The latest Version of Peplink firmware was released today and it brings a number of great new features:
- WAN Smoothing: WAN Smoothing utilizes bandwidth bonding to minimize latency and reduce the impact of packet loss, trading bandwidth for greater connection resiliency.
- Multi-Site SpeedFusion Profile: With a single click, form PepVPN / SpeedFusion connections with thousands of remote sites using the same ID and pre-shared key. No further configuration necessary.
- PepVPN Layer 2 Peer Isolation: Want more data security for branch offices? Devices on the same Layer 2 PepVPN profile can now be made invisible to each other. Each device will see only itself and headquarters.
- Configurable Traffic Direction: Have one connection with really slow upload speed? Use it for download only. With SpeedFusion, you can assign any link in a tunnel to be upload only, download only, or both. Great for high latency satellite links…
- Internal Service Forwarding: Need to redirect your email, or web traffic to a local server? Use your router as a transparent proxy, forwarding traffic from specified ports to a local server.
Full release notes can be found here. The firmware can be downloaded from this link.
I’ll let you read the release notes yourself (linked above) for a full list of new features, but I want to highlight a couple of things that I think are very exciting.
Mentioned as a way to ‘reduce latency and minimize the impact of packet loss’, WAN smoothing could almost be over looked in the release notes as just another new feature. In fact its the first step in a major section of new development instigated by the SpeedFusion team to add some serious cutting edge improvements for real time services over SpeedFusion.
SpeedFusion Was Already Great for Real Time Services
We have a lot of customers using SpeedFusion for video and audio streams from remote locations over bonded cellular links, for things like mobile CCTV, broadcast TV and radio transmission and of course multi-site VoIP. SpeedFusion has done a great job historically with all of these services under normal conditions, but occasionally WAN link variables have had a negative affect that we knew we could mitigate with more intelligent use of the available connectivity.
Traffic Duplication Gaurantees Packet Delivery
So under-way is a development program focusing on real time network traffic reliability in adverse conditions, with a bunch of new features being actively developed. The first out if the gate as seen here in 6.2 is WAN Smoothing. This is a technique where we duplicate network traffic being sent across multiple WAN links at the same time, so that even if a link suffers an unexpected rise in latency or has packet loss, because the duplicate traffic has also been sent on another link these latency and packet loss events do not impact on the data stream. In its simplest form we are repeating all traffic at the sending location across all WANs at the same time and at the receiving end we rebuild the stream with whichever packets get there first, dropping the duplicates that arrive late due a latency spike (or sometimes not at all due to packet loss).
As Always, Customer Partnerships and Feedback Help Us Innovate
Early beta testing by customers in broadcast radio and TV has been hugely successful with very long periods where zero packet loss was experienced even when using multiple bonded cellular WANS. Of course a side effect of duplicating data across all WANs is the reduction in the usable bandwidth for network applications, but when you are in a ‘has to get through no matter what’ situation WAN Smoothing is the feature for you.
If Real Time Services over bonded cellular is a key area of interest for you, I’d also recommend you investigate two advanced threshold settings available on WAN links used within a SpeedFusion profile. These are called Cut Off Latency and Suspension Time After Packet Loss, both have fairly self explanatory names but if you want to know more pop along to this forum post to learn more.
Internal Service Forwarding
Another great new feature is Internal Service Forwarding. This gives all of our Balance, MAX and Surf models the ability to intercept traffic pointed at key service/application types and redirect it elsewhere. All of that sounds intriguing but I expect – like me, you might be scratching your head as to how you might use this in your network.
Easy Temporary Service Migrations
The first case is obviously service migration as part of a planned project or in a disaster. Imagine what would happen if your main web proxy server on your enterprise network failed – users would not be able to access the internet and your phone would be ringing off the hook until it was back up and running again. With Service Forwarding you could quickly bring up a new proxy on a different server / IP and redirect all web proxy requests to it switching your users back to the original proxy when it is back online. This redirect would happen without the users needing to change their browser settings and without the need to push new proxy settings out over active directory. Its pretty clever.
Block Your Users Attempts to Bypass DNS Web Filters
One of the easiest ways to add web filtering to your network is to use an external DNS based web filtering service (like OpenDNS or DynDNS). However, these types of filters are normally easy to bypass – by simply using Google’s DNS servers in your network client settings for example. Internal Service Forwarding for DNS requests blocks your users from bypassing any in place filters by intercepting DNS resolution requests from LAN based clients and forcing them via the Peplink devices in built DNS proxy (which will in turn forward the DNS request to your web filtration service). This is a really handy and easy way to lock down your client network.
Build Custom Service Forwarding Rules
The new Service Forwarding feature also enables the creation of custom rules. You can pick a TCP port you wish to redirect and enter a new destination and port for those requests to be sent to. I’m sure that we’ll get to hear about some great examples of how this feature gets used by our customers in the coming months. If you have some good examples for me get in touch.
There is more great stuff on the way
The 6.2 release adds some great new features that can add real value to your network applications and save you time as a network administrator. Its only a minor firmware release and we are already planning ahead to 6.3 which is going to have even more awesomeness. All of these product improvements are a direct result of feature requests and project interactions with our customers and users. If you have a great idea for a new feature create a post on our forum and tell us about it.