Manualshelf

HP Tru64 UNIX and TruCluster Server Version 5.1B-5 Patch Summary and Release Notes (March 2009)

ManualsBrandsHP ManualsSoftwareTru64 UNIX 5.0
41424344454647484950
3.2.1.14 Command Option Now Provides Additional EMX Driver Information
After installing this kit, issuing the following command for an EMX adapter will return
the hardware revision, firmware revision, SAN address, and full duplex flag attributes:
# hwmgr -get att
3.2.1.15 New EMX Subsystem Attribute Turns on LLER for Tape I/O
This release provides a new attribute, erp_ller, to the EMX subsystem that allows
you to turn on Link Level Error Recovery (LLER) for tape I/O. When enabled, the
Emulex adapter attempts to successfully complete I/O that would have otherwise failed
to a link error. If the adapter is unable to successfully complete the I/O, the I/O will be
returned with an appropriate error.
Setting erp_ller to a value of 1 enables this feature. It is turned off by default due to
issues seen with network storage routers and its handling of device resets. Command
timeout errors may be returned if a device reset is issued when Link Level Error
Recovery is enabled.
If you are experiencing failed tape I/O due to link issues, you can enable this feature
and see if it helps.
To view the current setting of the attribute use the following command:
# sysconfig -q emx erp_ller
For more information, see the revised emx(7) reference page delivered in this kit.
3.2.1.16 Kernel Attributes Protect Against ICMP Security Vulnerability
A new kernel attribute delivered in this kit, icmp_tcpseqcheck, and an existing
attribute, icmp_rejectcodemask, can protect your system against potential Internet
Control Message Protocol (ICMP) security vulnerabilities. This release note describes
these attributes and provides background information on the security issues. For
information about setting these attributes, see the revised sys_attrs_inet(5) reference
page delivered in this kit.
An overview of these attributes follows:
icmp_tcpseqcheck
Mitigates ICMP attacks against the Transmission Control Protocol (TCP) by
checking that the TCP sequence number contained in the payload of the ICMP
error message is within the range of the data already sent but not yet acknowledged.
An ICMP error message that does not pass this check is discarded. This behavior
protects TCP against spoofed ICMP packets.
icmp_rejectcodemask
A bitmask that designates the ICMP codes that the system should reject. The
icmp_rejectcodemask attribute can be used to reject any ICMP packet type,
or multiple masks can be combined to reject more than one type.
46 Tru64 UNIX Patches