Saturday June 09, 2007

Recently I wrote about an exciting new project coming to Solaris by way of the Network Auto-Magic project. I also talked about releasing a sneak peek at the promise of the Network Auto-Magic project in an upcoming OpenSolaris release. Today I am going to discuss where we are with getting this functionality into your hands.

But before we talk about releases and dates, I would like to step back a little and discuss the rationale behind the Network Auto-Magic project and the various enhancements it brings both to sysadmins as well as the so-called "end users".

The Network Auto Magic project consists of three main components. One of these is around simplifying service configuration and discovery on a network. The second is adding Network Profiles support. And the third and major component is developing a comprehensive UI to configure, automate and manage Solaris networking configuration. Let's consider each one of these is further detail.

The service discovery aspect will be implemented by enhancing the framework from Apple's Bonjour technology. One of the strengths of this technology is that it is built on top of one of the most robust and well understood internet protocols- DNS. Specifically, the technology allows applications to discover advertised services on a network. The project will deliver a public library which can be used by developers to make simple modifications to their application/service so that the services can participate in network service discovery. This reduces configuration- rather than an admin having to hard code a particular service with a certain device your application is now free to auto discover it. Eventually applications and clients can become smarter too- they can 'probe' the network on startup and unless they find a service on the network, there is no need for them to keep trying to reach a server. Like other network services delivered in Solaris, all of this functionality will be fully integrated with Service Management Facility (SMF). This component of will soon be released via an OpenSolaris build, so stay tuned!

Network profiles, the primary component of the Network Auto-Magic project are one of the ways to simplify and automate network configuration and management. They work by allowing users to specify collections of various network properties and have them be managed automatically based on different network environments. A Network Configuration Profile (NCP) will also include policy- such as which network interfaces to use, whether they should be activated automatically, and so on. At any given time, exactly one NCP and one Environment are active. Users may modify the NCP to specify how Solaris should react in a particular network environment and have the right sets of actions automatically take place. For example, if you check email at your neighborhood Starbucks you may want your laptop to connect to the WiFi access point with the correct security flavor automatically, start DHCP on it and enable DNS for host resolution. You want to turn off wired interfaces and perhaps have the display appear scrambled to anyone besides you! (We are still working on the latter. ) Then when you go back to your office and connect to a wired connection, you might expect to shut down the WiFi interface, enable certain services (such as NFS file sharing or NIS for host resolution) and have your browser use the proxy servers defined via Gconf.

Finally, lets discuss the third component of the project- the comprehensive UI. The first thing long time users of Solaris would notice- when the entire project is delivered- is that we are not just delivering incremental ease of use by cleaning up redudant code or even replacing multiple layers of CLI with a "high-level" CLI. NWAM will do both of those but it certainly does not stop there. It also delivers a comprehensive GUI with the same look and feel as the Java Desktop System. We have published a Flash based prototype based on our UI specification. Its not functionally complete and some aspects are likely to change in the final version but it does give you an idea of what you might see. And thats not all- there will be also be a separate Status Notification GUI that will give you a quick snapshot of the current network status. For example, it will graphically display the signal strength of the selected WiFi network. Routine tasks such as enabling or disabling an interface (on multiple homed machines) no longer require invoking (or knowledge of) complex CLI such as ifconfig(1M) or dladm(1M).

Now, for the sneak peak! Starting with Solaris Express Developer Edition 5/07, you will be able to preview some of the Network Auto-Magic functionality. If you are installing Solaris on a supported laptop this sneak peek is for you. (Specifically, there is a limitation that only one link is active at a time.) The major new functionality supported with this release of Solaris Express Developer Edition is WiFi support and with Network Auto Magic it just works "out of the box". All flavors of WEP and WPA2 are supported for the first time. Obviously not all laptops are supported, but common WiFi chipset implementations such as Atheros and Intel Centrino are. Solaris Express Developer Edition Release 5/07 will be available around mid-June 2007. Let's explore how the NWAM preview works.

