diff options
Diffstat (limited to 'NEWS')
-rw-r--r-- | NEWS | 271 |
1 files changed, 271 insertions, 0 deletions
@@ -1,3 +1,274 @@ +============================================ +NetworkManager-1.2 +Overview of changes since NetworkManager-1.0 +============================================ + +This is a new stable release of NetworkManager. Notable changes include: + +* Added an option to enable use of random MAC addresses for Wi-Fi access + point scanning (defaults to disabled). Controlled with + 'wifi.mac-address-randomization' property (MAC_ADDRESS_RANDOMIZATION key in + ifcfg files). + +* Wi-Fi scanning now utilizes wpa_supplicant's AP list. + +* Added support for Wi-Fi powersave, configured with POWERSAVE key in ifcfg + files. + +* Added support for creation of more types of software devices: tun & tap, + maxvlan, vxlan and ip tunnels (ipip, gre, sit, isatap, vti, ip6ip6, ipip6, + ip6gre and vti6). + +* The software devices (bond, bridge, vlan, team, ...) can now be stacked + arbitrarily. The nmcli interface for creating master-slave relationships + has been significantly improved by the use of 'master' argument to + all link types. + +* RFC7217 stable privacy addressing is now used by default to protect from + address-based host tracking. The IPv6 addressing mode is configured with + IPV6_ADDR_GEN_MODE key in ifcfg files. + +* Improved route management code to avoid clases between conflicting + routes in multiple connections. + +* Refactored platform code resulting in more robust interface to platform, + less overhead and reduced memory footprint. + +* Improved interoperability with other network management tools. The + externally created software devices are not managed until they're + activated. + +* The Device instances now exist for all software connections and the platform + devices are now only created when the device is activated. This makes it + possible for connections with device of same name not to clash unless + they're activated concurrently. The links are now not unnecessarily present + unless the connection is active, avoiding pollution of the link name space. + +* NetworkManager now correctly manages connectivity in namespace-based + containers such as LXC and Docker. + +* Support for configuring ethernet Wake-On-Lan has been added. + +* Added LLDP listener functionality and related CLI client commands. Enabled via + LLDP option in ifcfg files. + +* CLI secret agent has been extended with support for VPN secrets. + +* The command line client now utilizes colors for its output. + +* The command line client now sorts the devices and properties for better + clarity. + +* Numerous impovement to Bash command completion for nmcli. + +* NetworkManager relies on less external libraries. The use of dbus-glib + has been replaced with gio's native D-Bus support and libnl-route is no + longer used. + +* Dependency on avahi-autoipd has been dropped. Native IPv4 link-local + addressing configuration based on systemd network library is now used + instead. + +* Hostname is now managed via systemd-hostnamed on systemd-based systems. + +* Management of resolv.conf management can be changed at runtime, private + resolv.conf is always written in /run. + +* DNS options in resolv.conf are now honored. + +* Updated version of systemd network library used for internal DHCP and + IPv4 link-local support. + +* Support for event logging via audit subsystem has been added. + +* Support for native logging via systemd-journald has been added taking + advantage of its structured logging. + +* Live reconfiguration in IP configuration after changing the settings without + reactivation of the device with "nmcli device reapply" command and via + D-Bus API. + +* The API for VPN plugins now supports multiple simultaneous connections. + Most popular VPN plugins have been updated to support this functionality. + +* The libnm library now provides API to access VPN service definitions. + +* Fair amount of bugs was fixed and robustness was generally improved. + +* New DHCP_FQDN key in ifcfg files to configure the full FQDN to be sent to + the DHCP servers. + +* Added multicast_snooping option to BRIDGING_OPTS ifcfg key. + +The following features were backported to 1.0.x releases from 1.0.0 to 1.0.8 +are also present in NetworkManager-1.2: + + +* Added support for handling VPN secrets to nmtui and nmcli agent. + +* The team devices can now properly be enslaved to bridges. + +* Failed DHCP attempts for assumed connections are now retried after + a timeout. Configured with DHCP_TIMEOUT ifcfg option. + +* Default wired connection is now created after udev registers the device. + +* Support for Bluetooth DUN devices with Bluez 5 has been fixed. + +* The 'ipv6.ignore-auto-dns' property is now properly honored making it + possible to override automatically obtained name servers. + +* Invalid permanent MAC adddresses as reported by some devices are now + ignored. + +* Device links reported by more recent versions of Linux kernel that reside + in different network namespaces are no longer confused with links in + the namespace NetworkManager runs in. + +* MAC address changes of VLANs enslaved to a bond are now properly + propagated to the master device. + +* Fixed error handling for teaming devices with invalid configuration. + +* Wi-Fi AP list is now updated correctly after AP mode has been used. + +* The error handling for VPN secret agents is now significantly more