6.2 Release Notes
Release Notes for Red Hat Enterprise Linux 6.2
Edition 2
Abstract
Preface
Note
Chapter 1. Hardware Support
The biosdevname package has been upgraded to version 0.3.8, providing the --smbios
and --nopirq
command line parameters. These parameters allow users to specify a minimum BIOS and to turn off PCI IRQ Routing Table (PIRQ).
Chapter 2. Installation
In Red Hat Enterprise Linux 6.2, the compression format used for the initrd.img
file has changed. The image is now compressed using LZMA rather than Gzip.
xz -d
command. For example:
~]# xz -dc initrd.img | cpio -id
xz -9 --format=lzma
command. For example:
~]# find . | cpio -c -o | xz -9 --format=lzma > initrd.img
Fibre Channel and Serial Attached SCSI (SAS) devices can be now specified by a World Wide Name (WWN) or a World Wide Identifier (WWID) for unattended installations. WWN is part of the IEEE standard which makes it easier to identify storage devices during installation for users utilizing Storage Area Networks (SAN) and other advanced network topologies. When a storage device is attached to a server using multiple physical paths for redundancy or improved performance, WWN for any of these paths is sufficient to identify the device.
The initial RAM disk file on 64-bit PowerPC and 64-bit IBM POWER Series systems is now named initrd.img
. In previous releases, it was named ramdisk.image.gz
.
In Red Hat Enterprise Linux 6.2, a static IPv6 address can be specified for the ipv6
boot option for network installations. The specified address must be of the following form:
<IPv6 address>[/<prefix length>]
3ffe:ffff:0:1::1/128
. If the prefix is omitted, the value of 64
is assumed. Specifying a static IPv6 address for the ipv6
boot option complements the already existing dhcp
and auto
parameters that can be specified for the ipv6
boot option.
Chapter 3. Kernel
Prior to Red Hat Enterprise Linux 6.2, the qla4xxx
adapter firmware managed discovery and login to iSCSI targets. A new feature in Red Hat Enterprise Linux 6.2 allows you to use open-iscsi to manage the qla4xxx
discovery and login process. This can result in a more uniform management process.
qla4xxx
iSCSI firmware settings are accessible via:
~]# iscsiadm -m fw
ql4xdisablesysfsboot=1
parameter as follows:
- Set the parameter in the
/etc/modprobe.d
file:~]#
echo "options qla4xxx ql4xdisablesysfsboot=1" >> /etc/modprobe.d/qla4xxx.conf
- Reload the
qla4xxx
module either by executing the following set of commands:~]#
rmmod qla4xxx
~]#modprobe qla4xxx
or, if you are booted off theqla4xxx
device, by rebooting your system.
qla4xxx
device, upgrading from Red Hat Enterprise Linux 6.1 to Red Hat Enterprise Linux 6.2 will cause the system to fail to boot up with the new kernel. For more information on this known issue, refer to the Technical Notes.
Kdump (a kexec-based crash dumping mechanism) now supports dumping of the core on the following file systems on Red Hat Enterprise Linux 6:
- Btrfs (Note that this file system is a Technology Preview)
- ext4
- XFS (Note that XFS is a layer product and must be installed to enable this feature)
The pkgtemp
module has been merged with the coretemp
module. The pkgtemp
module is now deprecated. The coretemp
module now supports all the features it previously did plus the features that were supported by the pkgtemp
module.
coretemp
previously only provided per core temperatures, while the pkgtemp
module provided the temperatures of the CPU package. In Red Hat Enterprise Linux 6.2, the coretemp
module allows you to read the temperatures of the cores, the uncore, and the package.
In Red Hat Enterprise Linux 6.2, the SCSI midlayer supports optional lockless dispatching of SCSI driver queuecommand
functions.
scsi_host_template
structure is used by SCSI drivers to indicate to the SCSI midlayer that driver queuecommand
will be dispatched without the SCSI host bus lock held.
Scsi_Host
lock will be held during a driver queuecommand
dispatch. Setting the scsi_host_template
lockless bit prior to scsi_host_alloc
will cause the driver queuecommand
function to be dispatched without the Scsi_Host
lock being held. In such a case, the responsibility for any lock protection required is pushed down into the driver queuecommand
code path.
queuecommand
in Red Hat Enterprise Linux 6.2 are listed below:
- iscsi_iser
- be2iscsi
- bnx2fc
- bnx2i
- cxgb3i
- cxgb4i
- fcoe (software fcoe)
- qla2xxx
- qla4xxx
Red Hat Enterprise Linux 6.2 includes support for Fiber Channel over Ethernet (FCoE) target mode, as a Technology Preview. This kernel feature is configurable via targetadmin, supplied by the fcoe-target-utils package. FCoE is designed to be used on a network supporting Data Center Bridging (DCB). Further details are available in the dcbtool(8)
and targetadmin(8)
man pages.
