Book Image

Oracle Solaris 11: First Look

By : Philip P. Brown
Book Image

Oracle Solaris 11: First Look

By: Philip P. Brown

Overview of this book

Oracle Solaris provides innovative, built-in features that deliver breakthrough high availability, advanced security, efficiency, and industry-leading scalability and performance to help businesses grow. "Oracle Solaris 11: First Look" covers the new features and functionality of Oracle Solaris 11 and how these new features and improvements will make it easier to deploy services to the enterprise while improving performance and reducing total cost of ownership.This book starts with coverage of Image Packaging System and the new installation methods. It then moves swiftly to network configuration. The book also includes some security features and improvements.  

Related Content you might be interested in

Current Title:

Small book image
Oracle Solaris 11: First Look
Philip P. Brown
Jan, 2013 | 168 pages
No titles found
Table of Contents (19 chapters)
Oracle Solaris 11: First Look
Oracle Solaris 11: First Look
Credits
Credits
About the Author
About the Author
About the Reviewers
About the Reviewers
www.PacktPub.com
www.PacktPub.com
Preface
Preface
Free Chapter
1
IPS – The Image Packaging System
IPS – The Image Packaging System
The brave new world of IPS
Repositories/repos
Package naming schemes
Overview of package and patch installation
Practical examples of pkg command usage
Dealing with repositories
Package updates and patching
Summary
2
Solaris 11 Installation Methods
Solaris 11 Installation Methods
It's the Oracle of install systems!
Default passwords
Installation from CD-ROM
Overview of how AI install works
Network bootstrap process details
Setting up a local install server with installadm
Common traps and pitfalls
Solaris 11 release version versus support version
Summary
3
Sysadmin Configuration Differences
Sysadmin Configuration Differences
Welcome to the new normal
Host identity: the sysconfig command
Driver configuration: /etc/driver/drv
Network address configuration: ipadm and dladm
Wireless configuration: Stick to the GUI if you can
Miscellaneous differences in system-level configuration
Summary
4
Networking Nuts and Bolts
Networking Nuts and Bolts
Networking re-architected
Orientation to new Solaris 11 networking
Interface naming and IP labels
NWAM – NetWork AutoMagic
IPMP – IP multipathing
Link aggregation
VNIC – Virtual NIC
VLAN tagging
IP tunneling
Bridging
Network resource management
Other changes
Summary
5
NWAM – Networking Auto-reconfiguration
NWAM – Networking Auto-reconfiguration
What is NWAM and how you can use it
Summary
6
ZFS – Now You Can't Ignore It!
ZFS – Now You Can't Ignore It!
ZFS – your future, today
ZFS root – no more UFS
ZFS booting and beadm
ZFS, beadm, and zones
Deduplication now possible
ZFS encryption
ZFS diff between snapshots
Miscellaneous changes and improvements
Summary
7
Zones in Solaris 11
Zones in Solaris 11
Taking things to the next zone
New zone utilities
New zone capabilities
Fast zone creation via clone
Automatic Network Interfaces – the anet resource
Preconfiguring zones
Immutable zones
Summary
8
Security Improvements
Security Improvements
Keeping the horse in the barn
Mandatory auditing
Immutable zones
ProFTPd is the new FTP server
Sudo privileged access tool
Direct root use now blocked by default
Fine-grained RBAC privileges
On-disk encryption
Summary
9
Miscellaneous
Miscellaneous
What's in this chapter anyway?
Virtual consoles, also known as virtual terminals, are back
Fast reboot
CUPS printing
Power management
Notifications triggered by SMF state transitions
Trusted Solaris extras
COMSTAR and iSCSI
Summary
IPS Package Reference
IPS Package Reference
New ACL Permissions and Abbreviations
New ACL Permissions and Abbreviations
Solaris 10 Available Enhancements
Solaris 10 Available Enhancements
ZFS backported enhancements
Other enhancements
Index
Index

VNIC – Virtual NIC

Prior to Solaris 11, it was always possible to add a virtual, or secondary IP address to a network interface, such as bge0:1 on top of bge0.

Solaris 11 takes things an important step further, by allowing you to encapsulate an IP address within a virtual network interface object. This object can be treated as a first class network entity in its own right. It is possible to run snoop on it. It is also possible to assign it to a zone, and allow the zone to have full access to it, without compromising the security of the physical device, or other VNICs on that device.

You can name a VNIC almost anything you want, as long as you put a number at the end of it. For ease of comprehension, however, you may want to stick to the standard of vnicX.

Sample usage is as follows:

dladm create-vnic -l net0 vnic1
ipadm create-ip vnic1
ipadm create-addr -T static -a local=1.2.3.9/24 vnic1/extraIP
snoop -d vnic1

As mentioned, snoop will pick up traffic related to 1.2.3.9, and to broadcast traffic...

Previous Section
End of Section 8
Next Section