User Tools
Site Tools
Trace:
This is an old revision of the document!
Table of Contents
NetModule Router Software
Release Types
There are two types of software releases.
Mainline Releases
First, we have the mainline releases which have stable functionality and are fully system tested. Bug fixes are implemented and released periodically every quarter (increase of the last number in the release version, e.g. 3.7.0.103). The schedule is as follows:
| Date | Release | Release Note | Images |
|---|---|---|---|
| January 31 | winter release | 3.7.0.104 | NRSW 3.7 |
| October 31 | autumn release | 3.7.0.103 | NRSW 3.7 |
| April 30 | spring release | ||
| July 30 | summer release |
New releases with a bundle of new features appear about every year (increase of the second number in the release version, 3.8.0.100).
Feature Releases
New features, e.g. hardware support for new modules or new products are frist introduced in so-called feature releases. After successful field tests and if there is a general need for those new features they will become part of future mainline releases. Feature releases are based on a prior mainline release and have the third numer in the version increased (e.g. 3.7.1 or 3.7.2).
Release History
New in Version 3.8
Note: NRSW 3.8 is still under development. For beta testers currently beta 2 is availabe.
| Feature | First introduced |
|---|---|
| Support for new product types: NB2710, NB3710 and NB3720. | 3.8.0.100 |
| Support for new internal modems: Huawei MU609 (successor of GTM661W and EM820W). | 3.8.0.100 |
| Support for extension modules: NetModule PCIe cards for Audio, CAN, RS-485, IBIS slave and RS-232. | 3.8.0.100 |
| Enhanced voice gateway: SIP/RTCP support, user agent, Voice support for ME909. | 3.8.0.100 |
| Multicast routing with IGMP proxy: An Internet Group Management Protocol (IGMP) proxy will track multicast group membership information of all LAN interfaces and forward multicast packets as received on the hotlink interface. Sender networks can be specified by adding appropriate host/network routes on the corresponding WAN interface. IGMP is specified in RFC 3376 | 3.8.0.100 |
| Router Discovery for IPv4: Clients can now discover NetModule Routers using the ICMP Internet Router Discovery Protocol (IRDP) according to RFC 1256. | 3.8.0.100 |
| Multiple WLAN SSIDs: Multiple SSIDs can now be configured. The router will connect to the SSID with highest priority. | 3.8.0.100 |
| IPSec XAUTH (extended authentication): Support for road warrior applications. | 3.8.0.100 |
| Certificate management: NetModule Routers can now request digital certificates at the certificate authority using the Simple Certificate Enrollment Protocol (SCEP) according to the current SCEP Internet-Draft . | 3.8.0.100 |
| Support for assisted GPS (A-GPS): A-GPS is a system that is often able to significantly improve the startup performance, or time-to-first-fix (TTFF), of a GPS satellite-based positioning system. | 3.8.0.100 |
| DynDNS improvements: Support for Dynamic DNS update according to RFC 2136 and support for GnuDIP Dynamic IP DNS service. | 3.8.0.100 |
| SDK extensions: New API functions for SNMP, voice, CAN and Modbus, see latest SDK API manual. | 3.8.0.100 |
| Module firmware update: The firmware of internal modules can now be updated. Supported modules include modems, CAN, IBIS and audio modules. | 3.8.0.100 |
TFTP server: A TFTP server has be included. It can be enabled by cli set tftpd.status=1. The directory can be set by cli set tftpd.directory=/path/. | 3.8.0.100 |
FTP server: A TFTP server has be included. It can be enabled by cli set ftpd.status=1. The FTP directory is located in /home/<user>. Note that root is not allowed as FTP user. | 3.8.0.100 |
| Unified OpenVPN configuration files: Unified OpenVPN configuration files containing configuration parameters, root certificate (ca), client certificate (cert) and the client private key (key) can now be imported as a single client.ovpn file. | 3.8.0.100 |
| Bridged VLAN interfaces: VLAN interfaces can now be bridged. | 3.8.0.100 |
| Transparent Firewall: Unobstrusive IP filtering on NB1600 with bridged Ethernet ports. | 3.8.0.100 |
Speed-test client: A command line version of the speedtest.net client has been integrated. Just type speed-test in the root console. | 3.8.0.100 |
| Upgrades for packages: gpsd, curl, chronyd, php, openvpn, openssl, dropbear, openswan, wlan, wpa_supplicant and hostapd have been updated. | 3.8.0.100 |