Important
In Red Hat Enterprise Linux 6.1, with BZ#605786, the crashkernel=auto
boot parameter was deprecated. However, in Red Hat Enterprise Linux 6.2, support for crashkernel=auto
is continued on all Red Hat Enterprise Linux 6 systems.
The mdadm
and mdmon
utilities have been updated to support Array Auto-Rebuild, RAID Level Migrations, RAID 5 support limitation, and SAS-SATA drive roaming.
Red Hat Enterprise Linux 6.2 supports merging of flush requests to assist devices which are slow to perform a flush.
Red Hat Enterprise Linux 6.2 adds UV2 Hub support. UV2 is the UVhub chip that is the successor to the current UV1 hub chip. UV2 uses the HARP hub chip that is currently in development. UV2 provides support for new Intel sockets. It provides new features to improve performance. UV2 is being designed to support 64 TB of memory in a Single System Image (SSI). Additionally, the node controller MMRs have been updated for UV systems.
Red Hat Enterprise Linux 6.2 introduces the acpi_rsdp
boot parameter for kdump to pass an ACPI RSDP address, so that the kdump kernel can boot without Extensible Firmware Interface (EFI).
The following enhancements have been added to the QETH network device driver:
- Support for
af_iucv
HiperSockets transport - Support for forced signal adapter indications
- Support for asynchronous delivery of storage blocks
- New Ethernet Protocol ID added to the
if_ether
module
Support for the new CPACF (CP Assist for Cryptographic Function) algorithms, supported by IBM zEnterprise 196, has been added. The new hardware accelerated algorithms are:
- CTR mode for AES
- CTR mode for DES and 3DES
- XTS mode for AES with key lengths of 128 and 256 bits
- GHASH message digest for GCM mode
Red Hat Enterprise Linux 6.2 supports conditional resource-reallocation through the pci=realloc
kernel parameter. This feature provides an interim solution for adding a dynamically reallocatable PCI resource without causing any regressions. It disables dynamic reallocation by default, but adds the ability to enable it through the pci=realloc
kernel command line parameter.
Dynamic reallocation is disabled by default. It can be enabled with the pci=realloc
kernel command line parameter. In addition, bridge resources have been updated to provide larger ranges in the PCI assign unassigned
call.
Red Hat Enterprise Linux 6.2 enables SMEP (Supervision Mode Execution Protection) in the kernel. SMEP provides an enforcement mechanism, allowing the system to set a requirement that is not intended to be executed from user pages while in the supervisor mode. This requirement is then enforced by the CPU. This feature is able to prevent all attacks, irrespective of the vulnerability in the system code, that are executed from user mode pages while the CPU is in the supervisor mode.
Support for enhanced fast string REP
MOVSB
/STORESB
instructions for the latest Intel platform has been added.
The USB 3.0 xHCI host side driver has been updated to add split-hub support, allowing the xHCI host controller to act as an external USB 3.0 hub by registering a USB 3.0 roothub and a USB 2.0 roothub.
The ACPI, APEI, and EINJ parameter support is now disabled by default.
Red Hat Enterprise Linux 6.2 adds support for pstore—a file system interface for platform dependent persistent storage.
Support for printk based APEI (ACPI Platform Error Interface) hardware error reporting has been added, providing a way to unify errors from various sources and send them to the system console.
The ioatdma
driver (dma
engine driver) has been updated to support Intel processors with a dma
engine.
Support for the Digi/IBM PCIe 2-port Async EIA-232 Adapter has been added to the 8250 PCI serial driver. Additionally, EEH (Enhanced Error Handling) support for the Digi/IBM PCIe 2-port Async EIA-232 Adapter has been added to the 8250 PCI serial driver.
ARI (Alternative Routing- ID Interpretation) support, a PCIe v2 feature, has been to Red Hat Enterprise Linux 6.2.
PCIe OBFF (Optimized Buffer Flush/Fill) enable/disable support has been added for Intel's latest platform. OBFF provides devices with information on interrupts and memory activity and their potentially reduced power impact, ultimately improving energy efficiency.
In Red Hat Enterprise Linux 6.2, the kernel is enabled to capture kernel oops/panic reports from the dmesg
buffer into NVRAM on PowerPC architectures.
The MXM driver, responsible for handling graphics switching on NVIDIA platforms, has been backported to Red Hat Enterprise Linux 6.2.
Red Hat Enterprise Linux 6.2 introduces page coalescing, a feature on IBM Power servers which allows for coalescing identical pages between logical partitions.
Support for L3 Cache Partitioning has been added to the latest AMD family CPUs.
The thinkpad_acpi
module has been updated to add support for new ThinkPad models.
Latest Intel processor C-State support has been added to intel_idle.