robust. + +* Detection of s390 CTC devices now works properly. + +* A GATEWAY key in in /etc/sysconfig/network now no longer affects + non-static connections. + +* Added support for IPv6-only VPN connections. + +* The systemd service now uses HUP signal to reload configuration. + +* Change VLAN default flags to set REORDER_HDR for new connections. + +* nmtui is now able to ignore automatically configured routes. + +* Allow setting IPv6 and PPP settings for GDM and CDMA connections via + nmcli. + +* Added support for adding ADSL connections in nmcli. + +* Improved capture portal detection. + +* Default route through WiFi connection is now preferred to Mobile + Broadband if both are available. + +* Expose a flag to determine whether a particular connection is metered + via API and client tools. Configurable in ifcfg with CONNECTION_METERED + key. + +* Add support for locking connections to a channel within a particular + band. + +* Add support for configuring Wake-on-LAN capabilitites. + +* Allow overriding the MTU for team device. + +* The MTU setting from an IPv6 neighbor discovery Router Advertisements is + now ignored if applying it would result in invalid configuration. + +* Some configuration options can now be changed without restarting the + daemon. Notably, this applies to 'dns', 'connectivity' and + 'ignore-carrier' settings. + +* The connection activation was made more robust. If an active connection + is reactivated, the device it's active on takes precedence. If an attempt + is made to activate a connection on a different device than it is active on, + the activation proceeds removing the connection from the active device. + +* The device specifiers in configuration files now support negation via + 'except:' match. + +* Devices that only have IPv6 link-local address are no longer assumed to + be connected. + +* nmcli now provides hints and tab-completion for enumeration properties. + +* If the IPv6 interface tokens are set they are honored when creating an + interface identifier for IPv6 addressing. + +* NetworkManager now maintains correct routing configuration when multiple + interfaces are connected to the same network. + +* The management of devices can now be controlled with udev rules. The veth + devices as well as the virtual Ethernet devices of various + virtualization tools (VMWare, VirtualBox, Parallels Workstation) are + now ignored by default. + +* The IPv6 privacy extensions are now enabled by default and handling of + the ip6-privacy sysctl has been improved. + +* Activating a Bond, Bridge or Team device can now optionally activate the + slave connections as well. The behavior is controlled with + 'connection.autoconnect-slaves' property and AUTOCONNECT-SLAVES key in + ifcfg files.. + +* The platform support code has been refactored, resulting in better + scalability in large configurations. + +* Changes to network interfaces configuration done outside NetworkManager + are now picked up and exposed to the user via NetworkManager API and tools. + +* A connection can now optionally leave externally configured default route + in place instead of overriding it. The behavior is controlled with + 'ipv4.never-default' and 'ipv6.never-default' properties. + +* nmcli allows multiple devices for 'nmcli device disconnect/delete'. + +* Firewall zone is added to firewalld for device-based VPN connections too. + +* Wi-Fi devices now indicate support for 2GHz and 5GHz frequencies + +* "nmcli device" output now indicates physical port ID + +* New config items added to the 'ifcfg-rh' plugin: + - IPV4_ROUTE_METRIC and IPV6_ROUTE_METRIC + - DEVTIMEOUT + - IPADDR and PREFIX are now supported for specifying address ranges of + shared IPv4 connections + +* Dispatcher scripts now get a CONNECTION_FILENAME variable with the path + to the configuration file for the connection + +* An example dispatcher script that is able to apply complex routing rules + (such as setting up policy-based routing) for 'ifcfg-rh' connections was + added to examples/dispatcher/. + +* 'mode' key of Bond device options property now accepts numeric values + +* Connection attempts for devices without carrier on startup now wait for + carrier to appear within a short timeout instead of failing + immediately. This makes system startup more robust. + +* Bridge connectivity is now properly restored on resume from suspend + +* The D-Bus name is acquired earlier during the daemon startup. This makes + it possible for the systemd service manager to optimize the service + startup so that services that require networking are activated sooner + contributing to faster system start up time. + +* A lot of memory leak problems were fixed, resulting in reduced memory usage. + Many of them were discovered as a result of improvements in use of + Valgrind in the testing infrastructure. + +* Management of 'teamd' daemon instances for Team devices is now more robust. + +* The 'dnsmasq' daemon respawns when it terminates and it is configured for + management of DNS resolver configuration + +* Hostnames that are not fully qualified are no longer sent to a DHCPv6 + server for a dynamic DNS update + +* Connection UUIDs are now checked for uniqueness when connection + configurations are read + +* Receipt of a NDP Router Advertisement can no longer lower the IPv6 hop + limit (CVE-2015-2924) + =============================================== NetworkManager-1.0 Overview of changes since NetworkManager-0.9.10 |