ยซ Changelog History


Nebula v1.3.0 Release Notes

Release Date: 2020-09-22 // over 3 years ago

  • โž• Added

    You can emit statistics about non-message packets by setting the option
    stats.message_metrics. You can similarly emit detailed statistics about
    ๐Ÿ‘€ lighthouse packets by setting the option stats.lighthouse_metrics. See
    the example config for more details. (#230)

    ๐Ÿ‘ We now support freebsd/amd64. This is experimental, please give us feedback.
    (#103)

    ๐Ÿš€ We now release a binary for linux/mips-softfloat which has also been
    ๐Ÿ‘ stripped to reduce filesize and hopefully have a better chance on running on
    small mips devices. (#231)

    You can set tun.disabled to true to run a standalone lighthouse without a
    tun device (and thus, without root). (#269)

    ๐Ÿšš You can set logging.disable_timestamp to remove timestamps from log lines,
    ๐ŸŒฒ which is useful when output is redirected to a logging system that already
    โž• adds timestamps. (#288)

    ๐Ÿ”„ Changed

    Handshakes should now trigger faster, as we try to be proactive with sending
    them instead of waiting for the next timer tick in most cases. (#246, #265)

    Previously, we would drop the conntrack table whenever firewall rules were
    ๐Ÿ”„ changed during a SIGHUP. Now, we will maintain the table and just validate
    that an entry still matches with the new rule set. (#233)

    ๐Ÿ”Š Debug logs for firewall drops now include the reason. (#220, #239)

    ๐Ÿ”Š Logs for handshakes now include the fingerprint of the remote host. (#262)

    Config item pki.blacklist is now pki.blocklist. (#272)

    ๐Ÿ‘ Better support for older Linux kernels. We now only set SO_REUSEPORT if
    0๏ธโƒฃ tun.routines is greater than 1 (default is 1). We also only use the
    0๏ธโƒฃ recvmmsg syscall if listen.batch is greater than 1 (default is 64).
    (#275)

    It is possible to run Nebula as a library inside of another process now.
    Note that this is still experimental and the internal APIs around this might
    ๐Ÿš€ change in minor version releases. (#279)

    ๐Ÿ—„ Deprecated

    • ๐Ÿ—„ pki.blacklist is deprecated in favor of pki.blocklist with the same
      ๐Ÿš€ functionality. Existing configs will continue to load for this release to
      ๐Ÿ‘ allow for migrations. (#272)

    ๐Ÿ›  Fixed

    advmss is now set correctly for each route table entry when tun.routes
    ๐Ÿ”ง is configured to have some routes with higher MTU. (#245)

    Packets that arrive on the tun device with an unroutable destination IP are
    now dropped correctly, instead of wasting time making queries to the
    lighthouses for IP 0.0.0.0 (#267)