From Fedora Project Wiki

Revision as of 13:42, 3 February 2012 by Rbergero (talk | contribs) (Moved to FeatureAcceptedF17 - feature was accepted at 2012-01-30 meeting.)

Enterprise Networking with NetworkManager

Summary

These enhancements to NetworkManager will support enterprise features like bonding, IP-over-Infiniband, VLAN, and likely bridging.

Owner

Current status

  • Targeted release: Fedora 17
  • Last updated: 2012-01-24
  • Percentage of completion: 40%

Detailed Description

NetworkManager is currently being enhanced with support for bonding, IP-over-Infiniband, and VLAN connections. Bridging will follow soon. These types of network configuration are often used in enterprise settings or on workstations where virtualization is required, but are often hard to set up and not very forgiving. This feature aims to make that process easier and to provide better integration with existing tools like libvirt.

Benefit to Fedora

NetworkManager will interact more smoothly with existing tools and setups, and will not require certain interfaces to be made invisible to NetworkManager. Users will also be able to configure these types of network connections without having to edit config files if they so choose.

Scope

This is a fairly large change to NetworkManager. It involes a number of people and quite a large change in the codebase. However, VLAN and bonding are already (as of Jan 24) almost entirely complete. Bridging is a bit more complicated but it's also where we need to interact with other tools like libvirt to ensure the experience is smooth. The GUI work still needs to be done (though isn't as complicated as the internal NetworkManager code) and we need to coordinate with UI designers on this to make sure it's not a confusing enterprisey mess.

How To Test

There are three categories of testing to be done:

  • clean initial configuration of VLANs, bridges, or bonds
  • correct handling of existing ifcfg-based configuration for VLANs, bridges, and bonds
  • correct interaction with libvirt and netcf's existing support for bridges

Unfortunately some of these features require more complicated networking hardware like intelligent switches and such. However, at least for VLANs, we should be able to set up two machines to use the same VLAN and ping between them, but not be able to ping a third machine that is not configured for that VLAN but connected to the same switch.

For bridging, we need to ensure that NM works correctly with libvirt and ifup/ifdown so that when NM is running, NM is the entity that creates, configures, and destroys the bridge. It should not break existing configuration on systems with libvirt enabled.

For bonding, we need a system with two or more ethernet devices, and after setting them up in a bonded configuration, we should be able to use SSH or FTP across the link to achive more bandwidth than one device alone could. The bond configuration only needs to be done on the test machine, not on others connected to the link (ie, unlike VLAN).

User Experience

NetworkManager should seamlessly take over control of existing configuration for bridges, bonds, and VLANs.

Dependencies

This depends on libnl3 which has just been pushed into Fedora 17.

Contingency Plan

If testing determines that the features are not performing as expected, we will simply disable them in the code until they can be re-enabled without problems.

Documentation

  • The existing documentation (if any) about the ifcfg file format describes the lower-level configuration options in ifcfg files. We'll need to coordinate with libvirt team to ensure their docs about configuring virtual machines are up-to-date, since they currently recommend making NM ignore bridged interfaces.

Release Notes

  • NetworkManager now supports configuration of bridges, bonds, and VLANs. Existing configurations should be managed seamlessly by NM as long as it is allowed to do so (ie, by removing NM_CONTROLLED=no from ifcfg files). If you're interested in what NM is doing, or if you encounter problems, some debugging tips are located at http://live.gnome.org/NetworkManagerDebugging and log output goes to /var/log/messages by default.

Comments and Discussion