From 77ef353151dcadc4d0ae38812eb355a4bb5ebb1e Mon Sep 17 00:00:00 2001 From: David Bauer Date: Thu, 25 Aug 2022 22:05:38 +0200 Subject: [PATCH 1/4] docs: vpn: make fastd section referenceable Signed-off-by: David Bauer --- docs/features/vpn.rst | 2 ++ 1 file changed, 2 insertions(+) diff --git a/docs/features/vpn.rst b/docs/features/vpn.rst index 95d0ee270c..ce962fc686 100644 --- a/docs/features/vpn.rst +++ b/docs/features/vpn.rst @@ -43,6 +43,8 @@ high throughput. fastd ^^^^^ +.. _VPN fastd methods: + Methods """"""" From 5333c71fcd41766c568da499c56262068b320003 Mon Sep 17 00:00:00 2001 From: Tom Herbers Date: Wed, 31 Aug 2022 00:55:22 +0200 Subject: [PATCH 2/4] docs: wired-mesh: make commandline section referenceable --- docs/features/wired-mesh.rst | 2 ++ 1 file changed, 2 insertions(+) diff --git a/docs/features/wired-mesh.rst b/docs/features/wired-mesh.rst index eded0b9593..96d9b5abcc 100644 --- a/docs/features/wired-mesh.rst +++ b/docs/features/wired-mesh.rst @@ -55,6 +55,8 @@ the ``mesh`` role to the ``interfaces.*.default_roles`` options in your :ref:`site.conf`. +.. _wired-mesh-commandline: + Commandline =========== From 8696e7f7f9e646bb39e3ab39ebf4bebd9aff60b5 Mon Sep 17 00:00:00 2001 From: David Bauer Date: Mon, 5 Sep 2022 17:22:34 +0200 Subject: [PATCH 3/4] docs: Add v2022.1 release notes Signed-off-by: David Bauer --- docs/releases/index.rst | 6 + docs/releases/v2022.1.rst | 416 ++++++++++++++++++++++++++++++++++++++ 2 files changed, 422 insertions(+) create mode 100644 docs/releases/v2022.1.rst diff --git a/docs/releases/index.rst b/docs/releases/index.rst index d1142e2b6c..e346903b48 100644 --- a/docs/releases/index.rst +++ b/docs/releases/index.rst @@ -1,6 +1,12 @@ Release Notes ============= +.. toctree:: + :caption: Gluon 2022.1 + :maxdepth: 2 + + v2022.1 + .. toctree:: :caption: Gluon 2021.1 :maxdepth: 2 diff --git a/docs/releases/v2022.1.rst b/docs/releases/v2022.1.rst new file mode 100644 index 0000000000..e98f2f1e6d --- /dev/null +++ b/docs/releases/v2022.1.rst @@ -0,0 +1,416 @@ +Gluon 2022.1 +============ + +Important notes +--------------- + +Upgrades to v2022.1 and later releases are only supported from releases v2020.1 and later. This is due to migrations that have been removed to simplify maintenance. + + +Added hardware support +---------------------- + +ath79-generic +~~~~~~~~~~~~~ + +- D-Link + + - DAP-2660 A1 + +- Enterasys + + - WS-AP3705i + +- Siemens + + - WS-AP3610 + +- TP-Link + + - Archer A7 v5 + - CPE510 v2 + - CPE510 v3 + - CPE710 v1 + - EAP225-Outdoor v1 + - WBS210 v2 + +ath79-mikrotik +~~~~~~~~~~~~~~ + +- Mikrotik + + - RB951Ui-2nD + +ipq40xx-generic +~~~~~~~~~~~~~~~ + +- Aruba Networks + + - AP-303H + - AP-365 + - InstantOn AP11D + - InstantOn AP17 + +ipq40xx-mikrotik +~~~~~~~~~~~~~~~~ + +- Mikrotik + + - SXTsq-5-AC + +ramips-mt7620 +~~~~~~~~~~~~~ + +- Xiaomi + + - Mi Router 3G (v2) + +ramips-mt7621 +~~~~~~~~~~~~~ + +- Cudy + + - WR2100 + +- Netgear + + - R6260 + - WAC104 + - WAX202 + +- TP-Link + + - RE500 + - RE650 v1 + +- Ubiquiti + + - UniFi 6 Lite + +- Xiaomi + + - Mi Router 4A (Gigabit Edition) + +ramips-mt7622 +~~~~~~~~~~~~~ + +- Linksys + + - E8450 + +- Xiaomi + + - AX3200 + +- Ubiquiti + + - UniFi 6 LR + +ramips-mt76x8 +~~~~~~~~~~~~~ + +- GL.iNet + + - microuter-N300 + +- Netgear + + - R6020 + +- RAVPower + + - RP-WD009 + +- TP-Link + + - Archer C20 v4 + - Archer C20 v5 + - RE200 v2 + - RE305 v1 + +- Xiaomi + + - Mi Router 4C + - Mi Router 4A (100M Edition) + +rockchip-armv8 +~~~~~~~~~~~~~~ + +- FriendlyElec + + - NanoPi R2S + +mpc85xx-p1010 +~~~~~~~~~~~~~ + +- Sophos + + - RED 15w rev. 1 + +mpc85xx-p1020 +~~~~~~~~~~~~~ + +- Extreme Networks + + - WS-AP3825i + +Removed Devices +--------------- + +This list contains devices which do not have enough memory or flash to +be operated with this Gluon release. + +- D-Link + + - DIR-615 (C1, D1, D2, D3, D4, H1) + +- Linksys + + - WRT160NL + +- TP-Link + + - TL-MR13U (v1) + - TL-MR3020 (v1) + - TL-MR3040 (v1, v2) + - TL-MR3220 (v1, v2) + - TL-MR3420 (v1, v2) + - TL-WA701N/ND (v1, v2) + - TL-WA730RE (v1) + - TL-WA750RE (v1) + - TL-WA801N/ND (v1, v2, v3) + - TL-WA830RE (v1, v2) + - TL-WA850RE (v1) + - TL-WA860RE (v1) + - TL-WA901N/ND (v1, v2, v3, v4, v5) + - TL-WA7210N (v2) + - TL-WA7510N (v1) + - TL-WR703N (v1) + - TL-WR710N (v1, v2) + - TL-WR740N (v1, v3, v4, v5) + - TL-WR741N/ND (v1, v2, v4, v5) + - TL-WR743N/ND (v1, v2) + - TL-WR840N (v2) + - TL-WR841N/ND (v3, v5, v7, v8, v9, v10, v11, v12) + - TL-WR841N/ND (v1, v2) + - TL-WR843N/ND (v1) + - TL-WR940N (v1, v2, v3, v4, v5, v6) + - TL-WR941ND (v2, v3, v4, v5, v6) + - TL-WR1043N/ND (v1) + - WDR4900 + +- Ubiquiti + + - AirGateway + - AirGateway Pro + - AirRouter + - Bullet + - LS-SR71 + - Nanostation XM + - Nanostation Loco XM + - Picostation + +- Unknown + + - A5-V11 + +- VoCore + + - VoCore (8M, 16M) + +Atheros target migration +------------------------ + +All Atheros MIPS devices built with the ``ar71xx-generic``, +``ar71xx-nand`` as well as ``ar71xx-tiny`` were deprecated upstream and +are therefore not available with Gluon anymore. + +Many devices previously built with ``ar71xx-generic`` and +``ar71xx-nand`` are now available with the ``ath79-generic`` as well as +``ath79-nand`` target respectively. + +Missing devices +~~~~~~~~~~~~~~~ + +The following devices have not yet been integrated into Gluons ath79 +targets. + +- 8Devices + + - Carambola 2 + +- Aerohive + + - HiveAP 121 + +- Allnet + + - ALL0315 + +- Buffalo + + - WZR-HP-G300NH2 + - WZR-HP-G450H + +- GL.iNet + + - 6408A v1 + +- NETGEAR + + - WNDR4300 + - WNDRMAC + - WNDRMAC v2 + +- TP-Link + + - WR2543 + +- Ubiquiti + + - Rocket + +- WD + + - MyNet N600 + - MyNet N750 + +- ZyXEL + + - NB6616 + - NB6716 + +Features +-------- + +WireGuard +~~~~~~~~~ + +Gluon got WireGuard support. This allows offloading **encrypted** +connections into kernel space, increasing performance by forwarding +packets without the need for context switches between user and kernel +space. + +In order to reuse existing (already verified) fastd-keypairs for +WireGuard, a key derivation procedure is `currently being +developed `__. This +should ease migration from fastd to WireGuard in case whitelisting VPN +keys is desired. + +fastd L2TP +~~~~~~~~~~ + +fastd can now act as a connection broker for unencrypted L2TP-based +tunneling within Gluons mesh-vpn framework. This new ``null@l2tp`` +connection method allows for increased performance within existing +fastd setups. + +In addition to a sufficiently +:ref:`configured fastd-based VPN server`, +this requires further modifications to a sites :ref:`VPN fastd methods`. + +Major changes +------------- + +OpenWrt +~~~~~~~ + +This release is based on the newest OpenWrt 22.03 release branch. +It ships with Linux kernel 5.10 as well as wireless-backports 5.15. + + +Network changes (DSA / Upgrade-Behavior) +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +The ``ramips-mt7621`` and ``lantiq-xrx200`` targets now use the upstream DSA +subsystem instead of OpenWrt swconfig for managing ethernet switches. + +Gluon detects the existing user-intent and automatically applies it over +to DSA syntax. See the section about network reconfiguration for more +details. + +System reconfiguration +~~~~~~~~~~~~~~~~~~~~~~ + +The network and system-LED configurations are now re-generated after +each update / invocation of ``gluon-reconfigure``. + +The user-intent is preserved within Gluon’s implemented functionality +(Wired-Mesh / Client access / WAN). + +As an additional feature, Gluon now supports assigning roles to +interfaces. This behavior is explained +:ref:`here`. + +Site changes +------------ + +VPN provider MTU +~~~~~~~~~~~~~~~~ + +To account for multiple VPN methods available for a site, the MTU used +for the VPN tunnel connection is now moved to the specific VPN provider +configuration. For fastd this means that ``mesh_vpn.mtu`` needs to be +moved to ``mesh_vpn.fastd.mtu``. (`#2352 `__) + +Preconfigured Interfaces Roles +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +Instead of ``mesh_on_wan`` and ``mesh_on_lan`` there is now an +``interfaces`` block to configure the default behavior of network +interfaces. Details can be found in the +:ref:`documentation`. + +Minor changes +------------- + +- The ``brcm2708-bcm2708`` ``brcm2708-bcm2709`` ``brcm2708-bcm2710`` + targets were renamed to ``bcm27xx-bcm2708`` ``bcm27xx-bcm2709`` and + ``bcm27xx-bcm2710`` +- The GL.iNet GL-AR750S was moved to the ``ath79-nand`` subtarget +- Gluon now ships the ath10k-ct firmware derivation for + QCA9886 / QCA9888 / QCA9896 / QCA9898 / QCA9984 / + QCA9994 / IPQ4018 / IPQ4028 / IPQ4019 / IPQ4029 + radios (`#2541 `__) +- WolfSSL instead of OpenSSL is now used when built with WPA3 support +- The option to configure the wireless-channel independent from the + site-selected channel was moved from + ``gluon-core.wireless.preserve_channels`` to + ``gluon.wireless.preserve_channels`` +- ``gluon-info`` is a new command that provides information about the + current node +- ``GLUON_DEPRECATED`` is now set to 0 by default +- To reboot a running gluon-node into setup-mode, Gluon now offers the + ``gluon-enter-setup-mode`` command +- Devices without WLAN do not show the private-wifi configuration + anymore +- The Autoupdater now uses the site default branch in case it is + configured to use a non-existent / invalid branch + +Known issues +------------ + +* A workaround for Android devices not waking up to their MLD subscriptions was removed, + potentially breaking IPv6 connectivity for these devices after extended sleep periods + +* Upgrading EdgeRouter-X from versions before v2020.1.x may lead to a soft-bricked state due to bad blocks on the NAND flash which the NAND driver before this release does not handle well. + (`#1937 `_) + +* The integration of the BATMAN_V routing algorithm is incomplete. + + - Mesh neighbors don't appear on the status page. (`#1726 `_) + Many tools have the BATMAN_IV