Chapter 12. Networking

NetworkManager-openswan now supports libreswan

In Red Hat Enterprise Linux 6.8, the openswan IPsec implementation is considered obsolete and replaced by the libreswan implementation. The NetworkManager-openswan package now supports both openswan and libreswan in order to facilitate migration. (BZ#1267394)

New package: chrony

A new package, chrony, has been added to Red Hat Enterprise Linux 6. chrony is a versatile implementation of the Network Time Protocol (NTP), which can usually synchronize the system clock with a better accuracy than the ntpd daemon from the ntp package. It can be also used with the timemaster service from the linuxptp package to synchronize the clock to Precision Time Protocol (PTP) domains with sub-microsecond accuracy if hardware timestamping is available, and provide a fallback to other PTP domains or NTP sources. (BZ#1274811)

New packages: ldns

The ldns packages contain a library with the aim to simplify DNS programming in C. All low-level DNS/DNSSEC operations are supported. A higher level API has been defined which allows a programmer to, for instance, create or sign packets. (BZ#1284961)

wpa_supplicant can now send logs into the syslog

Previously, wpa_supplicant could only save log messages into the /var/log/wpa_supplicant.log file. This update adds the capability to save log messages into the system log, allowing you to use additional features provided by syslog such as remote logging.
To activate this feature, add the new -s option into OTHER_ARGS in the /etc/sysconfig/wpa_supplicant configuration file. (BZ#822128)

Enhancements in system-config-network

The Network Configuration tool (the system-config-network package) has received multiple user interface improvements in this release. Notable enhancements include additional fields for the PEERDNS and ONBOOT settings and an added Delete button in the list of interfaces. (BZ#1214729)

New packages: unbound

Unbound is a validating, recursive, and caching DNS resolver. It is designed as a set of modular components that also support DNS Security Extensions (DNSSEC). (BZ#1284964)

nm-connection-editor now allows a higher range of VLAN ids

The VLAN id is no longer limited to the range 0-100 in nm-connection-editor. The new allowed range is between 0 and 4095. (BZ#1258218)

NetworkManager supports locking Wi-Fi network connections to a specific radio frequency band

NetworkManager now allows you to specify a certain frequency band such for a Wi-Fi connection. To lock a connection to a certain band, use the new BAND= option in the connection configuration file in the /etc/sysconfig/network-scripts/ directory. Values for this option are based on the IEEE 802.11 protocol specifications; to specify the 2.4 GHz band, use BAND=bg, and to specify the 5 GHz band, use BAND=a. (BZ#1254070)

NetworkManager now supports iBFT

A plug-in for iSCSI Boot Firmware Table (iBFT) configuration has been added to NetworkManager. This plug-in ensures that initial network configuration for hosts booting from iSCSI in a VLAN is correct. (BZ#1198325)