1z0-821 Oracle Solaris 11 System Administration – Administering a Physical Network Part 2

  • By
  • February 18, 2023
0 Comment

4. Networking on Solaris 11

Now that we’ve covered some basics of networking, just as a refresher to it, let’s talk a little bit more about specific things that apply to Solaris Eleven. Now, Solaris Eleven uses the same TCP IP protocol, stack services, ports, protocols, hardware, standards, wiring, and so forth. So by and large, it’s not very difficult to understand, use and troubleshoot when you need to. Therefore are some things that are different a little bit, though. It uses some different processes, commands, and applications to manage networks, and you do need to know these. For the exam, there are several command lines that you need to know, as well as how to use some of the GUI tools, and we’ll talk about those here in a second. One of the things that’s unique to Solaris Eleven is a concept called Network Configuration Profile, or NCP. Now, these NCPS help you to configure and manage the system’s network connection. And you can have several network configuration profiles on the box, but only one can be active at a time. Now, there are two types of NCPS, one called reactive and one called fixed.

Now, as you might expect, the reactive one will adjust the network configuration if network conditions change. For example, if you’re connecting on a laptop to a network at work that has DHCP enabled, and you can keep that configuration. However, if the DHCP server goes down, the network can automatically reconfigure with a predefined static IP address. So it’s reactive. If the network conditions change, it will change as well. The reactive NCPS can also correspond to a predefined location, and location might be work, your office, your home, and so forth. It can also correspond to a location in terms of whether it’s no network connectivity or automatic connectivity and so forth. And you can have many different reactive NCPS configured, but typically only one active at a time.

Now, fixed NCPS are the other type, and they define a specific network configuration on the system, but it does not automatically adjust that configuration if the conditions change or vary. Now, unlike reactive NCPS, there can only be one fixed NCP configured at a time on the box. So you may have several reactive NCPS and one fixed. Now, when you first install the system, there are two system generated NCPS by default. There’s one that’s automatic and one that’s fixed. And the default fixed is what the fixed one is called, and the automatic one is what the reactive one is called. And you can change these and add more to them, at least the reactive ones. The fixed one, you can only edit. Now, there are a couple of different ways to edit these NCPS. One is through the GUI, which we’ll look at, and one is through the Net adm command, and it’s used to administer these NCPS. Let’s go ahead and take a look at the GUI, and then we’ll look at the command line utility.

All right, we’re back in Solar Salon first thing I want to look at is to show you the network utility here. And there are several different things that shows you your connection status and will show you all the different enabled connections or IP address and so forth. But what we’re more interested in is looking at the network profiles. Right now it shows that we have a network profile of automatic and the location of automatic. Now we can set and change locations here. We can edit these and add locations. We can also go and look at the profiles themselves. We have the automatic and default fix. These are the system generated ones that are always installed when Solaris is installed. If you click the automatic one you can edit it, you can also duplicate it and change it so that you don’t mess up the original one. So if you click edit you’ll see there’s different things that you possibly could edit in here. It’s better to go ahead and duplicate this and then edit it for the default fixed, there’s not much you can do to it. You can view it. But if you look down here you can see that profiles of type fixed can only be edited using Dladm and ipadm. So you’ll need to use those commands to edit this default fixed one. Now again, you can edit the automatic one in this particular facility, let’s say cancel and go to command prompt. And one of the things we want to look at is the net adm command and we’re just going to say list with the X on it and it’s going to list all of our profiles here and what their state is. We have the default fix which is disabled currently because remember, only one can be online at a time.

And then we have the automatic one that’s online inactive. So you’ve got some other ones here that are incidental to this and some location ones that apply to the automatic one like the no net, the automatic and so forth. And the two commands, the Dladm command and the ipadm command they can use to edit these, we’ll look at a little bit later, because they do all kinds of things on your box with your network, and we’ll look at those when we look at configuring and managing your network interfaces, so we’ll get a chance to see those in action. But your net adm command can also enable or disable or make active a particular profile. If you just said netcam enable and then and then NCP and the name of the profile, it would go ahead and activate it. We’re not going to do that right now. So that’s basically profiles that’s unique to Solaris Eleven and we’ll take a look at how to edit them and some other things we can do with them. When we look at configuring and managing the network interfaces.

5. Configuring Network Interfaces

Now let’s talk about configuring network interfaces in Solaris Eleven. Now there’s a couple of different ways we can configure network interfaces. We can configure them so that it’s an automatic configuration or manually. Obviously manually takes a little bit of effort on our parts. Now, a lot of these configurations have to do with the NCP that’s active. We have the automatic and the default fixed that are the defaults system generated ones, and that’s the ones we’ll talk about. Even with the automatic NCP, which is a reactive NCP, you can have both DHCP and static configured. That way, if DHCP fails, you can revert to a static IP address and that’s all under the reactive NCP. Now, to go manually and configure it, some configurations require the default fixed NCP to be the active profile at the time. Another thing you should know is that some configuration items that you make, some changes that you make to the interfaces are only for the current session and typically will not survive a reboot. Now, if you make changes with the if config command, for example, they’re typically only for the session. In order to make them persistent, you may have to use the ipadm command.

