Also in this version, a major under the hood infrastructure upgrade
We’ve been quiet for a while, working hard on this brand new flexiWAN release! We’re happy to announce the new flexiWAN release version 4.1.16, which brings a major throughput leapfrog, under the hood technology upgrades, tighter control over encryption usage and much more.
This release is the last of the 4.1.x series, with the next major release flexiWAN 4.2 arriving shortly. The upcoming flexiWAN 4.2 release will brings a milestone feature, security firewall functionality. So stay tuned for more! Please note that this release is not mandatory for the upcoming 4.2 release.
Major throughput improvements
For flexiWAN deployments requiring high throughput, ideally on datacenter hubs. This version introduces enhanced and optimized multi-core functionality. Using RSS acceleration technology on supported network cards, flexiWAN introduces a capacity leapfrog when utilizing multiple CPU cores, greatly improving the tunnel throughput! It works best for hubs with at least 3 tunnels.
This is a great opportunity to thank Intel engineering for working with us on making sure flexiWAN is optimized for Intel CPU in multi-core deployments.
We’ve written down a guide on how to enable multi-core here.
New tunnel key exchange options
In the addition to the already available Pre-Shared-Key (PSK) tunnels, we are happy to introduce two more Tunnels Key Exchange Methods:
- IKEv2 – Internet Key Exchange version 2, combined with IPsec. Even though more complex than PSK, configuration and certificates generation and exchange is handled automatically by flexiWAN flexiManage magic!
- No encryption – for deployments that do not require encryption but only high throughput, turning off the encryption will maximize the performance.
These two methods are very important upgrades as they set the foundation for a few big improvements coming in the near future!
Under the hood improvements
Major upgrades and improvements have been made under the hood. We’ve updated flexiWAN to the 21.1 VPP version, which is a FD.io Vector Packeting Processor on which flexiWAN relies on for networking. We’ve also migrated from python2 to python3! Upgrading to the latest versions of VPP and python3 will now perform better, faster while at the same time running on supported and secure components.
flexiEdge UI overhaul
You may have noticed that we’ve introduced flexiEdge UI, a local web server running on port 8080 a few releases back. We’ve now reorganized it to follow the flexiWAN deployment flow much more closely and added a few more bits for easier troubleshooting. flexiEdge UI completely replaces the old command line procedure for initial flexiWAN configuration. Its networking configuration section is now a preferred way to preconfigure network interfaces, even before connecting the device to flexiManage, ensuring all networking configuration is in sync with netplan. View flexiEdge the complete documentation and configuration steps here.
Many smaller improvements
From the smaller but still important updates and improvements, we would like to point out the following new features:
Static DNS setup – Set a static DNS and local domain for each WAN interface, or use upstream DNS for resolution.
Internet breakout multi-wan support – With the latest release, it is now possible to use multiple internet breakout or Direct Internet Access labeled interfaces with application based routing. This means specific apps or ports ranges can be directed to use multiple WAN’s! Learn more about it in our documentation here.
Improved STUN – With 4.1.16 release we are also bringing greatly improved STUN and external IP detection. This new release brings improvements and fixes to the detection algorithm.
Improved WiFi 5ghz driver – The latest version of flexiWAN brings a greatly enhanced WiFi 5ghz driver. Together with AC mode, 5ghz works like a champ for flexiWAN AP clients.
And finally, we are adding preliminary support for the Quectel EC20 module. Thanks to Quectel and their support there has been a beta firmware update for EC20 made available for those who wish to use that module with flexiWAN.