Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

6.3.3 r1 release docs #800

Merged
merged 26 commits into from
Jan 10, 2025
Merged

6.3.3 r1 release docs #800

Show file tree
Hide file tree
Changes from 4 commits
Commits
Show all changes
26 commits
Select commit Hold shift + click to select a range
742f5bf
new features documentation
Chr1st0ph3rTurn3r Dec 4, 2024
3372e5b
Feature list draft
Chr1st0ph3rTurn3r Dec 4, 2024
20432df
adding console output, image, and updates.
Chr1st0ph3rTurn3r Dec 5, 2024
bda211e
edits
Chr1st0ph3rTurn3r Dec 5, 2024
c30b50c
new antivirus topic
Chr1st0ph3rTurn3r Dec 6, 2024
9d89cb2
almost complete feature doc draft. Waiting on show lldp neighbors, th…
Chr1st0ph3rTurn3r Dec 6, 2024
ea8cd12
removed lldp neighbors info.
Chr1st0ph3rTurn3r Dec 6, 2024
bb87145
Merge branch 'master' into 6.3.3-r1-release-docs
Chr1st0ph3rTurn3r Dec 6, 2024
3be50e9
putting back the jira for lldp.
Chr1st0ph3rTurn3r Dec 6, 2024
98e238e
adding dscp info, fixing some typos.
Chr1st0ph3rTurn3r Dec 10, 2024
0fdd4f7
added resolved issues, some other edits. Waiting on a graphic of the …
Chr1st0ph3rTurn3r Dec 16, 2024
40fbf0b
updates per review, added 1x00 series usb storage screenshots.
Chr1st0ph3rTurn3r Dec 18, 2024
af41e72
Merge branch 'master' into 6.3.3-r1-release-docs
Chr1st0ph3rTurn3r Dec 19, 2024
3f904c6
Merge branch 'master' into 6.3.3-r1-release-docs
Chr1st0ph3rTurn3r Dec 19, 2024
f53d8ad
updating command guides, adding caveat, clarifying disabling console …
Chr1st0ph3rTurn3r Dec 19, 2024
5f8f242
fixing broken linnks, adding stats doc, and caveat. still need alarm …
Chr1st0ph3rTurn3r Dec 20, 2024
a325473
release date change, and adding alarm text for caveat.
Chr1st0ph3rTurn3r Dec 20, 2024
cb06d03
Merge branch 'master' into 6.3.3-r1-release-docs
Chr1st0ph3rTurn3r Jan 3, 2025
aa9fccc
Merge branch 'master' into 6.3.3-r1-release-docs
Chr1st0ph3rTurn3r Jan 8, 2025
4d8f8a9
interim commit
Chr1st0ph3rTurn3r Jan 8, 2025
4656d3e
updates with new Jiras for 6.3.3
Chr1st0ph3rTurn3r Jan 9, 2025
622afbc
merging local updates Merge branch '6.3.3-r1-release-docs' of github…
Chr1st0ph3rTurn3r Jan 9, 2025
d9d65e3
removed hub devices
Chr1st0ph3rTurn3r Jan 9, 2025
641bf7e
Merge branch 'master' into 6.3.3-r1-release-docs
Chr1st0ph3rTurn3r Jan 9, 2025
0d77c58
updates per Mike's review
Chr1st0ph3rTurn3r Jan 9, 2025
b01f964
merging latest release docs Merge branch '6.3.3-r1-release-docs' of …
Chr1st0ph3rTurn3r Jan 9, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion docs/concepts_ssr_idp.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@ You can apply a profile (Alert, Standard, Strict) to an `access-policy`. Each pr

- **Strict** - The **Strict** profile contains a similar set of IDP signatures and rules as the Standard profile. However, when an attack is detected the actions are more likely to actively block any malicious traffic or other attacks detected in the network.

- **Critical** - The **Critical** profile focuses on `critical` level attacks, and has a more focused policy, improving the processing time. The default actions are more likely to block traffic to prevent access to the network.
- **Critical** - The **Critical** profile (added in V6.3.3-r2) focuses on `critical` level attacks, and has a more focused policy, improving the processing time. The default actions are more likely to block traffic to prevent access to the network.

