Avi Vantage 17.2.4 Release Notes

Note: Avi Vantage’s patch upgrade feature is explained in this article.

Issues Resolved in Patch Release 17.2.4-1p3

  • AV-31496: Support MAC masquerade in VMware

Issues Resolved in Patch Release 17.2.4-1p2

  • AV-31513: state_cache_mgr process keeps restarting, consuming memory

Issues Resolved in Patch Release 17.2.4-1p1

  • AV-30860: Creating subnets within a network with intersecting pool ranges should not be allowed
  • AV-31184: The restore_config.py script should not run if the Controller has any configuration
  • AV-31189: After a Controller warm start, virtual services go to OPER_PARTITIONED state

What’s New in 17.2.4

Issues Resolved in 17.2.4

  • AV-16469: Avi Controller slow to pick up new configurations after OpenShift or Avi Service Engine reboots
  • AV-16748: Memory leak in job manager
  • AV-17025: The number of open connections is incorrect
  • AV-20067: OpenShift: Gateway monitor does not work
  • AV-20280: Certificates are incorrectly chained if intermediate certificates have the same name
  • AV-25165: PATCH is not supported for virtual service HTTP policy
  • AV-25581: OpenShift: BFD is not supported
  • AV-25974: API returns 504 when importing application profile object
  • AV-26023: Analytics log does not show NXD response code triggered by DNS policy
  • AV-26558: OpenStack: Avi API times out during large heat stack deployment
  • AV-26740: Avi CLI Linux-mode command not honoring cloud name parameter
  • AV-27066: Exporting a virtual service does not include all dependencies
  • AV-27935: SERVER_DELETD event seen when there is an update of the corresponding VM in vCenter
  • AV-28227: Filtering virtual service logs using Service Engine name is not working
  • AV-28492: Duplicate IP addresses getting assigned to Service Engine’s data vNIC
  • AV-28663: Service Engines can fail if a large amount of data is cached
  • AV-28903: Packet drops in the TX direction for non-VIP traffic
  • AV-28968: Cannot create DNS records when using Infoblox profile
  • AV-29045: Streaming log throttling not working when throttling is set to 0
  • AV-29261: Security tab doesn’t fully load on Avi UI
  • AV-29284: Trending health score does not load in Avi UI (just showing spinner)
  • AV-29439: Avi UI does not display the progress of Service Engine upgrade
  • AV-29529: vCenter Cloud : After upgrade, network object configuration can get lost
  • AV-29611: OpenShift: Traffic to non-primary Service Engine fails when using ECMP scale out
  • AV-29700: Cannot migrate a VIP sharing virtual services to a new SE group even after disabling the virtual services
  • AV-29799: EBS optimization not enabled on EC2 instances
  • AV-29930: Cannot SSH as CLI user
  • AV-30073: Updated SSL certificate does not take effect until virtual service is disabled and re-enabled
  • AV-30228: OpenShift: All virtual services placed on one Service Engine are not reachable
  • AV-30378: Service Engine may fail under queue-full conditions with UDP/DNS health monitor configured

Issues Resolved in Patch Release 17.2.3-1p3

  • AV-29931: DNS health monitor intermittently flaps

Issues Resolved in Patch Release 17.2.3-1p2

  • AV-29555: Avi Vantage doesn’t support active/backup port channel in Cisco CSP 2100

Issues Resolved in Patch Release 17.2.3-1p1

Note: Avi Vantage’s patch upgrade feature is explained in this article.

  • AV-29225: In Microsoft Azure cloud, Avi Vantage does not support an SSL-application VS having a floating IP
  • AV-29261: The Avi UI’s security tab doesn’t fully load
  • AV-29284: The Avi UI’s trending health score does not load — it just shows a spinner
  • AV-29469: Upgrading Linux bare-metal deployments is broken in the 17.2.x release family

