Avi Vantage 18.1.X Release Notes

What’s New in 18.1.4

• Azure: Support for Pay-as-you-go (PAYG) license
• Azure: Support for Managed Services Identify (MSI) based authentication

Note: This is a beta release just for Microsoft Azure.

Issues Resolved in 18.1.3 Patch Releases

Issues Resolved in Patch Release 18.1.3-2p1

• AV-43929: IPv6 failure on Cisco CSP 2100 with SRIOV NICs

Issues Resolved in Patch Release 18.1.3-1p1

• AV-43910: OCI: Avi Controller fails to discover all SE VMs which may result in virtual service creation or placement failures

What’s New in 18.1.3

ADC

• Support for Mellanox MCX4121A-ACAT ConnectX-4 Lx EN NIC,25GbE

DNS

• DNS server and pool selection using DNS policy

Networking

• Streaming mode for HTTP/2 uploads

Private Cloud

• Linux server cloud: Support for RHEL 7.5
• OpenShift: Handle port mapping on the service port for virtual service

Public Cloud

• Azure: Automated multi Azure LB support for OpenShift
• Azure: Allow custom tags for resources

Security

• Support for hiding Personally Identifiable Information (PII) in logs

Issues Resolved in 18.1.3

• AV-28815: Shared memory usage is not considered for SE health status
• AV-32521: Traceroute within the namespace does not show the hops
• AV-34396: UI: GSLB service cannot map to SNI child virtual service
• AV-35713: Change in cipher list in Controller access controls does not change the accepted cipher list in SSH
• AV-40376: Standby Service Engine is also advertising the VIP route to BGP in legacy active/standby mode with SNAT
• AV-40988: Baremetal: Status of all hosts show “start in progress” when only one of the host is non-responsive
• AV-41232: BGP peering not established on Service Engine restart when there are a lot of VRFs
• AV-41289: Service Engine failure on updating dp_hb_frequency value in Service Engine properties
• AV-41710: Azure: Pools configured with Azure scale sets may go down when there is an Azure API error
• AV-41842: STARTTLS fails on sending an email if the server does not support TLS
• AV-41861: Memory leak during RSS scaleout
• AV-41877: OpenShift: Ingress creation fails with “Max VS per IP reached” message
• AV-41880: Avi Controller is not registered in APIC as a Logical Device
• AV-42079: OCI IPAM support for legacy HA
• AV-42759: Azure: Latency increases after some time

Issues Resolved in 18.1.2 Patch Releases

Issues Resolved in Patch Release 18.1.2-1p1

• AV-41006: DHCP is not working for IPv6 addresses
• AV-41767: OpenStack: Cluster VIP is not programmed correctly when using Contrail
• AV-41880: Avi Controller is not registered in APIC as a Logical Device

What’s New in 18.1.2

ADC

• HTTP caching can now be controlled by specifying URIs, in addition to MIME types
• Support for sharing pool groups across virtual services
• IPv6 protocol support both at the client and server side for bare metal, VMware, OpenStack and Linux server cloud environments
• Support for HTTP/2 for client-side connections
• Minimum number of Service Engines for VS placement can be dynamically reduced
• Support for L4 SSL virtual service to handle both SSL and non-SSL ports on both client and server side
• Customized response pages can be created for errors generated in TCP, SSL/TLS, HTTP, WAF, and DataScript processing
• Support to set a server timeout on a per-request basis
• Strings in string groups can now be edited
• A DataScript can read an HTTP response body

DNS

• DNS Quad-A (AAAA) and DNS64 support
• DNS Policy enhancement: Support to return specific A, AAAA, CNAME or NS record(s) for a matching FQDN

Security

• Client logs: Support for removing or masking Personally Identifiable Information (PII) in request-headers and response-headers fields
• WAF: Enhanced metrics to estimate WAF SE resource sizing

Analytics

• Client log streaming now supports TCP as well as optional syslog header
• For higher performance and scale, client logs can be streamed directly from SE memory without initially writing to disk

Operations

• Controller syslog events can be sent in JSON-formatted messages for consumption by a wider range of tools

System

• HA: Automatic SE failover, even when Controller is down or unreachable

Public Cloud

• AWS: Alert user when an AWS Auto Scaling group referenced by an Avi pool is deleted
• AWS: Route 53 AWS account can be different from Controller AWS account
• AWS: Each tenant may create and manage its cloud in AWS
• Azure: Each tenant may create and manage its cloud in Azure
• GCP: Support user-owned IP ranges for VIPs
• GCP: Support for GCP autoscaling groups

Cisco ACI

• Multiple virtual services can share the same service graph in ACI
• Avi Service Graph implementation changed from 2 node to 1 node

Private Cloud

• VMware: Support for VMware vSphere 6.7

Networking

• Cisco CSP2100: VLAN trunking support
• Multihop BGP peer support for iBGP

Automation

• Golang package for Avi SDK
• Native Terraform provider support for managing Avi configuration

Issues Resolved in 18.1.2

• AV-23166: OpenShift: Logs consume more disk than the configured limit causing disk to fill up, leading to SE failure
• AV-23359: After changing one of the nodes in cluster, virtual service analytics page does not render data due to inconsistent metrics mapping between SE and the Controller
• AV-31453: Changes to /etc/docker/daemon.json are not preserved across Avi Vantage upgrade
• AV-34379: DataScript in non-admin tenant cannot reference shared IP groups in admin tenant
• AV-34396: UI: global service cannot map to SNI child virtual service
• AV-35683: VLAN interface IP removed after changing the bond interface members
• AV-35689: API session ID does not expire
• AV-36958: Avi Service Engine responds to ARP for non-VIP addresses in OpenShift
• AV-38322: Portal stuck at initialization with leader in inactive state
• AV-38353: UDP traceroute to VIP does not work if df bit is set in the packet
• AV-38533: OpenShift: Service Engines may fail after deploying route with an invalid SSL certificate
• AV-39027: OpenStack with Contrail plugin: All traffic for VIP subnet is being routed to Service Engine
• AV-39760: Controller UI shows wrong metrics for End to End UDP Log Analytics
• AV-40377: Cisco CSP2100: Secondary Service Engine may not process flows if multiple bond interfaces are in use
• AV-40421: UI: While creating a Service Engine VLAN interface, UI drop-down menu shows only 8 VRFs

Known Issues in 18.1.2

• AV-40988 : Linux Server Cloud: Status of all hosts show “start in progress” when only one of the host is non-responsive

Performing the Upgrade

Upgrade prerequisite: The current version of Avi Controller must be 17.2 or later.

Upgrade Instructions

Protocol Ports Used by Avi Vantage for Management Communication

Supported Platforms

Refer to System Requirements: Ecosystem

Product Documentation

For more information, please see the following documents, also available within this knowledge base.

Installation Guides

• Avi Vantage Installation Guides

Open Source Package Information

• Copyright Information [https://s3.amazonaws.com/aviopensource/18.1.3/copyrights.pdf]
• Packages used [https://s3.amazonaws.com/aviopensource/18.1.3/packages.pdf]

Avi Networks software, Copyright © 2013-2018 by Avi Networks, Inc. All rights reserved. The copyrights to certain works contained in this software are owned by other third parties and used and distributed under license. Certain components of this software are licensed under the GNU General Public License (GPL) version 2.0 or the GNU Lesser General Public License (LGPL) Version 2.1. A copy of each such license is available at http://www.opensource.org/licenses/gpl-2.0.php and http://www.opensource.org/licenses/lgpl-2.1.php