.255.255.000   NEIGH:000.000.000.000
           REDIS:YES     HIDE:NO         RP:NONE            IPSEC:NO       VRRP:NO
           NAT:VPN                       DIFFSERV:NO        DDNS:NO
           OUTBUF:250    OUTQUEUE:FAIR   MTU:1500
           OUTSPL:NO
           INBUF:0                       mru:1500           SRCV:NO
           - TRFA section ---------------------------------------------------------
           TRFA:NO
           - IP Tunnel ------------------------------------------------------------
           ROLE:SERVER   CR:NO     COMP:NO       FRAGSIZE:1480  TRY:5     TOUT:5000
           LOCKEY:ip11             LOCPORT:4011  C-TOS:0-D      DLY-UP:10 THR-DN:30
           REMKEY:ip11                           C-IPCOS:HIGH   DLY-TOUT:3
           REMABILIS-ID:           RS-BUF:250    D-TOS:COPY     BURST:1
           NUMPATHS:6              REORDER:NO    D-IPCOS:COPY   BURST-DLY:100
           - IP Tunnel Paths ------------------------------------------------------
           x  MPx: OUTSPx: OUTx:  LOCIPx:         REMIPx:
                           GWx:                   SPL-OVHx:
           --+----+-------+------+---------------+---------------------------------
           1 |     NOMAX   AUTO   *               *
           2 |     NOMAX   AUTO   *               *
           3 |     NOMAX   AUTO   *               *
           4 |A    NOMAX   AUTO   *               *
           5 |A    NOMAX   AUTO   *               *
           6 |     NOMAX   AUTO   *               *
    
    [21:56:38] ABILIS_205:                                                                 

    Client

    [21:53:49] ABILIS_206:d p ip-11
    
    RES:Ip-11 -----------------------
           - Abilis IP tunnel v.2 (AIPT2) -----------------------------------------
    Run    DESCR:
           OPSTATE:UP              LOG:NO                 STATE-DETECT:NORMAL
           IPADD:172.020.011.206   MASK:255.255.255.000   NEIGH:000.000.000.000
           REDIS:YES     HIDE:NO         RP:NONE            IPSEC:NO       VRRP:NO
           NAT:VPN                       DIFFSERV:NO        DDNS:NO
           OUTBUF:250    OUTQUEUE:FAIR   MTU:1500
           OUTSPL:NO
           INBUF:0                       mru:1500           SRCV:NO
           - TRFA section ---------------------------------------------------------
           TRFA:NO
           - IP Tunnel ------------------------------------------------------------
           ROLE:CLIENT                           FRAGSIZE:1480  TRY:5     TOUT:5000
           LOCKEY:ip11             LOCPORT:4011  C-TOS:0-D      DLY-UP:10 THR-DN:30
           REMKEY:ip11             REMPORT:4011  C-IPCOS:HIGH   DLY-TOUT:3
           REMABILIS-ID:           RS-BUF:250    D-TOS:0-N      BURST:1
           NUMPATHS:6              REORDER:AUTO  D-IPCOS:COPY   BURST-DLY:100
           - IP Tunnel Paths ------------------------------------------------------
           x  MPx: OUTSPx: OUTx:  LOCIPx:         REMIPx:
              DEPx:        GWx:                   SPL-OVHx:
           --+----+-------+------+---------------+---------------------------------
           1 |     NOMAX   AUTO   OUT-IP          #
           2 |     NOMAX   AUTO   OUT-IP          172.020.002.205
           3 |     NOMAX   AUTO   OUT-IP          172.020.003.205
           4 |A    NOMAX   AUTO   OUT-IP          172.020.004.205
           5 |A    NOMAX   AUTO   OUT-IP          172.020.005.205
           6 |     NOMAX   AUTO   OUT-IP          172.020.006.205
              2|3          #                      AUTO
    
    [21:53:51] ABILIS_206:                                                                 

    Help, section of AIPT2.

    [21:53:51] ABILIS_206:d p ip-11 ?
    
