Oracle®Solaris :IP서비스 · Oracle®Solaris관리:IP서비스 부품번호:E38894–03 2013년3월

Oracle® Solaris관리: IP서비스

부품번호: E38894–032013년 3월

Copyright © 1999, 2013, Oracle and/or its affiliates. All rights reserved.

본소프트웨어와관련문서는사용제한및기밀유지규정을포함하는라이센스계약서에의거해제공되며,지적재산법에의해보호됩니다.라이센스계약서상에명시적으로허용되어있는경우나법규에의해허용된경우를제외하고,어떠한부분도복사,재생,번역,방송,수정,라이센스,전송,배포,진열,실행,발행,또는전시될수없습니다.본소프트웨어를리버스엔지니어링,디스어셈블리또는디컴파일하는것은상호운용에대한법규에의해명시된경우를제외하고는금지되어있습니다.

이안의내용은사전공지없이변경될수있으며오류가존재하지않음을보증하지않습니다.만일오류를발견하면서면으로통지해주기바랍니다.

만일본소프트웨어나관련문서를미국정부나또는미국정부를대신하여라이센스한개인이나법인에게배송하는경우,다음공지사항이적용됩니다.

U.S. GOVERNMENT END USERS:

Oracle programs, including any operating system, integrated software, any programs installed on the hardware, and/or documentation, delivered to U.S.Government end users are "commercial computer software" pursuant to the applicable Federal Acquisition Regulation and agency-specific supplementalregulations. As such, use, duplication, disclosure, modification, and adaptation of the programs, including any operating system, integrated software, any programsinstalled on the hardware, and/or documentation, shall be subject to license terms and license restrictions applicable to the programs. No other rights are granted tothe U.S. Government.

본소프트웨어혹은하드웨어는다양한정보관리애플리케이션의일반적인사용을목적으로개발되었습니다.본소프트웨어혹은하드웨어는개인적인상해를초래할수있는애플리케이션을포함한본질적으로위험한애플리케이션에서사용할목적으로개발되거나그용도로사용될수없습니다.만일본소프트웨어혹은하드웨어를위험한애플리케이션에서사용할경우,라이센스사용자는해당애플리케이션의안전한사용을위해모든적절한비상-안전,백업,대비및기타조치를반드시취해야합니다. Oracle Corporation과그자회사는본소프트웨어혹은하드웨어를위험한애플리케이션에서의사용으로인해발생하는어떠한손해에대해서도책임지지않습니다.

Oracle과 Java는Oracle Corporation및/또는그자회사의등록상표입니다.기타의명칭들은각해당명칭을소유한회사의상표일수있습니다.

Intel및 Intel Xeon은 Intel Corporation의상표내지는등록상표입니다. SPARC상표일체는라이센스에의거하여사용되며SPARC International, Inc.의상표내지는등록상표입니다. AMD, Opteron, AMD로고,및AMD Opteron로고는Advanced Micro Devices의상표내지는등록상표입니다. UNIX는The OpenGroup의등록상표입니다.

본소프트웨어혹은하드웨어와관련문서(설명서)는제 3자로부터제공되는컨텐츠,제품및서비스에접속할수있거나정보를제공합니다. OracleCorporation과그자회사는제 3자의컨텐츠,제품및서비스와관련하여어떠한책임도지지않으며명시적으로모든보증에대해서도책임을지지않습니다. Oracle Corporation과그자회사는제 3자의컨텐츠,제품및서비스에접속하거나사용으로인해초래되는어떠한손실,비용또는손해에대해어떠한책임도지지않습니다.

130701@25097

목차

머리말 ...................................................................................................................................................27

제1부 시스템관리소개: IP서비스 ............................................................................................................. 31

1 Oracle Solaris TCP/IP프로토콜제품군(개요) ................................................................................ 33이릴리스의새로운기능 ................................................................................................................. 33TCP/IP프로토콜제품군소개 ........................................................................................................ 33프로토콜계층및Open Systems Interconnection모델 ....................................................... 34TCP/IP프로토콜아키텍처모델 ............................................................................................ 35

TCP/IP프로토콜에서데이터통신을처리하는방법 ............................................................... 40데이터캡슐화및TCP/IP프로토콜스택 ............................................................................. 40TCP/IP내부추적지원 .............................................................................................................. 44

TCP/IP및인터넷에대한자세한정보찾기 ................................................................................ 44TCP/IP에대한컴퓨터설명서 ................................................................................................. 44TCP/IP및네트워킹관련웹사이트 ...................................................................................... 44RFC(Requests for Comment)및인터넷초안 ........................................................................ 45

제2부 TCP/IP관리 ...........................................................................................................................................47

2 TCP/IP네트워크계획(작업) .............................................................................................................49네트워크계획(작업맵) ................................................................................................................... 49네트워크하드웨어결정 .................................................................................................................. 51네트워크에대한 IP주소지정형식결정 ..................................................................................... 51

IPv4주소 ...................................................................................................................................... 52CIDR형식의 IPv4주소 ............................................................................................................. 52DHCP주소 ................................................................................................................................... 52IPv6주소 ...................................................................................................................................... 52

3

개인주소및설명서접두어 ..................................................................................................... 53네트워크의 IP번호얻기 .................................................................................................................. 53IPv4주소지정체계설계 ................................................................................................................. 54

IPv4주소지정체계설계 .......................................................................................................... 55IPv4서브넷번호 ........................................................................................................................ 56CIDR IPv4주소지정체계설계 .............................................................................................. 56개인 IPv4주소사용 ................................................................................................................... 57IP주소를네트워크인터페이스에적용하는방법 ............................................................. 58

네트워크의이름지정엔티티 ........................................................................................................ 59호스트이름관리 ........................................................................................................................ 59이름서비스및디렉토리서비스선택 .................................................................................. 59

