Red Hat SummitChapter 18. Networking
Review the most notable changes to networking between RHEL 9 and RHEL 10.
- Network team driver was removed
The
teamdservice and thelibteamlibrary were removed in Red Hat Enterprise Linux 10. As a replacement, configure a bond instead of a network team.Red Hat focuses its efforts on kernel-based bonding to avoid maintaining two features, bonds and teams, that have similar functions. The bonding code has a high customer adoption, is robust, and has an active community development. As a result, the bonding code receives enhancements and updates.
If you use RHEL 9 with a network team and plan to upgrade to RHEL 10, migrate the network team configuration to network bond before you upgrade.
- Removed support for network configuration files in the ifcfg format
-
Starting with RHEL 9.0, RHEL stored newly created network configurations in a key file format in the
/etc/NetworkManager/system-connections/directory. The connections, for which the configurations had already been stored from previous times in the/etc/sysconfig/network-scripts/directory in the old ifcfg format still worked uninterrupted. However, with the RHEL 10 release, the support for the ifcfg format based network configuration files was removed. - The
dhclientutility was removed -
The
dhclientutility is a client program used to obtain IP addresses, network configuration, and other information from a DHCP server. Sincedhclientis no longer developed as of early 2022, the utility was removed in Red Hat Enterprise Linux 10. As a consequence of the removal, you can no longer setdhcp=dhclientin/etc/NetworkManager.conf. As a replacement, use thedhcp=internal(default) in your NetworkManager configuration. - Removed NIC device drivers related to iPXE
Internet Preboot eXecution Environment (iPXE) firmware provides a range of boot options over a network often used in environments, where machines need to boot remotely. Among others, it contains a large number of device drivers. With the RHEL 10 release, the following will be removed:
-
The complete
ipxe-romssub-RPM package Binary files containing device drivers from
ipxe-bootimgs-x86sub-RPM package:-
/usr/share/ipxe/ipxe-i386.efi -
/usr/share/ipxe/ipxe-x86_64.efi -
/usr/share/ipxe/ipxe.dsk -
/usr/share/ipxe/ipxe.iso -
/usr/share/ipxe/ipxe.lkrn -
/usr/share/ipxe/ipxe.usb
-
Instead, iPXE now depends on the platform firmware to provide a NIC driver for the network boot. The
/usr/share/ipxe/ipxe-snponly-x86_64.efiand/usr/share/ipxe/undionly.kpxeiPXE binary files are the part of theipxe-bootimgspackage and use the NIC driver provided by the platform firmware.-
The complete
NetworkManager-initscripts-updownis not available-
The
NetworkManager-initscripts-updownsub-package is removed in RHEL 10 because the relatednetwork-scriptspackage had already been removed in RHEL 9. - Moving some kernel modules to
kernel-modules-extra All kernel modules related to the following utilities have been moved to the
kernel-modules-extrapackage:-
iptables -
ip6tables -
ipset -
ebtables -
arptables
-
- ATM encapsulation has been removed
- Asynchronous Transfer Mode (ATM) encapsulation enables Layer-2 (Point-to-Point Protocol, Ethernet) or Layer-3 (IP) connectivity for the ATM Adaptation Layer 5 (AAL-5). In RHEL 9, the ATM implementation was unsupported and deprecated. In RHEL 10, the kernel feature has been disabled in the kernel, and ATM is no longer available.
- The
PF_KEYv2kernel API has been removed -
In earlier RHEL versions, applications could configure the kernel’s IPsec implementation by using the deprecated
PV_KEYv2and the newernetlinkAPI.PV_KEYv2has not been actively maintained upstream and is missing important security features, such as modern ciphers, offload, and extended sequence number support. As a result, thePV_KEYv2API has been removed in RHEL 10. If you used this kernel API in applications, migrate your applications to use the modernnetlinkAPI as an alternative. - The
firewalldlockdown feature has been removed -
The
firewalldlockdown feature could not prevent processes that are running asrootfrom adding themselves to the allow list. In RHEL 10, this feature has been removed.
'%20d='M201.5%20305.5c-13.8%200-24.9-11.1-24.9-24.6%200-13.8%2011.1-24.9%2024.9-24.9%2013.6%200%2024.6%2011.1%2024.6%2024.9%200%2013.6-11.1%2024.6-24.6%2024.6zM504%20256c0%20137-111%20248-248%20248S8%20393%208%20256%20119%208%20256%208s248%20111%20248%20248zm-132.3-41.2c-9.4%200-17.7%203.9-23.8%2010-22.4-15.5-52.6-25.5-86.1-26.6l17.4-78.3%2055.4%2012.5c0%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.3%2024.9-24.9s-11.1-24.9-24.9-24.9c-9.7%200-18%205.8-22.1%2013.8l-61.2-13.6c-3-.8-6.1%201.4-6.9%204.4l-19.1%2086.4c-33.2%201.4-63.1%2011.3-85.5%2026.8-6.1-6.4-14.7-10.2-24.1-10.2-34.9%200-46.3%2046.9-14.4%2062.8-1.1%205-1.7%2010.2-1.7%2015.5%200%2052.6%2059.2%2095.2%20132%2095.2%2073.1%200%20132.3-42.6%20132.3-95.2%200-5.3-.6-10.8-1.9-15.8%2031.3-16%2019.8-62.5-14.9-62.5zM302.8%20331c-18.2%2018.2-76.1%2017.9-93.6%200-2.2-2.2-6.1-2.2-8.3%200-2.5%202.5-2.5%206.4%200%208.6%2022.8%2022.8%2087.3%2022.8%20110.2%200%202.5-2.2%202.5-6.1%200-8.6-2.2-2.2-6.1-2.2-8.3%200zm7.7-75c-13.6%200-24.6%2011.1-24.6%2024.9%200%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.1%2024.9-24.6%200-13.8-11-24.9-24.9-24.9z'/%3e%3c/svg%3e){kind=small}