DSNACS NAULT02022 Network Access Software ULTRIX ECO Summary
Copyright (c) Digital Equipment Corporation 1994, 1997. All rights reserved.
PRODUCT: DECserver Network Access Software (DNAS)
COMPONENTS: DS90M, DS700, DS900TM, DS900GM
OP/SYS: ULTRIX
SOURCE: Digital Equipment Corporation
ECO INFORMATION:
ECO Kit Name: NAULT02022
ECO Kits Superseded by This Kit: NAULT04020
NAULT03020
NAULT04015
NAULT03015
NAULT02015
DNAS91A014ULT
NASE031013ULT
ECO Kit Approximate Size: 15,520 Blocks
Kit Applies To: DECserver Network Access Software V1.0, V1.1,
V1.3, V1.4,
V1.5, V2.0,
V2.1, V2.2
ULTRIX V4.0 and higher
System Reboot Necessary: No
Terminal Server Reboot: Yes
ECO KIT SUMMARY:
An ECO kit exists for DNAS V1.0 through V2.2 on ULTRIX V4.0 or greater.
Problems addressed in the NAULT02022 kit:
o The server's Telnet client does not supply useful information in
its response to send-location commands.
o PPP stops working after the server has been up for several days.
o The server sets an MTU of 0 for all SLIP connections.
o LAT connections generated unwanted BREAK signals on the server's
asynch ports.
o The server bugchecks with a code of 0003 during dialback.
o Inactive remote access ports were always logged out within 2
minutes.
This ECO resolves several problems encountered in DNAS V2.0 BL10-40 as
described below:
Problems addressed in the NAULT04020 kit:
o The server sometimes bugchecks with a code of 977 if a user enters
the break while being authenticated via Kerberos.
o The SET INTERNET ADDRESS command was not restricted to privileged
users.
o RAW TCP listeners were not included in the LIST TELNET LISTENER ALL
display.
o LAT group code supplied via Radius were not applied to the port
properly.
o The server would not always select the next highest rated node if
it's first choice of a host was unavailable due to insufficient
resources.
o Using Radius caused an intermittent loss of 1000 bytes of DRAM.
o 32 port servers would sometimes bugcheck if one of the upper 16
ports (port 17 through 32) could not keep up received data.
o The server would sometimes bugcheck with codes of 299 or 540 while
trying to establish an IP connection.
o Telnet client connections were restricted to a limited number of
TCP ports determined by the number of ports supported by the server.
o DS900GM servers would sometimes bugcheck with a code of 0002 when a
port detected that DSR had changed state.
o Authentication enforced callbacks sometimes failed to
re-authenticate the user following the callback.
Problems Addressed in the NAULT03020 Kit:
o The server would sometimes bugcheck with a code of 299 during a DNS
lookup if the DNS cache contained a root nameserver and at least
one, but not all, of the local nameservers for the default domain
name had expired.
o The server would sometimes bugcheck with a code of 500 if an
asynchronous port detected a BREAK while creating a PPP session.
o Servers would occasionally bugcheck with a code of 830 when SNMP was
used to read the accounting log.
o Servers would occasionally bugcheck with a codes of 978 and 969.
o Under certain conditions the server would bugcheck with a code of
1234 if the DIAL feature or PPP was being used.
o The use of '*' in the {SET | CHANGE | DEFINE} DIALER SERVICE foo MODE
command was too vague. The command will now accept the string "ANY".
o Authenticated ports with an access type of LOGIN would hang if the
port was not preconfigured with a default protocol of LAT, Telnet,
or ANY.
o A port type of HARD or SOFT caused some SHOW and MONITOR displays to
be truncated.
o Executing the command {PURGE | CLEAR} TELNET LISTENER 23 cleared the
listener's Identification string. It should have set it to "Telnet
Console".
o Entering a ^Z while being prompted for a telephone number while
establishing a dialback session generated a Dial Session Failure
accounting event.
o The LIST USERACCOUNT command caused a small memory leak.
o Attempting to connect to an unknown dialer service would cause the
port to hang.
o The SHOW QUEUE PORT port-number command didn't show queued LAT
connections for the correct port.
o The PURGE DIALER SCRIPT, PURGE DIALER SERVICE, PURGE USERACCOUNT,
DEFINE DIALER SERVICE, and DEFINE USERACCOUNT all caused small
memory leaks.
