Documentation Home
> System Administration Guide: IP Services
System Administration Guide: IP Services
Book Information
Index
Numbers and Symbols
A
B
C
D
E
F
G
H
I
K
L
M
N
O
P
Q
R
S
T
U
V
W
Z
Preface
Part I TCP/IP Administration
Chapter 1 Solaris TCP/IP Protocol Suite (Overview)
What's New in This Release
Introducing the TCP/IP Protocol Suite
Protocol Layers and the Open Systems Interconnection Model
OSI Reference Model
TCP/IP Protocol Architecture Model
Physical Network Layer
Data-Link Layer
Internet Layer
IP Protocol
ARP Protocol
ICMP Protocol
Transport Layer
TCP Protocol
SCTP Protocol
UDP Protocol
Application Layer
Standard TCP/IP Services
UNIX “r” Commands
Name Services
Directory Service
File Services
Network Administration
Routing Protocols
How the TCP/IP Protocols Handle Data Communications
Data Encapsulation and the TCP/IP Protocol Stack
Application Layer: Where a Communication Originates
Transport Layer: Where Data Encapsulation Begins
TCP Segmentation
Establishing a TCP Connection
UDP Packets
Internet Layer: Where Packets Are Prepared for Delivery
IP Datagrams
Data-Link Layer: Where Framing Takes Place
Physical Network Layer: Where Frames Are Sent and Received
How the Receiving Host Handles the Packet
TCP/IP Internal Trace Support
Finding Out More About TCP/IP and the Internet
Computer Books About TCP/IP
TCP/IP and Networking Related Web Sites
Requests for Comments and Internet Drafts
Chapter 2 Planning an IPv4 Addressing Scheme (Tasks)
Network Planning (Task Map)
Determining the Network Hardware
Deciding on an IP Addressing Format for Your Network
IPv4 Addresses
IPv4 Addresses in CIDR Format
DHCP Addresses
IPv6 Addresses
Private Addresses and Documentation Prefixes
Obtaining Your Network's IP Number
Designing an IPv4 Addressing Scheme
Designing Your IPv4 Addressing Scheme
IPv4 Subnet Number
Designing Your CIDR IPv4 Addressing Scheme
Using Private IPv4 Addresses
How IP Addresses Apply to Network Interfaces
Naming Entities on Your Network
Administering Host Names
Selecting a Name Service and Directory Service
Network Databases
Using NIS or DNS as the Name Service
Using Local Files as the Name Service
Domain Names
Administrative Subdivisions
Planning for Routers on Your Network
Network Topology Overview
How Routers Transfer Packets
Chapter 3 Planning an IPv6 Addressing Scheme (Overview)
Major Features of IPv6
Expanded Addressing
Address Autoconfiguration and Neighbor Discovery
Header Format Simplification
Improved Support for IP Header Options
Application Support for IPv6 Addressing
Additional IPv6 Resources
IPv6 Requests for Comments and Internet Drafts
Web Sites
IPv6 Network Overview
IPv6 Addressing Overview
Parts of the IPv6 Address
Abbreviating IPv6 Addresses
Prefixes in IPv6
Unicast Addresses
Global Unicast Address
Public Topology
Site Topology and IPv6 Subnets
Interface ID
Transitional Global Unicast Addresses
Link-Local Unicast Address
Multicast Addresses
Anycast Addresses and Groups
IPv6 Neighbor Discovery Protocol Overview
IPv6 Address Autoconfiguration
Stateless Autoconfiguration Overview
Overview of IPv6 Tunnels
Chapter 4 Planning an IPv6 Network (Tasks)
IPv6 Planning (Task Maps)
IPv6 Network Topology Scenario
Preparing the Existing Network to Support IPv6
Preparing the Network Topology for IPv6 Support
Preparing Network Services for IPv6 Support
Preparing Servers for IPv6 Support
How to Prepare Network Services for IPv6 Support
How to Prepare DNS for IPv6 Support
Planning for Tunnels in the Network Topology
Security Considerations for the IPv6 Implementation
Preparing an IPv6 Addressing Plan
Obtaining a Site Prefix
Creating the IPv6 Numbering Scheme
Creating a Numbering Scheme for Subnets
Creating an IPv6 Addressing Plan for Nodes
Chapter 5 Configuring TCP/IP Network Services and IPv4 Addressing (Tasks)
What's New in This Chapter
Before You Configure an IPv4 Network (Task Map)
Determining Host Configuration Modes
Systems That Should Run in Local Files Mode
Network Configuration Servers
Systems That Are Network Clients
Mixed Configurations
IPv4 Network Topology Scenario
Adding a Subnet to a Network (Task Map)
Network Configuration Task Map
Configuring Systems on the Local Network
How to Configure a Host for Local Files Mode
How to Set Up a Network Configuration Server
Configuring Network Clients
How to Configure Hosts for Network Client Mode
How to Change the IPv4 Address and Other Network Configuration Parameters
Packet Forwarding and Routing on IPv4 Networks
