Overview

We are pleased to introduce Bonded Internet 6.6.

This release introduces a rewritten classification and policy engine based on nftables which brings performance gains and better scaling compared to the old iptables-based engine. In addition, a number of stability and management improvements have been made.

Click "next" to read more, or check out the 6.6 release notes for all the details.

New classification and policy engine based on nftables

The classification and policy engine has been rewritten to use nftables:

• nftables is a packet classification framework for Linux that replaces the old iptables.
• The primary benefit of nftables is that it has more advanced rule matching, allowing for rulesets to be much smaller compared to iptables, particularly on aggregators.
• Single-bond performance gains of 12% with QoS enabled and 17% without were measured in our lab.
• This new engine has also improved start up times and and reliability on aggregators and bonders.

In addition to the above, this new engine will allow for more advanced functionality in future releases.

Warning: Any nodes with hooks installed that manipulate iptables rules will need to be adapted or replaced to use nftables drop-in files as described here.

Other improvements

In addition to the new classification and policy engine, a number of other improvements are contained in this release. For example:

• Improvements to PPPoE and mobile broadband legs
• Bonder DNS servers can now be set as part of the bond configuration, and the method of resolving DNS is much more reliable
• The configuration of the Salt management system on nodes is now more reliable
• And more!

See the 6.6 release notes for a full overview.