Search Results

Search found 2310 results on 93 pages for 'solaris containers'.

Page 35/93 | < Previous Page | 31 32 33 34 35 36 37 38 39 40 41 42 | Next Page >

A Virtual(Box) Christmas!

- by Gilles Gravier

Hello and merry Christmas everybody!Yes. This year, it's a v4.0 Xmas! VirtualBox just came out with a new major version release. Version 4.0 is available at : http://www.virtualbox.org/wiki/Downloads ... and of course, it's open source, and it's free. And I suggest (strongly) that you also download the free Extension Pack from the same page... Brings USB 2.0 emulation and more!I upgraded the version on my Solaris Express (get that from : http://www.oracle.com/solaris/index.html and follow the Download Solaris Express link on the right) laptop (pfexec pkgrm SUNWvbox and then pfexec pkgadd -d the .pkg in the compressed archive file, and install the extensions from the VBox GUI once it's launched). If you are on an old fashion OS without proper RBAC, replace pfexec by sudo. Which you can also do on Solaris if you really want to. :)I tell you, it's Christmas, for sure!Merry VBox!Gilles.

Read the article
ArchBeat Link-o-Rama for 2012-09-12

- by Bob Rhubart

15 Lessons from 15 Years as a Software Architect | Ingo Rammer In this presentation from the GOTO Conference in Copenhagen, Ingo Rammer shares 15 tips regarding people, complexity and technology that he learned doing software architecture for 15 years. Adding a runtime picker to a taskflow parameter in WebCenter | Yannick Ongena Oracle ACE Yannick Ongena shows how to create an Oracle WebCenter popup to allow users to "select items or do more complex things." Oracle Identity Manager 11g R2 Catalog | Daniel Gralewski Oracle Fusion Middleware A-Team blogger Daniel Gralewski shares a detailed overview of the new Catalog feature, one of the most talked about features in the latest release of Oracle Identity Manager 11g. Cloud API and service designers, stop thinking small | Cloud Computing - InfoWorld "The focus must shift away from fine-grained APIs that provide some type of primitive service, such as pushing data to a block of storage or perhaps making a request to a cloud-rooted database," says InfoWorld's David Linthicum. "To go beyond primitives, you must understand how these services should be used in a much larger architectural context. In other words, you need to understand how businesses will employ these services to form real workplace solutions -- inside and outside the enterprise." Oracle Solaris 8 P2V with Oracle database 10.2 and ASM | Orgad Kimchi Orgad Kimchi's technical post illustrates the migration of "a Solaris 8 physical system, with Oracle database version 10.2.0.5 with ASM file-system located on a SAN storage, into a Solaris 8 branded zone inside a Solaris 10 guest domain on top of a Solaris 11 control domain." Thought for the Day "The hardest single part of building a software system is deciding precisely what to build. " — Fred Brooks Source: SoftwareQuotes.com

Read the article
Come see me @LISA

- by mgerdts

LISA '11 is just around the corner and once again includes an Oracle Solaris Summit the day before the main conference. Please come to the summit and to as my esteemed colleagues and I introduce many of the great improvements found in Solaris 11. Even with a full day to talk about Solaris 11, we'll certainly be unable to get into the depth in the areas that concern you the most. To get some face time with Oracle engineers, stop by the Oracle demo booth - I'll be there Wednesday from 2:00 - 4:00.

Read the article
Focus On Systems Admins and Developers

- by rickramsey

Even if you're not going to Oracle Open World, you might find it interesting to hear what the different technology groups at Oracle are going to be talking about. And if you are going, here's your Systems schedule: Note: all links go to PDF files. Focus On: Oracle Linux Focus On: Oracle Solaris Focus On: Oracle Solaris Cluster Focus On: Oracle Solaris Studio Focus On: Desktop Virtualization Focus On: Oracle VM Server Virtualization Focus On: SPARC Servers Focus On: Storage Focus On: SPARC Supercluster - Rick Website Newsletter Facebook Twitter

Read the article
Multiple Denial of Service (DoS) vulnerabilities in Apache Tomcat

- by chandan

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution CVE-2011-4858 Resource Management Errors vulnerability 5.0 Apache Tomcat Solaris 11 11/11 SRU 4 Solaris 10 SPARC: 122911-29 X86: 122912-29 Solaris 9 Contact Support CVE-2012-0022 Numeric Errors vulnerability 5.0 This notification describes vulnerabilities fixed in third-party components that are included in Sun's product distribution.Information about vulnerabilities affecting Oracle Sun products can be found on Oracle Critical Patch Updates and Security Alerts page.

Read the article
CVE-2012-1182 Arbitrary code execution vulnerability in Samba

- by chandan

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution CVE-2012-1182 Arbitrary code execution vulnerability 10 Samba Solaris 10 SPARC: 119757-22 x86: 119758-22 Solaris 11 11/11 SRU 7.5 Solaris 9 SPARC: 114684-18 x86: 114685-18 This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

Read the article
Multiple vulnerabilities in Foomatic

- by chandan

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution CVE-2011-2697 Improper Input Validation vulnerability 6.8 Foomatic Solaris 11 11/11 SRU 8.5 Solaris 10 Contact Support Solaris 9 Contact Support CVE-2011-2964 Improper Control of Generation of Code ('Code Injection') vulnerability 6.8 This notification describes vulnerabilities fixed in third-party components that are included in Sun's product distribution.Information about vulnerabilities affecting Oracle Sun products can be found on Oracle Critical Patch Updates and Security Alerts page.

Read the article
CVE-2012-5526 Configuration vulnerability in Perl

- by RitwikGhoshal

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution CVE-2012-5526 Configuration vulnerability 5.0 Perl Solaris 10 Patches planned but not yet available Solaris 11.1 11.1.7.5.0 Solaris 9 Patches planned but not yet available This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

Read the article
CVE-2011-3439 Denial of Service (DoS) vulnerability in FreeType

- by chandan

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution CVE-2011-3439 Denial of Service (DoS) vulnerability 9.3 FreeType Font Engine Solaris 11 Contact Support Solaris 10 SPARC: 119812-14 X86: 119813-16 Solaris 9 Contact Support This notification describes vulnerabilities fixed in third-party components that are included in Sun's product distribution.Information about vulnerabilities affecting Oracle Sun products can be found on Oracle Critical Patch Updates and Security Alerts page.

