==================================
SD-WAN 6.2 release notes
==================================

We are pleased to announce the release of SD-WAN 6.2. The focus on
this release is a new traffic classification system allowing for tunnel bypass
of particular traffic and flow collection and export for greater visibility
into the network traffic passing through bonders.

Important notes:
----------------

.. warning::
    The deprecated v1 and v2 versions of the Bondingadmin REST API will be
    removed **in the next release**. Any applications utilizing these
    deprecated APIs should be migrated to the v3 API as soon as possible.

These API URLs will be removed in a future release:

-  ``/api/`` (this is an alias for ``/api/v1/``)
-  ``/api/v1/``
-  ``/api/v2/``

This URL will be the only supported one going forward:

-  ``/api/v3/``

.. warning::
    Breaking API change: The ``roaming`` field for mobile broadband legs
    in the API is now a proper boolean rather than a string which returns
    "True" or "False". Any customizations that make use of this field
    need to be updated to account for this.

Major Features
--------------

-  A new traffic classification system was implemented to allow for more
   control of bonder traffic using *Classification Profiles*. In previous
   releases, all non-local traffic from connected IP interfaces was directed
   into the bonding tunnel and routed through aggregators and private WAN
   routers. In this release traffic can be classified according to packet
   filters in a *Classification Profile* and directed into the tunnel or via a
   Tunnel Bypass configuration on the bond, which will send the traffic
   directly via a leg interface. See the `Tunnel Bypass documentation
   <../bonds/tunnel-bypass.html>`__ for more information.

-  A flow collection feature has been added so that bonders can report flow
   data via the IPFIX, Netflow, and sFlow protocols. This allows for
   fine-grained monitoring of the bonder traffic when coupled with an external
   flow collector such as `Scrutinizer
   <https://www.plixer.com/products/scrutinizer/>`__, `SolarWinds
   <https://www.solarwinds.com/netflow-traffic-analyzer>`__, `ntop
   <https://www.ntop.org/>`__, or `Elastic (ELK) stack
   <https://www.elastic.co/products>`__. See the `Flow Collectors documentation
   <../policies/flow-collectors.html>`__ for more information.

-  The leg display on bond detail views have been completely redesigned to
   show data in a more concise manner. We believe this improves readability,
   particularly on mobile devices.

-  The Bonding Admin documentation has been migrated to a new format that
   includes a search function.


Bonding Admin
--------------

Additions:

-  A new *Classification* section is available under the *Policies* menu where
   Classification Profiles can be managed. The Classification Profiles are
   currently used to classify traffic for `Tunnel Bypass
   <../bonds/tunnel-bypass.html>`__.

-  Bond pages have a new *Tunnel Bypass* button which leads to the
   configuration of Classification Profiles and Tunnel Bypass for the bond.
   See `the Tunnel Bypass documentation <../bonds/tunnel-bypass.html>`__ for more
   information.

-  When *Tunnel Bypass* is enabled on a bond, a new chart is displayed to show
   the amount of traffic that is bypassed via legs instead of sent through the
   tunnel.

-  A new *Flow collectors* section is available under the *Policies* menu
   where flow collectors can be configured. Any number of flow collectors can
   be added using the IPFIX, Netflow, or sFlow protocols. Individual bonds may
   be configured to use one or more of these collectors. See the `Flow
   Collectors documentation <../policies/flow-collectors.html>`__ for more
   information.

-  The bond edit and multiple edit views allow for adding and removing flow
   collectors that have been defined under the *Policies* menu. This operates
   similarly to QoS profiles, except that multiple collectors may be added.

-  Permissions have been added to regulate access to *Classification Profiles*
   and *Flow Collectors*. These are found under the *Policies* section of the
   user and group permission pages. By default, each group has been granted
   access to *Classification Profiles* and *Flow Collectors* to the same
   degree that they currently have with *QoS profiles*.

-  The leg displays on the bond detail view has been completely redesigned to
   display information is a more concise manner. Feedback on this change is
   welcome.

-  The system for sending configuration updates to nodes has been rebuilt into
   a new service called *Homestead*. This new service was built to increase
   reliability of the update scheduling, which, in previous versions, could
   get stuck in rare circumstances.

-  Documentation was migrated to a new format with search capabilities.

-  The CPU governer of nodes can now be managed in the respective edit views.
   Selection of an alternate governer, particularly ``performance``, may
   improve bonding throughput on certain platforms. The governer for a node
   can be set under the advanced section of that node's edit view. The default
   governer for new nodes can be set in the *Node Defaults* view under the
   *Administration* menu.

