ptx/TCP/IP V4.7.1
Release Notes


Introduction

These release notes support V4.7.1 of the ptx®/TCP/IP software intended for use with NUMA systems. Read this document before you install and run this release of the ptx/TCP/IP software.


Product Compatibility

The following software products are prerequisites for ptx/TCP/IP V4.7.1:


New Features in V4.7.x


DHCP Client (dhcpc)


Introduction

DHCP allows for configuration of hosts and provides a mechanism for assigning network addresses to hosts on a network. DHCP follows a client-server model, where a designated host, the DHCP server, allocates network addresses (from a pool of IP addresses it maintains) and provides configuration parameters to dynamically configure hosts (known as DHCP clients) on a network.

DHCP supports three mechanisms for IP address allocation. In "manual allocation," the network administrator assigns the IP address and the client uses DHCP to retrieve the same from the DHCP server. In "automatic allocation," the DHCP server assigns a permanent IP address to a client. In "dynamic allocation," the DHCP server allocates an IP address to the client for a limited period of time, known as the "lease time," after which the client relinquishes the use of that address, enabling the DHCP server to allocate the address to another client, if need be. Using the DHCP protocol enables a client system to configure its network interfaces without manual intervention. It also allows for efficient use of available IP addresses, since an IP address can be reused by another system, once the client system using it currently is done with it.

The DHCP client supplied with the ptx/TCP/IP distribution allows for configuring multiple interfaces on a single client system (on the same network or on different networks). It also allows for the client to work on networks where the server does a network directed broadcast instead of the usual all-one's broadcast.

The RFCs which are supported by this implementation are:

For details on the usage of the DHCP client, see the dhclient(1M) man page.


Command-Line Options

The client supports the following command-line options:

dhclient [ -p port ] [ -d ] [ if0 [ ... ifN] ] [ -r if0 ...ifN ]
-p port
Specifies a port number to use if the client needs to use any port number other than the standard port 68.
-d
By default, dhclient runs in the background after selecting an interface to configure. It can be forced to run in the foreground by specifying this option.
if0, ..., ifN
Specifies a list of names of the interfaces which the DHCP client attempts to configure.
-r
Specifies that the client use the SIOCSIFRCVALL option on the socket for the named interfaces, if0, ..., if N. This would enable the client to talk to a server, which does a net-directed broadcast instead of the normal all-ones broadcast.

For further details and a more complete description, see dhclient(1M).


DHCP Client Configuration

The behavior of the DHCP client can be configured (changing protocol timing parameters, specifying interfaces to be configured, specifying protocol options to be requested from the DHCP server, default values for certain options, etc.) by using the /var/tcp/dhcpc/dhclient.conf file. The DHCP client reads this file on startup to get the list of all the interfaces and also the configuration parameters specified. The list of supported configurable parameters, the keywords to be used, their syntax and semantics, along with the usage are mentioned in the dhclient.conf(4) man page.


DHCP Options

The DHCP client can use the /var/tcp/dhcpc/dhclient-conffile to specify a list of protocol options used in configuring the host on that network and also to let the host know of various services available for its use. The entire list of options supported, their syntax and semantics, and usage are discussed in the dhcp-options(4) and dhclient.conf(4) man pages.


Configuring the Network Interface by DHCP Client with Network Parameters

The DHCP client periodically invokes the network configuration script /var/tcp/dhcpc/dhclient-script to set each interface's initial configuration prior to requesting an address, to test the address once it has been offered, or to set the interface's final configuration once a lease has been acquired. It is also called to set a pre-defined lease, if the client fails to receive any lease from the server and also when it finds no valid lease to use. The client invokes dhclient-script with a list of environment variables corresponding to the network parameters provided by the server or those specified in the configuration file. This script currently takes care of configuring the interface with an appropriate IP address and netmask, adding default routes, adding static routes, adding IP aliases, making appropriate entries in /etc/resolv.conf, setting the hostname, etc. Also, this script provides hooks to customize the behavior of the script according to user requirements or site specific requirements. The hooks provided, the different times when the client invokes this script, and the list of variables passed and their syntax are described in detail in the dhclient-script(4) man page.


Changes in ptx/ADMIN TCP/IP Menus

The ptx/ADMIN TCP/IP menus allow you to tag an interface with the DHCPC tag (through the Expert Interface Configuration menus). Tagging an interface with this tag causes the system to invoke the DHCP client for that interface so that the interface is configured dynamically.