Read the article
October 2012 Security "Critical Patch Update" (CPU) information and downloads released

- by user12244672

The October 2012 security "Critical Patch Update" information and downloads are now available from My Oracle Support (MOS). See http://www.oracle.com/technetwork/topics/security/alerts-086861.html and in particular Document 1475188.1 on My Oracle Support (MOS), http://support.oracle.com, which includes security CVE mappings for Oracle Sun products. For Solaris 11, Doc 1475188.1 points to the relevant SRUs containing the fixes for each issue. SRU12.4 was released on the CPU date and contains the current cumulative security fixes for the Solaris 11 OS. For Solaris 10, we take a copy of the Recommended Solaris OS patchset containing the relevant security fixes and rename it as the October CPU patchset on MOS. See link provided from Doc 1475188.1 Doc 1475188.1 also contains references for Firmware, etc., and links to other useful security documentation, including information on Userland/FOSS vulnerabilities and fixes in https://blogs.oracle.com/sunsecurity/

Read the article
October 2012 Security "Critical Patch Update" (CPU) information and downloads released

- by user12244672

The October 2012 security "Critical Patch Update" information and downloads are now available from My Oracle Support (MOS). See http://www.oracle.com/technetwork/topics/security/alerts-086861.html and in particular Document 1475188.1 on My Oracle Support (MOS), http://support.oracle.com, which includes security CVE mappings for Oracle Sun products. For Solaris 11, Doc 1475188.1 points to the relevant SRUs containing the fixes for each issue. SRU12.4 was released on the CPU date and contains the current cumulative security fixes for the Solaris 11 OS. For Solaris 10, we take a copy of the Recommended Solaris OS patchset containing the relevant security fixes and rename it as the October CPU patchset on MOS. See link provided from Doc 1475188.1 Doc 1475188.1 also contains references for Firmware, etc., and links to other useful security documentation, including information on Userland/FOSS vulnerabilities and fixes in https://blogs.oracle.com/sunsecurity/

Read the article
CVE-2012-0841 Denial of Service (DoS) vulnerability in libxml2

- by chandan

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution CVE-2012-0841 Denial of Service (DoS) vulnerability 5.0 libxml2 Solaris 11 11/11 SRU 10.5 Solaris 10 SPARC: 125731-08 X86: 125732-08 Solaris 9 SPARC: 114014-29 X86: 114015-29 This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

Read the article
CVE-2012-5166 Denial of Service vulnerability in ISC BIND

- by Umang_D

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution CVE-2012-5166 Denial of Service vulnerability 7.8 BIND Solaris 11 Contact Support Solaris 10 SPARC : 119783-25 x86 : 119784-25 Solaris 9 Contact Support This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

Read the article
Good Bye FY'14

- by rajeshr

As we welcome Fiscal Year 2015 at Oracle, looking forward to an exciting times ahead, let me take a moment to reflect on the last few laps of the FY'14. No better way to do that putting up pictures that speaks thousand words. A huge batch who attended back to back programs on Solaris 11 Network Administration, Solaris ZFS Administration, Solaris Zone Administration (19 - 30 May 2014) at Hyderabad. Transition to Solaris 11 session (5-9 May 2014) at Hyderabad. Exadata Install & Maintenance session (28 April - 2 May 2014) at Singapore.

Read the article
CVE-2011-0465 Improper Input Validation vulnerability in X.Org

- by chandan

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution CVE-2011-0465 Improper Input Validation vulnerability 9.3 X.Org Solaris 10 SPARC: 147227-01 X86: 147228-01 Solaris 9 Contact Support Solaris 8 Contact Support This notification describes vulnerabilities fixed in third-party components that are included in Sun's product distribution.Information about vulnerabilities affecting Oracle Sun products can be found on Oracle Critical Patch Updates and Security Alerts page.

Read the article
CVE-2011-3102 Numeric Errors vulnerability in libxml2

- by chandan

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution CVE-2011-3102 Numeric Errors vulnerability 10.0 libxml2 Solaris 11 11/11 SRU 10.5 Solaris 10 SPARC : 125731-08 , x86 : 125732-08 Solaris 9 Contact Support This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

Read the article
Multiple Denial of Service (DoS) vulnerabilities in libxml2

- by chandan

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution CVE-2011-3905 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability 5.0 libxml2 Solaris 11 Contact Support Solaris 10 SPARC: 125731-07 X86: 125732-07 Solaris 9 Contact Support CVE-2011-3919 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability 7.5 This notification describes vulnerabilities fixed in third-party components that are included in Sun's product distribution.Information about vulnerabilities affecting Oracle Sun products can be found on Oracle Critical Patch Updates and Security Alerts page.

Read the article
Multiple Denial of Service (DoS) vulnerabilities in libxml2

- by chandan

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution CVE-2011-2821 Resource Management Errors vulnerability 7.5 libxml2 Solaris 11 Contact Support Solaris 10 SPARC: 125731-07 X86: 125732-07 Solaris 9 Contact Support CVE-2011-2834 Resource Management Errors vulnerability 6.8 This notification describes vulnerabilities fixed in third-party components that are included in Sun's product distribution.Information about vulnerabilities affecting Oracle Sun products can be found on Oracle Critical Patch Updates and Security Alerts page.

Read the article
CVE-2012-4244 Denial of Service vulnerability in ISC BIND

- by Umang_D

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution CVE-2012-4244 Denial of Service vulnerability 7.8 BIND Solaris 11 Contact Support Solaris 10 SPARC : 119783-24 , x86 : 119784-24 Solaris 9 SPARC : 112837-28 , x86 : 114265-27 This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

Read the article
CVE-2011-0216 Denial of Service (DoS) vulnerability in libxml2

- by chandan

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution CVE-2011-0216 Numeric Errors vulnerability 9.3 libxml2 Solaris 11 Contact Support Solaris 10 SPARC: 125731-07 X86: 125732-07 Solaris 9 Contact Support This notification describes vulnerabilities fixed in third-party components that are included in Sun's product distribution.Information about vulnerabilities affecting Oracle Sun products can be found on Oracle Critical Patch Updates and Security Alerts page.

