XT-Family Firmware History

This is the firmware revision log for the XT family Products.

----------

XT-6606, XT-6632, XT-6633 VERSION 1.20 07/03/2024

1.0 INTRODUCTION

This release adds the following features:

The device will report its LAN1 Trusted address and netmask to the peer tunnel when the connection is established. The peer’s trusted address will be displayed on the “Tunnel Nodes” status display. This is intended as a diagnostic aid, to help discover forgotten IP addresses and to help identify addressing errors, such as typos, duplicate IPs, incorrect netmask, etc.

----------

XT-hEX VERSION 1.14 07/03/2024

1.0 INTRODUCTION

This release adds the following features:

The device will report its LAN1 Trusted address and netmask to the peer tunnel when the connection is established. The peer’s trusted address will be displayed on the “Tunnel Nodes” status display. This is intended as a diagnostic aid, to help discover forgotten IP addresses and to help identify addressing errors, such as typos, duplicate IPs, incorrect netmask, etc.

----------

XT-3306 VERSION 1.11 07/03/2024

1.0 INTRODUCTION

This release adds the following features:

The device will report its LAN1 Trusted address and netmask to the peer tunnel when the connection is established. The peer’s trusted address will be displayed on the “Tunnel Nodes” status display. This is intended as a diagnostic aid, to help discover forgotten IP addresses and to help identify addressing errors, such as typos, duplicate IPs, incorrect netmask, etc.

----------

XT-3305 , XT-3305s, XT-3305r0 VERSION 1.15 07/04/2024

1.0 INTRODUCTION

The device will report its LAN1 Trusted address and netmask to the peer tunnel when the connection is established. The peer’s trusted address will be displayed on the “Tunnel Nodes” status display. This is intended as a diagnostic aid, to help discover forgotten IP addresses and to help identify addressing errors, such as typos, duplicate IPs, incorrect netmask, etc.

----------

XT-3303 VERSION 1.15 07/03/2024

1.0 INTRODUCTION

This release adds the following features:

The device will report its LAN1 Trusted address and netmask to the peer tunnel when the connection is established. The peer’s trusted address will be displayed on the “Tunnel Nodes” status display. This is intended as a diagnostic aid, to help discover forgotten IP addresses and to help identify addressing errors, such as typos, duplicate IPs, incorrect netmask, etc.

----------

XT-3303 VERSION 1.14 2/13/2024

1.0 INTRODUCTION

This release adds several features to assist in the management of the Remote Client table.

A feature to sort the Remote Client table, by username, was added.

A feature to clear the Remote Client table was added.

A Remote Client table import/export feature was added that will allow a user to transfer the client table between the device and their PC. This is intended to simply transfer of the remote client table from a primary server to a backup server. The import/export file is encrypted with a user-specified password to protect the client passwords contained in the file.

----------

XT-hEX VERSION 1.13 2/13/2024

1.0 INTRODUCTION

This release adds several features to assist in the management of the Remote Client table.

A feature to sort the Remote Client table, by username, was added.

A feature to clear the Remote Client table was added.

A Remote Client table import/export feature was added that will allow a user to transfer the client table between the device and their PC. This is intended to simply transfer of the remote client table from a primary server to a backup server. The import/export file is encrypted with a user-specified password to protect the client passwords contained in the file.

----------

XT-3306 VERSION 1.10 2/13/2024

1.0 INTRODUCTION

This release adds the following features:

Addition of "IPv4 Multicast Exclusive" mode. This mode should only be used in consultation with DCB support. It is intended for applications where XT devices are being used to bridge IPv4 multicast between different subnets. It invokes a number of special filter rules which limit the scope of packets allowed to cross the bridge. Specifically, it blocks all unicast traffic. In addition, it blocks multicast link-local traffic (224.0.0.0 - 224.0.0.255) not related to IGMP. This range includes router-discovery and other local multicast protocols that should never bridge between two different subnets. Link-local IGMP membership reports are allowed to pass as they are necessary for IGMP Snooping. Users should be aware that link-local IGMP membership reports crossing subnets may confuse any Protocol Independent Multicast (PIM) enabled routers on the subnets.

Addition of "IPv4 Multicast Loop Mitigation" mode. This mode is intended for use with "IPv4 Multicast Exclusive" mode. It performs non-standard time-to-live (TTL) processing on IPv4 multicast packets in order to mitigate multicast packet loops. In order to use this feature, the end-user may need the ability to configure the original TTL value in their multicast source devices. When a packet with a TTL of 0 or 1 passes through the tunnel, the TTL will be replaced with the value of 3 and allowed to pass. Any value of 3 or greater is decremented by one and allowed to pass. A TTL value of 2 is blocked. Thus, an original TTL of 0 or 1 will be allowed to cross the tunnel 2 times. An original TTL of 3 or greater will be allowed to cross the tunnel (TTL - 2) times. An original TTL of 2 will not be allowed to cross the tunnel at all. This logic was chosen because many multicast applications that hard-code the TTL will use a TTL of 1.