What’s New in 17.2.3

Issues Resolved in 17.2.3

  • AV-25448: Management access to Avi Controller is restricted even after removing the access control rules
  • AV-25646: Weak cipher is used on certificate that’s used for Controller-SE communication on port 8443
  • AV-25716: With connection multiplexing is disabled and IP persistence is enabled, multiple requests on the same connection may result in SE failure
  • AV-25891: When custom Geo-DB is configured, DNS analytics logs may show conflicting location information
  • AV-25952: Service Engine fails when multiple pool groups are attached to a DataScript
  • AV-26095: SSL certificate content update done in OpenShift is not picked up by Avi Vantage
  • AV-26118: When using IE11 browser, the Operations menu does not respond and VS pop-up menu formatting is broken
  • AV-26629: BGP state on SE is not initialized after many VRF updates
  • AV-26663: Upgrade fails if there are a large number of alerts
  • AV-26726: Sending multiple DNS requests over the same TCP connection causes SE to fail
  • AV-26831: If timestamp option is not present in a TCP packet, RTT values and timestamps in client logs may be incorrect
  • AV-26836: Upgrade fails when a tenant name contains a plus (+) symbol
  • AV-26984: If connection multiplexing is disabled, graceful disable of servers may cause an SE failure
  • AV-27215: Unable to create virtual service for OpenStack cloud with Infoblox DNS provider
  • AV-27273: In the VS logs tab of Avi UI, bar graph is blank even though log details appear in the logs pane
  • AV-27378: During an upgrade from 16.x version, an SE fails if it gets disconnected from the Avi Controller
  • AV-27396: In auto-allocation of VIPs, IP addresses overlap with other VIPs in the system
  • AV-27876: In an OpenShift cloud, cloud-inventory call fails in Avi UI
  • AV-27894: User sees the <sensitive> tag in the private key field, despite having the superuser role
  • AV-28058: The AWS Auto Scaling group list displayed while creating a pool is not complete
  • AV-28502: Generation of an SE’s authentication token works only in admin tenant

Known Issues in 17.2.3

  • AV-29155: With Docker CE version 17.09, Avi Controllers and Avi SEs cannot be co-located on the same host. If they are, restart of any of them will fail.
  • AV-29469: Upgrade for Linux server cloud will be disruptive.
  • AV-29529: In a vCenter cloud, after upgrading to 17.2.3, network object configuration can get lost.

What’s New in 17.2.2

This section summarizes the enhancements in 17.2.2. For more information, click on the feature names, which link to additional information in the Avi Networks Knowledge Base.

Cloud Connectors




  • Users can now gain insight on Controller cluster health on a per-node basis

Key Changes in 17.2.2

Issues Resolved in 17.2.2

  • AV-21493: Controller cluster leader election takes too long if one of the nodes is inaccessible
  • AV-24660: SE fails when root certification is attached to an HTTPS health monitor
  • AV-24788: SE fails due to disk-full condition
  • AV-25078: Virtual service VIP is lost due to race condition if an SE is deleted out-of-band
  • AV-25158: If the management network name is changed in AWS, the netwrok settings are missing in the cloud configuration
  • AV-25518: SE upgrade fails on Cisco CSP 2100 with bond configuration
  • AV-25637: Loss of Zookeeper connectivity results in Controller warm reboot
  • AV-25676: HTTPS slow when many small packets are received from the server
  • AV-25692: Changing the cluster IP in OpenShift is not reflected in Avi Vantage
  • AV-25936: SE fails during configuration of floating IP
  • AV-26037: SE fails during upgrade to 17.1.6
  • AV-26737: SE may fail in bare-metal installations due to large packets
  • AV-26776: Server-side connections are not re-usable for HTTP 1.0 requests

Performing the Upgrade

Upgrade prerequisite: The current version of Avi Controller must be 17.1 or later.

Upgrade Instructions

Protocol Ports Used by Vantage for Management Communication

Supported Platforms

Refer to System Requirements: Ecosystem

Product Documentation

For more information, please see the following documents, also available within this knowledge base.

Installation Guides

Open Source Package Information

Avi Networks software, Copyright © 2013-2017 by Avi Networks, Inc. All rights reserved. The copyrights to certain works contained in this software are owned by other third parties and used and distributed under license. Certain components of this software are licensed under the GNU General Public License (GPL) version 2.0 or the GNU Lesser General Public License (LGPL) Version 2.1. A copy of each such license is available at http://www.opensource.org/licenses/gpl-2.0.php and http://www.opensource.org/licenses/lgpl-2.1.php

Updated: 2017-12-18 09:37:45 +0000