Chapter 5 Networking changes

This chapter describes the ChorusOS networking changes in version 5.0. The chapter includes:

• Messaging Changes

• Protocol Changes

• Changes to Network Utilities

• Enhanced Security

Messaging Changes

The major changes in messaging involve the upgrade of the Sun RPC library from version 4 to version 5. This change has the following implications:

• The new RPC library used in ChorusOS 5.0 now offers the same functionality as the one used in the current version of the Solaris operating environment. The library is therefore completely compatible with the Solaris operating environment. The new library is also compatible with the previous library, however. This implies that applications developed for the previous version will run perfectly well on the new version.

• The new RPC library is multi-threaded and supports IPv6.

• In the new library, rpcbind replaces portmap. rpcbind has all the functionality of portmap and includes additional functionality.

• Extensions have been made to the RPC library, as indicated in the following section.

RPC Extensions

The ChorusOS 5.0 operating system extends the RPC library by adding:

• One-way asynchronous messaging

• Non-blocking asynchronous I/O

• Detection of the closure of a connection in a server

• Callbacks on user file descriptors

Changes to Network Protocols

This section describes the changes made to network protocols.

IPv6

IPv6 is a major enhancement of the Internet Protocol which breaks the IPv4 limitations, particularly the address range limitation. IPv6 also simplifies the IP headers for optimizing implementations.

IPv6 and IPv4 stacks co-exist in version 5.0 of the ChorusOS operating system.

For more information on support for IPv6, refer to "The ChorusOS system and IP" in the ChorusOS 5.0 System Administrator's Guide.

For a complete guide to migrating from IPv4 to IPv6, refer to "Transitioning From IPv4 to IPv6" in the Solaris System Administration Guide, Volume 3.

Network Time Protocol (NTP)

The new NTP feature provides a set of daemons and commands that enable you to synchronize the dates of different ChorusOS systems. The date is synchronized within a client/server architecture. A ChorusOS system may request the date or provide the date to other systems.

The Network Time Protocol Daemon (ntpd)

The ntpd daemon can run as a server or as a client. The server feature provides a reference clock available to all systems on the network. The client feature is used to compute a clock according to other sources and to keep the system clock synchronized.

The ntpq Command

This command enables you retrieve or to set the ntpd configuration dynamically. For example, the list of reference clocks used by servers for synchronization can be modified dynamically with ntpq

The ntptrace Command

ntptrace determines the source from which a particular NTP server gets its time and follows the chain of NTP servers back to their master time source.

The ntpdate command

ntpdate enables you to retrieve and set the system time using NTP. Requests made by ntpdate are in unicast mode. Although ntpdate is not the best way to request the time periodically, or to maintain a synchronized date (since it is a command) it can be useful when used with a mechanism like a cron tab.

Changes to Network Utilities

This section describes the network utilities that are new in version 5.0 of the ChorusOS operating system.

traceroute

The traceroute utility tracks and prints the route that packets follow to the network host. It uses the IP protocol time to live field and attempts to elicit an ICMP TIME_EXCEEDED response from each gateway along the path to a host.

For more information on the implementation of the traceroute utility, see the traceroute(1M) man page.

tcpdump

The tcpdump utility displays the headers of packets on a network interface that match a specified boolean expression.

For more information on this utility, see the tcpdump(1M) man page.

Enhanced System Security

The introduction of the password management feature to the ChorusOS operating system provides enhanced system security. The password management feature uses the Lightweight Directory Access Protocol (LDAP).

The ldap.conf file contains information about the location of the LDAP server for password management in the ChorusOS operating system. For more information. see the hosts(4CC)ldap.conf(4CC) man page.

Password Management

Version 5.0 of the ChorusOS operating system includes the ability to manage user passwords through its password management feature. Related files are located in /etc/master.passwd and /etc/group. These files enable more flexible security management, in addition to the standard /etc/security file. You can enable the password management feature by running pwd_mkdb(1M).

For more information on the implementation of password management in the ChorusOS operating system, see "System Administration in the Extended Profile" in the ChorusOS 5.0 System Administrator's Guide.