Red Hat Enterprise Linux 6.2 now displays warnings for IOMMU (Input/Output Memory Management Unit) on AMD systems.
Logging of board, system, and BIOS information to dmesg
during boot has been added.
cputable
entries have been added to the kernel, providing support for the latest IBM PowerPC processor family.
The VPHN (Virtual Processor Home Node) feature has been disabled on IBM System p.
The following drivers now support the latest Intel chipset:
i2c-i801
SMBus driverahci
AHCI-mode SATAata_piix
IDE-mode SATA driver- TCO Watchdog driver
- LPC Controller driver
On IBM PowerPC systems, the exec-shield
value in sysctl or in the /proc/sys/kernel/exec-shield
parameter is no longer enforced.
Additional checks and fixes have been added to support kdump
on 64-bit PowerPC and 64-bit IBM POWER Series systems.
The UV MMTIMER module (uv_mmtimer
) has been enabled on SGI platforms. The uv_mmtimer
module allows direct userland access to the UV system's real time clock which is synchronized across all hubs.
Support for the IB700
module has been added in Red Hat Enterprise Linux 6.2
The aer_mask_override
module parameter has been added, providing a way to override the corrected or uncorrected masks for a PCI device. The mask will have the bit corresponding to the status passed into the aer_inject()
function.
USB 3.0 host controller support has been added to 64-bit PowerPC and 64-bit IBM POWER Series systems.
An improved upstream Out-of-Memory (OOM) killer implementation has been backported to Red Hat Enterprise Linux 6.2. The improvements include:
- Processes which are about to exit are preferred by the OOM killer.
- The OOM kill process also kills the children of the selected processes.
- A heuristic has been added to kill the
forkbomb
processes.
oom_score_adj
/proc
tunable parameter adds the value stored in each process's oom_score_adj
variable, which can be adjusted via /proc
. This allows for an adjustment of each process's attractiveness to the OOM killer in user space; setting it to -1000
will disable OOM kills entirely, while setting it to +1000
marks this process as OOM's primary kill target.
Red Hat Enterprise Linux 6.2 provides an updated zram
driver (creates generic RAM based compressed block devices).
In Red Hat Enterprise Linux 6.2, the taskstat utility in the kernel, which prints the status of ASET tasks, has been enhanced by providing microsecond CPU time resolution for the top utility to use.
Red Hat Enterprise Linux 6.2 updates the perf utility to upstream version 3.1 along with the kernel upgrade to v 3.1. Refer to BZ#725524 for newly supported kernel features provided by the perf utility. The updated version of the perf utility includes:
- Added cgroup support
- Added handling of
/proc/sys/kernel/kptr_restrict
- Added more cache-miss percentage printouts
- Added the
-d -d
and-d -d -d
options to show more CPU events - Added the
--sync/-S
option - Added support for the
PERF_TYPE_RAW
parameter - Added more documentation about the
-f/--fields
option - The python-perf package has been added for python binding support.
Red Hat Enterprise Linux 6.2 adds OProfile support for the latest Intel processors.
The number of interrupt requests (IRQ) is now counted in a sum of all irq counter, reducing the cost of the look-up in the /proc/stat
file.
Red Hat Enterprise Linux 6.2 introduces a scheduling improvement where a hint is provided to the scheduler on the next buddy hint on sleep and preempt path. This hint enhancement helps the workload of multiple tasks in multiple task groups.
In Red Hat Enterprise Linux 6.2, Transparent Huge Pages are now supported in several places by the kernel:
- The system calls of mremap, mincore, and mprotect
/proc
tunable parameters:/proc/<pid>/smaps
and/proc/vmstat
Red Hat Enterprise Linux 6.2 adds XTS (XEX-based Tweaked CodeBook) AES256 self-tests to meet the FIPS-140 requirements.
Previously, the SELinux netfilter hooks returned NF_DROP
if they dropped a packet. In Red Hat Enterprise Linux 6.2, a drop in the netfilter hooks is signaled as a permanent fatal error and is not transient. By doing this, the error is passed back up the stack, and in some situations applications will get a faster indication that something went wrong.
In Red Hat Enterprise Linux 6.2, the remount mount options (mount -o remount
) are passed to a new LSM hook.
Red Hat Enterprise Linux 6.0 and 6.1 defaulted to running UEFI systems in a physical addressing mode. Red Hat Enterprise Linux 6.2 defaults to running UEFI systems in a virtual addressing mode. The previous behavior may be obtained by passing the physefi
kernel parameter.
In Red Hat Enterprise Linux 6, the default core_collector
method for kdumping the core over SSH has been changed from scp
to makedumpfile
, which helps shrink the size of the core file when copying over the network link, resulting in faster copying.
