JavaScript is required to for searching.
Skip Navigation Links
Exit Print View
Connecting Systems Using Reactive Network Configuration in Oracle Solaris 11.1     Oracle Solaris 11.1 Information Library
search filter icon
search icon

Document Information


1.  Reactive Network Configuration (Overview)

Highlights of Profile-Managed Network Configuration

What Is Reactive Network Configuration?

When to Use Reactive Network Configuration

Network Profiles and Types

Description of an NCP

Description of the Automatic and User-Defined NCPs

Description of an NCU

Description of a Location Profile

Description of an ENM

Description of a Known WLAN

Profile Activation Policy

NCP Activation Policy

NCU Activation Properties

Examples of an NCP Policy

Location Activation Selection Criteria

Profile Configuration Tasks

How Reactive Network Profiles Work

How Reactive Networking Works With Other Oracle Solaris Networking Technologies

SMF Network Services

Network Configuration Security and Authorizations

Authorizations and Profiles Related to Network Configuration

Authorizations Required to Use the User Interfaces

Where to Find Network Configuration Tasks

2.  Creating and Configuring Reactive Network Profiles (Tasks)

3.  Administering Your Reactive Network Configuration (Tasks)

4.  Using the Network Administration Graphical User Interface


Network Profiles and Types

The system manages network configuration by storing preferred property values in the form of profiles. These property values determine how a network is configured and when its components need to be configured depending on current network conditions. The reactive profiles implementation is a primary component of reactive network configuration. The two primary network profile types are the NCP and the Location profile. Exactly one NCP and one Location profile must be active on the system at all times.

The following are the profile types and configuration objects that comprise the system's network configuration:

Description of an NCP

An NCP defines the network configuration of a system. The NCUs that make up an NCP specify how to configure the various network links and interfaces as well as the conditions under which that link or interface should be brought up. All NCPs have a management-type property that determines how the profiles are managed. The possible values for this property are fixed and reactive.

NCUs that define the reactive NCP include property values that describe the conditions under which each NCU should be enabled. The system's network uses the properties and conditions that are specified for each NCU to enforce the NCP activation policy. For information about the NCP activation policy, see Profile Activation Policy.

The system defines one reactive NCP: the Automatic NCP. You can also create additional user-defined reactive NCPs.

Fixed NCPs are also managed by the network management daemon. However, their configuration is always applied when the fixed NCP is enabled and is not altered by the system while the NCP remains active. There is only one fixed NCP on the system, the DefaultFixed NCP. For more information about the fixed NCP, see Connecting Systems Using Fixed Network Configuration in Oracle Solaris 11.1.

Description of the Automatic and User-Defined NCPs

The Automatic NCP is a system-defined profile that is made up of one link NCU and one interface NCU for each physical link that is present on the system. For information about NCUs, see Description of an NCU. The content of the Automatic NCP changes if network devices are added or removed. However, the configuration preferences that are associated with the Automatic NCP cannot be edited.

The Automatic NCP utilizes dynamic host configuration protocol (DHCP) and address autoconfiguration to obtain IP addresses for the system. This profile also implements an NCU activation policy in this NCP that favors wired links over wireless links and that plumbs both IPv4 and IPv6 on each enabled link. If the specification of an alternate IP configuration policy or an alternate link selection policy is required, you can create additional user-defined NCPs on your system. The Automatic NCP changes dynamically when a new link is inserted or removed from the system. All NCUs that correspond to the inserted or removed link are also added or removed at the same time. The profile is updated automatically by the network management daemon.

User-defined NCPs are created and managed by the user. You must explicitly add and remove NCUs from the specified profile. You can create NCUs that do not correlate to any link that is currently present on the system. You can also remove NCUs that do not correlate to any link that is present on the system. In addition, you can determine the policy for the user-defined NCP. For example, you can allow multiple links and interfaces to be enabled on the system at a given time, as well as specify different dependency relationships between NCUs and static IP addresses.

For step-by-step instructions about creating a user-defined NCP and adding and removing NCUs to and from this NCP, see Creating an NCP.

Description of an NCU

NCUs are the individual configuration objects that make up an NCP. NCU represents a physical link or an interface on a system. The process of configuring a user-defined NCP includes creating NCUs that specify how each link and interface must be configured. For NCUs in a reactive NCP, the conditions under which each link or interface should be configured must also be specified.

There are two types of NCUs:

Link NCUs represent datalinks. There are several different classes of datalinks:

For more information about how to configure virtual NICs to create virtual networks, see Using Virtual Networks in Oracle Solaris 11.1.

