Networking
The following network related features and functionalities are deprecated in Oracle Linux 8.
PF_KEYv2
Kernel API
The PF_KEYv2
kernel API, used for configuring IPSec, is deprecated in
favor of the netlink
API, which is actively maintained to provide
important security features and updates.
Network Scripts
Network scripts are no longer available by default. New versions of ifup
and ifdown
scripts call the NetworkManager service through the
nmcli
tools. Therefore, to run these scripts in Oracle Linux 8, the
NetworkManager service must be running.
Other commands in /sbin/ifup-local
, ifdown-pre-local
, and
ifdown-local
scripts are ignored. If you manually install the legacy
network-scripts
package and use the scripts, a warning is displayed about
their deprecated state.
dropwatch
Tool
Instead of the dropwatch
tool, use the replacement perf
command line tool in future Oracle Linux deployments, which provides the same
functionality.
cgdcbxd
Package
The deprecated control group data center bridging exchange daemon (cgdcbxd
)
monitors data center bridging (DCB) netlink events and manages the net_prio
control
group subsystem. Support for this feature might be removed.
WEP Wi-Fi Connection
Instead of using this connection method, use the Wi-Fi Protected Access 3 (WPA3) or WPA2 connection methods.
xt_u32
Module
The xt_u32
module enables users to match arbitrary 32 bits in the packet
header or payload for their iptables
. Because this module is
unsupported, migrate to the nftables
packet filtering framework.
First, change the firewall to use iptables
with native matches to
incrementally replace individual rules. Then, use the
iptables-translate
command and accompanying utilities to migrate to
nftables
. If the iptables
rules have no native
match in nftables
, use the raw payload matching feature of
nftables
instead.
For more information, see the raw payload expression section in the
nft(8)
manual page.