Skip to content

IP Fabric v6.0 (Aertex)

Clearing Browser Cache

To ensure the product works as intended, please force refresh your browser cache after each IP Fabric upgrade.

The key combination for doing this depends on your operating system. In your browser window with your IP Fabric appliance’s URL opened, use one of the following key combinations:

  • Windows: Ctrl + F5
  • macOS: Command + Shift + R
  • Linux: Ctrl + F5

This will only affect the browser cache for the IP Fabric appliance.

v6.0.1 (Dec 21st, 2022)

# ipfabric-6-0-1+2.ova
OVA SHA256: a5a32953dce07ca4382196a008f9951f1cf46dd742c4399e28284f5d447bd095
OVA MD5: db20fbce5af3978ad4e6c72cb8319663
# ipfabric-6-0-1+2.qcow2
QCOW SHA256: e97f475dfe4481ca2cfc3cb38229e362a4459cae11d9e8e0dc3f8e31b8aba042
QCOW MD5: 6b572847b7230d05f484710dfeca7404
# ipfabric-update-6_0_1+2.tar.gz.sig
TAR SHA256: 8df19286b3481f4eb042238636bde733c931ce1b6e51b3f6cd37a8cb525f225b
TAR MD5: 426005561a1c0ebc0f399dcfdf102b8d

For the list of delivered tickets, please consult the Low-Level Release Notes for 6.0.1.

Bug Fixes

  • Filesystem access rights prevented proper configuration of the customer’s name in the generated techsupports.
  • Discovery – discovery was hanging on loadGraphCache causing infinite discovery
  • Logs – large logs in /var/log/nimpee/* are now not divided into multiple files and are compressed
  • Path Lookup – IP Fabric GUI crashed when running a certain E2E Path Lookup
  • Path Lookup – MPLS Path lookup displayed a graph incorrectly
  • Path Lookup – certain E2E Path lookups were displaying id=null
  • Diagrams – xDP endpoints were not displayed when viewing a link
  • Cisco – when prefix-list with no entries was present, no prefix lists were parsed for a device
  • Cisco – static MAC Addresses were not part of MAC address tables
  • Cisco – API calls to APIC were getting 400/dataset is too big response, data are now requested in smaller chunks
  • VMware NSX – Diagram routing view between Tier1 and Tier2 devices was fixed
  • VMware NSX – virtual machines were not parsed into Technology → Cloud
  • Brocade – version detection for Ruckus Switches 08.0.70 was fixed
  • F5 – managed IP addresses had incorrect VRF
  • Aruba – operating system for ArubaMM devices was not detected correctly

v6.0.0 (Nov 16th, 2022)

Not a GA

This release is available only to early adopters for testing purposes.

# ipfabric-6-0-0+21.ova
OVA SHA256: 1e38629e5e9601f996389d6e1eba3b4a0d526240dac5f42c7a7820379ca19a90
OVA MD5: edf241c2e1e8db2be17457bf5a1ae559
# ipfabric-6-0-0+21.qcow2
QCOW SHA256: 33fd3659b332605cc677ba396f56bee1e22dca6a783cbd196810722a0a97adaf
QCOW MD5: 12515e63fbff45ddd40ae24a02a9f13f
# ipfabric-update-6_0_0+21.tar.gz.sig
TAR SHA256: 3dad74435f66e26260b47f47616b5a680ab4fb71b535d35e437f868964e4d8b7
TAR MD5: afbe34c8e97bc66c2af111c1ad3715ac

For the list of delivered tickets, please consult the Low-Level Release Notes for 6.0.0.