Kernel modules: The kernel modules cdc_acm and cdc_ftdi are now present. They are required for our PCIe cards but are also helpful to drive other USB based equipment such as the Bluegiga BLED112 BLE dongle. | 3.8.0.100 |
| Internal sofware optimizations: Improved config conversion, boot time reduction thanks to new wwanmd. | 3.8.0.100 |
New in Version 3.7
| Feature | First introduced | |
|---|---|---|
| Support for Huawei MU609: The Huawei MU609 modem is now supported. | 3.7.0.104 | |
| USSD Codes via CLI: The CLI is now able to send/query USSD codes. For instance, one may query the first modem by running: | 3.7.0.104 | |
| SNMP Admin Access: For SNMPv1/v2, it is now possible to specify a whole subnet rather than just a host which will be priviledged for administrative access. | 3.7.0.104 | |
| SDK Events: | We have added an function which is able to retrieve additional options for an event. | 3.7.0.104 |
| DHCP Hostname: | The GUI status pages are now listing the hostname of DHCP clients (if provided). | 3.7.0.104 |
| Legal Notice: A dedicated GUI page under SYSTEM is now pointing out that NRSW contains in part open source software that may be licensed under GPL, LGPL or other open source licenses. It further provides detailed information for each package now, including the relevant license text and the corresponding source URL. The user is now obliged to accept our end user license agreement during the initial setup of the router. We remind you that the source code of any package can be obtained by contacting our technical support at router@support.netmodule.com. | 3.7.0.103 | |
| Redundancy Status: The VRRP redundancy status including the currently active role can now be shown with CLI. If configured, OpenVPN will be restarted in case the redundancy role changes. | 3.7.0.103 | |
| Other Remote IDs for IPSec PKI Clients: It is now possible to specify other remote IDs (FQDN, IP address, etc) when running IPSec as PKI client. Formerly, this has been derived from the Common Name of the certificate only. | 3.7.0.103 | |
| Increased Number of IPSec Networks: It is now possible to specify up to 10 networks for each IPSec tunnel. | 3.7.0.103 | |
OpenVPN Duplicates: One single certificate can be used now for multiple clients by setting the following config option: openvpn.tunnel.x.duplicates=allow. | 3.7.0.103 | |
| Enhanced WLAN Details: The currently associated WLAN network name (SSID) as well as the DHCP address for WLAN stations can be obtained now with GUI and CLI. The number of received/transmitted bytes are shown correctly now. | 3.7.0.103 | |
Control Debug Levels Via CLI: The debug levels of applications can now be controlled by debug -l <level> <target>. | 3.7.0.102 | |
| Send Hostname in DHCP Discover: The hostname of the box is now submitted in DHCP discover requests (option 12 and 81) which can be used to identify the client and assign a corresponding IP address. | 3.7.0.102 | |
| Switchback Option for Switchover Links: A configuration option was added which can be used to define an interval after which a switchover link will be teared down, letting links with better priority dial and come up again after the specified time. | 3.7.0.102 | |
| Configurable Initial Ping of NTP Server: Time synchronisation was only triggered after the specified NTP servers have been pinged. This can be avoided now by means of a configuration option. | 3.7.0.102 | |
| Clear Log Command: We have added a clear-log alias which can be used to clear any logfiles. | 3.7.0.102 | |
| Watchdog Keepalive for Surveyor: We implemented a keepalive mechanism for the surveyor which is now periodically notifying the watchdog. If no keepalive has been received within a specific amount of time, the watchdog will reboot the system. | 3.7.0.102 | |
| Support for CDMA with SIM: It is now possible to run CDMA in combination with a SIM card. | 3.7.0.102 | |
Update System Time via Config: It is now possible to update the system time by uploading a configuration file with system.time being set. This can be used for instance to bypass any issues regarding the expiration of uploaded certificates. | 3.7.0.101 | |
| Ethernet Status: The status of the Ethernet interfaces can be derived now from the GUI and CLI. | 3.7.0.101 | |
