PermaLINK PRI 58X & PRI 68X Firmware Release Notes (Ver .66XbXX for old black housing; Ver A10_XX for new beige housing.) Version V671 / A10_21 Nov 7th, 2006 Enhancement – We’ve developed and added a new sophisticated healthy check. Besides the inclusive logical AND rule for the 3 existing healthy check i.e. all 3 checks: PING, DNS, & Time Server have to all fail, we have developed what is call load-balance healthy check. Please see the following Sys Log on item 10 and 11 for WAN1 and WAN2 respectively. In the case below: WAN1’s phone line to the ADSL modem was disconnected to simulate a broken link to the ISP. The ADSL’s Ethernet Port and the WAN1 link are still intact, with WAN1 getting a gateway address. As item 14 & 15 show: As soon as the phone line is disconnected, it is shown and also re-connected again all within the timeframe of 1 minute. - 1- © 2004-2006 Edimax Computer Version V670 / A10_19 Aug. 25th, 2006 Enhancement – Under prolonged failure of the WAN line, Healthy Check retries will timed-out. This is an extraordinary situation! Now, Healthy Check will retries 3 times to see whether the WAN connection is reconnected. If not, it will wait for 3 hours, and then tries again… 23 2006-08-02 23:05 WAN1 DHCP client try to restart 24 2006-08-02 23:05 WAN1 cable on, DHCP client start. 25 2006-08-02 23:06 Gateway 1 exist (192.168.0.1) 26 2006-08-02 23:06 WAN1 UP IP = 192.168.1.64 27 2006-08-02 23:06 No wan port for NTP Update 28 2006-08-02 23:06 [HCk] WAN1 is Back to normal !! 29 2006-08-02 23:07 WAN1 is NO response, [HCk] Disable it !! 30 2006-08-02 23:07 WAN1 cable off 31 2006-08-02 23:07 DHCP client stop. 32 2006-08-02 23:07 WAN1 Down. 33 2006-08-02 23:07 WAN1 HC(3) push to connect ... 34 2006-08-02 23:07 WAN1 cable on, DHCP client start. 35 2006-08-02 23:07 Gateway 1 exist (192.168.0.1) 36 2006-08-02 23:07 WAN1 UP IP = 192.168.1.64 37 2006-08-02 23:07 No wan port for NTP Update 38 2006-08-02 23:08 [HCk] WAN1 is Back to normal !! 39 2006-08-02 23:08 WAN1 is NO response, [HCk] Disable it !! 40 2006-08-02 23:08 WAN1 cable off 41 2006-08-02 23:08 DHCP client stop. 42 2006-08-02 23:08 WAN1 Down. 43 2006-08-02 23:09 WAN1 HC(2) push to connect ... 44 2006-08-02 23:09 WAN1 cable on, DHCP client start. 45 2006-08-02 23:09 Gateway 1 exist (192.168.0.1) 46 2006-08-02 23:09 WAN1 UP IP = 192.168.1.64 47 2006-08-02 23:09 No wan port for NTP Update 48 2006-08-02 23:09 [HCk] WAN1 is Back to normal !! 49 2006-08-02 23:10 WAN1 is NO response, [HCk] Disable it !! 50 2006-08-02 23:10 WAN1 cable off 51 2006-08-02 23:10 DHCP client stop. 52 2006-08-02 23:10 WAN1 Down. 53 2006-08-02 23:11 WAN1 HC(1) push to connect ... 54 2006-08-02 23:11 WAN1 cable on, DHCP client start. 55 2006-08-02 23:11 Gateway 1 exist (192.168.0.1) 56 2006-08-02 23:11 WAN1 UP IP = 192.168.1.64 57 2006-08-02 23:11 No wan port for NTP Update 58 2006-08-02 23:11 [HCk] WAN1 is Back to normal !! 59 2006-08-02 23:12 WAN1 is NO response, [HCk] Disable it !! 60 2006-08-02 23:12 WAN1 cable off 61 2006-08-02 23:12 DHCP client stop. 62 2006-08-02 23:12 WAN1 Down. 63 2006-08-02 23:12 WAN1 HC(0) push to connect ... 64 2006-08-02 23:12 WAN1 DHCP connect (0) in waiting 65 2006-08-02 23:12 Fail to start WAN1 (4) DHCP client 66 2006-08-02 23:12 Retry it after 180 mins - 2- © 2004-2006 Edimax Computer Version V669 / A10_18 Not released Version V668 / A10_17 May 15th, 2006 Bug-fix – Healthy Check: This is to fix the stability alert of May 5th, 2006. Under certain circumstances there may be a potential stability issue: When Health Check is enabled and failed. Version V667 / A10_16 Apr. 26th, 2006 Enhancement – UltraSmartSharing™ (Default is ON): This is a new and exclusive PermaLINK feature! You access it via: Main Page > Load Balance It provides you with automatic assignment of each LAN PC represented by an IP to a particular connected WAN line, and it will continue to use that WAN line, until time-out. Fault-tolerance and failover is automatically maintained. This