o RADIUS re-authentication during dialback did not always generate a
RADIUS accounting START or STOP message.
o A RADIUS supplied name for a LAT service or Telnet host would be
misread by the access server causing the connection attempt to be
misdirected.
o The text supplied in RADIUS access-rejected reply messages was not
always displayed to the user.
o The UI did not allow hyphens in node names. Attempting to connect
to node PPP-TEST would cause a PPP connection to be started.
o LAT sessions could not restore flow control following a session
switch. As a result the port occasionally got into a state where it
would display what appeared to be random data on the user's
terminal.
o Servers configured to use Kerberos authentication would experience
insufficient resource errors after several days of operation.
o The server's asynchronous ports would not generate an XON when a
remote LAT or Telnet connection was terminated.
o None of the server's SHOW displays gave the local TCP port number.
o The server did not handle the Force XON bit in LAT attention slots.
o If a framed user was authenticated by a realm which did not specify
an access type, the authentication attempt would fail and the user's
client would report a "CHAP/PAP failure"
o A successfully authenticated login attempt using PPP would result in
two login accounting events: one with a username and one without.
o PPP connection attempts would either fail with a code of 503 or fail
without displaying an error message.
This ECO resolves several problems encountered in DNAS V1.5 BL95 as
described below:
Problems addressed in the NAULT04015 kit:
o The server would occasionally bugcheck with a code of 000B.
o The server would occasionally bugcheck with a code of 0542.
o The server would occasionally bugcheck with a code of 0543.
o The server would occasionally bugcheck with a code of 0956.
o The server would occasionally bugcheck with a code of 0977.
o Unrecognized Telnet Option values would cause the message
"*** Bad Command From Peer ***" to be displayed.
o Ports would become XOFF'd during Autolink.
o Combining Menus, Password, and DSRlogout Caused Login Problems.
o Stub and Slave Name Resolution Modes Failed Under Certain
conditions.
o Data-B Slots Needed to be a Minimum Size.
o KPASSWD Operation Was Unreliable.
Problems addressed in the NAULT03015 kit:
o Reverse connections could not activate the Ring signal on a
DS700-8.
o Sending a BREAK signal to a port while establishing a LAT
connection caused the LAT circuit to drop and all other users of
the circuit would be disconnected from the host.
o Several commands caused memory leaks.
o The server would occasionally bugcheck with a code of 977.
o The server would respond to the CONNECT PPP and CONNECT SLIP
commands with an error code of 504.
o Sessions on multisession terminals (TDSMP) would hang.
o The server would occasionally bugcheck with a code of 004.
o The server would occasionally bugcheck with a code of 299.
o The server would occasionally bugcheck with a code of 500.
o The server would occasionally bugcheck with a code of 540.
o The server would occasionally bugcheck with a code of 896.
o The server would occasionally bugcheck with a code of 956.
o When installed a DEChub 900, the DS900TM and DS900GM would not LAN
hop correctly after powerup.
o Ports would occasionally hang in either the Signal Wait or Session
Mode state.
o DTRwait did work on reverse connections if the port also had Signal
Check and Modem/Signal Control enabled.
o A flash card programmed on a DS900 or DS700-16 caused the SHOW
SERVER command to display incorrect hardware information when used
on a DS700-8.
o Updating from Version 1.3 to Version 1.4 or Version 1.5 would
cause Telnet Listener port lists to become corrupted.
o A LAT Queued Access Request to a port that was set-up for only
local access would be queued by the server rather than rejected.
Problems addressed in the NAULT02015 kit:
o The version number on the DS90M is incorrect when displayed via
the SHOW MEMORY command.
o The server occasionally bugchecks with a code of 0003.
o The server occasionally bugchecks with a code of 0002
o Local login messages are displayed after the host's login banner
on LAT connections.
o Ports hang when using multisessions in combination with command
groups and menus.
o Some non-DEC terminals hang when using multisessions.
o State of DSR is not updated after a reboot of the DS700 if DSR
flow control is used.
o Ports on the DS90M sometimes get hung in the Session_Mode state
when using DSR flow control.
o XOFF characters are discarded during a brief period of time when
reverse LAT connections are being terminated.
o The commands ZERO PORT PPP, ZERO PORT SLIP, ZERO COUNTERS all
causes a small memory leak.
