Release Notes (For Branch Series)¶
This release notes page covers RansNet branch series products (HSA, UA, XE, UAP).
20260512-1200¶
Major Changes¶
- Device monitoring is revamped. Use Template_Branch for base monitoring items (replacing older Template_HSA). If needed, download the latest Template_Branch to import into your private mfusion.
- XE-300 default IP assignment behavior changed — previously WAN is vlan1 and LAN is vlan2, now WAN is vlan2 (port WAN/LAN1) and LAN is vlan1 (port LAN2, LAN3, LAN4). Default config is also changed, eg.
!
hostname XE
!
interface eth0
enable
!
interface wwan0
enable
route-metric 2
!
interface vlan 0 2
description WAN
enable
route-metric 0
ip address dhcp
!
interface vlan 0 1
description LAN
enable
ip address 192.168.8.1/22
dhcp-server
router 192.168.8.1
dns 8.8.8.8 8.8.4.4
range 192.168.8.2 192.168.11.254
enable
!
firewall-input 100 permit all tcp src 192.168.8.0/22 dport 22 remark "SSH from LAN"
!
firewall-access 100 permit outbound vlan2
firewall-access 101 permit outbound wwan0
!
firewall-snat 100 overload outbound vlan2
firewall-snat 101 overload outbound wwan0
!
Bug Fixes & Platform Improvements¶
| Area | Fix |
|---|---|
| HSA-520 DTS | Updated device tree with corrected peripheral definitions and enhanced clock/reset handling for improved stability |
| XE-300 Image Build | Kernel updated with full namespace support (required for VRF, network isolation, and container deployments) |
| XE-300 Kernel | Kernel 4.4.60 now includes full IPsec VRF support patches; validated against Fibocom QMI driver and USB serial ports |
| XE-300 LED | Fixed LAN3 and LAN4 LED status on MT7628 SoC (device tree updates) |
| Modem Support | Unified QMI driver image combining Quectel and Fibocom firmware support in single binary; USB serial port drivers added for Meig and Fibocom modem variants |
| Package Permissions | Fixed missing execute bits on OpenWrt init scripts, CGI binaries, and tools due to NTFS copy issues during build |
| net-snmp Build | Restored mibII/var_route module; fixed undefined var_ipRouteEntry symbol on musl builds |
| FRR (Free Range Routing) | Added kernel-level patches required for BGP/OSPF/route-map integration; improved routing performance |
| Build System | Documented execute-bit restoration workflow and nl80211_copy.h pre-seed step for full rebuild consistency |
20260420-0050¶
New Features¶
DNS Filtering
New dns-group and dns-filter CLI commands provide domain-based DNS filtering with blacklist and whitelist modes. Domain entries automatically cover all subdomains (wildcard matching); more specific entries take precedence over broader ones. Named groups (dns-group) allow bulk domain management — add or remove domains from a group without modifying filter rules.
dns-group adult-sites
domain playboy.com
!
dns-filter 100 deny group adult-sites
dns-filter 200 permit all
See DNS Filtering for full configuration details.
EasyMesh Multi-Fronthaul Support
EasyMesh controller now supports multiple fronthaul SSIDs across different VLANs. Maximum BSS count is derived dynamically from the radio configuration rather than being hardcoded. Combined with improved agent upstream tracking, this enables more flexible mesh deployments with per-VLAN fronthaul segmentation.
IPsec VRF Support
IPsec tunnels can now be bound to a specific VRF for traffic isolation. VRF assignment is supported for both standard IPsec and VTI-mode tunnels. VTI return routes now use an explicit next-hop for correct per-VRF routing.
Fibocom Modem Support
Provider registration updated to support Fibocom FM160 and FG160 modems, in addition to existing Quectel RG520N support.
Enhancements¶
| Area | Change |
|---|---|
| QoS | Traffic shaping class number range moved to 200–279, separated from PBR range 100–199 to prevent fwmark conflicts. HTB priority formula updated accordingly. |
| IP Track | Enhanced system reachability tracking — improved probe interface binding and route persistence for multi-WAN environments. |
| EasyMesh | no interface wifi mesh now fully cleans up all EasyMesh state: clears ieee1905managed flags, removes /tmp/ezmesh-*.conf runtime files, and restores wsplcd/ezmesh configs to defaults. |
| EasyMesh Agent | Upstream tracking optimised — bridge state and veth cross-netns handling improved for more reliable backhaul detection after wifi restart. |
| PBR | PBR features optimised; show ip pbr output improved. |
| Show Interface | show interface vrf, show ip interface, and show interface wwan output improved for clarity and consistency. |
| SLA Monitoring | SLA and system monitoring performance optimisations. |
| Interface Monitoring | Enhanced interface state monitoring for improved link-state accuracy. |
| SSH | SSH daemon hardened — weak KEX algorithms removed, MaxAuthTries tightened, ClientAlive parameters corrected. |
| IPsec VTI | VTI return route now uses ip route replace with explicit via next-hop for reliable per-VRF forwarding. |
Bug Fixes¶
| Area | Fix |
|---|---|
| EasyMesh Agent | Fix CAP↔NonCAP state cycle causing agent registration failure on first boot. |
| EasyMesh Agent | Fix stuck mapsig- SSIDs — WPS re-trigger and bitwise MAP capability checks corrected. |
| EasyMesh Agent | Fix spurious VLAN/eth0 bridge created on first boot. |
| EasyMesh Agent | Fix ubus interface calls — use UCI interface name (lan) and correct down/up method names. |
| EasyMesh Controller | Fix fronthaul VAP (mbox) disappearing when the managed VLAN matches the management network. |
| BGP | Fix XE300 unable to recognise BGP show commands (ticket 71874). |
| IPsec | Fix 7 bugs identified in code review — covering tunnel teardown, status parsing, and VTI route handling. |
| WireGuard | Fix VRF interface display issue in show output. |
| P2P Interface | Fix P2P interface handling in PBR routing. |