Posts for: #network

MediaTek Launches Filogic 860 & Filogic 360 WiFi 7 Chipsets for Mainstream BE7200 Routers and Clients

MediaTek has introduced two new WiFi 7 chipsets, the Filogic 860 and Filogic 360, targeting mainstream routers and client devices. The Filogic 860 features a tri-core Arm Cortex-A73 SoC designed for up to BE7200 routers and gateways, while the Filogic 360 is a WiFi 7 and Bluetooth 5.4 chip designed for smartphones, PCs, laptops, set-top boxes, and OTT streaming boxes, offering up to 2.9 Gbps bandwidth.

The Filogic 860 and Filogic 360 chipsets provide more cost-effective alternatives to the previously introduced Filogic 880 SoC for up to BE36000 routers and Filogic 380 clients chip, which can achieve up to 6.5 Gbps PHY data rate.

MediaTek Filogic 860 Specifications:

  • CPU – 3x Arm Cortex-A73 cores clocked at up to 1.8 GHz
  • Network Processing Unit (NPU) – Hardware QoS acceleration and Tunneling Offload Engine for VLAN / PPTP / L2TP / GRE
  • Networking Crypto engine (EIP-197) – For IPv4 NATP / IPv6 / DS-Lite / 6RD acceleration
  • Memory I/F – DDR3, DDR4
  • Storage I/F – SPI-NOR, SPI-NAND, eMMC, SD
  • Networking
    • Wi-Fi 7 (802.11a/b/g/n/ac/ax/be)
      • Up to 7.2 Gbps (BE7200) PHY performance
      • Tri-band support – 2.4GHz, 5GHz, 6GHz
      • Key Features – BW40 (2.4Ghz), BW160 (5/6GHz), 4096-QAM, MLO, MRU, and AFC
      • Antenna – 4×4 (2.4GHz) + 5×5 (5/6GHz); Filogic Xtra range to boost receiving distance using an extra antenna
    • Ethernet
      • 1x 10GbE (USXGMII)
      • 1x 2.5GbE PHY
      • 4x 1GbE interfaces
  • USB – 2x USB 3.2 up to 5 Gbps each
  • PCIe – PCIe 3.0 up to 10 Gbps
  • Other I/Os – UART, SPI, PWM, GPIO and OTP

The Filogic 860 is expected to be used in WiFi 7 enterprise access points, service provider Ethernet gateways, mesh nodes, retail routers, and IoT router applications. Although software support details are not provided, MediaTek is likely to offer support for Linux-based distributions such as OpenWrt and/or Debian.

MediaTek Filogic 360 Specifications:

  • Wi-Fi
    • Wi-Fi 7 (802.11a/b/g/n/ac/ax/be)
    • Tri-band – 2.4GHz, 5GHz, 6GHz
    • Antenna – 2×2 triple-band
    • Max Throughput – Up to 2.9Gbps
    • Wi-Fi 7 Features – Up to 160MHz BW, 4096-QAM, Hybrid MLO (eMLSR), MRU
  • Bluetooth Dual 5.4, LE Audio
  • MediaTek Bluetooth and Wi-Fi coexistence technology
  • Single chip with RF, Baseband, MAC, iFEM
  • Host interface – PCI Express 2.1 or USB 3.0

The MediaTek Filogic 860 and Filogic 360 WiFi 7 chipsets are currently available for sampling to customers, with mass production scheduled for mid-2024. Therefore, routers, gateways, and client devices utilizing these new chips are expected to hit the market in the second half of 2024. More information can be found on the respective product pages and in the press release.

Source: CNX Software – Embedded Systems News.

Netmaker Releases Version v0.21.2 of WireGuard Mesh VPN

Netmaker, a tool that creates networks using WireGuard, has released version v0.21.2. This tool automates the creation of fast, secure, and distributed virtual networks. Netmaker leverages Kernel WireGuard, which provides maximum speed, performance, and security for the virtual networks it creates.

The latest release, v0.21.2, brings several improvements and fixes to Netmaker. Some of the new features include auto relay via enrollment key and improvements in local routing.

In terms of fixes, the release addresses an inconsistency in DNS entries for networks, ensures validation of unique network CIDR, fixes caching discrepancies in extclient, resolves issues with deleted node peer updates when disconnected from the network, and adds a force deletion option for daemon nodes stuck in the removing state.

However, there are a few known issues with this release. The Windows installer does not install WireGuard, and the netclient-gui may continuously display an error dialog if the Netmaker server is offline. Additionally, there are IPv6 address and route issues on Mac, and the network tab in netclient-gui may appear blank after disconnecting.

