Skip Navigation Links | |
Exit Print View | |
Transitioning From Oracle Solaris 10 to Oracle Solaris 11 Oracle Solaris 11 Information Library |
1. Transitioning From Oracle Solaris 10 to Oracle Solaris 11 (Overview)
2. Transitioning to an Oracle Solaris 11 Installation Method
7. Managing Network Configuration
How the Network Is Configured in Oracle Solaris 11
How the Network Is Configured During an Installation
Managing Network Configuration When in Manual Mode
Configuring Network Interfaces When in Manual Mode
Displaying and Configuring Link Interfaces When in Manual Mode
Configuring Naming Services When in Manual Mode
resolv.conf Error-Checking Capabilities
Temporarily Resetting SMF Naming Services
Importing Network Configuration
Managing Network Configuration When in Automatic Mode
Configuring Naming Services When in Automatic Mode
Configuring LDAP When in Automatic Mode
Managing Automatic Network Configuration From the Desktop
Commands That Are Used for Network Configuration (Quick Reference)
8. Managing System Configuration
10. Managing Oracle Solaris Releases in a Virtual Environment
11. User Account Management and User Environment Changes
12. Using Oracle Solaris Desktop Features
A. Transitioning From Previous Oracle Solaris 11 Releases to Oracle Solaris 11
If you are manually configuring your network, keep the following key points in mind:
To manually configure the network by using the dladm and ipadm commands, the DefaultFixed NCP must be active (online) after the installation or upgrade. Use the netadm command to verify which NCP is currently active on your system. See Example 7-1.
If the DefaultFixed NCP is not active, you will need to enable the profile before you can manually configure the network. See Example 7-2.
Persistent network configuration is now managed through SMF, not by editing the following files:
/etc/defaultdomain
/etc/dhcp.*
/etc/hostname.*
/etc/hostname.ip*.tun*
/etc/nodename
/etc/nsswitch.conf
Note - The /etc/nsswitch.conf file is still referenced in this release, but you do not directly edit the file to make configuration changes. See Configuring Naming Services When in Manual Mode.
For more information about setting a system's nodename (also sometimes referred to as hostname) in this release, see System Configuration Changes and Migration of System Configuration to SMF.
During an installation, the system undergoes a one time upgrade to convert any existing /etc network configuration files to their respective ipadm and dladm configurations. The dladm command is used to configure datalinks. The ipadm command is used to configure link and IP interfaces. The ipadm command provides almost equivalent functionality to the ifconfig command. The ipadm command also replaces the ndd command. To compare ifconfig command options with ipadm subcommands, see Comparison Tables: ipadm Command and Other Networking Commands in Oracle Solaris Administration: Network Interfaces and Network Virtualization.
Network virtualization features are also configured and managed by using the dladm and ipadm commands. Objects that are in the link layer (Layer 2) of the network stack, for example, virtual local area networks (VLANs), tunnels, link aggregations, and the newer virtual NICs (VNICs), are configured by using the dladm command. Interfaces that are on the IP layer (Layer 3) are configured by using the ipadm command. See Chapter 19, Configuring Virtual Networks (Tasks), in Oracle Solaris Administration: Network Interfaces and Network Virtualization and Chapter 6, Configuring IP Tunnels, in Oracle Solaris Administration: IP Services.
For additional information about setting network properties, see Chapter 4, Internet Protocol Suite Tunable Parameters, in Oracle Solaris Tunable Parameters Reference Manual.
The ipadm command is used to manually configure IP interfaces and addresses. For example, a static IPv4 interface is configured as follows:
# ipadm create-ip net0 # ipadm create-addr -T static -a local=10.9.8.7/24 net0/addr
The -T option can be used to specify three address types: static, dhcp, and addrconf (for auto-configured IPv6 addresses). In this example, the system is configured with a static IPv4 address. Use the same syntax to specify a static IPv6 address.
Configure an interface with DHCP as follows:
# ipadm create-ip net0 # ipadm create-addr -T dhcp net0/addr
Use the addrconf argument with the -T option to specify an automatically generated IPv6 address:
# ipadm create-ip net0 # ipadm create-addr -T addrconf net0/addr
If the net0 interface in this example was created, and you then wanted to change the IP address that was provided for this interface, you would need to first remove the interface and then re-add it:
# ipadm delete-ip net0 # ipadm create-ip net0 # ipadm create-addr -T addrconf net0/new-add
For more information about the commands that are used to manually configure the network, see Commands That Are Used for Network Configuration (Quick Reference).
See also Chapter 9, Configuring an IP Interface, in Oracle Solaris Administration: Network Interfaces and Network Virtualization and ipadm(1M).
When you perform a fresh installation, all datalinks are automatically assigned generic names by using a net0, net1, and netN naming convention, depending on the total number of network devices on a system. After installing, you can use different datalink names. See How to Rename a Datalink in Oracle Solaris Administration: Network Interfaces and Network Virtualization.
Note - During an upgrade, link names that were used previously are retained.
Display information about the datalinks on a system as follows:
# dladm show-phys LINK MEDIA STATE SPEED DUPLEX DEVICE net2 Ethernet up 10000 full hxge0 net3 Ethernet up 10000 full hxge1 net4 Ethernet up 10 full usbecm0 net0 Ethernet up 1000 full igb0 net1 Ethernet up 1000 full igb1 net9 Ethernet unknown 0 half e1000g0 net5 Ethernet unknown 0 half e1000g1 net10 Ethernet unknown 0 half e1000g2 net11 Ethernet unknown 0 half e1000g3
Note - In Oracle Solaris 10, the /etc/path_to_inst file can be used to store information about physical and virtual network devices. In Oracle Solaris 11, this file does not contain link names for physical network interfaces. To display this information, use the dladm show-phys command, as shown in the previous example.