Routing Protocols Supported by the Solaris OS
IPv4 Autonomous System Topology
Configuring an IPv4 Router
How to Configure an IPv4 Router
Routing Tables and Routing Types
Configuring Routes
How to Add a Static Route to the Routing Table
Configuring Multihomed Hosts
How to Create a Multihomed Host
Configuring Routing for Single-Interface Systems
How to Enable Static Routing on a Single-Interface Host
How to Enable Dynamic Routing on a Single-Interface Host
Monitoring and Modifying Transport Layer Services
How to Log the IP Addresses of All Incoming TCP Connections
How to Add Services That Use the SCTP Protocol
How to Use TCP Wrappers to Control Access to TCP Services
Chapter 6 Enabling IPv6 on a Network (Tasks)
Configuring an IPv6 Interface
Enabling IPv6 on an Interface (Task Map)
How to Enable an IPv6 Interface for the Current Session
How to Enable Persistent IPv6 Interfaces
How to Turn Off IPv6 Address Autoconfiguration
Configuring an IPv6 Router
IPv6 Router Configuration (Task Map)
How to Configure an IPv6-Enabled Router
Modifying an IPv6 Interface Configuration for Hosts and Servers
Modifying an IPv6 Interface Configuration (Task Map)
Using Temporary Addresses for an Interface
How to Configure a Temporary Address
Configuring an IPv6 Token
How to Configure a User-Specified IPv6 Token
Administering IPv6-Enabled Interfaces on Servers
How to Enable IPv6 on a Server's Interfaces
Tasks for Configuring Tunnels for IPv6 Support (Task Map)
Configuring Tunnels for IPv6 Support
How to Manually Configure IPv6 Over IPv4 Tunnels
How to Manually Configure IPv6 Over IPv6 Tunnels
How to Configure IPv4 Over IPv6 Tunnels
How to Configure a 6to4 Tunnel
How to Configure a 6to4 Tunnel to a 6to4 Relay Router
Configuring Name Service Support for IPv6
How to Add IPv6 Addresses to DNS
How to Display IPv6 Name Service Information
How to Verify That DNS IPv6 PTR Records Are Updated Correctly
How to Display IPv6 Information Through NIS
Chapter 7 Administering a TCP/IP Network (Tasks)
Major TCP/IP Administrative Tasks (Task Map)
Monitoring the Interface Configuration With the ifconfig Command
How to Get Information About a Specific Interface
How to Display Interface Address Assignments
Monitoring Network Status With the netstat Command
How to Display Statistics by Protocol
How to Display the Status of Transport Protocols
How to Display Network Interface Status
How to Display the Status of Sockets
How to Display the Status of Transmissions for Packets of a Specific Address Type
How to Display the Status of Known Routes
Probing Remote Hosts With the ping Command
How to Determine if a Remote Host Is Running
How to Determine if a Host Is Dropping Packets
Administering and Logging Network Status Displays
How to Control the Display Output of IP-Related Commands
How to Log Actions of the IPv4 Routing Daemon
How to Trace the Activities of the IPv6 Neighbor Discovery Daemon
Displaying Routing Information With the traceroute Command
How to Find Out the Route to a Remote Host
How to Trace All Routes
Monitoring Packet Transfers With the snoop Command
How to Check Packets From All Interfaces
How to Capture snoop Output Into a File
How to Check Packets Between an IPv4 Server and a Client
How to Monitor IPv6 Network Traffic
Monitoring Packets by Using IP Layer Devices
How to Check Packets on the IP Layer
Examples
Administering Default Address Selection
How to Administer the IPv6 Address Selection Policy Table
How to Modify the IPv6 Address Selection Table for the Current Session Only
Chapter 8 Troubleshooting Network Problems (Tasks)
General Network Troubleshooting Tips
Running Basic Diagnostic Checks
How to Perform Basic Network Software Checking
Common Problems When Deploying IPv6
IPv4 Router Cannot Be Upgraded to IPv6
Problems After Upgrading Services to IPv6
Current ISP Does Not Support IPv6
Security Issues When Tunneling to a 6to4 Relay Router
Known Issues With a 6to4 Router
Implementing Static Routes at the 6to4 Site (Bug ID 4709338)
Configuring Tunnels with the Same Source Address (Bug ID 4152864)
Chapter 9 TCP/IP and IPv4 in Depth (Reference)
TCP/IP Configuration Files
/etc/hostname.interface File
/etc/nodename File
/etc/defaultdomain File
/etc/defaultrouter File
hosts Database
/etc/inet/hosts File Format
Initial /etc/inet/hosts File
Loopback Address
Host Name
Multiple Network Interfaces
How Name Services Affect the hosts Database
When Local Files Provide the Name Service
netmasks Database
What Is Subnetting?