Read the article
'outlier': I/O ???

- by katsumii

??? outlier ???????????????????????????????? - Wikipedia???(????)????????????????????????????????????????????????????????????????outlier site:docs.oracle.com - Google SearchOutlier Update Percent (MRP and Supply Chain Planning Help) Oracle Demantra Implementation Guide OraSVMClassificationSettings (Oracle Data Mining Java API ... Defining a Forecast Set (MRP and Supply Chain Planning Help)????????????????????? I/O ???????????? ????????? 'Exadata' ? 'outlier' ???????????????????????????????Guy Harrison - Yet Another Database Blog - Exadata Smart Flash Logging–Outliersflash log feature was effective in eliminating or at least reducing very extreme outlying redo log sync times.????????? Solaris 11.1 ?? I/O ??????????????????????Oracle Announces Availability of Oracle Solaris 11.1 and Oracle Solaris Cluster 4.1Oracle Solaris 11.1 exposes OracleSolaris DTraceI/O interfaces that allow an Oracle Database administrator to identify I/O outliers and subsequently isolate network or storage bottlenecks.

Read the article
[Get Proactive!] Oracle Service Tools Bundle (STB) ???????????????????????????????

- by aiyoku

??????????????????·?????????? ?????????·?????????????????????·?????????? ?????????·???????????????????????·????????? ???Solaris????????·??????????????????????????????????????????????? ?????????????????????????????????????????????????????????????????? LED ?????????????????????? ??????????????????LED ????????????????????????????????????????????????? ???LED??????????????????????????????????????????????????????????????????????????????????????????????????????????????? ???????????????????????????????????????????????????????????????????????????????????????????????????????????? ????????·?????????????????????????????????????????????????????????????????????????Oracle Service Tools Bundle (STB) ??????????????????? ?????????????????????????? Oracle Explorer Data Collector Oracle Remote Diagnostic Agent (RDA) Oracle Autonomous Crashdump Tool (ACT) Oracle Explorer Data Collector - ???????????Solaris????????·?????????????????? Oracle Explorer Data Collector??????????????? ???????????????????????????????????·????????????????????????????????????????????·????????·???????????????? ???????????????????????????????·?????????????????????? ???????·?????????????????????????????????????? ???? ???????????????????????????????????????????????????????????? Oracle Services Tools Bundle (STB) - RDA/Explorer, SNEEP, ACT - ??? (Doc ID 1496381.1) Oracle Explorer Data Collector???????·?????? (Doc ID 1571154.1) ??: ?????????????????·????????????????????????????????????·??????????????????????? ?????????????????·??????????????????????????????????? Oracle Remote Diagnostic Agent (RDA) - Solaris ???????????·????????????? MacOS?UNIX?VMS?Windows??????Oracle Remote Diagnostic Agent (RDA) ?????????????????????? Oracle Remote Diagnostic Agent (RDA)??perl???????????????????????Perl???????????????????????????????????????? Oracle Remote Diagnostic Agent (RDA) ?????????????????????????? Remote Diagnostic Agent (RDA) - Getting Started (Doc ID 314422.1) ???Solaris ????????·???????RDA?????Oracle Explorer Data Collector???????? Oracle Autonomous Crashdump Tool (ACT) - kernel core dump ??????????????? ????·?????????·????????????·???????????????????????????????????? ????kernel core????????????????? Solaris[TM]????????·????: x86???x64?????????·??·?????????????? (Doc ID 1515734.1) ????·??????????????kernel core dump????????????????kernel core dump??????????????????????·??????????????????? ?????kernel core dump????????????????????????????????????????????? Oracle Autonomous Crashdump Tool (ACT) ? Services Tools Bundle (STB) ???????????? ????????????????????????????????????????????????????·?????????????????kernel core dump ?????·?????????????????Oracle Autonomous Crashdump Tool (ACT) ????????·???????????????????? Oracle Autonomous Crashdump Tool (ACT)?????????? Oracle Autonomous Crashdump Tool (ACT) - ??? (Doc ID 1596529.1) ???????

Read the article
10??OTN????????

