This section describes the networking features that are new in this release. These features enhance the existing networking technology and software defined networking to build services that meet organizational performance requirements, and to provide greater application agility and the flexibility you demand.
In Oracle Solaris 11.4, persistent network configuration has been migrated to the Service Management Facility (SMF) repository. This move enables you to customize networking parameters and create more complex network configurations during an automated installation. This change also aligns network configuration with other system components that use SMF as a core storage repository. To accommodate the migration of network configuration parameters to SMF, certain dladm property names have also changed.
For more information about the dladm property name changes, see Chapter 2, Administering Datalink Configuration in Oracle Solaris in Configuring and Managing Network Components in Oracle Solaris 11.4, and the dladm(8) man page. For more information, see Automatically Installing Oracle Solaris 11.4 Systems.
In Oracle Solaris 11.4, you can authenticate Oracle Solaris clients using the IEEE802.1X standard. Previously, if a secure LAN that was deployed needed client systems to be authenticated prior to providing any services, the authentication was not supported on an Oracle Solaris system.
This new feature allows network administrators to configure an Oracle Solaris client system, and enables it to be authenticated by a server behind a secured LAN. The Oracle Solaris system has the nacd daemon running. The client system is connected to a secured LAN through a port on a switch on the LAN. The daemon communicates with a server on the secured LAN to get authenticated, before it can get a service such as DHCP from the LAN. A network administrator can also use the nacadm command to configure the security credentials, and use the dladm command to enable or disable the authentication on a given link.
For more information, see the nacd(8), nacadm(8), and dladm(8) man pages. To use this functionality, install the network/network-access-control package.
Oracle Solaris 11.4 includes Datacenter TCP (DCTCP), an improvement to TCP congestion control for datacenter traffic. DCTCP uses improved Explicit Congestion Notification (ECN) processing to estimate the fraction of bytes that encounter congestion, rather than simply detecting that congestion has occurred. DCTCP then scales the TCP congestion window based on this estimate. This method achieves high burst tolerance, low latency, and high throughput with shallow-buffered switches.
For more information, see Implementing Traffic Congestion Control in Administering TCP/IP Networks, IPMP, and IP Tunnels in Oracle Solaris 11.4.
Oracle Solaris 11.4 delivers the following new DLMP functionality and relevant support for Oracle Solaris kernel zones:
A novel DLMP architecture that enables the creation of SR-IOV VNICs and IPoIB partitions in the global zone
Live migration support for SR-IOV enabled anets in Oracle Solaris kernel zones
High Availability failover for SR-IOV enabled anets in Oracle Solaris kernel zones
For more information, see Chapter 2, Configuring High Availability by Using Link Aggregations in Managing Network Datalinks in Oracle Solaris 11.4.
In Oracle Solaris 11.4, the route command adds a –name option to enable the naming of persistent static routes. This route name can be used to change, get, or delete the static route. The name can also be used to distinguish between different persistent static routes.
For more information, see the route(8) man page.
The following components of the InfiniBand (IB) OS-bypass framework from the Open Fabrics Enterprise Distribution (OFED) have been updated to version 3.18:
InfiniBand verbs (transport) library
Userspace driver for Mellanox ConnectX InfiniBand HCAs
Userspace RDMA communication manager (CM) library
InfiniBand management datagram (MAD) library
InfiniBand userspace management datagram (uMAD) library
User level InfiniBand management utilities
InfiniBand diagnostic tools
qperf command
For more information, see the man pages delivered with the network/open-fabrics packages.
Oracle Solaris 11.4 includes an updated version of ISC BIND that provides many new features such as automatic resigning of DNSSEC zones, new statistics reporting, and response rate limiting. Users can now deploy DNSSEC easily. Monitoring is simplified and the service is more robust against DOS attacks.