Release Notes

This release note describes known issues, and fixed issues applicable to SD-WAN software release 10.0.8 for the SD-WAN Standard Edition, WANOP, and Enterprise Edition appliances.

For information about the previous release versions, see the Citrix SD-WAN documentation.

What’s New

FTP Application Layer Gateway

The FTP Application Layer Gateway is introduced in 10.0.8. FTP connections on TCP port 21 are monitored by default and data connection requests are validated and adjusted to match the connection. NAT pinholes are not supported.

Fixed Issues

SDWANHELP-818: Once dynamic routes have learned and converged, if a configuration update happens that has a cost change performed, post activation the route ID of dynamically learned routes are reset to ‘0’ instead of staying enumerated causing even optimal routes to be deleted in a route update to the neighbor.

SDWANHELP-795: The path bandwidth test is interrupted, if -

  • The path bandwidth test is run on branches that are isolated from MCN due to the virtual path being down/disabled.

  • The MCN performs branch WAN link property change, when the branches come up.

SDWANHELP-754: When you delete the DHCP configuration, the sub objects such as DHCP relays and DHCP option sets remain as stale entries. All the child objects have to be deleted when the parent DHCP element is deleted.

SDWANHELP-742: SD-WAN service might be interrupted during STS bundle collection when the number of Application QoS rules exceeds the IP based QoS rules.

SDWANHELP-770: In HA deployment, BGP, and OSPF routes are expected to sync after 60 seconds of assuming the primary role. In some rare conditions, the sync happens before 60 seconds and as part of route cleanup, all the routes are removed from T2APP and results in loss of routes in the neighboring routers.

SDWANHELP-818: Once dynamic routes have been learned and converged, if a configuration update happens that has a cost change performed, post activation the route IDs of dynamically learned routes are reset to ‘0’ instead of staying enumerated causing even optimal routes to be deleted in a route update to the neighbor.

SDWANHELP-819: Citrix SD-WAN WANOP PE unable to establish secure peering properly.

SDWANHELP-886: SD-WAN service might be interrupted when NetFlow is enabled.

Known Issues

SDWANHELP-854: Under rare circumstances, if invalid packets are received, the system may restart. This issue may occur if path encryption was disabled from its default enabled state.

Workaround:

  1. Ensure that the path encryption is enabled.

  2. Change the Global Security Settings to Enable Extended Packet Authentication Trailer with SHA-256 Authentication Trailer Type to detect and discard any data corruption on the path.