OpenSync 3.2 Release Notes

Release 3.2.9.0

Notable Fixes

  • WM: Fixes corner case when WiFi driver downgraded the HT mode but did not set the primary channel correctly, resulting in a loss of device connectivity

  • FSM: Fixed mDNS plugin where mDNS was not cached for each unique IP address

Notable Enhancements

  • Amended logpull script to collect outputs of lsof and contents of /proc/sys/fs/file-nr

  • Added health-check script to check the available file handles resource pool (observing /proc/sys/fs/file-nr). If the system gets too close to the limit (only 500 or less file handles remaining), log top 100 process which consumes the most for easier debugging

  • Enhance 5G radio validation (neighbor configuration) to improve roaming

Platform Support

  • Fixes ghost client with SDK 5.04L02 (platform/bcm)

  • Enabled nf_conntrack_helper to address PPTP VPN issue on client device in router mode (platform/bcm)

  • Fixed channel change in case of radar event when it changes from DFS to non-DFS channel (platform/qca)

  • Prevent use of DFS channels during node onboarding (platform/qca)

  • Disabled REPEATER_SAME_SSID feature due to channel change issues with SPF 12.1 (platform/qca)

  • Added libopenvswitch headers support for Hawkeye (vendor/qca-template)

In Development *

  • LTEM (or LTE Manager) – a manager for LTE uplink management (alpha)

  • NM and OSN changes to be able to manage default routes via Wifi_Route_Config (alpha)

  • CM: Added uplink prioritization capability to improve startup times (PoC)

  • Band steering algorithm change request (from counters to timer)

* Features which are still in development are disabled by default, and will not be supported in this release.

Release 3.2.8.0

Notable Fixes

  • BM:

    • Use default Operating Class value in phy_type when it is not set in BTM parameters

    • Add only neighbors which are under that access point

    • Skipped adding of a 6 GHz self neighbor when a client does not have 6 GHz capability

    • Reject neighbor when op class is empty

    • Prevented sending of deauthentication frames to the non-associated clients on QCA platform

    • Added BTM neighbor candidate filtering according to a properly set value in the ifname field of the Wifi_VIF_Neighbors table

    • Enhance front-haul interface name validation for QCA platform

  • FSM: Fixed action value in the DNS MQTT report. Instead of allowed value, observed value is used

In Development *

  • LTEM (or LTE Manager) – a manager for LTE uplink management (alpha)

  • NM and OSN changes to be able to manage default routes via Wifi_Route_Config (alpha)

  • CM: Added uplink prioritization capability to improve startup times (PoC)

* Features which are still in development are disabled by default, and will not be supported in this release.

Release 3.2.7.0

Notable Fixes

  • FSM/FCM fixes:

    • dns_parse: Ignore DNS requests with empty ‘name’ (FQDN), because they caused errors during processing but are otherwise of no interest

Notable Enhancements

  • Extended XM to support DHCP reservation and port forwarding

  • Added a target function target_vif_sta_remove() to allow platform-specific behavior

Platform Support

  • Fixes for Qualcomm 11ax platforms (QSDK 11.x or newer):

    • Implemented the new target_vif_sta_remove() function to prevent deauth frames from being sent, which could confuse some clients (platform/qca)

    • Fixed channel width calculation used for neighbor APs (platform/qca)

    • Reworked the code for obtaining client statistics (platform/qca)

    • When possible, read multiple netlink messages in a single callback invocation to reduce the chance of a socket buffer overrun (platform/qca)

    • Removed the rule to drop packets with an invalid TTL, since the underlying problem has been patched in the SDK layer (platform/qca)

In Development *

  • LTEM (or LTE Manager) – a manager for LTE uplink management (alpha)

  • NM and OSN changes to be able to manage default routes via Wifi_Route_Config (alpha)

  • CM: Added uplink prioritization capability to improve startup times (PoC)

* Features which are still in development are disabled by default, and will not be supported in this release.