-  The system requirements and recommendations for nodes are now included in
   the documentation. See `System requirements
   <../nodes/system-requirements.html>`__ for more information.

-  TCP segmentation offloading can now be disabled for private WAN backhauls
   on aggregators and private WAN routers. This is necessary on some
   platforms, particularly VMWare, that suffer severe performance degradation
   when the backhaul is encrypted. The relevant option can be found under the
   advanced section of the aggregator and private WAN router configuration
   views.

-  On the bond edit view and via the API, the aggregator and the space may now
   be set simultaneously.

-  On aggregator and private WAN edit views, options that require a manual
   restart of services are marked as such.

-  The default settings for leg and bond speed tuning have been adjusted for
   new Bonding Admin installs. Testing has revealed that these new settings
   decrease the amount of time the tuning process takes in most cases without
   sacrificing accuracy. Note that these settings are not automatically
   applied to existing Bonding Admin servers. If you would like to try them,
   go to the *Speed Tuning* item in the *Administration* menu and change the
   following settings:

   -  *Binary search range threshold factor*: 0.1
   -  *Binary search range threshold minimum up*: 0.1
   -  *Binary search range threshold minimum down*: 0.1

Fixes:

-  If invalid email settings are configured, the management server no longer
   fails silently when adding new users.

-  Detection of the primary private WAN router has been improved to be more
   accurate in certain circumstances.

-  The time zones used for the time display of speed tests are now consistent
   between the list and detail views when the client browser is in a different
   time zone than the Bonding Admin server.

-  The display of routing groups in the IP allocation edit view is now correct
   on Internet Explorer/Edge.

-  The display of the latest bonding version on the *Software Repository* view
   under *Administration* sometimes showed an older version. This has been
   fixed.

-  If a space shares a key with one that had been previously deleted, some
   operations involving the new space would fail. This has been fixed.

-  The downtime prevented data for previous months no longer degrades over
   time.

-  Certain private WAN configuration changes are no longer sent to older nodes
   that don't support them.

-  New routing groups can now re-use names that match names of deleted routing
   groups.

-  The process for collecting metrics from nodes now operates more efficiently
   when accepting data from a large number of nodes.

-  The aggregator failover process now gracefully handles a certain type of
   protocol error with the aggregator monitoring that can occur in rare cases.

-  The edit multiple bonds view now no longer allows selection of aggregators
   or QoS profiles that are not valid for the entire set of selected bonds.

-  Static legs can now be configured with private IP addresses that are also
   configured on legs on other bonders.

-  The private WAN router provisioning instructions incorrectly instructed to
   not configure the ``ext`` bridge when using a separate VLAN trunk
   interface. The instructions have been updated with the correct information.

-  The downstream packet loss chart now shows the downstream packet loss
   across the whole timeframe if the aggregator was changed during that
   period.

-  An error is now shown if an attempt to delete a QoS profile that is in use
   by a bond is made.

-  The QoS profile packet filter edit view now shows the appropriate error if
   the source network field contains invalid data.

-  Certain incorrect hashlimit settings in QoS profiles are now detected
   properly in the QoS profile edit view.

-  The leg MTU detection time field in the bond edit view no longer accepts a
   blank input.


Bonding Node
------------

Additions:

-  Bonders now have the ability to classify traffic and and optionally bypass
   traffic via a leg interface. See `the Tunnel Bypass documentation
   <../bonds/tunnel-bypass.html>`__ for more information.

-  Bonders will now export flow information for client traffic to flow
   collectors if configured in Bonding Admin.  See the `Flow Collectors
   documentation <../policies/flow-collectors.html>`__ for more information.

-  Nodes will now set the CPU governor according to settings in Bonding Admin.
   Selection of an alternate governor, particularly ``Performance``. may
   result in increased throughput on certain platforms.

-  The boot menus on the provisioning images have been updated:

  -  On the first menu:

    -  ``Serial (ttyS0)`` is now ``Via Device Serial Port``
    -  ``USB Serial (ttyS1)`` is now ``Via Device USB Port``
    -  ``Virtual`` is now ``Display with keyboard``

  -  On the second menu:

    -  ``Automatic`` is now ``Image with Node Key (ZTP)``
    -  ``Automatic default Bonder`` is now ``Image without Node Key``
    -  ``Auto except Net`` is now ``Static IP (Aggregator)``
    -  ``Regular`` has been removed

Fixes:

-  The provisioning images now correctly format devices using EFI firmware.

-  The ``bondlog`` program now correctly shows private WAN agent logs using
   the ``space`` parameter. See the ``bondlog`` section in `Node Applications
   <../nodes/node-applications.html>`__ for more information.