네트워크의라우터계획 .................................................................................................................. 61네트워크토폴로지개요 ........................................................................................................... 62라우터가패킷을전송하는방법 ............................................................................................. 63

3 IPv6소개(개요) ...................................................................................................................................65IPv6의주요기능 ................................................................................................................................ 66확장된주소지정 ........................................................................................................................ 66주소자동구성및Neighbor Discovery ................................................................................... 66헤더형식간소화 ........................................................................................................................ 66IP헤더옵션에대한향상된지원 ........................................................................................... 66IPv6주소지정을위한응용프로그램지원 ......................................................................... 67추가 IPv6리소스 ........................................................................................................................ 67

IPv6네트워크개요 ........................................................................................................................... 68IPv6주소지정개요 ........................................................................................................................... 70

IPv6주소의부분 ........................................................................................................................ 71IPv6주소축약 ............................................................................................................................. 72IPv6의접두어 ............................................................................................................................. 72유니캐스트주소 ........................................................................................................................ 73멀티캐스트주소 ........................................................................................................................ 75애니캐스트주소및그룹 .......................................................................................................... 76

IPv6 Neighbor Discovery프로토콜개요 ....................................................................................... 76IPv6주소자동구성 ........................................................................................................................... 77

Stateless자동구성개요 ............................................................................................................. 77IPv6터널개요 .................................................................................................................................... 78

목차

Oracle Solaris관리: IP서비스 • 2013년 3월4

4 IPv6네트워크계획(작업) .................................................................................................................79IPv6계획(작업맵) ............................................................................................................................. 79IPv6네트워크토폴로지시나리오 ................................................................................................ 80IPv6을지원하도록기존네트워크준비 ....................................................................................... 82

IPv6지원을위한네트워크토폴로지준비 .......................................................................... 82IPv6지원을위한네트워크서비스준비 .............................................................................. 83IPv6지원을위한서버준비 ..................................................................................................... 83

▼ IPv6을지원하도록네트워크서비스를준비하는방법 .................................................... 84▼ IPv6을지원하도록DNS를준비하는방법 ........................................................................... 84네트워크토폴로지의터널계획 ............................................................................................. 85IPv6구현에대한보안고려사항 ............................................................................................ 86

IPv6주소지정계획준비 ................................................................................................................. 86사이트접두어획득 ................................................................................................................... 86IPv6번호지정체계만들기 ..................................................................................................... 87

5 TCP/IP네트워크서비스구성및 IPv4주소지정(작업) .............................................................. 89이장의새로운내용 .......................................................................................................................... 90IPv4네트워크를구성하기전에(작업맵) .................................................................................... 90호스트구성모드결정 ...................................................................................................................... 91로컬파일모드로실행되는시스템 ....................................................................................... 91네트워크클라이언트시스템 .................................................................................................. 92혼합구성 ...................................................................................................................................... 93IPv4네트워크토폴로지시나리오 ......................................................................................... 93

네트워크에서브넷추가(작업맵) ................................................................................................. 94네트워크구성작업맵 ...................................................................................................................... 95로컬네트워크의시스템구성 ........................................................................................................ 96

▼호스트를로컬파일모드로구성하는방법 ......................................................................... 96▼네트워크구성서버설정방법 ................................................................................................ 99네트워크클라이언트구성 .................................................................................................... 100

▼호스트를네트워크클라이언트모드로구성하는방법 ................................................. 100▼ IPv4주소및기타네트워크구성매개변수변경방법 .................................................... 101

IPv4네트워크에서의패킷전달및경로지정 .......................................................................... 105Oracle Solaris에서지원하는경로지정프로토콜 ............................................................. 106IPv4자율시스템토폴로지 .................................................................................................... 109IPv4라우터구성 ...................................................................................................................... 112

목차

5

경로지정테이블및경로지정유형 .................................................................................... 117멀티홈호스트구성 ................................................................................................................. 120단일인터페이스시스템에대한경로지정구성 .............................................................. 123

전송계층서비스모니터및수정 ................................................................................................ 127▼모든수신TCP연결의 IP주소기록방법 ........................................................................... 128▼ SCTP프로토콜을사용하는서비스를추가하는방법 .................................................... 128▼ TCP래퍼를사용하여TCP서비스에대한액세스를제어하는방법 .......................... 131

6 네트워크인터페이스관리(작업) .................................................................................................133네트워크인터페이스관리의새로운기능 ................................................................................ 133인터페이스관리(작업맵) ............................................................................................................. 133물리적인터페이스관리를위한기본사항 ............................................................................... 134네트워크인터페이스이름 .................................................................................................... 135인터페이스연결 ...................................................................................................................... 135Oracle Solaris인터페이스유형 ............................................................................................. 136

개별네트워크인터페이스관리 .................................................................................................. 136▼인터페이스상태를가져오는방법 ...................................................................................... 137▼시스템설치후물리적인터페이스구성방법 .................................................................. 138▼물리적인터페이스를제거하는방법 .................................................................................. 141▼ SPARC:인터페이스의MAC주소가고유한지확인하는방법 ...................................... 141

VLAN(가상 LAN)관리 ................................................................................................................... 143VLAN토폴로지개요 .............................................................................................................. 144네트워크의VLAN계획 .......................................................................................................... 146VLAN구성 ................................................................................................................................. 147

링크통합개요 .................................................................................................................................. 149링크통합기본사항 ................................................................................................................. 149인접(Back-to-Back)링크통합 ............................................................................................... 151정책및로드균형조정 ........................................................................................................... 152통합모드및스위치 ................................................................................................................. 152링크통합의요구사항 ............................................................................................................ 153

▼링크통합을만드는방법 ........................................................................................................ 153▼통합을수정하는방법 ............................................................................................................. 155▼통합에서인터페이스를제거하는방법 ............................................................................. 156▼통합을삭제하는방법 ............................................................................................................. 157▼링크통합에VLAN을구성하는방법 .................................................................................. 157

