Skip to content

LLRN 7.12

These are low-level release notes for IP Fabric release branch 7.12. Please note, that this page contains very low-level information about the actual release, which can lead to false conclusions if you don’t have access to the tickets. On the other hand, it can provide valuable information, if you are looking for a particular detail. This release branch contains a total of 283 fixed issues.

7.12.2

Bugs

Anything that we considered an incorrect behavior. Something that was not working as expected or turned out that did not meet customers’ demand.

  • NIM-23747 – High – NetFlow interfaces not populated for all devices
  • NIM-23975 – High – Slow getCiscoVxlanDuplicitIp PSQL query
  • NIM-24038 – Medium – GCP - Investigate “Couldn’t validate Rule (), “name” is not allowed to be empty” error messages
  • NIM-24056 – High – Multicast E2E Path Lookup – DROP “Multicast route between source IP and group IP not found” on IOS-XR (Bundle-Ether1.86 (0x40000c0) missing in OIL)
  • NIM-24077 – Highest – Worker uncaughtException - cannot create property loggingEntityId on string [unserializable masked data]
  • NIM-24079 – Medium – ABTaskMapResultError: emitError is not a function
  • NIM-24080 – Medium – ABParseError: Unexpected value: ‘link-down’
  • NIM-24081 – Medium – ABParseError: Likely duplicate neighbor with IP 0.0.0.0 parsed on interface: Gi4/0/15!
  • NIM-24082 – Medium – ABNoConfig: Couldn’t get platform/model for cisco (nx-os), ValidationError: “model” is required - Exablaze Triton
  • NIM-24091 – Highest – Velocloud, missing routing and ARP tables when using api-workers [revert]
  • NIM-24093 – High – No Configuration Files from IPv4 devices was retrieved
  • NIM-24104 – High – Force Stopped Snapshot Not Properly Reflect State

7.12.1

Epics

Epics are high-level features, that may consist of many tasks.

  • NIM-17133 – High – Unified logger
  • NIM-20429 – Low – Discovery Settings Forms UI refactoring - Improvements [Next]
  • NIM-22233 – Medium – Add support for Meraki VRF
  • NIM-22640 – Medium – Discovery API initial design
  • NIM-22653 – Medium – SPB phase 1 - IS-IS neighbors
  • NIM-22654 – Medium – Phase 1a: Get cloud resources using collector - NSGs (ACLs)
  • NIM-22656 – Medium – Phase 1b: Get cloud resources using collector - public IPs
  • NIM-22659 – Medium – Phase 1b: Get cloud resources using collector - endpoint groups
  • NIM-22662 – Medium – Phase 1b: Get cloud resources using collector - private links
  • NIM-22923 – Medium – Cloud - Known issues
  • NIM-22965 – Medium – Phase 1a: Get cloud resources using collector - resource hierarchy
  • NIM-23103 – Medium – D-Link support - DGS-1210 Series
  • NIM-23127 – Medium – D-Link support - DES-3028 Series
  • NIM-23213 – Medium – Phase 1b: Cloud network peerings using collector
  • NIM-23270 – Medium – Implement Kafka as part of the Discovery and Platform interface
  • NIM-23364 – Medium – Cloud load balancers - GCP SSL certificates
  • NIM-23378 – Medium – Phase 1a: Get cloud resources using collector - routeTables
  • NIM-23516 – Medium – Phase 1b: Get cloud resources using collector - virtualMachines
  • NIM-23520 – Medium – Phase 1b: Get cloud resources using collector - nodes
  • NIM-23528 – Medium – Meraki filters implementation
  • NIM-23566 – Highest – Verification of the Kafka flow before making it default
  • NIM-23578 – High – Phase 2c - Part 0: Pathlookup foundation
  • NIM-23673 – High – Azure path lookup failures
  • NIM-23764 – Medium – Cloud - “unlicensed” constructs to NOT consume license

Bugs

Anything that we considered an incorrect behavior. Something that was not working as expected or turned out that did not meet customers’ demand.