Upgrade Notices

  • Upgrading to 6.0 is only supported from 5.0. Please upgrade to the latest 5.0 before attempting to upgrade to 6.0.
  • Upgrade to 6.0 will break custom SSO integrations and will require a change to the /etc/ipf-dex.yaml file. Simply replace the v5.0 string in this file with v6.0 and then run systemctl restart ipf-dex. If you would like assistance, please contact your Solution Architect.
  • This release brings changes to IP Fabric data model. Snapshots need to be unloaded and loaded back to be updated. The locked snapshots are not unloaded automatically. It would help if you reloaded them manually after the upgrade (unlock them, perform unload, load them back and lock them again). Otherwise, you might experience issues with diagrams, and you will be missing attributes from the snapshot.
  • Introduction of RBAC and how security tokens are currently handled led to a change in how large file downloads are handled (snapshots, tech supports, and such). Implementation has unfortunate limits, which we will address in the upcoming releases. These include missing the Content-Length header due to content being downloaded via JavaScript to browser memory. The practical impact is that the progress bar and ETA must be included. It may be extensive to the RAM.

Attributes

You can now configure custom attributes for devices, this can be found under Settings → Device Attributes.

Site separation is also fully backed by attributes by now. That resulted in API changes, for example siteKey has been removed from inventory calls.

RBAC

You can now specify the level of access a user has by restricting the ability to use only certain API Endpoints (API calls), or you can restrict which devices the user has access to via siteName Attributes scope. New settings can be found under:

  • Settings → User Management → Polices
  • Settings → User Management → Roles

Info

If you have defined custom roles in the 5.0 release, create a new Attributes scope policy to allow access to sites users need access to. Also define new API Endpoints Scope if needed. See, Policies.

Assurance Engine

  • Assurance Engine is a new tab found under global and snapshot settings.
  • Users can now disable specific tasks to speed up discovery. You can toggle the following features from the Assurance Engine:
    • Loading Graph Cache
    • Save Historical Data
    • Compute Intent Verification Rules

Changes to IP Fabric Appliance Config Wizard

  • Starting in 6.0, when setting the hostname in the config wizard, the hostname will follow RFC1035 Section 2.3.1 standards.

    <domain> ::= <subdomain> | " "
    <subdomain> ::= <label> | <subdomain> "." <label>
    <label> ::= <letter> [ [ <ldh-str> ] <let-dig> ]
    <ldh-str> ::= <let-dig-hyp> | <let-dig-hyp> <ldh-str>
    <let-dig-hyp> ::= <let-dig> | "-"
    <let-dig> ::= <letter> | <digit>
    <letter> ::= any one of the 52 alphabetic characters A through Z in upper case and a through z in lower case
    <digit> ::= any one of the ten digits 0 through 9
    

Network Discovery

  • Parallel command loading has been implemented for Cisco Meraki. This will significantly speed up discovery.
  • VMware NSX-T – Added support for E2E PathLookup with evaluation of DFW and Gateway Firewall Policies.
  • Forcepoint NGFW – Added support of basic discovery in firewall/VPN mode (see our feature matrix for more details).
  • Cisco – Added support for collecting FabricPath data.
  • Discovery bandwidth limit can be set up to 100Mb/s in UI.
  • The number of discovery workers running in parallel can be tuned, please contact the IP Fabric support team for guidance.
  • Cisco ASA, IOS, IOS-XE, NX-OS – Added support for route maps and prefix-lists (IPv4 and IPv6)
  • Hostname parsing was improved, domain parsing was added (when applicable).
  • On Palo Alto firewall new hostname format is used – hostname/vsysName instead of hostname/vsysId.
  • Logical Devices – Added a summary table of all discovered logical firewalls (contexts, VSYS, VDOM) and Cisco Nexus VDCs.
  • AWS – it is now possible to set multiple regions and AssumeRoles in one configuration.
  • Huawei – New OS version parsing. We now show more Huawei-like OS versioning e.g. V800R021C00SPC100 instead of 8.210.

Logging

  • JSON log files for all discovery services. Please note that these files can be several times (about 6x) larger than existing logs.

EULA

  • Updated the End User Licensing agreement (EULA). Current users may be asked to re-sign any existing EULA.