Installing the PTF

The current PTF installs fixes from all PTFs released after 3-DNS Controller, version 4.0.1. For information on the specific fixes in this PTF, see the following section, Enhancements and fixes in this PTF.

Note: If you have installed prior PTFs, this installation does not overwrite any configuration changes that you made for the prior PTFs.

Apply the PTF to 3-DNS Controller, version 4.0.1 using the following process:

1. Connect to the F5 Networks FTP site at ftp.f5.com.

2. Download the following upgrade file to the /var/tmp/ directory on the target 3-DNS Controller:
   3dns4.0.1PTF-03.tar

3. Change to the /var/tmp/ directory, by typing the following command:
   cd /var/tmp/

4. Extract the kit file in the /var/tmp/ directory, by typing the following command:
   tar -xvf 3dns4.0.1PTF-03.tar

5. Run the upgrade_ptf script in the /var/tmp/ directory to install the PTF, by typing the following command:
   ./upgrade_ptf

Once you install the software upgrade, refer to the Required configuration changes section for important information about configuration changes you must make on the 3-DNS Controller.

Software enhancements and fixes

Enhancements and fixes in this PTF

Disabling data centers with 3dpipe and proper virtual server status display (CR18341)
When you use the 3dpipe utility to disable a data center, the status for any virtual servers in that data center now correctly displays as disabled by parent.

Deleting objects using the Configuration utility and synchronization (CR18858)
When you use the Configuration utility to delete objects, such as servers and virtual servers, the resulting changes are now properly synchronized to sync group members.

The bigpipe failover active command and error messages (CR18865)
The bigpipe failover active command no longer returns a label not found message. Note that this command is valid only when you have a redundant system.

The big3d agent and iQuery compatibility (CR18870)
The big3d agent for version 4.0.1 is now forward-compatible with 3-DNS, version 4.2.

Upgrading from version 3.0 to version 4.0.1 and zone files (CR18876)
When you upgrade from 3-DNS Controller, version 3.0 to version 4.0.1 PTF03, the upgrade script now properly migrates the zone files that are managed by NameSurfer.

The 3-DNS Controller now searches for a directory entry in /etc/named.conf that points to /var/namedb, and changes it to /config/3dns/namedb. The 3-DNS Controller also attempts to move zone files from /var/namedb to /config/3dns/namedb. There are two circumstances, which combined, can cause this attempt to fail: first, if your 3-DNS Controller was purchased with version 4.0.1 pre-installed, your /config directory is a partition. If you manage enough separate zones that the zone file data does not fit in the /config directory, the 3-DNS Controller attempts to put the zone files under /3dns, another separate partition, and makes a link from /config/3dns/namedb to /3dns/namedb. If there is not enough room in the /3dns directory, the 3-DNS Controller gives up and makes a link from /config/3dns/namedb to /var/namedb.

Using TCP as the iQuery protocol with firewalls or switches (CR19034)
When you use TCP as the iQuery protocol, and you have a firewall or switch between the 3-DNS Controller and any big3d agents, the connection between the 3-DNS Controller and the remote big3d agents is no longer shut off improperly by the firewall or switch. This issue arose when the switch or firewall was configured for short-lived TCP connections, and stopped passing packets before the iQuery connection was closed.

Using data center server location endpoints in a topology statement and the Topology load balancing mode within a pool (CR19037)
When you specify a data center as a server location endpoint in a topology statement, and you use the Topology load balancing mode within a pool, the 3-DNS Controller now load balances as expected.

Dynamic persistence functionality (CR19045)
Dynamic persistence now works as expected.

The local DNS server IP don’t fragment setting and 3-DNS load balancing (CR19061)
When a local DNS server has set the IP don’t fragment bit to yes, the 3-DNS Controller no longer forwards the packets straight to named for a response.

Using TCP iQuery connections and modifying the configuration using the Configuration utility (CR19212)
When you set the iQuery protocol to TCP, and you use the Configuration utility to modify any configuration settings, the 3-DNS Controller no longer unnecessarily marks the servers and virtual servers as down (red ball), and it no longer breaks the TCP/IP connection.