Description of a Location Profile

A Location profile provides additional networking details after the basic IP connectivity has been established. Locations contain network configuration information that is comprised of a set of properties that relate to network configuration on a system-wide level.

A Location profile consists of certain network configuration information, for example, a naming service and firewall settings, that are applied together, when required. Also, because a location does not necessarily correspond to a physical location, you can set up several Location profiles to meet different networking needs. For example, one location can be used when you are connected to the company intranet. Another location can be used when you are connected to the public Internet by using a wireless access point that is located in your office.

Each Location profile contains properties that define the location activation selection criteria. For information about the location activation criteria, see Location Activation Selection Criteria.

By default, three Location profiles are predefined by the system:

User-defined locations are profiles that you create with values that you specify for the system-wide network configuration. User-defined locations are identical to system-defined locations, except that a user-defined location is configured with values that you set, but system-defined locations have preset values.

For more information about creating user-defined locations, see Creating a Location Profile.

Description of an ENM

ENMs enable you to specify when applications or scripts, for example, a VPN application, should perform their own network configuration external to the configuration specified in the NCP and Location profiles. ENMs can also be defined as services or applications that directly modify your network configuration when they are enabled or disabled. You can specify the conditions under which an ENM should be enabled or disabled. You can also enable or disable an ENM manually. Unlike an NCP or a Location profile, where only one of each profile type can be active on the system at any given time, multiple ENMs can potentially be active on the system at the same time. The ENMs that are active on a system at any given time are not necessarily dependent on the NCP or Location profile that is also enabled on the system at the same time.

Although there are several external applications and services for which you can create an ENM, the obvious example is the VPN application. After you install and configure VPN on your system, you can create an ENM that automatically enables and disables the application under the conditions that you specify.

Note - Reactive network configuration cannot automatically detect external applications that are capable of directly modifying the network configuration on a system. To manage the activation or deactivation of a VPN application, or any external application or service, you must first install the application, then create an ENM for it by using either the command-line interface (CLI) or the network administration GUI.

Persistent information about any network configuration that is performed by an ENM is not stored or tracked by the system in exactly the same way as information about an NCP or a Location profile is stored. However, reactive network configuration is capable of noting an externally initiated network configuration. Based on any configuration changes that are made to the system by an ENM, reactive network configuration reevaluates which Location profile should be active, and subsequently enables that location. For example, switching to a location that is enabled conditionally when a certain IP address is in use. If the svc:/network/physical:default service is restarted at any time, the network configuration that is specified by the active NCP is reinstated. ENMs are restarted as well, possibly tearing down and re-creating the network configuration in the process.

For information about creating and modifying the properties of an ENM, see Creating an ENM Profile.

Description of a Known WLAN

Known WLAN profiles store information about wireless networks, enabling NCPs to automatically configure wireless interfaces based on the configuration information of wireless networks that you connect to from your system.

Known WLAN profiles provide details about WLANs that might be connected to automatically. For example, each profile contains a priority value, which determines the order of preference for different wireless networks to be connected when two or more known networks are available. A profile with a lowest number as its priority value has the highest priority. When an NCP includes a wireless link to be enabled, the Known WLAN profile list is examined. If a wireless network that has a Known WLAN profile is available, the wireless link is automatically connected to that WLAN. If two or more known networks are available, the wireless network that has the highest priority (lowest number) is connected to the WLAN. The most recent wireless network that a wireless link is connected to (by explicit user action) is added to the top of the Known WLAN list, and that network becomes the new highest priority wireless network. This means that more recently connected WLANs are preferred over WLANs that you had connected to earlier. Known WLANs do not share the same priority at any point of time. If a new WLAN is added to the list with the same priority value as an existing WLAN, the existing entry is shifted to a lower priority value. Subsequently, the priority value of all other WLANs in the list is dynamically shifted to a lower priority value.

One or more key names can also be associated with a known WLAN. Key names enable you to create your own keys by using the dladm create-secobj command. You can then associate these keys with WLANs by adding the secure object names to the known WLAN keyname property. For more information, see the dladm(1M) man page. For more information about working with datalinks using the dladm command, see Chapter 3, Working With Datalinks, in Connecting Systems Using Fixed Network Configuration in Oracle Solaris 11.1.

For more information about using the command-line utilities to manage WLANs, see Performing a Wireless Scan and Connecting to Available Wireless Networks.