Creating the Network Mask for IPv4 Addresses
/etc/inet/netmasks File
inetd Internet Services Daemon
Network Databases and the nsswitch.conf File
How Name Services Affect Network Databases
nsswitch.conf File
Changing nsswitch.conf
bootparams Database
Wildcard Entry for bootparams
ethers Database
Other Network Databases
networks database
protocols Database
services Database
Routing Protocols in the Solaris OS
Routing Information Protocol (RIP)
ICMP Router Discovery (RDISC) Protocol
Network Classes
Class A Network Numbers
Class B Network Numbers
Class C Network Numbers
Chapter 10 IPv6 in Depth (Reference)
IPv6 Addressing Formats Beyond the Basics
6to4-Derived Addresses
6to4-Derived Addressing on a Host
IPv6 Multicast Addresses in Depth
IPv6 Packet Header Format
IPv6 Extension Headers
Dual-Stack Protocols
Solaris 10 IPv6 Implementation
IPv6 Configuration Files
ndpd.conf Configuration File
IPv6 Interface Configuration File
/etc/inet/ipaddrsel.conf Configuration File
IPv6-Related Commands
ipaddrsel Command
Reasons for Modifying the IPv6 Address Selection Policy Table
6to4relay Command
Syntax of 6to4relay
ifconfig Command Extensions for IPv6 Support
netstat Command Modifications for IPv6 Support
snoop Command Modifications for IPv6 Support
route Command Modifications for IPv6 Support
ping Command Modifications for IPv6 Support
traceroute Command Modifications for IPv6 Support
IPv6-Related Daemons
in.ndpd Daemon, for Neighbor Discovery
in.ripngd Daemon, for IPv6 Routing
inetd Daemon and IPv6 Services
Considerations When Configuring a Service for IPv6
IPv6 Neighbor Discovery Protocol
ICMP Messages From Neighbor Discovery
Autoconfiguration Process
Obtaining a Router Advertisement
Prefix Configuration Variables
Address Uniqueness
Neighbor Solicitation and Unreachability
Duplicate Address Detection Algorithm
Proxy Advertisements
Inbound Load Balancing
Link-Local Address Change
Comparison of Neighbor Discovery to ARP and Related IPv4 Protocols
IPv6 Routing
Router Advertisement
Router Advertisement Prefixes
Router Advertisement Messages
IPv6 Tunnels
Configured Tunnels
6to4 Automatic Tunnels
Topology of a 6to4 Tunnel
Packet Flow Through the 6to4 Tunnel
Considerations for Tunnels to a 6to4 Relay Router
Packet Flow Between a 6to4 Site and a Native IPv6 Site
IPv6 Extensions to Solaris Name Services
DNS Extensions for IPv6
Changes to the nsswitch.conf File
Changes to Name Service Commands
NFS and RPC IPv6 Support
IPv6 Over ATM Support
Part II DHCP
Chapter 11 About Solaris DHCP (Overview)
About the DHCP Protocol
Advantages of Using Solaris DHCP
How DHCP Works
Solaris DHCP Server
DHCP Server Management
DHCP Data Store
The dhcptab Table
DHCP Network Tables
DHCP Manager
DHCP Command-Line Utilities
Role-Based Access Control for DHCP Commands
DHCP Server Configuration
IP Address Allocation
Network Configuration Information
About DHCP Options
About DHCP Macros
Macro Processing by the DHCP Server
Order of Macro Processing
Size Limit for DHCP Macros
Solaris DHCP Client
Chapter 12 Planning for DHCP Service (Tasks)
Preparing Your Network for the DHCP Service (Task Map)
Mapping Your Network Topology
Network Topology to Avoid
Determining the Number of DHCP Servers
Updating System Files and Netmask Tables
Making Decisions for Your DHCP Server Configuration (Task Map)
Selecting a Host to Run the DHCP Service
Choosing the DHCP Data Store
Setting a Lease Policy