    Ip-11 (Abilis IP tunnel v.2) resource parameter(s):
    ...
    ---------- IP Tunnel ----------------------------------------------------------
    ROLE:      Tunnel role [CLIENT, SERVER].
    CR:        Enable encryption [NO, YES].                  <Only for ROLE:SERVER>
    COMP:      Compression type for DATA frames [NO, LZO1X, LZO1B, LZO1F].
                                                             <Only for ROLE:SERVER>
    FRAGSIZE:  Maximum size of outer tunnel packets [256..1500 byte].
    LOCKEY:    Identification key to send to remote peer.
               Max 16 characters. Space not allowed.
    REMKEY:    Identification key that must match the one provided by remote
               tunnel. The match is case-insensitive.
               When empty the received identification key is not validated.
               Max 16 ASCII characters. Space not allowed.
    REMABILIS-ID: Abilis-ID that must match the one provided by the remote peer.
               When empty the received Abilis-ID is not validated.
               Up to 10 numeric characters ['0'..'9'].
    LOCPORT:   Local UDP port number [1..65535].
               Packets are sent with this port as source port.
               Packets are received with this port as destination port.
    REMPORT:   Remote UDP port number [#,1..65535].          <Only for ROLE:CLIENT>
               With # the path is disabled.
               Destination port in transmitted packets, and verified to be the
               source port in received packets.
    NUMPATHS:  Number of paths enabled and configurable  [1..6].
    REORDER:   Reorder timeout for received packets [NO, AUTO, 1..200].
    RS-BUF:    Receive buffer for tunnel payload reassembly [1..1000 Kibyte].
    D-TOS:     TOS or DS field for tunnel DATA PAYLOAD packets:
               - p-t: PRECEDENCE-TOS, 'p' [0..7], 't' [N, D, T, R, C]
               - bbbbbb: DS value bit by bit, 'b' [0, 1]
               - COPY: TOS/DS field is copied from payload to envelope.
    C-TOS:     TOS or DS field for tunnel CONTROL packets:
               - p-t: PRECEDENCE-TOS, 'p' [0..7], 't' [N, D, T, R, C]
               - bbbbbb: DS value bit by bit, 'b' [0, 1].
    D-IPCOS:   IP class of service (priority) for tunnel DATA PAYLOAD packets.
               In AIPT2 the IPCOS of encapsulated tunnel packets is enforced in
               the IpRes itself, and subsequently preserved through the IPACL.
               - HIGH, NORMAL, LOW: IPCOS for tunnel DATA PAYLOAD packets.
               - COPY: the IPCOS of tunnel DATA PAYLOAD packets is determined
                       by IPACL before the packet is inserted in the tunnel,
                       propagated to the encapsulated packets and then preserved
                       through the subsequent IPACL.
    C-IPCOS:   IP class of service (priority) for tunnel CONTROL packets.
               In AIPT2 the IPCOS is enforced in the IpRes itself, and preserved
               through the subsequent IPACL.
               - HIGH, NORMAL, LOW: IPCOS for tunnel CONTROL packets.
    TRY:       Number of CONTROL probes considered for the state detection [2..50].
    TOUT:      Timeout for reply reception [100..10000 ms].
    DLY-UP:    Interval between CONTROL probes while state is UP [1..60 s].
    DLY-TOUT:  Interval between CONTROL probes while state is UP and last try
               timed out [1..60 s].
    THR-DN:    When percentage of successful CONTROL probes decreases down to this
               threshold the state is changed to DOWN [0..90].
    BURST:     Number of requests sent at each CONTROL probe [1..10].
    BURST-DLY: Interval between requests of the same CONTROL probe [0..100 ms].
    ---------- IP Tunnel Paths ----------------------------------------------------
    x:         Path number [1..NUMPATHS] to be used as suffix in path parameters,
               e.g. s p ip-10 locip1:* remip1:*.
               The load balancing is performed among the mutipaths.
    