  • NIM-18122 – High – Path-lookup from Azure ends in routing loop
  • NIM-18708 – Highest – Path lookup - match for application field is not equal but includes
  • NIM-19185 – High – Investigate usage of Ipv4 min/max methods in startingConfigurationStrategy
  • NIM-19603 – Medium – Permission denied during removal of ipfabric-logo
  • NIM-21511 – Medium – Fix type errors in backend-testing
  • NIM-21515 – Medium – Fix type error in discovery-testing
  • NIM-21578 – Highest – PaloAlto login issues
  • NIM-21710 – Medium – Error “already exists in IP pools” when scanner subnet is in Exclude list
  • NIM-21774 – High – New scanner is also scanning local routes
  • NIM-22184 – Medium – Mikrotik OSPF routerId can be a string (not just IP)
  • NIM-22273 – Low – Intent Webhook documentation not updated
  • NIM-22296 – Medium – Fix type issues in discovery-shared and migrations packages with the latest version of @types/lodash
  • NIM-22420 – Highest – Worker restart can cause a stuck discovery
  • NIM-22447 – Highest – Failing e2e on missing VRF
  • NIM-22496 – Highest – Vendor API discovery does not retry when we get connect ETIMEDOUT
  • NIM-22517 – Highest – PaloAlto missing MAC on subinterfaces causing problems with path lookups
  • NIM-22669 – Highest – Discovery stuck on Discovery onDone started
  • NIM-22711 – High – Duplicated Path Inspector paths on port channels
  • NIM-22769 – High – Discovery Connectivity Report takes ~6 seconds to load, PSQL
  • NIM-22871 – Highest – Velocloud, missing routing and ARP tables when using api-workers
  • NIM-22938 – High – Worker keeps waiting for command output after session is closed by the server
  • NIM-22968 – Medium – GCP - No Cloud NAT in path lookup
  • NIM-22972 – Medium – Restoring/creating backup shows DeprecationWarning
  • NIM-23005 – Highest – Discovery workers use a large amount of RAM and never release it until they are stopped
  • NIM-23038 – High – F5OS-A API discovery does not work with RADIUS and needs a local user
  • NIM-23054 – Highest – Palo Alto vWires not all showing
  • NIM-23057 – High – PE route lookup doesn’t seem to filter based on route targets
  • NIM-23202 – High – AWS Discovery errors - Cannot read properties of undefined (reading ‘send’) (cached)
  • NIM-23227 – High – NX-OS VRF routes are not collected if BGP limit is not set
  • NIM-23237 – High – Nokia - Missing / inaccurate VRF information
  • NIM-23254 – High – Part 2 - Prompt not detected in Check Point Maestro after using clish
  • NIM-23257 – Medium – IOS-XR virtual VRF management address not gathered
  • NIM-23276 – Medium – reset-user-password function of ipf-backend-cli-tools doesn’t see the user
  • NIM-23298 – High – Broken backup restore functionality
  • NIM-23335 – High – Slow PSQL query establishNeighborshipOnlyL3Ipv4List
  • NIM-23339 – High – Slow Set L2Edge task
  • NIM-23363 – High – Vendor API connectivity tester - logging level change
  • NIM-23377 – Medium – Palo Alto – Security Policy incorrectly applies to self-originated traffic
  • NIM-23381 – High – JunOS EVO - NTP commands not run
  • NIM-23404 – High – FortiGate NAT44 parsing issue: Disabled rules show as Active - Yes
  • NIM-23413 – High – Palo Alto - Zone Firewall Rule Duplication
  • NIM-23414 – Medium – MCP - Broken configure link in status page
  • NIM-23415 – Medium – Mismatched RBAC for default positions
  • NIM-23418 – High – MCP server restart fails
