SD-WAN 6.3 release notes

We are pleased to announce the release of SD-WAN 6.3. The focus on this release is adding support for hooks in private WAN routers and the configuration of overlapping subnets in private WAN.

Important notes:

Warning

The deprecated v1 and v2 versions of the Bondingadmin REST API have been removed. Any applications utilizing these deprecated APIs will cease to function until they have been migrated to the v3 API.

These API URLs have been removed:

  • /api/ (this was an alias for /api/v1/)
  • /api/v1/
  • /api/v2/

This URL is the only supported one going forward:

  • /api/v3/

Major Features

  • Spaces on private WAN routers now have hooks to add some custom functionality if desired. See Private WAN router space hooks.
  • In private WAN, routing can be configuring with overlapping subnets. For example:
    • Connected IP 10.42.5.1/24
    • Route 10.42.0.0/16 via 10.42.5.5
  • nDPI can be used to detect the application of flows when using flow collectors.
  • Bonders can now display quality of service charts if they are running 6.3 and have a quality of service profile assigned to them.

Bonding Admin

Additions:

  • Routes can now be configured to overlap with other routes and connected IPs on the same bond when used for private addresses.
  • Added an example for configuring the elastic stack as a flow collector. See Installing Elastic stack for IPFIX collection.
  • QoS charts are now displayed for bonds running 6.3, showing how much bandwidth was categorized into each of the configured traffic classes.

Fixes:

  • Downtime prevented no longer thinks that leg outages last much longer than they actually do
  • Bond and leg growth numbers are more accurate, previously they displayed the growth as a percentage when it was really an absolute value. These values are also faster to query which reduced the time to display them when many spaces are defined.
  • Spaces are now fully removed from the database when deleted to prevent conflicts.
  • Ignore stale rate update messages from aggregators so that the current speed values stay more up to date.
  • Management server backups now include any custom configuration defined in /etc/default
  • The labels on the charts are now clickable to toggle the display of some metrics.
  • The speed test details page is no longer consumes a web worker while waiting for results, so pages should stay more responsive when waiting for test results.
  • A proper validation error is raised for a static leg with a /32 netmask.
  • The PXE server installation instructions have been updated to create links to the kernel and initrd files to limit the impact of Debian kernel upgrades on installs.

Bonding Node

Attention

The routing tables in Linux used by Private WAN have been changed. Previously, private WAN routes were placed in tables beginning at 1000 and increasing for each space. Now, they begin at 0x2000, or 8192 in decimal. This will affect hooks or integrations that depended on this behaviour to function.

For example, routes for a space of ID 123 would previously be put into table 1123 on an aggregator. Now they will be in table 8315.

Additions:

  • New version of pmacct to support nDPI for protocol detection.
  • Connected IPs on bonders send a gratuitous ARP when they come online.
  • If an IP address somehow gets removed from a leg interface it will be added back.
  • If routes somehow go missing they will be added back.
  • QoS data rates are submitted as statistics to the management server
  • Flow collectors can now detect some applications using nDPI.
  • Private WAN routers can now be configured with hooks that run when spaces are started and stopped.
  • Some tunnel status updates are batched to avoid overwhelming other services during times of heavy load.

Fixes:

  • The Collectd service stops quitting periodically, which was leaving gaps in charts.
  • The Collectd service is better at maintaining a connection to the management server to keep the charts up to date.
  • Speed tests against idle legs get cancelled immediately instead of stalling, the same is true for legs which have recently gone down or are doing some initial testing when they come up.
  • Less aggressive heartbeat checks to prevent restarting services in a busy environment.
  • More accurate timestamps for downtime prevented data.
  • Configuring a large interface MTU no longer causes the tunnel to crash.
  • Improved private WAN routing logic to avoid sending traffic directly out an aggregators default route if the gateway was unknown.
  • Aggregators wont submit leg data rates for legs that they are no longer running.
  • Failover legs now have a lower priority for choosing which leg do handle local DNS requests from.
  • A connected IP could fail to start on an aggregator if private WAN was was disabled on the space.
  • Routing in private WAN now have a higher preference to stay within the routing group if possible.
  • Speed tests track time more reliably to give more accurate results on links with high jitter.