Network Management, Bandwidth, and Security

It’s difficult to overestimate the importance of networking in today’s business environment. Since networking provides a central means for data exchange and collaboration, it is often a critical factor when it comes to determining an organization’s ultimate potential for success.

At Red Hat, we understand the importance of networking and the role it plays in maintaining business continuity. As such, we made networking one of the primary focus areas of development for Red Hat Enterprise Linux 7. Having incorporated numerous enhancements and performance optimizations into the Red Hat Enterprise Linux 7 beta – I’d like to take this opportunity to talk about “what’s new” with respect to improvements in network management, bandwidth, and security.

Painless Network Management

Let’s face it, networking on Linux can be a daunting affair (especially for those who are unfamiliar with the idiosyncrasies of it). When attempting to manage or configure even the most basic of networking services, administrators often need to rely upon a mix of disparate standalone utilities… or resort to editing scripts by hand. From an operational standpoint, this can be both challenging and costly. In fact, these issues can routinely impact an organization’s ability to quickly adopt and deploy Linux.

In an effort to streamline network management, NetworkManager, the network management interface, has undergone a significant update to address a variety of shortcomings associated with setting up network interfaces and services. NetworkManager, in its new form, allows administers of all abilities to perform most network-related tasks with ease. In addition, a new command-line network management utility (NM-CLI), is now provided to facilitate the setup and management of network services. While this powerful new interface is likely to be attractive to administrators who require (or simply prefer) command-line access, it’s useful for remote server administration, headless nodes, and various scripting purposes too.

Speeding It Up

Getting your network up-and-running is only half the battle. As the use of bandwidth-intensive services continues to soar, today’s networks – both wired and wireless – are placed under considerable strain and organizations face mounting pressure to meet the demands of these new applications. Whether you need to manage large data sets for High Performance Computing, stream thousands of high definition videos per hour, or support a private cloud infrastructure, improvements in network connectivity are increasingly important for eliminating potential application bottlenecks.

Understanding this reality, the Red Hat Enterprise Linux 7 beta now provides support for 40 Gigabit Ethernet link speeds, enabling faster communication between systems and applications. The 40 Gb Ethernet standard is intended for robust high-speed connectivity while maintaining maximum compatibility with existing interfaces and network management principles.

Note that we didn’t stop with wired connections – wireless performance has also been improved with support for the WiGig (IEEE 802.11ad) specification, which allows devices to communicate without wires at multi-gigabit speeds (up to 7 Gbps). This standard enables high performance wireless data, display and audio applications that supplement the capabilities of today’s wireless LAN devices.

Beyond new data rate support, the Red Hat Enterprise Linux 7 beta also features Team Driver – a mechanism to virtually combine multiple network devices (ports) into a single logical interface at the data link layer (Layer 2). This is useful for increasing the maximum bandwidth beyond what a single connection can sustain and for providing redundancy in case one of the links fails.

While this capability may sound similar to the existing Linux kernel bonding driver, the Team Driver project doesn’t try to replicate it. Team Driver instead solves the same problem very differently by using a modern, modular user-space based control approach. Only the necessary data fast-path parts are found in the kernel and the majority of the logic is implemented as a user space daemon. This approach provides a number of advantages over traditional bonding including more stability, easier debugging, and is much simpler to extend while still providing equal or better performance.

Locking It Down

Not only do networks of today need to be fast and dependable, they also must be secure. The Linux packet filtering technology iptables has its roots in times when networking was relatively simple and network bandwidth was measured in mere megabits. Emerging technologies such as distributed NAT, overlay networks, and containers require enhanced functionality and additional flexibility.

To this end, the beta of Red Hat Enterprise Linux 7 features a new dynamic firewall service, FirewallD. This service has been introduced to provide greater flexibility over iptables including support for different network trust zones. Unlike iptables where the service must be restarted in order to apply rule updates, FirewallD eliminates service disruption by only applying the rule differences enabling settings to be changed during run-time (without existing connections being lost).

Only Halfway There

Do the above mentioned improvements to networking in the beta of Red Hat Enterprise Linux 7 appeal to you? Perhaps Team Driver is something you’ve been testing out in Fedora? Let us know what you think in the comments below.

Also, stay tuned in – I’ll be following up with additional information on how the Red Hat Enterprise Linux 7 beta has upped the ante with regards to network time synchronization and network performance optimization.

One thought on “Network Management, Bandwidth, and Security

  1. Pingback: RHEL7 repost: Network Management, Bandwidth, and Security | Red Hat Developer Blog

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s