This release adds several features to assist in the management of the Remote Client table.

A feature to sort the Remote Client table, by username, was added.

A feature to clear the Remote Client table was added.

A Remote Client table import/export feature was added that will allow a user to transfer the client table between the device and their PC. This is intended to simply transfer of the remote client table from a primary server to a backup server. The import/export file is encrypted with a user-specified password to protect the client passwords contained in the file.

This release corrects the following issues:

Several minor bugs in the web interface were corrected.

The web interface was modified to improve response time when retrieving the interface statistics.

----------

XT-3305S, XT-3305s, XT-3305r0 VERSION 1.14 2/14/2024

1.0 INTRODUCTION

This release adds several features to assist in the management of the Remote Client table.

A feature to sort the Remote Client table, by username, was added.

A feature to clear the Remote Client table was added.

A Remote Client table import/export feature was added that will allow a user to transfer the client table between the device and their PC. This is intended to simply transfer of the remote client table from a primary server to a backup server. The import/export file is encrypted with a user-specified password to protect the client passwords contained in the file.

----------

XT-6606, XT-6632, XT-6633 VERSION 1.19 02/09/2024

1.0 INTRODUCTION

This release adds several features to assist in the management of the Remote Client table.

A feature to sort the Remote Client table, by username, was added.

A feature to clear the Remote Client table was added.

A Remote Client table import/export feature was added that will allow a user to transfer the client table between the device and their PC. This is intended to simply transfer of the remote client table from a primary server to a backup server. The import/export file is encrypted with a user-specified password to protect the client passwords contained in the file.

----------

XT-3305S, XT-3305s VERSION 1.13 12/01/2023

1.0 INTRODUCTION

This release adds the following features:

Addition of "IPv4 Multicast Exclusive" mode. This mode should only be used in consultation with DCB support. It is intended for applications where XT devices are being used to bridge IPv4 multicast between different subnets. It invokes a number of special filter rules which limit the scope of packets allowed to cross the bridge. Specifically, it blocks all unicast traffic. In addition, it blocks multicast link-local traffic (224.0.0.0 - 224.0.0.255) not related to IGMP. This range includes router-discovery and other local multicast protocols that should never bridge between two different subnets. Link-local IGMP membership reports are allowed to pass as they are necessary for IGMP Snooping. Users should be aware that link-local IGMP membership reports crossing subnets may confuse any Protocol Independent Multicast (PIM) enabled routers on the subnets.

Addition of "IPv4 Multicast Loop Mitigation" mode. This mode is intended for use with "IPv4 Multicast Exclusive" mode. It performs non-standard time-to-live (TTL) processing on IPv4 multicast packets in order to mitigate multicast packet loops. In order to use this feature, the end-user may need the ability to configure the original TTL value in their multicast source devices. When a packet with a TTL of 0 or 1 passes through the tunnel, the TTL will be replaced with the value of 3 and allowed to pass. Any value of 3 or greater is decremented by one and allowed to pass. A TTL value of 2 is blocked. Thus, an original TTL of 0 or 1 will be allowed to cross the tunnel 2 times. An original TTL of 3 or greater will be allowed to cross the tunnel (TTL - 2) times. An original TTL of 2 will not be allowed to cross the tunnel at all. This logic was chosen because many multicast applications that hard-code the TTL will use a TTL of 1.

This release corrects the following:

Several minor issues in the web interface were corrected.

The web interface was modified to improve response time when retrieving the interface statistics.

----------

XT-3303 VERSION 1.13 12/01/2023

1.0 INTRODUCTION

This release adds the following features:

Addition of "IPv4 Multicast Exclusive" mode. This mode should only be used in consultation with DCB support. It is intended for applications where XT devices are being used to bridge IPv4 multicast between different subnets. It invokes a number of special filter rules which limit the scope of packets allowed to cross the bridge. Specifically, it blocks all unicast traffic. In addition, it blocks multicast link-local traffic (224.0.0.0 - 224.0.0.255) not related to IGMP. This range includes router-discovery and other local multicast protocols that should never bridge between two different subnets. Link-local IGMP membership reports are allowed to pass as they are necessary for IGMP Snooping. Users should be aware that link-local IGMP membership reports crossing subnets may confuse any Protocol Independent Multicast (PIM) enabled routers on the subnets.

