Gluon 2022.1
Important notes
Upgrades to v2022.1 and later releases are only supported from releases v2020.1 and later. This is due to migrations that have been removed to simplify maintenance.
Added hardware support
ath79-generic
D-Link
DAP-2660 A1
Enterasys
WS-AP3705i
Siemens
WS-AP3610
TP-Link
Archer A7 v5
CPE510 v2
CPE510 v3
CPE710 v1
EAP225-Outdoor v1
WBS210 v2
ath79-mikrotik
Mikrotik
RB951Ui-2nD
ipq40xx-generic
Aruba Networks
AP-303H
AP-365
InstantOn AP11D
InstantOn AP17
ipq40xx-mikrotik
Mikrotik
SXTsq-5-AC
ramips-mt7620
Xiaomi
Mi Router 3G (v2)
ramips-mt7621
Cudy
WR2100
Netgear
R6260
WAC104
WAX202
TP-Link
RE500
RE650 v1
Ubiquiti
UniFi 6 Lite
Xiaomi
Mi Router 4A (Gigabit Edition)
ramips-mt7622
Linksys
E8450
Xiaomi
AX3200
Ubiquiti
UniFi 6 LR
ramips-mt76x8
GL.iNet
microuter-N300
Netgear
R6020
RAVPower
RP-WD009
TP-Link
Archer C20 v4
Archer C20 v5
RE200 v2
RE305 v1
Xiaomi
Mi Router 4C
Mi Router 4A (100M Edition)
rockchip-armv8
FriendlyElec
NanoPi R2S
mpc85xx-p1010
Sophos
RED 15w rev. 1
mpc85xx-p1020
Extreme Networks
WS-AP3825i
Removed Devices
This list contains devices which do not have enough memory or flash to be operated with this Gluon release.
D-Link
DIR-615 (C1, D1, D2, D3, D4, H1)
Linksys
WRT160NL
TP-Link
TL-MR13U (v1)
TL-MR3020 (v1)
TL-MR3040 (v1, v2)
TL-MR3220 (v1, v2)
TL-MR3420 (v1, v2)
TL-WA701N/ND (v1, v2)
TL-WA730RE (v1)
TL-WA750RE (v1)
TL-WA801N/ND (v1, v2, v3)
TL-WA830RE (v1, v2)
TL-WA850RE (v1)
TL-WA860RE (v1)
TL-WA901N/ND (v1, v2, v3, v4, v5)
TL-WA7210N (v2)
TL-WA7510N (v1)
TL-WR703N (v1)
TL-WR710N (v1, v2)
TL-WR740N (v1, v3, v4, v5)
TL-WR741N/ND (v1, v2, v4, v5)
TL-WR743N/ND (v1, v2)
TL-WR840N (v2)
TL-WR841N/ND (v3, v5, v7, v8, v9, v10, v11, v12)
TL-WR841N/ND (v1, v2)
TL-WR843N/ND (v1)
TL-WR940N (v1, v2, v3, v4, v5, v6)
TL-WR941ND (v2, v3, v4, v5, v6)
TL-WR1043N/ND (v1)
WDR4900
Ubiquiti
AirGateway
AirGateway Pro
AirRouter
Bullet
LS-SR71
Nanostation XM
Nanostation Loco XM
Picostation
Unknown
A5-V11
VoCore
VoCore (8M, 16M)
Atheros target migration
All Atheros MIPS devices built with the ar71xx-generic
,
ar71xx-nand
as well as ar71xx-tiny
were deprecated upstream and
are therefore not available with Gluon anymore.
Many devices previously built with ar71xx-generic
and
ar71xx-nand
are now available with the ath79-generic
as well as
ath79-nand
target respectively.
Missing devices
The following devices have not yet been integrated into Gluons ath79 targets.
8Devices
Carambola 2
Aerohive
HiveAP 121
Allnet
ALL0315
Buffalo
WZR-HP-G300NH2
WZR-HP-G450H
GL.iNet
6408A v1
NETGEAR
WNDR4300
WNDRMAC
WNDRMAC v2
TP-Link
WR2543
Ubiquiti
Rocket
WD
MyNet N600
MyNet N750
ZyXEL
NB6616
NB6716
Features
WireGuard
Gluon got WireGuard support. This allows offloading encrypted connections into kernel space, increasing performance by forwarding packets without the need for context switches between user and kernel space.
