Networking
The following network related features and functionalities are deprecated in Oracle Linux 8.
PF_KEYv2 Kernel API
The PF_KEYv2 kernel API, used for configuring IPSec, is deprecated in
favor of the netlink API, which is actively maintained to provide
important security features and updates.
Network Scripts
Network scripts are no longer available by default. New versions of ifup
and ifdown scripts call the NetworkManager service through the
nmcli tools. Therefore, to run these scripts in Oracle Linux 8, the
NetworkManager service must be running.
Other commands in /sbin/ifup-local, ifdown-pre-local, and
ifdown-local scripts are ignored. If you manually install the legacy
network-scripts package and use the scripts, a warning is displayed about
their deprecated state.
dropwatch Tool
Instead of the dropwatch tool, use the replacement perf
command line tool in future Oracle Linux deployments, which provides the same
functionality.
cgdcbxd Package
The deprecated control group data center bridging exchange daemon (cgdcbxd)
monitors data center bridging (DCB) netlink events and manages the net_prio
control group subsystem. Support for this feature might be removed.
WEP Wi-Fi Connection
Instead of using this connection method, use the Wi-Fi Protected Access 3 (WPA3) or WPA2 connection methods.
xt_u32 Module
The xt_u32 module enables users to match arbitrary 32 bits in the packet
header or payload for their iptables. Because this module is
unsupported, migrate to the nftables packet filtering framework.
First, change the firewall to use iptables with native matches to
incrementally replace individual rules. Then, use the
iptables-translate command and accompanying utilities to migrate to
nftables. If the iptables rules have no native
match in nftables, use the raw payload matching feature of
nftables instead.
For more information, see the raw payload expression section in the
nft(8) manual page.