Overall, Netmaker’s latest release offers improved functionality and fixes for a smoother experience in creating virtual networks with WireGuard.

Netgate Launches Latest pfSense CE Software Version 2.7.1

Netgate, the provider of pfSense Community Edition (CE) software, has announced the release of version 2.7.1. pfSense CE is an open-source project that has been supported by Netgate since 2008. The source code for the project is available on GitHub under the Apache 2.0 open-source license. pfSense CE can be used on common hardware to build routers and more.

One major change in this release is the upgrade of OpenSSL to version 3.0.12. This upgrade was necessary as OpenSSL 1.1.1 has reached its End of Life and will no longer receive security patches. With the upgrade to OpenSSL 3.0.12, older and weaker encryption and hash algorithms have been removed, and security certificates based on these algorithms have been deprecated. It is highly recommended to review the release notes and Netgate’s blog post on this topic before performing the upgrade.

Another notable feature in version 2.7.1 is the addition of Kea DHCP as an opt-in feature. While basic functionality is present, it is not yet feature-complete. Switching to the Kea DHCP server can be done through the web interface by navigating to System > Advanced and changing the server backend radio button in the DHCP Options section to “Kea DHCP”. It is important to note that switching to Kea DHCP may result in ignored hostnames for devices on the network that were assigned using static leases or rely on dynamic lease registration in DNS.

This release also includes improved support for SCTP (Stream Control Transmission Protocol) in PF for firewall rules, NAT, and logging. Rules can now act on SCTP packets by port number, whereas previously it was only possible to filter on source or destination address. Additionally, the IPv6 Router Advertisement configuration has been relocated to Services > Router Advertisement as part of the ongoing integration of the Kea DHCP server.

Other changes in version 2.7.1 include the upgrade of PHP to version 8.2.11 and the base operating system to a more recent point of FreeBSD 14-CURRENT. The release also addresses various bugs and issues.

Source: pfSense.

Netgate Launches pfSense CE Software Version 2.7.1 Release Candidate

Netgate has announced the Release Candidate (RC) of pfSense CE software version 2.7.1. This open-source project, supported by Netgate since 2008, is a widely-used firewall and routing platform. The RC release is an opportunity for users to try out the new version and provide feedback.

The major changes and features in pfSense CE software version 2.7.1 include:

  1. Upgraded OpenSSL to version 3.0.12: This upgrade was necessary as OpenSSL 1.1.1 has reached its End of Life and will no longer receive security patches. The upgrade removes older and weaker encryption and hash algorithms, improving security.

  2. Kea DHCP added as an opt-in feature: The Kea DHCP server is now available as an optional feature. While it is not feature complete in this version, users can switch to Kea DHCP by navigating to the System > Advanced menu and changing the DHCP Options to “Kea DHCP”. However, switching to Kea DHCP may result in the ignoring of assigned hostnames and dynamic lease registration in DNS.

  3. Improved support for SCTP: Support for SCTP in firewall rules, NAT, and logging has been enhanced. Users can now filter SCTP packets by port number, in addition to source and destination address.

  4. IPv6 Router Configuration moved: The IPv6 Router Advertisement configuration has been relocated to Services > Router Advertisement as part of the integration with the Kea DHCP server.

Other changes in this release include upgrading PHP to version 8.2.11, upgrading the base operating system to a more recent point of FreeBSD 14-CURRENT, and addressing various bugs and issues.

Testing of the RC software release is crucial to ensure its reliability and robustness for all users. Netgate encourages users to download and test the release candidate, and provide feedback on any issues they encounter.

To install the upgrade, users can follow the detailed Upgrade Guide available in the pfSense documentation. It is recommended to back up the pfSense CE configuration prior to the upgrade. The upgrade can be performed through the web interface by navigating to System > Update and setting the Branch to “Next Stable Version (2.7.1-RC)”.

Netmaker Releases Version v0.21.1 of WireGuard Mesh VPN

Netmaker has released its latest version, v0.21.1, of their WireGuard mesh VPN. Netmaker is a platform that automates the creation of fast, secure, and distributed virtual networks.

With Netmaker, users can easily create virtual networks between data centers, clouds, and edge devices without the need for manual configuration. This automation saves time and effort for users, allowing them to focus on other important tasks.

One of the key features of Netmaker is its integration with Kernel WireGuard, which provides maximum speed, performance, and security. This ensures that the virtual networks created with Netmaker are not only efficient but also highly secure.