    MPx:       Multipath bundle identifier, when the path is part of a redundancy.
               An empty value excludes the path from any redunded multipath, it
               is therefore individually used only for load balancing.
               Empty or # or an letter [A..F]
    DEPx:      Dependency on state "not UP" of specified paths.
               This path is activated when the logical combination of the states
               of dependency paths is "not UP", otherwise it stays down.
               One or more path value [1..6] and logical operators AND/OR [&,|] or
               an empty string or # to clear it.
               Max 5 paths and 4 operators. AND is evaluated before OR.
               (E.g. DEP4:1 or DEP1:2&3 or DEP6:1&2|3&4|5)   <Only for ROLE:CLIENT>
    OUTSPx:    Speedlimit, in kbit/sec applied to the path. The resource speedlimit
               OUTSP, if enabled, determines the overall tunnel speedlimit.
               NOMAX or [64..1000000 Kbit/sec]
    OUTx:      Output IP resource [AUTO, Ip-1..Ip-250]
    GWx:       Gateway for OUTx:Ip-xxx [#, 1-126.x.x.x, 127.0.0.1, 128-223.x.x.x].
    LOCIPx:    Local IP address for incoming/outgoing UDP packets on path x
               [*, R-ID, OUT-IP, Ip-nnn, 1-126.x.x.x, 127.0.0.1,
               128-223.x.x.x].
               The value OUT-IP is allowed only for ROLE:CLIENT.
               The value * is allowed only for ROLE:SERVER.
    REMIPx:    Remote IP address for incoming/outgoing UDP packets on path x
               [*, #, 1-126.x.x.x, 127.0.0.1, 128-223.x.x.x, 'list', FQDN], where
               - # : the path is disabled;
               - * : any remote IP address is accepted (only for ROLE:SERVER);
               - 'list': the name of an IP/IR/RU/MR list between single quotes
                         (only for ROLE:SERVER);
               - FQDN: the FQDN name of the remote server, max. 64 characters
                 in the range ['0'..'9', 'a'..'z', '-', '.' ],
                 FQDN name is forced to lower case (only for ROLE:CLIENT).
    SPL-OVHx:  Overhead added by lower layer drivers which is used by
               speed-limit procedure. AUTO or a couple of values "enc,line",
               where:
               - 'enc' is the encapsulation type and can be [RAW-IP, RAW-PPP,
                 FR-IETF, RFC1483-VCMUX, RFC1483-LLCMUX, RFC2364-VCMUX,
                 RFC2364-LLCMUX, PPPOE, PPPOE-BRIDGED, IPOE-BRIDGED];
               - 'line' is the protocol type and can be [ETH, HDLC, AAL5, PTM].
    
    [22:02:42] ABILIS_206:                                                                 

    Statistics and diagnostics are very detailed , here is a short summary example, client side.

    Please explore the commands D D[E] ip-xx , D S[E] ip-xx [path[:1|2|3|4|5|6|a]

    [22:12:44] ABILIS_206:d de ip-11
    
    RES:Ip-11 - Abilis IP tunnel v.2 (AIPT2) --------------------------------------
           STATE:UP              LINK-STATE:LINKREADY
           CUR-IPADD:172.020.011.206    CUR-MASK:255.255.255.000
           OUTBUF:250   S-OUTBUF:1250   CUR-OUTSP:N/A      OUTSP-TOUT:N/A
           INBUF:0      S-INBUF:0       CUR-INSP:N/A       INSP-TOUT:N/A
           - IP Tunnel ------------------------------------------------------------
           ROLE:CLIENT  TUNNEL-STATE:SOME-UP   LOCPORT:4011   CR:NO   COMP:NO
           - IP Tunnel Paths ------------------------------------------------------
           x  STx: MPx: OUTSPx: OUTx:  LOCIPx:         REMIPx:               SPL-OVHx:
           --+----+----+-------+------+---------------+---------------------+--------
           1 |-         NOMAX   AUTO   -               -
           2 |UP        NOMAX   AUTO   172.020.002.206 172.020.002.205:4011  RAW-IP,ETH
           3 |UP        NOMAX   AUTO   172.020.003.206 172.020.003.205:4011  RAW-IP,ETH
           4 |UP   A    NOMAX   AUTO   172.020.004.206 172.020.004.205:4011  RAW-IP,ETH
           5 |UP   A    NOMAX   AUTO   172.020.005.206 172.020.005.205:4011  RAW-IP,ETH
           6 |dn        NOMAX   AUTO   -               -
           - Throughputs (bit/sec), Control pck RTT (ms) and missing ---------------
           x  | 5secIn 5secOut  5minIn 5minOut|Last |Min  |Max  |Avg  |LMiss%|RMiss%
           ---+-------+-------+-------+-------+-----+-----+-----+-----+------+------
           TUN|    0       0       0       0  |    -     -     -     -      -      -
           1  |    0       0       0       0  |
           2  |    0       0       0       0  |    1     1     1     1    0.0    0.0
           3  |    0       0       0       0  |    1     1     1     1    0.0    0.0
           4  |    0       0       0       0  |    0     0     0     0    0.0    0.0
           5  |    0       0       0       0  |    0     0     0     0    0.0    0.0
           6  |    0       0       0       0  |    -     -     -     -      -      -
    
