SD-WAN 2015.2 release notes

April 4, 2015

SD-WAN 2015.2 improves aggregator failover reliability, improves reliability of the main database by switching from MySQL to PostgreSQL, adds the ability to create and retrieve speed tests from the API, and fixes a number of bugs. It is a major behind-the-scenes upgrade for management servers and a minor upgrade for aggregators and bonders.

This release deprecates SD-WAN 2013.7 and earlier. Support for 2013.7 and earlier nodes will be removed in 2015.3. Partners with 2013.7 and earlier nodes will receive the 2015.2 upgrade, but will not receive the 2015.3 upgrade until all nodes are upgraded to 2014.1 or earlier.

SD-WAN 2015.2 changes how certain configuration files are managed on aggregators and bonders. When upgrading, if you see a message asking, “File also in package provided by package maintainer. What would you like to do about it?” we recommend entering “y” to install the upgraded version of the file.

Bonding Node

Additions

  • Aggregators respond to monitoring requests from the management server over a SSL-secured connection on TCP port 8005. This allows the aggregator failover service to monitor hosts even when the management VPN is unavailable. If your aggregators are behind a firewall, please open TCP port 8005.

Changes

  • The tunnel process now defaults to the Weighted Round Robin balancing algorithm if its configuration happens to specify an unknown algorithm. Previously the tunnel would log an error and quit.
  • Packaging for certain configuration files has been updated to bring it more in line with Debian standards.

Fixes

  • Improved reliability of MTU detection reliability on links with packet loss.
  • Fixed issues that could cause a tunnel process to crash when adding a new leg in a few rare situations
  • Fixed an issue that could cause the link packet loss chart to report incorrect values
  • Fixed a number of issues with the performance metric reporting plugins in the collectd service.
  • Fixed an issue that could reduce bonded throughput with compression enabled.
  • Fixed an issue that prevented speed test chart data from being recorded with a 2015.1 aggregator and older bonder versions.
  • Fixed an issue on Debian Wheezy bonders that prevented outgoing connections being made with the expected IP address on bonds with multiple CPE NAT IPs and the TCP proxy enabled. The issue has not been fixed on Debian Squeeze bonders due to limitations in the iptables package on Squeeze.
  • Fixed an issue with the TCP proxy that caused web pages to load slowly when a bulk upload was taking place.
  • Fixed an issue that could cause bonders and aggregators to report incorrect leg speed values when bandwidth adaptation is enabled.

Bonding Admin

Additions

  • The aggregator failover service checks hosts on a connection that does not depend on the management server VPN. This allows the VPN to be restarted without causing the aggregator failover service to incorrectly detect failures.
  • The aggregator failover service pings a reliable host before failing over aggs. This prevents aggregators from being detected as failed when only the management server’s network has failed. By default, the service pings 8.8.8.8. To change this host or disable this feature, contact Technical Support.
  • An option has been added to disable failover monitoring for aggregators.
  • Aggregator failover metrics are reported in the API.
  • The version of the node software available to bonders and aggregators can now be changed by super users via a form on the Node Setup page. The last two versions are available—for example, when 2015.2 is released, the software repository can be changed to offer either 2015.2 or 2015.1.
  • Speed tests can be created and retrieved via the API. Test resources are available as a child of each bond resource.
  • PostgreSQL and InfluxDB statistics are shown on the System Charts page.
  • A warning is shown on the bond details page when Ethernet collisions occur on legs or connected IPs.

Changes

  • The provisioning ISOs have been updated. Please download the new ISOs from the Node Setup page and replace the imaging disks you currently use.
  • The bond list API has been optimized to improve performance. This will improve loading times for the dashboard and bond index pages.
  • PostgreSQL replaces MySQL as the relational database server, because it offers better data management and integrity features.
  • Database schema migrations are now performed by the Django application framework used by Bonding Admin.
  • Bonding admin applications now use Python 2.7 and Django 1.7.
  • Speed test results are stored in the SQL database, not in Redis. This reduces Redis memory usage.
  • The ba upgradebonders command has been replaced with the upgrade-bonders command.
  • The upgrade-bonders command upgrades all Debian packages on nodes, not just bonding-related packages.
  • The service that forwards performance metrics from nodes to InfluxDB has been optimized and a potential memory leak eliminated.
  • Positions of some fields on the bond details and bond edit page have been changed.
  • The internal architecture of Bonding Admin code has been improved, with greater separation between the bond and aggregator/bonder models and a complete rewrite of the aggregator failover service.
  • The API reports date/time fields with microsecond precision instead of second precision.
  • The web application server runs fewer threads per CPU core. This reduces memory usage.
  • The method used to allocate node management VPN IPs, bond tunnel subnets, and tunnel UDP port numbers has been changed to improve performance when creating objects. Now IP addresses and port numbers are reused only when the entire subnet or port space has been used.