In order to reuse existing (already verified) fastd-keypairs for WireGuard, a key derivation procedure is currently being developed. This should ease migration from fastd to WireGuard in case whitelisting VPN keys is desired.
fastd L2TP
fastd can now act as a connection broker for unencrypted L2TP-based
tunneling within Gluons mesh-vpn framework. This new null@l2tp
connection method allows for increased performance within existing
fastd setups.
In addition to a sufficiently configured fastd-based VPN server, this requires further modifications to a sites VPN fastd methods.
Major changes
OpenWrt
This release is based on the newest OpenWrt 22.03 release branch. It ships with Linux kernel 5.10 as well as wireless-backports 5.15.
Network changes (DSA / Upgrade-Behavior)
The ramips-mt7621
and lantiq-xrx200
targets now use the upstream DSA
subsystem instead of OpenWrt swconfig for managing ethernet switches.
Gluon detects the existing user-intent and automatically applies it over to DSA syntax. See the section about network reconfiguration for more details.
System reconfiguration
The network and system-LED configurations are now re-generated after
each update / invocation of gluon-reconfigure
.
The user-intent is preserved within Gluon’s implemented functionality (Wired-Mesh / Client access / WAN).
As an additional feature, Gluon now supports assigning roles to interfaces. This behavior is explained here.
Site changes
VPN provider MTU
To account for multiple VPN methods available for a site, the MTU used
for the VPN tunnel connection is now moved to the specific VPN provider
configuration. For fastd this means that mesh_vpn.mtu
needs to be
moved to mesh_vpn.fastd.mtu
. (#2352)
Preconfigured Interfaces Roles
Instead of mesh_on_wan
and mesh_on_lan
there is now an
interfaces
block to configure the default behavior of network
interfaces. Details can be found in the
documentation.
Minor changes
The
brcm2708-bcm2708
brcm2708-bcm2709
brcm2708-bcm2710
targets were renamed tobcm27xx-bcm2708
bcm27xx-bcm2709
andbcm27xx-bcm2710
The GL.iNet GL-AR750S was moved to the
ath79-nand
subtargetGluon now ships the ath10k-ct firmware derivation for QCA9886 / QCA9888 / QCA9896 / QCA9898 / QCA9984 / QCA9994 / IPQ4018 / IPQ4028 / IPQ4019 / IPQ4029 radios (#2541)
WolfSSL instead of OpenSSL is now used when built with WPA3 support
The option to configure the wireless-channel independent from the site-selected channel was moved from
gluon-core.wireless.preserve_channels
togluon.wireless.preserve_channels
gluon-info
is a new command that provides information about the current nodeGLUON_DEPRECATED
is now set to 0 by defaultTo reboot a running gluon-node into setup-mode, Gluon now offers the
gluon-enter-setup-mode
commandDevices without WLAN do not show the private-wifi configuration anymore
The Autoupdater now uses the site default branch in case it is configured to use a non-existent / invalid branch
Known issues
A workaround for Android devices not waking up to their MLD subscriptions was removed, potentially breaking IPv6 connectivity for these devices after extended sleep periods. (#2672)
Upgrading EdgeRouter-X from versions before v2020.1.x may lead to a soft-bricked state due to bad blocks on the NAND flash which the NAND driver before this release does not handle well. (#1937)
The integration of the BATMAN_V routing algorithm is incomplete.
Mesh neighbors don’t appear on the status page. (#1726) Many tools have the BATMAN_IV metric hardcoded, these need to be updated to account for the new throughput metric.
Throughput values are not correctly acquired for different interface types. (#1728) This affects virtual interface types like bridges and VXLAN.
Default TX power on many Ubiquiti devices is too high, correct offsets are unknown (#94)
Reducing the TX power in the Advanced Settings is recommended.
In configurations without VXLAN, the MAC address of the WAN interface is modified even when Mesh-on-WAN is disabled (#496)
This may lead to issues in environments where a fixed MAC address is expected (like VMware when promiscuous mode is disallowed).