SD-WAN 2012.2 release notes¶

June 12, 2012

Additions¶

Administrators can now assign a single IP to a bond instead of a minimum /30 network as before. This is done by assigning one or more CPE NAT IPs to a bond. Read the User Guide section on CPE NAT IPs for details.
An API has been added to allow integration with custom software. It allows managing bonds, legs, connected IPs, and other objects.
Bonders with all legs behind NAT are now supported.
DHCP legs can now have their lease renewed from the configuration server.
A dedicated aggregator details page has been added. Traffic and CPU charts are shown on this page. The aggregator edit page has been simplified.
Ping and failover timing of non-failover legs can be managed from the configuration server.
An option has been added to drop unrecognized traffic from being uploaded from the bond. This reduces the risk of the bond being used as the source of a distributed denial of service attack.
Leg and bond counts are shown on the bond index page.
The configuration database is now backed up daily.
Speed tests record the version of Bonding on the bonder and aggregator at the time of the test.
A link to display bonder and aggregator passwords has been added.

The IP address field for PPP legs has been removed, since the interface configuration is pushed by the PPP server.
The aggregator charts page has been removed; charts are now shown on the aggregator details page.

WAN IPs have been renamed Connected IPs to better reflect their use. Hooks in /etc/bonding/wanip.d will be automatically moved to /etc/bonding/connectedip.d on upgrade.
Routes have been renamed Routed Blocks.
Bonders always report internal leg IPs and aggregators always report external leg IPs. Previously there were cases where IP addresses would not be reported.
The leg speed unit has been changed from Kbps to Mbps. Leg hooks using upload or download speed information must be updated.
Bond traffic rates are reported by aggregators in one request every 10 seconds, not one request per bond every 10 seconds as before. This reduces load on the config server.
Config server pages run fewer database queries, improving performance.
Default failover leg ping time has been changed from 0.1 to to 1.0 seconds and down time from 0.3 to 3.0 seconds.
The node cached config file is now saved as JSON, not as a Python pickled file.
The set of available characters in node API keys has been reduced by removing hard-to-distinguish characters (for example, lowercase L is no longer used because it looks like digit 1).
For sites with PPP/Radius integration, the Radius group name field has been moved from the aggregator to the PPP leg object.
Nodes download configuration files using HTTP, not XML-RPC.

Tunnel processes now always detect when a leg goes down.
Routing validation has been improved. It is no longer possible to create conflicting connected IPs or routes.
DHCP leg behaviour now complies with RFC 2131.
Node keys are now case-sensitive in all cases.
The incorrect API key error message shown during Bonding package installation is now much more clear.
The hourly cached configuration file refresh script is now compatible with Debian Squeeze.
Aggregators no longer suffer packet loss even when their default route is on a VLAN interface.
Shaping hooks are no longer run during a speed test.
The bond index page no longer shows or counts disabled connected IPs.
Speed test results are now shown on the speed test index page, even when an error for the test is reported before the results are submitted.
The config server public IP address is now always shown on the System Info page. Previously the address 127.0.0.1 could be shown in some cases.

Aggregator tunnel processes can fail to set up iptables rules correctly when multiple tunnels are started at the same time.
Tunnel processes can fail to obtain interface queue size information.
UDP tests with a rate limit cannot reach more than about 15 Mbps.