| OpenVPN Enhancements: It is now possible to specify the HMAC authentication digest for OpenVPN connections. In case of credential-based authentication, the username and password will be obtained now using the via-file method. Running as client, it is possible now to either connect to a single server or choose one of multiple servers in a random or failover way. | 3.7.0.101 | |
| 40-160V Power Supply: We have added support for a new power supply extension on NB3700 which is able to operate with a primary input voltage of 40-160V. | 3.7.0.101 | |
| VLAN Priority: It is now possible to specify the priority for a VLAN interface according to 802.1p/d. | 3.7.0.101 | |
| New SDK functions: We have added the seek function for repositioning the read/write file offset. It is also possible now to send specific SNMP traps by using the nb_send_trap function. | 3.7.0.101 | |
| Disable Web Manager: It is now possible to completely turn off the Web Manager. | 3.7.0.101 | |
| WLAN Station Inactivity: The maximum station inactivity of WLAN clients, i.e. the time until they will be declared as off, can be configured now. | 3.7.0.101 | |
| Performance Improvements: We have applied multiple performance enhancements to the system which range from softwarerelated improvements up to faster hardware access. They offer a smarter interrupt handling for high-speed transfers over USB-based LTE modems, faster memory access and less-consuming Ethernet packet dispatching. WLAN connections are now operating with a proper transmit power. We have also optimized the watchdog to cope with high system load. Newer versions of NB1600/NB2700 are also shipping with a faster CPU now. | 3.7.0.100 | |
| NTP Server Extensions: We have upgraded chronyd to the latest version 2.29.1 which improves compatibility for clients and also fixes some security isses. The NTP server has received additional options to tune its synchronization behaviour. The poll interval, for instance, can be configured now. It is further possible to control access from a particular subnet and to trigger synchronisation manually. | 3.7.0.100 | |
| DHCP Server Extensions: The DHCP server is now able to operate as relay agent and relay server. For IP/MAC bindings we have added support for pre-defined static hosts and an option to ignore undefined hosts. Further DHCP options (such as Agent-ID or WINS server) can be specified now. | 3.7.0.100 | |
| GPS Daemon Upgrade: The GPS daemon has been upgraded to version 3.9 which is now able to deliver GNSS information in JSON and NMEA format. Clients are nowadays using the new JSON format (see the Berlios site for getting more details). Therefore, it represents the factory default mode now. All legacy modes are still available and backward-compatible to 2.37 clients, so that the new server will integrate flawlessly in existing environments. | 3.7.0.100 | |
| IP Aliases: Ethernet-based interfaces are now supporting IP aliases and most applications (HTTP, SSH, Telnet, NTP, etc) can be addressed by those. However, the voice server does not work with IP aliases. | 3.7.0.100 | |
| New Provider Database: We have incorporated Gnome’s mobile broadband provider information in order to offer accurate and up-to-date provider settings (APN, username, password) when setting up a WWAN connection. | 3.7.0.100 | |
| Support for Sierra MC7700/MC7750: The QMI-based Sierra MC7700 and MC7750 modems are now supported. | 3.7.0.100 | |
| PPTP Changes: PPTP’s client network is now 192.168.250.0/24 by default and ProxyARP is active. | 3.7.0.100 | |
| Support for Additional USB Devices (USB-Serial Adapters, USB-Ethernet Adapters, RNDIS Devices): External USB-based serial and network devices can now be embedded to the system, providing the same capabilities as onboard interfaces. They can be enabled by their vendor and product ID (wildcards are supported) and also be connected during runtime (hotplug). The range of available drivers provide support for pl2303- and ch341-based adapters (like the Prolific PL230 and ATEN UC232A) as well as pegasus-based Ethernet/RNDIS adapters. Please ask our support team whether your desired device is supported. | 3.7.0.100 | |
| Improved Software Update: The new software update facility enables on-the-fly updates and requires almost no additional memory anymore. | 3.7.0.100 | |
| New WLAN Features: We have added support for the WLE200NX module which allows 802.11a operation in the 5 GHz band. Please note that we do not support Dynamic Frequency Selection (DFS) at the moment, thus the range of channels is limited according to local regulations. Nevertheless, we have updated the registry database for operating with a proper transmit power in the available channels. We have also added support for 802.1x certificate-based authentication (WPA-EAP-TLS) and WEP when operating as client. The MTU of the WLAN interface can be configured now. | 3.7.0.100 | |
