Bonded Internet 2014.1 release notes¶
March 5, 2014
Bonded Internet 2014.1 improves scalability, stability, and security on bonders, aggregators, and the management server. We also introduce support for 64-bit aggregators and bonders.
Bonding node¶
Additions¶
- Bonding supports 64-bit operating systems.
- The cached configuration file is updated once a day.
Changes¶
- Processes communicate using a new message bus known as Express. This significantly improves scalability and stability compared to the 0mq message bus, which has been removed.
- Aggregators have a variety of improvements allowing them to support more bonds and legs.
- Iptables rules are added to custom chains instead of build-in chains. This improves reliability in the event of a crash or rollback.
- The node management VPN client now runs as the bonding user.
- The node management server reports port numbers as, for example, “Ethernet port 1” instead of “eth0.”
- Internal testing and build processes have been improved.
Fixes¶
- The bonder web service is now protected by the bonder’s firewall even if the TCP proxy is enabled.
- The node service remains responsive even when starting or stopping large numbers of bonds.
- DHCP and PPP legs properly report their connectivity to the management server.
- PPP legs no longer fail when restarted in a certain rare circumstance.
- PPP leg information is updated properly even if the interface comes up with a different MTU than it did in an earlier instance.
- The TCP proxy closes connections properly when contacting a host on or very near the aggregator.
- The links to preseed files on the Node Setup page are now HTTP instead of HTTPS, since HTTP is required for the install-time preseed method.
- The node service no longer signals tunnel and TCP proxy processes that have already quit.
- Service start dependencies have been added. The node service waits for the subprocess service to start, and the subprocess service waits for the config service to start.
- TCP proxy processes are started only after the bond’s tunnel has started, since the proxy depends on the tunnel.
- No attempt is made to change ownership on non-existent files when in generic configuration mode.
- Nodeconfig and nodessl show useful error messages on SSL validation failures.
- Aggregators stop sending traffic to a bonder leg if the leg is down for 30 seconds.
- The web service no longer quits immediately after being started when node starts.
- Various other bugs have been fixed.
Patches¶
| 2014.1-1: | Re-enabled compatibility with i586 CPUs (i.e. AMD Geode) |
|---|---|
| 2014.1-2: | Subprocess service calls no longer time out in some cases, speed tests no longer fail to stop in a certain rare case, TCP proxy properly handles routing for its own connected IP, improved reliability of heartbeat checks and application crash reports |
| 2014.1-3: | Minor improvements to DHCP and PPP leg monitoring, fixed error condition handling in subprocess service, Quagga configuration is committed properly, improved heartbeat checks, bonder tunnel socket no longer connects to old aggregator in certain rare case, improved monitoring of OpenVPN client, aggregator no longer crashes in a certain case when removing a bond, improved handling of errors when stopping PPP legs |
| 2014.1-4: | Added fsmonitor application, improved supervision of tunnel and TCP proxy applications, allow web-based provisioning of bonders from eth0 |
| 2014.1-5: | Resolved an issue that prevented a bond from being started on an aggregator if the host received an add-bond command immediately after a remove-bond command, fixed a file descriptor leak between the web server and node service, enabled logging of requests to the web server, and added the ability for a new tunnel process to kill a previously running tunnel process if the new process fails to create a tun device. |
Bonding admin¶
Changes¶
- Nginx replaces Apache as the HTTP server.
- Uwsgi replaces mod_wsgi as the application server.
- There are multiple log files in /var/log/bondingadmin/, instead of one single bondingadmin.log file.
- Processes communicate using the new Express message bus.
- Internal testing and build processes have been improved.
Fixes¶
- The aggregator failover process no longer sends two consecutive failure messages in rare circumstances.
- Various other bugs have been fixed.
Patches¶
| 2014.1-1: | Creates both i386 and amd64 installer ISOs, various HTTP server configuration improvements, fixed Munin permissions, fixed sending of certain exception reports to Technical Support, fixed bonderupdate management command. |
|---|---|
| 2014.1-2: | Update backup/restore scripts |
| 2014.1-3: | Fixed various UI bugs, allow /ISO/ indexes |
| 2014.1-4: | Improved ISO creation methods, various fixes for minor aggregator failover issues, fixed an HTML5 validation UI bug |
| 2014.1-5: | Huey no longer sends out duplicate configuration updates in some cases. |
| 2014.1-6: | Minor management script and documentation fixes. |