is an exclusive mode that permits a group of PCs automatically to work well for games, VOIP, HTTPS, etc. We’ve developed this as a continuous innovation to support Internet Café, Schools, VOIP provider, Wireless ISP…etc Please note: If you are using PermaLINK for a few users like under 5, we recommend that you disable UltraSmartSharing. - 3- © 2004-2006 Edimax Computer Version V666 / A10_15 Mar. 22nd, 2006 Enhancement – DNS Relay: Some ISP only allows DNS queries from their own lines. i.e. DNS query packets from WAN1 is only allowed to the DNS Server of WAN1’s ISP. If you have such a requirement, please enter your PermaLINK router’s LAN IP into the DHCP Server’s Primary and Secondary DNS fields. Assuming you have the default 192.168.1.254: Then after you reset the PermaLINK router, and assuming your are a DHCP Client, at the command window please run: ipconfig/release ipconfig/renew And finally ipconfig/all You will get the following: - 4- © 2004-2006 Edimax Computer You will have the DNS Servers as 192.168.1.254. Please note: if your LAN PC uses static IP, then please configure your Primary and Secondary DNS Servers as: 192.168.1.254 Version .665 / A10_14 not released Version .664 / A10_13 Jan. 24th, 2006 BUG fix – 2 Dynamic WAN lines fail-over – When one line dropped, it caused SMTP to fail. Enhancement – Mail Alert – added additional Mail Alert System Error Logs Version .663 / A10_12 Jan. 10th, 2006 BUG fix – HEALTHY CHECK – when enabled, it caused NTP (Network Time Protocol) to fail. - 5- © 2004-2006 Edimax Computer Version .662b27 / A10_11 Dec. 23rd, 2005 BUG fix – HEALTHY CHECK the bugfix described on Version .662b23 / A10_07 Oct. 13th, 2005 was incomplete. There are 2 types of disconnections: 1. physical Ethernet LINK at the WAN port 2. some kind of data stoppage upstream from the WAN port Healthy check is a process for type 2 disconnection and for the hopefully subsequent reconnection. When it operates properly, it does fail-over and auto-reconnect when the data stream gets going again. From examining the SYSLOG, I have determined that Healthy check is invoked approximately every minute. For the type 2 disconnection, we have previously fixed the PPPoE WAN configuration. The current fix is for Static and Dynamic IP WAN configurations. There are instances when the WAN port has a physical Ethernet LINK and also a valid IP address, i.e. a Dynamic WAN configuration where the ADSL line connects using PPPoE at the ADSL modem. Here we have a physical Ethernet LINK to the ADSL modem and also a DHCP Client getting its IP from the DHCP Server in the ADSL modem. In cases where either the ISP or the Telephone company’s routers are DOWN, an enabled Healthy Check will correctly detect the disconnection and will bring the WAN connection DOWN. After one minute’s time, Healthy Check will see if the line is coming back UP again. If the connection processor sees a WAN Port with a valid IP, it assumes that the WAN line came back UP. 25 1970-01-01 00:02 [HCk] WAN2 push to connect ... 26 1970-01-01 00:02 WAN2 cable on. 27 1970-01-01 00:02 WAN2 DHCP client start. 28 1970-01-01 00:02 Gateway 2 exist (71.131.244.139) 29 1970-01-01 00:02 WAN2 UP IP = 71.131.244.140 30 1970-01-01 00:02 Request NTP Updated Time fail 31 1970-01-01 00:03 [HCk] WAN2 is Back to normal !! 32 1970-01-01 00:03 WAN2 is NO response, [HCk] Disable it 33 1970-01-01 00:03 WAN2 cable off, WAN2 DHCP client stop. 34 1970-01-01 00:03 WAN2 Down. 35 1970-01-01 00:04 [HCk] WAN2 push to connect ... 36 1970-01-01 00:04 WAN2 cable on. 37 1970-01-01 00:04 WAN2 DHCP client start. 38 1970-01-01 00:04 Gateway 2 exist (192.168.0.1) 39 1970-01-01 00:04 WAN2 UP IP = 192.168.1.64 40 1970-01-01 00:04 Request NTP Updated Time fail 41 1970-01-01 00:04 [HCk] WAN2 is Back to normal !! 