Nebula v1.3.0 Release Notes
Release Date: 2020-09-22 // over 3 years ago-
โ Added
You can emit statistics about non-message packets by setting the option
stats.message_metrics
. You can similarly emit detailed statistics about
๐ lighthouse packets by setting the optionstats.lighthouse_metrics
. See
the example config for more details. (#230)๐ We now support freebsd/amd64. This is experimental, please give us feedback.
(#103)๐ We now release a binary for
linux/mips-softfloat
which has also been
๐ stripped to reduce filesize and hopefully have a better chance on running on
small mips devices. (#231)You can set
tun.disabled
to true to run a standalone lighthouse without a
tun device (and thus, without root). (#269)๐ You can set
logging.disable_timestamp
to remove timestamps from log lines,
๐ฒ which is useful when output is redirected to a logging system that already
โ adds timestamps. (#288)๐ Changed
Handshakes should now trigger faster, as we try to be proactive with sending
them instead of waiting for the next timer tick in most cases. (#246, #265)Previously, we would drop the conntrack table whenever firewall rules were
๐ changed during a SIGHUP. Now, we will maintain the table and just validate
that an entry still matches with the new rule set. (#233)๐ Debug logs for firewall drops now include the reason. (#220, #239)
๐ Logs for handshakes now include the fingerprint of the remote host. (#262)
Config item
pki.blacklist
is nowpki.blocklist
. (#272)๐ Better support for older Linux kernels. We now only set
SO_REUSEPORT
if
0๏ธโฃtun.routines
is greater than 1 (default is 1). We also only use the
0๏ธโฃrecvmmsg
syscall iflisten.batch
is greater than 1 (default is 64).
(#275)It is possible to run Nebula as a library inside of another process now.
Note that this is still experimental and the internal APIs around this might
๐ change in minor version releases. (#279)๐ Deprecated
- ๐
pki.blacklist
is deprecated in favor ofpki.blocklist
with the same
๐ functionality. Existing configs will continue to load for this release to
๐ allow for migrations. (#272)
๐ Fixed
advmss
is now set correctly for each route table entry whentun.routes
๐ง is configured to have some routes with higher MTU. (#245)Packets that arrive on the tun device with an unroutable destination IP are
now dropped correctly, instead of wasting time making queries to the
lighthouses for IP0.0.0.0
(#267) - ๐