Corrupted authority record section of the DNS response from a CDN pool (CR19137)
When the DNS response is from a CDN pool, the authority record section of the DNS response is no longer corrupted.

Using the Configuration utility to change the pool order when the pool load balancing mode is Global Availability (CR19151)
You can now use the Configuration utility to change the pool order when the pool load balancing mode (Pool LB Mode) is set to Global Availability.

Renaming existing wide IPs, wide IP aliases, or data centers and synchronization (CR19296, CR19691)
Renaming an existing wide IP, wide IP alias, or data center no longer causes problems with synchronization.

Renaming existing wide IPs or wide IP aliases and NameSurfer (CR19486)
When you rename an existing wide IP or alias that is in a 3-DNS sync group, the change is now properly migrated to NameSurfer.

Getting up or down status for 3-DNS, GLOBAL-SITE, and EDGE-FX Cache systems from SNMP (CR19633)
You can now get the proper up or down status, using SNMP, for 3-DNS, GLOBAL-SITE, and EDGE-FX Cache systems.

Upgrading to 3-DNS Controller, version 4.0.1, and interface configuration issues (CR19649)
When you upgrade to version 4.0.1, the upgrade process no longer deletes your interface configuration information. Note that this error occurred only if you renamed your interfaces from the default (fxp0, fxp1), or your 3-DNS has more than two interfaces.

Creating pools of type A with no virtual servers (CR19839)
If you create a wide IP pool of type A, and the pool contains no virtual servers, you now receive a warning message that you are about to create a pool with no virtual servers in it.

CERT Advisory CA-2002-03, Multiple Vulnerabilities in Many Implementations of the Simple Network Management Protocol (SNMP) (CR19922)
The security vulnerability that is outlined in CERT Advisory CA-2002-03, Multiple Vulnerabilities in Many Implementations of the Simple Network Management Protocol (SNMP), has been fixed.

Using snmpwalk and the 3-DNS MIB (CR19989)
You no longer receive an OID error when you use snmpwalk on the 3-DNS MIB, and the following condition exists: the string length (shorter to longer) and the lexicographic sort (a to z) of wide IP names and/or data center names in the MIB are in opposite order.

Enhancements and fixes released in prior PTFs

Version 4.0.1PTF02

A Distributed Application Manager, version 1.0 support (CR15963, CR16062)
The 3-DNS Controller now supports the Distributed Application Manager, version 1.0.

Sync groups and renaming pools or wide IPs (CR16457)
When you have three or more 3-DNS Controllers in a sync group, and you rename a pool or wide IP more than once, the renamed pools or wide IPs now synchronize properly.

Stopping and starting the iControl portal (CR17378, CR17415)
Stopping and starting the iControl portal no longer causes system errors.

Default values for the iControl portal (CR17446)
The 3-DNS Controller database now contains default values for the iControl portal. You can view the default values by running the config portal script.

Non-external ports bound to the loopback address (CR17513)
All non-external ports are now bound to the loopback address. The affected non-external ports are:

• 8053 and 8054 (NameSurfer)
• 2121 and 1616 (Portal Real Servers)

Adding virtual servers to pools that have port lists configured (CR17691)
If you have pools configured with port lists, and you are adding additional virtual servers to those pools, the Configuration utility now lists only those virtual servers that use the same ports as those in the pool's port list.

Syntax changes for the syncgroup command in the 3dpipe utility (CR17905)
The syncgroup_name parameter in the syncgroup command is now optional. For more information on the 3dpipe utility, refer to the 3-DNS Controller, version 4.0.1 release notes.

Drop packets when there is a Last Resort pool specified and the fallback load balancing mode is Null (CR18080)
The 3-DNS Controller no longer uses the Return to DNS load balancing mode when the following criteria are met:

• No virtual servers are available to resolve the request
• You have at least two pools configured, and one pool is designated as the last resort pool
• The fallback load balancing mode for the last resort pool is Null

Rather than returning the request to DNS for resolution, the 3-DNS Controller now drops the packet.