o Internet access may be temporarily lost when a SLIP/PPP host is
moved from one server to another.
o Authentication consistently fails due to timeout after several
weeks of operation.
o Authentication consistently fails with an error code of 3008
after several weeks of operation.
o The server did not support 16 character port names when
generating LAT start slots.
o The server responded to LAT connect requests with Service in Use
instead of Immediate Access Rejected during the modem cycle
period.
o A telnet server connection used to access an ALPHA OSF system
console remotely would experience a high data loss when executing
the pg command.
o Telnet listener ports would display unwanted local messages in
response to detecting a BREAK while there was a telnet server
connection active.
Problems addressed in the DNAS91A014ULT kit:
This ECO resolves several problems encountered in DNAS V1.4 BL91-32 as
described below:
o TDSMP users would sometimes experience a bus error bugcheck, code
0002, when attempting to establish an eighth TDSMP session.
This problem is corrected in DNAS V1.5.
o Ports having a terminal type of HARD would experience memory
allocation bugchecks, code 978, if the user attempted to use
command line recall. Command line recall should only be
available on ports having a terminal type of ANSI.
This problem is corrected in DNAS V1.5.
o Limited view ports were not properly restricted when attempting
to execute some SHOW commands.
This problem is corrected in DNAS V1.5.
o The server printed the message "local -855- software error" in
response to a nonprivileged user entering '?' to access help for
privileged commands.
This problem is corrected in DNAS V1.5.
o The command LOGOUT PORT ALL would log out the port from which it
was entered.
This problem is corrected in DNAS V1.5.
o The CHANGE/SET/DEFINE SYSTEM command was not restricted to
privileged users.
This problem is corrected in DNAS V1.5.
o The DEFINE PORT DEDICATED ip-addr DESTINATION tcp-port command
generated a syntax error.
This problem is corrected in DNAS V1.5.
o Forward, backward, and local switch characters were ignored after
connecting to a password protected LAT service.
This problem is corrected in DNAS V1.5.
o Canceling queued LAT request would sometimes cause the server to
bugcheck with a memory deallocation error of 977. The bugcheck
could be triggered by executing a REPLY/ALL command on a VMS
host.
This problem is corrected in DNAS V1.5.
o The server would bugcheck with a code of 761 if a custom TN3270
keymap included a redefinition of F15 through F20.
This problem is corrected in DNAS V1.5.
o When installed in DEChub 900 the DS900TM's LAN connections could
not be managed by HUBwatch.
This problem is corrected in DNAS V1.5.
o After several days of operation the server's Authentication
feature would get into a state where it would continually timeout
while attempting to verify user passwords.
This problem is corrected in DNAS V1.5.
o The server's available memory pool decreased each time a reverse
LAT connection was to the server. This should eventually cause
user commands to fail due to insufficient resources.
This problem is corrected in DNAS V1.5.
o The Authentication message "local -453- Authentication aborted"
was not being displayed at the correct time. If authentication
failed the current user would be logged out without a termination
message. The termination message would then be displayed between
the username and password prompt of the next authentication
attempt.
This problem is corrected in DNAS V1.5.
o The server's available memory pool decreased each time
authentication requests were terminated while prompting for the
username.
This problem is corrected in DNAS V1.5.
o The server would bugcheck due to an internal bus error, code
0002, if the authentication process was terminated while the
access server was querying the Kerberos server.
This problem is corrected in DNAS V1.5.
o Ports set to HARD or SOFT terminal types did not process escape
sequences correctly. This resulted in different failure symptoms
which included corruption of the welcome banner, corruption of
port names and bugchecks with error codes of 0002.
This problem is corrected in DNAS V1.5.
o Multisessions ports would corrupt the server memory if the
terminal did not respond to the server's CLOSE SESSION command
properly. The symptoms would be memory allocation failures,
codes 968 through 999 and hung ports.
This problem is corrected in DNAS V1.5.
o The terminal server did not properly report data overrun errors.
The problem was limited to LAT users and was characterized by the
server not generating LAT DATA-B slots to report the error to the
host.
This problem is corrected in DNAS V1.5.