/etc/kdump.conf
file:
core_collector /usr/bin/scp
Chapter 4. Resource Management
The Completely Fair Scheduler (CFS) in the Linux kernel is a proportional share scheduler which divides the CPU time proportionately between groups of tasks depending on the priority/weight of the task or shares assigned to groups of tasks. In CFS, a task group can get more than its share of CPU if there are enough idle CPU cycles available in the system, due to the work conserving nature of the scheduler.
- Pay-per-use
- In enterprise systems that cater to multiple customers, cloud service providers need to assign a fixed amount of CPU time to the virtual guest based on the service level.
- Service level guarantees
- Customer demands a percentage of CPU resource without service interruptions for each virtual guest.
Red Hat Enterprise Linux 6 enabled cgroups out of the box, and libvirt created a cgroup-per-guest model. On large SMP systems, an increase in the number of cgroups, worsened the performance. However, in Red Hat Enterprise Linux 6.2, the cgroups CPU scalability has been significantly improved, making it possible to create and run several hundreds of cgroups at once with no performance implications.
/proc
tunable parameter, dd sysctl_sched_shares_window
, has been added, with the default set to 10 ms.
The cgroups I/O controller design has been improved to reduce the usage of locks inside the I/O controller, resulting in improved performance. Also, the I/O controller now supports per cgroup statistics.
Red Hat Enterprise Linux 6.2 introduces a memory usage overhead improvement in the memory controller by reducing the allocation overhead for page_cgroup
array by 37%. Additionally, the direct page_cgroup-to-page
pointer has been removed, thereby improving the performance of the memory controller.
The default for CFQ's group_isolation
variable has been changed from 0
to 1
(/sys/block/<device>/queue/iosched/group_isolation
). After various tests and numerous user reports, it was found that having default 1
is more useful. When set to 0
, all random I/O queues become part of the root cgroup and not the actual cgroup which the application is part of. Consequently, this leads to no service differentiation for applications.
Note
Chapter 5. Device Drivers
The default interrupt configuration for the Emulex LPFC FC/FCoE driver has changed from INT-X to MSI-X. This is reflected by the lpfc_use_msi
module parameter (in /sys/class/scsi_host/host#/lpfc_use_msi
) being set to 2
by default, instead of the previous 0
. For more information on this change, refer to Red Hat Enterprise Linux 6.2 Technical Notes.
- The
lpfc
driver for Emulex Fibre Channel Host Bus Adapters has been updated to version 8.3.5.45.2p. - The
mptfusion
driver has been updated to version 3.4.19. - The
bnx2fc
for the Broadcom Netxtreme II 57712 chip has been updated to version of 1.0.4. - The
qla2xxx
driver for QLogic Fibre Channel HBAs has been updated to version 8.03.07.05.06.2-k. - The
megaraid
driver has been updated to version 5.38. - The
arcmsr
driver for Areca RAID controllers has been updated. - The
beiscsi
driver has been updated to version 2.103.298.0. - The
ipr
driver for IBM Power Linux RAID SCSI HBAs has been updated to version 2.5.2. - The
cciss
driver has been updated to provide a fix forcciss
driver kdump failures. - The
hpsa
driver has been updated to provide a fix forhpsa
driver kdump failures. - The
bnx2i
driver for Broadcom NetXtreme II iSCSI has been updated to version 2.7.0.3 to support the 578xx family of Multi-Port Single-Chip 10G Ethernet Converged Controllers. - The
mpt2sas
driver has been updated to version 09.101.00.00. - The Brocade BFA FC SCSI driver (
bfa
driver) has been updated to version 2.3.2.4. - The
be2iscsi
driver for ServerEngines BladeEngine 2 Open iSCSI devices has been updated to version 4.0.160r. - The
ata_generic
driver has been updated to add Intel IDE-R ATA support. - The
isci
driver has been updated to version 2.6.40-rc. - The
libfc
,libfcoe
, andfcoe
drivers have been updated. - The
qib
driver TrueScale HCAs has been updated. - The
libata
module has been updated to include improved error handling. - The
md
driver has been updated to include dm-raid target, which provides improved RAID capabilities through a DM interface. The dm-raid code is currently marked as a Technology Preview. - Device Mapper support has been updated to upstream version 3.1+.
- Application support for the
qla4xxx
using bsg/netlink interfaces has been added. - The DIF/DIX kernel code has been updated to the latest upstream version, affecting
scsi
,block
, anddm
/md
.
