Skylight performance element LT Release Notes 7.9.2
  • 09 Aug 2024
  • 3 Minutes to read
  • Contributors
  • PDF

Skylight performance element LT Release Notes 7.9.2

  • PDF

Article summary

These release notes cover the requirements, new features, and changes for the Skylight Element: LT firmware version 7.9.2. Please read all the notes prior to installing this firmware version. For more information, refer to the Skylight Element: LT User Manual.

Requirements

This firmware version applies to o the following Skylight element: LT, resulting from changes in the TLS version, the following software versions are compatible with SkyLIGHT Director Version 1.3 (now Skylight orchestrator) and above:

  • 7.1.1.1
  • 7.3.0.3
  • 7.4
  • 7.5
  • 7.6
  • 7.7
  • 7.8
  • 7.8.1
  • 7.8.2
  • 7.8.2.1
  • 7.8.3
  • 7.9
  • 7.9.1
  • 7.9.2


Note: There is a patch available for earlier versions of Skylight orchestrator. Please contact Accedian support for further information.

Firmware Version 7.9.2_24262 (2021-09-27)

New Features and Enhancements

Enhanced Software Behavior in Detecting 1000B-T SFP Speed
A generic SFP detection mechanism for all Copper SFPs has been implemented to avoid the exception list method and to complement the existing SFP speed override function implemented for fiber SFP.

It is recommended to use the SFP Speed Override feature to configure the port speed for Fiber SFPs and Copper SFPs. When the port speed/rate is overridden, the configured value will be persistent.

AutoNEG Off
This feature was designed to adapt Accedian Performance Elements with other networking units that is not supported ANEG by default in 1G interface.

Accedian units have now enabled ANEG by default and this change will avoid the ports going down when they first connect and user intervention is required every time when the connection is changed to get the link-up.

This feature helps to solve this issue by silently setting the local ANEG in PHY to be ON/OFF based on the partner ANEG:
When the Accedian PORT is configured with ANEG enable, If the signal of partner ANEG is not detected and the link is sane (no errors detected) the software will bring the link-up by updating the local ANEG in PHY to be OFF.

The feature will not change the user's ANEG configuration to be disabled. The customer can change the port connection later on and the PORT will be able to link-up again.

Please note that some functionalities using auto-negotiation advertisement as a prerequisite will not work properly if the ANEG silently is disabled, these include:

  • The protection with link-status mode.
  • The Link Loss Return.

Update OpenSSL Library
The new OpenSSL requires the CURL library version 7.73, which has a major impact to dealing with IPv6 addresses. The following details have been impacted:
• CURL 7.37: The [] style is not a MUST. A warning will pop up.
• CURL 7.73: The [] style as expressed in [RFC3986] must be used. An invalid url error message will pop up and action is canceled.

The following has also been introduced to the new OpenSSL Library:

  • TLSv1.3 (new compared to 1.0.2o):
    • TLS_AES_256_GCM_SHA384
    • TLS_CHACHA20_POLY1305_SHA256
    • TLS_AES_128_GCM_SHA256
    • TLS_AES_128_CCM_8_SHA256
    • TLS_AES_128_CCM_SHA256

TLSv1.3 includes major changes and for this reason, some things may work very differently. A brief, incomplete, summary of some things that you are likely to notice follows:

  • There are new ciphersuites that only work in TLSv1. The old ciphersuites cannot be used for TLSv1.3 connections.
  • The new ciphersuites are defined differently and do not specify the certificate type (e.g. RSA, DSA, ECDSA) or the key exchange mechanism (e.g. DHE or ECHDE). This has implications for ciphersuite configuration.
  • Clients provide a “key_share” in the ClientHello. This has consequences for “group” configuration.
  • Sessions are not established until after the main handshake has been completed. There may be a gap between the end of the handshake and the establishment of a session (or, in theory, a session may not be established at all). This could have impacts on session resumption code.
  • Renegotiation is not possible in a TLSv1.3 connection
  • More of the handshake is now encrypted.
  • More types of messages can now have extensions (this has an impact on the custom extension APIs and Certificate Transparency)
  • DSA certificates are no longer allowed in TLSv1.3 connections


Note: Only TLSv1.3 is supported at this time, therefore there is no OpenSSL to support DTLSv1.3 at this time.

Operational Considerations

Important Notes

  • The Skylight element: LT firmware is delivered in a consolidated file prefixed by “ACC”, e.g. ACC_7.X_YYYY.afl. This file contains the firmware for the GT, GX , LX and LT Performance Element products. It cannot be used with any other product.
  • IMPORTANT: Prior to upgrading the firmware on a unit where the History Buckets feature is enabled, certain precautions may need to be taken to prevent a loss of history data during the upgrade.

© 2024 Cisco and/or its affiliates. All rights reserved.
 
For more information about trademarks, please visit: Cisco trademarks
For more information about legal terms, please visit: Cisco legal terms

For legal information about Accedian Skylight products, please visit: Accedian legal terms and tradmarks



Was this article helpful?

Changing your password will log you out immediately. Use the new password to log back in.
First name must have atleast 2 characters. Numbers and special characters are not allowed.
Last name must have atleast 1 characters. Numbers and special characters are not allowed.
Enter a valid email
Enter a valid password
Your profile has been successfully updated.