Bug fixes & Resiliency
- Extended the period of time that the Connector attempts to reconnect to our service without manual intervention due to any type of network or service interruption.
- Added jitter to reconnection logic to avoid the “thundering herd” effect during service interruptions.
- Enhanced the Connector heartbeat behavior to provide greater resiliency during service interruptions.
- Resolved an issue where peer-to-peer connections were denied when an unusually large number of Resources is configured.
ARM architecture support
- The Connector now includes compatibility for Linux-based systems running on ARM silicon architectures armv7andarm64. This covers all Raspberry Pi devices, many IoT applications, and NAS devices from vendors such as Synology and QNAP.
- Connectors will now connect to multiple relay nodes within a given region for additional resiliency to hardware and network failures.
- Resolved an issue where the connection to the controller could prematurely timeout over unreliable networks.
- Improved the reliability of status heartbeat messages in circumstances where the relay node IP address remained static.
- Improved the security of token storage while the connector is running.
Bug fixes & Peer-to-peer support
- Added support for peer-to-peer connections via NAT traversal. If a Client also supports peer-to-peer connections, NAT traversal will always be prioritized before falling back to a Relay mode connection.
- Slightly expanded token validity window in situations where clock synchronization on the host device is imprecise.
- Resolved an issue where certain network and DNS errors were incorrectly treated as unrecoverable.
- Reduced the latency required to switch transports to another relay node in the case of failover.
- Additional small fixes, including resolving a minor memory leak and clarifying log messages.
Bug fixes & Service account support
- Added some additional leeway to account for clock synchronization issues on the host environment.
- Resolved a timeout issue that could require a restart under certain circumstances.
- Added support for service accounts and headless clients. Connectors must be upgraded to 1.30.0or later in order to assign resources to service accounts.
Note: There is no functional difference between 1.26.0 and 1.27.0, and there is no need to upgrade if you are currently on 1.26.0.
- Fixes an issue where ICMP ping requests were incorrectly timing out on some client platforms.
- This release resolves an issue where multiple matching resource rules (for example, a wildcard rule and a FQDN) with different port restrictions could cause an incorrect denial of access for the user’s network connection.
Real-time logging support
- Connectors now support local real-time output of network analytics to stdout, allowing direct log collection from deployed Connectors. See Connector real-time logs for schema and configuration information.
- Twingate now supports restricting ports for defined Resources.
- Miscellaneous connectivity and analytics bug fixes.
- Improvements to ensure the Connector is always connected to its optimal Relay for performance.
- Fixed a bug in Healthcheck that caused it to always appear unhealthy.
Client IP logging support
- Support for logging client IP in Network Analytics.
- Latency optimizations for realtime traffic.
- Analytics bug fixes.
Connector health check
- You can now check if the Connector is functioning properly by running a health check.
- Improved Connector logging for debugging purposes.
- Performance and stability fixes.
- Added support for pinging protected Resources.
- Network Analytics bug fixes.