### Security Events Dashboard

Expand Down
17 changes: 14 additions & 3 deletions docs/config_dscp_steering.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@ When traffic is traversing an IPSec encrypted tunnel, every flow within that tun

To provide identification and aid in load balancing and traffic engineering, DSCP values can be set at the tunnel endpoint. When the traffic reaches the SSR, the DSCP value is used for both traffic engineering priority and path priority for DSCP traffic steering.

Beginning with SSR version 6.1.4, DSCP Steering is now enabled for BGP over SVR tunnels. Using the configuration below, and [configuring BGP over SVR](config_bgp.md#bgp-over-svr-bgposvr), the child service configured for DSCP steering is now recognized and steered appropriately.
Beginning with SSR version 6.1.4, DSCP Steering is enabled for BGP over SVR tunnels. Using the configuration below, and [configuring BGP over SVR](config_bgp.md#bgp-over-svr-bgposvr), the child service configured for DSCP steering is now recognized and steered appropriately.

## Basic Configuration

Expand Down Expand Up @@ -154,11 +154,22 @@ exit

```

### Service Route Configuration

DSCP steering follows the SSR's [Hierarchical Services](bcp_service_and_service_policy_design.md#hierarchical-services) model. As such, service-route configurations from the parent tunnel service are available to the child DSCP services. Flows may be steered via DSCP value by defining a service-route configuration for the child DSCP services.

When no service-route configuration is applied, the RIB will be followed for routing purposes.

If a `service-route` is configured on the parent service, that route is inherited by the child service. This will prevent routing lookup for the child DSCP services.

:::info
In versions 6.2.7 and below and 6.3.0 and below, if you did not configure a service-route for the parent or child services, the system would only consider BGP over SVR routes from the RIB. In versions beginning with 6.2.8 and 6.3.3-r2, if a service route is not configured on the parent or child services, all routes available to the RIB are considered; connected routes, static routes, routes from BGP neighbors (not just BGP over SVR neighbors), and OSPF routes.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

There should be no releases below 6.3.0.
This should read either "In versions 6.3.0 and below, ... " or "In versions 6.2.7 and below, or 6.3.0, ..."

:::

### Restrictions

- The DSCP steering transport list for a network-interface is limited to one range.
- The DSCP steering transport list for a `network-interface` is limited to one range.
- Any service with a `dscp-range` configuration must be a child service.
- Only provisioned service-routes are supported.
- DSCP steering ranges must not overlap.

## GUI Configuration Screens
Expand Down
19 changes: 17 additions & 2 deletions docs/intro_rollback.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,23 +13,26 @@ As with upgrading, rolling back software using Automated Provisioner is only pos

With an upgrade or installation of SSR v6.3.0, conductor rollbacks are performed using the `request system software revert` command from the conductor's PCLI. The `show system software revert` command to view the progress of a revert operation. On routers, it is recommended that upgrades are performed from the conductor's GUI. Router rollbacks must be performed from the PCLI.

Beginning with SSR v6.3.0, the use of the interactive installer is not supported, or necessary. Software installation and upgrade upgrade activities are supported from the GUI or PCLI; rollback activities can only be performed from the the PCLI.
Beginning with SSR v6.3.0, the use of the interactive installer is not supported, or necessary. Software installation and upgrade activities are supported from the GUI or PCLI; rollback activities can only be performed from the the PCLI.

## Reinstallation

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Docusaurus renders it properly, but the markdown files benefit from consistency. Please be consistent within a file. Space new line or no newline after a heading.

In some cases, you may have already qualified a version of firmware to run on your network. Due to network expansion or an RMA, you may need to add or replace a device that is preinstalled with firmware newer than what is currently running on your network. The SSR provides a process for an image-based reinstall to an SSR firmware version which is less than the firmware version on the target device.

### Reinstallation from Mist

In the Mist interface you have the option of selecting any available software version from the repository. Selecting the same or lower version of firmware than is currently installed initiates an SSR firmware reinstall to the requested version. An informational message is displayed, explaining the limitations of reinstall.
In the Mist interface you have the option of selecting any available software version from the repository. Selecting the same or lower version of firmware than is currently installed initiates an SSR firmware reinstall to the requested version. An informational message is displayed, explaining the [limitations of reinstall](#limitations).

### Conductor-initiated Reinstallation

The following section describes the Reinstallation process from both the Conductor web interface and the PCLI.

#### Web Interface

The Conductor web interface displays a checkbox to allow reinstallation. When selected, the UI displays **all** versions in the selection dropdown. If you select a version less than or equal to the router’s current version, the reinstallation is initiated and proceeds in the same manner as an upgrade.

#### PCLI

Use the `request system software reinstall` command to identify the image-based target version of firmware to be installed. To display all software versions available for reinstallation, use the `skip-version-check` flag with `show system software available`.

The reinstallation status is visible under **Install Type** in the PCLI using `show assets`.
Expand All @@ -56,6 +59,18 @@ Retrieving assets...
t106-dut2 t106-dut2.novalocal 6.3.0-107.r1.el7 Image Synchronized 21m 19s 0
```