- by OTN-J Master

10???????????????????????????????????????????????????????????????????[10/23(?)??] Oracle Solaris ??????? #7 [10/23(?)??] Oracle MySQL Tech Tour - Osaka[10/24(?)??] WebLogic Server???[10/24(?)??] ?????? Oracle Application Testing Suite??????[10/24(?)??] ?92? ????! ???????? Oracle RAC ???????! -??????! RAC?????????? [10/25(?)??] ?????! ???????????????????????(???)[10/25(?)??] Oracle MySQL Tech Tour - Tokyo [10/26(?)??] Oracle MySQL Tech Tour - Fukuoka[10/30(?)??] Oracle Days Tokyo 2012>>??????????????????(oracle.com???) Oracle Solaris ??????? #7 ???: 10?23?(?) 18:30~20:40???: ?????????? ?? 13F??????? ???: ???????????????? Solaris ????????? 7 ????? Oracle Solaris ??????????Oracle Solaris ????????????????? ????Oralce Solaris ????????????!??????????????????Oracle OpenWolrd 2012 ??????Oracle Solaris ?????????????????????? ?????? 3 ??????????????????????????? ????????????????????????Solaris ???????????????????????????????????????????????? >> ??·???????? ?????? Oracle MySQL Tech Tour - Osaka??! ???: 10?23?(?)13:30~17:00???: ??(??????????????????) ???:???MySQL?????????????????MySQL?????Oracle MySQL Tech Tour - Osaka??????????MySQL????·??????????????????????????????????????????????·????·?? ????? ??????MySQL??????????????????? ????????????????????????? ????????????????• MySQL???? ??????????????·??????????? • MySQL????????????????? • MySQL????????????????? MySQL??????????????????????????????????DBA????????IT??????MySQL????????????????????? >> ??·???????? ?????? ?29? WebLogic Server???@?? ???: 10?24?(?) 18:30~20:40 ???: ?????????? ??13F??????? ???: ?29? WebLogic Server???@???????????????WebLogic Server?????:???????????????????iPad???????????2???????????????WebLogic Server????????????????WebLogic Server??????????????????????·????????????????????????????????JDBC??? ?????????????????? ??????WebLogic Server?????:?????????WebLogic Server???????????????????????????????????????iPad?????????????????????????????????????????????WebLogic Server???Oracle JDeveloper????? ?Oracle Application Development Framework (ADF)????????? ?WebCenter Framework ????????????????????????????????????????????????????????????????????????????????????????WebLogic Server????????????????????????????????????WebLogic Server????????????WebLogic Server?????????????????????????????????????!???????????????????Java EE6???????????? >> ??·???????? ?????? ?Oracle Application Testing Suite??????????????????Web????????????????????·??? ??????! ???: 10?24?(?) 13:30 ~ 18:00 ???: ?????????? ?? ???:???Web????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????Oracle Application Testing Suite??Web???????????????????????????????????????????????????????????????????????????????????????????????????????????Oracle Application Testing Suite???????????????????????????????????? >> ??·???????? ?????? ?92? ????! ???????? Oracle RAC ???????! -??????! RAC?????????? ???: 10?24?(?)18:30~20:00???: ?????? ???????????? ???:18?????????????????????! ???????????92????RAC?????????????????????????????????????????RAC???????RAC????·???????·???????????????????????Oracle Database??????????????????????????Oracle RAC???????????????????????????????????????????????????RAC????????RAC??????????????RAC??????????????????????????RAC???????????????????????????????????????????????????????????????RAC???????????????????????????????????Oracle??????????????RAC????????????????????????????????????????????????????????????????????????RAC????????????????????????????????RAC?DB??? ???????????????? ????????! >> ??·???????? ?????? ?????! ???????????????????????(???) ???: 10?25?(?)???:13:30~15:30 ???: 18:00~20:00???: ?????????? ?? ???:???????????????????????????????????????????? ·??????????????? ·?????????????????????????????? ·??????????????????????????Oracle Enterprise Manager?????Oracle Database Enterprise Edition?????????????????????????????????????????????????/????????????????????????????????????????????????????????????????????????????????????????????????????????·??????????????????? ??????????????????????????????????????>> ??·???????? ?????? Oracle MySQL Tech Tour - Tokyo ???: 10?25?(?)13:30~17:00???: ?????????? ?? 13F??????????:???MySQL?????????????????MySQL?????Oracle MySQL Tech Tour - Tokyo??????????MySQL????·??????????????????????????????????????????????·????·?? ????? ??????MySQL??????????????????? ????????????????????????? ????????????????• MySQL???? ??????????????·??????????? • MySQL????????????????? • MySQL????????????????? MySQL??????????????????????????????????DBA????????IT??????MySQL?????????????????????>> ??·???????? ?????? Oracle MySQL Tech Tour - Fukuoka ???: 10?26?(?)13:30~17:00???: ?? ???????? ???? 8F??????? ???: ???MySQL?????????????????MySQL?????Oracle MySQL Tech Tour - Fukuoka??????????????? MySQL????·??????????????????????????????????????????????·????·?? ????? ??????MySQL??????????????????? ????????????????????????? ????????????????•MySQL???? ??????????????·??????????? •MySQL????????????????? •MySQL????????????????? MySQL??????????????????????????????????DBA????????IT??????MySQL????????????????????? >> ??·???????? ?????? Oracle Days 2012 Tokyo ???: 10?30?(?)·31(?)10:00 ~ 18:00 ???: ??????????? ???: ?????????????????????10????????Oracle OpenWorld???????????????????????????????????IT????????????????????????????????????????????????????????????????IT??????????>> ?????????? / ???????? ??????

Read the article
Configuring Oracle iPlanet WebServer / Oracle Traffic Director to use crypto accelerators on T4-1 servers

