[Server-devel] [Sugar-news] Network configuration (was Re: Sugar DIgest 2009-04-09)
walter.bender at gmail.com
Fri Apr 17 08:10:59 EDT 2009
On Thu, Apr 16, 2009 at 3:40 PM, Alexander Dupuy <alex.dupuy at mac.com> wrote:
> Hi Walter and Wade,
> It's been a while since you wrote these, but I had wanted to reply and just
> now got around to it.
>> On Thu, Apr 9, 2009 at 4:49 PM, Walter Bender <walter.bender at gmail.com>
>>> ===Sugar Digest ===
>>> I was able
>>> to get the network working but the process is tedious—I don't think we
>>> can expect teachers and youn children to use ifconfig, route, etc.
>>> from the shell. I also had to boot each machine in Windows, get the IP
>>> address, netmask, gateway, and DNS, but this is something that needs
>>> only to be done once per machine. Configuring the network on Sugar on
>>> a Stick has to happen every time, presuming the children will be
>>> jumping from machine to machine. A control panel widget for setting up
>>> a static IP address is a first step, but I wonder if there is an
>>> easier way.
> Wade Brainerd replied:
>> In the long term, what about enabling freedesktop.org standard panel
>> applets to appear in the frame, and then just using nm-panel for
>> network configuration?
>> The access points could then be removed from the Neighborhood view.
> Something else that you might want to consider would be using link-local
> addresses (Zeroconf) for most of the Sugar machines, and having one or a few
> Sugar systems manually configured to provide a NAT routing service ("IP
> proxy") with a caching DNS relay, that would allow the link-local-addressed
> systems to communicate with the internet and other (non-link-local) machines
> on the network. This way you would only need to manually configure a
> handful of machines (or even just the teacher's) rather than the entire
> classroom. While not as efficient or desirable as a proper DHCP
> configuration, it does provide a mechanism that allows you to bootstrap up
> on the network with only a minimal amount of configuration, and without any
> possibility of conflicts with existing networking setups that you would get
> by trying to bring up a new DHCP server.
> While I'm not 100% sure of this, I believe that some (or maybe even all?) of
> this already exists (or existed) on the OLPC distributions - I think that
> the mesh networking uses link-local addresses (at least in some cases) and I
> remember reading that XO systems with a second network interface would act
> as Internet gateways for the machines that only had mesh connections. I
> don't know whether this functionality is still present or working (it might
> have been removed or just suffered from bit rot due to Fedora version
> changes) but it would certainly be something that could be used as a
> starting point for implementing this for Sugar on a stick.
> Link-local addresses are trivially easy to configure for IPv6 (you actually
> have to go to some effort to *not* use them), and Fedora supports link-local
> 169.254.*.* addresses for IPv4 as well. Sugar would have to provide a
> configuration mechanism (this could be tied to the configuration of a static
> IP address) that would set up the "IP proxy" NAT routing service for other
> machines using link-local addresses (the NAT conversion would map link-local
> endpoints to unused UDP/TCP ports on the routing system) - while I have
> never done such a thing, it should certainly be possible, and perhaps
> someone on the networking list has done this already for non-link-local
> networking configurations, and could provide more details on the necessary
> Once you had support for the "IP proxy" enabled, you would need to advertise
> that service via multicast DNS, and add something to the default Sugar
> configuration that (if a link-local address was the only IP address
> available) would attempt to do a lookup for available "IP proxies" and
> choose one for installation as a default gateway router (and DNS resolver).
> Fedora already includes the Avahi tools that you would use for this - it
> would pretty much be a matter of configuration and adding a script or two
> that manages this during networking startup. If this is tested out and
> found to be useful, you could probably even get Fedora upstream to pick up
> the relevant changes to the networking startup scripts (as long as the
> scripts do not fail if link-local addresses are unavailable and/or the Avahi
> tools are not installed).
> It probably would be best to implement this as an IPv4-only service
> initially, then look at the possibility of adding an IPv6/IPv6 service,
> eventually looking at IPv6/IPv4 tunneling and/or proxy options as well.
> Finally, the "IP proxy" NAT service would be something that it would make
> sense to add to the "school server" distributions as and when this is
> adopted by Sugar systems.
> mailto:alex.dupuy at mac.com
Another approach, suggested by Wad, is to simply set up a DHCP server
with the list of machines/IP address. (Presumably we can use such an
arrangement on the School Server.)
More information about the Server-devel