- The
netxen
driver for NetXen Multi port (1/10) Gigabit Network has been updated to version 4.0.75. - The
vmxnet3
driver has been updated. - The
bnx2x
driver has been updated to version 1.70. - The
be2net
driver for ServerEngines BladeEngine2 10Gbps network devices has been updated to version 4.0.100u. - The
ixgbevf
driver has been updated to version 2.1.0-k - The
cxgb4
driver for Chelsio Terminator4 10G Unified Wire Network Controllers has been updated. - The
cxgb3
driver for the Chelsio T3 Family of network devices has been updated. - The
ixgbe
driver for Intel 10 Gigabit PCI Express network devices has been updated to version 3.4.8-k. - The
e1000e
driver for Intel PRO/1000 network devices has been updated to version 1.3.16-k. - The
e1000
driver for Intel PRO/1000 network devices has been updated, providing support for Marvell Alaska M88E1118R PHY. - The
e100
driver has been updated. - The
enic
driver for Cisco 10G Ethernet devices has been updated to version 2.1.1.24. - The
igbvf
driver has been updated to version 2.0.0-k. - The
igb
driver for Intel Gigabit Ethernet Adapters has been updated. - The
bnx2
driver for the NetXtreme II 1 Gigabit Ethernet controllers has been updated to version 2.1.6+. - The
tg3
driver for Broadcom Tigon3 Ethernet devices has been updated to version 3.119. - The
qlcnic
driver for the HP NC-Series QLogic 10 Gigabit Server Adapters has been updated to version 5.0.16+. - The
bna
driver has been updated. - The
r8169
driver has been updated to fix two bugs related to Rx checksum offloading. - The
qlge
driver has been updated to version v1.00.00.29. - The
cnic
driver has been updated to add iSCSI and FCoE support for the 578xx family of Multi-Port Single-Chip 10G Ethernet Converged Controllers, VLAN support, and the newbnx2x
firmware interface. - The
iwl6000
andiwlwifi
have been updated to the EEPROM version 0x423.
- The
Radeon
driver has been updated with post-3.0 fixes, including backported DRM and AGP code. - The
Nouveau
andi915
drivers have been updated, including backported DRM and AGP code. - The Ricoh memory stick driver (
R5C592
) has been updated with the new KFIFO application programming interface. - The
Netjet
driver has been updated to blacklist the Digium TDM400P PCI Card. - The
lm78
driver has been updated. - The
Wacom
driver has been updated to add support for the Cintiq 21UX2, Intuos4 WL, and DTU-2231 adapter cards. - The
Synaptics
driver has been updated to add multi-touch support. - The ALSA HDA audio driver has been updated to enable or improve support for new chipsets and HDA audio codecs.
- The
EDAC
driver has been updated to support the new Northbridge chip for AMD platforms.
Chapter 6. Storage
The iprutils package provides utilities to manage and configure SCSI devices that are supported by the ipr
SCSI storage device driver. The iprutils package has been updated to support SAS VRAID functions for new 6 GB SAS adapters on IBM POWER7.
In Red Hat Enterprise Linux 6.2, support for MD's RAID personalities has been added to LVM as a Technology Preview. The following basic features are available: create, display, rename, use, and remove RAID logical volumes. Automated fault tolerance is not yet available.
--type <segtype>
argument. The following are a few examples:
- Create a RAID1 array (this is a different implementation of RAID1 than LVM's
mirror
segment type):~]#
lvcreate --type raid1 -m 1 -L 1G -n my_lv my_vg
- Create a RAID5 array (3 stripes + 1 implicit parity):
~]#
lvcreate --type raid5 -i 3 -L 1G -n my_lv my_vg
- Create a RAID6 array (3 stripes + 2 implicit parity):
~]#
lvcreate --type raid6 -i 3 -L 1G -n my_lv my_vg
iSER initiator and target is now fully supported. Red Hat Enterprise Linux can now function as an iSCSI initiator and storage server in production environments that use InfiniBand and where high throughput and low latency are key requirements.
LVM devices can now be activated or deactivated quicker than before. This is relevant to high-density environments that involve a large number of LVM configurations. An example of this is a host that supports hundreds of virtual guests each using one or more logical volumes.
Normal I/O operations through the DASD device driver give access only to the data fields of an ECKD device even for track based I/O. In Red Hat Enterprise Linux 6.2, the DASD device driver is extended to give access to whole ECKD tracks including count, key, and data fields.
Chapter 7. File System
The XFS file system is currently supported in Red Hat Enterprise Linux 6 and is well suited for very large files and file systems on a single host. Integrated backup and restore, direct I/O and online resizing of the file system are some of the benefits that this file system provides.
Parallel NFS (pNFS) is a part of the NFS v4.1 standard that allows clients to access storage devices directly and in parallel. The pNFS architecture eliminates the scalability and performance issues associated with NFS servers in deployment today.
/etc/modprobe.d/dist-nfsv41.conf
file with the following line and reboot the system:
alias nfs-layouttype4-1 nfs_layout_nfsv41_files
-o minorversion=1
mount option is specified, and the server is pNFS-enabled, the pNFS client code is automatically enabled.