    [22:12:47] ABILIS_206:d s ip-11
    
    RES:Ip-11 - Abilis IP tunnel v.2 (AIPT2) --------------------------------------
           --- Cleared 0 days 01:18:32 ago, on 19/01/2018 at 20:54:22 -------------
           -----------|---INPUT---|--OUTPUT---|-----------|---INPUT---|--OUTPUT---|
           DG         |          0|          0|CHAR       |          0|          0|
           TCP        |          0|          0|ESP        |          0|          0|
           UDP        |          0|          0|AH         |          0|          0|
           ICMP       |          0|          0|DG-FRAG    |          0|          0|
           LOST-ACC   |          0|           |BAD-CHK    |          0|           |
           LOST-BUF   |          0|          0|BAD-HDR    |          0|           |
           LOST-LOOP  |           |          0|BAD-LEN    |          0|           |
           LOST-ADDR  |          0|          0|LONG       |          0|          0|
           LOST-OTHER |           |          0|SHORT      |          0|           |
           NO-ROUTE   |          0|           |SPL-OVFL   |          0|          0|
           TTL-EXP    |          0|          0|BAD-ENC-HDR|          0|           |
           IPP-DOWN   |          1|           |BAD-L-FRAG |          0|           |
           PING-MISSGW|           |          0|LOST-L-FRAG|          0|           |
           ------------------------------------------------------------------------
           - IP Tunnel ------------------------------------------------------------
           -----------|---INPUT---|--OUTPUT---|-----------|---INPUT---|--OUTPUT---|
           PCK        |          0|          0|CHAR       |          0|          0|
           MISSING    |          0|           |NOBUF      |          0|           |
           -----------|-LOC-TOTAL-|-LOC-5min--|-REM-TOTAL-|-REM-5min--|------------
           MISSING%   |       0.00|       0.00|       0.00|       0.00|
           MISSING    |          0|          0|          0|          0|
           PCK        |          0|          0|          0|          0|
           DOWN       |          1|          0|          0|          0|
           UP         |          2|          0|          1|          0|
           ------------------------------------------------------------
    
    [22:12:54] ABILIS_206:                                                                            

    IMPORTANT: tunnel throughput measures the throughput of the user payload (user data), while the throughput of individual paths measures the bandwidth consumed by each path, including all transport overheads, providing the SPL-OVERHEAD is properly detected or set.

    Please refer to Abilis tutorial for further details.

User parameters
  • Added CTI-ROLE parameter.

    CTI-ROLE is used in all places where the distinction between NETWORK or EXTENSION is relevant.

    [13:08:24] ABILIS_:d user:test
    
    Parameter:          | Value:
    --------------------+----------------------------------------------------------
    USER:                 test
    REAL-NAME:            test
    ID:                   9             <Read Only>
    PWD:                  ***
    ACT:                  YES
    CTI-ROLE:             EXTENSION
    ...
    
    [13:08:27] ABILIS:d user:test ? cti-role
    
    User's parameter(s):
    
    CTI-ROLE:  Role of this user in CTI environment [EXTENSION, NETWORK]:
               - EXTENSION: for user belonging to local extensions;
               - NETWORK  : for user belonging to network connections.
               This parameter affects call indication in calls log and OPC panel:
               for CTI-ROLE:NETWORK the direction of the call is reversed.                                                                                    

Recent calls
  • Added support for CTI-ROLE parameter.

