Network Kit 9.0.0 __TOP__
Notice: Please read the important information included in this document in the Known side effects section. WebSphere Application Server Fix Pack 9.0.0.7 content is provided as below:
Network Kit 9.0.0
Zimbra Collaboration version 9.0.0 introduced the ability to store ephemeral data in an external service such as SSDB.This is an optional feature; however, it can improve LDAP performance and stability.
If you do not want to upgrade, but prefer to install Zimbra Collaboration 9.0.0 as a new installation, when you run the Zimbra Collaboration 9.0.0 install script, enter N when asked Do you wish to upgrade?
The network-scripts package has been removed. Use NetworkManager to configure network connections. For more information about functionality that is no longer part of RHEL, see the Networking section in the Considerations in adopting RHEL 9 document.
Previously, when performing an interactive installation without having the network activated by Kickstart or boot options, users had to activate the network manually in the network spoke. With this update, Anaconda activates the network automatically, without requiring users to visit the network spoke and activate it manually.
The diag modules are now included with the kernel image. With this update, the diag modules no longer need to be dynamically loaded when the ss command is used. This allows better debugging of networking issues regardless of the customer policy on kernel modules. Modules included in the kernel:
With this enhancement, on the IBM Z platform, NetworkManager now interprets the rd.znet and rd.znet_ifname kernel command-line options when installing or booting Red Hat Enterprise Linux from the network. As a result, it is possible to specify a name of a network interface identified by the subchannels instead of the default one.
With this release, RHEL provides the hostapd package. However, Red Hat supports hostapd only to set up a RHEL host as an 802.1X authenticator in Ethernet networks. Other scenarios, such as Wi-Fi access points or authenticators in Wi-Fi networks, are not supported.
For details about configuring RHEL as an 802.1X authenticator with a FreeRADIUS back end, see Setting up an 802.1x network authentication service for LAN clients using hostapd with FreeRADIUS backend.
Any network interface that needs to use this option should configure it with multiple calls until proper priorities are set for all interfaces. For more information, see /usr/share/docs/kernel-doc-_/Documentation/networking/bonding.rst file that is provided by the kernel-doc package.
Nonvolatile Memory Express (NVMe) storage over TCP/IP networks (NVMe/TCP) with the nvme_tcp.ko kernel module is now fully supported. The NVMe/TCP target with the nvmet_tcp.ko module is available with an Unmaintained status in RHEL 9.0.
In Wi-Fi protected access version 3 (WPA3) networks, the simultaneous authentication of equals (SAE) method ensures that the encryption key is not transmitted. With this enhancement, the Networking RHEL System role supports SAE. As a result, administrators can now use the Networking System Role to configure connections to Wi-Fi networks, which use WPA-SAE.
Zones represent a concept to manage incoming traffic more transparently. The zones are connected to networking interfaces or assigned a range of source addresses. Firewall rules for each zone are managed independently enabling the administrator to define complex firewall settings and apply them to the traffic. This feature allows setting the default zone used as the default zone to assign interfaces to, same as firewall-cmd --set-default-zone zone-name.
Previously, it was difficult to set up secure and properly configured IPsec tunneling and virtual private networking (VPN) solutions on Linux. With this enhancement, you can use the VPN RHEL System Role to set up and configure VPN tunnels for host-to-host and mesh connections more easily across large numbers of hosts. As a result, you have a consistent and stable configuration interface for VPN and IPsec tunneling configuration within the RHEL System Roles project.
This update provides support to all bonding options to the network RHEL System Role. Consequently, it enables you to flexibly control the network transmission over the bonded interface. As a result, you can control the network transmission over the bonded interface by specifying several options to that interface.
Previously, during setting a connection profile, NetworkManager was only allowed to specify a network card using either its name or MAC address. In this case, the device name is not stable and the MAC address requires inventory to maintain record of used MAC addresses. Now, you can specify a network card based on its PCI address in a connection profile.
Previously, when Anaconda was setting the installer environment host name to the value from the kickstart configuration (network --hostname), it used to set a transient hostname. Some of the actions performed during %post script run, for example network device activation, were causing the host name reset to a value obtained by reverse dns.
