Replify Accelerator 5.4.0-21507 Release Notes ============================================= This document details the content of the Replify Accelerator release 5.4.0. This release is a minor release that contains some minor features and several bug fixes. The previous GA release of Replify Accelerator was version 5.3.0. Release Highlights ==================== Secure Peer Authentication - This new feature enables VAs to connect only to other trusted VAs. Speed Improvements - A new compression algorithm, zstandard, improves the performance of the compression process. Stability - A number of changes have been made to improve the VAs robustness under high load, including new alarms and automtaic load mitigation techniques. Upgrade Instructions ==================== The following versions of the Virtual Appliance (VA) and Enterprise Manager (REM) can be upgraded directly to 5.4.0: = 5.3.0 = 5.2.1 = 5.2.0 = 5.1.0 = 5.0.0 = 4.5.3 To upgrade your system, the REM should be updated first (if you have a REM), followed by the Virtual Appliance and then clients. To upgrade the REM or VA please run the following command at the console: replify-ctl upgrade You will be prompted for an activation code after running the above command. Please contact support@replify.com for this code. Windows clients can be updated by navigating to 'Tools > Options > Updates' in the Replify client user interface. To avail of updates, the client must be connected to an upgraded REM or VA. Detailed installation instructions can be found in the Replify Installation & Configuration Guide. The Accelerator Client can also be downloaded from the web interface of VAs and REMs. Virtual Appliance OS ==================== Virtual machines prior to 5.2.0 containing the Replify Virtual Appliance and Enterprise Manager were built on a base operating system of Debian 7 (Wheezy). Version 5.2 onwards is built on Debian 9 (Stretch). Please note that an upgrade of Replify Accelerator will not upgrade the base OS. v5.4.0 is the last release that will support both operating systems. We ask that all existing Replify customers consider upgrading soon. Please contact Replify Support for details on how to do this. Disk Space ========== For this release, Replify is now shipped on a virtual machine with Stretch. Stretch uses more space for base packages and as such, the disk space required for an image is slightly higher. When deploying from VMWare, the default disk configuration will be a 16GB disk with 'Thick Provisioning'. We would recommend this configuration but if resources are particularly constrained on the server, you may change this to 'Thin Provisioning' to ensure the disk space is only consumed when required. For many production environments, 16GB may not be sufficient to hold all cache data. Please see the installation and configuration guide for details on how to add extra disk space. MAC addresses with Hyper-V ========================== Once the image is deployed on the Hyper-V server the MAC address allocation will be set to 'dynamic' by default. When the machine boots Hyper-V will generate a MAC address for the connected virtual network interface. Replify recommends changing this to use a static MAC address instead. Download Links ============== Downloads are available for VMware ESX 5.5 and above and Microsoft Hyper-V 2012/2016. Other deployments, such as Citrix Xen, Amazon EC2 and Microsoft Azure may be available on request from Replify Support. Please refer to the Replify Installation and Configuration Guide for deployment instructions. VMWare ESX ---------- REM OVF: http://s3.replify.com/v5.x/v5.4.0/Replify-Manager-5.4.0-21507/Replify-Manager-5.4.0-21507.ovf REM VMDK: http://s3.replify.com/v5.x/v5.4.0/Replify-Manager-5.4.0-21507/Replify-Manager-5.4.0-21507-disk1.vmdk VA OVF: http://s3.replify.com/v5.x/v5.4.0/Replify-Appliance-5.4.0-21507/Replify-Appliance-5.4.0-21507.ovf VA VMDK: http://s3.replify.com/v5.x/v5.4.0/Replify-Appliance-5.4.0-21507/Replify-Appliance-5.4.0-21507-disk1.vmdk Hyper-V ------- REM: http://s3.replify.com/v5.x/v5.4.0/Replify-Manager-5.4.0-21507-hyperv.zip VA: http://s3.replify.com/v5.x/v5.4.0/Replify-Appliance-5.4.0-21507-hyperv.zip QEMU ---- REM: http://s3.replify.com/v5.x/v5.4.0/Replify-Manager-5.4.0-21507.qcow2 VA: http://s3.replify.com/v5.x/v5.4.0/Replify-Appliance-5.4.0-21507.qcow2 Docker ------ VA: https://hub.docker.com/r/replifyltd/accelerator/ REM: https://hub.docker.com/r/replifyltd/manager/ New Features and Improvements ============================= [ACC-4729, ACC-5029], [ACC-5032] - Secure Peer Authentication [ACC-4955] - Licence generator now has a "Copy" button [ACC-5026] - Ubuntu 18.04 LTS support [ACC-4855] - Application Server Report on REM should has a 'Toggle Units' button [ACC-4879] - More efficient algorithm used for compression [ACC-4833], [ACC-4893], [ACC-4875], [ACC-4881], [ACC-4885], [ACC-4894], [ACC-4907], [ACC-4908], [ACC-4909], [ACC-4918], [ACC-4921], [ACC-4926], [ACC-4931], [ACC-4942], [ACC-4943], [ACC-5008], [ACC-5012], [ACC-5036], [ACC-4945], [ACC-5085], [ACC-5125] - Minor