Linux Networking News Archives

As with each kernel cycle, the networking subsystem updates for Linux 6.7 are heavy with a wide assortment of core networking infrastructure improvements, (e)BPF features continue to be tacked on, and new wired and wireless network hardware is supported.

Landlock was merged back in 2021 with Linux 5.13 for unprivileged application sandboxing. Landlock is focused on restricting ambient rights and is implemented as a stackable Linux security module (LSM). With Linux 6.7 the Landlock LSM is now moving beyond just file-system access controls to also introduce initial networking support.

In addition to old and unmaintained Ethernet driver code set for removal, there is an effort underway to clear out some obsolete and orphaned WiFi drivers from the Linux kernel.

While the Linux kernel tends to keep around drivers for even very old hardware, once there are no known users left that would still be updating to new Linux kernel versions or the drivers pose a significant maintenance burden, it's eventually time to let them go. We've seen the WiMAX wireless code removed and now the latest on the Linux wireless networking side inching close to the chopping block are old WiFi drivers.

Following the news from a few days ago that Curl was prepping for its worst security flaw in a long time affecting the project, Curl 8.4 is now available and with new light on this issue.

Google, Cloudflare and AWS today disclosed a new zero-day vulnerability called the HTTP/2 Rapid Reset attack. This attack that is being seen in the real-world relies on a weakness in the HTTP2 protocol for carrying out "hyper volumetric" Distributed Denial of Service attacks.

The Linux kernel's Fair Queue "FQ" network packet scheduling algorithm that is celebrating its 10th anniversary since being mainlined in the Linux 3.12 kernel cycle is celebrating by rolling out some performance optimizations with the next version of the Linux kernel.

The first of three parts for MSG_ZEROCOPY preparations for the VirtIO-Vsock driver have been queued into net-next ahead of planned introduction in the Linux 6.7 kernel as another means of achieving greater performance within virtual machines.

One of the new Linux networking features we've been looking forward to seeing in the kernel is TCP Authentication Option (TCP-AO / RFC5925) as a means of improving TCP security and authenticity. The eleventh iteration of the TCP-AO patches were posted today for the Linux kernel with it looking like work on this network addition potentially wrapping up soon.

Released nearly one year ago was GNU Wget2 2.0 as a big improvement over Wget to support more protocols like HTTP/2, enabling multi-threading support and parallel connections, and a range of other feature additions. Published on Thursday was Wget2 2.1 as the newest step forward for this much-improved Wget open-source downloading solution.

The big set of Linux networking subsystem updates were sent out today for the recently-started Linux 6.6 kernel merge window. There are a number of core networking improvements this cycle, support for various new wired and wireless chipsets, and improvements made to existing Ethernet and WiFi drivers.

While Linux 6.1 added the initial Rust infrastructure as an alternative programming language for writing new kernel modules, so far as of Linux 6.5 much of the upstreaming effort has been around adding new abstractions and supporting additional subsystems for making the Rust capabilities in the kernel more complete. The latest patch series is working on adding Rust abstractions for networking sockets and other fundamental networking bits.

Intel's open-source ConnMan software that is an Internet connect manager focused on embedded Linux devices is out with a new release.

The Linux Foundation has established the Ultra Ethernet Consortium "UED" as an industry-wide effort founded by AMD, Arista, Broadcom, Cisco, Eviden, HPE, Intel, Meta, and Microsoft for designing a new Ethernet-based communication stack architecture for high performance networking.

The Linux 6.5 networking subsystem changes include more preparations around the ongoing WiFi 7 wireless standard as well as bringing up support for a number of newer network adapters.

A new set of patches this weekend begin laying the groundwork for Rust abstractions for Linux network device drivers so that Rust code can be used for constructing new network device drivers. The patches also include a dummy Rust network driver.

With Linux running on everything from tiny single board computers with basic WiFi or Ethernet networking up through massive super-computer clusters, the Linux networking subsystem continues seeing immense improvements each kernel cycle. With Linux 6.4 the networking changes are heavy from new hardware support (including Apple M1 Pro/Max WiFi!) to continued work around WiFi 7 support as well as never-ending work on performance optimizations.

While Cloudflare is in the process of replacing Nginx with their in-house, Rust-written alternative, the Cloudflare infrastructure is vast and has many different services at play. For one of the areas they are still currently relying on Nginx, this week they published a blog post outlining how they rewrote an Nginx module in the C programming language to instead make use of Rust.

As part of the Linux networking updates for the Linux 6.3 cycle in addition to the BIG TCP support for IPv4 that can yield higher throughput and lower latency, another networking change worth pointing out is the introduction of the "ath12k" driver for Qualcomm WiFi 7 hardware support.

The networking subsystem feature updates for the Linux 6.3 kernel were submitted today that feature not only some prominent networking driver enhancements and new wired/wireless hardware support but also core networking improvements like BIG TCP for IPv4.

With the next Linux kernel cycle we could see upstream disable their driver support for Microsoft's Remote Network Driver Interface Specification (RNDIS) protocol due to security concerns.

A new set of patches posted for the Plan 9 (9p) resource sharing protocol code inside the Linux kernel can deliver roughly 10x better performance for file transfers.