    The number/name is shown in web pages depending on call direction and CTI-ROLE.

    Incoming calls

    Extension: calling number and name

    Network: called number and name

    Outgoing calls

    Extension: called number and name

    Network: calling number and name

Call Logs
  • Unified cticall-in.log and cticall-out.log files in cticalls.log (v.7.0) and added all necessary conversions from previous version logs.

  • Added support for CTI-ROLE parameter.

    The number/name is shown in web pages depending on call direction and CTI-ROLE:

    Incoming calls

    Extension: calling number and name

    Network: called number and name

    Outgoing calls

    Extension: called number and name

    Network: calling number and name

Opc
  • Added location accuracy to the presentation of Abilisphone user location.

  • Added "Networks" section. User parameter CTI-ROLE.

    In this example the user "network" has been configured with CTI-ROLE:NETWORK, as a result it appears in the "networks" tab and the calling/called and direction are reversed.

    User "pippo" calls number 05210 which sent out from abilis using cluster of user "network": the call appears outgoing for both users and it also appears in the Networks box.

    [19:16:55] ABILIS:d useR:network
    ...
    USER:                 network
    CTI-ROLE:             NETWORK   
    CLUS:                 CLUSTER
    
    [19:16:57] ABILIS:d user:pippo
    ...
    USER:                 pippo
    CTI-ROLE:             EXTENSION
    CTIP:                 101
    
    
    [19:17:32] ABILIS:d ctic
    
    SES  ID   Type Input    Output   PR  State  Cgi (Calling In)      Cdo (Called Out)
    ---- ---- ---- -------- -------- --- ------ --------------------- ---------------------
    3    3    VtoC 101      CLUSTER  4   ACTIVE 5101                  0521

    Figure:

    Figure:

DNS
  • Added possibility to restrict the logging of client's request to specific ip addresses, up to three.

    There's no distinction on which of the addresses made the request, therefore to know the requests from a specific client it is necessary to filter only one IP address at a time.

    [17:19:58] ABILIS:d p dns
    
    RES:Dns -----------------------------------------------------------------------
    ...
           RELAY-LOG-REQUESTERS:
    ...
    
    [17:23:38] ABILIS_206:d p dns  ?
    ...
    RELAY-LOG-REQUESTERS: List of requester(s) IP addresses that are used to filter
               DNS log.
               Empty or max 3 IP addresses separated by separated by ',' (comma).
    
    The filter can be set on web pages too.

    Figure: DNS Web filter

    DNS Web filter

  • Fixed and improved statistics and diagnostics.

    Brand new statistics: , , , .

    CACHE-HIT

    Request resolved from cache

    SERVER-HIT

    Request resolved from Abilis local dns server (D DNS RESOLVER DOMAIN or REVERSE)

    BLACKLISTED

    Request negated because domani/fqdn is blacklisted.

    DENIED-PTR

    PTR request (reverse lookup) has been denied because the request is for a private IP address and the PRI/SEC DNS server selected for the resolution has NOT a private IP address.

    IMPORTANT: PTR requests for private IP addresses are forwarded to external DNS server only if the IP address of DNS server is private too.

  • Internal requests are now handled in parallel, up to 100 simultaneously.

    This improvements makes use of FQDNs in drivers more effective.

Sip
  • Added the support to RTP voice packets reordering (not for T.38).

Iolog
  • Added table visualization.

    On top of graph an icon allows to switch between table and graph.

    Figure: Graph

    Graph

    Figure: Table

    Table

VS
  • Storage expressed in GiB instead of number of files.

Lua
  • Added Lua examples.

  • Added web page to manage Lua examples.

    Figure: Lua examples

    Lua examples

Snmp
  • Added AIPT2.

  • Several other updates. Please refer to the release document for further details .

Configuration Converter
  • Removed conversion from versions 5.x and 6.x.

    In case you still need to convert from 5.x and 6.x please make an intermediate conversion using a 8.5.x converter, or any other converter able to convert at least to 7x.

Bug fixes

Known bugs