Container

caution

LRR 2.8.x requires authorizing new TLS flows between the base station and ThingPark's public key infrastructure: i7a for SaaS deployments or i38, i39 and i40 for self-hosted deployments.

You must ensure that these flows are authorized by your firewalls, even if your base stations use IPSec.

To learn more, see Base station flows.

Installation

To learn more about the installation steps, see Installing the LRR image on Docker.

Version 2.8.101

Supported hardware

Hardware Model	FPGA	Firmware	HAL
Docker	No FPGA	Debian 12.13	2.1.0

New features

• Possibility to customize the SUPPORT password from SUPLOG (RDTP-15143): For enhanced security, the default SUPPORT password may be changed by the user from SUPLOG console, under Identifiers > Set Actility support tool password.

• Enhanced filtering of non-LoRaWAN uplink packets (RDTP-17897): Optimized LRR filtering of uplink packets to discard non-LoRaWAN frames.

• Support TLS as a new communication security protocol: TLS (Transport Layer Security) has been added along with IPSec (Internet Protocol Security). By default, TLS is used to encrypt every message going from the LRR to the ThingPark platform. IPSec can still be used and configured using the Suplog. To learn more, see Activating a secure connection via IPSec or TLS.

• Allow configuring ICMP destinations in SUPLOG (RDTP-17415): Make it possible to customize the ICMP destinations in SUPLOG to comply with specific deployment use cases where ICMP protocol is not authorized on ThingPark's server side.

• Introduction of embedded virtual device probe: This feature provides insight into the RF quality of the network using an emulated device in the LRR to send messages over the LRR antenna, and then analyze the quality of the received uplink packet by other surrounding LRRs.

• Introduction of new managers: Centralmgr is now centralizing all information from the other managers: gwmgr, failovermgr, restoremgr, rollbackmgr, lrrmgr, pkimgr.

Limitations and known issues

We have a number of limitations due to the nature of a containerized LRR. This mean NFR-920 (gateway management and configuration) is limited to a subset of features compared to a standard LRR.

• IPSec is disabled. Only TLS is supported as a secure communication protocol.
• Hostname configuration is not supported. The LRR will use the default hostname provided by Docker.
• IP Failover is not supported. The LRR will use the default network configuration provided by Docker. IP Failover can be done at Host level if needed.
• Network configuration is limited to what is provided by Docker. The LRR will use the default network configuration provided by Docker. Network configuration can be done at Host level if needed.