JavaScript is required to for searching.
Skip Navigation Links
Exit Print View
Oracle Solaris Administration: Network Interfaces and Network Virtualization     Oracle Solaris 11 Express 11/10
search filter icon
search icon

Document Information

Preface

Part I Network Auto-Magic

1.  Introduction to NWAM

2.  NWAM Configuration and Administration (Overview)

Overview of NWAM Configuration

What Are Network Profiles?

Description of an NCP

Description of an NCU

Description of the Automatic and User NCPs

Description of a Location Profile

Description of an ENM

About Known WLANs

NWAM Configuration Data

NCU Property Values

Property Values of System-Defined Locations

How NWAM Profiles Are Activated

NCP Activation Policy

Example of an NCP Policy

NCU Activation Properties

Location Activation Selection Criteria

Using the nwamcfg Command to Configure Profiles

nwamcfg Interactive Mode

nwamcfg Command-Line Mode

nwamcfg Command-File Mode

nwamcfg Supported Subcommands

Using the nwamadm Command to Administer Profiles

Overview of the NWAM Daemons

Description of the NWAM Policy Engine Daemon (nwamd)

Description of the NWAM Repository Daemon (netcfgd)

SMF Network Services and the NWAM Process

Refresh and Restart Behavior of the NWAM Service

Overview of NWAM Security

Authorizations and Profiles That Are Related to NWAM

Authorizations That Are Required to Use the NWAM User Interfaces

3.  NWAM Profile Configuration (Tasks)

4.  NWAM Profile Administration (Tasks)

5.  About the NWAM Graphical User Interface

Part II Administering Single Interfaces

6.  Overview of the Networking Stack

7.  Datalink Configuration and Administration

8.  Configuring an IP Interface

9.  Configuring Wireless Interface Communications on Oracle Solaris

Part III Administering Interface Groups

10.  Administering Bridges

11.  Administering Link Aggregations

12.  Administering VLANs

13.  Introducing IPMP

14.  Administering IPMP

Part IV  Network Virtualization and Resource Management

15.  Introducing Network Virtualization and Resource Control (Overview)

16.  Planning for Network Virtualization and Resource Control

17.  Configuring Virtual Networks (Tasks)

18.  Using Link Protection in Virtualized Environments

19.  Managing Network Resources

20.  Monitoring Network Traffic and Resource Usage

Glossary

Index

How NWAM Profiles Are Activated

NCPs, Location profiles, and ENMs have activation-mode properties. The allowable values for each profile type differ. In addition, how the activation-mode property is validated differs for each profile type, as do the conditions under which each profile is activated.

For system-defined locations (Automatic and NoNet), the activation-mode property value is set to system, which means that the location can only be activated by the system, under those conditions that the system has predetermined are appropriate for the given location.

For user-defined locations, you can set the activation-mode and conditions properties to manual, conditional-any, or conditional-all. For more information, see Location Activation Selection Criteria.

A Location profile can be manually enabled by using the nwamadm command or by using the NWAM GUI. If you do not explicitly enable a location, the NWAM daemon, nwamd, checks the activation rules for all of the conditionally activated and system-activated Location profiles, and then chooses the location that best matches the current network environment.

NWAM uses an algorithm to determine the “best match” for a location choice. If there is no suitable match for a location, the Automatic location is then activated. Changes in the network environment cause the nwamd daemon to continually reassess the location selection to determine the best match. However, if you explicitly enable a Location profile by using the nwamadm command, (either a location that is manually activated or a location that is conditionally activated) that location remains active until the you explicitly disable it or enable a different location. In this situation, changes in the network environment do not result in a change in Location profiles, regardless of whether there might be a better match available. The fact that you explicitly specified the current location makes it, in effect, the best possible match. For instructions on activating and deactivating profiles, see Activating and Deactivating Profiles.

NCP Activation Policy

NWAM enables you to specify NCP policy, in terms of when NCUs are activated. The NCP policy is enforced through the use of properties and conditions that can be specified for each NCU. Examples of policies that you might specify include, “prefer wired connections over wireless connections” or “activate one interface at a time”. How and when NCPs are activated is defined in the properties that are set for each NCU type.

Interface NCUs consist of an enabled property that has a default value of true. Certain properties can be disabled, or their values can be set to false.


Note - An interface NCU must always be associated with an underlying link NCU. Each interface NCU becomes active when its associated link NCU is activated. You can override the default behavior of an NCU by using the nwamadm command. However, the dependency on the underlying link NCU can never be removed. For example, if you enable an interface NCU without enabling its associated link NCU, the interface will not actually come online until the underlying NCU for that interface is activated.


Example of an NCP Policy

In the following example, NCU properties are set for when the NCP policy needs to specify that all of the available wired links are activated, and that a wireless connection should only be used if no wired connection is available.

For all physical links:

In the following example, NCU properties are set according to an NCP policy that specifies that there be only one active link on the system at any given time, and that a wired connection is preferred over a wireless connection.

For all physical links:

NCU Activation Properties

How network connections are activated is set in the link NCU properties. The following properties are used to enforce the NCP activation policy:

Location Activation Selection Criteria

Each Location profile contains properties that define activation criteria. These properties specify information about the conditions under which a location is activated. NWAM continuously reevaluates the selection criteria for all the configured locations, each time determining which location has the criteria that is the best match for the current network environment. If changes take place in the current network environment that result in a better criteria match, NWAM deactivates the current Location profile and activates the Location profile that is the better match for the new environment.

The selection criteria for when and how a location is activated are specified by the following properties:

The activation-mode property is set to one of the following possible values:


Note - The system value of the activation-mode property can only be assigned to system-provided locations: the Automatic and NoNet locations. The system value indicates that the system determines when to activate these locations.


If the activation-mode property is set to conditional-any or conditional-all, the conditions property contains a conditional expression (or expressions) that are user-defined. Each expression contains a condition that can be assigned a boolean value, for example, “ncu ip:bge0 is-not activated”.

If the activation-mode property is set to conditional-any, the condition is satisfied, if any one of the conditions is true.

If the activation-mode property is set to conditional-all, the condition is satisfied only if all of the conditions are true. The criteria and operations that can be used to construct the condition strings are defined in the following table.

Table 2-5 Criteria and Operations for Constructing Condition Strings

Object Type/Attribute
Condition
Object
ncu, enm, loc
is/is-not active
name
essid
is/is-not

contains/does-not-contain

name string
bssid
is/is-not
bssid string
ip-address
is/is-not
IPv4 or IPv6 address
ip-address
is-in-range/is-not-in-range
IPv4 or IPv6 address plus netmask/prefixlen
advertised-domain
is/is-not

contains/does-not-contain

name string
system-domain
is/is-not

contains/does-not-contain

name string

Note - The essid property represents an Extended Server Set Identifier (ESSID), which is the network name of an access point (AP). The bssid property represents a Basic Service Set Identifier (BSSID), which is the MAC address of an AP.


Note the distinction between the advertised-domain and the system-domain attributes. The advertised domain is discovered through external communications, for example, the DNSdmain or NISdmain domain names, which are advertised by a DHCP server. This attribute is useful for the conditional activation of locations, for example, if the advertised domain is mycompany.com, then activate the work location. The system-domain attribute is the domain that is currently assigned to the system. It is the value that is returned by the domainname command. This attribute is useful for the conditional activation of ENMs, as it will only become true after a location has been activated, and the system has been configured for that particular domain. For more information, see the domainname(1M) man page.

For more information about location properties, see Description of a Location Profile.