Changes in ifnets File

An interface tagged with theDHCPC tag through the menu interface will have the tag name in the tag field of the interface record in the ifnets file.


Changes in /etc/ifconfigall for DHCPC Support

/etc/ifconfigall has been modified to recognize a new tag, DHCPC. On seeing an interface in the ifnets file with this tag, it invokes the DHCP client for that interface, so that an address is configured dynamically for that interface. See also "Changes to /etc/ifconfigall" later in this document.

Notes:

For more information about dhcpc, refer to Chapter 3 of the ptx/TCP/IP Administration Guide.


Internet Message Access Protocol (IMAP)

ptx/TCP/IP V4.7.0 supports the Internet Message Access Protocol, Rev 4 (IMAP4), which accesses electronic mail or bulletin board messages that are kept on a (possibly shared) mail server. The IMAP server code is derived from University of Washington's IMAP-4.6 code base.

For more information, refer to Chapter 7 of the ptx/TCP/IP Administration Guide.


IP Filtering and IP Security

ptx/TCP/IP now supports filtering of IP packets and creation of IPSec tunnels using IETF IPSec working group standard Internet protocols. Commands for creating and manipulating filters and tunnels are listed below:

Filters:

genfilt
Creates a new filter
chfilt
Changes an existing filter.
mkfilt
Enables filtering in the kernel; updates kernel filters.
lsfilt
Lists filters.
expfilt
Exports filters for use on other machines.
impfilt
Imports filters exported from other machines.
mvfilt
Changes the order in which filters are applied.
rmfilt
Removes a filter.

Tunnels:

gentun
Creates a new tunnel.
chtun
Changes an existing tunnel.
mktun
Enables tunnels in the kernel; updates kernel tunnels.
lstun
Lists tunnels.
exptun
Exports tunnels for use on other machines.
imptun
Imports tunnels exported from other machines.
rmtun
Removes a tunnel.

Statistics:

ipsecstat
Lists algorithms and statistics related to IP security and filtering.

These commands are compatible with AIX Version 4.3.3 commands of the same names and also support import and export data files generated on AIX machines. For more information, refer to Chapter 8 of the ptx/TCP/IP Administration Guide and/or the manual entries for the individual commands.


ATTENTION

DYNIX/ptx supports only the AIX manual tunnel type and does not support all encryption algorithms available in AIX.

The /etc/init.d/netservers file contains the following commented-out lines necessary for re-installation of tunnels and filters automatically on reboot. These lines must be uncommented on systems making use of filters and/or tunnels. Note also that netservers has multiple links, which must reflect the changes also, if not edited in place.

#
# uncomment to use filters
#
#if [ -f /usr/etc/mkfilt ]; then
#       /usr/etc/mkfilt -v 4 -u -i & /bin/echo ' ipfiltering\c'
#fi
#
# uncomment to use IPSec tunnels
#
#if [ -f /usr/etc/mktun ]; then
#       /usr/etc/mktun -v 4 -i & /bin/echo ' ipsec\c'
#fi



BIND 8.2.3


Introduction

This release of ptx/TCP/IP supports BIND 8.2.3. The version of BIND distributed by earlier releases of ptx/TCP/IP is BIND 4.9.7. BIND 8.2.3 introduces many new features, includes many security bug fixes, and has an entirely different syntax for the configuration file. This release of ptx/TCP/IP supports both BIND 8.2.3 and BIND 4.9.7.


Key New Features

BIND 8.2.3 supports the following new features:


ATTENTION

For the purposes of this document, the term "server" refers to a BIND 8.2.3 server, unless otherwise explicitly mentioned.



New APIs

The following new APIs are available:


Changes From BIND 4.9.7


ATTENTION

Currently, a primary name server is called "master" and a secondary name server is called "slave."


This section details the changes in BIND from 4.9.7.


Installation


Miscellaneous


Sendmail Upgrade

This release of ptx/TCP/IP includes an upgraded version of Sendmail, V8.10.0.