목차


7 IPv6네트워크구성(작업) ...............................................................................................................159IPv6인터페이스구성 ..................................................................................................................... 159인터페이스에서 IPv6을사용으로설정(작업맵) ............................................................. 160

▼현재세션에대해 IPv6인터페이스를사용으로설정하는방법 ................................... 160▼영구적인 IPv6인터페이스를사용으로설정하는방법 .................................................. 162▼ IPv6주소자동구성을해제하는방법 ................................................................................. 164

IPv6라우터구성 .............................................................................................................................. 165IPv6라우터구성(작업맵) ..................................................................................................... 165

▼ IPv6지원라우터를구성하는방법 ...................................................................................... 166호스트및서버에대해 IPv6인터페이스구성수정 ................................................................. 169

IPv6인터페이스구성수정(작업맵) ................................................................................... 169인터페이스에대해임시주소사용 ..................................................................................... 169IPv6토큰구성 ........................................................................................................................... 172서버에서 IPv6지원인터페이스관리 .................................................................................. 175

IPv6지원을위한터널구성작업(작업맵) ................................................................................ 176IPv6지원을위한터널구성 ........................................................................................................... 176

▼ IPv6 Over IPv4터널을수동으로구성하는방법 ............................................................... 177▼ IPv6 Over IPv6터널을수동으로구성하는방법 ............................................................... 178▼ IPv4 Over IPv6터널을구성하는방법 ................................................................................. 178▼ 6to4터널을구성하는방법 .................................................................................................... 179▼ 6to4릴레이라우터에대한 6to4터널을구성하는방법 .................................................. 182

IPv6용이름서비스지원구성 ...................................................................................................... 184▼ DNS에 IPv6주소를추가하는방법 ...................................................................................... 184

NIS에 IPv6주소추가 ............................................................................................................... 185▼ IPv6이름서비스정보를표시하는방법 ............................................................................ 185▼ DNS IPv6 PTR레코드가올바르게업데이트되었는지확인하는방법 ....................... 186▼ NIS를통해 IPv6정보를표시하는방법 .............................................................................. 187▼이름서비스와독립적인 IPv6정보를표시하는방법 ...................................................... 187

8 TCP/IP네트워크관리(작업) ...........................................................................................................189주요TCP/IP관리작업(작업맵) .................................................................................................. 189ifconfig명령으로인터페이스구성모니터링 ........................................................................ 190

▼특정인터페이스에대한정보를얻는방법 ....................................................................... 191▼인터페이스주소지정을표시하는방법 ............................................................................. 192

netstat명령으로네트워크상태모니터링 .............................................................................. 194

목차

7

▼프로토콜별통계를표시하는방법 ...................................................................................... 194▼전송프로토콜의상태를표시하는방법 ............................................................................. 196▼네트워크인터페이스상태를표시하는방법 .................................................................... 197▼소켓상태를표시하는방법 ................................................................................................... 198▼특정주소유형의패킷에대한전송상태를표시하는방법 ........................................... 199▼알려진경로의상태를표시하는방법 ................................................................................. 200

ping명령으로원격호스트확인 .................................................................................................. 201▼원격호스트가실행중인지확인하는방법 ....................................................................... 201▼원격호스트가패킷을삭제하는중인지확인하는방법 ................................................. 201네트워크상태화면관리및기록 ................................................................................................ 202

▼ IP관련명령의화면출력을제어하는방법 ....................................................................... 202▼ IPv4경로지정데몬의작업을기록하는방법 ................................................................... 203▼ IPv6 Neighbor Discovery데몬의작업을추적하는방법 .................................................. 204

traceroute명령으로경로지정정보표시 ................................................................................ 205▼원격호스트에대한경로를찾는방법 ................................................................................ 205▼모든경로를추적하는방법 ................................................................................................... 206

snoop명령으로패킷전송모니터링 ........................................................................................... 206▼모든인터페이스의패킷을확인하는방법 ........................................................................ 207▼ snoop출력을파일로캡처하는방법 .................................................................................... 208▼ IPv4서버와클라이언트간패킷을확인하는방법 .......................................................... 208▼ IPv6네트워크트래픽을모니터링하는방법 .................................................................... 209기본주소선택관리 ........................................................................................................................ 210

▼ IPv6주소선택정책테이블을관리하는방법 ................................................................... 210▼현재세션에대해서만 IPv6주소선택정책테이블을수정하는방법 ......................... 212

9 네트워크문제해결(작업) ..............................................................................................................213네트워크문제해결의새로운내용 ............................................................................................. 213일반네트워크문제해결팁 .......................................................................................................... 213기본진단검사실행 ................................................................................................................. 214

▼기본네트워크소프트웨어검사를수행하는방법 .......................................................... 214IPv6배치시발생하는일반적인문제 ........................................................................................ 215

IPv4라우터를 IPv6으로업그레이드할수없음 ................................................................ 215IPv6으로서비스업그레이드후발생하는문제 ............................................................... 215현재 ISP가 IPv6을지원하지않음 ......................................................................................... 2156to4릴레이라우터로터널링시발생하는보안문제 ..................................................... 216

목차


10 TCP/IP및 IPv4에대한자세한정보(참조) .................................................................................... 217TCP/IP및 IPv4의새로운기능에대한자세한정보 ................................................................ 217TCP/IP구성파일 ............................................................................................................................. 217

/etc/hostname.interface파일 ................................................................................................ 218/etc/nodename파일 ................................................................................................................. 219/etc/defaultdomain파일 ...................................................................................................... 219/etc/defaultrouter파일 ...................................................................................................... 219hosts데이터베이스 ................................................................................................................ 219ipnodes데이터베이스 ............................................................................................................ 223netmasks데이터베이스 .......................................................................................................... 224

inetd인터넷서비스데몬 ............................................................................................................. 227네트워크데이터베이스및 nsswitch.conf파일 ...................................................................... 227네트워크데이터베이스에대한이름서비스의영향 ...................................................... 228nsswitch.conf파일 ................................................................................................................. 230bootparams데이터베이스 ...................................................................................................... 232ethers데이터베이스 .............................................................................................................. 233기타네트워크데이터베이스 ................................................................................................ 233protocols데이터베이스 ........................................................................................................ 235services데이터베이스 .......................................................................................................... 235