This release of Solaris Developer Express includes the 'NWAM daemon' which allows for automated network configuration on laptops and desktop machines. This daemon monitors an available Ethernet interface and automatically enables DHCP on it. If no interface is plugged into a wired network, the NWAM daemon conducts a wireless scan and queries the user for a WiFi access point to connect to via a popup GUI. Once you select a WiFi access point and connect to it successfully that choice will be saved in a file. The next time you are in the vicinity of that WiFi network, Solaris will connect to it without user intervention. For now, there is no profile support so you wouldn't be able to do the things I described in the Starbucks example above. Also, wired interfaces are preferred over wireless, although this is easily changed. For further details, please see the nwamd man page.

While we cannot talk about the schedule for when the rest of this functionality will be available we are currently working hard to ensure it meets with the expectations of the Solaris user community. We would love to hear your experience with the Network Auto Magic project and indeed all of new Solaris. It certainly isn't your grandfather's Solaris any more and with your input we hope to make it even easier to use.

Wednesday March 28, 2007

Solaris Networking has always been known to be on the cutting edge of innovation- whether it is sterling performance, or next generation virtualization and resource control.. Clearly, one cannot build an imposing structure without a strong foundation and Solaris is no exception. Several engineering years of building high quality infrastructure is one reason why Sun is reclaiming its position in the workstation and server marketplace.
While having high quality plumbing is a prerequisite whether you are building a home or an operating system, many people these days like shiny fixtures to go along. And of course the solution needs to be elegant and easy to use. For many years, Sun customers have thought of Solaris Networking to be that way- very high quality and capable of heavy lifting but somewhat challenging to use.

Why is this important? For starters, an approachable Solaris will enable both developers and customers to use it more easily and help grow the community of Sun users. It will make Solaris a stronger contender for mobile platforms and for small and medium business customers. The latter often lack dedicated and advanced Unix configuration expertise. Finally, recent Linux distros and OS X have lifted the bar on configuration and management user interfaces and Solaris needs to do a better job competing in this area. At the same time, traditional data center customers need to lower TCO by reducing administration and management complexity.

After spending over a year working on design, we are in the process of implementing and delivering on the promise of significantly simplified and automated Solaris network configuration and management via an exciting new project that we call Network Auto Magic. Network Auto Magic or NWAM for short has a thriving community on OpenSolaris so join in and give us your feedback. Better yet, download the prototype and give it a spin! We are planning on releasing the prototype via OpenSolaris in the very near future so stay tuned. And there is much more to come. John Beck recently presented at the Bay Area OpenSolaris User Group meeting.

Monday January 15, 2007

No doubt the iPhone will be a hit and help to change the balance of power between wireless operators and handset makers. In the US, I can see why many folks might jump for the iPhone. Still I predict that the iPhone will not be the market defining gadget that the iPod was- at least until Apple recognizes and addresses some obvious shortcomings. Here is why:

1. No Java! Yeah, Apple has redefined the music player landscape single handedly, but even it cannot beat the momentum behind the billions of phones that support mobile Java. Looking at just one segment of the market- Java games downloads- its unclear why Apple chose not to play in it. Sure, OSX is cool as a development platform but it is absolutely no contest to J2ME. For my personal cellphone, that support was instrumental in my being able to download the free and capable Gmail mobile client.

2. The GSM market in the US isn't the place for mobile innovation! Only 2 of the 4 major network operators use GSM. Furthermore, under their iron grip there is little incentive for the average user to go out and buy a particular handset. Many folks typically first choose the network operator and then pick a locked handset from a limited list. This is opposite to the experience in many fast-growing worldwide mobile markets- where handsets are not subsidized and not sold locked. In other words, what if one likes the iPhone but does not want to (or cannot for coverage or other reason) use Cingular? Will the iPhone single handedly cause a move away from CDMA, and away from the other GSM operator to Cingular?
Finally, US network operators currently charge exorbitantly for a data plan compared to European or Asian operators causing few to use data services. Will the iPhone encouarge Cingular to make its data plans more affordable? I sure hope Apple isn't planning to sell both a network and software locked handset in the rest of the world!

