Part I Network Services Topics

Chapter 1, Resource Management and Network Service (Overview)

Provides an overview of the topics covered in this book, as well as a description of the PERL service that is included in this release.

Chapter 2, Managing Web Cache Servers

Covers Solaris NCA service which improves web server preformance

Chapter 3, Time-Related Services

Describes the NTP service and other mechanisms that can be used to synchronize clocks

Chapter 1 Resource Management and Network Service (Overview)

This chapter provides a list of the major topics covered in this book. In addition it includes a description of the PERL service that is included in this release.

• Topics for the Solaris 9 Release

• Perl 5

Topics for the Solaris 9 Release

The following services or utilities are covered in this book:

Chapter 4, Introduction to Solaris 9 Resource Manager

Resource management functionality enhances your ability to allocate, monitor, and control system resources.

Chapter 13, Managing Network File Systems (Overview)

NFS is a protocol that provides the ability to access file systems from a remote host.

Chapter 16, SLP (Overview)

SLP is a dynamic service discovery protocol.

Chapter 21, Mail Services (Overview)

Mail services allow for a message to be sent to one or more people while routing the message over whatever networks are necessary.

Chapter 25, Solaris PPP 4.0 (Overview)

PPP is a protocol that provides point-to-point links between remote hosts.

Chapter 34, Overview of UUCP

UUCP enables hosts to exchange files

Chapter 37, Working With Remote Systems (Overview)

These commands are used to access files on remote systems. The commands include ftp, rlogin and rcp.

Chapter 2, Managing Web Cache Servers

NCA provides improved web server performance by caching web pages.

Chapter 3, Time-Related Services

NTP and time-related utilities can be used to synchronize time for many systems.

Perl 5

The Practical Extraction and Report Language (Perl) is a tool that can be used to generate scripts to assist with system administration tasks.

Perl 5

This Solaris release includes Practical Extraction and Report Language (Perl) 5.6.1, a powerful general-purpose programming language that is generally available as free software. Perl has emerged as the standard development tool for complex system administration task because of its excellent process, file, and text manipulation features.

Perl 5 includes a dynamically loadable module framework, which allows the addition of new capabilities for specific tasks. Many modules are freely available from the Comprehensive Perl Archive Network (CPAN) at http://www.cpan.org.

Accessing Perl Documentation

Several sources of information about Perl are included in this Solaris release. The same information is available by using these two mechanisms.

You can access the man pages by adding /usr/perl5/man to your MANPATH environment variable. This example displays the Perl overview.

% set MANPATH=($MANPATH /usr/perl5/man)
% man perl

You can access additional documentation by using the perldoc utility. This example displays the same overview information.

% /usr/perl5/bin/perldoc perl

The perl overview page lists of all the documentation that is included with the release.

Perl Compatibility Issues

In general, the 5.6.1 version of Perl is compatible with the previous version. Scripts do not have to be rebuilt or recompiled to function. However, any XSUB-based (.xs) modules require recompilation and reinstallation.

In the Solaris 9 release, you can access the older version of Perl as /usr/perl5/5.00503/bin/perl. The older version might not be supported in future releases and this version should only be used until the new modules are rebuilt.

Changes to the Solaris Version of Perl

The Solaris version of Perl was compiled to include system malloc, 64-bit integer and large file support. In addition, appropriate patches have been applied. For a full list of all configuration information, review the results from this command.

% /usr/perl5/bin/perlbug -dv
---
Flags:
    category=
    severity=
---
Site configuration information for perl v5.6.1:
 .
 .

You can generate a shorter list by using perl -V.

Chapter 2 Managing Web Cache Servers

This chapter provides an overview of the Solaris Network Cache and Accelerator (NCA). Also, procedures for using NCA and reference material about NCA are included.

• Network Cache and Accelerator (Overview)

• Managing Web Cache Servers (Task Map)

• Administering the Caching of Web Pages (Tasks)

• Caching Web Pages (Reference)

Network Cache and Accelerator (Overview)

The Solaris Network Cache and Accelerator (NCA) increases web server performance by maintaining an in-kernel cache of web pages that are accessed during HTTP requests. This in-kernel cache uses system memory to significantly increase performance for HTTP requests that are normally handled by web servers. Using system memory to hold web pages for HTTP requests increases web server performance by reducing the overhead between the kernel and the web server. NCA provides a sockets interface through which any web server can communicate with NCA with minimal modifications.