And let’s go ahead and talk about those. The if config command is an older command that’s used in a wide variety of Linux and Unix implementations and it does a lot of things in terms of managing the IP addresses on the interfaces and the interfaces themselves. You can manage things like the IP address, the subnet mass, the default gateway, you can control whether interface is even up or down. Now on Solaris Eleven, it’s been a little bit deprecated. In fact, the preferred way to manage an interface in Solaris Eleven is through the ipadm command. Let’s go ahead and take a look at both those commands. We’re in our Solaris Eleven command line. Let’s go ahead first and look at the ifconfig command. I want to do a man on ifconfig, and this will give you all the different options and switches that you can use with if config. Again, it’s a little bit of an older command and if you’ve used Unix Linux before, you’re probably familiar with it. But there are so many options you can use for ifconfig. The way that solarisA Eleven has implemented networking, though, with the profiles, it’s a little bit better to use ipadm because they’re typically profile aware and you can make persistent changes to the interfaces. So that’s really the better way to do it in Solaris Eleven, let’s go ahead and look at some of the switches and so forth that you can use with ipadm, so let’s do a man on that. And you could just do ipadm help as well, but it wouldn’t give you as much.

So we’re looking at ipadm and you can create IPS, delete IPS. You can also do all kinds of things to the interfaces. You can create addresses and delete them show status and so forth. A lot of different things. You can look at properties of everything, the interfaces, the IP configuration and so forth. Can manage the addresses, manage the TCP IP protocol properties and so forth. Take a look at that when you get the chance, especially in your studying for the OCA exam. Now what I want to do is make a change to the interface. In order to do this, I’m going to go ahead and use the default fixed NCP. So let’s go ahead and enable it. And to do that you’d use the net adm command and we’ll say enable p and we’re going to say NCP and we’re going to specify the name default fixed.

And so now we’re changing to that particular profile. Now what we’re going to do is go ahead and use the ipadm command to create an IP on the interface net zero. So we’ll say ipadm create IP net zero and that creates it. Now let’s go ahead and specify an address. So we do ipadm create addr and we’ll say t static a and we’ll give the address. This case will say 170, 216, 30, say 154, and then we’ll specify the interface, in this case net zero. Now I went through a lot of typing here and didn’t explain some of these switches, but basically we’re creating the address, we’re making it a static one. And there’s some other switches you can use when you do this. And it’s better to just go ahead and get familiar with this before the exam. So I want you to play around with this stuff.

I want you to change profiles, create the addresses and the interfaces and so forth. That’s the only way you’re really going to learn it. Let’s go ahead and hit enter. We switch locations and default fix. We get the little message up there and it’s changed our interface config. Let’s go ahead and do an ifconfig on it on net zero and that’s what we get. We changed that. Now we can do an ipadm as well and take a look at that and we see that we’ve changed it there as well. In order to undo these changes, basically we would have to delete the address and then we can go ahead and switch back to our profile if we like. So we’d say net adm enable PNCP and then automatic to switch back to the regular profile. Let’s say enable p helps if you type it incorrectly NCP automatic and it’s going to switch back. So that’s really how we manage the interface configurations and switch switching the profiles.

6. Administering Network Interfaces

Now we need to talk about administering network interfaces. We’ve looked at how to configure them with several command line utilities, and there’s some things that we didn’t talk about. By and large, we did cover most of the things you would do to a network interface setting its IP address, its default gateway, and so forth. And more importantly, changing its network configuration profile. Now, there are several other things we can do. Obviously, we can administer network interfaces using the command line, which we have pretty much talked about. We’ve used the if config command. We’ve looked at the ipadm command and the Net adm command. Now there’s another one out there that we haven’t talked about just yet, the Deal adm command. And we’ll talk about that a little bit later when we talk about data links. Now, most of these commands are in the Usrsbind directory, and we’ve got some good practice with those, and you should definitely practice on your own with them. One thing we haven’t really talked about too much is the GUI interface itself. And we need to do that. There are some things that the GUI interface can do and some things it can’t do. It’s not too good at administering connections, obviously, because you do that from the command line, but it can administer things like the locations and the profiles themselves, particularly the reactive profiles. So let’s go ahead and just take a look at the network GUI and spend a little time with it.

Okay, we’re on our desktop here in our Solaris Eleven system, and what I want to do is go to system administration and then go down to network. And there’s a lot of different things you can do with this particular utility. And some things you can’t do. It’s very difficult to edit your connection status, although you can look at it. But what you want to do too, is look at some other things. For example, let’s look at our locations here. Locations aren’t just physical places. They’re also conditions of connecting to the network. They can be locations. And actually we’re going to create one. Let’s go ahead and add a location for our office. We’ll call it corporate? And what we’re going to do once we create it, we’re going to edit it. And what it does for us is it helps to set up different connection parameters. There’s a Name services tab here, and you can set it up for either DHCP or Manual. We’ll stick with DHCP, but if it were manual, we could actually specify the domain name, the DNS domain and the servers. And we’re going to leave it at DHCP though. So we can also specify name services or Locator services, like directory services, for example. And there’s a couple of different ones that you can use in Solaris Eleven. Obviously, an NIS domain, which is traditional Unix and Linux, you can use.