The CIFS (Common Internet File System) protocol allows for a unified way to access remote files on disparate operating systems. The CIFS client has traditionally only allowed for synchronous writes. This meant that the client process would not yield back control until the writes were successfully completed. This can lead to degraded performance for large transactions that take long to complete. The CIFS client has been updated to write data in parallel without the need to wait for the sequential writes. This change can now result in performance improvements up to 200%.
Support for NTLMSSP authentication has been added to CIFS. In addition, CIFS now uses the kernel's crypto API.
The autofs4
module has been updated to kernel version 2.6.38.
Fixed tracepoints have been added to ext3
and jbd
.
Support for the -o nobarrier
mount option in ext4
, and its utilities: tune2fs, debugfs, libext2fs, has been added.
Chapter 8. Networking
Red Hat Enterprise Linux 6.2 introduces the multi-message send
system call which is the send
version of the existing recvmmsg
system call in Red Hat Enterprise Linux 6.
sendmmsg
socket API looks like this:
struct mmsghdr { struct msghdr msg_hdr; unsigned msg_len; }; ssize_t sendmmsg(int socket, struct mmsghdr *datagrams, int vlen, int flags);
Red Hat Enterprise Linux 6.2 includes Transmit Packet Steering (XPS) for multiqueue devices. XPS introduces more efficient transmission of network packets for multiqueue devices by specifically targeting the processor involved in sending the packet. XPS enables the selection of the transmit queue for packet transmission based on configuration. This is analogous to the receive-side functionality implemented in Red Hat Enterprise Linux 6.1 which allowed for processor selection based on the receive queue (RPS). XPS has shown to improve throughput by 20% to 30%.
Previously, the bridge flooded packets to unregistered groups via all ports. However, this behavior is not desirable in environments where traffic to unregistered groups is always present. In Red Hat Enterprise Linux 6.2, traffic is only sent to unregistered groups via ports marked as router ports. To force flooding to any given port, mark that port as a router port.
Red Hat Enterprise Linux 6.2 adds support for SCTP multihoming—the ability of nodes (that is, multi-home nodes) to be reached at several IP addresses.
In Red Hat Enterprise Linux 6.2, more tracepoints have been added for UDP packet drop events. These tracepoints provide a way to analyze the reasons why UDP packets are dropped.
The IPSet feature in the kernel has been added to store multiple IP addresses or port numbers, and match them against a collection via iptables.
The TCP initial receive window default has been increased from 4 kB to 15 kB. The benefit of this increase is that more data (15 kB > payload > 4 kB) can now fit in the initial window. With a 4 kB setting (IW3), any payload larger than 4 kB would have to be broken into multiple transfers.
In Red Hat Enterprise Linux 6.2, the TCP initial congestion window default is now set to 10
, according to RFC 5681. Additionally, the initial-window code common to TCP and CCID-2 has been consolidated.
GSO (Generic Segmentation Offload) support for the IPv6 forward path has been added, improving the performance of host to guest communication if GSO is enabled.
vios-proxy is a stream-socket proxy for providing connectivity between a client on a virtual guest and a server on a Hypervisor host. Communication occurs over virtio-serial links. This feature is introduced as a Technology Preview in Red Hat Enterprise Linux 6.2.
Chapter 9. Authentication and Interoperability
Red Hat Enterprise Linux 6.2 includes identity management capabilities that allow for central management of user identities, policy-based access control and authentication services. This identity management service, previously referred to as IPA, is based on the open source FreeIPA project. These services have been present as a Technology Preview in previous Red Hat Enterprise Linux 6 releases. With this release, identity management has been promoted to fully supported.
Note
Support for smart cards with a PIV (Personal Identity Verification) interface has been added in Red Hat Enterprise Linux 6.2. It is now possible to use FIPS 201 compliant PIV cards that allow for secure use of data. PIV cards enable confidentiality of data by restricting access to the card holder. They also ensure data integrity by allowing only the card holder to make modifications. They guarantee the authenticity of the information and prevent non-repudiation of data. The use of PIV cards is mandated by the U.S. Homeland Security Presidential Directive 12 (HSPC-12) which requires the use of this type of technology to gain access to all government IT systems.
Chapter 10. Entitlement
The new subscription management platform delivers Red Hat subscriptions and software services in a flexible, scalable and secure way. When installing a new Red Hat Enterprise Linux 6 system, a user receives X.509 certificates which contain information about which Red Hat products are installed and what subscriptions the machine is consuming. The subscription information includes support levels, expiration dates, Red Hat account numbers, and Red Hat contract numbers. In addition, an X.509 certificate allows a machine to authenticate to the Red Hat Content Delivery Network (CDN). The globally distributed Red Hat Content Delivery Network (CDN) is designed to work even with an outage of the Red Hat systems. Users outside of North America should see improved update speeds and availability with the new system. RHN Classic continues to be the default option for computer registration and for receiving updates.