- by mv

Configuring Oracle iPlanet Web Server / Oracle Traffic Director to use crypto accelerators on T4-1 servers Jyri had written a technical article on Configuring Solaris Cryptographic Framework and Sun Java System Web Server 7 on Systems With UltraSPARC T1 Processors. I tried to find out what has changed since then in T4. I have used a T4-1 SPARC system with Solaris 10. Results slightly vary for Solaris 11. For Solaris 11, the T4 optimization was implemented in libsoftcrypto.so while it was in pkcs11_softtoken_extra.so for Solaris 10. Overview of T4 processors is here in this blog. Many thanx to Chi-Chang Lin and Julien for their help. 1. Install Oracle iPlanet Web Server / Oracle Traffic Director. Go to instance/config directory. # cd /opt/oracle/webserver7/https-hostname.fqdn/config 2. List default PKCS#11 Modules # ../../bin/modutil -dbdir . -listListing of PKCS #11 Modules-----------------------------------------------------------1. NSS Internal PKCS #11 Moduleslots: 2 slots attachedstatus: loadedslot: NSS Internal Cryptographic Servicestoken: NSS Generic Crypto Servicesslot: NSS User Private Key and Certificate Servicestoken: NSS Certificate DB2. Root Certslibrary name: libnssckbi.soslots: 1 slot attachedstatus: loadedslot: NSS Builtin Objectstoken: Builtin Object Token----------------------------------------------------------- 3. Initialize the soft token data store in the $HOME/.sunw/pkcs11_softtoken/ directory # pktool setpin keystore=pkcs11Enter token passphrase: olderpasswordCreate new passphrase: passwordRe-enter new passphrase: passwordPassphrase changed. 4. Offload crypto operations to Solaris Crypto Framework on T4 $ ../../bin/modutil -dbdir . -nocertdb -add SCF -libfile /usr/lib/libpkcs11.so -mechanisms RSA:AES:SHA1:MD5 Module "SCF" added to database. Note that -nocertdb means modutil won't try to open the NSS softoken key database. It doesn't even have to be present. PKCS#11 library used is /usr/lib/libpkcs11.so. If the server is running in 64 bit mode, we have to use /usr/lib/64/libpkcs11.so Unlike T1 and T2, in T4 we do not have to disable mechanisms in softtoken provider using cryptoadm. 5. List again to check that a new module SCF is added # ../../bin/modutil -dbdir . -list Listing of PKCS #11 Modules-----------------------------------------------------------1. NSS Internal PKCS #11 Moduleslots: 2 slots attachedstatus: loadedslot: NSS Internal Cryptographic Servicestoken: NSS Generic Crypto Servicesslot: NSS User Private Key and Certificate Servicestoken: NSS Certificate DB2. SCFlibrary name: /usr/lib/libpkcs11.soslots: 2 slots attachedstatus: loadedslot: Sun Metaslottoken: Sun Metaslotslot: n2rng/0 SUNW_N2_Random_Number_Generator token: n2rng/0 SUNW_N2_RNG 3. Root Certs library name: libnssckbi.so slots: 1 slot attached status: loaded slot: NSS Builtin Objects token: Builtin Object Token----------------------------------------------------------- 6. Create certificate in “Sun Metaslot” : I have used certutil, but you must use Admin Server CLI / GUI # ../../bin/certutil -S -x -n "Server-Cert" -t "CT,CT,CT" -s "CN=*.fqdn" -d . -h "Sun Metaslot"Enter Password or Pin for "Sun Metaslot": password 7. Verify that the certificate is created properly in “Sun Metslaot” # ../../bin/certutil -L -d . -h "Sun Metaslot"Certificate Nickname Trust AttributesSSL,S/MIME,JAR/XPIEnter Password or Pin for "Sun Metaslot": passwordSun Metaslot:Server-Cert CTu,Cu,Cu# 8. Associate this newly created certificate to http listener using Admin CLI/GUI. After that server.xml should have <http-listener> ... <ssl> <server-cert-nickname>Sun Metaslot:Server-Cert</server-cert-nicknamer> </ssl> Note the prefix "Sun Metaslot" 9. Disable PKCS#11 bypass To use the accelerated AES algorithm, turn off PKCS#11 bypass, and configure modutil to have the AES mechanism go to the Metaslot. After you disable PKCS#11 bypasss using Admin GUI/CLI, check that server.xml should have <server> .... <pkcs11> <enabled>1</enabled> <allow-bypass>0</allow-bypass> </pkcs11> With PKCS#11 bypass enabled, Oracle iPlanet Web Server will only use the RSA capability of the T4, provided certificate and key are stored in the T4 slot (Metaslot). Actually, the RSA op is never bypassed in NSS, it's always done with PKCS#11 calls. So the bypass settings won't affect the behavior of the probes for RSA at all. The only thing that matters if where the RSA key and certificate live, ie. which PKCS#11 token, and thus which PKCS#11 module gets called to do the work. If your certificate/key are in the NSS certificate/key db, you will see libsoftokn3/libfreebl libraries doing the RSA work. If they are in the Sun Metaslot, it should be the Solaris code. 10. Start the server instance # ../bin/startserv Oracle iPlanet Web Server 7.0.16 B09/14/2012 03:33Please enter the PIN for the "Sun Metaslot" token: password...info: HTTP3072: http-listener-1: https://hostname.fqdn:80 ready to accept requestsinfo: CORE3274: successful server startup 11. Figure out which process to run this DTrace script on # ps -eaf | grep webservd | grep -v dogwebservd 18224 18223 0 13:17:25 ? 