Oracle Solaris의경로지정프로토콜 ........................................................................................... 236RIP(Routing Information Protocol) ........................................................................................ 236RDISC(ICMP Router Discovery)프로토콜 .......................................................................... 236

네트워크클래스 .............................................................................................................................. 237클래스A네트워크번호 ......................................................................................................... 237클래스 B네트워크번호 .......................................................................................................... 237클래스C네트워크번호 ......................................................................................................... 238

11 IPv6세부개요(참조) ........................................................................................................................239IPv6세부개요의새로운내용 ...................................................................................................... 239IPv6주소지정형식고급정보 ..................................................................................................... 239

6to4파생주소 ........................................................................................................................... 240IPv6멀티캐스트주소세부정보 .......................................................................................... 241

IPv6패킷헤더형식 ......................................................................................................................... 242IPv6확장헤더 ........................................................................................................................... 243

이중스택프로토콜 ......................................................................................................................... 244

목차

9

Oracle Solaris IPv6구현 ................................................................................................................... 245IPv6구성파일 ........................................................................................................................... 245IPv6관련명령 ........................................................................................................................... 250IPv6관련데몬 ........................................................................................................................... 256

IPv6 Neighbor Discovery프로토콜 ............................................................................................... 259Neighbor Discovery에서제공하는 ICMP메시지 .............................................................. 259자동구성프로세스 ................................................................................................................. 260이웃요청및연결불가 ........................................................................................................... 262중복주소감지알고리즘 ........................................................................................................ 262프록시알림 ............................................................................................................................... 262인바운드로드균형조정 ........................................................................................................ 263링크로컬주소변경 ................................................................................................................. 263ARP및관련 IPv4프로토콜과Neighbor Discovery비교 .................................................. 263

IPv6경로지정 .................................................................................................................................. 265라우터알림 ............................................................................................................................... 265

IPv6터널 ............................................................................................................................................ 266구성된터널 ............................................................................................................................... 2686to4자동터널 ........................................................................................................................... 270

Oracle Solaris이름서비스에대한 IPv6확장 ............................................................................. 274IPv6에대한DNS확장 ............................................................................................................. 274nsswitch.conf파일의변경사항 ......................................................................................... 274이름서비스명령에대한변경사항 ..................................................................................... 276

NFS및RPC IPv6지원 ..................................................................................................................... 276IPv6 Over ATM지원 ........................................................................................................................ 276

제3부 DHCP ................................................................................................................................................... 277

12 DHCP정보(개요) ...............................................................................................................................279DHCP프로토콜정보 ...................................................................................................................... 279DHCP사용시의이점 ..................................................................................................................... 280DHCP의작동방식 .......................................................................................................................... 281DHCP서버 ........................................................................................................................................ 284

DHCP서버관리 ....................................................................................................................... 285DHCP데이터저장소 .............................................................................................................. 285DHCP관리자 ............................................................................................................................ 287

목차


DHCP명령줄유틸리티 .......................................................................................................... 287DHCP명령에대한역할기반액세스제어 ........................................................................ 288DHCP서버구성 ....................................................................................................................... 288IP주소할당 ............................................................................................................................... 289네트워크구성정보 ................................................................................................................. 289DHCP옵션정보 ....................................................................................................................... 290DHCP매크로정보 ................................................................................................................... 290

DHCP클라이언트 ........................................................................................................................... 292

13 DHCP서비스계획(작업) .................................................................................................................293DHCP서비스용네트워크준비(작업맵) .................................................................................. 293네트워크토폴로지매핑 ......................................................................................................... 294DHCP서버수결정 .................................................................................................................. 295시스템파일및넷마스크테이블업데이트 ....................................................................... 296

DHCP서버구성을위한결정사항(작업맵) ............................................................................ 297DHCP서비스를실행할호스트선택 .................................................................................. 298DHCP데이터저장소선택 ..................................................................................................... 298임대정책설정 .......................................................................................................................... 299DHCP클라이언트에대한라우터결정 .............................................................................. 300

IP주소관리를위한결정사항(작업맵) .................................................................................... 301IP주소의개수및범위 ............................................................................................................ 301클라이언트호스트이름생성 ............................................................................................... 301기본클라이언트구성매크로 ............................................................................................... 302동적및영구임대유형 ........................................................................................................... 303예약된 IP주소및임대유형 .................................................................................................. 303

다중DHCP서버계획 ..................................................................................................................... 304원격네트워크의DHCP구성계획 .............................................................................................. 304DHCP를구성할도구선택 ............................................................................................................ 305

DHCP관리자기능 ................................................................................................................... 305dhcpconfig기능 ....................................................................................................................... 305DHCP관리자와 dhcpconfig비교 ........................................................................................ 306

14 DHCP서비스구성(작업) .................................................................................................................307DHCP관리자를사용하여DHCP서버구성및구성해제 ..................................................... 307

DHCP서버구성 ....................................................................................................................... 308

목차

11

▼ DHCP서버를구성하는방법(DHCP관리자) ................................................................... 310BOOTP중계에이전트구성 .................................................................................................. 311

▼ BOOTP중계에이전트를구성하는방법(DHCP관리자) .............................................. 311DHCP서버및 BOOTP중계에이전트구성해제 ............................................................. 312구성해제된서버의DHCP데이터 ....................................................................................... 313

▼ DHCP서버또는 BOOTP중계에이전트구성을해제하는방법(DHCP관리자) ..... 314dhcpconfig명령을사용하여DHCP서버구성및구성해제 ................................................ 314