Determining Routers for DHCP Clients
Making Decisions for IP Address Management (Task Map)
Number and Ranges of IP Addresses
Client Host Name Generation
Default Client Configuration Macros
Dynamic and Permanent Lease Types
Reserved IP Addresses and Lease Type
Planning for Multiple DHCP Servers
Planning DHCP Configuration of Your Remote Networks
Selecting the Tool for Configuring DHCP
DHCP Manager Features
dhcpconfig Features
Comparison of DHCP Manager and dhcpconfig
Chapter 13 Configuring the DHCP Service (Tasks)
Configuring and Unconfiguring a DHCP Server Using DHCP Manager
Configuring DHCP Servers
How to Configure a DHCP Server (DHCP Manager)
Configuring BOOTP Relay Agents
How to Configure a BOOTP Relay Agent (DHCP Manager)
Unconfiguring DHCP Servers and BOOTP Relay Agents
DHCP Data on an Unconfigured Server
How to Unconfigure a DHCP Server or a BOOTP Relay Agent (DHCP Manager)
Configuring and Unconfiguring a DHCP Server Using dhcpconfig Commands
How to Configure a DHCP Server (dhcpconfig -D)
How to Configure a BOOTP Relay Agent (dhcpconfig -R )
How to Unconfigure a DHCP Server or a BOOTP Relay Agent (dhcpconfig -U)
Chapter 14 Administering DHCP (Tasks)
About DHCP Manager
DHCP Manager Window
DHCP Manager Menus
Starting and Stopping DHCP Manager
How to Start and Stop DHCP Manager
Setting Up User Access to DHCP Commands
How to Grant Users Access to DHCP Commands
Starting and Stopping the DHCP Service
How to Start and Stop the DHCP Service (DHCP Manager)
How to Enable and Disable the DHCP Service (DHCP Manager)
How to Enable and Disable the DHCP Service (dhcpconfig -S)
DHCP Service and the Service Management Facility
Modifying DHCP Service Options (Task Map)
Changing DHCP Logging Options
How to Generate Verbose DHCP Log Messages (DHCP Manager)
How to Generate Verbose DHCP Log Messages (Command Line)
How to Enable and Disable DHCP Transaction Logging (DHCP Manager)
How to Enable and Disable DHCP Transaction Logging (Command Line)
How to Log DHCP Transactions to a Separate syslog File
Enabling Dynamic DNS Updates by a DHCP Server
How to Enable Dynamic DNS Updating for DHCP Clients
Client Host Name Registration
Customizing Performance Options for the DHCP Server
How to Customize DHCP Performance Options (DHCP Manager)
How to Customize DHCP Performance Options (Command Line)
Adding, Modifying, and Removing DHCP Networks (Task Map)
Specifying Network Interfaces for DHCP Monitoring
How to Specify Network Interfaces for DHCP Monitoring (DHCP Manager)
How to Specify Network Interfaces for DHCP Monitoring (dhcpconfig)
Adding DHCP Networks
How to Add a DHCP Network (DHCP Manager)
How to Add a DHCP Network (dhcpconfig)
Modifying DHCP Network Configurations
How to Modify the Configuration of a DHCP Network (DHCP Manager)
How to Modify the Configuration of a DHCP Network (dhtadm)
Removing DHCP Networks
How to Remove a DHCP Network (DHCP Manager)
How to Remove a DHCP Network (pntadm)
Supporting BOOTP Clients With the DHCP Service (Task Map)
How to Set Up Support of Any BOOTP Client (DHCP Manager)
How to Set Up Support of Registered BOOTP Clients (DHCP Manager)
Working With IP Addresses in the DHCP Service (Task Map)
Adding IP Addresses to the DHCP Service
How to Add a Single IP Address (DHCP Manager)
How to Duplicate an Existing IP Address (DHCP Manager)
How to Add Multiple IP Addresses (DHCP Manager)
How to Add IP Addresses (pntadm)