3. My own cellphone is a Sony Ericsson W810i with a 2 GB Memory Stick Duo in it. It has a 2 MP Auto Focus camera with photo light, a music player that supports MP3 and AAC, a WAP 2.0 compliant browser, Bluetooth 1.2, and USB synchronization (that works perfectly well with Solaris Nevada!). And did I mention the hundreds of mp3 songs on this phone? All this for under $300. Because it is unlocked and has Quad frequency GSM support it can be used virtually anywhere in the world. Other than WiFi support, I guess I don't see a single missing feature that would make it worthwhile to upgrade to the iPhone at $499. At that price point one can get a network unlocked Nokia N-series handset with WiFi support. The recently introduced N95 even supports high-speed networks, GPS and a 5 MP camera. In other words, Apple will have plenty of competition from well established market players who have strong, mutually beneficial relationships with network operators around the world, quite unlike the situation in the digital music player market when Apple introduced the iPod.

Sure, none of the above are significant issues for the iPhone. After all this is a 1.0 product and Apple has done well building on its first iPod. To the extent that Apple recognizes and addresses some of these issues, the iPhone can only help to jump start the maturing of the GSM market in the US and hasten Apple's transition to a consumer electronics company.

( Jan 15 2007, 07:29:56 PM PST ) Permalink

Wednesday October 25, 2006

Not so long ago, Sun hardware and the Solaris operating system used to be synonymous with having an Internet presence of any kind. Then the NASDAQ crashed, the bubble burst and unfortunately Sun and Solaris pulled back from its position of pre-eminence.

Fast forward to 2006. Sun is back into the game with AMD 64 based Opteron servers. And then, there is Solaris 10!

As I mentioned in a previous blog entry, Solaris 10 now ships with a recent release of BIND 9, the defacto standard implementation of DNS client and servers on Unix/Linux. What better than the stringent performance and security requirements of one of the nodes of a root DNS server to demonstrate that Solaris 10 can do the heavy lifting of virtually anything one can throw at it?

Solaris 10 now powers one of the global nodes of F-Root, itself one of the 13 root DNS servers of the Internet. Just one more confirmation that Solaris 10 is helping Sun get back to its position of eminence. ( Oct 25 2006, 07:47:19 PM PDT ) Permalink

Monday October 16, 2006

Coming soon to a Solaris Express build near you is an exciting new project called Tamarack. The project name is taken from the road on which one of the team members has a mountain cabin and the logo is inspired by its namesake restaurant and casino in Reno, which is not surprising when the release vehicle is codenamed Nevada!
For several years and multiple releases, Solaris has had a sub-par user experience with removable media and hotpluggable devices compared to competetive desktop environments. The solution was incomplete, complex, and did not integrate with the desktop.

Enter Tamarack!

Whether it is a memory stick or a secure digital device, a digital camera or an IPod, a music CD or a blank DVD-ROM media, Tamarack seamlessly

integrates with the desktop to bring a significantly enhanced user experience compared to previous releases of Solaris. More importantly, Tamarack does this via a modern, open source and extensible framework, HAL.

Getting Tamarack

I haven't posted here for a really long time. I guess now is as good a time as any to update my blog with what I have been doing recently.

For starters, I am now a software development manager in the KISS (Keep it Simple, Solaris) organization managing a team working on Network and I/O Approachability.

Specifically, this means I manage multiple networking and I/O projects that will make Solaris more "approachable" or which automate configuration where and when it makes sense. I will be describing various exciting initiatives and projects in this space.

( Oct 16 2006, 11:45:53 AM PDT ) Permalink

Monday June 13, 2005

I was one of the hundreds lining up at my neighborhood Best Buy to snap up the Sony PSP (a.k.a the Playstation Portable). I would have loved to be at the official launch party at the Sony Metreon or the main one in New York City. Well, at least the weather in San Jose is much nicer this time of the year than SF or NYC! Now I must admit that when it comes to handheld gaming consoles, I'm a newbie. My experience has been limited to watching my 7 year son showing off his Pokedex on his Game Boy Advance SP.

But a recent trip to Tokyo, Japan changed all that. I was fortunate to have time to visit the Sony Building in Ginza. For a gadget freak like me, I thought I was in heaven! The very latest technologies- in some cases- technologies that the rest of the world- outside Japan- may not see for months, or years.