▼ DHCP서버를구성하는방법(dhcpconfig -D) .................................................................. 314▼ BOOTP중계에이전트를구성하는방법(dhcpconfig -R) ............................................. 315▼ DHCP서버또는 BOOTP중계에이전트구성을해제하는방법(dhcpconfig -U) .... 316

15 DHCP관리(작업) ...............................................................................................................................317DHCP관리자정보 .......................................................................................................................... 318

DHCP관리자창 ....................................................................................................................... 318DHCP관리자메뉴 ................................................................................................................... 319DHCP관리자시작및중지 .................................................................................................... 320

▼ DHCP관리자를시작및중지하는방법 ............................................................................. 320DHCP명령에사용자액세스설정 .............................................................................................. 321

▼ DHCP명령에사용자액세스를부여하는방법 ................................................................ 321DHCP서버작업 .............................................................................................................................. 322

▼ ISC DHCP서버를구성하는방법 ......................................................................................... 322▼ DHCP서비스의구성을수정하는방법 .............................................................................. 322

DHCP서비스시작및중지 ........................................................................................................... 323▼ DHCP서비스를시작및중지하는방법(DHCP관리자) ................................................ 324▼ DHCP서비스를사용/사용안함으로설정하는방법(DHCP관리자) ......................... 324▼ DHCP서비스를사용/사용안함으로설정하는방법(dhcpconfig -S) ........................ 324

DHCP서비스및서비스관리기능 ............................................................................................. 325DHCP서비스옵션수정(작업맵) ............................................................................................... 326

DHCP로깅옵션변경 ............................................................................................................. 327▼상세정보DHCP로그메시지를생성하는방법(DHCP관리자) .................................. 329▼상세정보DHCP로그메시지를생성하는방법(명령줄) ............................................... 329▼ DHCP트랜잭션로깅을사용/사용안함으로설정하는방법(DHCP관리자) ........... 330▼ DHCP트랜잭션로깅을사용/사용안함으로설정하는방법(명령줄) ........................ 331▼별도의 syslog파일에DHCP트랜잭션을기록하는방법 .............................................. 331

DHCP서버에의한동적DNS업데이트를사용으로설정 ............................................. 332

목차


▼ DHCP클라이언트에대한동적DNS업데이트를사용으로설정하는방법 ............. 333클라이언트호스트이름등록 ............................................................................................... 334DHCP서버에대한성능옵션사용자정의 ........................................................................ 335

▼ DHCP성능옵션을사용자정의하는방법(DHCP관리자) ............................................ 336▼ DHCP성능옵션을사용자정의하는방법(명령줄) ........................................................ 336

DHCP네트워크추가,수정및제거(작업맵) ........................................................................... 337DHCP모니터링을위한네트워크인터페이스지정 ....................................................... 338

▼ DHCP모니터링에대해네트워크인터페이스를지정하는방법(DHCP관리자) .... 339▼ DHCP모니터링에대해네트워크인터페이스를지정하는방법(dhcpconfig) ........ 340

DHCP네트워크추가 .............................................................................................................. 340▼ DHCP네트워크를추가하는방법(DHCP관리자) ........................................................... 341▼ DHCP네트워크를추가하는방법(dhcpconfig) ............................................................... 342

DHCP네트워크구성수정 ..................................................................................................... 343▼ DHCP네트워크구성을수정하는방법(DHCP관리자) ................................................. 343▼ DHCP네트워크구성을수정하는방법(dhtadm) .............................................................. 344

DHCP네트워크제거 .............................................................................................................. 345▼ DHCP네트워크를제거하는방법(DHCP관리자) ........................................................... 346▼ DHCP네트워크를제거하는방법(pntadm) ........................................................................ 347

DHCP서비스로 BOOTP클라이언트지원(작업맵) ............................................................... 347▼모든 BOOTP클라이언트에대한지원을설정하는방법(DHCP관리자) ................... 348▼등록된 BOOTP클라이언트에대한지원을설정하는방법(DHCP관리자) .............. 349

DHCP서비스에서 IP주소작업(작업맵) .................................................................................. 350DHCP서비스에 IP주소추가 ................................................................................................ 354

▼단일 IP주소를추가하는방법(DHCP관리자) .................................................................. 356▼기존 IP주소를복제하는방법(DHCP관리자) .................................................................. 356▼복수 IP주소를추가하는방법(DHCP관리자) .................................................................. 357▼ IP주소를추가하는방법(pntadm) ........................................................................................ 357

DHCP서비스에서 IP주소수정 ........................................................................................... 358▼ IP주소등록정보를수정하는방법(DHCP관리자) ........................................................ 359▼ IP주소등록정보를수정하는방법(pntadm) ..................................................................... 360

DHCP서비스에서 IP주소제거 ........................................................................................... 360IP주소를DHCP서비스에서사용할수없는주소로표시 ............................................ 360

▼ IP주소를사용할수없는주소로표시하는방법(DHCP관리자) ................................. 361▼ IP주소를사용할수없는주소로표시하는방법(pntadm) .............................................. 361

DHCP서비스에서 IP주소삭제 ........................................................................................... 362▼ DHCP서비스에서 IP주소를삭제하는방법(DHCP관리자) ........................................ 362

목차

13

▼ DHCP서비스에서 IP주소를삭제하는방법(pntadm) ..................................................... 363예약된 IP주소를DHCP클라이언트에지정 ..................................................................... 363

▼ DHCP클라이언트에일관성있는 IP주소를지정하는방법(DHCP관리자) ............ 364▼ DHCP클라이언트에일관성있는 IP주소를지정하는방법(pntadm) ......................... 365

DHCP매크로작업(작업맵) ......................................................................................................... 366▼ DHCP서버에정의된매크로를보는방법(DHCP관리자) ............................................ 367▼ DHCP서버에정의된매크로를보는방법(dhtadm) ......................................................... 368