Display a datalink name, its device name, and its location in this manner:
# dladm show-phys -L net0 LINK DEVICE LOC net0 e1000g0 IOBD
Rename a datalink as follows:
If an IP interface is configured over the datalink, first remove that interface.
# ipadm delete-ip interface
Then, change the link's current name.
# dladm rename-link old-linkname new-linkname
The old-linkname refers to the current name of the datalink. By default, the link name is hardware-based, such as bge0. The new-linkname refers to any name that you want to assign to the datalink. For more information, see Chapter 8, Datalink Configuration and Administration, in Oracle Solaris Administration: Network Interfaces and Network Virtualization. See also Chapter 7, Using Datalink and Interface Configuration Commands on Profiles, in Oracle Solaris Administration: Network Interfaces and Network Virtualization.
The SMF repository is the primary repository for all naming services configuration. The previous behavior of modifying a configuration file to configure naming services no longer works. These services, for example, svc:/system/name-service/switch, svc:/network/dns/client, and svc:/system/name-service/cache must be enabled or refreshed for any changes to take affect.
Note - If no network configuration exists, naming services default to files only behavior, rather than nis files. The svc:/system/name-service/cache SMF service should be enabled at all times.
The following table describes the naming service configuration that has migrated to SMF.
Table 7-1 SMF Service to Legacy File Mapping
|
Example 7-3 Configuring Naming Services by Using SMF
The following example shows how to configure DNS by using SMF commands.
# svccfg svc:> select dns/client svc:/network/dns/client> setprop config/search = astring: \ ("us.company.com" "eu.company.com" "companya.com" "companyb.com" "company.com" ) svc:/network/dns/client> setprop config/nameserver = net_address: \ ( 138.2.202.15 138.2.202.25 ) svc:/network/dns/client> select dns/client:default svc:/network/dns/client:default> refresh svc:/network/dns/client:default> validate svc:/network/dns/client:default> select name-service/switch svc:/system/name-service/switch> setprop config/host = astring: "files dns" svc:/system/name-service/switch> select system/name-service/switch:default svc:/system/name-service/switch:default> refresh svc:/system/name-service/switch:default> validate svc:/system/name-service/switch:default> # svcadm enable dns/client # svcadm refresh name-service/switch # grep host /etc/nsswitch.conf hosts: files dns # cat /etc/resolv.conf # # opyright (c) 2011, Oracle and/or its affiliates. All rights reserved. # # # _AUTOGENERATED_FROM_SMF_V1_ # # WARNING: THIS FILE GENERATED FROM SMF DATA. # DO NOT EDIT THIS FILE. EDITS WILL BE LOST. # See resolv.conf(4) for details. search us.company.com eu.company.com companya.com companyb.com company.com nameserver 138.2.202.15 nameserver 138.2.202.25 . . .
Example 7-4 Setting Multiple NIS Servers by Using SMF
The following example shows how to set multiple NIS servers.
# svccfg -s nis/domain setprop config/ypservers = host: (1.2.3.4 5.6.7.8)
Note that there is space between 1.2.3.4 and 5.6.7.8.
Example 7-5 Setting Multiple DNS Options by Using SMF
The following example shows how to set multiple /etc/resolv.conf options.
# svccg svc:> select /network/dns/client svc:/network/dns/client> setprop config/options = "ndots:2,retrans:3,retry:1" svc:/network/dns/client> listprop config/options config/options astring ndots:2,retrans:3,retry:1 # svcadm refresh dns/client # grep options /etc/resolv.conf options ndots:2,retrans:3,retry:1
Prior to the naming services to SMF migration, errors in the resolv.conf file configuration were processed silently and went undetected without producing any warnings. As a result, the resolv.conf file did not behave according to how it was configured. In Oracle Solaris 11, some basic error checking is performed through the use of SMF templates so that error conditions are properly reported. Note that other SMF services also all have some rudimentary error-checking capabilities. However, the resolv.conf error reporting is the most prominent due to the absence of error reporting in libresolv2. See resolv.conf(4).
Reset configuration properties of an SMF naming service back to a files only mode as follows:
# /usr/sbin/nscfg unconfig name-service/switch # svcadm refresh name-service/switch
Note - Refresh the name-service switch SMF service for the changes to take affect.
The nscfg unconfig command resets the SMF configuration only. The sysconfig command executes the appropriate SMF services, as well as resets SMF and on disk legacy files and services to their original state.
The nscfg command transfers legacy file configuration for the name-service switch components into the SMF repository. The command imports the legacy file, converting and pushing the configuration to SMF. For example:
# /usr/sbin/nscfg import -f FMRI
In this example, the nscfg command reads information in the /etc/resolv.conf file, converts it, then stores the information in the svc:/network/dns/client SMF service.
# /usr/sbin/nscfg import -f dns/client
If your system is running in files only mode, and no naming services have been configured or enabled, use the nscfg command to manually configure the system, as shown here:
# vi /etc/resolv.conf # /usr/sbin/nscfg import -f dns/client # cp /etc/nsswitch.dns /etc/nsswitch.conf # /usr/sbin/nscfg import -f name-service/switch # svcadm enable dns/client # svcadm refresh name-service/switch
For more information, see nscfg(1M).
When you change a system's naming service, you need to modify the name service switch information accordingly.
# nscfg import -f svc:/system/name-service/switch:default
# svcadm refresh name-service/switch
The easiest way to set up LDAP is to enable the DefaultFixed NCP and perform manual network configuration. Then, if you want to use an LDAP proxy or LDAP self modes and some form of security credentials, run the ldapclient command to complete the LDAP setup. See ldapclient(1M).