Skip to content

IP Fabric v6.1 (Burlap)

Upgrade Version Policy

We support the following upgrade paths:

  • the latest version in the previous major line → any version in the current major line (for example 5.0.26.1.3)
  • any version in the current major line → any newer version in the current major line (for example 6.0.16.2.3)
  • the latest version in the current major line → any version in the next major line (for example 6.2.57.1.3)

Clearing Browser Cache

To ensure the product works as intended, please force refresh your browser cache after each IP Fabric upgrade.

The key combination for doing this depends on your operating system. In your browser window with your IP Fabric appliance’s URL opened, use one of the following key combinations:

  • Windows: Ctrl + F5
  • macOS: Command + Shift + R
  • Linux: Ctrl + F5

This will only affect the browser cache for the IP Fabric appliance.

v6.1.1 (March 9th, 2023)

SHA256 (ipfabric-6-1-1+0.qcow2) = adec5400c7c44adb05cca7b5efff603cc05e0520f1c1e48b7459c6a66d10a6d9
MD5 (ipfabric-6-1-1+0.qcow2) = 4ff2faac23a805d5eb78003c0747a6e0
SHA256 (ipfabric-6-1-1+0.ova) = db3b8bea71bf9055fc709be4ca4fc0a9cd612e21bcf1505ae3a4f07125774684
MD5 (ipfabric-6-1-1+0.ova) = ba97b2e11638316880954551df1ed85b
SHA256 (ipfabric-update-6_1_1+0.tar.gz.sig) = 6ff25b1afd03d9776a910b5fb4f9985aca521dbad613764c6d591cecce0cb629
MD5(ipfabric-update-6_1_1+0.tar.gz.sig) = 60a744a3859812d34ccb107ed0e6ee6a

For the list of delivered tickets, please consult the Low-Level Release Notes for 6.1.1.

Bug Fixes

  • Issue of switching into FortiGate VDOM fixed
  • Speed of Check Point discovery optimized – parallel load of API data enabled, and duplicate requests eliminated
  • Cisco show flow monitor command parsing refactored to prevent an issue of a too high regular expression backtracking

v6.1.0 (February 21st, 2023)

SHA256 (ipfabric-6-1-0+12-latest.qcow2) = ebbd30d57419b1dae9589cd927c76d35a5822d29210642db6e4dd7e81a03ce90
MD5 (ipfabric-6-1-0+12-latest.qcow2) = 35b0fba9be9b70626c99d98c7570e230
SHA256 (ipfabric-6-1-0+12-latest.ova) = de385da7914759cd9bd3f43215aa4d1ed2e9354a774cbbcd89630c7026e46a53
MD5 (ipfabric-6-1-0+12-latest.ova) = dd8433e782876263ed54a44789bfb0db
SHA256 (ipfabric-update-6_1_0+12.tar.gz.sig) = e93862fe12af5c15e105631fa82d7512aa97afa92fcb406965f33472bc97ab11
MD5(ipfabric-update-6_1_0+12.tar.gz.sig) = 593a4b885d12dfb88bca31b57e4c2165

For the list of delivered tickets, please consult the Low-Level Release Notes for 6.1.0.

Upgrade Notices

  • Upgrade to 6.1 will break custom SSO integrations and will require a change to the /etc/ipf-dex.yaml file. Simply replace the v6.0 string in this file with v6.1 and then run systemctl restart ipf-dex. If you would like assistance, please contact your Solution Architect.
  • Forcepoint – More features supported, mainly added support for SMC API (see our feature matrix for more details).

Noticeable Changes

  • Removed the End User Licensing agreement (EULA) acceptance step on a user’s first log-in. A user approves EULA on loading a license.
  • Web front-end migrated from local storage to cookie-based storage for access and refresh tokens.
  • Vendor API configuration now has two additional fields – slug (required) and comment (optional). See the API section for more information.
    • During the upgrade the required field slug will be auto-generated for all current configured API providers.
  • Clearing the database while keeping application settings no longer removes API tokens from the database.
  • SSO configuration now allows for the use of roleName in the /opt/nimpee/conf.d/api.json file. Please see Single Sign On (SSO).
    • It is recommended to migrate from roleId to roleName for consistency and human readability.
  • During the upgrade, all snapshots – including locked snapshots – will be unloaded. Once the upgrade is completed, please load an existing snapshot, or perform a new discovery to populate network data in IP Fabric.
  • String table columns now support case insensitive regular expression operator and its negation.
  • Added a column to show if Check Point rules are active.
  • Removed “Technology > Spanning Tree > STP Stability” table from frontend and marked API endpoint /tables/spanning-tree/topology deprecated. “STP instances” table can be used instead.
  • Clarified password requirements and complexity checks for the osadmin user.
  • Added a hard limit on number of retries for all HTTP-based vendor API discovery (except AWS). These are triggered when vendor API server is assumed to be overloaded.

Bug Fixes

  • Resolved an issue with Check Point rules displaying incorrect values for rule names and remarks.
  • Resolved an issue where entries are not being created for hosts when there is a routing table entry for the specific host address.
  • Resolved an issue where table privileges for non-admin users were not interpreted correctly in graphs. Non-admin users with table privileges are now able to see graphs correctly.
  • Resolved an issue where traffic shaper configured over 90Mbps incorrectly shows 3Mbps after reboot.

Network Discovery

  • Alcatel – Added support of basic discovery (see our feature matrix for more details).
  • Arista – Updated EoL information.
  • AWS – The IAM policy has been updated. There are 2 more endpoints required for the discovery of AWS infrastructure. See the Amazon Web Services page.
  • Brocade
    • Added support for stack.
    • Added EoL information.
  • Check Point – Added support for NAT.
  • Cisco
    • Added support for FabricPath in end-to-end path tracing.
    • Updated EoL information.
    • Viptela
      • Device information will not be fetched if the device is not successfully synchronized within the vManage.
      • Lowered the maximum number of concurrent requests from a discovery worker to a Viptela server from 250 to 75 concurrent requests. This should decrease the workload on the Viptela server and increase its availability during the discovery process.
  • Extreme – Updated EoL information.
  • F5
    • Added support for discovering multiple instances on a VELOS chassis.
    • Updated EoL information.
  • Fortinet
    • Added support for NAT.
    • Updated EoL information.
  • HP
    • Updated EoL information.
    • Comware – Added support for route-policies and routing protocols filter-policies. There is a known issue in case route-policy and policy-based-route have the same name, only policy-based-route will be visible in route-maps table.
  • Juniper SRX – Added support for NAT.
  • Palo Alto
    • Added support for NAT.
    • Updated EoL information.
    • Prisma – Added support of basic discovery (see our feature matrix for more details).
  • Policy Based Routing (PBR) – Added support for PBR on Cisco (IOS, IOS-XE, NX-OS), FortiGate (Fortinet) and HP (Comware) devices. See Routing page.
  • Ruckus – Added EoL information.
  • Silver Peak – Added support for two new login types (RADIUS and TACACS+).
  • Versa – Added support for end-to-end path tracing with Versa SD-WAN.