Addition of "IPv4 Multicast Loop Mitigation" mode. This mode is intended for use with "IPv4 Multicast Exclusive" mode. It performs non-standard time-to-live (TTL) processing on IPv4 multicast packets in order to mitigate multicast packet loops. In order to use this feature, the end-user may need the ability to configure the original TTL value in their multicast source devices. When a packet with a TTL of 0 or 1 passes through the tunnel, the TTL will be replaced with the value of 3 and allowed to pass. Any value of 3 or greater is decremented by one and allowed to pass. A TTL value of 2 is blocked. Thus, an original TTL of 0 or 1 will be allowed to cross the tunnel 2 times. An original TTL of 3 or greater will be allowed to cross the tunnel (TTL - 2) times. An original TTL of 2 will not be allowed to cross the tunnel at all. This logic was chosen because many multicast applications that hard-code the TTL will use a TTL of 1.

This release corrects the following:

Several minor issues in the web interface were corrected.

The web interface was modified to improve response time when retrieving the interface statistics.

----------

XT-hEX VERSION 1.12 12/01/2023

1.0 INTRODUCTION

This release adds the following features:

Addition of "IPv4 Multicast Exclusive" mode. This mode should only be used in consultation with DCB support. It is intended for applications where XT devices are being used to bridge IPv4 multicast between different subnets. It invokes a number of special filter rules which limit the scope of packets allowed to cross the bridge. Specifically, it blocks all unicast traffic. In addition, it blocks multicast link-local traffic (224.0.0.0 - 224.0.0.255) not related to IGMP. This range includes router-discovery and other local multicast protocols that should never bridge between two different subnets. Link-local IGMP membership reports are allowed to pass as they are necessary for IGMP Snooping. Users should be aware that link-local IGMP membership reports crossing subnets may confuse any Protocol Independent Multicast (PIM) enabled routers on the subnets.

Addition of "IPv4 Multicast Loop Mitigation" mode. This mode is intended for use with "IPv4 Multicast Exclusive" mode. It performs non-standard time-to-live (TTL) processing on IPv4 multicast packets in order to mitigate multicast packet loops. In order to use this feature, the end-user may need the ability to configure the original TTL value in their multicast source devices. When a packet with a TTL of 0 or 1 passes through the tunnel, the TTL will be replaced with the value of 3 and allowed to pass. Any value of 3 or greater is decremented by one and allowed to pass. A TTL value of 2 is blocked. Thus, an original TTL of 0 or 1 will be allowed to cross the tunnel 2 times. An original TTL of 3 or greater will be allowed to cross the tunnel (TTL - 2) times. An original TTL of 2 will not be allowed to cross the tunnel at all. This logic was chosen because many multicast applications that hard-code the TTL will use a TTL of 1.

This release corrects the following:

Several minor issues in the web interface were corrected.

The web interface was modified to improve response time when retrieving the interface statistics.

----------

XT-6606, XT-6632, XT-6633, VG-500x VERSION 1.18 12/01/2023

1.0 INTRODUCTION

This release adds the following features: This release adds a private-label version of the XT-6606 named the VG-500x.

This release corrects the following:

Several minor bugs in the web interface were corrected.

The web interface was modified to improve response time when retrieving the interface statistics.

----------

XT-6606, XT-6632, XT-6633 VERSION 1.17 3/8/2023

1.0 INTRODUCTION

This release adds the following features:

XT-6633, XT-6606 – LAN2 and/or LAN3 may be disabled as untrusted ports and attached to the trusted LAN1 bridge. This allows for 2 devices to be connected to the trusted network without the need for a switch.

This release corrects the following:

This release corrects a security vulnerability in the web server “CGI-session” authentication method.

The firmware was modified to ignore ICMP timestamp requests on the untrusted interface.

----------

XT-hEX VERSION 1.11 2/27/2023

1.0 INTRODUCTION

This release adds the following features:

XT-6633, XT-6606 – LAN2 and/or LAN3 may be disabled as untrusted ports and attached to the trusted LAN1 bridge. This allows for 2 devices to be connected to the trusted network without the need for a switch.

This release corrects the following:

This release corrects a security vulnerability in the web server “CGI-session” authentication method.

The firmware was modified to ignore ICMP timestamp requests on the untrusted interface.

A local NTP server was added. This will allow the unit to pull time from the untrusted network and then serve time on the trusted network. The NTP server is enabled in “Tools – NTP”.

A feature was added to prevent the use of “static key ciphers” when negotiating the TLS connection to the web server. This feature is optional and may be configured in “Administration – Access Control”.

A tunnel watchdog feature was added that will cause the unit to reboot if it fails to establish a tunnel connection within a specified period of time. Before rebooting, the unit will take a snapshot of the system state and write it to non-volatile memory.