Sendmail V8.10.0 is compliant with the following RFCs:

RFC821  (Simple Mail Transport Protocol)
RFC822   (Internet Mail Headers Format)
RFC1123  (Internet Host Requirements)
RFC2045  (MIME)
RFC1869  (SMTP Service Extensions)
RFC1652  (SMTP 8BITMIME Extension)
RFC1870  (SMTP SIZE Extension)
RFC1891  (SMTPDelivery Status Notifications)
RFC1892  (Multipart/Report)
RFC1893  (Mail System Status Codes)
RFC1894  (Delivery Status Notifications)
RFC1985  (SMTP Service Extension for Remote Message Queue Starting)
RFC2033  (Local Message Transmission Protocol)
RFC2476  (Message Submission)
RFC2554  (SMTP Service Extension for Authentication)

The following is a list of key new features and changes in behavior from the old Sendmail:


MIB2

The mib2agt subagent provided in this release has the following changes:


Changes to /etc/ifconfigall

The default behavior of ifconfigall has changed. /etc/ifconfigall will no longer delete interfaces or addresses to sync up to configuration files unless the -f option is used. By default, /etc/ifconfigall will bring up any interface or address specified for the given run level in the configuration files /var/tcp/ifaddrs and /var/tcp/ifnets that is not already up.

The -f option is new and reproduces the old behavior of /etc/ifconfigall. Note that using the -f flag will delete or bring down an interface even if it has a tag of DHCP.

Usage: ifconfigall [-s] [-f] run_level

Using the -f flag will force a synchronization to the configuration files (/var/tcp/ifaddrs and /var/tcp/ifnets, by default). Any dynamically added interfaces and addresses not present in the configuration files (or different from the configuration files) will be removed.

The -s flag will display the commands that would normally have been executed, but will not actually run the commands. This behavior has not changed.

For more information, see the ifconfigall(1M) man page.


Software Installation

To install ptx/TCP/IP V4.7.1, refer to the DYNIX/ptx V4.6.1 and Layered Products Software Installation Release Notes.


ATTENTION

If you are installing ptx/TCP/IP V4.7.1 over a previous version of ptx/TCP/IP, you need to perform the following steps to ensure a successful installation. If you are performing a scratch install, you can ignore the rest of this caution.

During the installation, you may need to modify the preview log for ptx/TCP/IP.



ATTENTION

The reshd, ftpd, and rexecd distributed with this release are BSD-sockets based and not TLI implementations. reshd was a TLI implementation until ptx/TCP/IP V4.4.1. In ptx/TCP/IP V4.7.1, rexecd will be disabled by default. Upon installing ptx/TCP/IP V4.7.1, inetd.conf entries, such as

ftp     tli     tcp     nowait  root    /usr/etc/ftpd   ftpd
shell tli tcp nowait root /usr/etc/reshd reshd
exec tli tcp nowait root /usr/etc/rexecd rexecd

will be modified to the following:

ftp     stream  tcp     nowait  root    /usr/etc/ftpd   ftpd
shell stream tcp nowait root /usr/etc/reshd reshd
#exec stream tcp nowait root /usr/etc/rexecd rexecd

Also note that this change in inetd.conf will occur irrespective of choosing CONFLICT-SKIP or CONFLICT-REPLACE. The inetd.conf being replaced will be saved in /usr/options/tcp/inetd_conf/inetd.conf.



Product Documentation

The following documentation is available on the line documentation CD or at http://webdocs.numaq.ibm.com/:

ptx/TCP/IP Overview
ptx/TCP/IP Administration Guide
ptx/TCP/IP Programming Manual
ptx/TCP/IP Sockets Manual
ptx/TCP/IP Kernel Error Messages

Problem Reports

This section lists the following problem report summaries:

The numbers in parentheses identify the problems in the problem-tracking system.


Fixed Problems in ptx/TCP/IP V4.7.1

ptx/TCP/IP V4.7.1 includes fixes for the following software defects.


Fixed Problems in ptx/TCP/IP V4.7.0

The following problems were fixed in ptx/TCP/IP V4.7.0.


Open Problems in ptx/TCP/IP V4.7.1


System May Panic When Routes Are Flushed While Sending Out Packets Over an IPSec Tunnel (254074)

When routes are flushed while sending out packets over an IPSec tunnel, a rare race condition might cause the system to panic. When using IPSec tunnels, be extremely careful to first close connections before doing a route flush, or avoid flushing of routes if possible.


On NUMA Systems, Initial Sequence Number May Not Be Unique (228904)

Multiple SYNs may not be unique if connection requests arrive while the system clock has not changed (the system clock has a 10-millisecond resolution).