Modifying IP Addresses in the DHCP Service
How to Modify IP Address Properties (DHCP Manager)
How to Modify IP Address Properties (pntadm)
Removing IP Addresses From the DHCP Service
Marking IP Addresses as Unusable by the DHCP Service
How to Mark IP Addresses as Unusable (DHCP Manager)
How to Mark IP Addresses as Unusable (pntadm)
Deleting IP Addresses From the DHCP Service
How to Delete IP Addresses From DHCP Service (DHCP Manager)
How to Delete IP Addresses From the DHCP Service (pntadm)
Assigning a Reserved IP Address to a DHCP Client
How to Assign a Consistent IP Address to a DHCP Client (DHCP Manager)
How to Assign a Consistent IP Address to a DHCP Client (pntadm)
Working With DHCP Macros (Task Map)
How to View Macros Defined on a DHCP Server (DHCP Manager)
How to View Macros Defined on a DHCP Server (dhtadm)
Modifying DHCP Macros
How to Change Values for Options in a DHCP Macro (DHCP Manager)
How to Change Values for Options in a DHCP Macro (dhtadm)
How to Add Options to a DHCP Macro (DHCP Manager)
How to Add Options to a DHCP Macro (dhtadm)
How to Delete Options From a DHCP Macro (DHCP Manager)
How to Delete Options From a DHCP Macro (dhtadm)
Creating DHCP Macros
How to Create a DHCP Macro (DHCP Manager)
How to Create a DHCP Macro (dhtadm)
Deleting DHCP Macros
How to Delete a DHCP Macro (DHCP Manager)
How to Delete a DHCP Macro (dhtadm)
Working With DHCP Options (Task Map)
Creating DHCP Options
How to Create DHCP Options (DHCP Manager)
How to Create DHCP Options (dhtadm)
Modifying DHCP Options
How to Modify DHCP Option Properties (DHCP Manager)
How to Modify DHCP Option Properties (dhtadm)
Deleting DHCP Options
How to Delete DHCP Options (DHCP Manager)
How to Delete DHCP Options (dhtadm)
Modifying the Solaris DHCP Client's Option Information
Supporting Solaris Network Installation With the DHCP Service
Supporting Remote Boot and Diskless Boot Clients (Task Map)
Setting Up DHCP Clients to Receive Information Only (Task Map)
Converting to a New DHCP Data Store
How to Convert the DHCP Data Store (DHCP Manager)
How to Convert the DHCP Data Store (dhcpconfig -C)
Moving Configuration Data Between DHCP Servers (Task Map)
How to Export Data From a DHCP Server (DHCP Manager)
How to Export Data From a DHCP Server (dhcpconfig -X)
How to Import Data on a DHCP Server (DHCP Manager)
How to Import Data on a DHCP Server (dhcpconfig -I)
How to Modify Imported DHCP Data (DHCP Manager)
How to Modify Imported DHCP Data (pntadm, dhtadm)
Chapter 15 Configuring and Administering the DHCP Client
About the Solaris DHCP Client
DHCPv6 Server
Differences Between DHCPv4 and DHCPv6
The Administrative Model
MAC Address and Client ID
Protocol Details
Logical Interfaces
Option Negotiation
Configuration Syntax
DHCP Client Startup
DHCPv6 Communication
How DHCP Client Protocols Manage Network Configuration Information
How the DHCPv4 Client Manages Network Configuration Information
How the DHCPv6 Client Manages Network Configuration Information
DHCP Client Shutdown
Enabling and Disabling a Solaris DHCP Client
How to Enable the Solaris DHCP Client
How to Disable a Solaris DHCP Client
DHCP Client Administration
ifconfig Command Options Used With the DHCP Client
Setting DHCP Client Configuration Parameters
For DHCPv4
For DHCPv4 and DHCPv6
DHCP Client Systems With Multiple Network Interfaces
DHCPv4 Client Host Names
How to Enable a Solaris DHCPv4 Client to Request a Specific Host Name