Release 3.2.6.0

Notable Fixes

  • CM: Do not request DHCPv6 prefix delegation in bridge mode

  • CM: Fixed the order of operations when removing an uplink

  • CM: Regression fix (do not use stability timer for GW-only devices)

  • NM: Force permissions of /tmp/resolv.conf because behavior of mkstemp() depends on the libc used

  • NM: Improved detection of changes in DHCP options to prevent unnecessary reconfiguration

  • BM: Reworked several parts of BM to properly support 6‌ GHz-capable clients

  • BM: Fixed a regression which caused stale RRM results to be included in the neighbor list

  • BM: Filter neighbor list according to supported operating classes

  • BM: Sort neighbor list using RCPI reported from RRM

  • BM: Do not add ‘self’ BSSID to the neighbor list if it was already added by the controller

  • BM: Always use 20 MHz bandwidth for RRM scans

  • WM: Changed L2UF monitoring on STA interfaces to passive mode to prevent false alerts

  • WM: hostapd config changes for 6 GHz

  • WM (libhostap): Force SAE mode for 6 GHz radios if used for onboarding

  • WM (libhostap): Fixed incorrect value of wpa_key_mgmt in Wifi_VIF_State when in mixed mode

  • FSM/FCM fixes and improvements:

    • Fixed traffic statistics calculation

    • Provided missing ‘policy’ information when Gatekeeper verdict is “ALLOW”

    • Fixed the verdict for dropped connections, because an NF_DROP removes the entry from conntrack tables and causes re-evaluation for subsequent packets

    • Fixed a crash in intf_stats_send_report() if the monitored interface is not available

    • Added flow direction to DNS cache

    • Added direction marking for DHCP packets

    • Skip DPI inspection of non-IP packets to prevent invalid internal states and potential crashes

    • Repopulate neighbor cache when restarting FSM

    • Fixed a regression (IPv6 mDNS messages were ignored)

    • Fixed a FSM crash caused by improper cleanup in net_md_free_acc()

Notable Enhancements

  • Added pppd configuration to speed up reconnects (using the ‘persist’ option)

Platform Support

  • Using ‘mcpctl reload’ instead of restarting mcp when applying changes  (platform/bcm)

  • Fixed CSA handling when it requires switching to another radio, e.g. from 5GU to 5GL (platform/bcm)

  • Adjustments for driver version 17.10.188.25010 (platform/bcm)

  • Added support for additional Broadcom chipsets: BCM6715 and BCM6756 (platform/bcm)

  • Fixed incorrect byte order for BSSID info (platform/bcm)

  • Enabled ‘minidump’ support for improved kernel crash analysis (platform/qca)

  • Fixes for Qualcomm 11ax platforms (QSDK 11.x or newer):

    • Applied a missing fix from 11ac code for ht_mode reporting during onboarding, if only STA is present, without an AP (platform/qca)

    • Fixed incorrect XML path used in cfg80211tool invocation for channel change commands (platform/qca)

    • Always disable HT Coexistence mode for 2.4 GHz (platform/qca)

    • Reverted to an older implementation of util_csa_is_sec_offset_supported() (platform/qca)

    • Fixed several issues in the code for obtaining the client list (platform/qca)

    • Switched to using libev instead of a thread for processing statistics (platform/qca)

    • Fixed ‘Short GI’ and DCS settings (platform/qca)

    • Enabled action frame forwarding to user space to receive WNM action frames in BM (platform/qca)

    • Fixed a WM crash that occurred when switching channels with a large number of connected clients (platform/qca)

    • Fixed a WM crash that occurred when changing auth mode (platform/qca)

    • Fixed detection of VIF up/down state (platform/qca)

    • Added a rule to drop packets with an invalid TTL value of 0 (platform/qca)

    • Additional adjustments for QSDK SPF 11.4 (platform/qca)

In Development *

  • LTEM (or LTE Manager) – a manager for LTE uplink management (alpha)

  • NM and OSN changes to be able to manage default routes via Wifi_Route_Config (alpha)

  • CM: Added uplink prioritization capability to improve startup times (PoC)

* Features which are still in development are disabled by default, and will not be supported in this release.