Problems addressed in the NASE031013ULT kit:
This ECO resolves several problems encountered in DNAS V1.3 BL80 and
V1.3 BL80A as described below:
o Server would crash with an error code of 1186
This problem is corrected in DNAS V1.4.
o Flash RAM information supplied by the SHOW MEMORY command
displayed the DECserver model number of the unit it was
programmed on. This could be confusing if after programming the
Flash was moved to a DECserver with a different model number.
This problem is corrected in DNAS V1.4.
o The HELP command was sometimes rejected by the server.
This problem is corrected in DNAS V1.4.
o The server would not allow remote connections to ports which had
16 characters in the port name.
This problem is corrected in DNAS V1.4.
o Ports with Multisessions enabled did not efficiently implement
the Multisessions protocol's ADD_CREDIT command.
This problem is corrected in DNAS V1.4.
o DS90M units would occasionally be damaged during Flash updates.
This problem is corrected in DNAS V1.4.
o DS90M would not display console related to Flash updates.
This problem is corrected in DNAS V1.4.
o TN3270 keypad mode was lost when switching from VMS to TN3270
sessions.
This problem is corrected in DNAS V1.4.
o Inactivity Logout did work correctly.
This problem is corrected in DNAS V1.4.
o LAT connects which failed due to resource errors did not print a
local message informing the user that the connection attempt had
failed.
This problem is corrected in DNAS V1.4.
o Enhancement of LAT DATA-B processing. This was done as a
maintenance enhancement and was not done to correct any known
problem.
This problem is corrected in DNAS V1.4.
o The server would crash with an 1186 upon resuming an interrupted
LAT session.
This problem is corrected in DNAS V1.4.
o Logging out a port while it was performing a TEST SERVICE command
would cause the server to crash.
This problem is corrected in DNAS V1.4.
o A remote connection via LAT or Telnet to a Dynamic Access port
would instigate a forward connection if the port had Modem/Signal
Control enabled, a dedicated service defined, AUTOBAUD disabled,
and DTRwait enabled.
This problem is corrected in DNAS V1.4.
o Print jobs using the DECserver's Telnet Listener would experience
a data loss if the host did not accept window updates after it
had sent a FIN.
This problem is corrected in DNAS V1.4.
o Occasionally the DECserver's SHOW SESSION command would indicate
that a session was queued at entry 248 when the session was
actually in a Disconnecting state.
This problem is corrected in DNAS V1.4.
o The session number displayed during a RESUME SESSION command did
not always display the correct session.
This problem is corrected in DNAS V1.4.
o Remote Access ports on DS90M servers could get into a state where
it continually sent BREAKs to the terminal.
This problem is corrected in DNAS V1.4.
o The server would sometimes crash with a 002 code under
undetermined circumstances. This only occurred in the field test
version of this ECO specifically BL80A.12
This problem is corrected in DNAS V1.4.
This section outlines software corrections carried over from previous
ECOs which are also included in this release:
o This ECO corrects a problem characterized by the server failing
to respond to the loss of data resulting from some types of
receive data overrun condition at an asynchronous port. For
example, the LAT protocol provides DATA-B slots as a mechanism
for the server to report port level errors to the host. Each
time an error such as overrun, framing error, or parity error is
detected at the asynchronous port a DATA-B must be generated to
notify the host. There was one particular type of overrun which
would not notify the host resulting in a loss of data. This
problem affected only the DS90M and DS90TL.
This problem is corrected in DNAS V1.3.
o Ports with Autoconnect enabled and a preferred service defined
sometimes lost the use of the HELP command. Enabling this
particular set of port characteristics would cause some of the
initialization code executed on log-in to be by-passed. As a
result if the user returned to the server's Local prompt the
"HELP" command would be rejected.
This problem is corrected in DNAS V1.3.
o In some rare network environments, the server would occasionally
experience Underflow errors at the NI driver. This would cause
the server to disconnect from the NI. The symptoms included the
following:
- Users could not connect to services or hosts on the network
either through LAT or TELNET. Entering the command CONNECT
FOO for example would cause the port to appear to be hung.
The user could return to the local prompt via the local
switch and execute local server commands.
- Active sessions remained connected but could not communicate
with the host. For example if a user had connected to
service FOO before the underflow the user would remain
connected to FOO but the terminal would not echo the users
input.
- A SHOW SERVER COUNTER command would show 1 SEND FAILURE with
a FAILURE REASON of 01000000000.
