n2n 3.0 (October 2021)
During the last year, long discussed ideas turned into implemented functionalities – adding remarkably to n2n's rich feature set and each of them worthy of note. The level achieved made us think it justified even a major release. Welcome, n2n 3.0!
Starting from this stable platform, future versions of n2n's 3.x series will further promote its versatility while keeping up compatibility. To achieve this, development will mainly focus on areas outside the underlying core hole-punching protocol and will include but probably not be limited to connection handling, management capabilities, build system tuning as well as internal code structure.
For now, we would like to encourage you to have a look at the freshly released 3.0 yourself.
The following changelog intends to cause happy and eager anticipation.
Enjoy!
New Features
- Federated supernodes to allow multiple supernodes for load balancing and fail-over (doc/Federation.md)
- Automatic IP address assignment allows edges to draw IP addresses from the supernode (just skip -a)
- Allowed community names can be restricted by regular expressions (community.list file)
- Network filter for rules (-R) allowing and denying specific traffic to tunnel
- Experimental TCP support (-S2) lets edges connect to the supernodes via TCP in case firewalls block UDP (not available on Windows yet)
- All four supported ciphers offer integrated versions rendering OpenSSL dependency non-mandatory (optionally still available)
- MAC and IP address spoofing prevention
- Network interface metric can be set by command-line option -x (Windows only)
- Re-enabled local peer detection by multicast on Windows
- Edge identifier (-I) helps to identify edges more easily in management port output
- Optionally bind edge to one local IP address only (extension to -p)
- A preferred local socket can be advertised to other edges for better local peer-to-peer connections (-e)
- Optional edge user and password authentication (-J, -P, doc/Authentication.md)
- Optional json format at management port allows for machine-driven handling such as .html page generation (scripts/n2n-httpd) or script-based evaluation (scripts/n2n-ctl)
- Completely overhauled build system including GitHub's action runners performing code syntax and formal checks, creating and running test builds, providing binairies and packages as artifacts and running verification tests
Improvements
- Increased edges' resilience to temporary supernode failure
- Fixed a compression-related memory leak
- Ciphers partly come with platform-specific hardware acceleration
- Added a test framework (tools/test-*.c and tests/)
- Clean-up management port output
- Polished benchmark tool output
- Spun-off the name resolution into a separate thread avoiding lags
- Added support for additional environment variables (N2N_COMMUNITY, N2N_PASSWORD, and N2N_FEDERATION)
- Implemented new reload_communities command to make supernode hot-reload the -c provided community.list file, issued through management port
- Reactivated send out of gratuitous ARP packet on establishing connection
- Enhanced documentation (doc/ folder) including the man pages and command-line help text (-h and more detailed --help)
- Self-monitoring time stamp accuracy for use on systems with less accurate clocks
- Fixed man pages' and config files' paths
- Code clean-up