DHCP매크로수정 ................................................................................................................... 368▼ DHCP매크로에서옵션값을변경하는방법(DHCP관리자) ....................................... 369▼ DHCP매크로에서옵션값을변경하는방법(dhtadm) ..................................................... 370▼ DHCP매크로에옵션을추가하는방법(DHCP관리자) ................................................. 370▼ DHCP매크로에옵션을추가하는방법(dhtadm) .............................................................. 371▼ DHCP매크로에서옵션을삭제하는방법(DHCP관리자) ............................................. 371▼ DHCP매크로에서옵션을삭제하는방법(dhtadm) .......................................................... 372

DHCP매크로만들기 .............................................................................................................. 372▼ DHCP매크로를만드는방법(DHCP관리자) ................................................................... 373▼ DHCP매크로를만드는방법(dhtadm) ................................................................................. 374

DHCP매크로삭제 ................................................................................................................... 375▼ DHCP매크로를삭제하는방법(DHCP관리자) ............................................................... 375▼ DHCP매크로를삭제하는방법(dhtadm) ............................................................................ 375

DHCP옵션작업(작업맵) ............................................................................................................. 376DHCP옵션만들기 ................................................................................................................... 379

▼ DHCP옵션을만드는방법(DHCP관리자) ........................................................................ 380▼ DHCP옵션을만드는방법(dhtadm) ..................................................................................... 381

DHCP옵션수정 ....................................................................................................................... 382▼ DHCP옵션등록정보를수정하는방법(DHCP관리자) ................................................ 382▼ DHCP옵션등록정보를수정하는방법 (dhtadm) ............................................................. 383

DHCP옵션삭제 ....................................................................................................................... 384▼ DHCP옵션을삭제하는방법(DHCP관리자) ................................................................... 384▼ DHCP옵션을삭제하는방법(dhtadm) ................................................................................. 384

DHCP클라이언트의옵션정보수정 .................................................................................. 385DHCP서비스로Oracle Solaris네트워크설치지원 ................................................................. 385원격부트및디스크가없는부트클라이언트지원(작업맵) ............................................... 386정보만수신하도록DHCP클라이언트설정(작업맵) ............................................................ 387새DHCP데이터저장소로변환 ................................................................................................... 388

▼ DHCP데이터저장소를변환하는방법(DHCP관리자) ................................................. 389

목차


▼ DHCP데이터저장소를변환하는방법(dhcpconfig -C) ................................................ 390DHCP서버간구성데이터이동(작업맵) ................................................................................. 390

▼ DHCP서버에서데이터를내보내는방법(DHCP관리자) ............................................. 393▼ DHCP서버에서데이터를내보내는방법(dhcpconfig -X) ........................................... 393▼ DHCP서버에서데이터를가져오는방법(DHCP관리자) ............................................. 394▼ DHCP서버에서데이터를가져오는방법(dhcpconfig -I) ........................................... 395▼가져온DHCP데이터를수정하는방법(DHCP관리자) ................................................. 395▼가져온DHCP데이터를수정하는방법(pntadm, dhtadm) ................................................ 396

16 DHCP클라이언트구성및관리 ..................................................................................................... 399DHCP클라이언트정보 ................................................................................................................. 399

DHCPv6서버 ............................................................................................................................ 400DHCPv4와DHCPv6의차이점 .............................................................................................. 400DHCP관리모델 ....................................................................................................................... 400프로토콜세부정보 ................................................................................................................. 401논리적인터페이스 .................................................................................................................. 402옵션협상 .................................................................................................................................... 402구성구문 .................................................................................................................................... 403DHCP클라이언트시작 .......................................................................................................... 403DHCPv6통신 ............................................................................................................................ 404DHCP클라이언트프로토콜이네트워크구성정보를관리하는방법 ....................... 405DHCP클라이언트종료 .......................................................................................................... 406

DHCP클라이언트사용및사용안함 ......................................................................................... 407▼ DHCP클라이언트를사용으로설정하는방법 ................................................................. 407▼ DHCP클라이언트를사용안함으로설정하는방법 ....................................................... 408

DHCP클라이언트관리 ................................................................................................................. 408DHCP클라이언트에서사용되는 ifconfig명령옵션 ................................................... 408DHCP클라이언트구성매개변수설정 .............................................................................. 410

다중네트워크인터페이스의DHCP클라이언트시스템 ...................................................... 411DHCPv4클라이언트호스트이름 ............................................................................................... 412

▼ DHCPv4클라이언트가특정호스트이름을요청하도록설정하는방법 ................... 412DHCP클라이언트시스템및이름서비스 ................................................................................ 413

DHCP클라이언트를NIS+클라이언트로설정 ................................................................ 415DHCP클라이언트이벤트스크립트 ........................................................................................... 418

목차

15

17 DHCP문제해결(참조) ......................................................................................................................423DHCP서버문제해결 ..................................................................................................................... 423

NIS+문제및DHCP데이터저장소 ..................................................................................... 423DHCP의 IP주소할당오류 .................................................................................................... 426

DHCP클라이언트구성문제해결 .............................................................................................. 429DHCP서버와통신문제 ......................................................................................................... 429부정확한DHCP구성정보관련문제 ................................................................................. 438DHCP클라이언트가제공한호스트이름관련문제 ...................................................... 438

18 DHCP명령및파일(참조) ................................................................................................................441DHCP명령 ........................................................................................................................................ 441스크립트에서DHCP명령실행 ............................................................................................ 442

DHCP서비스에서사용된파일 ................................................................................................... 448DHCP옵션정보 .............................................................................................................................. 450사이트가영향을받는지여부결정 ..................................................................................... 450dhcptags와 inittab파일의차이점 ..................................................................................... 451dhcptags항목을 inittab항목으로변환 ............................................................................ 452

제4부 IP보안 .................................................................................................................................................453

