What's New and Release Notes for 26.x

PCE and NEN became stuck in a provisioning loop (E-84712)

Implementing an actor-only policy change caused a provisioning loop in which the PCE continually sent the same policy to the NEN which in turn applied it continually to the F5 SLB. The loop was reported in the network_enforcement log and F5 logs. This problem occurred because actor-only policy changes lack a rule version and NENs don't store or acknowledge policy changes that lack a rule version. This issue is fixed. Now, NENs that receive actor-only policy changes use the last-stored rule version from their database, allowing these NENs to acknowledge such policy changes to the PCE.

Full policy update not performed on tampered DVSs (E-84614)

When a NEN was triggered to perform a tampering check on Discovered Virtual Servers (DVS), a full policy update didn't occur and only the address list was updated. This issue is fixed: tampered DVSs now receive a full policy update.

Maximum number of auth tokens exceeded (E-84573)The error maximum active login tokens occurred when too many F5 authentication tokens where generated in a 20 minute period. Prior to this fix, a new F5 authentication token was generated whenever a Discovered Virtual Server (DVS) was unprogrammed (for example, when its status changed to unmanaged) or was reprogrammed (for example, when it was identified as tampered). This issue is fixed. NENs now use a single token for these actions.

Primary NEN node would hang in some cases (E-84111)

A logging problem that occurred in the network_enforcement service caused the primary NEN node in an HA cluster to hang, which was subsequently not recognized by the secondary NEN node. This issue is fixed. The primary NEN node can now tolerate logging issues that occur during the network_enforcement service and the Secondary NEN node now recognizes when the Primary node hasn't sent its status to the PCE for 3 minutes.