### Limitations

The Reinstallation process has the following limitations:

- Configuration that enables features not present in the target SSR version will no longer apply after a reinstall.

- System state and configuration outside of the datamodel (for example; analytics, logs, custom salt states, user-installed packages) will not be preserved after a reinstall, except for those required for basic system functionality and cloud connectivity.

- Some reinstallations may be impossible due to incompatibilities between firmware versions. For example, if the user has configured a feature that did not exist in older software, reinstalling to the older version will not retain the feature configuration.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is effectively the same statement as line 66. I don't understand why this would prevent a reinstallation however. If so, then this needs specific features that would cause this incompatibility (I'm not aware of any).


- SSR plugins may be downgraded (but not removed) as part of a reinstall, if the currently installed plugins are not compatible with the target SSR version.

## Legacy Rollback

Use the information below when rolling back software versions prior to 6.3.0.
Expand Down
64 changes: 58 additions & 6 deletions docs/release_notes_128t_6.3.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -30,29 +30,81 @@ Before upgrading please review the [**Upgrade Considerations**](intro_upgrade_co

### New Features

- **I95-50045 IDP Throughput Improvements:** Improvements have been made to increase IDP performance on SSR Devices. While improvements have been made on all SSR's, the larger multi-core SSR devices now auto-size to scale IDP processing and throughput.
- **I95-50045 IDP Throughput Improvements:** Improvements have been made to increase IDP performance on SSR Devices. While improvements have been made on all SSRs, the larger multi-core SSR devices now auto-size to scale IDP processing and throughput.
------
- **I95-51685 WAN Edge Firmware Downgrade:** Due to network expansion or an RMA, you may need to add or replace a device that is preinstalled with firmware newer than what is currently running on your network. The SSR provides a process for an image-based reinstall to an SSR firmware version which is less than the firmware version on the target device. For additional information, see [Reinstallation](intro_rollback.md#reinstallation).
------
- **I95-54553 DCSP Steering with BGP over SVR:** DSCP Steering service will now utilize a routing lookup when no explicit service-route configuration is present.
- **I95-53993 Display LLDP Neighbors:** The `show lldp neighbors` command has been added to the SSR PCLI, allowing users to view lldp neighbors and their messages. For more information, see [`show lldp neighbors`].
------
- **I95-55228 IDP Critical Profile:** A new **Critical** profile has been added to the IDP feature. This profile focuses on `critical` level attacks, and has a more focused policy, improving the processing time. For more information about IDP, see [Intrusion Detection and Prevention](concepts_ssr_idp.md).
------
- **I95-55342 Anti-Virus for SSR:** The SSR now offers Anti-Virus protection on spoke and branch devices, configurable on a per-application basis. The SSR Anti-Virus protection can run with or without IDP configuration, reports metrics to the User Interface, and generates alarms if the anti-virus engine fails for any reason. For more information, see [SSR Anti-Virus](sec-config-antivirus.md.
- **I95-55342 Anti-Virus for SSR:** The SSR now offers Anti-Virus protection on spoke and branch devices, configurable on a per-application basis. The SSR Anti-Virus protection can run with or without IDP configuration, reports metrics to the User Interface, and generates alarms if the anti-virus engine fails for any reason. For more information, see [SSR Anti-Virus](sec-config-antivirus.md).