The upgrade installation for the 3-DNS Controller, version 4.0.1 and the bigdba command (CR18117)
If you upgraded the 3-DNS Controller to version 4.0.1 from version 2.1.2 or earlier, the controller may have an obsolete version of the bigdba command. The PTF installer for PTF-02 correctly deletes /sbin/bigdba and reloads the bigdba database if the following conditions are met:

• The /config/user.db file does not already exist on the controller
• The /config/user.db.txt file exists on the controller

Wide IP names in the database (CR18260)
Wide IP names are now stored in all-lowercase format in the 3-DNS Controller configuration. Converting the wide IP names to lowercase in the configuration ensures that the 3-DNS Controller remains compliant with the DNS RFC (RFC 1035), which specifies that domains not be case-sensitive.

Static Persist load balancing mode (CR18274)
When you have configured the 3-DNS Controller to use the Static Persist load balancing mode, and a local DNS server is repeatedly requesting a domain on the 3-DNS Controller, the 3-DNS Controller no longer issues an incorrect response.

Version 4.0.1PTF01

The named utility and upgrading 3-DNS Controllers (CR17793)
The named utility now restarts when you reboot a 3-DNS Controller that has been upgraded from a previous version to version 4.0.1. Note that the named utility runs only on 3-DNS Controllers that are in node mode.

Restarting the 3-DNS Controller web server (CR17854)
The Restart 3-DNS Configuration Utility, on the 3-DNS Maintenance Menu, now correctly restarts the 3-DNS web server.

Rerunning the config command (CR17855)
Rerunning the config command after you initially configure the 3-DNS Controller no longer overwrites the /etc/named.conf file.

Configuration changes

Required configuration changes

There are no required configuration changes in this PTF.

New configuration options

The following new configuration options are available on the 3-DNS Controller.

Additions to the 3dpipe utility syntax
The following commands have been added to the 3dpipe utility:

• 3dpipe wideip <wide_IP_name> dc <data_center_name> disable
  You can use this command to disable a wide IP, in the context of a data center.
  
  
• 3dpipe wideip <wide_IP_name> dc <data_center_name> enable
  You can use this command to enable a wide IP, in the context of a data center.
  
  
• 3dpipe wideip <wide_IP_name> dc <data_center_name> status
  You can use this command to get the status (enabled or disabled) of a wide IP, in the context of a data center.
  
  
• 3dpipe wideip <wide_IP_name> pool <pool_name> vs show all
  You can use this command to get the following information for each virtual server in a wide IP pool:
  
  • enabled or disabled status
  • availability status: green (available), blue (unknown), red (down), or yellow (unavailable)
  • IP address
  • port
  • ratio value (for the Ratio load balancing mode)
  
  

For more information on the 3dpipe utility, refer to the 3-DNS Controller, version 4.0.1 release notes, which are available from the 3-DNS Controller home screen.

Known Issues

The following items are known issues in the current release.

Adding servers using the Configuration utility and the Back button in Internet Explorer (CR17504)
Occasionally, when you are running the Configuration utility in a Microsoft® Internet Explorer browser session and you add a new server to the 3-DNS Controller configuration, you may get an error when you use the Back button to return to a previous screen. The error is benign, and you can click any item in the navigation screen to clear the error.

Using A Distributed Application Manager with the 3-DNS Controller (CR18162)
If you are attempting to use A Distributed Application Manager (ADAM) with the 3-DNS Controller, in some cases you may not be able to log in as the 3-DNS Controller administrative user that was defined in the Configuration utility when you set up the 3-DNS Controller. To correct this, run the 3dnsmaint command line utility and select Change/Add users for 3-DNS Configuration Utility. Re-enter the administrative user name and password. You can then log in through ADAM as the administrative user.

The Dump 3-DNS Statistics command on the 3-DNS Maintenance menu and viewing EDGE-FX Cache statistics (CR20000)
When you use the Dump 3-DNS Statistics command on the 3-DNS Maintenance menu, and you choose EDGE-FX, the command exits without a warning when you have no EDGE-FX Caches defined in your configuration.

The Restore a 3-DNS from a backup command on the 3-DNS Maintenance menu and the 3dnsd daemon (CR20024)
When you use the Restore a 3-DNS from a backup command on the 3-DNS Maintenance menu, you must manually restart the 3dnsd daemon after the restore process has completed. To restart the 3dnsd daemon, type 3ndc restart from the command line.