Release 3.2.5.0

Notable Fixes

  • WANO: Fixed an issue with permissions of resolv.conf file on some platforms

  • WANO: Fixed offline recovery for static IP configuration

  • SM: Fixed an hapd resource leak

  • WM: Added SAE PWE derivation setting for 6 GHz channels

  • WM: Added a check to prevent crashes on incorrect or incomplete PSK configuration

  • WM: Improved protection against invalid VIF configuration 

  • FSM/FCM fixes and improvements:

    • Fixed direction marking for reply packets

    • Added a check to prevent crashing when Gatekeeper cache flush is requested with an empty list

    • If DNS cache is disabled, check Gatekeeper cache before sending to Gatekeeper for verdict

    • Fixed processing of messages in mDNS plugin to ignore own messages

Notable Enhancements

  • WANO: Improved startup time for ethernet clients by echoing their DHCP discovery packets once the data path is established

  • logpull: Improved performance of the pskmask tool by using mmap

  • PM: Added support for driving a fan in a duty cycle fashion

Platform Support

  • Resolved healthcheck issues by ignoring ‘BSS down’ while in CAC  (platform/bcm)

  • Added handling of WLC_E_DISASSOC events (platform/bcm)

  • Fixed an issue with ifindex overflow in BM (platform/qca, requires a patch in SDK)

  • Adjustments to support QSDK SPF 11.4 (platform/qca)

  • Additional fixes for QCA 11ax and Wi-Fi 6E (platform/qca)

In Development *

  • LTEM (or LTE Manager) – a manager for LTE uplink management (alpha)

  • NM and OSN changes to be able to manage default routes via Wifi_Route_Config (alpha)

  • CM: Added uplink prioritization capability to improve startup times (PoC)

* Features which are still in development are disabled by default, and will not be supported in this release.

Release 3.2.4.0

Notable Fixes

  • CM: Fixed uplink validation in bridge mode

  • BM: Fixed incorrect handling of client configuration for band-steering (regression introduced in version 3.2.0.0)

  • BM: Improved handling of op_class and phy_type, needed for proper support of the 6 GHz band due to overlapping channel numbers

  • NM: Fixed DHCP request options which caused udhcpc to not report the hostname to the server

  • NM: Fixed a bad comparator which could cause the NM to hang

  • WM: Fixed the logic for downgrading the HT mode to account for the cases when the requested bandwidth includes channels which are not available due to regulatory restrictions

  • WM: Added special handling for a case when all channels are in DFS NOL

  • FSM/FCM fixes and improvements:

    • Fixed IP-based blocking when content filtering uses redirection

    • Fixed a mismatched Gatekeeper categorization value, which caused unnecessary lookups due to a low TTL value

    • Fixed Gatekeeper statistics to ignore cache hits for private/local IPs

    • Fixed incorrect IP Threat reporting when using different service providers for DNS and IP Threat

    • Extended Gatekeeper statistics to include the flow direction

    • Fixed incorrect handling of the "report_records" configuration option for the mDNS plugin

    • Additional improvements of cleanup procedures when removing plugins to prevent resource leaks and potential crashes

    • Logging improvements

Notable Enhancements

  • Updated CA certificates (opensync_ca.pem)

  • WANO: Improved robustness of static IP configuration logic

  • BM: Improved the code for processing 11k Beacon Measurement Reports to produce a more reliable neighbor list, resulting in better roaming experience

  • BM: Also using the priority field (if set by the cloud) to prioritize the neighbors that should be put on the 11k/11v neighbor lists

  • WM: Reworked the way client connection/disconnection events are reported to the cloud, improving the behavior of steering algorithms

  • WM: Added optional handling of stale clients based on L2UF

  • DM: Added ability to enable or disable a 3rdparty service via the Node_Config table

Platform Support

  • Added a workaround to recover from event overruns (platform/bcm)

  • Added 6 GHz support for QCA 11ax (platform/qca)

  • DPP support extended to QCA 11ax (platform/qca)

  • Fixed an issue with runcmd and reverted the workarounds (platform/qca)

In Development *

  • LTEM (or LTE Manager) – a manager for LTE uplink management (alpha)

  • NM and OSN changes to be able to manage default routes via Wifi_Route_Config (alpha)

  • CM: Added uplink prioritization capability to improve startup times (PoC)

* Features which are still in development are disabled by default, and will not be supported in this release.