You can also select an LDAP domain or files. And files are the traditional files that are located on various Unix boxes that contain domain information. It’s kind of a manual set up. Let’s look at what happens if you click on LDAP. Now you can actually specify LDAP servers to do directory searches on, but you can also put your default domain in here, things like Vtc. com, and you can list again your servers if you like. There’s some advanced resolver settings that you can add if you like, but we don’t need to. We can also click on the security tab here and see what’s there. And we can actually configure different things for our connection like Nat, our IP filters, our IP filter on IPV six. We can also look at if second configure it as well. There’s different things we can configure with this if the network connection requires it, say, in our corporate office. And a lot of corporate locations are actually more restrictive, so we may have to configure some of these issues.

So there’s different things we can configure for locations. Let’s go ahead and say apply down here. And what I want to do now is actually to go and look at the different configuration options for the NCPS. One of the things we can do before we leave this location tab, though, is we can tell whether the selected location is manual activation or activated by rules. And if it’s by rules, we can edit those rules. And there are some conditions that apply to those rules. We can say different aspects about the network, such as a wireless network or a domain name or an IP address. And we’re not going to configure them at this time, but they’re there in case you need them. Let’s change this back to manual activation and say, okay, now let’s look at our network profiles.

We have the default profiles that are installed when Solaris installs automatic and default fixed. Now the default fixed one you have to edit using Dladm and ipadm. You can’t edit it from here. So the only one you can really edit is the automatic one. Now you can duplicate it, and I would recommend that you do that so that you don’t mess it up, but so that you can get some of the same settings. We’ll just name it number two. So we have secondary automatic connection. Now if we edit it, we’ll see that we can add connections to it and then configure those connections. We can tell whether enabled or always disabled and so forth. And we can add groups and so forth to this connection. So there’s a couple of different things you can do to this network configuration profile. So now that we’ve looked at the GUI and we’ve looked at command line ways of configuring the network and administering the network, you’ve got a better idea of how some of this works. Now obviously we haven’t showed you everything, and it will require some practice on your part to be proficient with these commands. And these processes.

Comments
* The most recent comment are at the top

Interesting posts

The Growing Demand for IT Certifications in the Fintech Industry

The fintech industry is experiencing an unprecedented boom, driven by the relentless pace of technological innovation and the increasing integration of financial services with digital platforms. As the lines between finance and technology blur, the need for highly skilled professionals who can navigate both worlds is greater than ever. One of the most effective ways… Read More »

CompTIA Security+ vs. CEH: Entry-Level Cybersecurity Certifications Compared

In today’s digital world, cybersecurity is no longer just a technical concern; it’s a critical business priority. With cyber threats evolving rapidly, organizations of all sizes are seeking skilled professionals to protect their digital assets. For those looking to break into the cybersecurity field, earning a certification is a great way to validate your skills… Read More »

The Evolving Role of ITIL: What’s New in ITIL 4 Managing Professional Transition Exam?

If you’ve been in the IT service management (ITSM) world for a while, you’ve probably heard of ITIL – the framework that’s been guiding IT professionals in delivering high-quality services for decades. The Information Technology Infrastructure Library (ITIL) has evolved significantly over the years, and its latest iteration, ITIL 4, marks a substantial shift in… Read More »

SASE and Zero Trust: How New Security Architectures are Shaping Cisco’s CyberOps Certification

As cybersecurity threats become increasingly sophisticated and pervasive, traditional security models are proving inadequate for today’s complex digital environments. To address these challenges, modern security frameworks such as SASE (Secure Access Service Edge) and Zero Trust are revolutionizing how organizations protect their networks and data. Recognizing the shift towards these advanced security architectures, Cisco has… Read More »

CompTIA’s CASP+ (CAS-004) Gets Tougher: What’s New in Advanced Security Practitioner Certification?

The cybersecurity landscape is constantly evolving, and with it, the certifications that validate the expertise of security professionals must adapt to address new challenges and technologies. CompTIA’s CASP+ (CompTIA Advanced Security Practitioner) certification has long been a hallmark of advanced knowledge in cybersecurity, distinguishing those who are capable of designing, implementing, and managing enterprise-level security… Read More »

Azure DevOps Engineer Expert Certification: What’s Changed in the New AZ-400 Exam Blueprint?

The cloud landscape is evolving at a breakneck pace, and with it, the certifications that validate an IT professional’s skills. One such certification is the Microsoft Certified: DevOps Engineer Expert, which is validated through the AZ-400 exam. This exam has undergone significant changes to reflect the latest trends, tools, and methodologies in the DevOps world.… Read More »

img