19 IP보안아키텍처(개요) ....................................................................................................................455IPsec의새로운기능 ........................................................................................................................ 455IPsec소개 ........................................................................................................................................... 457

IPsec RFC .................................................................................................................................... 458IPsec용어 ................................................................................................................................... 458

IPsec패킷플로우 ............................................................................................................................. 459IPsec보안연결 ................................................................................................................................. 462

IPsec에서키관리 ..................................................................................................................... 462IPsec보호방식 ................................................................................................................................. 463인증헤더 .................................................................................................................................... 463ESP(Encapsulating Security Payload) ..................................................................................... 464IPsec의인증및암호화알고리즘 ......................................................................................... 465

IPsec보호정책 ................................................................................................................................. 466IPsec의전송및터널모드 .............................................................................................................. 467

목차


VPN(Virtual Private Networks)및 IPsec ....................................................................................... 469IPsec및NAT순회 ............................................................................................................................ 470IPsec및 SCTP .................................................................................................................................... 471IPsec및Oracle Solaris영역 ............................................................................................................. 471IPsec및논리적도메인 ................................................................................................................... 471IPsec유틸리티및파일 ................................................................................................................... 472Oracle Solaris 10릴리스의 IPsec변경사항 ................................................................................. 473

20 IPsec구성(작업) ................................................................................................................................475IPsec를사용하여트래픽보호(작업맵) ..................................................................................... 475IPsec를사용하여트래픽보호 ...................................................................................................... 476

▼ IPsec를사용하여두시스템사이의트래픽을보호하는방법 ....................................... 477▼ IPsec를사용하여비웹트래픽에서웹서버를보호하는방법 ....................................... 480▼ IPsec정책을표시하는방법 ................................................................................................... 483▼ Oracle Solaris시스템에서난수를생성하는방법 ............................................................. 484▼수동으로 IPsec보안연관을만드는방법 ........................................................................... 485▼ IPsec로패킷이보호되는지확인하는방법 ........................................................................ 490▼네트워크보안에대한역할을구성하는방법 ................................................................... 491▼ IKE및 IPsec서비스를관리하는방법 .................................................................................. 492

IPsec를사용하여VPN보호 .......................................................................................................... 494터널모드를사용하여 IPsec로VPN을보호하는예 ......................................................... 494

IPsec를사용하여VPN보호(작업맵) ......................................................................................... 496VPN을보호하기위한 IPsec작업에대한네트워크토폴로지설명 ............................. 497

▼ IPv4를사용하여터널모드의 IPsec터널로VPN을보호하는방법 .............................. 499▼ IPv6을사용하여터널모드의 IPsec터널로VPN을보호하는방법 .............................. 508▼ IPv4를사용하여전송모드의 IPsec터널로VPN을보호하는방법 .............................. 514▼ IPv6을사용하여전송모드의 IPsec터널로VPN을보호하는방법 .............................. 520▼ IP속임수를방지하는방법 .................................................................................................... 526

21 IP보안아키텍처(참조) ....................................................................................................................529IPsec서비스 ...................................................................................................................................... 529ipsecconf명령 ................................................................................................................................. 530ipsecinit.conf파일 ...................................................................................................................... 531샘플 ipsecinit.conf파일 ..................................................................................................... 531ipsecinit.conf및 ipsecconf에대한보안고려사항 .................................................... 531

목차

17

ipsecalgs명령 ................................................................................................................................. 532IPsec에대한보안연결데이터베이스 ........................................................................................ 533IPsec에서 SA생성을위한유틸리티 ............................................................................................ 533

ipseckey에대한보안고려사항 .......................................................................................... 533다른유틸리티에대한 IPsec확장 ................................................................................................. 534

ifconfig명령및 IPsec ............................................................................................................ 534snoop명령및 IPsec ................................................................................................................... 536

22 Internet Key Exchange(개요) ..........................................................................................................537IKE의새로운기능 ........................................................................................................................... 537IKE로키관리 ................................................................................................................................... 538IKE키협상 ........................................................................................................................................ 538

IKE키용어 ................................................................................................................................ 538IKE Phase 1교환 ........................................................................................................................ 539IKE Phase 2교환 ........................................................................................................................ 539

IKE구성선택 ................................................................................................................................... 540IKE와미리공유한키인증 .................................................................................................... 540IKE와공개키인증서 .............................................................................................................. 540

IKE및하드웨어가속 ..................................................................................................................... 541IKE및하드웨어저장소 ................................................................................................................. 541IKE유틸리티및파일 ..................................................................................................................... 542Oracle Solaris 10릴리스의 IKE변경사항 ................................................................................... 543

23 IKE구성(작업) ....................................................................................................................................545IKE구성(작업맵) ............................................................................................................................ 545미리공유한키로 IKE구성(작업맵) ........................................................................................... 546미리공유한키로 IKE구성 ............................................................................................................ 547

▼미리공유한키로 IKE를구성하는방법 .............................................................................. 547▼ IKE미리공유한키를새로고치는방법 ............................................................................. 550▼ IKE미리공유한키를보는방법 ........................................................................................... 551▼ ipsecinit.conf으로새정책항목에대해 IKE미리공유한키를추가하는방법 ..... 552▼ IKE미리공유한키가동일한지확인하는방법 ................................................................ 555공개키인증서로 IKE구성(작업맵) ........................................................................................... 556공개키인증서로 IKE구성 ............................................................................................................ 557

▼자체서명된공개키인증서로 IKE를구성하는방법 ...................................................... 557

목차


▼ CA가서명한인증서로 IKE를구성하는방법 ................................................................... 562▼공개키인증서를생성하여하드웨어에저장하는방법 ................................................. 567▼인증서해지목록처리방법 ................................................................................................... 571모바일시스템에대한 IKE구성(작업맵) .................................................................................. 573모바일시스템에대한 IKE구성 ................................................................................................... 574