  • NIM-23419 – High – MCP server - missing save notification and questionable UX
  • NIM-23420 – Medium – Switch UI component disabled state malfunction
  • NIM-23421 – Medium – ApplicationGateway - Request failed with status code 400
  • NIM-23427 – Medium – Azure - Service Tag “AzureDNS” definition wasn’t found
  • NIM-23429 – Medium – Azure - Could not find the VNET for the Load Balancer “capp-svc-lb”
  • NIM-23437 – Medium – ACI Security Evaluation – Unexpected Deny on Allowed Traffic
  • NIM-23440 – Medium – Fix D-link logo in feature-matrix
  • NIM-23444 – Medium – F5OS-C - Summary of Issues - ‘in-broadcast-pkts`
  • NIM-23465 – Highest – Fix Advanced routing mode on Palo Alto pan-os
  • NIM-23476 – Highest – Azure - Default rule not applied
  • NIM-23488 – Medium – D-Link DGS1250 - Unable to validate LLDP neighbor - capabilities
  • NIM-23490 – Medium – Azure VirtualNetworkGateway - cannot read routes (IPv6)
  • NIM-23491 – High – Snapshot load can not continue in case of a crash
  • NIM-23492 – High – Connectivity Report page won’t load
  • NIM-23500 – High – Devices cannot be deleted from snapshot
  • NIM-23525 – High – Very slow PSQL query getUnscannedPrefixes causing discovery issues
  • NIM-23526 – High – Juniper - Missing details (Zone Firewall / NAT44)
  • NIM-23531 – High – Cisco IOS-XE syslog parsing: host shown as fqdn instead of actual FQDN
  • NIM-23533 – High – GCP API response pagination issue
  • NIM-23535 – Medium – Config sanitization issue on Mikrotik - SNMP trap community not redacted
  • NIM-23537 – High – Stuck discovery after start from wizard
  • NIM-23556 – Medium – Messages from previous discovery can leak into next one
  • NIM-23596 – Medium – ABParseError: Couldn’t validate route “::/0”, Couldn’t normalize the IPv6 address “B”
  • NIM-23598 – Highest – Refresh device will quietly update Local Settings for some Vendors API
  • NIM-23601 – Highest – PSQL slow query - getSwitchToAp
  • NIM-23603 – Highest – Slow Tasker discovery PSQL query - setCliJobsAsFoundNotInSubnets
  • NIM-23608 – Highest – Maximum number of parallel sessions appears to NOT be respected during SSH discovery
  • NIM-23610 – High – Alcatel EOS ABTaskMapResultError tasks/l3Interfaces “[0].ipList[1].type” must be one of [secondary, virtual, vip-nat, internal]
  • NIM-23614 – Highest – Snapshot upload fails topology calculation with ENOENT
  • NIM-23625 – High – GCP - Investigate why commands fail for projects
  • NIM-23629 – Medium – Could not validate the learned route ExpressRoute circuit
  • NIM-23638 – Medium – Azure - Service Tag “CorpNetPublic” definition wasn’t found
  • NIM-23639 – High – E2E PL - ACI security evaluation - wrong VNI used for security evaluation
  • NIM-23652 – Highest – Backup creation fails on pg_dump
  • NIM-23675 – Highest – Foreign keys are dropped for partitioned tables
  • NIM-23678 – Medium – GCP Could not validate backendService Error: Cannot read properties of undefined (reading ‘map’)
  • NIM-23679 – Highest – IPv4 Managed IP Summary table does not include virtual-type IP addresses
  • NIM-23690 – Medium – GCP - Path lookup ACL evaluation incorrect for Echo request (ICMP)
  • NIM-23697 – Medium – Azure - global peering routes are silently skipped
  • NIM-23701 – Medium – Azure ExpressRoute cross-subscription prefix resolution failing
  • NIM-23706 – Highest – Azure FW - pathlookup investigation
  • NIM-23723 – High – GCP Cloud tags are not present
