Networking improvements for 13.04

Registered by Stéphane Graber on 2012-10-21

Our usual session for feedback on changes from the past cycle and disucssion on the upcoming changes for the next cycle.
This covers both the foundations side of things (ifupdown, isc-dhcp, ...) and the desktop side (network-manager, modem-manager, ...).

Initial list of topics:
 - Local resolver on desktop installations
  - DNSSEC support
  - Caching support
  - How to support people running their own DNS server (do we care ?)
 - IPv6 support status and next steps
 - IPSEC
 - UEFI secureboot netboot on IPv4 and IPv6

Blueprint information

Status:
Not started
Approver:
Steve Langasek
Priority:
Undefined
Drafter:
Stéphane Graber
Direction:
Needs approval
Assignee:
Stéphane Graber
Definition:
Pending Approval
Series goal:
Accepted for raring
Implementation:
Unknown
Milestone target:
None

Related branches

Sprints

Whiteboard

Our usual session for feedback on changes from the past cycle and disucssion on the upcoming changes for the next cycle.

This covers both the foundations side of things (ifupdown, isc-dhcp, ...) and the desktop side (network-manager, modem-manager, ...).

Initial list of topics:
 - Local resolver on desktop installations
  - DNSSEC support
  - Caching support
  - stgraber added a link on the previous bp to code to figure out what user sends a request
  - http://paste.ubuntu.com/1205622/
  - How to support people running their own DNS server (do we care ?)
 - IPv6 support status and next steps
 - IPSEC
 - UEFI secureboot netboot on IPv4 and IPv6

Other topics discussed in the session:
DHCP PD support?
AHCP
Expired IPv6 addresses not getting flushed by the kernel

Bufferbloat / QDisc, using pfifo_fast vs. codel:
<dtaht> hi
<dtaht> https://github.com/tohojo/netperf-wrapper/blob/master/sample_plots/100m_pfifo_fast.png
<dtaht> https://github.com/tohojo/netperf-wrapper/blob/master/sample_plots/100m_fq_codel.png
<dtaht> the way I currently do this is via a script in /etc/network/ifup.d
<dtaht> https://github.com/dtaht/deBloat/blob/master/src/debloat.sh
<dtaht> Van jacobson's presentation: recordings.conf.meetecho.com/Recordings/watch.jsp?recording=IETF84_TSVAREA&chapter=part_3

[mpt] See also <https://blueprints.launchpad.net/ubuntu/+spec/desktop-r-proxy-support>.

== IPv6 support in the Canonical datacenter ==
IPv6 has now been turned on for archive.ubuntu.com and security.ubuntu.com

The next services to become IPv6 enabled should be geoip.ubuntu.com, ntp.ubuntu.com and the DNS infrastructure.

(?)

Work Items

Work items:
[stgraber] Write the needs for a caching server (implementing nss plugin, ...): TODO
[cyphermox] Better advertise the fact that you can turn on caching since Ubuntu 12.10: TODO
[stgraber] Test UEFI secureboot netboot on IPv4 and IPv6, follow-up on known bugs and document how to set it up: TODO
[stgraber] Follow-up with IS on state of IPv6 in the datacenter: DONE
[cyphermox] Implement (or finish implementing) PDP context selection/ mobile ipv6 connect: POSTPONED
[cyphermox] add ipv6 tab for DSL (pppoe): POSTPONED
[stgraber] Check if strongswan's opportunistic IPSEC works, potentially fix the package and blog about it: TODO
[cyphermox] Blog about changing interface settings to reduce bufferbloat: TODO
[stgraber] Look at fixing isc-dhcp-client to work over infiniband: DONE
[cyphermox] Discuss qdisc changes with dcbw / NM mailing list: POSTPONED
[cyphermox] talk to shadeslayer about KDE NM VPN plugin packages: DONE
[cyphermox] On demand installation of VPN plugins in NetworkManager (nm-applet): POSTPONED
[cyphermox] On demand installation of VPN plugins in plasma-networkmanagement: POSTPONED
[stgraber] Look at patching consolekit to add an option to disable at_console (for systems that won't have a console). Dropping because we'll be getting rid of consolekit anyway: POSTPONED

This blueprint contains Public information 
Everyone can see this information.