=====================================
Bonded Internet 2015.1 release notes
=====================================

January 21, 2015

Bonded Internet 2015.1 adds automatic detection of leg MTUs, the ability
to set leg and connected IP Ethernet modes and the ability to manage and
monitor node connection tracking table settings from the web admin, and
improves the management server API.

Bonding Node
-------------

Additions
^^^^^^^^^^

-  Leg MTUs are detected automatically. This eliminates the need to test
   and set MTUs manually, as was previously required in certain
   situations. MTU detection is enabled on both new and existing bonds.
-  Leg and connected IP Ethernet interface configuration is taken from
   the management server. It is no longer necessary to make a hook
   script to make Ethernet mode changes persistent.
-  Interface errors and collisions are reported to the performance
   charting database on the management server.
-  Connection tracking table sizes are reported to the management
   server.
-  Nodes report if their filesystem is read-only. They test the
   filesystem where /var/lib/bonding/ is mounted.
-  The node process tries to ensure that the Quagga zebra daemon is
   always enabled.

Changes
^^^^^^^^

-  MTUs on tunnel interfaces can now be different between bonders and
   aggregators. This can happen if MTU detection finds different upload
   and download MTUs on a leg.
-  TCP MSS clamping now occurs when TCP packets come out of a tunnel
   interface, rather than when the packets go into a tunnel interface.

Fixes
^^^^^^

-  The timeout for configuration to complete after submitting a node key
   on a default bonder has been increased from 30 seconds to 60 seconds.
   This improves reliability when configuring slow devices such as the
   PC Engines Alix.
-  Tunnels stop speed tests properly even when speed test initiation
   packets are lost between the aggregator and bonder. This eliminates
   an issue where too many test results packets could be reported during
   speed tests, resulting in sawtooth patterns in throughput charts.
-  Various improvements have been made to performance collection and
   reporting applications on the node.
-  Fewer updates are sent to the management server about changes in leg
   latency, ping timing, and detected speeds.

Patches
^^^^^^^^

:2015.1-5: Minor change to socket creation behaviour of TCP proxy to
  reduce the number of "address already in use" warnings.
:2015.1-6: Fixed an issue performing TCP clamping with bonds using
  Private WAN and fixed an issue establishing encrypted links in some
  scenarios on bonds with only one available leg.
:2015.1-7: Fixed an issue creating connected IPs on VLAN interfaces.
:2015.1-8: Fixed an issue that could reduce bonded throughput with
  compression enabled and an issue that could cause the tunnel latency
  chart to report higher-than-expected values.
:2015.1-11: Fixed an issue that prevented speed test chart data from
  being recorded with a 2015.1 aggregator and older bonder versions.
  Fixed an issue on Debian Wheezy bonders that prevented outgoing
  connections being made with the expected IP address on bonds with
  multiple CPE NAT IPs and the TCP proxy enabled. The issue has not been
  fixed on Debian Squeeze bonders due to limitations in the iptables
  package on Squeeze.
:2015.1-12: Fixed an issue with the TCP proxy that caused web pages to
  load slowly when a bulk upload was taking place.

Bonding Admin
--------------

Additions
^^^^^^^^^^

-  Detected leg MTU values are shown on bond details pages. Fields have
   been added to change or disable automatic detection.
-  Ethernet speed and duplex settings for leg and connected IP
   interfaces can be changed from the web interface.
-  The size of connection tracking tables on nodes can be changed and
   monitored from the web interface. A warning is shown for a node when
   it approaches the maximum table size, and the node details page has a
   chart that shows the connection tracking table size over time.
-  DTLS replay protection for tunnel encryption can be disabled with a
   new bond option. This increases the risk of a replay attack, but can
   reduce observed packet loss on legs with significant reordering.
-  The web interface shows an error message for bonders or aggregators
   that have a read-only filesystem.

Changes
^^^^^^^^

-  API resources now contain a version number in the URI. This improves
   our ability to update and deprecate API features. The root API,
   without a version number, will continue to operate like the original
   API until it is deprecated.
-  Certain API resources now include child objects. For example, the
   bond resource includes information on each of a bond's legs. This can
   significantly reduce the number of requests necessary to fetch
   information from the API.
-  The edit multiple bonds dialog now allows the secondary aggregator
   and QoS profile fields to be cleared.
-  Various pages, most notably the bond index page, are generated on the
   browser using information from the API. This is part of a series of
   planned improvements to make the user interface faster.
-  Various pages, menus, and dialogs in the management server have been
   changed to maintain usability.
-  Backup files in /var/lib/bondingadmin/primary-backups are purged
   after 30 days.
-  Configuration updates related to QoS profiles are no longer sent to
   aggregators that have never been online.
-  Configurations in the Nginx web server have been changed to improve
   SSL security, compress all responses, improve web client security,
   and prevent Internet Explorer displaying the web site in
   compatibility mode.

Removals
^^^^^^^^^

-  Integration with FreeRadius servers for PPP leg authentication has
   been removed. No partners were using this feature.

Fixes
^^^^^^

-  Aggregator failover emails are only sent to users set as active.
-  Various improvements have been made to the management server
   performance reporting and time-series database, InfluxDB.
-  Various unhandled exceptions in the API are now handled properly.
-  The leg state changes chart no longer connects points improperly
   under certain circumstances.

Patches
^^^^^^^^

:2015.1-8: Improved validation of API objects.