This release corrects the following:

This release corrects a security vulnerability in the web server “CGI-session” authentication method.

----------

XT-3303 VERSION 1.12 2/27/2023

1.0 INTRODUCTION

This release adds the following features:

A local NTP server was added. This will allow the unit to pull time from the untrusted network and then serve time on the trusted network. The NTP server is enabled in “Tools – NTP”.

A feature was added to prevent the use of “static key ciphers” when negotiating the TLS connection to the web server. This feature is optional and may be configured in “Administration – Access Control”.

A tunnel watchdog feature was added that will cause the unit to reboot if it fails to establish a tunnel connection within a specified period of time. Before rebooting, the unit will take a snapshot of the system state and write it to non-volatile memory.

This release corrects the following:

This release corrects a security vulnerability in the web server “CGI-session” authentication method.

----------

XT-3305, XT-3305s, EE-820 VERSION 1.12 2/27/2023

1.0 INTRODUCTION

This release adds the following feature:

A tunnel watchdog feature was added that will cause the unit to reboot if it fails to establish a tunnel connection within a specified period of time. Before rebooting, the unit will take a snapshot of the system state and write it to non-volatile memory.

This release corrects the following:

This release corrects a security vulnerability in the web server “CGI-session” authentication method.

----------

XT-3306 VERSION 1.09 2/27/2023

1.0 INTRODUCTION

This release corrects the following:

This release corrects a security vulnerability in the web server “CGI-session” authentication method.

The firmware was modified to ignore ICMP timestamp requests on the untrusted interface.

----------

XT-6606, XT-6632, XT-6633 VERSION 1.16 7/28/2022

1.0 INTRODUCTION

This release adds the following features:

Updated the SSL crypto library to include ephemeral key ciphers.

Added a parameter under “Administration – Access Control” to disable the use of static-key ciphers by the web server. This effectively forces the use of the ephemeral key ciphers.

(Note: The above two features were requested by a government customer to meet the requirement of a security audit)

This release adds a new product variant called the XT-6633. The XT-6633 is simply the XT-6632 with an additional Ethernet card installed in the expansion slot allowing for a second untrusted interface. Customers needing the additional interface can load the XT-6633 firmware to their XT-6632 and then install the Ethernet card. The conversion process will preserve their current configuration. The only card currently supported is the Intel Gigabit CT Desktop Adapter, part number EXPI9301CTBLK. The card utilizes an Intel 82574L PCI-e Ethernet controller.

----------

XT-3303 VERSION 1.11 4/21/2022

1.0 INTRODUCTION

This release adds the following feature:

Add support for a new flash memory device (gd25q40).

----------

XT-6606, XT-6632 VERSION 1.15 4/15/2022

1.0 INTRODUCTION

This release adds the following features:

A new web server certificate can be generated without the use of a USB flash drive. This will allow users to replace an expired certificate without having physical access to the unit. (Administration - New Web Certificate).

Added support for SAN1/SAN2 fields in the web certificate. This release corrects the following:

Fix protocol in the terminal server. The telnet protocol inserts a null byte after a single carriage-return character. The null byte should be removed from the data stream before output to the serial port.

Fix blocked-write in the terminal server. An output overflow condition could potentially lockup the terminal server.

----------

XT-6606, XT-6632 VERSION 1.14 4/15/2022

1.0 INTRODUCTION

This release removed support for TLS v1.0 and TLS v1.1.

----------

XT-hEX VERSION 1.10 4/12/2022

1.0 INTRODUCTION

This release adds the following features:

Web server support for TLS v1.1 has been removed. The web server will now only support TLS v1.2.

Added support for SAN1/SAN2 fields in the web certificate.

This release updates the Linux system and utilities to 4.14.267.

----------

XT-3303 VERSION 1.08 4/12/2022

1.0 INTRODUCTION

This release adds the following features:

Web server support for TLS v1.1 has been removed. The web server will now only support TLS v1.2.

The TLS implementation was patched for the SWEET32 vulnerability.

Added support for SAN1/SAN2 fields in the web certificate.

This release corrects the following:

Fix protocol in the terminal server. The telnet protocol inserts a null byte after a single carriage-return character. The null byte should be removed from the data stream before output to the serial port.

Fix blocked-write in the terminal server. An output overflow condition could potentially lockup the terminal server.

----------

XT-3303 VERSION 1.10 4/12/2022

1.0 INTRODUCTION

This release adds the following features:

Web server support for TLS v1.1 has been removed. The web server will now only support TLS v1.2.

Added support for SAN1/SAN2 fields in the web certificate.

This release corrects the following :

Correct protocol in the terminal server. The telnet protocol inserts a null byte after a single carriage-return character. The null byte should be removed from the data stream before output to the serial port.

