6WIND Announces General Availability for New vRouter and 6WINDGate Releases
6WIND is pleased to announce our latest release, including:
- Turbo Router and Turbo IPsec 2.1 – software network appliance vRouters
- Virtual Accelerator 1.9 – hypervisor networking vRouter
- 6WINDGate 4.23 – OEM source code for Linux networking
We have completed the networking feature set of 6WIND’s Turbo Appliance virtual routers (vRouters) to provide complete dynamic routing with VRF support and QoS. We now support PXE installation, which was a strong requirement from our bare metal customers. 6WIND’s Virtual Accelerator vRouter now supports the latest OpenStack Rocky release and eliminates the need for VMs to be restarted after an update. Finally, 6WINDGate now supports NAT64 and gets a new, high-performance CG-Firewall module.
Let’s review these features in detail, product by product.
Turbo Router & Turbo IPsec vRouter Appliances
Our routing protocol offering is now complete with OSPFv3, RIPv1, RIPv2, RIPng in addition to OSPFv2 and BGP that were available in the previous release. BGP and OSPF can also now handle multiple VRFs.
We have introduced basic QoS features with rate limiting per interface and per VRF, based on a two-rate three-color traffic conditioner. Class-based queuing will be added in the next release.
For security, we have added uRPF (Unicast Reverse Path Forwarding) that helps to prevent IP address spoofing and DoS attacks.
In addition to local SSH key and password authentication, we now support RBAC (Role-Based Access Control). The vRouter appliances support admin and viewer roles with different privileges and AAA (Authentication, Authorization, and Accounting) through TACACS+.
For logging, we have added TLS (Transport Layer Security) support to syslog to keep log messages confidential.
System and Environment
Control Plane Protection is now supported. It is a software mechanism that reduces the risk of dropping control plane packets under load.
PXE (Preboot Execution Environment) can now be used to automate the installation of the vRouter on a bare system that is not loaded with any OS.
Finally, we have added support for Amazon Elastic Network Adapter (ENA) for AWS deployment.
Virtual Accelerator vRouter for Hypervisor Networking
VM-friendly vswitch restart: the networking stack can now be restarted (for example after an update) without any impact on the connected Virtual Machines.
Advanced QoS features have been added, including CoS marking in egress, policing per flow, ToS and IP protocol, shaping per traffic class, rate limiting per VRF and PB-DWRR scheduling.
OVS now supports setting a skb mark for further processing with Policy-Based Routing.
System and Environment
For more security, the RPM packages (for Red Hat) and deb repository (for Ubuntu) are now signed with a 6WIND certificate.
Virtual Accelerator has been validated with OpenStack Rocky.
As the foundation technology behind Turbo Appliances and Virtual Accelerator, our 6WINDGate source code product inherits all the features listed above, plus some interesting new features.
The CG-NAT module now supports NAT64, which is a mechanism for translating IPv6 packets to IPv4 packets and vice versa.
A new CG-Firewall module is introduced for handling establishment of conntracks (TCP, UDP, etc.) in the fast path for a higher session establishment rate.
Arm NXP LS1046 is now supported (fast crypto will come in a next release).
Third-party and hardware support
As usual, we have updated the open source software included in our technology to the latest versions:
- DPDK 18.11
- VRRP: keepalived 2.0.10
- libmultibuffer 0.52
- OpenStack Rocky
- Open vSwitch 2.9
Register for our Webinar on Wednesday, May 15, at 9:00 am Pacific / 6:00 pm CET to learn more about our new software release.