In situations where the requested page is retrieved from the in-kernel cache (cache hit), performance improves dramatically. In situations where the requested page is not in the cache (cache miss) and must be retrieved from the web server, performance is also significantly improved.

This product is intended to be run on a dedicated web server. If you run other large processes on a server that runs NCA, problems can result.

NCA provides logging support in that NCA logs all cache hits. This log is stored in binary format to increase performance. The ncab2clf command can be used to convert the log from binary format to common log format (CLF).

The Solaris 9 release includes the following enhancements:

• Sockets interface.

• Support for vectored sendfile, which provides support for AF_NCA. See the sendfilev(3EXT) man page for more information.

• New options for the ncab2clf command that support the ability to skip records before a selected date (-s) and to process a specified number of records (-n).

• logd_path_name in ncalogd.conf can specify either a raw device, a file, or a combination of the two.

New NCA Functionality

This release now provides support for a web server to open multiple AF-NCA sockets. With multiple sockets, you can have different web servers that run on one server.

In addition, a new configuration file that is called /etc/nca/ncaport.conf is available. The file can be used to manage the IP addresses and ports that NCA uses. Your web server might not provide native support of the AF_NCA socket. If your server lacks this support, use this file and the NCA socket utility library to convert an AF_INET socket to an AF_NCA socket.

Managing Web Cache Servers (Task Map)

The following table describes the procedures that are needed to use NCA.

Planning for NCA

The following sections cover the issues that need to be resolved before starting the NCA service.

System Requirements for NCA

To support NCA, the system must meet these requirements:

• 256 Mbytes RAM must be installed.

• The Solaris 9 release or one of the Solaris 8 upgrade releases must be installed.

• Apache support must be available. Apache support is available in the Solaris 9 and the Solaris 8 upgrade releases.

This product is intended to be run on a dedicated web server. The running of other large processes on a server that runs NCA can cause problems.

NCA Logging

The NCA service can be configured to log web activity. Generally, NCA logging should be enabled if the web server logging is enabled.

Interpositioning Library for Daemon Support of the Door Server

Many web servers use AF_INET sockets. By default, NCA uses AF_NCA sockets. To correct this situation, an interpositioning library is provided. The new library is loaded in front of the standard socket library, libsocket.so. The library call bind() is interposed by the new library, ncad_addr.so. Suppose that the status is enabled in /etc/nca/ncakmod.conf. The version of Apache that is included with the Solaris 9 release is already set up to call this library. If you are using IWS or Netscape servers, see How to Load the Socket Utility Library for NCA to use the new library.

Multiple Instance Support

Systems that have NCA installed often need to run multiple instances of a web server. For instance, a single server might need to support a web server for outside access as well as a web administration server. To separate these servers, you would configure each server to use a separate port.

Administering the Caching of Web Pages (Tasks)

The following sections cover the procedures to enable or disable parts of the service.

How to Enable Caching of Web Pages

1. Become superuser.

2. Register the interfaces.

   Type the names of each of the physical interfaces in the /etc/nca/nca.if file. See the nca.if(4) man page for more information.

   # cat /etc/nca/nca.if hme0 hme1

   Each interface must have an accompanying hostname.interface-name file and an entry in /etc/hosts file for the contents of hostname.interface-name. To start the NCA feature on all interfaces, place an asterisk, *, in the nca.if file.

3. Enable the ncakmod kernel module.

   Change the status entry in /etc/nca/ncakmod.conf to enabled.

   # cat /etc/nca/ncakmod.conf # # NCA Kernel Module Configuration File # status=enabled httpd_door_path=/var/run/nca_httpd_1.door nca_active=disabled

   See the ncakmod.conf(4) man page for more information.

4. (Optional) Enable NCA logging.

   Change the status entry in /etc/nca/ncalogd.conf to enabled.

   # cat /etc/nca/ncalogd.conf # # NCA Logging Configuration File # status=enabled logd_path_name="/var/nca/log" logd_file_size=1000000

   You can change the location of the log file by changing the path that is indicated by the logd_path_name entry. The log file can be a raw device or a file. See the following examples for samples of NCA log file paths. See the ncalogd.conf(4) man page for more information about the configuration file.