42 1970-01-01 00:05 DHCP Client renewing Fail. 43 1970-01-01 00:05 WAN2 DHCP client stop. 44 1970-01-01 00:05 WAN2 Down. This cycle is approximately 90 seconds; continuous and on-going as shown in the SYSLOG. Previously, during the time period when the WAN line is assumed to be UP, the load balancer is assigning Sessions to that WAN line. But, in reality, that WAN line is actually DOWN, but Healthy Check hasn’t detected it yet. (an approximately 45 seconds time period.) So, assigned Sessions will not respond within this 45 seconds window. - 6- © 2004-2006 Edimax Computer This new version fixes the false assignment of Sessions to a WAN line that does NOT pass the enabled Healthy Check. With this bug fix, Healthy Check is highly recommended for fail-safe Internet. Version A10_10 Not released Version .662b26 / A10_09 Not released Version .662b25 / A10_08 November 9th, 2005 Bug fix – Password changing the PermaLINK Administration password did NOT work. – Global IP (for PRI-68X only) Entering a Global IP at the Virtual Server Table did NOT work. – IP Session limit Increasing the limit has NO effect. In the May 23rd, 2005 application note: Peer-2-Peer, it was recommended that the IP Session limit be increased. When a Peer-2-peer client reaches 301 IP sessions, the PermaLINK cannot behave normally. Now you can increase the number of sessions. (Suggest increase to 500.) Assuming your PermaLINK IP address is: 192.168.1.254, then you access NAT option via: http://192.168.1.254/debug/nat.htm Version .662b24 Not released - 7- © 2004-2006 Edimax Computer Version .662b23 / A10_07 October 13th, 2005 Bug fix – Healthy Check did NOT do fail-over when the WAN link was still physically connected. Under the circumstances of intermittent ISP connection disruptions, they may cause the users to think that the unit is hanged. Simulated test: 2 WANs are connected with Healthy Check enabled; WAN2 is PPPoE; and I disconnected the ADSL telephone wire from the ADSL modem. This causes the ADSL modem to be disconnected from the ISP, and yet the WAN Ethernet cable is still maintaining a link to the ADSL modem. Fail-over is shown below in which all sessions in the NAT table are using WAN1. Here is the Syslog entries showing Healthy Check detected WAN2 is down. - 8- © 2004-2006 Edimax Computer Bug fix – Double NAT, DNS relay DNS queries does not work correctly when PermaLINK is aggregating bandwidth with another router behind it also using NAT. In the specific case, the 2nd router is a DLink DSA-3100. Enhancement – Remote Config added additional protections for access to the WEB Configuration. It is recommended that you specify explicit IP address allowable to access remotely and for using another PORT besides PORT 80. Version .662b22 / A10_06 (unknown, never released) Version .662b21 / A10_05 September 23rd, 2005 Bug fix – DHCP Server accommodate Linux client and devices Version .662b20 / A10_04 September 16th, 2005 Bug fix – User interface error fix Virtual Server screen display under Basic NAT mode. Version .662b19 (Not released) Version .662b18 Aug 1st, 2005 Enhancement – TCP “Instant-cutover” When a WAN link is disconnected, TCP sessions normally have retries which cause users to experience a timeout period (a period of hanging.) We have developed a new technology called “Instant-cutover” so that either your session(s) will continue (which is ideal) or you get instant timeout error(s). If you get an instant timeout error, you may click on the refresh button, and all outstanding broken TCP session(s) from that disconnected WAN line will be switched to the other still connected WAN line(s). This will preserve, as much as possible, uninterrupted Internet access for all PermaLINK’s LAN users. Bug fix – (PRI-682, PRI-684 only) hosting DNS Servers Previously, it was not possible to host a DNS server because all DNS queries were sent to the built-in authoritative DNS server of the PermaLINK. Now, DNS queries are first sent to the built-in PermaLINK authoritative DNS server, and if it fails to resolve the address, then they will be sent to the hosted DNS server (if any, as specified in the Virtual Server Table). So, now you can