metric hardcoded, these need to be updated to account for the new throughput + metric. + - Throughput values are not correctly acquired for different interface types. + (`#1728 `_) + This affects virtual interface types like bridges and VXLAN. + +* Default TX power on many Ubiquiti devices is too high, correct offsets are unknown + (`#94 `_) + + Reducing the TX power in the Advanced Settings is recommended. + +* In configurations without VXLAN, the MAC address of the WAN interface is modified even when Mesh-on-WAN is disabled + (`#496 `_) + + This may lead to issues in environments where a fixed MAC address is expected (like VMware when promiscuous mode is disallowed). From 701a22bbf6d167add95c0bfeedb5fd90f0016431 Mon Sep 17 00:00:00 2001 From: David Bauer Date: Mon, 5 Sep 2022 17:22:04 +0200 Subject: [PATCH 4/4] docs, README: Gluon v2022.1 Signed-off-by: David Bauer --- README.md | 2 +- docs/conf.py | 2 +- docs/site-example/site.conf | 2 +- docs/user/getting_started.rst | 4 ++-- 4 files changed, 5 insertions(+), 5 deletions(-) diff --git a/README.md b/README.md index 17bdb2772b..d52b6b9afb 100644 --- a/README.md +++ b/README.md @@ -30,7 +30,7 @@ the future development of Gluon. Please refrain from using the `master` branch for anything else but development purposes! Use the most recent release instead. You can list all releases by running `git tag` -and switch to one by running `git checkout v2021.1.2 && make update`. +and switch to one by running `git checkout v2022.1 && make update`. If you're using the autoupdater, do not autoupdate nodes with anything but releases. If you upgrade using random master commits the nodes *might break* eventually. diff --git a/docs/conf.py b/docs/conf.py index 549781f5b3..b8b402d57c 100644 --- a/docs/conf.py +++ b/docs/conf.py @@ -24,7 +24,7 @@ author = 'Project Gluon' # The short X.Y version -version = '2021.1' +version = '2022.1' # The full version, including alpha/beta/rc tags release = version diff --git a/docs/site-example/site.conf b/docs/site-example/site.conf index 538a8c3e97..a122a65307 100644 --- a/docs/site-example/site.conf +++ b/docs/site-example/site.conf @@ -1,4 +1,4 @@ --- This is an example site configuration for Gluon v2021.1 +-- This is an example site configuration for Gluon v2022.1 -- -- Take a look at the documentation located at -- https://gluon.readthedocs.io/ for details. diff --git a/docs/user/getting_started.rst b/docs/user/getting_started.rst index 57ffe83bf7..f2bbdd3dec 100644 --- a/docs/user/getting_started.rst +++ b/docs/user/getting_started.rst @@ -8,7 +8,7 @@ Gluon's releases are managed using `Git tags`_. If you are just getting started with Gluon we recommend to use the latest stable release of Gluon. Take a look at the `list of gluon releases`_ and notice the latest release, -e.g. *v2021.1*. Always get Gluon using git and don't try to download it +e.g. *v2022.1*. Always get Gluon using git and don't try to download it as a Zip archive as the archive will be missing version information. Please keep in mind that there is no "default Gluon" build; a site configuration @@ -50,7 +50,7 @@ Building the images ------------------- To build Gluon, first check out the repository. Replace *RELEASE* with the -version you'd like to checkout, e.g. *v2021.1*. +version you'd like to checkout, e.g. *v2022.1*. ::