The big batch of networking subsystem feature updates for the Linux 6.2 merge window has landed.

The first beta of OpenVPN 2.6 is now available and it's a big one for those using this cross-platform, virtual private network (VPN) system.

One of countless great open-source projects from Intel over the years is IWD as a modern wireless daemon for WiFi devices on Linux. IWD has been in the works for over a half-decade as a new replacement to wpa_supplicant and with time has implemented many features and seen widespread adoption. Released this week was IWD 2.0 as the latest milestone for this open-source wireless daemon.

Landing in "net-next" on Monday is wired networking support for the MotorComm YT8521 Ethernet Gigabit PHY. This network ASIC may not ring a bell for most folks, but is used so far by one notable RISC-V development board.

Picked up this week in the "net-next" code ahead of the Linux 6.2 merge window in December is support for TCP Protective Load Balancing (PLB).

The Linux kernel's networking subsystem is beginning to make preparations for 800 Gbps Ethernet networking.

Daniel Stenberg has announced the release of cURL 7.86 as the newest version of this command-line utility and library for various networking purposes.

Linux's universal TUN driver that provides packet reception and transmission for user-space programs may soon see a 1000x speed-up with a proposed patch sent out today for this network driver.

A set of Linux kernel WiFi stack security issues were made public today. The Linux 6.1 Git kernel has now merged fixes for these vulnerabilities while the fixes also work their way to being back-ported to existing stable series.

The networking feature pull for the Linux 6.1 kernel brings 127k lines of new code and 50k lines of code removed as a rather hearty set of wired/wireless networking driver updates and core improvements this round.

Cloudflare has long relied upon Nginx as part of its HTTP proxy stack but now has replaced it with their in-house, Rust-written Pingora software that is said to be serving over one trillion requests per day and delivering better performance while only using about a third of the CPU and memory resources.

One of the interesting capabilities with Thunderbolt and now USB4 that is seemingly not too widely used is for networking between systems. The Linux kernel for the past half-decade already has offered a Thunderbolt networking driver for networking between hosts with Thunderbolt cables. The latest improvement on this front is now supporting USB4's end-to-end flow control mode.

NetworkManager 1.40 has been released as this widely-used software for configuring wired and wireless network interfaces under Linux.

With the Linux 5.19 kernel there are some exciting networking improvements like big TCP support, PureLiFi drivers for light-based networking, WFX WiFi being promoted out of staging, and much more. Now with the in-development Linux 6.0 there is a lot more work in store.

DECnet as a set of networking protocols from Digital Equipment Corporation (DEC) that date back to 1975 are expected to be finally removed from the Linux kernel. The DECnet protocols have long been obsolete, the Linux kernel implementation has been orphaned for more than one decade, and is code that belongs more in a history museum than the mainline kernel.

The long in development work around IO_uring zero-copy send for the Linux kernel's networking subsystem is now ready for mainline.

The networking subsystem updates have landed in the Linux 5.19 kernel with big updates to core networking code as well as a lot of individual driver work this cycle both for wired and wireless networking.

Back in 2019 Realtek contributed the open-source "RTW88" WiFi driver to the Linux kernel for supporting their newer wireless chipsets on Linux. To date the mainline driver has just supported their PCI-based WiFi adapters while a patch series now out for review extends the driver to supporting their newer USB-specific chipsets.

The Solarflare "SFC" network driver within the Linux kernel for their high performance network adapters, owned by Xilinx and now owned by AMD, is seeing some restructuring with the next version of the Linux kernel. The intention is on shifting older network hardware to a separate kernel module/driver so improvements and new hardware support can be the focus with this main Solarflare Linux network driver.

There are many networking changes already building up in "net-next" ahead of the Linux 5.19 kernel cycle kicking off this summer. Merged yesterday is support within the Mellanox Ethernet "mlxsw" kernel driver for supporting the NVIDIA Mellanox SN4800 modular switch.

Added back in 2019 to the Linux staging area was the "WFX" WiFi driver for low-power IoT hardware from Silicon Labs. After three years of hard work by Silicon Labs engineers and open-source developers, this driver for the WF200 series of wireless chips is set to be promoted in the Linux 5.19 cycle.

The networking subsystem updates are busy as always with each Linux kernel merge window.

Back in 2019 the folks at CloudFlare announced BoringTun as a Rust-written WireGuard user-space implementation. Yesterday marked the first tagged release of BoringTun in the form of version 0.4.

NetworkManager 1.36 is now available for this widely-used software for managing Linux wired and wireless network connections.

With Linux 5.17 are some nice networking performance optimizations touching different areas while the never-ending optimization work will continue with Linux 5.18.

Among the many new features in Linux 5.17 are several notable network optimizations. Optimizing network performance is a never-ending game and already for a future kernel are a new set of UDP/IPv6 optimizations being worked on.

The Linux networking subsystem updates for the in-development 5.17 kernel are quite exciting as usual given how prolific Linux is from large servers in the cloud to running on enterprise networking gear down to Linux on small IoT hardware. Not only is there a lot of hardware driver action as usual but also some key performance/latency optimizations.

As part of the plethora of networking changes for Linux 5.17, NVIDIA is introducing support for Spectrum-4 networking ASICs.