Fix blocked-write in the terminal server. An output overflow condition could potentially lockup the terminal server.

This release updates the Linux system and utilities to 4.14.267.

----------

XT-3305, XT-3305s, EE-820 VERSION 1.11 4/1/2022

1.0 INTRODUCTION

This release adds the following features:

Web server support for TLS v1.1 has been removed. The web server will now only support TLS v1.2. This release corrects the following:

Fix telnet protocol in the terminal server. The telnet protocol inserts a null byte after a single carriage-return character. The null byte should be removed from the data stream before output to the serial port.

Fix blocked-write in the terminal server. An output overflow condition could potentially lockup the terminal server.

----------

XT-6606, XT-6632 VERSION 1.13 10/29/2021

1.0 INTRODUCTION

This release adds the following features:

This release increases the number of "Accepted Web IP Source Addresses" from 2 to 4.

----------

XT-6606, XT-6632 VERSION 1.12 8/23/2021

1.0 INTRODUCTION

This release adds the following features:

Static routing table per interface.

Alias IP address per interface.

Note: Both of these features were available in the ET product line and had already been included in the XT-3303, XT-3305, and XT-hEX.

This release also corrects some typos in the web screens.

----------

XT-3306 VERSION 1.07 6/3/2021

1.0 INTRODUCTION

The following features and corrections were implemented.

This release corrects several possible vulnerabilities in the configuration web server. This includes disabling support for TLS v1.0. The web server now only supports TLS v1.1 and v1.2. As a result, users relying on Windows XP to configure the XT-3306 may find that they can no longer connect to the web server.

The DDNS feature was updated to support HTTPS. More logging was also added to help debug DDNS problems.

----------

XT-6606, XT-6632 VERSION 1.11 6/3/2021

1.0 INTRODUCTION

The DDNS feature was updated to support HTTPS. More logging was also added to help debug DDNS problems.

----------

XT-hEX VERSION 1.09 6/3/2021

1.0 INTRODUCTION

The DDNS feature was updated to support HTTPS. More logging was also added to help debug DDNS problems.

----------

XT-3305, XT-3305s, EE-820 VERSION 1.10 6/3/2021

1.0 INTRODUCTION

The DDNS feature was updated to support HTTPS. More logging was also added to help debug DDNS problems.

----------

XT-3303 VERSION 1.09 6/3/2021

1.0 INTRODUCTION

The DDNS feature was updated to support HTTPS. More logging was also added to help debug DDNS problems.

----------

XT-6605, XT-6606, XT-6632 V1.10 1/8/2021

This release corrects the following:

Several possible vulnerabilities in the web server were patched. This includes addressing the SWEET32 vulnerability in TLS and disabling support for TLS v1.0. This means that the web server will only support TLS v1.1 and v1.2. As a result, users relying on Windows XP to configure the device may find that they can no longer connect to the web server.

This release adds the following features:

Additional metrics were added to the Ethernet Tunnel. The "Tunnel Nodes" status display will show the bandwidth and packet-per-second load on the unit.

The MAC table was increased from 2048 entries to 4096 entries.

The Multicast Snooping table was increased from 2048 entries to 16384 entries.

The network socket buffering was increased by 10x. (XT-6632 only)

Addition of "IPv4 Multicast Exclusive" mode. This mode should only be used in consultation with DCB support. It is intended for applications where XT devices are being used to bridge IPv4 multicast between different subnets. It invokes a number of special filter rules which limit the scope of packets allowed to cross the bridge. Specifically, it blocks all unicast traffic. In addition, it blocks multicast link-local traffic (224.0.0.0 - 224.0.0.255) not related to IGMP. This range includes router-discovery and other local multicast protocols that should never bridge between two different subnets. Link-local IGMP membership reports are allowed to pass as they are necessary for IGMP Snooping. Users should be aware that link-local IGMP membership reports crossing subnets may confuse any Protocol Independent Multicast (PIM) enabled routers on the subnets.

Addition of "IPv4 Multicast Loop Mitigation" mode. This mode is intended for use with "IPv4 Multicast Exclusive" mode. It performs non-standard time-to-live (TTL) processing on IPv4 multicast packets in order to mitigate multicast packet loops. In order to use this feature, the end-user may need the ability to configure the original TTL value in their multicast source devices. When a packet with a TTL of 0 or 1 passes through the tunnel, the TTL will be replaced with the value of 3 and allowed to pass. Any value of 3 or greater is decremented by one and allowed to pass. A TTL value of 2 is blocked. Thus, an original TTL of 0 or 1 will be allowed to cross the tunnel 2 times. An original TTL of 3 or greater will be allowed to cross the tunnel (TTL - 2) times. An original TTL of 2 will not be allowed to cross the tunnel at all. This logic was chosen because many multicast applications that hard-code the TTL will use a TTL of 1.

