Alteon VA can either use the VM MAC or a floating MAC as its MAC address in HA communication. The floating MAC has the advantage that it ensures a faster network update when failover occurs, but has the disadvantage that it does not allow more than one pair/group of Alteon VAs on the same Layer 3 network.

To overcome this problem, the HAID mechanism used for Alteon hardware platforms is now also extended to Alteon VA. The HAID lets you generate a different floating MAC for each Alteon VA redundant pair.

NFR ID: 200506-000156

The HAID maximum value is now extended to 256, allowing for up to 256 pairs/groups of Alteon devices on the same Layer 2 network

NFR ID: 200506-000156, 200620-000015

Prior to this version, the floating MAC mechanism was used in Alteon VA only for interface floating IP addresses. This is now also extended for PIPs and VIPs.

To support this, the new value extended was added to the floating MAC parameter (/cfg/l3/ha/fmac ext). The value enable only enables use of floating MACs for floating IP addresses, while extended enables use of floating MAC for floating IP addresses, VIPs, and PIPs.

Prior to this version, the LDAP health check allowed configuring only the domain component of a base DN in FQDN format. Starting with this version, it is now possible to define the base DN in LDAP format.

A new parameter, Base DN Format (dnformat) has been added which lets you specify whether the base DN parameter includes only the domain component of the DN in FQDN format, or a DN in LDAP format.

NFR ID: 200723-000119

Alteon supports up to 256 certificates per group, while the number of groups depends on the form factor with the maximum being 1024 groups. In some cases, there is a need for just a few certificate groups but with more certificates per group.

Starting with this version, it is possible to increase the number of certificates per group. However, to preserve the same memory consumption, the number of configurable groups must be lowered. For example, if the number of certificates per group is increased to 512, the number of groups must be decreased by half. The maximum number of certificates is the maximum number of server certificates supported in the form factor.

The default number of certificate groups and certificates per group remains as it was in previous versions. To change it:

Important! For these changes to take effect, Apply and Save must be performed and then the device must be rebooted.

NFR ID: 200602-000034

Starting with this version, you can support 8k Layer 3 tunnels and static tunnel routes if memory allows. To increase the number of tunnels and static tunnel routes to 8k, use the CLI command /c/slb/adv/memmng/tnltbl. This change requires Apply, Save, and Reboot to become active.

NFR ID: 200322-000001

By default, a user with the User role can view the syslog logs via the CLI or WBM.

Note: This support is applicable to local users only (both predefined and user-defined). It is not applicable to remote users.

NFR ID: 200814-000008

The CLI banner length has been increased from 319 characters to 1300 characters (which can be set using the /cfg/sys/bannr command).

NFR ID: 200921-000035

The OpenSSL version for S/SL platform models, regular platform models, and Alteon VA has been updated to OpenSSL 1.1.1h.

Starting with this version, when a user is in lockout state due to multiple failed login attempts, no notification displays during SSH connection. With this change, Alteon does not open an SSH connection for users in lockout state, and as a result protects Alteon from redundant opened SSH connections.

Note: The Telnet behavior was not changed and a notification still displays during lockout.