Netmaker is designed to scale from small businesses to enterprise-level organizations. This means that whether you are a small startup or a large corporation, Netmaker can meet your networking needs.

One of the standout features of Netmaker is its ability to be highly customized. Users can configure Netmaker with WireGuard for various use cases, such as peer-to-peer connections, site-to-site connections, Kubernetes deployments, and more. This flexibility allows users to tailor Netmaker to their specific requirements.

The latest version, v0.21.1, brings several new features and fixes to the Netmaker platform:

What’s New in v0.21.1:

  • Remote access client session management: Users now have more control over managing remote access client sessions. Refer to the users section in the documentation for more details.
  • Generic DNS entries: It is now possible to create generic DNS entries, providing more flexibility in configuring DNS settings.
  • Upgrade client version: Users can now easily upgrade the client version to match the server version directly from the user interface.
  • Moved PersistentKeepAlive setting: The PersistentKeepAlive setting has been moved from the node level to the host level, simplifying network configuration.

What’s Fixed in v0.21.1:

  • Extclients DNS properly set: The issue of Extclients DNS not being properly set from the ingress DNS value provided has been resolved.
  • Role update of OAuth user allowed: Users can now update the role of an OAuth user without any issues.
  • Zombie node issue fixed: The issue of zombie nodes has been fixed, ensuring a smoother user experience.

Despite the improvements in v0.21.1, there are still a few known issues that users should be aware of:

  • Windows installer does not install WireGuard: Users running the Windows installer may encounter an issue where WireGuard is not installed automatically. This can be resolved by manually installing WireGuard.
  • netclient-gui error dialog: If the Netmaker server is offline, the netclient-gui application will continuously display an error dialog. This is a known issue that will be addressed in future releases.
  • Mac IPv6 addresses/route issues: Mac users may experience issues with IPv6 addresses and routes. This is a known issue that is currently being investigated.
  • Docker client re-join issue: Users may encounter difficulties when trying to re-join a network using the Docker client after complete deletion. This issue is currently being addressed.
  • netclient-gui network tab blank: After disconnecting from a network, the network tab in the netclient-gui application may appear blank. This is a known issue that will be fixed in future updates.

Despite these known issues, Netmaker’s latest release, v0.21.1, brings several new features and fixes that further enhance its capabilities as a WireGuard mesh VPN solution. With its automation, scalability, and customization options, Netmaker continues to be a valuable tool for those interested in servers, Linux, DevOps, and home labs.

OpenWrt 23.05 Release: Enhanced Security, Rust Integration and Broad Device Support

OpenWrt 23.05, the open-source Linux operating system for routers and resource-constrained headless embedded systems, has just been released with significant updates and improvements. This release comes with over 4300 commits since the previous release of OpenWrt 22.03, which was launched a little over a year ago.

One of the notable features of OpenWrt 23.05 is its expanded device support. It now supports over 1790 devices, which is an increase of about 200 devices compared to the previous release. Some of the new targets include the Qualcomm IPQ807x target for WiFi 6 SoCs, the Mediatek Filogic 830 and 630 subtarget for WiFi 6/6e chips, and the HiFive Unleashed and Unmatched targets for RISC-V development boards.

In terms of security, OpenWrt 23.05 has switched from using wolfSSL to MbedTLS as the default. This change was made because MbedTLS has a smaller footprint and offers a more stable ABI and LTS releases. However, it’s worth noting that MbedTLS lacks support for TLS 1.3. Therefore, users who require TLS 1.3 can still switch to using wolfSSL.

Another significant addition in this release is support for packages written with the Rust programming language. Some examples of these packages include bottom, maturin, aardvark-dns, and ripgrep. This expansion of supported programming languages provides developers with more flexibility and options when creating applications for OpenWrt.

OpenWrt 23.05 also brings updates to its core components. It now utilizes Linux 5.15 as the foundation for all targets, as well as updated versions of busybox, musl libc, glibc, gcc, and inutils. Additionally, the networking components have seen upgrades, including the use of the hostapd master snapshot from September 2023, dnsmasq 2.89, dropbear 2022.82, and cfg80211/mac80211 from kernel 6.1.24.

For users looking to upgrade from OpenWrt 22.03, the migration from swconfig to DSA configuration that was introduced in the previous releases is no longer an issue. Most people should be able to upgrade smoothly using the sysupgrade utility, which will preserve the configuration. However, it is still recommended to back up the configuration before proceeding with the upgrade.

OpenWrt 23.05 is now available for download, and users can find binary images for their specific targets on the OpenWrt website.

Source: CNX Software – Embedded Systems News.