UI improvements [ACC-4895] - Tag Manager now has sort functionality [ACC-4910] - Application servers can be added by hostname using API [ACC-4917] - All links to www.replify.com on UI now use HTTPS [ACC-4930] - VA now deals with overloading scenarios in a more graceful manner [ACC-4847] - Warning message is displayed on VA if a user hasn't configured any application servers [ACC-4948], [ACC-5064] - Improved logic for determining user information in Ubuntu client [ACC-4980] - When system is overloaded, caching is temporarily disabled to reduce load. [ACC-4981] - Network interface can be specified for TCP listening ports on VA [ACC-4987] - QEMU images now support virsh console access [ACC-4991], [ACC-5006], [ACC-5062], [ACC-5063], [ACC-5081], [ACC-5013] - Assorted logging improvements [ACC-4993] - Conn.log size/number is now configurable [ACC-5071] - QEMU images have smaller download size [ACC-5075] - System options no longer appear on GUI when installing natively on Linux [ACC-5081] - Hourly stats messages have been made more concise in log files [ACC-5090] - Extra logging added to indicate when resource usage alarms have been cleared [ACC-5104] - Release notes are now supplied in plain text format [ACC-5110] - Client TCP listeners now listen on localhost [ACC-5112] - SSL Certificates generated by VA are now valid for five years [ACC-5121] - Transparency functionality is now available when running the Virtual Appliance as a Docker container Fixes ===== [ACC-4613] - Linux client no longer incorrectly applies incorrect interception rules when two appliances have the same application server defined. [ACC-4906] - Extra validation occurs when user specifies expiry date for SSL certificate [ACC-4915] - Nmap output for an application server deals with timeouts more gracefully [ACC-4920] - Negative offload values no longer appear in generated CSV files. [ACC-4929] - Settings page values are now included in REM backups [ACC-4939] - configure-network script now works in environments where DHCP is not available [ACC-4941] - Manually assigned tags are now maintained when a client reconnects [ACC-4957] - "Country" dropdown in certificate generation page is now sorted [ACC-4971] - Load average is now reported in health graph instead of CPU uages [ACC-4972] - Filezilla FTP Server transfers now optimized correctly [ACC-4976] - Logic to unpeer VAs when under load has been improved [ACC-4997] - Tail REM logs feature now working [ACC-5017] - REM Application Server report page no longer displays incorrect stats for application servers that have multiple services [ACC-5038], [ACC-5067] - IE11 now supported for web GUIs [ACC-5040] - Linux client no longer relies on Gnome being installed [ACC-5049] - Logic for closing connections when VA under load has been improved [ACC-5102] - Service no longer fails to start after 32769 consecutive service restarts [ACC-5106] - Android client now works on devices rooted with Magisk SU [ACC-5018] - Client no longer fails when configured with duplicate Virtual Appliances [ACC-5115] - Disk write status of cache is now synchronized when peering is established [ACC-5130] - Timeout during cache validation no longer causes appliance peering to fail Errata or Known Issues ====================== [ACC-3641] - Signed CIFS transfers result in high RAM usage and eventual VA crash [ACC-3718] - Intel based processors on Android devices not supported [ACC-3825] - Un-rooted Android devices can only accelerate HTTP(s) traffic [ACC-4137], [ACC-4170]- applications that use SSL pinning (e.g. Skype for Business, Dropbox etc) will have their connections blocked if configured in the VA to use SSL optimization, unless the pinned certificate is also uploaded to the VA. [ACC-4172] - When using Dynamic SSL, the time on the VA must be synchronized with the time on client machines [ACC-4224] - Windows 10 uninstall fails using 'modern add/remove programs' interface [ACC-4255] - AVG anti-virus software incorrectly detects a threat during Replify client uninstallation [ACC-4427] - Android client requires a reboot before upgrade or client re-install [ACC-4648] - Mac client service stops when it connects to a VA that is using a non-standard block size [ACC-4719] - STARTTLS and HTTP CONNECT content is not cached in client to local VA scenarios [ACC-4794] - Optimization does not occur when a client is connecting to a local VA that is peered to a remote VA and both VAs have an application server with the same IP address configured. [ACC-4896] - Active FTP may fail for some clients when using a client connected to a peered VA setup [ACC-4933] - In the scenario where a client is connected to a peered VA setup, SSL optimization will not work if either the client or the remote VA using a version of Replify Accelerator that is below 5.0 [ACC-5047] - Functionality to turn off compression for specified MIME types is no longer working [ACC-5083] - SMB Connections are not optimized by the Mac client