| Skip Navigation Links | |
| Exit Print View | |
|
Oracle Solaris Administration: Network Interfaces and Network Virtualization Oracle Solaris 11 Express 11/10 |
| Skip Navigation Links | |
| Exit Print View | |
|
|
Oracle Solaris Administration: Network Interfaces and Network Virtualization Oracle Solaris 11 Express 11/10 |
2. NWAM Configuration and Administration (Overview)
Overview of NWAM Configuration
Description of the Automatic and User NCPs
Description of a Location Profile
Property Values of System-Defined Locations
Using the nwamcfg Command to Configure Profiles
Using the nwamadm Command to Administer Profiles
Description of the NWAM Policy Engine Daemon (nwamd)
Description of the NWAM Repository Daemon (netcfgd)
SMF Network Services and the NWAM Process
Refresh and Restart Behavior of the NWAM Service
Authorizations and Profiles That Are Related to NWAM
Authorizations That Are Required to Use the NWAM User Interfaces
3. NWAM Profile Configuration (Tasks)
4. NWAM Profile Administration (Tasks)
5. About the NWAM Graphical User Interface
Part II Administering Single Interfaces
6. Overview of the Networking Stack
7. Datalink Configuration and Administration
8. Configuring an IP Interface
9. Configuring Wireless Interface Communications on Oracle Solaris
Part III Administering Interface Groups
11. Administering Link Aggregations
Part IV Network Virtualization and Resource Management
15. Introducing Network Virtualization and Resource Control (Overview)
16. Planning for Network Virtualization and Resource Control
17. Configuring Virtual Networks (Tasks)
18. Using Link Protection in Virtualized Environments
19. Managing Network Resources
NCPs, Location profiles, and ENMs have activation-mode properties. The allowable values for each profile type differ. In addition, how the activation-mode property is validated differs for each profile type, as do the conditions under which each profile is activated.
For system-defined locations (Automatic and NoNet), the activation-mode property value is set to system, which means that the location can only be activated by the system, under those conditions that the system has predetermined are appropriate for the given location.
For user-defined locations, you can set the activation-mode and conditions properties to manual, conditional-any, or conditional-all. For more information, see Location Activation Selection Criteria.
A Location profile can be manually enabled by using the nwamadm command or by using the NWAM GUI. If you do not explicitly enable a location, the NWAM daemon, nwamd, checks the activation rules for all of the conditionally activated and system-activated Location profiles, and then chooses the location that best matches the current network environment.
NWAM uses an algorithm to determine the “best match” for a location choice. If there is no suitable match for a location, the Automatic location is then activated. Changes in the network environment cause the nwamd daemon to continually reassess the location selection to determine the best match. However, if you explicitly enable a Location profile by using the nwamadm command, (either a location that is manually activated or a location that is conditionally activated) that location remains active until the you explicitly disable it or enable a different location. In this situation, changes in the network environment do not result in a change in Location profiles, regardless of whether there might be a better match available. The fact that you explicitly specified the current location makes it, in effect, the best possible match. For instructions on activating and deactivating profiles, see Activating and Deactivating Profiles.
NWAM enables you to specify NCP policy, in terms of when NCUs are activated. The NCP policy is enforced through the use of properties and conditions that can be specified for each NCU. Examples of policies that you might specify include, “prefer wired connections over wireless connections” or “activate one interface at a time”. How and when NCPs are activated is defined in the properties that are set for each NCU type.
Interface NCUs consist of an enabled property that has a default value of true. Certain properties can be disabled, or their values can be set to false.
Note - An interface NCU must always be associated with an underlying link NCU. Each interface NCU becomes active when its associated link NCU is activated. You can override the default behavior of an NCU by using the nwamadm command. However, the dependency on the underlying link NCU can never be removed. For example, if you enable an interface NCU without enabling its associated link NCU, the interface will not actually come online until the underlying NCU for that interface is activated.
In the following example, NCU properties are set for when the NCP policy needs to specify that all of the available wired links are activated, and that a wireless connection should only be used if no wired connection is available.
For all physical links:
NCU type: link
NCU class: phys
activation-mode: prioritized
priority-group: o for wired; 1 for wireless
priority-mode: shared for wired; exclusive for wireless
In the following example, NCU properties are set according to an NCP policy that specifies that there be only one active link on the system at any given time, and that a wired connection is preferred over a wireless connection.