Note: The above two features are intended for an RoIP application where the customer is using the XT tunnels to exclusively bridge their RoIP multicast. They have wide-area layer-3 network access to all of their nodes, but their service provider is not providing multicast routing. This customer has been using our tunnels for quite some time and has been configuring filters to only pass multicast. However, every once in a while, they forget to install the filter rules. When this occurs, very bad things happen on their network. By enabling IPv4 Multicast Exclusive mode in their server, they no longer need to configure each client device with the filter rules. The IPv4 Multicast Loop Mitigation is to prevent a network meltdown in the event that two client tunnels are accidentally installed on the same subnet.

----------

XT-3303 VERSION 1.08 12/9/2020

1.0 INTRODUCTION

This release corrects several possible vulnerabilities in the web server. This includes addressing the SWEET32 vulnerability in TLS and disabling support for TLS v1.0. The web server will only support TLS v1.1 and v1.2. As a result, users relying on Windows XP to configure the XT-3303 may find that they can no longer connect to the web server.

This release adds some additional metrics to the Ethernet Tunnel. The "Tunnel Nodes" status display will show the bandwidth and packet-per-second load on the unit.

----------

XT-3305, XT-3305-S VERSION 1.09 12/8/2020

1.0 INTRODUCTION

This is the initial firmware release for the XT-3305-S. This is an XT-3305 with a RS-232 serial port.

The following features and corrections were implemented for the XT-3305.

This release patches several possible vulnerabilities in the configuration web server. This includes addressing the SWEET32 vulnerability in TLS and disabling support for TLS v1.0. This means that the web server will only support TLS v1.1 and v1.2. As a result, users relying on Windows XP to configure the XT-3305 may find that they can no longer connect to the web server.

This release adds some additional metrics to the Ethernet Tunnel. The "Tunnel Nodes" status display will show the bandwidth and packet-per-second load on the unit.

This release adds the following feature:

The ability to view the Linux system firewall was added to the "status" menu.

----------

XT-3305 VERSION 1.08 9/21/2020

1.0 INTRODUCTION

This release corrects the following:

There was problem related to NAND flash bad-block handling which prevented firmware installation on some units. If the first block of the UBI partition was bad, the system would not allow the UBI filesystem to be created.

This release adds the following feature:

The ability to view the Linux system firewall was added to the "status" menu.

----------

XT-3303 VERSION 1.07 9/18/2020

1.0 INTRODUCTION

This is the initial release of the XT-3303 firmware. It starts at v1.07 to indicate it's feature compatibility with the other XT products.

----------

XT-3306 VERSION 1.06 6/25/2020

1.0 INTRODUCTION

This release corrects the following:

When the Ethernet Tunnel is configured for TCP mode, the device may get in a state where it can't connect with it's peer. The Server Tunnel Log will repeatedly report the error "No challenge response from client". The Client Tunnel Log will repeatedly report "Timeout waiting for challenge from server". This problem effects both client and server devices.

----------

XT-6605, XT-6606, XT-6632 VERSION 1.09 08/31/2020

1.0 INTRODUCTION

This release adds the following feature:

This release adds the ability to view the Linux system firewall. This feature was requested by a Utility customer needing to verify the firewall for a CIP audit. The new feature is found under "Status - Firewall".

XT-3306 VERSION 1.06 6/25/2020

1.0 INTRODUCTION

This release corrects the following:

When the Ethernet Tunnel is configured for TCP mode, the device may get in a state where it can't connect with it's peer. The Server Tunnel Log will repeatedly report the error "No challenge response from client". The Client Tunnel Log will repeatedly report "Timeout waiting for challenge from server". This problem effects both client and server devices.

----------

XT-3305 VERSION 1.07 6/25/2020

1.0 INTRODUCTION

This release corrects the following:

When the Ethernet Tunnel is configured for TCP mode, the device may get in a state where it can't connect with it's peer. The Server Tunnel Log will repeatedly report the error "No challenge response from client". The Client Tunnel Log will repeatedly report "Timeout waiting for challenge from server". This problem effects both client and server devices.

The Ethernet Tunnel would not transport an Ethernet frame if it was a UDP packet with a checksum error in the UDP header. The XT-3305 hardware has a feature to automatically discard such packets. Our other tunnel products do not have such a feature, so this feature was disabled to maintain consistency across the platforms. The problem was discovered because a customer was using an Ethernet test set to validate a tunnel connection. The test set used UDP frames to perform it's test, but did not generate valid UDP checksums.