------
- **I95-55574 Events Sync Improvements:** In the event of broken communication between HA nodes, each node provides access to one hour of peer events leading up to the disconnection. This is reduced from the full history of events to lower storage needs and expedite restoration and troubleshooting.
------
- **I95-56292 Increase the length of SSH keys to 4096:** The size of the Salt and 128T SSH keys has been changed to 4096 bits for newly deployed systems.
- **I95-56292 Increase the length of SSH keys to 4096:** The size of the Salt and SSH keys has been changed to 4096 bits for newly deployed systems.
------
- **I95-56936 OS Hardening:** To provide greater security on the SSR devices, the ability to disable USB booting and storage, as well as disable the console output has been implemented. For additional details, please see [USB Boot and Storage Security](sec-usb-security.md) and [Disable Console Output](sec-disable-console-output.md).
------
- **I95-57305 Add flow timeout value to Associated Paths:** The Associated Paths window accessed from the Session view of the SSR GUI now displays a Flow Timeout column, providing a way to determine where the session is activity is focused.
------
- **I95-57471 Allow Radius configuration per router:** Radius servers can now be configured at the router level. The servers can continue to be configured at the Authority level. If configured in both places, the combination of both configured servers will be used.
- **I95-57471 Allow RADIUS configuration per router:** RADIUS servers can now be configured at the router level. The servers can continue to be configured at the Authority level. If a radius server is configured at the Authority level but not the router, then the Authority value will be used. If it is configured at the Authority and the router level, the router value will be used.

### Resolved Issues

TBA
- **The following CVEs have bbeen identified and resolved in this release:** CVE-2019-13631, CVE-2019-15505, CVE-2019-25162, CVE-2020-25656, CVE-2020-36777, CVE-2021-3753, CVE-2021-4204, CVE-2021-46934, CVE-2021-47013, CVE-2021-47055, CVE-2021-47118, CVE-2021-47153, CVE-2021-47171, CVE-2021-47185, CVE-2022-0500, CVE-2022-23222, CVE-2022-3565, CVE-2022-45934, CVE-2022-48627, CVE-2022-48669, CVE-2023-1513, CVE-2023-24023, CVE-2023-25775, CVE-2023-28464, CVE-2023-31083, CVE-2023-3567, CVE-2023-37453, CVE-2023-38409, CVE-2023-39189, CVE-2023-39192, CVE-2023-39193, CVE-2023-39194, CVE-2023-39198, CVE-2023-4133, CVE-2023-4244, CVE-2023-42754, CVE-2023-42755, CVE-2023-45863, CVE-2023-51779, CVE-2023-51780, CVE-2023-52340, CVE-2023-52434, CVE-2023-52439, CVE-2023-52445, CVE-2023-52448, CVE-2023-52477, CVE-2023-52489, CVE-2023-52513, CVE-2023-52520, CVE-2023-52528, CVE-2023-52565, CVE-2023-52574, CVE-2023-52578, CVE-2023-52580, CVE-2023-52581, CVE-2023-52594, CVE-2023-52595, CVE-2023-52598, CVE-2023-52606, CVE-2023-52607, CVE-2023-52610, CVE-2023-52620, CVE-2023-6121, CVE-2023-6176, CVE-2023-6240, CVE-2023-6622, CVE-2023-6915, CVE-2023-6932, CVE-2024-0340, CVE-2024-0841, CVE-2024-23307, CVE-2024-25742, CVE-2024-25743, CVE-2024-25744, CVE-2024-26593, CVE-2024-26602, CVE-2024-26603, CVE-2024-26609, CVE-2024-26610, CVE-2024-26615, CVE-2024-26642, CVE-2024-26643, CVE-2024-26659, CVE-2024-26664, CVE-2024-26671, CVE-2024-26693, CVE-2024-26694, CVE-2024-26743, CVE-2024-26744, CVE-2024-26779, CVE-2024-26872, CVE-2024-26892, CVE-2024-26897, CVE-2024-26901, CVE-2024-26919, CVE-2024-26933, CVE-2024-26934, CVE-2024-26964, CVE-2024-26973, CVE-2024-26993, CVE-2024-27014, CVE-2024-27048, CVE-2024-27052, CVE-2024-27056, CVE-2024-27059, CVE-2024-21131, CVE-2024-21138, CVE-2024-21140, CVE-2024-21144, CVE-2024-21145, CVE-2024-21147, CVE-2024-5564, CVE-2021-27290, CVE-2022-24999.