0:07 webservd -d /opt/oracle/webserver7/https-hostname.fqdn/config -r /opt/root 18225 18224 0 13:17:25 ? 0:00 webservd -d /opt/oracle/webserver7/https-hostname.fqdn/config -r /opt/ (For Oracle Traffic Director look for process named "trafficd") We see that the child process id is “18225” 12. Clients for testing : You can use any browser. I used NSS tool tstclnt for testing $cat > req.txtGET /index.html HTTP/1.0 For checking both RSA and AES, I used cipher “:0035” which is TLS_RSA_WITH_AES_256_CBC_SHA $./tstclnt -h hostname -p 80 -d . -T -f -o -v -c “:0035” < req.txt 13. How do I make sure that crypto accelerator is being used 13.1 Create DTrace script The following D script should be able to uncover whether T4-specific crypto routine are being called or not. It also displays stats per second. # cat > t4crypto.d#!/usr/sbin/dtrace -spid$target::*rsa*:entry,pid$target::*yf*:entry{ @ops[probemod, probefunc] = count();}tick-1sec{ printa(@ops); trunc(@ops);} Invoke with './t4crypto.d -p <pid> ' 13.2 EXPECTED PROBES FOR Solaris 10 : If offloading to T4 HW are correctly set up, the expected DTrace output would have these probes and libraries library Operations PROBES pkcs11_softtoken_extra.so RSA soft_decrypt_rsa_pkcs_decode, soft_encrypt_rsa_pkcs_encode soft_rsa_crypt_init_common soft_rsa_decrypt, soft_rsa_encrypt soft_rsa_decrypt_common, soft_rsa_encrypt_common AES yf_aes_instructions_present yf_aes_expand256, yf_aes256_cbc_decrypt, yf_aes256_cbc_encrypt, yf_aes256_load_keys_for_decrypt, yf_aes256_load_keys_for_encrypt, Note that these are for 256, same for 128, 192... these are for cbc, same for ecb, ctr, cfb128... DES yf_des_expand, yf_des_instructions_present yf_des_encrypt libmd_psr.so MD5 yf_md5_multiblock, yf_md5_instruction_present SHA1 yf_sha1_instruction_present, yf_sha1_multibloc 13.3 SAMPLE OUTPUT FOR CIPHER TLS_RSA_WITH_AES_256_CBC_SHA (0x0035) ON T4 SPARC SOLARIS 10 WITHOUT PKCS#11 BYPASS # ./t4crypto.d -p 18225 pkcs11_softtoken_extra.so.1 soft_decrypt_rsa_pkcs_decode 1 pkcs11_softtoken_extra.so.1 soft_rsa_crypt_init_common 1 pkcs11_softtoken_extra.so.1 soft_rsa_decrypt 1 pkcs11_softtoken_extra.so.1 big_mp_mul_yf 2 pkcs11_softtoken_extra.so.1 mpm_yf_mpmul 2 pkcs11_softtoken_extra.so.1 mpmul_arr_yf 2 pkcs11_softtoken_extra.so.1 rijndael_key_setup_enc_yf 2 pkcs11_softtoken_extra.so.1 soft_rsa_decrypt_common 2 pkcs11_softtoken_extra.so.1 yf_aes_expand256 2 pkcs11_softtoken_extra.so.1 yf_aes256_cbc_decrypt 3 pkcs11_softtoken_extra.so.1 yf_aes256_load_keys_for_decrypt 3 pkcs11_softtoken_extra.so.1 big_mont_mul_yf 6 pkcs11_softtoken_extra.so.1 mm_yf_montmul 6 pkcs11_softtoken_extra.so.1 yf_des_instructions_present 6 pkcs11_softtoken_extra.so.1 yf_aes256_cbc_encrypt 8 pkcs11_softtoken_extra.so.1 yf_aes256_load_keys_for_encrypt 8 pkcs11_softtoken_extra.so.1 yf_mpmul_present 8 pkcs11_softtoken_extra.so.1 yf_aes_instructions_present 13 pkcs11_softtoken_extra.so.1 yf_des_encrypt 18 libmd_psr.so.1 yf_md5_multiblock 41 libmd_psr.so.1 yf_md5_instruction_present 72 libmd_psr.so.1 yf_sha1_instruction_present 82 libmd_psr.so.1 yf_sha1_multiblock 82 This indicates that both RSA and AES ops are done in Solaris Crypto Framework. 13.4 SAMPLE OUTPUT FOR CIPHER TLS_RSA_WITH_AES_256_CBC_SHA (0x0035) ON T4 SPARC SOLARIS 10 WITH PKCS#11 BYPASS # ./t4crypto.d -p 18225 pkcs11_softtoken_extra.so.1 soft_decrypt_rsa_pkcs_decode 1 pkcs11_softtoken_extra.so.1 soft_rsa_crypt_init_common 1 pkcs11_softtoken_extra.so.1 soft_rsa_decrypt 1 pkcs11_softtoken_extra.so.1 soft_rsa_decrypt_common 1 pkcs11_softtoken_extra.so.1 big_mp_mul_yf 2 pkcs11_softtoken_extra.so.1 mpm_yf_mpmul 2 pkcs11_softtoken_extra.so.1 mpmul_arr_yf 2 pkcs11_softtoken_extra.so.1 big_mont_mul_yf 6 pkcs11_softtoken_extra.so.1 mm_yf_montmul 6 pkcs11_softtoken_extra.so.1 yf_mpmul_present 8 For this cipher, when I enable PKCS#11 bypass, Only RSA probes are being hit AES probes are not being hit. 13.5 ustack() for RSA operations / probefunc == "soft_rsa_decrypt" / Shows that libnss3.so is calling C_* functions of libpkcs11.so which is calling functions of pkcs11_softtoken_extra.so for both cases with and without bypass. When PKCS#11 bypass is disabled (allow-bypass is 0) pkcs11_softtoken_extra.so.1`soft_rsa_decrypt pkcs11_softtoken_extra.so.1`soft_rsa_decrypt_common+0x94 pkcs11_softtoken_extra.so.1`soft_unwrapkey+0x258 pkcs11_softtoken_extra.so.1`C_UnwrapKey+0x1ec libpkcs11.so.1`meta_unwrap_key+0x17c libpkcs11.so.1`meta_UnwrapKey+0xc4 libpkcs11.so.1`C_UnwrapKey+0xfc libnss3.so`pk11_AnyUnwrapKey+0x6b8 libnss3.so`PK11_PubUnwrapSymKey+0x8c libssl3.so`ssl3_HandleRSAClientKeyExchange+0x1a0 libssl3.so`ssl3_HandleClientKeyExchange+0x154 libssl3.so`ssl3_HandleHandshakeMessage+0x440 libssl3.so`ssl3_HandleHandshake+0x11c libssl3.so`ssl3_HandleRecord+0x5e8 libssl3.so`ssl3_GatherCompleteHandshake+0x5c libssl3.so`ssl_GatherRecord1stHandshake+0x30 libssl3.so`ssl_Do1stHandshake+0xec