Release 3.2.3.0

Notable Fixes

  • CM: Fixed the address resolving logic to restart the process if an address is removed from the uplink interface

  • BM: Added a missing update of client’s channel information after a CSA

  • PM: Improved robustness when and incomplete Wifi_Inet_Config table is encountered

  • PSM: Fixed a memory leak

  • QM: Improved behavior in case certificates are missing

  • UM: Fixed a regression (a crash caused by incorrect use of the memutil macros)

  • logpull: Fixed processing of tarballs

  • FSM/FCM fixes and improvements:

    • Updated the mdnsd library

    • Fixed a FSM crash when there is no IP Threat provider

    • Fixed a FCM crash when disabling a plugin

    • Fixed reporting of Gatekeeper statistics to send a report before the cache is flushed (typically because of a policy change)

    • Fixed reporting of Gatekeeper statistics to omit entries which have not changed in the last observation window

    • Fixed MAC-based flushing of Gatekeeper statistics

    • Extended LAN traffic counters from 32 to 64 bits

Notable Enhancements

  • NM: Revised Wifi_Route_Config handler to support updates of static routes

Platform Support

  • Fixed a bug which caused the probe request information to be cleared before it was propagated to BM (platform/bcm)

  • Added an option to enable WPS on 6 GHz channels (platform/qca)

  • Added support for qca5018 chipset (platform/qca)

  • Added support for HAWKEYE_PINE and MAPLE_PINE_PINE targets (vendor/qca-template)

In Development *

  • LTEM (or LTE Manager) – a manager for LTE uplink management (alpha)

  • NM and OSN changes to be able to manage default routes via Wifi_Route_Config (alpha)

  • CM: Added uplink prioritization capability to improve startup times (PoC)

* Features which are still in development are disabled by default, and will not be supported in this release.

Release 3.2.2.0

Notable Fixes

  • WANO: Fixed several potential crashes

  • PM: Fixed handling of offline recovery enabling/disabling

  • CM: Fixed an undesired side effect when offline recovery is disabled

  • FSM/FCM fixes and improvements:

    • Fixed reporting of the SNI-blocked events

    • Fixed incorrect behavior of IP blocking when using different service providers for DNS and IP Threat

    • Fixed a memory leak in FCM (when disabling plugins)

    • Optimized FSM reporting by storing the action description in the fsm_policy_reply structure

    • DNS cache is not needed when both DNS and IP Threat modules are using Gatekeeper, and is disabled in such cases to conserve resources

    • Added proper support for “redirect” and “forward” actions in Gatekeeper statistics

Notable Enhancements

  • PSM: Ephemeral columns are not stored to persistent storage to conserve resources

  • logpull: Uses the new pskmask tool to hide (mask) pre-shared keys (PSK) to protect user privacy

  • lib/daemon: Added a check to prevent error traceback in logs after an expected signal (typically a SIGTERM)

  • mdnsd: Adjusted the level of some log entries to prevent excessive logging, and also adapted the code to use OpenSync logging mechanisms (for consistency and to allow run-time adjustment of the log level)

  • Introduced a new unit type (package), which can be used for producing shareable archives, containing arbitrary files (e.g. build artifacts, pre-built 3rdparty binaries, and such)

Platform Support

  • Fixed channel survey statistics for newer drivers (platform/bcm)

  • Improved robustness of primary interface mode (AP vs STA) state detection/verification (platform/bcm)

  • Added an example script and configuration for enabling persistent storage  (vendor/bcm-template)

In Development *

  • LTEM (or LTE Manager) – a manager for LTE uplink management (alpha)

  • NM and OSN changes to be able to manage default routes via Wifi_Route_Config (alpha)

  • CM: Added uplink prioritization capability to improve startup times (PoC)

* Features which are still in development are disabled by default, and will not be supported in this release.

Release 3.2.1.0

New Features

  • NM: Added support for GRE over IPv6

  • FSM: Added a plugin (src/lib/dhcp_relay), which is able to modify and re-inject DHCP packets (typically for appending additional options)

Notable Fixes

  • CM: Improved ares timeout handling, which could have caused a missed watchdog kick

  • SM: Added missing 6 GHz channel conversion for neighbor reports

  • SM: Fixed a crash caused by unnecessary allocations of hapd objects when moving home VAPs between 5GL and 5GU

  • NFM: Fixed incorrect values for node_id and location_id

  • WM: Improved handling of DFS NOL channels to prevent topology destabilization

  • FSM/FCM fixes:

    • Fixed IP Threat response handling

    • Revised flawed wildcard policy implementation

    • Fixed Gatekeeper cache comparator (gkc_flow_entry_cmp), which caused incorrect behavior of the cache for IPv6 entries