Red Hat customer portal, in conjunction with new functionality available in Red Hat Enterprise Linux 6.2, allows customers to register and subscribe up to 25 machines that are completely disconnected from the Internet. Prior to this enhancement, customers with disconnected systems were not able to receive the benefits of subscription information and tracking from the RHN website. For customers with more than 25 disconnected machines, RHN Satellite continues to be the recommended option at additional cost.
It is now possible to automatically regenerate new entitlement certificates after the renewal of a subscription. Prior to this enhancement, customers were required to manually regenerate the certificate in order to continue receiving software updates and other subscription services. Automatically regenerating a certificate minimizes service interruptions. Users are also notified of cases where auto regeneration of certificates was not successful. For more information, refer to https://www.redhat.com/rhel/renew/faqs/.
In Red Hat Enterprise Linux 6.2, during system registration, the Red Hat Subscription Manager is now used by default.
Note
Chapter 11. Security, Standards and Certification
As of Red Hat Enterprise Linux 6.2 Beta, Red Hat Enterprise Linux 6 is under evaluation for Common Criteria certification at Evaluation Assurance Level (EAL) 4+. Common Criteria provides a standardized way of expressing security requirements and defines a set of rigorous criteria by which products are evaluated.
As of Red Hat Enterprise Linux 6.2 Beta, Red Hat Enterprise Linux 6 cryptographic modules are under evaluation for FIPS-140 certification. FIPS-140 is a U.S. government security standard used for accrediting cryptographic modules. Red Hat Enterprise Linux now satisfies the regulatory requirement mandated by the U.S. federal government for acceptable use of cryptographic modules by all the governmental agencies.
Red Hat Enterprise Linux 6.2 includes Intel Trusted Boot, a trusted boot mechanism (provided by the tboot package). Trusted boot is an install-time optional component that allows for Intel's Trusted Execution Technology (TXT) to perform a measured and verified launch of the operating system kernel. Trusted boot is supported on both Intel x86 and Intel 64 architectures.
Chapter 12. Compiler and Tools
SystemTap is a tracing and probing tool that allows users to study and monitor the activities of the operating system (particularly, the kernel) in fine detail. It provides information similar to the output of tools like netstat, ps, top, and iostat; however, SystemTap is designed to provide more filtering and analysis options for collected information.
- Kernel modules with a hyphen ("
-
") in their name, such asi2c-core
are now handled properly. process.mark
now supports$$parms
for reading probe parameters.- Improved and simplified operation of the SystemTap compile-server and client:
- compile-server may cache script build results for improved performance.
- compile-server and client now communicate exchange version information to adjust the communication protocol accordingly and use the newest version of the server possible.
- Removal of deprecated tools: stap-client, stap-authorize-server-cert, stap-authorize-signing-cert, stap-find-or-start-server, and stap-find-servers.
- For remote execution, the
--remote USER@HOST
functionality can now be specified multiple times and will automatically build the script for distinct kernel and architecture configurations, and run it on all named machines at once. - The staprun utility now allows multiple instances of the same script to be run at the same time.
Chapter 13. Clustering
The introduction of dynamic schema generation provides a lot of flexibility for end users to plug into Red Hat Enterprise Linux High Availability Add-on custom resource and fence agents, and still retain the possibility to validate their /etc/cluster.conf
configuration file against those agents. It is a strict requirement that custom agents provide correct metadata output and that the agents must be installed on all cluster nodes.
Support for Samba in a clustered environment is now fully supported in Red Hat Enterprise Linux 6.2. Samba clustering relies on a clustered file system being available and shared on all nodes. In the Red Hat Enterprise Linux context, Samba clustering has been configured to work with GFS2, the native shared storage file system.
Red Hat Enterprise Linux 6.2 introduces support for redundant ring with autorecovery feature as a Technology Preview. Refer to the Technical Notes for a list of known issues associated with this Technology Preview.
The corosync-cpgtool now specifies both interfaces in a dual ring configuration. This feature is a Technology Preview.
As a consequence of converting the /etc/cluster.conf
configuration file to be used by pacemaker, rgmanager must be disabled. The risk of not doing this is high; after a successful conversion, it would be possible to start rgmanager and pacemaker on the same host, managing the same resources.
- rgmanager must refuse to start if it sees the
<rm disabled="1">
flag in/etc/cluster.conf
. - rgmanager must stop any resources and exit if the
<rm disabled="1">
flag appears in/etc/cluster.conf
during a reconfiguration.
Chapter 14. High Availability
Usage of XFS in conjunction with Red Hat Enterprise Linux 6.2 High Availability Add On as a file system resource is now fully supported.
Applications running inside VMWare based guests can now be configured for high availability. This also includes full support for the use of GFS2 shared storage file system in the environment. A new SOAP-based fence agent has been added that has the ability to fence guests when necessary.
Luci, the web-based administrative UI for configuring clusters has been updated to include the following:
- Role-based access control (RBAC): enables fine-grained access levels by defining user classes to access specific cluster operations.
