Releases: yggdrasil-network/yggdrasil-go
Releases · yggdrasil-network/yggdrasil-go
Version 0.5.0
NOTE: If you are using the Debian package and upgrading an existing installation, you may need to update your AdminListen
line in your configuration file to unix:///var/run/yggdrasil/yggdrasil.sock
or delete the AdminListen
line altogether.
Added
- Authenticated peering handshake with optional password, i.e.
- For listeners:
tls://[::]:12345?password=123456abcdef
- For peers:
tls://a.b.c.d:12345?password=123456abcdef
- For multicast interfaces with the new
Password
option in eachMulticastInterfaces
section - Maximum password length is 64 characters
- For listeners:
- QUIC support for peerings, by using the new
quic://
scheme inListen
andPeers
- This has not been extensively tested and may perform worse than TCP or TLS peers
- The private key can now be stored in PEM format separately to the main configuration file with the new
PrivateKeyPath
configuration file option- Use the
-exportkey
flag to export the key to a file from an existing config
- Use the
Changed
- New routing scheme, which is backwards incompatible with previous versions of Yggdrasil
- The wire protocol version number, exchanged as part of the peer setup handshake, has been increased to 0.5
- Nodes running this new version will not be able to peer with earlier versions of Yggdrasil
- A DHT is no longer used to map public keys and routes through treespace
- Bloom filters are used to track on-tree links and nodes reachable via that link
- Nodes now gossip separate per-link information which is tracked in CRDT structures, forcing local consistency and preventing unnecessary flapping when a route to the root node has changed or is broken
- Greedy routing is once again used instead of source routing
- Per-link keepalives have been replaced with periodic acknowledgements, reducing idle bandwidth
- The link handshake and multicast beacon formats have been revised for better future extensibility
- The link code has been refactored for more robust tracking of peering states
- As a result, the admin socket is now able to report information about configured peerings that are down
- Reconnect intervals are now tracked separately for each configured peer with exponential backoffs
Removed
- Yggdrasil will no longer request BBR congestion control for TCP and TLS peerings on Linux
Version 0.5.0 RC3
Fixed
- Restored
removePeer
admin socket endpoint - Fixed the
RetryPeersNow
API call for mobile
Version 0.5.0 RC2
Fixed
- A bug which could result in high CPU usage after a network interface change has been fixed
- TLS listeners no longer require a TLS client certificate, as it is not necessary
- A panic in the mobile wrapper has been fixed when getting peers JSON
Version 0.5.0 RC1
Added
- Authenticated peering handshake with optional password, i.e.
- For listeners:
tls://[::]:12345?password=123456abcdef
- For peers:
tls://a.b.c.d:12345?password=123456abcdef
- For multicast interfaces with the new
Password
option in eachMulticastInterfaces
section - Maximum password length is 64 characters
- For listeners:
- QUIC support for peerings, by using the new
quic://
scheme inListen
andPeers
- This has not been extensively tested and may perform worse than TCP or TLS peers
- The private key can now be stored in PEM format separately to the main configuration file with the new
PrivateKeyPath
configuration file option- Use the
-exportkey
flag to export the key to a file from an existing config
- Use the
Changed
- New routing scheme, which is backwards incompatible with previous versions of Yggdrasil
- The wire protocol version number, exchanged as part of the peer setup handshake, has been increased to 0.5
- Nodes running this new version will not be able to peer with earlier versions of Yggdrasil
- A DHT is no longer used to map public keys and routes through treespace
- Bloom filters are used to track on-tree links and nodes reachable via that link
- Nodes now gossip separate per-link information which is tracked in CRDT structures, forcing local consistency and preventing unnecessary flapping when a route to the root node has changed or is broken
- Greedy routing is once again used instead of source routing
- Per-link keepalives have been replaced with periodic acknowledgements, reducing idle bandwidth
- The link handshake and multicast beacon formats have been revised for better future extensibility
- The link code has been refactored for more robust tracking of peering states
- As a result, the admin socket is now able to report information about configured peerings that are down
- Reconnect intervals are now tracked separately for each configured peer with exponential backoffs
Removed
- Yggdrasil will no longer request BBR congestion control for TCP and TLS peerings on Linux
Version 0.4.7
Added
- Dropped outbound peerings will now try to reconnect after a single second, rather than waiting up to 60 seconds for the normal peer timer
Changed
- Session encryption keys are now rotated at most once per minute, which reduces CPU usage and improves throughput on fast low latency links
- Buffers are now reused in the session encryption handler, which improves session throughput and reduces memory allocations
- Buffers are now reused in the router for DHT and path traffic, which improves overall routing throughput and reduces memory allocations
Fixed
- A bug in the admin socket where requests fail unless
arguments
is specified has been fixed - Certificates on TLS listeners will no longer expire after a year
- The
-address
and-subnet
command line options now return a useful warning when no configuration is specified
Version 0.4.6
Added
- Support for prioritising multiple peerings to the same node has been added, useful for nodes with multiple network interfaces
- The priority can be configured by specifying
?priority=X
in aPeers
orListen
URI, or by specifyingPriority
within aMulticastInterfaces
configuration entry - Priorities are values between 0 and 254 (default is 0), lower numbers are prioritised and nodes will automatically negotiate the higher of the two values
- The priority can be configured by specifying
Changed
- On Linux,
SO_REUSEADDR
is now used on the multicast port instead ofSO_REUSEPORT
, which should allow processes running under different users to run simultaneously
Fixed
- Adding peers using the
InterfacePeers
configuration option should now work correctly again - Multiple connections from the same remote IP address will no longer be incorrectly dropped
- The admin socket will no longer incorrectly claim TCP connections as TLS
- A panic that could occur when calling
GetPeers
while a peering link is being set up has been fixed
Version 0.4.5
Added
- Support for peering over UNIX sockets is now available, by configuring
Listen
and peering URIs in theunix:///path/to/socket.sock
format
Changed
yggdrasilctl
has been refactored and now has cleaner output- It is now possible to
addPeer
andremovePeer
using the admin socket again - The
getSessions
admin socket call reports number of bytes received and transmitted again - The link setup code has been refactored, making it easier to support new peering types in the future
- Yggdrasil now maintains configuration internally, rather than relying on a shared and potentially mutable structure
Fixed
- Tracking information about expired root nodes has been fixed, which should hopefully resolve issues with reparenting and connection failures when the root node disappears
- A bug in the mobile framework code which caused a crash on Android when multicast failed to set up has been fixed
- Yggdrasil should now shut down gracefully and clean up correctly when running as a Windows service
Version 0.4.4
Fixed
- ICMPv6 "Packet Too Big" payload size has been increased, which should fix Path MTU Discovery (PMTUD) when two nodes have different
IfMTU
values configured - A crash has been fixed when handling debug packet responses
yggdrasilctl getSelf
should now report coordinates correctly again
Changed
- Go 1.17 is now required to build Yggdrasil
Version 0.4.3
Added
bytes_sent
,bytes_recvd
anduptime
have been added togetPeers
- Clearer logging when connections are rejected due to incompatible peer versions
Fixed
- Latency-based parent selection tiebreak is now reliable on platforms even with low timer resolution
- Tree distance calculation offsets have been corrected
Version 0.4.2
This is an emergency release to correct build issues introduced in v0.4.1 and includes no other changes. Please see the Version 0.4.1 release notes for more information about the contents of this release.
Fixed
- Reverted a dependency update which resulted in problems building with Go 1.16 and running on Windows