A Capacity Leapfrog to flexiWAN

Enhanced flexiEdge web UI for better installation and troubleshooting, more tunnel key exchange options, enhancements to local Internet breakout utilizing multi-WANs, and more!

the logo for flexi wan
By Ivor Kreso
the logo for flexi wan
Edited by flexiWan Staff

Updated March 18, 2024.

A Capacity Leapfrog to flexiWAN

We’ve been quiet for a while, working hard on this brand new flexiWAN release! We’re happy to announce the new flexiWAN release version 4.1.16, which brings a major throughput leapfrog, under-the-hood technology upgrades, tighter control over encryption usage, and much more.

This release is the last of the 4.1.x series, with the next major release, flexiWAN 4.2 arriving shortly. The upcoming flexiWAN 4.2 release will bring a milestone feature, security firewall functionality. So stay tuned for more!

Please note that this release is not mandatory for the upcoming 4.2 release.

Major Throughput Improvements

For flexiWAN deployments requiring high throughput, ideally on data center hubs. This version introduces enhanced and optimized multi-core functionality.

Using RSS acceleration technology on supported network cards, flexiWAN introduces a capacity leapfrog when utilizing multiple CPU cores, greatly improving the tunnel throughput! It works best for hubs with at least three tunnels. 

This is a great opportunity to thank Intel engineering for working with us on making sure flexiWAN is optimized for Intel CPU in multi-core deployments.

We’ve written down a guide on how to enable multi-core here.

New Tunnel Key Exchange Options

In the addition to the already available Pre-Shared-Key (PSK) tunnels, we are happy to introduce two more Tunnels Key Exchange Methods:

  • IKEv2: Internet Key Exchange version 2, combined with IPsec. Even though more complex than PSK, configuration and certificate generation and exchange is handled automatically by flexiWAN flexiManage magic!
  • No encryption: for deployments that do not require encryption but only high throughput, turning off the encryption will maximize the performance.

These two methods are very important upgrades as they set the foundation for a few big improvements coming in the near future!

Tunnels Key Exchange Method and no encryption


Under the Hood Improvements

Major upgrades and improvements have been made under the hood. We’ve updated flexiWAN to the 21.1 VPP version, which is a FD.io Vector Packeting Processor on which flexiWAN relies on for networking.

We’ve also migrated from python2 to python3! Upgrading to the latest versions of VPP and Python3 will now perform better and faster, while at the same time running on supported and secure components.

flexiEdge UI Overhaul

You may have noticed that we introduced flexiEdge UI, a local web server running on port 8080, a few releases back. We’ve now reorganized it to follow the flexiWAN deployment flow much more closely and added a few more bits for easier troubleshooting.

flexiEdge UI completely replaces the old command line procedure for initial flexiWAN configuration. Its networking configuration section is now a preferred way to preconfigure network interfaces, even before connecting the device to flexiManage, ensuring all networking configurations are in sync with Netplan.

View flexiEdge the complete documentation and configuration steps here.

Enhanced flexiEdge UI


Many Smaller Improvements

From the smaller but still important updates and improvements, we would like to point out the following new features:

Static DNS setup

Set a static DNS and local domain for each WAN interface, or use upstream DNS for resolution. 

Static DNS


Internet breakout multi-wan support

With the latest release, it is now possible to use multiple Internet breakout or Direct Internet Access labeled interfaces with application-based routing. This means specific apps or port ranges can be directed to use multiple WANs!

Learn more about it in our documentation here.

Multi-WAN support for Local Internet Breakout and Application Based Routing


Improved STUN

With the 4.1.16 release, we are also bringing greatly improved STUN and external IP detection. This new release brings improvements and fixes to the detection algorithm.

Improved WiFi 5ghz driver

The latest version of flexiWAN brings a greatly enhanced WiFi 5ghz driver. Together with AC mode, 5ghz works like a champ for flexiWAN AP clients. 

And finally, we are adding preliminary support for the Quectel EC20 module. Thanks to Quectel and their support there has been a beta firmware update for EC20 made available for those who wish to use that module with flexiWAN.