  • NIM-23724 – Medium – Multiple accVlan is causing topology calculation failure
  • NIM-23741 – High – GCP - new cloud model - routeTableId is not populated for GCP subnets
  • NIM-23797 – Medium – Azure - Pathlookup bypasses AD when prefix length ties
  • NIM-23802 – High – FMC - FatalError: Cannot read properties of undefined (reading ‘replace’)
  • NIM-23810 – Medium – Azure ACL: VirtualNetwork service tag IP list does not account for subnets with no NIC attached
  • NIM-23812 – Medium – Azure VNGW routing: UDR on GatewaySubnet bypassed for traffic destined to peered VNets
  • NIM-23821 – High – Azure tasks/ipsec: ECP-group dhGroup strings not parsed — “dhGroup must be >= 1” validation error
  • NIM-23822 – Medium – Azure Virtual WAN VPN Gateway fails with ValidationError when customBgpIpAddresses is empty
  • NIM-23846 – Highest – Stuck discovery due to stuck scanworker jobs - no IPs to scan after applying the exclude list
  • NIM-23851 – High – GCP - Investigate duplicate interface issue
  • NIM-23855 – Medium – GCP - Investigate empty forwarding rule matches errors
  • NIM-23868 – Highest – GCP pagination does not apply to projects list
  • NIM-23882 – High – Azure getLearnedRoutes: wrong subscription used when VNet is peered with gateway in a different subscription
  • NIM-23887 – Medium – Azure: VirtualNetwork service tag does not account for UDR prefixes
  • NIM-23889 – Medium – GCP - Remove emission of errors for empty NEGs and unassigned tags
  • NIM-23892 – Medium – GCP - Investigate “Could not validate rule chain - “action” does not match any of the allowed types” issue
  • NIM-23926 – Medium – ABParseError: No interface sections detected!
  • NIM-23929 – Medium – ABParseError: Cannot parse transceiver details on port “0_0_0_2”: Error: Validation failed! ✖ Invalid input → at sn
  • NIM-23931 – Medium – Azure: Skip Databricks-managed NICs when fetching effectiveRouteTable
  • NIM-23945 – Highest – Investigate path-lookup E2E test failures in PSQL v7.11, v7.12 and main
  • NIM-23950 – Medium – Discovery Tasks GUI: SSL Certificates task missing from discoverable tasks list
  • NIM-23951 – Medium – GCP - Investigate “Cannot find routerStatus” error messages
  • NIM-23956 – Medium – ABParseError: Couldn’t validate LLDP neighbor: “f5-zwna-hzim” on interface “10.0”
  • NIM-23966 – High – ACI host appearing on vlan 621 and 613 + exception on leaf (RCSFR2333)
  • NIM-23971 – Highest – Force-stopped snapshot can’t be unloaded / deleted
  • NIM-23972 – Highest – AWS - commands/aws/elb/describeTargetHealth excessive duration leading to slow discoveries
  • NIM-23976 – High – Slow copyFexAttributesToVAttribute PSQL query
  • NIM-23980 – Medium – GCP - Investigate “No associated VPN tunnel found” issues
  • NIM-23988 – Medium – Azure - tasks/virtualServer ValidationError: “routingRules” does not contain 1 required value(s)
  • NIM-23993 – High – GCP - Forwarding error
  • NIM-24025 – Highest – Snapshot load fails on latest 7.11
  • NIM-24034 – Medium – ABTaskMapResultError: Missing intName for a switch client 5876.9c00.13d6!
  • NIM-24036 – Medium – ABTaskMapResultError: “neiIpList[1]” must be a valid ip address of one of the following versions [ipv4] with a forbidden CIDR
  • NIM-24054 – Highest – Discovery Workers Keep Failing
  • NIM-24058 – Medium – ABTaskMapResultError: Couldn’t map member priority.
  • NIM-24074 – Medium – ABParseError: Unsupported time string ‘now’ - cannot parse it to seconds!

