IP Fabric v6.6
Upgrade version policy
We support the following upgrade paths:
- latest version in the previous major line → any version in the current major line (for example
- any version in the current major line → any newer version in the current major line (for example
- latest version in the current major line → any version in the next major line (for example
Clearing Browser Cache
To ensure the product works as intended, please force refresh your browser cache after each IP Fabric upgrade.
The key combination for doing this depends on your operating system. In your browser window with your IP Fabric appliance’s URL opened, use one of the following key combinations:
This will only affect the browser cache for the IP Fabric appliance.
v6.6.3 (January 29th, 2024; GA)
SHA256 (ipfabric-update-6-6-3+0.tar.gz.sig) = 467a1a5147f9a061b070d3c04ad773ab8d4db85ccb3df55312fb50bac708b06c
MD5 (ipfabric-update-6-6-3+0.tar.gz.sig) = e9d275e4bb60dedd5d2c062a4e5f0847
SHA256 (ipfabric-6-6-3+0.qcow2) = c285d5e3ce51c90634d8b7fd8529e97a760ace2de25e087a3c616baf19d6b202
MD5 (ipfabric-6-6-3+0.qcow2) = 8cfe67f86af443bee7b1609bffbd6bc5
SHA256 (ipfabric-6-6-3+0.ova) = 7b351e5ce065d21f2665a54862d8b9a6894f442200a8a56c7d1c6bf756c8996c
MD5 (ipfabric-6-6-3+0.ova) = e52d04cfcde3d68bc768010785762249
- During the update process, locked snapshots will be unloaded together with other snapshots and their lock will be preserved. Therefore, such snapshots won’t be deleted by snapshot retention.
v6.6may break custom SSO integrations and will require a change to the
6.3.2release, we are omitting minor API version for SSO configuration and only major version will need to be changed with the next major IP Fabric version. Simply replace the
vX.Yin this file with
v6and then run
systemctl restart ipf-dex.
staticClients: - id: ipfabric redirectURIs: - "https://demo1.eu.ipfabric.io/api/vX/auth/external/azure"
For more information, please refer to the SSO documentation. If you would like assistance please contact your Solution Architect.
- FortiGate – Added initial support for Aggregate IPsec tunnels with limited support in path-lookup – evaluation of security rules is not supported yet.
- Palo Alto
- FMC – Added support for Device Groups
- All families – Devices banners are now being parsed and stored in our tables. See Banner for more details.
- EOS – Devices banners are now being parsed and stored in our tables. See Banner for more details.
- Palo Alto
- PAN-OS – Devices banners are now being parsed and stored in our tables. See Banner for more details.
Important product changes
- API-discovered devices are now available in the global Device Attributes settings via Serial number search autocomplete.
- A request to
POST /discovery/trigger-config-backupnow will return
403 Forbiddeninstead of
404 Not Foundif an API-discovered device
snis provided as parameter.
- API worker maximum memory usage is now limited to 8GB (instead of 4GB) to minimize possibility out of memory crash because of heavy calculations operations.
- Cisco FMC API client can detect refresh token expiration and re-authenticate when it happens.
- Only Force Point API client will repeat requests which failed with recoverable network errors (was previously enabled for all client). Configuration of number of requests, timeouts etc. is hard-coded as described in previous release notes. We are working on runtime configuration, which would enable tweaking those with IP Fabric Support assistance.
Newly added features which need to be explicitly enabled in service files. If you are interested in trying them out, please contact our Support or Solution Architect team and we will gladly help you with enabling these features.
- Citrix ADC
- Basic discovery support was added as PoC and needs to be enabled manually
- Basic discovery support was added as PoC and needs to be enabled manually (
State refresh issues in
Discovery Snapshot section with webhook enabled
When a webhook is configured and enabled in Settings → Integration → Webhooks, a newly started discovery won’t show progress until you switch to another menu section (for example Dashboard) and back to Discovery Snapshot (or until you refresh the page).
|With webhook – incorrect behavior
|Without webhook – correct behavior
You may also encounter that after deleting a snapshot, it is still being shown
Loaded/Unloaded Snapshots until you switch to another menu section and
back (or until you refresh the page).
Network Analysis Report table not showing all loaded snapshots
Reports → Network Analysis Report should allow you to download
Analysis Report documents for each loaded snapshot. However, on version
(and a few previous major releases), it does not show all loaded snapshots.
This will be addressed in the upcoming
A workaround is to reboot the IP Fabric appliance or just restart the IP Fabric
API service (with
sudo systemctl restart nimpee-api).