DHCP Client Systems and Name Services
Setting Up DHCP Clients as NIS+ Clients
How to Set Up Solaris DHCP Clients as NIS+ Clients
DHCP Client Event Scripts
Chapter 16 Troubleshooting DHCP (Reference)
Troubleshooting DHCP Server Problems
NIS+ Problems and the DHCP Data Store
Cannot Select NIS+ as the DHCP Data Store
NIS+ Is Not Adequately Configured for DHCP Data Store
NIS+ Access Problems for the DHCP Data Store
IP Address Allocation Errors in DHCP
Troubleshooting DHCP Client Configuration Problems
Problems Communicating With the DHCP Server
How to Run the DHCP Client in Debugging Mode
How to Run the DHCP Server in Debugging Mode
How to Use snoop to Monitor DHCP Network Traffic
Output from DHCP Client in Debugging Mode
Output from the DHCP Server in Debugging Mode
DHCP snoop Output
Problems With Inaccurate DHCP Configuration Information
Problems With the DHCP Client-Supplied Host Name
DHCP Client Does Not Request a Host Name
DHCP Client Does Not Get Requested Host Name
Chapter 17 DHCP Commands and Files (Reference)
DHCP Commands
Running DHCP Commands in Scripts
Files Used by the DHCP Service
DHCP Option Information
Determining if Your Site Is Affected
Differences Between dhcptags and inittab Files
Converting dhcptags Entries to inittab Entries
Part III IP Security
Chapter 18 IP Security Architecture (Overview)
What's New in IPsec?
Introduction to IPsec
IPsec RFCs
IPsec Terminology
IPsec Packet Flow
IPsec Security Associations
Key Management in IPsec
IPsec Protection Mechanisms
Authentication Header
Encapsulating Security Payload
Security Considerations When Using AH and ESP
Authentication and Encryption Algorithms in IPsec
Authentication Algorithms in IPsec
Encryption Algorithms in IPsec
IPsec Protection Policies
Transport and Tunnel Modes in IPsec
Virtual Private Networks and IPsec
IPsec and NAT Traversal
IPsec and SCTP
IPsec and Solaris Zones
IPsec Utilities and Files
Changes to IPsec for the Solaris 10 Release
Chapter 19 Configuring IPsec (Tasks)
Protecting Traffic With IPsec (Task Map)
Protecting Traffic With IPsec
How to Secure Traffic Between Two Systems With IPsec
How to Use IPsec to Protect a Web Server From Nonweb Traffic
How to Display IPsec Policies
How to Generate Random Numbers on a Solaris System
How to Manually Create IPsec Security Associations
How to Verify That Packets Are Protected With IPsec
How to Configure a Role for Network Security
How to Manage IKE and IPsec Services
Protecting a VPN With IPsec
Examples of Protecting a VPN With IPsec by Using Tunnels in Tunnel Mode
Protecting a VPN With IPsec (Task Map)
Description of the Network Topology for the IPsec Tasks to Protect a VPN
How to Protect a VPN With an IPsec Tunnel in Tunnel Mode Over IPv4
How to Protect a VPN With an IPsec Tunnel in Tunnel Mode Over IPv6
How to Protect a VPN With an IPsec Tunnel in Transport Mode Over IPv4
How to Protect a VPN With an IPsec Tunnel in Transport Mode Over IPv6
How to Prevent IP Spoofing
Chapter 20 IP Security Architecture (Reference)
IPsec Service Management Facility
ipsecconf Command
ipsecinit.conf File
Sample ipsecinit.conf File
Security Considerations for ipsecinit.conf and ipsecconf
ipsecalgs Command
Security Associations Database for IPsec
Utilities for Key Generation in IPsec
Security Considerations for ipseckey
snoop Command and IPsec
Chapter 21 Internet Key Exchange (Overview)
What's New in IKE?