5. (Optional) Define ports for multiple instance support.

   Add the port numbers in the /etc/nca/ncaport.conf file. This entry causes NCA to monitor port 80 on all configured IP addresses.

   # cat /etc/nca/ncaport.conf # # NCA Kernel Module Port Configuration File # . . ncaport=*/80

6. For IA only: Increase the virtual memory size.

   Use the eeprom command to set the kernelbase of the system.

   # eeprom kernelbase=0x90000000 # eeprom kernelbase kernelbase=0x90000000

   The second command verifies that the parameter has been set.

   ---

   Note –

   By setting the kernelbase, you reduce the amount of virtual memory that user processes can use to less than 3 Gbytes. This restriction means that the system is not ABI compliant. When the system boots, the console displays a message that warns you about noncompliance. Most programs do not actually need the full 3–Gbyte virtual address space. If you have a program that needs more than 3 Gbytes, you need to run the program on a system that does not have NCA enabled.

   ---

7. Reboot the server.

Example–Using a Raw Device as the NCA Log File

The logd_path_name string in ncalogd.conf can define a raw device as the place to store the NCA log file. The advantage to using a raw device is that the service can run faster because the overhead in accessing a raw device is less.

The NCA service tests any raw device that is listed in the file to ensure that no file system is in place. This test ensures that no active file systems are accidentally written over.

To prevent this test from finding a file system, run the following command. This command destroys part of the file system on any disk partition that had been configured as a file system. In this example, /dev/rdsk/c0t0d0s7 is the raw device that has an old file system in place.

# dd if=/dev/zero of=/dev/rdsk/c0t0d0s7 bs=1024 count=1

After running dd, you can then add the raw device to the ncalogd.conf file.

# cat /etc/nca/ncalogd.conf
#
# NCA Logging Configuration File
#
status=enabled
logd_path_name="/dev/rdsk/c0t0d0s7"
logd_file_size=1000000

Example–Using Multiple Files for NCA Logging

The logd_path_name string in ncalogd.conf can define multiple targets as the place to store the NCA log file. The second file is used when the first file is full. The following example shows how to select to write to the /var/nca/log file first and then use a raw partition.

# cat /etc/nca/ncalogd.conf
#
# NCA Logging Configuration File
#
status=enabled
logd_path_name="/var/nca/log /dev/rdsk/c0t0d0s7"
logd_file_size=1000000

How to Disable Caching of Web Pages

1. Become superuser.

2. Disable the ncakmod kernel module.

   Change the status entry in /etc/nca/ncakmod.conf to disabled.

   # cat /etc/nca/ncakmod.conf # NCA Kernel Module Configuration File # status=disabled httpd_door_path=/var/run/nca_httpd_1.door nca_active=disabled

   See the ncakmod.conf(4) man page for more information.

3. Disable NCA logging.

   Change the status entry in /etc/nca/ncalogd.conf to disabled.

   # cat /etc/nca/ncalogd.conf # # NCA Logging Configuration File # status=disabled logd_path_name="/var/nca/log" logd_file_size=1000000

   See the ncalogd.conf(4) man page for more information.

4. Reboot the server.

How to Enable or Disable NCA Logging

NCA logging can be turned on or turned off, as needed, after NCA has been enabled. See How to Enable Caching of Web Pages for more information.

1. Become superuser.

2. Change NCA logging.

   To permanently disable logging, you need to change the status in /etc/nca/ncalogd.conf to disabled and reboot the system. See the ncalogd.conf(4) man page for more information.

   1. Stop logging.

      # /etc/init.d/ncalogd stop

   2. Start logging.

      # /etc/init.d/ncalogd start

How to Load the Socket Utility Library for NCA

Follow this process only if your web server does not provide native support of the AF_NCA socket.

In the startup script for the web server, add a line that causes the library to be preloaded. The line should resemble the following:

LD_PRELOAD=/usr/lib/ncad_addr.so /usr/bin/httpd

How to Add a New Port to the NCA Service

1. Become superuser.

2. Add a new port.

   Add a new port entry to /etc/nca/ncaport.conf. This example adds port 8888 on IP address 192.168.84.71. See ncaport.conf(4) for more information.

