Leap second on 30.6.2015: What do we need to consider?

On 30.6.2015 at 23:59:59 (UTC), a leap second will be added worldwide.
This may cause undefined issues within OpenScape Business and OpenScape Office systems that synchronize their time with an NTP server. It is recommended to switch off NTP server synchronization for the time period mentioned above, as a short term precautionary measure. In the long term, the system software will have to be updated. Systems, that are unstable after leap second addition, can be brought back to normal operation by a system restart.

In case of OpenScape Business S or OpenScape Business Booster Server additional actions has to be done. The system has to be upgraded to V1 R3.0.0 or later before applying the operating system patch provided by Novell. This Operating Patch can be found on https://www.novell.com/support/kb/doc.php?id=7016150

Below you can find a more detailed description of all the issues concerning the Leap second.

Vulnerability Details

In 2015, a positive leap second will be introduced between June 30, 23h 59m 59s and July 1, 0h 0m 0s UTC.
All NTP servers supporting Network Time Protocol version 4 according to IETF RFC 5905 and attached to an appropriate NTP time service (or configured otherwise according to the current version of the List of Leap Seconds provided by US NIST) will receive a leap second indicator during the month of June. This will be propagated to NTP clients (e.g. any Linux or Windows system kernel) somewhen (unpredictable) during the day when the leap second has to be added to the system clock. The system kernel will then add this extra second to the system clock at the end of the day (after June 30, 23h 59m 59s UTC).

The following issues are known which could potentially impact system stability or availability:

  1. Windows time service: no issues are known; there is no impact expected on applications running on Windows (client or server) operating systems
  2. Linux kernel versions 2.6.26 through 3.3: a bug in the handling of timers (due to a missing "clock was set" event during the leap second) could cause a system to consume up to 100% CPU time
  3. Novell SLES 11 (SP1 - SP3): an incomplete fix for issue #2 could cause a kernel deadlock and freeze the system

Affected Products

  • Regarding 1: No impact is expected on Unify products running on Microsoft Windows operating systems
  • Regarding 2:
    • Impacted with high risk of potential system outages or service interruptions: HiPath 4000 V6 R1 Platform and Softgate
    • Impacted with low risk:
      • OpenScape Business X1/X3/X5/X8 - all versions up to and including V1 R3
      • OpenScape Office MX - all versions up to and including V3 R3
      • OpenScape Contact Center Call Director SIP Service (OSCC CDSS) - all versions up to and including V8 R2
  • Regarding 3:
    • Impacted with high risk: None
    • Impacted with low risk:
      • OpenScape 4000 V7 R1 Platform and Softgate before V7 R1.8.3 or V7 R1.39.1 (release pending, expected beginning of June)
      • OpenScape Voice V7 R1 before V7 R1.43.1 (MOP Q3074 - release date 2015-05-14)
      • OpenScape Voice V8 before V8 R0.34.8 (MOP Q3076 - release date 2015-04-30)
      • Unify Applications if running on Novell SLES 11 (e.g. OpenScape Voice Survivability Authority, UC Application servers, OpenScape 4000 Manager, any other Management application, OpenScape Business S and Booster Server)

Recommended Actions

Important general notes:

  • Products that are not connected to an NTP service are not affected by the leap second event. As the drift for unsynchronized clocks is typically greater than one second, we also do not recommend any manual interaction to adjust the time because of the leap second event.
  • No Unify-internal test was able to produce any negative impact on any Unify product stability or availability associated with the leap second event. The residual risk for customer installations without having applied the recommended actions is rated as low. Therefore, in cases where the recommended actions can not be performed, the following alternative action can be considered: "Do nothing", but check system status after the leap second has passed. In the (unlikely) event of service outages, restart the affected servers one by one according to the individual product procedure.
    Important: this note does not apply to HiPath 4000 V6 R1 (Platform and Softgate), where significant risk for potential outages was identified
  • The recommended actions listed in this chapter should be applied latest on June 29, 2015 23:00:00 UTC (Coordinated Universal Time)

Regarding 2:

  • HiPath 4000 V6 R1, Platform and Softgate: Upgrade to latest version or at least to V6 R1.12.2 (HF003013, release date: 2012-11-29)
    Systems still running an older version at the day of the leap second could be impacted by system outage as documented in Service Knowledge Base entry KM110079 with significant probability.
    In cases where an upgrade is not possible before June, 30: install an intermediate NTP package on Platform and Softgate that enables a permanent "slew" mode and effectively prevents potential 100% CPU consumption as associated with the leap second event. The solution is available as Service Information INF-15-000243 (release date: 2015-05-13).
  • HiPath 4000 V6 R1, standalone Softgates: HF003013 is not available for standalone Softgates. Therefore, follow the recommendations provided by INF-15-000243 in all cases.
  • OpenScape Business X1/X3/X5/X8, OpenScape Office MX, OSCC CDSS:Temporarily deactivate NTP configuration via the product's standard configuration interface and reactivate it on July 1 or afterwards. The deactivation of the NTP synchronisation for a few days does not impact system stability

Regarding 3:

  • OpenScape 4000 V7 R1: Upgrade to V7 R1.8.3 or V7 R1.39.1 (release pending, expected beginning of June), or later versions.
    In cases where an upgrade is not possible before June, 30: install an intermediate NTP package on Platform and Softgate that enables a permanent "slew" mode and effectively prevents a potential kernel deadlock associated with the leap second event. The solution is available as Service Information INF-15-000243 (release date: 2015-05-13)
  • OpenScape Voice: Upgrade to V7 R1.43.1 (INF-15-000174, release date: 2015-05-14) or V8 R0.34.8 (HF004092, release date: 2015-04-30), or later versions.
    In cases where an upgrade is not possible before June, 30: install a workaround solution that puts NTP configuration into "slew" mode and effectively prevents a potential kernel deadlock associated with the leap second event. The solution is available as Service Information INF-15-000236 (release date: 2015-05-05)
  • Unify Applications running on Novell SLES 11: Follow the recommendations provided by Novell at: https://www.novell.com/support/kb/doc.php?id=7016150
    Application-specific notes:
    • OpenScape Business S/Booster Server:
      upgrade to V1 R3.0.0 or later before applying the operating system patch provided by Novell
    • OpenScape Office LX/HX:
      upgrade to V3 R3.10.0 or later before applying the operating system patch provided by Novell
    • OpenScape 4000 Manager V7:
      the recommended options are either to apply the operating system patch provided by Novell or to do nothing (as the risk for a potential freeze of the system is low).
      Note that the workaround ("slew mode") described by Novell is not applicable on OpenScape 4000 Manager servers (as a different NTP configuration interface is implemented). A third option (for unpatched installations with high availability requirements) is to temporarily disable the NTP daemon via webmin on June 29 UTC and enable it again not before July 1, 01:00 am UTC.

 

Hebt u meer vragen? Een aanvraag indienen

Opmerkingen