indeed host a DNS Server. - 9- © 2004-2006 Edimax Computer Version .662b17 July 26th, 2005 Enhancement – PPPoE added Always-ON option There are 3 PPPoE connecting options under Main Page > Wan Configure > WANx > PPPoE: (Default to – Manual) 1. Manual – Initially the link connects, if the link is disconnected, the administrator will have to manually click on the [Connect WANx] button in the Link Status Page. 2. Dial-On-Demand – It will connect when there are TCP/IP activities from the user. 3. Always-ON – It will connect / re-connect, if at all possible, even if you manually disconnect. Since the goal is to have fault-tolerant, non-stop, failsafe Internet connections, we highly we recommend the Always-ON option. - 10- © 2004-2006 Edimax Computer Version .662b16 July 13th, 2005 Bug fixes – Mixed up between Download & Upload Speed...When WAN speeds are specified, upload and Download speeds are reversed in the Configuration Display frame. Main Page > Admin > Display It is now corrected, as in the display below. – MX record error (PRI-682, PRI-684 only) fixed in the built-in Authoritative DNS Server. - 11- © 2004-2006 Edimax Computer Version .662b15 July 1st, 2005 This is also a major upgrade; highly recommended. Bug fix – DHCP...one customer reported multiple requests of DHCP done continuously – – – Alert Email with wrong time-stamp Multi-Nat did not work with Virtual server, application is for multiple WEB servers PPPoE…When the line keep going up and down, will cause system hanging problem. Version .662b14 June 14th, 2005 This is a major upgrade to complete the the Bug fix of the immediate previous version .662b13. Highly recommended. Bug fix – Remote Configure enabled...susceptible to virus attack causing PermaLINK to hang. Enhancement – Data Monitor; Added Accumulative Session Counter to each WAN so that under the Session and Weighted Round Robin Load balancing the counters will clearly demonstrate the load balancing algorithm in action. If using the Session, the counters will be equal or off-by-one. If using Weighted Round Robin, the counters will be in proportion to the ratio specified under Weighted Round Robin load balancing. Here we have only WAN3 and WAN4 connected under Session mode load balancing. The Accumulative Session counters are 27 & 27, demonstrating that the Session Load Balancing Algorithm is in effect and operating properly as configured. Enhancement – QoS flag now defaults to selected or checked box for “Disable QoS”. You no longer have to manually do anything to get maximum throughput. http:\\192.168.1.254/debug/qos.htm - 12- © 2004-2006 Edimax Computer This display is the default. - 13- © 2004-2006 Edimax Computer Version .662b13 June 1th, 2005 This is a major upgrade, and all PermaLINK users are recommended to update to this version. Bug fix – WAN link auto-reconnection after a fail-over…(Problem introduced since Version 662b10) When one of the WAN links gets disconnected, the failsafe, fault-tolerant capability of PermaLINK will keep-on-going. Now when that particular WAN line come back online, PermaLINK will gracefully reconnect that WAN line and adds it back into the load balancing algorithm. Bug fix – (PRI-684 & PRI-682 only) Inbound load balancing WEB page error… When you are entering DNS Server records: Let suppose that the DNS record ‘test” is for WAN2. When you click on the Modify button to revise that record, it will return incorrectly WAN1 rather than WAN2 as below: It is fixed, and the above display is correct. - 14- © 2004-2006 Edimax Computer Enhancements – clarify Traffic Load Balancing Mode… Change Traffic mode to Dynamic Traffic mode because the algorithm is based on a real-time 1 second measurement of the bandwidth loading. The WAN line with the lowest loading will be selected for load balancing. In case of tie, the lowest WAN line, i.e. WAN1 will be selected. You will get the best performance under Dynamic Traffic mode. Enhancements – Total Session counters are