Key Management With IKE
IKE Key Negotiation
IKE Key Terminology
IKE Phase 1 Exchange
IKE Phase 2 Exchange
IKE Configuration Choices
IKE With Preshared Keys
IKE With Public Key Certificates
IKE and Hardware Acceleration
IKE and Hardware Storage
IKE Utilities and Files
Changes to IKE for the Solaris 10 Release
Chapter 22 Configuring IKE (Tasks)
Configuring IKE (Task Map)
Configuring IKE With Preshared Keys (Task Map)
Configuring IKE With Preshared Keys
How to Configure IKE With Preshared Keys
How to Refresh IKE Preshared Keys
How to View IKE Preshared Keys
How to Add an IKE Preshared Key for a New Policy Entry in ipsecinit.conf
How to Verify That IKE Preshared Keys Are Identical
Configuring IKE With Public Key Certificates (Task Map)
Configuring IKE With Public Key Certificates
How to Configure IKE With Self-Signed Public Key Certificates
How to Configure IKE With Certificates Signed by a CA
How to Generate and Store Public Key Certificates on Hardware
How to Handle a Certificate Revocation List
Configuring IKE for Mobile Systems (Task Map)
Configuring IKE for Mobile Systems
How to Configure IKE for Off-Site Systems
Configuring IKE to Find Attached Hardware (Task Map)
Configuring IKE to Find Attached Hardware
How to Configure IKE to Find the Sun Crypto Accelerator 1000 Board
How to Configure IKE to Find the Sun Crypto Accelerator 4000 Board
Changing IKE Transmission Parameters (Task Map)
Changing IKE Transmission Parameters
How to Change the Duration of Phase 1 IKE Key Negotiation
Chapter 23 Internet Key Exchange (Reference)
IKE Service Management Facility
IKE Daemon
IKE Policy File
IKE Administration Command
IKE Preshared Keys Files
IKE Public Key Databases and Commands
ikecert tokens Command
ikecert certlocal Command
ikecert certdb Command
ikecert certrldb Command
/etc/inet/ike/publickeys Directory
/etc/inet/secret/ike.privatekeys Directory
/etc/inet/ike/crls Directory
Chapter 24 Solaris IP Filter (Overview)
What's New in Solaris IP Filter
Packet Filter Hooks
IPv6 Packet Filtering for Solaris IP Filter
Introduction to Solaris IP Filter
Information Sources for Open Source IP Filter
Solaris IP Filter Packet Processing
Guidelines for Using Solaris IP Filter
Using Solaris IP Filter Configuration Files
Working With Solaris IP Filter Rule Sets
Using Solaris IP Filter's Packet Filtering Feature
Configuring Packet Filtering Rules
Using Solaris IP Filter's NAT Feature
Configuring NAT Rules
Using Solaris IP Filter's Address Pools Feature
Configuring Address Pools
Packet Filter Hooks
IPv6 for Solaris IP Filter
Solaris IP Filter Man Pages
Chapter 25 Solaris IP Filter (Tasks)
Configuring Solaris IP Filter
How to Enable Solaris IP Filter
How to Re-Enable Solaris IP Filter
How to Enable Loopback Filtering
Deactivating and Disabling Solaris IP Filter
How to Deactivate Packet Filtering
How to Deactivate NAT
How to Disable Packet Filtering
Working With Solaris IP Filter Rule Sets
Managing Packet Filtering Rule Sets for Solaris IP Filter
How to View the Active Packet Filtering Rule Set
How to View the Inactive Packet Filtering Rule Set
How to Activate a Different or Updated Packet Filtering Rule Set
How to Remove a Packet Filtering Rule Set
How to Append Rules to the Active Packet Filtering Rule Set
How to Append Rules to the Inactive Packet Filtering Rule Set
How to Switch Between Active and Inactive Packet Filtering Rule Sets
How to Remove an Inactive Packet Filtering Rule Set From the Kernel
Managing NAT Rules for Solaris IP Filter
How to View Active NAT Rules
How to Remove NAT Rules
How to Append Rules to the NAT Rules
Managing Address Pools for Solaris IP Filter
How to View Active Address Pools
How to Remove an Address Pool
How to Append Rules to an Address Pool
Displaying Statistics and Information for Solaris IP Filter
How to View State Tables for Solaris IP Filter
How to View State Statistics for Solaris IP Filter
How to View NAT Statistics for Solaris IP Filter
How to View Address Pool Statistics for Solaris IP Filter
Working With Log Files for Solaris IP Filter
How to Set Up a Log File for Solaris IP Filter
How to View Solaris IP Filter Log Files
How to Flush the Packet Log File
How to Save Logged Packets to a File
Creating and Editing Solaris IP Filter Configuration Files
How to Create a Configuration File for Solaris IP Filter
Solaris IP Filter Configuration File Examples
Part IV IP Quality of Service (IPQoS)
Chapter 26 Introducing IPQoS (Overview)
IPQoS Basics
What Are Differentiated Services?