libssl3.so`ssl_SecureRecv+0x1c8 libssl3.so`ssl_Recv+0x9c libns-httpd40.so`__1cNDaemonSessionDrun6M_v_+0x2dc When PKCS#11 bypass is enabled (allow-bypass is 1) pkcs11_softtoken_extra.so.1`soft_rsa_decrypt pkcs11_softtoken_extra.so.1`soft_rsa_decrypt_common+0x94 pkcs11_softtoken_extra.so.1`C_Decrypt+0x164 libpkcs11.so.1`meta_do_operation+0x27c libpkcs11.so.1`meta_Decrypt+0x4c libpkcs11.so.1`C_Decrypt+0xcc libnss3.so`PK11_PrivDecryptPKCS1+0x1ac libssl3.so`ssl3_HandleRSAClientKeyExchange+0xe4 libssl3.so`ssl3_HandleClientKeyExchange+0x154 libssl3.so`ssl3_HandleHandshakeMessage+0x440 libssl3.so`ssl3_HandleHandshake+0x11c libssl3.so`ssl3_HandleRecord+0x5e8 libssl3.so`ssl3_GatherCompleteHandshake+0x5c libssl3.so`ssl_GatherRecord1stHandshake+0x30 libssl3.so`ssl_Do1stHandshake+0xec libssl3.so`ssl_SecureRecv+0x1c8 libssl3.so`ssl_Recv+0x9c libns-httpd40.so`__1cNDaemonSessionDrun6M_v_+0x2dc libnsprwrap.so`ThreadMain+0x1c libnspr4.so`_pt_root+0xe8 13.6 ustack() FOR AES operations / probefunc == "yf_aes256_cbc_encrypt" / When PKCS#11 bypass is disabled (allow-bypass is 0) pkcs11_softtoken_extra.so.1`yf_aes256_cbc_encrypt pkcs11_softtoken_extra.so.1`aes_block_process_contiguous_whole_blocks+0xb4 pkcs11_softtoken_extra.so.1`aes_crypt_contiguous_blocks+0x1cc pkcs11_softtoken_extra.so.1`soft_aes_encrypt_common+0x22c pkcs11_softtoken_extra.so.1`C_EncryptUpdate+0x10c libpkcs11.so.1`meta_do_operation+0x1fc libpkcs11.so.1`meta_EncryptUpdate+0x4c libpkcs11.so.1`C_EncryptUpdate+0xcc libnss3.so`PK11_CipherOp+0x1a0 libssl3.so`ssl3_CompressMACEncryptRecord+0x264 libssl3.so`ssl3_SendRecord+0x300 libssl3.so`ssl3_FlushHandshake+0x54 libssl3.so`ssl3_SendFinished+0x1fc libssl3.so`ssl3_HandleFinished+0x314 libssl3.so`ssl3_HandleHandshakeMessage+0x4ac libssl3.so`ssl3_HandleHandshake+0x11c libssl3.so`ssl3_HandleRecord+0x5e8 libssl3.so`ssl3_GatherCompleteHandshake+0x5c libssl3.so`ssl_GatherRecord1stHandshake+0x30 libssl3.so`ssl_Do1stHandshake+0xec Shows that libnss3.so is calling C_* functions of libpkcs11.so which is calling functions of pkcs11_softtoken_extra.so However when PKCS#11 bypass is disabled (allow-bypass is 1) this stack isn't getting called. 14. LIST OF ALL THE PROBES MATCHED BY D SCRIPT FOR REFERENCE # ./t4crypto.d -p 18225 -l ID PROVIDER MODULE FUNCTION NAME ... 55720 pid18225 libmd_psr.so.1 yf_md5_instruction_present entry 55721 pid18225 libmd_psr.so.1 yf_sha256_instruction_present entry 55722 pid18225 libmd_psr.so.1 yf_sha512_instruction_present entry 55723 pid18225 libmd_psr.so.1 yf_sha1_instruction_present entry 55724 pid18225 libmd_psr.so.1 yf_sha256 entry 55725 pid18225 libmd_psr.so.1 yf_sha256_multiblock entry 55726 pid18225 libmd_psr.so.1 yf_sha512 entry 55727 pid18225 libmd_psr.so.1 yf_sha512_multiblock entry 55728 pid18225 libmd_psr.so.1 yf_sha1 entry 55729 pid18225 libmd_psr.so.1 yf_sha1_multiblock entry 55730 pid18225 libmd_psr.so.1 yf_md5 entry 55731 pid18225 libmd_psr.so.1 yf_md5_multiblock entry 55732 pid18225 pkcs11_softtoken_extra.so.1 yf_aes_instructions_present entry 55733 pid18225 pkcs11_softtoken_extra.so.1 rijndael_key_setup_enc_yf entry 55734 pid18225 pkcs11_softtoken_extra.so.1 yf_aes_expand128 entry 55735 pid18225 pkcs11_softtoken_extra.so.1 yf_aes_encrypt128 entry 55736 pid18225 pkcs11_softtoken_extra.so.1 yf_aes_decrypt128 entry 55737 pid18225 pkcs11_softtoken_extra.so.1 yf_aes_expand192 entry 55738 pid18225 pkcs11_softtoken_extra.so.1 yf_aes_encrypt192 entry 55739 pid18225 pkcs11_softtoken_extra.so.1 yf_aes_decrypt192 entry 55740 pid18225 pkcs11_softtoken_extra.so.1 yf_aes_expand256 entry 55741 pid18225 pkcs11_softtoken_extra.so.1 yf_aes_encrypt256 entry 55742 pid18225 pkcs11_softtoken_extra.so.1 yf_aes_decrypt256 entry 55743 pid18225 pkcs11_softtoken_extra.so.1 yf_aes128_load_keys_for_encrypt entry 55744 pid18225 pkcs11_softtoken_extra.so.1 yf_aes192_load_keys_for_encrypt entry 55745 pid18225 pkcs11_softtoken_extra.so.1 yf_aes256_load_keys_for_encrypt entry 55746 pid18225 pkcs11_softtoken_extra.so.1 yf_aes128_ecb_encrypt entry 55747 pid18225 pkcs11_softtoken_extra.so.1 yf_aes192_ecb_encrypt entry 55748 pid18225 pkcs11_softtoken_extra.so.1 yf_aes256_ecb_encrypt entry 55749 pid18225 pkcs11_softtoken_extra.so.1 yf_aes128_cbc_encrypt entry 55750 pid18225 pkcs11_softtoken_extra.so.1 yf_aes192_cbc_encrypt entry 55751 pid18225 pkcs11_softtoken_extra.so.1 yf_aes256_cbc_encrypt entry 55752 pid18225 pkcs11_softtoken_extra.so.1 yf_aes128_ctr_crypt entry 55753 pid18225 pkcs11_softtoken_extra.so.1 yf_aes192_ctr_crypt entry 55754 pid18225 pkcs11_softtoken_extra.so.1 yf_aes256_ctr_crypt entry 55755 pid18225 pkcs11_softtoken_extra.so.1 yf_aes128_cfb128_encrypt entry 55756 pid18225 pkcs11_softtoken_extra.so.1 yf_aes192_cfb128_encrypt entry 55757 pid18225 pkcs11_softtoken_extra.so.1 yf_aes256_cfb128_encrypt entry 55758 pid18225 pkcs11_softtoken_extra.so.1 yf_aes128_load_keys_for_decrypt entry 55759 pid18225 pkcs11_softtoken_extra.so.1 yf_aes192_load_keys_for_decrypt entry 55760 pid18225 pkcs11_softtoken_extra.so.1 