    • Revised Gatekeeper cache to store IP attributes in binary form

    • Fixed a crash in the Gatekeeper cache

    • Cleaned up excessive logging in FSM and plugins 

  • LTEM fixes:

    • Disabled LTEM by default

    • Fixed LTEM unit dependencies

    • Changed udhcpc.sh, which used to always delete all default routes

Note: LTEM is still being implemented and will not be supported in this release

Notable Enhancements

  • BM: Revised and extended the code to support pre-association steering for 6 GHz band

  • CM: Cleaned up the code by using SCHEMA_SET helpers and C_IFNAME_LEN constant

  • CM: Cleaned up the configuration to use CONFIG_LIBEVX_USE_CARES directly

  • NM: Removed unnecessary filtering in OVS MAC learning and added support for IPTV interfaces

  • WM: Reduced unnecessary delays during DPP onboarding

  • PM: Several improvements for LAN connectivity during internet outage (non-HOME SSIDs, UPnP settings, ‘offline mode’ OpenFlow rules)

  • FSM: Finalized implementation of aggregated security statistics

  • Schema extended for VAP airtime management

Platform Support

  • Disabled MBO at startup, because it is enabled by default on some drivers and can cause interoperability issues (platform/bcm)

  • Platform specific adjustments for 6 GHz channels (platform/bcm)

  • Fixed SNR calculation in one more place (platform/bcm)

  • Re-enabled radartool code on QCA 11ax and added a workaround to prevent kernel panic (platform/qca)

  • Added a script for configuring port isolation on the internal switch (platform/qca)

  • Cleanup of WAN bridge related code (platform/qca)

Known Issues

  • Problematic disabling of offline recovery feature in runtime

  • FSM: DPI SNI events are not processed correctly for the reports

  • LTEM: MQTT topic is not processed correctly

  • Excessive logging output of mdnsd

Release 3.2.0.0

New Features

  • Extended Wi-Fi 6E support (backhaul and optimisation)

  • Improved support for mixed Wi-Fi security types (WPA1/WPA2, WPA2/WPA3)

  • BSS Fast Transition (802.11r) support for WPA2, WPA3, and mixed WPA2/WPA3

  • VLAN 802.1Q support (supporting separate unique IPTV SSID and PSK)

  • Added a manager for LTE uplink management (LTEM, or LTE Manager)

  • Introduced a new manager (PSM, or Persistent Storage Manager), which facilitates persisting of settings from OVSDB

  • Power supply status reporting

Notable Fixes

  • NFM: Fixed creation of custom chains

  • FSM/FCM fixes:

    • Fixed reporting of client statistics for captive portal clients in bridge mode (ct_stats)

    • Fixed a potential arithmetic underflow and out of bounds memory access (dns_parse)

Notable Enhancements

  • WM: Extended target DPP API to allow multiple simultaneous enrollees

  • NM: Ability to enforce hardcoded multicast flood exceptions via Kconfig

  • FSM enhancements:

    • Added reporting of aggregated security counters from the Gatekeeper plugin

    • Merged arp_parse plugin functionality into ndp_plugin to reduce memory footprint

    • Refactored policy request structure

    • Refactored internal cache (flow direction, invalidation routines, reporting)

  • FCM enhancements: 

    • Collecting L2 flow statistics using libopenvswitch API

    • Refactored client filtering

    • Configurable ethernet device tags

  • PM: Recovery of LAN connectivity for ethernet nodes/clients during internet outage

  • PM: Added code for mapping of legacy LED states

  • Using new memutil macros throughout the code

  • logpull: Added detailed memory footprint information

  • Additional cleanup:

    • Removed LM (Log Manager) as its functionality has been taken over by PM

    • Replaced hardcoded WAN and LAN bridge names (br-wan, br-home) with Kconfig definitions

    • Removed remaining occurrences of “plume” in hardcoded paths

Platform Support

  • Disabled code that uses radartool on QCA 11ax as it was causing kernel crashes (platform/qca)

  • Fixed an issue with setting the off-channel dwell time on QCA 11ax (platform/qca)

  • Added WANO interface list configuration for 11ax reference boards (vendor/qca-template)

Known Issues

  • LTE manager is enabled by default

  • SM: Reporting wrong 6 GHz frequencies

To download OpenSync 3.2, go to