IPQoS Features
Where to Get More Information About Quality-of-Service Theory and Practice
Books About Quality of Service
Requests for Comments (RFCs) About Quality of Service
Web Sites With Quality-of-Service Information
IPQoS Man Pages
Providing Quality of Service With IPQoS
Implementing Service-Level Agreements
Assuring Quality of Service for an Individual Organization
Introducing the Quality-of-Service Policy
Improving Network Efficiency With IPQoS
How Bandwidth Affects Network Traffic
Using Classes of Service to Prioritize Traffic
Differentiated Services Model
Classifier (ipgpc) Overview
IPQoS Classes
IPQoS Filters
Meter (tokenmt and tswtclmt) Overview
Marker (dscpmk and dlcosmk) Overview
Flow Accounting (flowacct) Overview
How Traffic Flows Through the IPQoS Modules
Traffic Forwarding on an IPQoS-Enabled Network
DS Codepoint
Per-Hop Behaviors
Expedited Forwarding
Assured Forwarding
Packet Forwarding in a Diffserv Environment
Chapter 27 Planning for an IPQoS-Enabled Network (Tasks)
General IPQoS Configuration Planning (Task Map)
Planning the Diffserv Network Topology
Hardware Strategies for the Diffserv Network
IPQoS Network Topologies
IPQoS on Individual Hosts
IPQoS on a Network of Server Farms
IPQoS on a Firewall
Planning the Quality-of-Service Policy
QoS Policy Planning Aids
QoS Policy Planning (Task Map)
How to Prepare a Network for IPQoS
How to Define the Classes for Your QoS Policy
Defining Filters
How to Define Filters in the QoS Policy
How to Plan Flow Control
How to Plan Forwarding Behavior
How to Plan for Flow Accounting
Introducing the IPQoS Configuration Example
IPQoS Topology
Chapter 28 Creating the IPQoS Configuration File (Tasks)
Defining a QoS Policy in the IPQoS Configuration File (Task Map)
Tools for Creating a QoS Policy
Basic IPQoS Configuration File
Configuring the IPQoS Example Topology
Creating IPQoS Configuration Files for Web Servers
How to Create the IPQoS Configuration File and Define Traffic Classes
How to Define Filters in the IPQoS Configuration File
How to Define Traffic Forwarding in the IPQoS Configuration File
How to Enable Accounting for a Class in the IPQoS Configuration File
How to Create an IPQoS Configuration File for a Best-Effort Web Server
Creating an IPQoS Configuration File for an Application Server
How to Configure the IPQoS Configuration File for an Application Server
How to Configure Forwarding for Application Traffic in the IPQoS Configuration File
How to Configure Flow Control in the IPQoS Configuration File
Providing Differentiated Services on a Router
How to Configure a Router on an IPQoS-Enabled Network
Chapter 29 Starting and Maintaining IPQoS (Tasks)
Administering IPQoS (Task Map)
Applying an IPQoS Configuration
How to Apply a New Configuration to the IPQoS Kernel Modules
How to Ensure That the IPQoS Configuration Is Applied After Each Reboot
Enabling syslog Logging for IPQoS Messages
How to Enable Logging of IPQoS Messages During Booting
Troubleshooting with IPQoS Error Messages
Chapter 30 Using Flow Accounting and Statistics Gathering (Tasks)
Setting Up Flow Accounting (Task Map)
Recording Information About Traffic Flows
How to Create a File for Flow-Accounting Data
Gathering Statistical Information
Chapter 31 IPQoS in Detail (Reference)
IPQoS Architecture and the Diffserv Model
Classifier Module
IPQoS Selectors
Meter Module
tokenmt Metering Module
Configuring tokenmt as a Single-Rate Meter
Configuring tokenmt as a Two-Rate Meter
Configuring tokenmt to Be Color Aware
tswtclmt Metering Module
Marker Module
Using the dscpmk Marker for Forwarding Packets
Expedited Forwarding (EF) PHB
Assured Forwarding (AF) PHB
Supplying a DSCP to the Marker
Using the dlcosmk Marker With VLAN Devices
IPQoS Configuration for Systems With VLAN Devices
flowacct Module
flowacct Parameters
Flow Table
flowacct Records
Using acctadm with the flowacct Module
IPQoS Configuration File
action Statement
Module Definitions
class Clause
filter Clause
params Clause
ipqosconf Configuration Utility
Glossary
© 2010, Oracle Corporation and/or its affiliates