   # cat /etc/nca/ncaport.conf # # NCA Kernel Module Port Configuration File # . . ncaport=*/80 ncaport=192.168.84.71/8888

3. Start a new web instance.

   An address needs to be in the file that contains the NCA port configurations before a web server can use the address for NCA. If the web server is running, it must be restarted after the new address is defined.

Caching Web Pages (Reference)

The following sections cover the files and the components that are needed to use NCA. Also, specifics about how NCA interacts with the web server are included.

NCA Files

You need several files to support the NCA feature. Many of these files are ASCII, but some of the files are binary. The following table lists all of the files.

NCA Architecture

The NCA feature includes the following components.

• Kernel module, ncakmod

• Web server, httpd

The kernel module ncakmod maintains the cache of web pages in system memory. The module communicates with a web server, httpd, through a sockets interface. The family type is PF_NCA.

The kernel module also provides a logging facility that logs all HTTP cache hits. NCA logging writes HTTP data to the disk in binary format. NCA provides a conversion utility for converting binary log files to common log format (CLF).

The following figure shows the flow of data for the conventional path and the path that is used when NCA is enabled.

Figure 2–1 Data Flow With the NCA Service

NCA to Httpd Request Flow

The following list shows the request flow between the client and the web server.

1. An HTTP request is made from the client to the web server.

2. If the page is in cache, the in-kernel cache web page is returned.

3. If the page is not in cache, the request goes to the web server to retrieve or update the page.

4. Depending on the HTTP protocol semantics that are used in the response, the page is cached or not. Then the page is returned to the client. If the Pragma: No-cache header is included in the HTTP request, the page is not cached.

Chapter 3 Time-Related Services

Keeping system clocks synchronized within a network is required for many databases and authentication services. The following topics are covered in this chapter.

• Clock Synchronization (Overview)

• Managing Network Time Protocol (Tasks)

• Using Other Time-Related Commands (Tasks)

• Network Time Protocol (Reference)

Clock Synchronization (Overview)

The Network Time Protocol (NTP) public domain software from the University of Delaware is included in the Solaris software from Solaris 2.6 release forward. The xntpd daemon sets and maintains the system time-of-day. The xntpd daemon is a complete implementation of the version 3 standard, as defined by RFC 1305.

The xntpd daemon reads the /etc/inet/ntp.conf file at system startup. See xntpd(1M) for information about configuration options.

Remember the following when using NTP in your network:

• The xntpd daemon uses minimal system resources.

• An NTP client synchronizes automatically with an NTP server when it boots. If the client becomes unsynchronized, the client resynchronizes again when the client contacts a time server.

Another way to synchronize clocks is to run rdate while using cron.

Managing Network Time Protocol (Tasks)

The following procedures show how to set up and use the NTP service.

How to Set Up an NTP Server

1. Become superuser.

2. Create the ntp.conf file.

   To ensure proper execution of the xntpd daemon, the ntp.conf file must first be created. The ntp.server file can be used as a template.

   # cd /etc/inet # cp ntp.server ntp.conf

3. Start the xntpd daemon.

   # /etc/init.d/xntpd start

How to Set Up an NTP Client

1. Become superuser.

2. Create the ntp.conf file.

   To activate the xntpd daemon, the ntp.conf file must first be created.

   # cd /etc/inet # cp ntp.client ntp.conf

3. Start the xntpd daemon.

   # /etc/init.d/xntpd start

Using Other Time-Related Commands (Tasks)

How to Synchronize Date and Time From Another System

1. Become superuser.

2. Reset the date and time to synchronize with another system, by using the rdate command.

   # rdate another-system

   another-system

   Name of the another system

3. Verify that you have reset your system's date correctly by using the date command.

   The output should show a date and time that matches that of the other system.

Example—Synchronizing Date and Time From Another System

The following example shows how to use rdate to synchronize the date and time of one system with another. In this example, the system earth, running several hours behind, is reset to match the date and time of the server starbug.

earth# date
Tue Jun  5 11:08:27 MDT 2001
earth# rdate starbug
Tue Jun  5 14:06:37 2001
earth# date
Tue Jun  5 14:06:40 MDT 2001

Network Time Protocol (Reference)

The following files are needed for the NTP service to run.