CDRouter 12.0 March 26, 2020
Important Installation Notes
The following prerequisites must be met before upgrading to CDRouter 12.0:
➊ New minimum system requirements
CDRouter 12.0 requires a CentOS 7 or CentOS 8 operating system. The Ubuntu and CentOS 6 operating systems are no longer supported, and CDRouter 12.0 will not install if you are using one of these operating systems.
NTA1000 platforms running CentOS 6 should be upgraded using the Rebuild the NTA1000 Operating System guide prior to installing CDRouter 12.0. Other (non-NTA1000) platforms are no longer supported by CDRouter 12.0.
If you do not have an NTA1000 or are otherwise unable to upgrade your operating system from Ubuntu or CentOS 6, please contact firstname.lastname@example.org for assistance.
➋ Minimum CDRouter version requirement
You must install CDRouter 11.8.2 before upgrading to CDRouter 12.0. Earlier versions of CDRouter cannot be upgraded directly to CDRouter 12.0. If you are running an older version of CDRouter, please upgrade to CDRouter 11.8.2 first, then upgrade to CDRouter 12.0.
Note that the auto-upgrade utility in CDRouter’s web interface will not be able to install CDRouter 12.0 unless you are already running version 11.8.2.
Please follow the “Manual installation” instructions in the CDRouter Installation and Upgrade Guide to manually install CDRouter 11.8.2 prior to upgrading to CDRouter 12.0. You will then need to repeat the upgrade procedure to install CDRouter 12.0.
➌ New procedure for installing CDRouter
CDRouter 12.0 and subsequent versions will now be distributed as an rpm file that is only supported by the CentOS 7 and 8 operating systems.
The CDRouter Installation and Upgrade Guide has been updated with instructions for manually installing and upgrading CDRouter with the new installer format.
Please contact email@example.com if you need any assistance.
➍ Config upgrades
CDRouter 12.0 includes many new features and configuration testvars. Old config files can be automatically upgraded to include all new CDRouter 12.0 testvars using the config upgrade utility.
New Features and Enhancements
New Security Add-on!
We are very excited to introduce the CDRouter Security add-on! This add-on includes a number of features designed to test and evaluate the overall security of a CPE device. Included with the Security add-on are port scanning tools utilizing Nmap, a new traffic analysis feature based on Suricata, and two new test modules for verifying schedule-based internet access restrictions which is a common parental controls feature.
Please see the CDRouter Security User Guide for more information.
New config editor view for displaying only modified testvars
The config editor within CDRouter’s web UI includes a new button labeled Expand Changed that will collapse all SECTIONs and testvar_groups in the config file that do not contain any changes. This makes it easier to see which testvars are not set to their default values. Previously, config files were displayed with all sections collapsed. Note that the expand changed view is also now the default view for all config files. [ch3673]
New USP controller domain name and TLS server certificates
The USP controller certificates shipped with previous releases of CDRouter have been replaced by a new set of test certificates signed by Sectigo.
In addition, the Common Name (CN) field of these certificates has been changed from controller.qacafe.com to controller.cdroutertest.com. The default value of the uspControllerDomain testvar, which identifies the fully-qualified domain name (FQDN) of CDRouter’s USP controller, has also been changed from controller.qacafe.com to controller.cdroutertest.com.
It is important to note that these changes may break some existing CDRouter configurations. CPE devices may fail to resolve the controller IP address through DNS and and will not be able to validate the expired TLS server certificates until your configurations have been updated.
Testvars added to this release:
internetSchedule<day-of-week>Mode: there is one of these for each day of the week. Its value can be
none. If set to
none, the DUT has no schedule for the given LAN client for that day of the week. If set to
deny, then the tests are run and the time ranges specified dictate when the LAN client should be allowed (
allow) or denied (
deny) internet access. These testvars can be configured separately for each LAN testvar group (
internetSchedule<day-of-week>Times: Again, there is one of these for each day of the week. Its value should be a time range such as
9:00am - 5:00pmwhich dictates when the LAN client should be allowed or denied internet access. These testvars can be configured separately for each LAN testvar group (
Testvars modified or removed in this release:
The testvars supportsH323AlgOutbound, supportsH323AlgInbound, and inboundH323Host are obsolete and have been removed from this release.
All wireless LAN and WAN testvars and testvar values that were deprecated in CDRouter 11.5 as part of the update required to support WPA3 have been removed. Any configs using deprecated testvars or testvar values must be updated.
The testvars supportsNmap and supportsICS have been deprecated in favor of the new testvars enableNmap and enableICS, respectively. The original testvar names will continue to work until they are removed in a future release. All configs utilizing these testvars should be updated to use the new testvar names.
The wildcard test certificates shipped with CDRouter have been updated. These certificates are used by CDRouter’s DNS servers when testing DNS over TLS (DoT) or DNS over HTTPS (DoH). Configurations that reference the old wildcard certificates will need to be updated for compatibility with CDRouter 12.0. Please see this Knowledge Base article for more information. [ch3773]
The test cases cdrouter_app_200, cdrouter_app_205, cdrouter_app_207, cdrouter_app_220, cdrouter_app_225, and cdrouter_app_227 are obsolete and have been removed from the apps test module. [ch3891]
All wireless LAN and WAN testvars and testvar values that were deprecated in CDRouter 11.5 as part of the update required to support WPA3 have been removed. Any configs using deprecated testvars or testvar values must be updated. [ch4014]
In certain configurations some wireless country codes are not fully supported by the underlying wifi drivers used by CDRouter. This may result in the drivers failing to load and the wifi interface(s) disappearing from the system.
CDRouter now attempts to restore the system to a fully working state when this error condition is detected. Specifically, CDRouter will automatically reconfigure the system to use US/840 to restore the missing interface(s) and then attempt to set the regulatory domain to the system’s default which is based on timezone. If this fails CDRouter will attempt to set the domain to US/840, and generate an error to alert the user if this is unsuccessful.
In addition, when determining the system’s default regulatory domain, which is based on timezone, US/840 will be used if the derived alpha2 domain code is considered invalid. [ch4134]
The wireless configuration verification tests in the tr69_wireless and ir181 test modules now validate that the DUT includes the client MAC in the
AssociatedDevicetable 5 seconds after the basic traffic verification step has been performed. This provides ample time for the DUT to update the
Resolved a fatal error with the wireless configuration tests in the tr69_wireless and ir181 test modules when run in multiport configurations utilizing both wireless and wired LAN interfaces. [ch3938]
Resolved an issue with CDRouter’s device data model version detection algorithm. Also addressed an issue with a
Completederror associated with the Device:2.13 data model in the tr143_http test module [ch3944]
- Resolved a false pass related to an error condition in the FTP storage tests if the initial connection was successfully established but subsequently timed out. [ch3936]