This problem is corrected in DNAS V1.3.
o This ECO corrects a LAT problem characterized by the server
crashing with a crash code of 545. The problem would occur in
situations where there was a reverse LAT connection to a port.
In some cases the bugcheck would occur when cables were connected
or disconnected at the port. In other cases the crash would
occur if a BREAK was detected by the port.
This problem is corrected in DNAS V1.3.
o The parameters supplied in a LAT Start Slot for a Host Initiated
Connect did not accurately reflect the port characteristics. As
part of establishing an HIC the server generates a Start Slot
which contains information about the port characteristics
AUTOPROMPT and DIALUP. Prior to this ECO the server would always
return these characteristics as disabled regardless of their
actual setting. In most cases this would not present a problem.
This problem is corrected in DNAS V1.3.
o The VMS command "REPLY/ALL" would sometimes cause servers to
crash with a code of 977 if the VMS host had LTA devices directed
to ports on the server. For example, if a VMS host had LTA9999:,
LTA9998:, LTA9997:, and LTA9996: setup to access ports 1, 2, 3,
and 4 on server FOO, executing the VMS command REPLY/ALL
"TESTING" would sometimes crash the server. This was caused by a
problem in the server's queuing mechanism exposed by the host
queuing then canceling multiple connect requests. The failure
was not specific to VMS and could occur on ULTRIX, UNIX, or any
platform which duplicated this behavior.
This problem is corrected in DNAS V1.3.
o The server's implementation of TN3270 emulation maps the TN3270
keyboard to either a VT100 or VT220 keyboard. It also allows
users to create variants of the pre-defined TN3270 - VTXX
keyboard mapping. This allows for customized keymaps but because
of NVRAM space constraints it is recommended that a single server
wide keymap can be defined for use by multiple TN3270 users.
Prior to this ECO user defined terminals took on the
characteristics of the VT100. This prevented the keypad from
being placed in application mode on session startup or upon being
selected. This ECO corrects that problem by allowing VT220/VT100
variants to maintain the characteristics of the original terminal.
Servers using customized TN3270 Keymaps on a per port basis would
sometimes bugcheck with a crash code of 002. Because the problem
was caused by a memory leak during the deletion of keymaps the
crash would be preceded by a sharp rise in memory utilization
and would occur during port login.
This problem is corrected in DNAS V1.3.
o The DECserver Network Access Software allows the user to define a
unique character for use as a forward, backward, or local switch.
The backward and forward switches allow users to switch between
sessions without having to return to the local prompt. The local
switch allows the user to return to the local prompt in
situations where the use of BREAK is not available. This release
fixes a problem which prevented CTRL^ from being used for this
purpose. CTRL^ is generated by pressing the CTRL, Shift and
number 6 keys simultaneously and in previous releases was
rejected as an illegal value when used in the SET/DEFINE/CHANGE
FORWARD/BACKWARD/LOCAL SWITCH commands.
This problem is corrected in DNAS V1.3.
o SLIP host addresses were not being stored in NVRAM. For example
the server would accept the command DEFINE PORT SLIP HOST ADDRESS
1.2.3.4. However following a re-boot of the server the address
would be reset and a SHOW PORT SLIP would display 0.0.0.0 as the
host address.
This problem is corrected in DNAS V1.3.
o SET PORT command strings ending with the characteristic SESSION
LIMIT don't work. For example the command SET PORT AUTOBAUD ENA
SESSION LIMIT 4 would be rejected.
This problem is corrected in DNAS V1.3.
o The server would crash when it received an ICMP ECHO message with
the Record Route option set. The crash code would be 0002, which
indicates a bus error and the PC would be 0788B9FC.
This problem is corrected in DNAS V1.3.
o Fixes a problem with establishing outbound LAT or TELNET
connections from MOP remote console. Prior to this ECO if a user
attempted to connect to a host from the server's remote console
the port would hang until the local switch (~) was entered.
This problem is corrected in DNAS V1.3.
o Fixes the problem of a user's Kerberos password not being changed
at the KDC (DECathena Kerberos Key Distribution Center) even
though the DECserver "Local" message indicated that it had been
changed. Also added the following new Local messages:
Local -480- Kerberos host (KDC) rejected new password as insecure
Local -481- Kerberos host (KDC) database in use or locked
This problem is corrected in DNAS V1.3.