One such gadget was the PSP. At that time the PSP- had only been launched in Japan and sold out almost overnight. The US launch was still a month away. But the console just blew me away. The quality of the 16:9 format screen was a work of art- the videos were flawless, the games engrossing. And it had built-in Wi-Fi , which meant I might even be able to use it to browse/email at my neighborhood Starbucks!

Fast forward to the present. While the PSP has lived up to much of its hype for video and gaming, Sony has still kept the PSP largely a restricted proprietary device, whether its internet access, or using the "universal media disks". Of course, some folks quickly figured out a way to use a built-in browser in one of Sony's own games- Wipeout Pure to surf the web using the built-in Wi-Fi. Isn't it interesting though that that's its not so much a PSP hack, but a well known DNS hack - record spoofing, which is both very old and very common.

All you have to do is to setup a DNS server serving the "hacked" resource records and get a DNS resolver (read browser) to somehow point to it. In this case, of course, you are telling your resolver you want that alternate DNS resolution! The PSP resolver still makes a DNS request for www.scea.com as before and it thinks its fetching the address record for www.scea.com, but of course its not! Its getting the IP address where you setup your own website! Unfortunately these types of attacks can be minimized but not entirely eliminated until DNSSEC allows all DNS servers to have cryptographically signed records. (The BIND 9 DNS server, newly available in Solaris 10, has some helpful features such as no automatic glue fetching, random id pool, ability to create "split" views of your namespace, and so on.)

So what next for the PSP platform and handheld gaming in general? Based on purely anecdotal data and speculation, I believe that handheld consoles will continue to "grow up" as baby boomers and much of the "developed" world ages. The traditional handheld market already appears to be declining rapidly and Sony itself exited from this segment in most worldwide markets. This means the Sonys of the world will put more non-gaming functionality into these types of consoles. After all, the past ten years have been characterizted by vendors putting Wi-Fi into PDAs, bluetooth into cellphones, PDAs in phones (or vice-versa), cameras into phones, GPS into PDAs, gaming consoles in phones and so on. However in my opinion this has been akin to throwing darts and seeing which ones stick, than any real movement towards convergence and ubiquity. The next decade could see some real convergence emerge with functions customers like to see on the same device coming together, while the ones not particularly interesting falling back to smaller, niche markets. The only question is what will those functions be!

Tuesday May 31, 2005

Overview

DNS Service Manifests and Upgrade to Solaris 10

Administrative Interfaces

{root:dnssrv:25} svcs dns/server
STATE          STIME    FMRI
online         15:57:57 svc:/network/dns/server:default
{root:dnssrv:26} rndc stop
{root:dnssrv:27} svcs dns/server
STATE          STIME    FMRI
disabled       15:58:07 svc:/network/dns/server:default

{root:dnssrv:29} svcs dns/server
STATE          STIME    FMRI
online         16:00:00 svc:/network/dns/server:default
{root:dnssrv:30} svcadm disable dns/server
{root:dnssrv:31} rndc status
rndc: connect failed: connection refused

{root:dnssrv:32} /usr/sbin/named
{root:dnssrv:33} svcs dns/server
STATE          STIME    FMRI
disabled       16:00:17 svc:/network/dns/server:default
{root:dnssrv:35} rndc halt

Running the server in a chroot environment

manisha# rndc status
number of zones: 4
<...output truncated for brevity...>
server is up and running
manisha# rndc halt
use svcadm(1M) to manage named
manisha# svcadm disable dns/server
manisha# rndc status
rndc: connect failed: connection refused

manisha# svccfg import server-chroot.xml
manisha# svcadm enable dns/server:chroot
manisha# svcs dns/server
STATE          STIME    FMRI
disabled       16:36:09 svc:/network/dns/server:default
online         16:37:17 svc:/network/dns/server:chroot

manisha# pgrep named
2457
manisha# pcred 2457
2457:   e/r/suid=60002  e/r/sgid=0

Monday May 23, 2005

I have been at Sun for 8 years now and an engineer in Solaris Networking for most of that time. I used to work in the Naming and Directory Services organization however several reorganizations later, I find myself in KISS - which is Keep it Simple, Solaris!

I hope to update the blog with stuff I have worked on and stuff that I find interesting. ( May 23 2005, 02:58:34 PM PDT ) Permalink