New SDK Functions: The virtual memory size of a script is now limited to 5MB and it can be monitored individually by the watchdog. The range of SDK API functions have been extended to:
| 3.7.0.100 | |
| IPsec Improvements: NAPT between IPsec peers (especially in case of holding the default route) works more reliably now. Broadcast packets are not encapsulated anymore. It is possible to configure the DPD action and force encapsulation. For roadwarrior configurations, the remote peer can be specified with 0.0.0.0. | 3.7.0.100 | |
| SNMP Agent Enhancements: We have added SHA/AES for authentication via SNMPv3. Administrative access via SNMPv1/v2c is now possible from a distinctive subnet. | 3.7.0.100 | |
| OpenVPN Enhancements: OpenVPN has been upgraded to version 2.3.2 and it is now feasible to operate with dynamic hostnames. Server and transfer network as well as MTU can be configured. | 3.7.0.100 | |
| Firewall / NAPT Enhancements: It is now possible to specify IPsec interfaces, they can also be applied as additional selector for the outgoing interface. Addresses can be grouped and those groups can be used instead of adding multiple rules. By using the LOCAL specifier, it is possible to select packets coming or going to local applications of the box. | 3.7.0.100 | |
| IP-Passthrough: It is now possible to implement a pass-through of the WWAN IP address towards a LAN host (e.g. first DHCP client). More or less, the system acts like a modem in such case which can be helpful in case of firewall issues. | 3.7.0.100 | |
| Temperature Indication: The system will now show the board temperature (available on NB3700) as well as temperature values derived from sensors of the modems. | 3.7.0.100 | |
| CLI Enhancements: The CLI is now showing additional information (such as WWAN download/upload rates, IMSI, ICCID and SIM number) as well as details about the running configuration (name, version, hash). Scanning WWAN and WLAN networks is now possible and it can be used to get debug messages and to generate/send tech reports. We have also added a history command for showing the list of previously entered commands. Startup and config operations will be much faster now | 3.7.0.100 | |
| Distintive Supervision: It is now possible to configure ping supervision on a per-link basis. A retry interval option has been added for reducing the network footprint. We are also supervising any IPsec connections now in order to detect broken NAT peers. | 3.7.0.100 | |
| New Options for Serial Device Server: Configuration options have been added for showing the banner and enabling remote control according: to RFC 2217. | 3.7.0.100 | |
| Deployment: Systems can be deployed over CLI-PHP, HTTP, SSH and console by using an empty password in factory state. We are now supporting LLDP and CDP for device discovery. | 3.7.0.100 | |
| Voice Daemon Enhancements: The system is able to receive mobile calls and dispatch them to SIP clients. | 3.7.0.100 | |
| Support for CDMA 450: The Cellient MPN200 module and operation in CDMA 450 networks is now supported. | 3.7.0.100 | |
| Support for Huawei ME909: The Huawei ME909 module is now generally supported. However, voice calls with this modem are not yet supported. | 3.7.0.100 | |
| Secure SSL Client Connections: Client applications will now abort connections to servers with an invalid certificate. Trusted CA root certificates can be uploaded to bypass that. | 3.7.0.100 | |
| Support for Multipath Routes: Multipath routes are now being supported. They can be used to distribute IP sessions over multiple hosts. In addition, WAN links can be configured as distributed interfaces in order to balance traffic in the same manner. | 3.7.0.100 | |
| GRE Implementation: It is now possible to run GRE tunnels. However, we have not yet completely finished compatibility tests to other systems. | 3.7.0.100 | |
| Quality of Service: We have implemented a QoS mechanism based on Linux’s advanced traffic control, so that the system is now capable of prioritizing and shaping bandwidth for particular IP services. | 3.7.0.100 | |
| VLAN Implemenation: The Ethernet interfaces are now supporting Virtual LAN (VLAN) according to IEEE 802.1P/Q. | 3.7.0.100 |