INSTALLATION NOTES:
This ECO is not a complete installation kit for the DNAS software and
requires prior installation of the DNAS V2.0 software kit to create
logical name and directories.
This ECO kit contains the following files:
wweng2.sys - ECO version of DS700/DS900TM/DS900GM load image.
mneng2.sys - ECO version of DS90M load image.
na02022_relnotes.mem - Release Notes
You will need system manager level privileges to install this ECO.
Notes:
1. The server must contain a minimum of 4 megabytes of memory to
run V2.2 of the DNAS software.
2. All field test versions of all obsolete baselevels are also
superseded by this ECO. A field test version is identified
by the letters FT in the baselevel field. For example, V1.5
FT95B.23-32.02 is a field test version of corrections made
after the release of V1.5 BL95B-34.
3. The modified images contain all the functionality available in
DNAS V2.2 BL29-52 and are backward compatible with earlier
images.
Installing the Network Access Server Software Kit:
- Verify that a DNAS kit has been installed. If your operating
system supports the setld -i command, use it to verify that
some version of the Network Access SW kit has been installed.
If setld is not available, verify that either wweng2.sys or
mneng2.sys exist in /usr/lib/dnet area. Or, that WWENG2 or
MNENG2 exists in the /tftpboot area.
- Backup the system disk.
- Copy the ECO kit to a scratch directory.
- Use the tar utility to extract the contents of the kit into the
scratch directory. For example:
tar xvf NAULT02022.tar .
- Use the setld to locate and de-install current versions of DNAS and
install this kit.
- Note -
setld may prompt you to remove several files. Be careful
not to accidentally delete any customized database files
unless you intend to redo them.
- Connect to either the physical or remote console port of the
DECserver. The physical console port is preferable since it
will allow you to monitor the selftest and downline load messages.
- Use the server's DEFINE SERVER SOFTWARE command to point to the
new load image. For the DS700 and DS900 servers the load image
is WWENG2. For the DS90M the load image is MNENG2 or MNENG3.
MNENG3.SYS is a non-compressed version of the DS90M load image.
It is used in situations where load time is a significant concern.
It is too large to be stored in the server's Flash RAM so a network
load host will be needed.
- If the server's Flash RAM is not going to be used in subsequent
loads, use the INIT DELAY 0 command to re-initialize the server
and load the new software. If Flash RAM will be used in subsequent
loads use the command "INIT FROM ETHER IMAGE imagename UPDATE FLASH
DELAY 0" where "imagename" is WWENG2 for the DS700 and DS900 or
MNENG2 for the DS90M.
- When the INITIALIZE command is executed the server will begin
cycling through the ROM resident selftest. When selftest
completes it will request a downline load of the software.
After the software has loaded it will check the format of
NVRAM against the current version number. If the current
version includes new features not supported by the previous
version NVRAM will be updated to include the factory default
settings for the new features. Following the NVRAM check,
server behavior will vary depending on the type of server
being used.
DS700 and DS900:
The seven segment display will begin to rotate in a "racetrack"
pattern. The delay between the image loading and the "racetrack"
pattern will vary depending on the amount of NVRAM work the image
has to do. Allow for a delay of at least 90 seconds.
DS90M:
If MNENG2 was loaded the DS90M may take up to 5 minutes to program
flash and decompress the image. During this time the unit will be
inaccessible and the port LEDs will blink in a half on, half off
pattern.
- Connect to the server and execute the SHOW SERVER command. The
software revision information displayed in response to the command
should reflect a version level of V2.2 BL29A-52. If Flash RAM has
been updated, execute the SHOW MEMORY command. It should also
indicate a version level of V2.2 BL29A-52.
- If the software verification is successful repeat the installation
for all load hosts on the network then reload all DECserver 700
(2meg), 900TM, 900GM, and 90M units on the network.
If the server continues to load an old image, verify that it is
not loading from another load host. If more than 1 load host is
available, it may be necessary to either disable the other load
hosts until after the initial load verification, or delete the old
copies of the load images.
If the installation continues to fail refer to the installation and
management guides supplied with the DNAS software.
This patch can be found at any of these sites:
Colorado Site
Georgia Site
Files on this server are as follows:
nault04020.README
nault02022.CHKSUM
nault02022.CVRLET_TXT
nault02022.tar
|