The FDO process for automatic provisioning and onboarding RHEL for Edge images is available as a Technology Preview. With that, you can build a RHEL for Edge Simplified Installer image, provision it to a RHEL for Edge image, and use the FDO (FIDO device onboarding) process to automatically provision and onboard your Edge devices, exchange data with other devices and systems connected on the networks. As a result, the FIDO device onboarding protocol performs device initialization at the manufacturing stage and then late binding to actually use the device.
Soft-iWARP (siw) is a software, Internet Wide-area RDMA Protocol (iWARP), kernel driver for Linux. Soft-iWARP implements the iWARP protocol suite over the TCP/IP network stack. This protocol suite is fully implemented in software and does not require a specific Remote Direct Memory Access (RDMA) hardware. Soft-iWARP enables a system with a standard Ethernet adapter to connect to an iWARP adapter or to another system with already installed Soft-iWARP.
Previously, NetworkManager stored new network configurations to /etc/sysconfig/network-scripts/ in the ifcfg format. Starting with RHEL 9.0, RHEL stores new network configurations at /etc/NetworkManager/system-connections/ in a key-file format. The connections for which the configurations are stored to /etc/sysconfig/network-scripts/ in the old format still work uninterrupted. Modifications in existing profiles continue updating the older files.
The network teaming capabilities have been deprecated in RHEL 9. As a result, using the networking RHEL System Role on an RHEL 8 controller to configure a network team on RHEL 9 nodes, shows a warning about its deprecation.
The SHA1 algorithm used to generate the filename of the rootless network namespace is no longer supported in Podman. Therefore, rootless containers started before updating to Podman 4.1.1 from the RHBA-2022:5951 advisory have to be restarted if they are joined to a network (and not just using slirp4netns) to ensure they can connect to containers started after the upgrade.
On RHEL 9, the initscripts package is not installed by default. Consequently, renaming network interfaces using ifcfg files fails. To solve this problem, Red Hat recommends that you use udev rules or link files to rename interfaces. For further details, see Consistent network interface device naming and the systemd.link(5) man page.
Based on the information received from the cloud environment, the nm-cloud-setup service configures network interfaces. Disable nm-cloud-setup to manually configure interfaces. However, in certain cases, other services on the host can configure interfaces as well. For example, these services could add secondary IP addresses. To avoid that nm-cloud-setup removes secondary IP addresses:
An rd.znet option without any arguments, such as net types or subchannels, in the kernel fails to configure networking. To work around this problem, either remove the rd.znet option from the command line completely or specify relevant net types, subchannels, and other relevant options. For more information about these options, see the dracut.cmdline(7) man page.
Currently, when starting a Windows virtual machine (VM) with only a failover virtio NIC, the VM fails to assign an IP address to the NIC. Consequently, the NIC is unable to set up a network connection. Currently, there is no workaround.
Currently, when attaching a network adapter with single-root I/O virtualization (SR-IOV) enabled to a RHEL 9 virtual machine (VM) running on Microsoft Hyper-V hypervisor, the SR-IOV functionality in some cases does not work correctly.
Currently, customizing a RHEL 9 guest operating system in the VMware ESXi hypervisor does not work correctly with NetworkManager key files. As a consequence, if the guest is using such a key file, it will have incorrect network settings, such as the IP address or the gateway.
A part of the FLIR United VMS 9.2 family, Latitude is the preferred enterprise-level IP surveillance system providing forensic-quality imaging and user-friendly operations. Featuring the latest technology, FLIR Latitude is a powerful and versatile network VMS featuring enhanced cyber security, edge device integration, and global administration. The scalable architecture efficiently supports systems of any size and can be implemented throughout an enterprise spanning multiple sites, cities, and continents. United VMS enables security managers to access system status, alarms, and video from anywhere at any time using dedicated workstations or the UVMS Web Client for fixed or mobile devices.
When configured to use standard TCP sockets for replication andsynchronization, DRBD can use also IPv6 as its network protocol. Thisis equivalent in semantics and performance to IPv4, albeit using adifferent addressing scheme.
SDP is an implementation of BSD-style sockets for RDMA capabletransports such as InfiniBand. SDP was available as part of the OFEDstack of most distributions but is now considered deprecated. SDP uses an IPv4-styleaddressing scheme. Employed over an InfiniBand interconnect, SDPprovides a high-throughput, low-latency replication network to DRBD. 041b061a72