For all physical links:
NCU type: link
NCU class: phys
activation-mode: prioritized
priority-group: 0 for wired; 1 for wireless
priority-mode: exclusive
How network connections are activated is set in the link NCU properties. The following properties are used to enforce the NCP activation policy:
activation-mode
This property can be set to either manual or prioritized.
manual – The NCU activation is managed by the administrator. You can use the NWAM CLI or the GUI to activate or deactivate the NCU. If an NCU's activation-mode is manual, NWAM cannot automatically remove or change the property. In addition, values that are set for both the priority-group and priority-mode NCU properties are ignored.
prioritized – The NCU is activated according to the values that are set in the priority-group and priority-mode properties for the specified NCU. The enabled property is always true for prioritized NCUs.
Prioritized activation enables groups of links to be activated at the same time. This activation mode also enables one or more links to be preferred over other links. The priority-group property assigns a numeric priority level to a given link. All links at the same priority level are examined as a group. The priority-mode property defines how many of the group members might or must be available for the group to be activated.
enabled ( activation-mode is manual)
The value of this property can be true or false. You cannot set the value of this property. Rather, the value reflects the current state of a manually enabled NCU, which can be changed by using the nwamd command or by using the NWAM GUI.
priority-group (activation-mode is prioritized)
The value is set through by using a number. Zero (0) indicates the highest priority. Negative values are invalid.
Among all of the available priority-groups, only the NCUs in the highest available priority-group are activated. When more than one NCU with the same priority is available, activation behavior is defined by the priority-mode property. The priority number is not an absolute value. It can change, as the NCP repository is updated.
Note - The priority order is strictly enforced.
priority-mode (activation-mode is prioritized)
The property is set when a value for the priority-group property has been specified.
The values for this property are as follows:
exclusive – Specifies that only one NCU in the priority-group can be activate at any given time. NWAM activates the first available NCU within the priority group and ignores the other NCUs.
shared – Specifies that multiple NCUs in the priority group can be active at the same time. Any available NCUs in the priority group are activated.
all – Specifies that all of the NCUs in the priority group must be made available for the priority group to be considered available and thus made active.
Each Location profile contains properties that define activation criteria. These properties specify information about the conditions under which a location is activated. NWAM continuously reevaluates the selection criteria for all the configured locations, each time determining which location has the criteria that is the best match for the current network environment. If changes take place in the current network environment that result in a better criteria match, NWAM deactivates the current Location profile and activates the Location profile that is the better match for the new environment.
The selection criteria for when and how a location is activated are specified by the following properties:
activation-mode
conditions
The activation-mode property is set to one of the following possible values:
manual
conditional-any
conditional-all
system
Note - The system value of the activation-mode property can only be assigned to system-provided locations: the Automatic and NoNet locations. The system value indicates that the system determines when to activate these locations.
If the activation-mode property is set to conditional-any or conditional-all, the conditions property contains a conditional expression (or expressions) that are user-defined. Each expression contains a condition that can be assigned a boolean value, for example, “ncu ip:bge0 is-not activated”.
If the activation-mode property is set to conditional-any, the condition is satisfied, if any one of the conditions is true.
If the activation-mode property is set to conditional-all, the condition is satisfied only if all of the conditions are true. The criteria and operations that can be used to construct the condition strings are defined in the following table.
Table 2-5 Criteria and Operations for Constructing Condition Strings
|
Note - The essid property represents an Extended Server Set Identifier (ESSID), which is the network name of an access point (AP). The bssid property represents a Basic Service Set Identifier (BSSID), which is the MAC address of an AP.
Note the distinction between the advertised-domain and the system-domain attributes. The advertised domain is discovered through external communications, for example, the DNSdmain or NISdmain domain names, which are advertised by a DHCP server. This attribute is useful for the conditional activation of locations, for example, if the advertised domain is mycompany.com, then activate the work location. The system-domain attribute is the domain that is currently assigned to the system. It is the value that is returned by the domainname command. This attribute is useful for the conditional activation of ENMs, as it will only become true after a location has been activated, and the system has been configured for that particular domain. For more information, see the domainname(1M) man page.
For more information about location properties, see Description of a Location Profile.
|