- **I95-48453 Reverse SSH tunnels do not check Known Hosts file:** Functionality has been added to allow for the retrieval of the ssh known hosts and authorized keys file contents on the SSR. For details on the known host functionality, see [Strict Host Key Checking](cc_fips_otp_router_install.md#enable-strict-host-key-checking).
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This issue was already listed in the 6.3.0-r1 release notes.
Please cross-check all other issues for accuracy.

------
- **I95-53274 PIM scaling above 1500 (Source,Group) sessions:** The SSR cannot maintain more than 1400 active (Source,Group) sessions. Juniper recommends a limit of 1400 (Source,Group) sessions to prevent a loss of traffic.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This reads as a feature as opposed to an issue that needed resolving. Suggested rewording:

  • I95-53274 PIM multicast routes unable to maintain more than 1,400 concurrent (Source, Group) sessions: The SSR cannot maintain more than 1400 active (Source,Group) sessions. This scaling limitation has been addressed.

------
- **I95-54366 Unable to assign an SNMP view name via the GUI:** Resolved an issue that prevented configuring SNMP (v3) Access Policy View in the GUI.
------
- **I95-54553 DCSP Steering with BGP over SVR:** DSCP Steering service will now utilize a routing lookup when no explicit service-route configuration is present. For more information, see [Configuring DSCP Steering](config_dscp_steering.md#service-route-configuration).
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is new functionality and should be in the new features section.

------
- **I95-57128 Slow inter-vlan traffic due to i40e performance issue:** Resolved an issue where devices controlled by i40e driver (x710, x722) were incurring 8ms (8000us) latency due to an incorrect MAX value. This has been resolved and latency reduced to 32us.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

  • I95-57128 Inter-vlan traffic on the same x710 or x722 port has 8ms delay: Resolved an issue where devices controlled by i40e driver (x710, x722) were incurring 8ms (8000us) latency due to an incorrect MAX value. This has been resolved and latency reduced to 32us.

------
- **I95-57205 Race condition on startup with DHCP configured on LTE or PPPoE interface, causing system to crash:** This issue has been resolved.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

  • I95-57205 Race condition on startup with LTE or PPPoE interfaces configured for DHCP, causing system to crash: This issue has been resolved.

------
- **I95-57711 Source NATing on the underlay path is not working:** Resolved an issue where bi-directional and dynamic ingress source nat for non-svr sessions was not working. The ingress source is now applied to local breakout sessions for bi-directional and dynamic source-nat.
------
- **I95-57730 Peer Service Next Hops Not Reloaded After Provisional Status Change:** Resolved an issue where a `bgp-over-svr service-route` does not failback to primary node on a `provisional-status` change.
------
- **I95-57784 Add `show network-interface redundancy` command output to TSI collection:** The `show network-interface redundancy` command has been added to the TSI output to aid in troubleshooting.
------
- **I95-58201 Increase AMD performance:** Throughput performance on AMD processors has been improved through the tuning of some kernel parameters.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

  • I95-58201 Increase performance for SSR1200, SSR1500 and whitebox AMD platforms: Throughput performance on AMD processors has been improved through the tuning of kernel parameters.