Tasks

Task may be associated into Epics or Stories to form complex features.

  • NIM-17566 – Highest – Move discovery to the new @ipfabric/logger
  • NIM-20978 – Medium – Meraki - MX Firewall L3 rules implementation
  • NIM-21123 – Medium – Ensure the appliance’s rabbitmq-server can upgrade to Debian 13
  • NIM-21202 – Medium – Migrate security schema to Zod
  • NIM-21216 – Medium – Joi to JSON - tasks/bgp
  • NIM-22044 – Low – PH5 Switch Discovery Settings to new version
  • NIM-22137 – Medium – Collect all public IPs under collector - AWS
  • NIM-22138 – Medium – Collect all NSGs (ACLs) under collector - AWS
  • NIM-22157 – Medium – Collect all endpoint groups under collector - AWS
  • NIM-22158 – Medium – Collect all private links under collector - AWS
  • NIM-22206 – Medium – Collect SSL certificates for GCP LoadBalancers
  • NIM-22236 – Medium – Meraki - VRF support - implementation
  • NIM-22525 – Medium – Collect all NSGs (ACLs) under collector - Azure
  • NIM-22526 – Medium – Collect all public IPs under collector - Azure
  • NIM-22528 – Medium – Collect all NSGs (ACLs) under collector - GCP
  • NIM-22537 – Medium – Collect all endpoint groups under collector - Azure
  • NIM-22538 – Medium – Collect all endpoint groups under collector - GCP
  • NIM-22539 – Medium – Collect all private links under collector - GCP
  • NIM-22540 – Medium – Collect all private links under collector - Azure
  • NIM-22655 – Medium – Implement tasks/isis on alcatel
  • NIM-22657 – Medium – Implement tasks/isis on extreme/voss
  • NIM-23104 – Medium – D-Link DGS-1210 - Init
  • NIM-23105 – Medium – D-Link DGS-1210 - Device info
  • NIM-23106 – Medium – D-Link DGS-1210 - Basic Networking Part 1
  • NIM-23107 – Medium – D-Link DGS-1210 - Basic Networking Part 2
  • NIM-23108 – Medium – D-Link DGS-1210 - Basic Network Management
  • NIM-23109 – Medium – Create a discovery task to collect resource hierarchy + AWS implementation
  • NIM-23110 – Medium – Collect resource hierarchy - GCP
  • NIM-23111 – Medium – Collect resource hierarchy - Azure
  • NIM-23128 – Medium – D-Link DES-3028 - Init
  • NIM-23129 – Medium – D-Link DES-3028 - Device info
  • NIM-23130 – Medium – D-Link DES-3028 - Basic Networking Part 1
  • NIM-23131 – Medium – D-Link DES-3028 - Basic Networking Part 2
  • NIM-23132 – Medium – D-Link DES-3028 - Basic Network Management
  • NIM-23145 – Medium – Enable mode passwords - No passwords box design update
  • NIM-23146 – Medium – Site separation - design update
  • NIM-23152 – Highest – Schedule syslog worker job in Platform
  • NIM-23197 – Medium – RabbitMQ Queue Management
  • NIM-23214 – Medium – Collect cloud network peerings under collector - AWS
  • NIM-23215 – Medium – Collect cloud network peerings under collector - Azure
  • NIM-23216 – Medium – Collect cloud network peerings under collector - GCP
  • NIM-23281 – Medium – Add Reconnect and Error Handling for Kafka Consumer in Platform
  • NIM-23307 – Medium – Define and validate AIM data model extensions
  • NIM-23308 – Medium – Implement AIM data model extensions in on-premise network model
  • NIM-23310 – High – Implement AIM data ingestion mechanism from CSV files
  • NIM-23322 – Medium – Prepare AGENTS.md file for discovery-shared
  • NIM-23326 – Medium – Stream vErrorReports in ipf-logs and Store it in Platform DB
  • NIM-23349 – Medium – Reduce responses of MCP to include only valuable data
  • NIM-23358 – Medium – Change $id in generated strictified JSON schema variants
  • NIM-23360 – Medium – Relax the data version check in Kafka events schema from exact string to semver string for consumers
  • NIM-23373 – Medium – Prepare NSG task schema
  • NIM-23375 – Medium – Add UI page to IPF to enable MCP server after agreeing to license
  • NIM-23376 – Medium – cloud routeTables updater
  • NIM-23379 – Medium – routeTables - Azure
  • NIM-23384 – Medium – routeTables - GCP - add tag support
  • NIM-23391 – Medium – routeTables - AWS
  • NIM-23405 – Medium – Stream vDns in ipf-logs and Store it in Platform DB
  • NIM-23406 – Medium – Stream vTask in ipf-logs and Store it in Platform DB
  • NIM-23412 – Medium – Count stats for updateDesignatedPortId query
  • NIM-23425 – Medium – Create a manual pipeline to automate appliance version freeze in qa-tests
  • NIM-23428 – Highest – Move platform to the new @ipfabric/logger
  • NIM-23438 – Medium – Create ipf-sync Kafka Topic
  • NIM-23442 – Medium – routeTables - GCP - extend support