more meaningful for Session and Weighted Round Robin mode. The Session counters will closely track the total number of sessions. Under the Sessions load balancing mode, the total sessions across the WAN lines will be close to even. Under the Weighted Round Robin mode, the total sessions across the WAN lines will be close the weighted ratio. Under the Dynamic Traffic mode, due to its real-time nature (please see previous section) the Session counter as well as all the other Data counters are static and not real-time so they are not very meaningful in this context. - 15- © 2004-2006 Edimax Computer Version .662b12 May 13th, 2005 Bug fix – Main Page > Adminstration > Display: There was a incorrect display in the “Config Show.” When you use Main Page > Access Control > Local IP Filtering. the IP addresses entered in Local IP Filtering show up incorrectly in the the System Configuration Setting. Enhancement – Main Page > Access Control > Local IP Filtering: The scrolling Port field character length has been increased from 20 characters to 40 characters. Version .662b11 April 28th, 2005 Bug fix – DHCP Server, some particular non-routable IP was not supported. Specifically: LAN IP: 10.61.2.1 Subnet: 255.255.255.0 DHCP range: From 10.61.2.125 10.61.2.200 would not respond with a dynamic IP request. What it means is that a dynamic PC client would never get an IP address. This was due to 10.X.X.X is a class A IP address class and the DHCP Server’s range limit was 500. - 16- © 2004-2006 Edimax Computer Version .662b10 April 22th, 2005 Bug fix – May have connection problem under the following simultaneous conditions: 1. Multiple WAN lines from the same ISP 2. Multiple WAN lines configured using Dynamic IP, i.e. as a DHCP client 3. The ISP is using the same DHCP Server for multiple DHCP WAN lines responding with IP addresses in the same subnet i.e. 2 WAN lines with 192.168.2.100 and 192.168.2.101 The symptom is that the 1st WAN line connects and subsequent WAN line(s) stay “connecting.” Below is the WAN configuration of a 5 port switch, 1 port connected to a router, and 4 other lines go to WAN1, WAN2, WAN3, and WAN4. All are dynamic IP using the same DHCP Server and are connected. WAN status: 1.IP address : 192.168.123.140 Netmask : 255.255.255.0 MAC address : 00.d0.da.00.06.59 Connect To : InterNet Current status: Enable Healthy Check : NoDefault Type : Dynamic IP Schedule : Disable --------------------------------------------------------2.IP address : 192.168.123.150 Netmask : 255.255.255.0 MAC address : 00.d0.da.00.06.5a Connect To : InterNet Current status: Enable Healthy Check : NoDefault Type : Dynamic IP Schedule : Disable --------------------------------------------------------3.IP address : 192.168.123.148 Netmask : 255.255.255.0 MAC address : 00.d0.da.00.06.5b Connect To : InterNet Current status: Enable Healthy Check : NoDefault Type : Dynamic IP Schedule : Disable --------------------------------------------------------4.IP address : 192.168.123.149 Netmask : 255.255.255.0 MAC address : 00.d0.da.00.06.5c Connect To : InterNet Current status: Enable Healthy Check : NoDefault Type : Dynamic IP Schedule : Disable - 17- © 2004-2006 Edimax Computer Version .662b9 April 15th, 2005 Bug fixes 1. TIME – Daylight Saving time is now correct. Previously, it decreases by 1 hour rather than advancing it by 1 hour. 2. DNS loopback – This is a desirable function whereby LAN users can also use the same URLs or global IP addresses to access Virtual Servers such as FTP, Mail Servers….etc. This bug was introduced in Version 0662b6 when the Global IP field was implemented. Previously, this capability was not working when there is an entry in the Global IP field. Now it is fixed. Please note: WAN1 and WAN2 IP should be your real IPs, not the text string. Now even with entries in the Global IP fields, PC LAN users can access Virtual Servers using Global IP addresses or URL. Version .662b8 April 8th, 2005 Enhancements 1. Improved connection retries. If a WAN configuration is using a dynamic IP and the line is dropped, PermaLINK will automatically try to reestablish the connection. 