------
- **I95-58264 EoSVR session breaks after upgrading:** Resolved an issue where a high number of STEP route updates carried in an FPM message disconnected the Routing manager to agent connection. This has been resolved by limiting the max number of STEP paths in a single STEP route.
------
- **I95-58332 Show service-path incorrectly shows the state as `up` in an unreachable next-hop:** In a config where a `service-route next-hop` is pointing to an unreachable address, the show service-path shows the state is being up. This has been resolved by adding a next-hop reachability check to `show service-path`.
------
- **I95-58427 Capture SNMP configuration in TSI:** The `/etc/snmp` directory is now captured int ehTSI allowing the inspection of the output.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Typo: "in the TSI, allowing"

------
- **I95-58428 DSCP Steering Collision on Flow Move:** When IPSec traffic exists on a router and the DSCP steering feature is enabled, upon a flow-move DSCP 0 traffic would collide with the pre-existing tunnel session. This issue has been resolved; the DSCP 0 packet is no longer dropped, and traffic is treated correctly.
------
- **I95-58444 DSCP steering is not correctly using revertible-failover:** Resolved an issue where DSCP Steering on child services were not using learned peer routes from the parent service. DSCP steering child services now properly utilize revertible-failover resiliency policies.
------
- **I95-58528 SSR OS renaming:** The SSR OS has been renamed/rebranded from "CentOS7" to "SSR OS" to more accurately reflect its customized Linux distribution. All internal naming has been updated.
------
- **I95-58569 OSPF Graceful Restart link missing from GUI:** Resolved an issue that prevented the link to the Graceful Restart page from displaying.
------
- **I95-58583 Bypass message-authentication in RADIUS:** An option to to bypass the requirement for the Message-Authenticator check in RADIUS requests and responses has been added. Disabling this check is considered unsafe and will allow for vulnerabilities to be exploited for users authenticating. Disabling this check is NOT recommended, but may be necessary for some backwards compatiblity scenarios.
------
- **I95-58637 Relax read-only API RBAC policies:** Users with suitable config-read permissions are now able to generate quickstart files.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I95-58637 Relax API RBAC policies for quickstart files: Users with config-read permissions are now able to generate quickstart files.

------
- **I95-58722 Update allowed Key Exchange Algorithms:** Expand the list of supported Key Exchange Algorithms in both FIPS and non-FIPS mode.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

  • I95-58722 Update allowed Key Exchange Algorithms to add better support for Gov Cloud environments: Expand the list of supported Key Exchange Algorithms in both FIPS and non-FIPS mode.

------
- **I95-58881 Multicast forwarding to spoke without any PIM signaling present:** This issue has been resolved; the routing engine now correctly removes the SVR OIF.
------
- **I95-58885 Add `identifier` to option to PCLI interface ping command:** The `ping` action now allows you to set a custom identifier.
------
- **I95-59054 Add the Downgrade option to the GUI selection:** The software version selection dropdown now displays and allows you to select versions older than the currently installed version.
------
- **I95-59130 `save tech-support-info since 1d`:** The default action of the `save tech-support-info since 1d` command or the **Save TSI** button in the GUI now includes at least one log file from each application, even if the file is outdated based on the since flag.
------
- **I95-59131 Next Hops not updated properly when OSPF is used:** Resolved a race condition found in OSPF and the end of FIB update message.
------
- **I95-59146 BGP confederation member-as modify path incorrect:** Resolved an issue where modifications to `bgp confederation member-as` was not comparing and validating the changes correctly.

## Release 6.3.0-107r1

Expand Down
2 changes: 1 addition & 1 deletion docs/releases.table.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@ import useBaseUrl from '@docusaurus/useBaseUrl';
// New entries should be placed at the top.
// ----------------------------------------------------------------------------
export const releases = [
{
{
version: '6.3.3',
url: '/docs/release_notes_128t_6.3#release-633-25r2',
releaseDate: 'December 18, 2024',
Expand Down
Loading
Loading