  • NIM-23448 – Medium – Test appliance with split discovery flow (performance)
  • NIM-23460 – High – Unify usage of LogLevel and logLevels from ipfabric/logger instead
  • NIM-23461 – Highest – Read meta json files on snapshot load and store them in db
  • NIM-23464 – Medium – Save network peerings into DB
  • NIM-23470 – Medium – ACI endpoint caching by IP in e2e DB accessor
  • NIM-23477 – Medium – GCP - gather VM/NIC network tags
  • NIM-23481 – Medium – Clean up all the references under backend-utils/…/logger/*
  • NIM-23497 – Medium – Add unit tests for IP/CIDR matching and CIDR formatting functions
  • NIM-23515 – Medium – Update files in snapshots meta folder only from the platform
  • NIM-23517 – Medium – Collect virtualMachines under collector - AWS
  • NIM-23518 – Medium – Collect virtualMachines under collector - Azure
  • NIM-23519 – Medium – Collect virtualMachines under collector - GCP
  • NIM-23521 – Medium – collect nodes under collector - AWS
  • NIM-23522 – Medium – collect nodes under collector - Azure
  • NIM-23523 – Medium – collect nodes under collector - GCP
  • NIM-23524 – Medium – cloud nodes - updater & DB
  • NIM-23532 – Highest – Increase the default heartbeat interval from 60s to 10min
  • NIM-23539 – Medium – Convert ID column of eHasApiScopes to UUID
  • NIM-23543 – Medium – Kafka Producer Preserves Order
  • NIM-23544 – Medium – Debian 13 - run postgresql cluster upgrade manually
  • NIM-23546 – Medium – Remove unused code identified by static analysis
  • NIM-23549 – Medium – Collect virtualMachines under collector - updater/DB
  • NIM-23552 – Medium – Add new task for mapping tags/prefix lists etc. to IP addresses
  • NIM-23555 – High – ipf-system-upgrade: UI service does not run on python 3.13 (Debian Trixie) due to dependency issue
  • NIM-23569 – High – Remove default partitions
  • NIM-23570 – Medium – Analyze qa-tests for tests related to Kafka data flow
  • NIM-23571 – Medium – Prepare MQ epic to manually test the Kafka flow
  • NIM-23572 – Medium – Create e2e tests for Kafka data flow
  • NIM-23573 – Medium – Meraki - Catalyst IOS-XE - research/bug fixing
  • NIM-23593 – Medium – Enable D-Link OUIs for discovery
  • NIM-23599 – Medium – Collect all public IPs under collector - Updater/DB
  • NIM-23600 – Medium – Drop NOT NULL constraint on vCloudRouteTables.vCloudNetworksId
  • NIM-23602 – Medium – Run-time contract version check when new discovery is requested
  • NIM-23605 – Medium – D-Link DES-3000 - improve ver detection
  • NIM-23606 – Medium – Add Troubleshooting Section to ipf-kafka README.md
  • NIM-23609 – Medium – Replace logger.trace with logger.debug
  • NIM-23621 – High – Cloud Pathlookup code foundations
  • NIM-23627 – Medium – Cloud security - DB & updater
  • NIM-23635 – Medium – Create e2e robustness tests. ipf-api restart mid snapshot load
  • NIM-23649 – Medium – Replace Platformatic/Kafka With Confluentinc/KafkaJS library
  • NIM-23672 – Medium – Collect references under collector - Azure
  • NIM-23680 – Medium – Private links - Updater
  • NIM-23691 – Highest – Create migration for _meta properties
  • NIM-23752 – Medium – Replace TEST_DATA_REPOSITORY_TOKEN with CI_JOB_TOKEN in qa-tests repo
  • NIM-23765 – Medium – Set the “vpce” devType as unlicensed
  • NIM-23787 – Medium – Replace show config running with show config merged for Palo Alto
  • NIM-23856 – Medium – Allow use of pexpect backend for duplicity SFTP backups
  • NIM-23863 – Medium – Deprecate columns in existing cloud tables
  • NIM-23987 – Medium – Azure security: hide informational emitError from customer GUI in getPostRoutingRules
  • NIM-24008 – Medium – enable cloud/dns for the collector (Azure only)

7.12.0

Bugs

Anything that we considered an incorrect behavior. Something that was not working as expected or turned out that did not meet customers’ demand.

  • NIM-21624 – High – Path Sim - Cisco ACI path is not using correct L3Out - wrong PBR evaluation
  • NIM-23585 – Highest – Fail to import vDevice table when loading techsupport due to vVirtualMachines table being loaded after vDevice

Tasks

Task may be associated into Epics or Stories to form complex features.

  • NIM-22287 – Medium – Meraki L7 rules implementation
  • NIM-23313 – Highest – Implement inventory tables for Applications, Workloads, Flows and Devices
  • NIM-23813 – Medium – Nightly builds - prepare new pipeline schedule for version 7.12