2. Implemented 2 DNS servers for the DHCP server. Now Dynamic IP PC Clients will get Primary and Secondary DNS Servers. For fault-tolerance and non-stop Internet accesses, it is highly recommend that you enter the Primary DNS server of different ISPs into these 2 DNS server field. Bug fixed Data Monitor – Clicking on the [Clear Counter] button clears all the WAN lines’ statistic at the Data Counter. Previously, it only clears the connected WAN lines, and statistics from disconnected WAN lines were also included in the percentage calculations. - 18- © 2004-2006 Edimax Computer Version .662b7 Mar. 31nd, 2005 Enhancements Implemented [Backup & Restore] and Display in Administration. 1. You can now back-up 1 configuration file named: “backup.bin” and restore from it. After restoring, you will need to reset the PermaLINK. 2. Display – will display your PermaLINK’s configuration. You may copy the configuration screen text and paste it into a text file or email message. This help tremendously to see exactly how the PermaLINK is configured. Bug fixed Inbound VPN PPTP pass through was fixed. This is for the case of VPN PPTP Clients from the Internet accessing a PPTP Sever on a LAN behind the PermaLINK router. The error was introduced in Version .662b4; Version .663b3 worked. - 19- © 2004-2006 Edimax Computer Version .662b6 Mar. 22nd, 2005 Bug fixed VPN fixed, VPN Pass through should be fully working. Enhancement Added Global IP in Virtual Server If we have multiple WEBservers, can we use the new Global IP address in the Virtual Server display as follow: an example: We have 2 WEBservers that we entered in the Inbound load balancing DNS server. These 2 WEBservers uses port 80, but have 2 sets of unique global IP and Local IP. Version .662b5 Mar. 16th, 2005 Bug fixed Never released; beta version for VPN fix - 20- © 2004-2006 Edimax Computer Version .662b4 Mar. 10th, 2005 Bug fixed DNS Attack may cause PRI-684 and PRI-682 to reset and reboot. Only released for PRI-684 and PRI-682. Version .662b3 Mar. 4th, 2005 Version synchronization Same as Version 662b2 but released for PRI-684 and PRI-582 Version .662b2 Mar. 3rd, 2005 Bug fixed VPN Pass through (Subsequent tests are that it is a partial fix, not complete, still under development) PPTP Pass through Problem - 21- © 2004-2006 Edimax Computer Version .661b1 Jan. 7th, 2005 Bug fixed Special Application: limiting packet with 27000-27100 to WAN1 did not work. I have ports 27000 through 27100 set to go through WAN 1 only, but it still seems to conform to round robin weights instead. As you can see, here is an instance where it's going through both. That is only one machine trying to connect. When this happens, I get errors with a game called counterstrike running through steam. Steam doesn't like it when it goes through both connections, it will start giving me whats called steam id ticket invalid errors. Enhancement Inbound Load Balancing – allow static IP address (when allocated by the ISP) to be mapped to the host on a DNS address record. Main Page > Load Balancing > Inbound > add New field for IP address in case you have static IP from your ISP. - 22- © 2004-2006 Edimax Computer Version 661 Dec. 29th, 2004 Enhancements 1. Clone MAC Address Show existing MAC address and permit user to change. Main Page > Advance > MAC Address Clone - 23- © 2004-2006 Edimax Computer 2. ToS Prioritizing ToS Packet processing and permit user to specify ToS DiffServ tagging. Main Page > Load Balance > ToS Click on Add to insert entries into the ToS List You may specify ToS as: Protocol: TCP UDP IP with Priority: HIGH MIDDLE NORMAL - 24- © 2004-2006 Edimax Computer Change lists (Started April 20, 2005) April 20, 2005 – 1. Revised Version 662b7 to added enhancements to Administration 2. Added Version 662b9 - 25- © 2004-2006 Edimax Computer