Fedora IPv6 testing and improvements - request for ideas

Pavel Simerda psimerda at redhat.com
Tue Nov 3 23:46:58 UTC 2015 

----- Original Message -----
> From: "Peter Robinson" <pbrobinson at gmail.com>
> To: "Development discussions related to Fedora" <devel at lists.fedoraproject.org>
> Sent: Tuesday, November 3, 2015 6:27:32 PM
> Subject: Re: Fedora IPv6 testing and improvements - request for ideas
> 
> >> In the above page:
> >> * Network configuration: I see NetworkManager in there but nothing
> >> about systemd-networkd
> >
> > I used browser search in that page and 'systemd' (which is the name
> > of the source package that provides systemd-networkd) is listed.
> 
> I wasn't sure whether it meant systemd in general such as port based
> service activation or networkd subset of that or combinations of all
> the options.

It is merely a list of packages and doesn't suggest any specific usage
of those. I currently don't plan any specific focus on networkd.

> >> * Other: firewalld including zones and other such configurations (you
> >> mention iptables)
> >
> > The firewalld package is also mentioned.
> 
> Yes, I found that later on when re-reading.
> 
> >> > Most prominent subpages:
> >> >
> >> >  * https://fedoraproject.org/wiki/QA/Networking/Test_environment
> >>
> >> In this section I see "IPv6 node" but nothing that covers a IPv6 only
> >> routed network with IPv6 to IPv4 gateway ie it runs v6 only internally
> >> but uses 6 to 4 services for legacy services.
> >
> > That is an interesting points. It sort of falls into the IPv6 only case
> > but has enough specifics to be mentioned, at the least.
> >
> >> >  * https://fedoraproject.org/wiki/QA/Networking/Client_software
> >>
> >> Again nothing about a native IPv6 only network with a gateway that
> >> supports 6to4 for legacy services outside the network.
> >
> > To be honest we are most interested in native connectivity. If anyone
> > needs to use tunneled connectivity as a workaround, he should probably
> > choose a mechanism that provides comparable results. On the other hand,
> > the biggest difference in 6to4 when using the `2002::/16` subprefixes
> > is that it is not preferred over IPv4 addresses by default according
> > to RFC 6724.
> 
> It's still a valid use case that we should be testing to ensure as
> networks migrate it provides a good user experience.
> 
> >> What about a iOS9 style preferring of IPv6 over IPv4 in the general
> >> desktop. In the iOS9 case they do network measurements and favour IPv6
> >> bydefault, and if it's going to be faster but fail back quickly if
> >> it's not, how would we deal with this?
> >
> > In my opinion this is out of scope of the networking QA project as
> > we see it.
> 
> Why? It's a completely relevant usecase and if there's options where
> it'd faster and provides better user experience, or the inverse it's
> slower and provides a poor user experience why wouldn't we want to
> test it?

Relevancy is not enough. The project is rather loosely defined at the moment
and its focus will mainly depend on the focus of its active contributors. I'm
not aware of anyone willing to work on network measurement based dynamic
network configuration.

> >> >  * https://fedoraproject.org/wiki/QA/Networking/Server_software
> >>
> >> Nothing in here about:
> >> * IPv6 services RA, dhcp6, 6 to 4 proxies, 4 to 6 proxies and other
> >> such transition servers
> >
> > That is correct. The page is about general networking server workflow,
> > for network configuration details see the respective document below.
> >
> > https://fedoraproject.org/wiki/QA/Networking/Configuration
> >
> >> * what about VPN services like a IPv6 only network connecting to a
> >> dual stack VPN, or a IPv4 only VPN or a number of combinations there
> >> of IE interfaces that are v6 only and ones that are v4 only. What
> >> happens with routing then if there's other 6 to 4 services in play?
> >
> > Like in the following bug report? Yes, that sounds useful to add
> > somewhere.
> >
> > https://bugzilla.redhat.com/show_bug.cgi?id=1091356
> >
> >> * Load balancers ie like facebook uses to bridge external dual stack
> >> to IPv6 only internal services, or providing IPv6 externally to
> >> present internal v4 services externally to v6
> >
> > I don't think we (people currently involved in the project) have the
> > capacity to test Fedora based services with load balancers. Anyone
> > is free to submit bug reports, though.
> 
> I meant more for things like HAproxy as shipped in Fedora, or for
> things like OpenShift which depends on components like HAproxy, I
> mention OpenShift because the council is investigating it as an
> objective [1]

I can't promiss anything regarding HAproxy, OpenShift and related
software. It might be better to discuss the details on IRC.

> [1]
> https://lists.fedoraproject.org/pipermail/council-discuss/2015-September/013694.html
> 
> >> There's also nothing I can see from a quick read about offload
> >> engines. A lot of 10Gb+ network interfaces have offloads for generic
> >> IP, TCP, other acceleration to enable to do line speed 10+gb on IPv4,
> >> we obviously want acceleration because IPv6 headers are larger and
> >> hence take up more memory.
> >
> > It is not explicitly stated (and that should be fixed) that we
> > are focusing on userspace and configuration, not kernel networking
> > features. That doesn't prevent anyone from joining and extending the
> > project nor from filing kernel bug reports and feature requests.
> 
> Well things like dpdk are userspace and integrate with things like
> virtualisation, docker, openvswitch etc, are those sort of userspace
> in your remit?

Possibly. This topic would also benefit from a more detailed and more
interactive discussion on IRC.

If there are more people interested with specific knowledge, we can of
course do much more.

Cheers,

Pavel

> >> There's toolkits like dpgk (
> >> http://dpdk.org ) for acceleration of packets across large bandwidth
> >> interfaces but I don't see any mention of that or network IO
> >> virtualisation/offload.
> >>
> >> Facebook and others have been testing these sorts of things:
> >>
> >> https://code.facebook.com/posts/1123882380960538/linux-ipv6-improvement-routing-cache-on-demand/
> >> https://code.facebook.com/posts/938078729581886/improving-the-linux-kernel-with-upstream-contributions/
> >>
> >> Along these lines also I see nothing about Open vSwitch and SND
> >> encapsulation protocols testing such as vxlan, GRE, GENEVE etc
> >
> > I think this is the same situation as above.
> >
> >> > During the first phase we are interested in getting feedback on
> >> > testing methods and test cases. Any other ideas are of course
> >> > welcome. Even contacts for future collaboration would be great.
> >>
> >> A future development would be around 6LoWPAN and the routing protocols
> >> etc for that so we can communicate with IoT devices.
> >>
> >> The way I read a lot of the pages above is a "this is how we did it on
> >> IPv4 lets test it on IPv6" rather than a review of how things are
> >> going to change with IPv6, how would I get to a IPv4 site if I'm on a
> >> IPv6 network, visa versa and the whole sets of new use cases that are
> >> appearing as a result of it.
> >
> > Let us now if there are specific cases that need to be covered to make
> > Fedora packages communicate well over the versions of the IP protocol.
> --
> devel mailing list
> devel at lists.fedoraproject.org
> https://admin.fedoraproject.org/mailman/listinfo/devel
> Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct

More information about the devel mailing list