Note: Instead of requiring customers to upgrade v1.04 and v1.05 units to v1.06, followed by installing v1.07, a special v1.07 version was generated that eliminates the extra step. If the customer does choose the wrong image, it won't damage anything. Instead they will receive an "invalid firmware image" message.

XT-3305_v1.07.bin - Upgrade image via the web browser - for units running firmware 1.06.
XT-3305r0_v1.07.bin - Upgrade image via the web browser - for units running firmware v1.04 or v1.05.

----------

XT-6605, XT-6606, XT-6632 VERSION 1.08 6/08/2020

1.0 INTRODUCTION

This release corrects the following:

Multicast-snooping was running even though the configuration was set for disabled. In most applications this would not cause any issue. However, some applications, especially those where the XT is carrying multiple VLANs, may have a problem. The problem would manifest where multicast seems to operate correctly for 5 to 10 minutes, then stop running. Resetting the XT, pulling and reinserting the LAN cable, or stopping and restarting the multicast application would cause the multicast to resume again for 5 to 10 minutes.

When the Ethernet Tunnel is configured for TCP mode, the device may get in a state where it can't connect with it's peer. The Server Tunnel Log will repeatedly report the error "No challenge response from client". The Client Tunnel Log will repeatedly report "Timeout waiting for challenge from server". This problem effects both client and server devices.

This release adds the following feature:

The Simultaneous Client Connection feature, present in the UT/ET product lines, had been removed from the XT product line. Several customers have become dependent on this feature, so it has been restored to the XT product line.

----------

XT-3306 VERSION 1.05 5/18/2020

1.0 INTRODUCTION

This release corrects the following:

The switch port counters displayed on the Interface Status page were erroneous.

Multicast-snooping was running even though the configuration was set for disabled. In most applications this would not cause any issue. However, some applications, especially those where the XT is carrying multiple VLANs, may have a problem. The problem would manifest where multicast seems to operate correctly for 5 to 10 minutes, then stop running. Resetting the XT, pulling and reinserting the LAN cable, or stopping and restarting the multicast application would cause the multicast to resume again for 5 to 10 minutes.

This release adds the following feature:

The Simultaneous Client Connection feature, present in the UT/ET product lines, had been removed from the XT product line. Several customers have become dependent on this feature, so it has been restored to the XT product line.

----------

XT-3305 VERSION 1.05 5/18/2020

1.0 INTRODUCTION

This release corrects the following:

The switch port counters displayed on the Interface Status page were erroneous.

Multicast-snooping was running even though the configuration was set for disabled. In most applications this would not cause any issue. However, some applications, especially those where the XT is carrying multiple VLANs, may have a problem. The problem would manifest where multicast seems to operate correctly for 5 to 10 minutes, then stop running. Resetting the XT, pulling and reinserting the LAN cable, or stopping and restarting the multicast application would cause the multicast to resume again for 5 to 10 minutes.

This release adds the following feature:

The Simultaneous Client Connection feature, present in the UT/ET product lines, had been removed from the XT product line. Several customers have become dependent on this feature, so it has been restored to the XT product line.

----------

XT-6632 VERSION 1.07 12/20/2019

1.0 INTRODUCTION

This release corrects the following:

LAN2 PPPoE mode did not work. A PPPoE module had been installed on the system, which was not compatible with the underlying Linux system. This was specific to the XT-6632. The other XT products had the correct PPPoE module.

----------

XT-6632 VERSION 1.06 9/16/2019

1.0 INTRODUCTION

This is a maintenance release for new hardware. The firmware was modified to support the X11 motherboard. The X11 motherboard has 1 serial port where the X10 motherboard had 2. The firmware will detect the motherboard type and enable/disable configuration of the second serial port.

----------

XT-3305 VERSION 1.04 7/26/2019

1.0 INTRODUCTION

This is the initial release of the XT-3305 firmware, starting at v1.04 to indicate it's feature compatibility with the other XT products.

----------

XT-3306 VERSION 1.04 April 15, 2019

This release adds the following feature:

The Limit UDP Packet Size feature was extended to allow selection of the maximum UDP payload size. In the previous firmware, the maximum UDP payload size was fixed to 1412 bytes. The user may now select between 1412, 1316, 1188, and 1092 bytes. Only the 1412 size is backward compatible with older firmware. If a smaller size is selected and one of the units is running older firmware, the connection will fail with a time-out.

NOTE: The purpose for adding the smaller UDP Payload sizes is to address the MTU issue that customers are encountering when deploying UT/XT tunnels on LTE networks.

