I'm submitting the following fast-track for Girish Moodalbail, the timer
is set for 03/09/2010. This case depends on PSARC 2009/306, the release
binding is Minor.
1. Introduction:
================
In the course of completing the implementation of Brussels II - ipadm
and libipadm (PSARC 2009/306), few interface changes were made. They
are all documented below.
1.1 Following new interfaces were added since PSARC 2009/306.
-------------------------------------------------------------
------------------------------------------------------------------------------
Interface Classification Comments
------------------------------------------------------------------------------
ipadm down-addr Committed See section 5.6 of [1]
ipadm up-addr Committed See section 5.7 of [1]
ipadm reset-addrprop Committed See section 5.8 of [1]
ipadm disable-if Committed See section 6.0 of [1]
ipadm enable-if Committed See section 6.0 of [1]
ipadm disable-addr Committed See section 6.0 of [1]
ipadm enable-addr Committed See section 6.0 of [1]
SIOCGLIFDADSTATE Consolidation
Private See section 5.2 of [1]
SIOCSLIFPREFIX Consolidation
Private See section 5.1.2 of [1]
IFF_NOLINKLOCAL Consolidation
Private See section 4.1 of [1]
1.2 updates to 'show-if', 'show-addr', 'show-[if|addr]prop' parsable output
---------------------------------------------------------------------------
* '-P' option has been removed from all of the 'show-*'
subcommands. All the 'show-*' subcommands will always show both
CURRENT and PERSISTENT values.
1.2.1 updates to 'show-if' parsable output
------------------------------------------
[For more details, see section 4.3 of [1] and 'ipadm show-if' in [2]]
* MTU,FLAGS column has been removed
* CURRENT and PERSISTENT column, which represents both current and
persistent flags are added.
1.2.2 updates to 'show-addr' parsable output
--------------------------------------------
[For more details, see section 5.2 of [1] and 'ipadm show-addr' in [2]]
* Following column headers are renamed:
** s/OBJECT/ADDROBJ/
** s/ORIGIN/TYPE/
* FLAGS column has been removed
* Following changes are made to STATE column
** 'invalid' is renamed to 'down'
** 'unknown' and 'preferred' state is removed
** 'disabled' state is added.
* New CURRENT and PERSISTENT columns, which represents current and
persistent flags respectively are added.
1.3 updates to subcommand options
----------------------------------
[Refer to ipadm man page [2] for more details]
* 'create-if' subcommand will not take '-f inet|inet6' option
* 'delete-if' subcommand will not take '-t' or '-f inet|inet6'
option
* 'create-addr -T addrconf' takes '-i' option instead of '-I'
* 'create-addr -T dhcp' will not take '-p' option
* 'refresh-addr' will take -i option to perform DHCP inform.
* 'delete-addr' will not take '-t' option
* 'set-ifprop' and 'reset-ifprop' will not take '-f inet|inet6'
option instead they take '-m protocol' option
1.4 Reduced set of ndd IP/TCP/UDP/SCTP/ICMP tunables
----------------------------------------------------
The number of protocol tunables that will be made public or Committed
has been substantially reduced. The basic premise is to design a
framework that provides persistence of protocol settings and
improvement over the current ndd(1M). Once we have this framework,
more and more tunables can be Committed through PSARC, after
sufficient scrutiny. Following table lists the protocol properties
that will be Committed.
------------------------------------------------------------------------------
Properties Protocol(s) Classification Comments
------------------------------------------------------------------------------
forwarding ipv4, ipv6 Committed See [2]
ttl ipv4 Committed See [2]
hoplimit ipv6 Committed See [2]
ecn tcp Committed See [2]
sack tcp Committed See [2]
recv_maxbuf
send_maxbuf tcp, udp, sctp
icmp Committed See [2]
extra_priv_ports
largest_anon_port
smallest_anon_port
smallest_nonpriv_port tcp, udp, sctp Committed See [2]
1.5 Modifications to address and interface properties
-----------------------------------------------------
* Two new address properties, broadcast[2] and deprecated[2] were
added
* 'xmit' address property was renamed to 'transmit'
* 'reasm-timeout' interface property was removed
* 'rtexchg' interface property was renamed to 'exchange_routes'
1.6 No need for /sbin/netstart binary
--------------------------------------
PSARC 2009/306 proposed using /sbin/netstart to restore persistent
protocol tunables during boot. This process would be started by
init(1M), by reading /etc/inittab, before svc.startd(1M) comes up. The
initial idea was to restore settings close to the execution of
`soconfig(1M)' (soconfig(1M) maps sockets to service providers and
networking applications are useless without the execution of
soconfig(1M))
However, modifying /etc/inittab in the post-SMF world was something
that was not well received and also with IPS obsoleting SVR4
post-install scripts, modifying /etc/inittab during the upgrade path
was not possible. Therefore, we will now restore the persistent
protocol tunables from a SMF script that starts the `ipmgmtd'
daemon. Further `ipmgmtd' daemon is one of the first networking
services to come up and it comes up even before network/loopback. That
way the protocol properties would be re-instantiated before any of the
IP interfaces are plumbed and before any of the networking
applications starts.
1.7 non-contiguous netmask support removed
------------------------------------------
Non-contiguous netmasks are a relic of yesteryear architectures for
which we still retain support in the kernel today, and which create
more complications than they solve. Very few customers use these
today, and when used, they only create confusion.
This is a hindrance for this project, which strives for an API where
addresses are input and displayed in the "address/prefixlen" CIDR
format. Thus, even if ipadm itself will not allow non-contiguous
netmasks, if ifconfig is used to add non-contiguous netmask, ipadm
would be forced to either lie about the mask or otherwise mangle its
output format to display it.
Therefore, this project will be adding checks in the kernel to prevent
such netmasks from being created.
1.8 Obsoleting routeadm(1M) forwarding interface
------------------------------------------------
The routeadm(1M) command is used to administer system-wide
configuration for IP forwarding and routing. It currently uses ndd(1M)
to enable IP forwarding. Since ndd(1M) does not provide persistence,
the persistence is achieved using a SMF service, for ipv4 it is
svc:/network/ipv4-forwarding:default and for ipv6 it is
svc:/network/ipv6-forwarding:default. The whole purpose of this
service, when enabled, is to execute `ndd -set /dev/ip ip_forwarding
[0|1]`, in short provide persistence.
The ipadm(1M) command, which provides persistence and allows setting
of forwarding (ipadm set-prop -p forwarding=[on|off] ipv[4|6]) is an
obvious fit for this feature. So this project will mark routeadm(1M)
interfaces to enable/disable IPv4/IPv6 forwarding 'Obsolete' and will
eventually EOF that feature. We have updated the routeadm(1M)[3] man
page to reflect the same. Until that point in time, when both the
tools continue to exist, we will modify the SMF script
(/lib/svc/method/svc-forwarding) to invoke ipadm(1M). So that both
routeadm(1M) and ipadm(1M) will be modifying the same repository and
hence will have the same view.
2. References (enclosed in case directory)
==========================================
[1] "Brussels II design document - brussels2_design.pdf
[2] ipadm MAN page - ipadm.1m.txt
[3] routeadm.1m.txt.diffs