▼오프사이트시스템에대한 IKE구성방법 ......................................................................... 574연결된하드웨어를찾도록 IKE구성(작업맵) ......................................................................... 580연결된하드웨어를찾도록 IKE구성 .......................................................................................... 581

▼ Sun Crypto Accelerator 1000보드를찾도록 IKE를구성하는방법 ................................ 581▼ Sun Crypto Accelerator 4000보드를찾도록 IKE를구성하는방법 ................................ 582▼ Sun Crypto Accelerator 6000보드를찾도록 IKE를구성하는방법 ................................ 583

IKE전송매개변수변경(작업맵) ................................................................................................ 584IKE전송매개변수변경 ................................................................................................................. 585

▼ Phase 1 IKE키협상지속시간을변경하는방법 ............................................................... 585

24 Internet Key Exchange(참조) ..........................................................................................................589IKE서비스 ......................................................................................................................................... 589IKE데몬 ............................................................................................................................................. 590IKE구성파일 ................................................................................................................................... 590ikeadm명령 ....................................................................................................................................... 591IKE미리공유한키파일 ................................................................................................................ 592IKE공개키데이터베이스및명령 .............................................................................................. 592

ikecert tokens명령 ............................................................................................................... 593ikecert certlocal명령 ......................................................................................................... 593ikecert certdb명령 ............................................................................................................... 594ikecert certrldb명령 ........................................................................................................... 594/etc/inet/ike/publickeys디렉토리 ................................................................................. 594/etc/inet/secret/ike.privatekeys디렉토리 ................................................................ 595/etc/inet/ike/crls디렉토리 .............................................................................................. 595

25 Oracle Solaris의 IP필터(개요) ........................................................................................................597IP필터의새로운기능 .................................................................................................................... 597패킷필터링을위한패킷필터후크 ..................................................................................... 597IP필터용 IPv6패킷필터링 .................................................................................................... 598

IP필터소개 ...................................................................................................................................... 598

목차

19

오픈소스 IP필터에대한정보소스 .................................................................................... 598IP필터패킷처리 ............................................................................................................................. 599IP필터사용지침 ............................................................................................................................. 601IP필터구성파일사용 ................................................................................................................... 602IP필터규칙세트사용 ................................................................................................................... 603

IP필터의패킷필터링기능사용 ......................................................................................... 603IP필터의NAT기능사용 ........................................................................................................ 606IP필터의주소풀기능사용 .................................................................................................. 607

패킷필터후크 .................................................................................................................................. 608IP필터및 pfil STREAMS모듈 .................................................................................................... 608IP필터용 IPv6 ................................................................................................................................... 609IP필터매뉴얼페이지 .................................................................................................................... 610

26 IP필터(작업) ......................................................................................................................................613IP필터구성 ...................................................................................................................................... 613

▼ IP필터를사용으로설정하는방법 ...................................................................................... 614▼ IP필터를다시사용으로설정하는방법 ............................................................................ 615▼루프백필터링을사용으로설정하는방법 ........................................................................ 616

IP필터비활성화및사용안함으로설정 ................................................................................... 617▼패킷필터링비활성화방법 ................................................................................................... 617▼ NAT비활성화방법 .................................................................................................................. 618▼패킷필터링을사용안함으로설정하는방법 ................................................................... 618

pfil모듈작업 .................................................................................................................................. 619▼이전 Solaris릴리스에서 IP필터를사용으로설정하는방법 ......................................... 620▼패킷필터링을위해NIC를활성화하는방법 .................................................................... 622▼ NIC에서 IP필터를비활성화하는방법 .............................................................................. 623▼ IP필터에대한 pfil통계를보는방법 ................................................................................ 625

IP필터규칙세트작업 ................................................................................................................... 625IP필터에대한패킷필터링규칙세트관리 ...................................................................... 626IP필터에대한NAT규칙관리 .............................................................................................. 633IP필터에대한주소풀관리 .................................................................................................. 635

IP필터에대한통계및정보표시 ................................................................................................ 637▼ IP필터에대한상태테이블확인방법 ................................................................................ 637▼ IP필터에대한상태통계확인방법 .................................................................................... 638▼ IP필터에대한NAT통계확인방법 .................................................................................... 639

목차


▼ IP필터에대한주소풀통계확인방법 ............................................................................... 640IP필터로그파일작업 ................................................................................................................... 640

▼ IP필터로그파일설정방법 .................................................................................................. 640▼ IP필터로그파일확인방법 .................................................................................................. 641▼패킷로그파일을비우는방법 .............................................................................................. 643▼기록된패킷을파일에저장하는방법 ................................................................................. 643

IP필터구성파일만들기및편집 ................................................................................................ 644▼ IP필터에대한구성파일을만드는방법 ........................................................................... 644

IP필터구성파일예 ................................................................................................................ 645

제5부 IPMP .................................................................................................................................................... 651

27 IPMP소개(개요) ................................................................................................................................653IPMP사용이유 ................................................................................................................................ 653

Oracle Solaris IPMP구성요소 ............................................................................................... 654IPMP용어및개념 ................................................................................................................... 654

IPMP의기본요구사항 .................................................................................................................. 657IPMP주소지정 ................................................................................................................................ 658데이터주소 ............................................................................................................................... 658테스트주소 ............................................................................................................................... 658응용프로그램의테스트주소사용방지 ............................................................................ 659

IPMP인터페이스구성 ................................................................................................................... 660IPMP그룹의대기인터페이스 ............................................................................................. 661공통 IPMP인터페이스구성 .................................................................................................. 661

IPMP실패감지및복구기능 ........................................................................................................ 662링크기반실패감지 ................................................................................................................. 662프로브기반실패감지 ............................................................................................................ 663그룹실패 .................................................................................................................................... 664물리적인터페이스복구감지 ...........................

Documents

Oracle®Solaris :IP서비스 · Oracle®Solaris관리:IP서비스 부품번호:E38894–03 2013년3월