----------

XT-6605, XT-6606, XT-6632 VERSION 1.05 April 15, 2019

This release adds the following feature:

The Limit UDP Packet Size feature was extended to allow selection of the maximum UDP payload size. In the previous firmware, the maximum UDP payload size was fixed to 1412 bytes. The user may now select between 1412, 1316, 1188, and 1092 bytes. Only the 1412 size is backward compatible with older firmware. If a smaller size is selected and one of the units is running older firmware, the connection will fail with a time-out.

NOTE: The purpose for adding the smaller UDP Payload sizes is to address the MTU issue that customers are encountering when deploying UT/XT tunnels on LTE networks.

----------

XT-6605, XT-6606, XT-6632 VERSION 1.04 March 20, 2019

This release corrects the following issue:

- The bridge server, when running in TCP or Both mode, may unexpectedly terminate due to receiving an invalid network packet. The server would automatically recover, but would cause a 30 second network disruption.

- The bridge server, when running in TCP or Both mode and set for no encryption, may unexpectedly terminate when a remote TCP client disconnects.The server would automatically recover, but would cause a 30 second network disruption.

- Corrected several typos with serial setup.

----------

XT-3306 VERSION 1.03 March 20, 2019

This release corrects the following issue:

- The bridge server, when running in TCP or Both mode, may unexpectedly terminate due to receiving an invalid network packet. The server would not recover automatically.

- The bridge server, when running in TCP or Both mode and set for no encryption, may unexpectedly terminate when a remote TCP client disconnects. The server would not recover automatically.

- Corrected several typos with serial setup.

Note: v1.02 was a test version and not released.

----------

XT-6605, XT-6606, XT-6632 VERSION 1.03 October 11, 2017

This release corrects the following issue:

- A change in the Time-Zone setting required a reboot to take effect.

----------

XT-3306 VERSION 1.02 September 19, 2017

This release corrects the following issue:

Ethernet Tunnel configuration changes cause a slow response from the web browser. This issue is not fatal, but is annoying. It is a result of implementing a new MAC address range for the Ethernet controllers and the way MAC addresses are prioritized in a bridge.

----------

XT-6605, XT-6606, XT-6632 Firmware V1.01 Release Notes 2/1/2017

This release corrects the following:

There was a race condition in the tunnel fail-over feature that could result in a client simultaneously connecting to both the primary and alternate server. Any unit configured with fail-over backup connetions should install this update.

If DHCP is enabled and a DHCP lease is lost, the device would receive a new address, but the DNS requests would continue to be sent using the defunct IP address. This would result in never receiving a DNS reply and failure to resolve a name. This type of failure is likely to occur only when a router, also acting as a DHCP server, goes down for a period of time longer than the DHCP lease.

This release adds the following feature:

A layer-3 firewall was added in front of the tunnel server untrusted port. Since the XT products allow TCP for the tunnel connection, this opens up the problem of nuisance TCP connections to the server. The layer-3 firewall can be configured to match on source IP addresses and allow or block the connection. The new feature is found on the "Ethernet Tunnel - Server Firewall" page. This will reduce nuiance log entries.

----------

XT-3306 Firmware V1.01 Release Notes 2/1/2017

This release corrects the following:

Instead of being set to the static MAC address assigned to the device, the system was generating a random virtual MAC address. This was corrected and LAN1 is now set to the assigned MAC.

There was a race condition in the tunnel fail-over feature that could result in a client simultaneously connecting to both the primary and alternate server. Any unit configured with fail-over backup connetions should install this update.

If DHCP is enabled and a DHCP lease is lost, the device would receive a new address, but the DNS requests would continue to be sent using the defunct IP address. This would result in never receiving a DNS reply and failure to resolve a name. This type of failure is likely to occur only when a router, also acting as a DHCP server, goes down for a period of time longer than the DHCP lease.

This release adds the following feature:

A layer-3 firewall was added in front of the tunnel server untrusted port. Since the XT products allow TCP for the tunnel connection, this opens up the problem of nuisance TCP connections to the server. The layer-3 firewall can be configured to match on source IP addresses and allow or block the connection. The new feature is found on the "Ethernet Tunnel - Server Firewall" page. This will reduce nuiance log entries.

----------

XT-3306 VERSION 1.00 9/28/2016

1.0 INTRODUCTION

This is the initial release of the XT-3306 firmware

----------


img
Data Comm for Business Inc.
2949 County Road 1000 E
Dewey, Il 61840
Voice: 217-897-6600
Toll Free: 800-4-DCB-NET
Toll Free: 800-432-2638
Email: Contact Page
Web: www.dcbnet.com
Fax: 217-897-8023
All DCB web pages copyright ©1995- Data Comm for Business, All rights reserved.
EtherPath®, EtherSeries®, EtherPoll®, EtherBridge® and EtherModem® are Registered Trademarks of Data Comm for Business, Inc.