yf_aes256_load_keys_for_decrypt entry 55761 pid18225 pkcs11_softtoken_extra.so.1 yf_aes128_ecb_decrypt entry 55762 pid18225 pkcs11_softtoken_extra.so.1 yf_aes192_ecb_decrypt entry 55763 pid18225 pkcs11_softtoken_extra.so.1 yf_aes256_ecb_decrypt entry 55764 pid18225 pkcs11_softtoken_extra.so.1 yf_aes128_cbc_decrypt entry 55765 pid18225 pkcs11_softtoken_extra.so.1 yf_aes192_cbc_decrypt entry 55766 pid18225 pkcs11_softtoken_extra.so.1 yf_aes256_cbc_decrypt entry 55767 pid18225 pkcs11_softtoken_extra.so.1 yf_aes128_cfb128_decrypt entry 55768 pid18225 pkcs11_softtoken_extra.so.1 yf_aes192_cfb128_decrypt entry 55769 pid18225 pkcs11_softtoken_extra.so.1 yf_aes256_cfb128_decrypt entry 55771 pid18225 pkcs11_softtoken_extra.so.1 yf_des_instructions_present entry 55772 pid18225 pkcs11_softtoken_extra.so.1 yf_des_expand entry 55773 pid18225 pkcs11_softtoken_extra.so.1 yf_des_encrypt entry 55774 pid18225 pkcs11_softtoken_extra.so.1 yf_mpmul_present entry 55775 pid18225 pkcs11_softtoken_extra.so.1 yf_montmul_present entry 55776 pid18225 pkcs11_softtoken_extra.so.1 mm_yf_montmul entry 55777 pid18225 pkcs11_softtoken_extra.so.1 mm_yf_montsqr entry 55778 pid18225 pkcs11_softtoken_extra.so.1 mm_yf_restore_func entry 55779 pid18225 pkcs11_softtoken_extra.so.1 mm_yf_ret_from_mont_func entry 55780 pid18225 pkcs11_softtoken_extra.so.1 mm_yf_execute_slp entry 55781 pid18225 pkcs11_softtoken_extra.so.1 big_modexp_ncp_yf entry 55782 pid18225 pkcs11_softtoken_extra.so.1 big_mont_mul_yf entry 55783 pid18225 pkcs11_softtoken_extra.so.1 mpmul_arr_yf entry 55784 pid18225 pkcs11_softtoken_extra.so.1 big_mp_mul_yf entry 55785 pid18225 pkcs11_softtoken_extra.so.1 mpm_yf_mpmul entry 55786 pid18225 libns-httpd40.so nsapi_rsa_set_priv_fn entry ... 55795 pid18225 libnss3.so prepare_rsa_priv_key_export_for_asn1 entry 55796 pid18225 libresolv.so.2 sunw_dst_rsaref_init entry 55797 pid18225 libnssutil3.so NSS_Get_SEC_UniversalStringTemplate entry ... 55813 pid18225 libsoftokn3.so prepare_low_rsa_priv_key_for_asn1 entry 55814 pid18225 libsoftokn3.so rsa_FormatOneBlock entry 55815 pid18225 libsoftokn3.so rsa_FormatBlock entry 55816 pid18225 libnssdbm3.so lg_prepare_low_rsa_priv_key_for_asn1 entry 55817 pid18225 libfreebl_32fpu_3.so rsa_build_from_primes entry 55818 pid18225 libfreebl_32fpu_3.so rsa_is_prime entry 55819 pid18225 libfreebl_32fpu_3.so rsa_get_primes_from_exponents entry 55820 pid18225 libfreebl_32fpu_3.so rsa_PrivateKeyOpNoCRT entry 55821 pid18225 libfreebl_32fpu_3.so rsa_PrivateKeyOpCRTNoCheck entry 55822 pid18225 libfreebl_32fpu_3.so rsa_PrivateKeyOpCRTCheckedPubKey entry 55823 pid18225 pkcs11_kernel.so.1 key_gen_rsa_by_value entry 55824 pid18225 pkcs11_kernel.so.1 get_rsa_private_key entry 55825 pid18225 pkcs11_kernel.so.1 get_rsa_public_key entry 55826 pid18225 pkcs11_softtoken_extra.so.1 soft_rsa_encrypt entry 55827 pid18225 pkcs11_softtoken_extra.so.1 soft_rsa_decrypt entry 55828 pid18225 pkcs11_softtoken_extra.so.1 soft_rsa_crypt_init_common entry 55829 pid18225 pkcs11_softtoken_extra.so.1 soft_rsa_encrypt_common entry 55830 pid18225 pkcs11_softtoken_extra.so.1 soft_rsa_decrypt_common entry 55831 pid18225 pkcs11_softtoken_extra.so.1 soft_rsa_sign_verify_init_common entry 55832 pid18225 pkcs11_softtoken_extra.so.1 soft_rsa_sign_common entry 55833 pid18225 pkcs11_softtoken_extra.so.1 soft_rsa_verify_common entry 55834 pid18225 pkcs11_softtoken_extra.so.1 generate_rsa_key entry 55835 pid18225 pkcs11_softtoken_extra.so.1 soft_rsa_genkey_pair entry 55836 pid18225 pkcs11_softtoken_extra.so.1 get_rsa_sha1_prefix entry 55837 pid18225 pkcs11_softtoken_extra.so.1 soft_rsa_digest_sign_common entry 55838 pid18225 pkcs11_softtoken_extra.so.1 soft_rsa_digest_verify_common entry 55839 pid18225 pkcs11_softtoken_extra.so.1 soft_rsa_verify_recover entry 55840 pid18225 pkcs11_softtoken_extra.so.1 rsa_pri_to_asn1 entry 55841 pid18225 pkcs11_softtoken_extra.so.1 asn1_to_rsa_pri entry 55842 pid18225 pkcs11_softtoken_extra.so.1 soft_encrypt_rsa_pkcs_encode entry 55843 pid18225 pkcs11_softtoken_extra.so.1 soft_decrypt_rsa_pkcs_decode entry 55844 pid18225 pkcs11_softtoken_extra.so.1 soft_sign_rsa_pkcs_encode entry 55845 pid18225 pkcs11_softtoken_extra.so.1 soft_verify_rsa_pkcs_decode entry 55770 profile tick-1sec

Read the article
NAT for static private addresses

- by biggdman

Could someone please help me out with the following scenario: I have a machine that hosts 3 lxc containers, and acts like a router for them. The LXC containers have private ip addresses set on the interfaces that are connected to the host. I want to provide Internet access to the containers and I want to configure the host system so it translates only the addresses that are configured static on the lxc containers interfaces. Should I try to configure the host so it translates each of the 3 private addresses to the public address of the host's interface that is connected to the Internet?

Read the article

< Previous Page | 31 32 33 34 35 36 37 38 39 40 41 42 | Next Page >