- Improved response times for destructive operations in a cluster.
IP multicasting has been the only supported option for a cluster transport. IP multicasting is inherently complex to configure and often requires re-configuration of network switches. UDP-unicast in contrast offers a simpler approach to cluster configuration and is an established protocol for cluster communication. UDP-unicast, initially introduced as a Technology Preview, is now fully supported.
Watchdog is a general timer service available in Linux that can be used to periodically monitor system resources. Fence agents have now been integrated with watchdog such that the watchdog service can reboot a node after it has been fenced using fence_scsi
. This eliminates the need for manual intervention to reboot the node after it has been fenced using fence_scsi
.
Chapter 15. Virtualization
- Virtual CPU timeslice sharing
- Virtual CPU timeslice sharing is a performance enhancing feature at the Linux scheduler level, where an idle virtual CPU can hand the remainder of its timeslice to another virtual CPU before yielding the CPU. This feature addresses an inherent lock holder preemption issue that exists in SMP systems, that can affect performance in virtual CPUs. This feature provides stable performance in multi-processor guests. This feature is supported on both Intel and AMD processors, and is called Pause Loop Exiting (PLE) on Intel processors, and Pause Filter on AMD processors.
KVM network performance is a critical requirement for Virtualization and cloud based products and solutions. Red Hat Enterprise Linux 6.2 provides a number of network performance optimizations to improve the KVM network para-virtualized driver performance in various setups.
- Improved small message KVM performance
- Red Hat Enterprise Linux 6.2 improves the KVM small message performance to satisfy a variety of networking workloads that generate small messages (< 4K).
- Wire speed requirement in KVM network drivers
- Virtualization and cloud products that run networking work loads need to run wire speeds. Up until Red Hat Enterprise Linux 6.1, the only way to reach wire speed on a 10 GB Ethernet NIC with a lower CPU utilization was to use PCI device assignment (passthrough), which limits other features like memory overcommit and guest migrationThe macvtap/vhost zero-copy capabilities allows the user to use those features when high performance is required. This feature improves performance for any Red Hat Enterprise Linux 6.x guest in the VEPA use case. This feature is introduced as a Technology Preview.
- UDP checksum optimization for KVM network drivers
- UDP checksum optimization eliminates the need for the guest to validate the checksum if it has been validated by host NICs. This feature speeds up UDP external-to-guest traffic on 10 GB Ethernet cards with Red Hat Enterprise Linux 6.2 guests and hosts. The UDP checksum optimization is implemented in the
virtio-net
driver. - Improved I/O path performance when host slower than guest
- The Red Hat Enterprise Linux 6.2 KVM network driver has improved I/O path performance, with reduced virtual machine exits and interrupts, that results in faster data delivery. This improvement enables you to run a faster guest on a slower host, without incurring any performance penalties. This enhancement is achieved by an enhanced
virtio
ring structure, and event index support invirtio
andvhost-net
.
- System monitoring via SNMP
- This feature provides KVM support for a stable technology that is already used in data center with bare metal systems. SNMP is the standard for monitoring and is extremely well understood as well as computationally efficient. System monitoring via SNMP in Red Hat Enterprise Linux 6.2 allows the KVM hosts to send SNMP traps on events so that hypervisor events can be communicated to the user via standard SNMP protocol. This feature is provided through the addition of a new package: libvirt-snmp. This feature is introduced as a Technology Preview.
- Improved guest debugging capabilities
- Users who virtualize their data centers need a way of debugging when a guest OS becomes unresponsive and a crash dump has to be initiated. There are two methods heavily used with physical systems:
- Triggering a non-maskable interrupt (NMI) in the guest
- Sending SysRq sequences to the guest
While these capabilities are provided directly with the KVM console, a number of users use KVM through the libvirt API and virsh, where these two features were missing. Red Hat Enterprise Linux 6.2 improves guest debugging capabilities across the KVM stack, thus allowing a user to trigger NMIs in guests and send SysRq key sequences to guests. - Improve virtual machine boot up access
- Users who virtualize their data centers need to track the guest boot up process and display the entire BIOS and kernel boot up message from the start. The absence of this feature prevents users from an interactive use of the virsh console, prior to boot up. A new package, sgabios, has been be added to Red Hat Enterprise Linux 6.2, to provide this capability, along with some additions to qemu-kvm.
- Multi-processor (NUMA) Tuning Improvements
- Red Hat Enterprise Linux 6.2 adds tuning improvements to the libvirt API stack, resulting in improved out-of-the-box performance when performing SPECvirt measurements. Red Hat Enterprise Linux 6.2 is now able to pin the memory associated with a NUMA node when a virtual machine is created.
- USB enhancements
- The USB 2.0 emulation has been implemented for qemu-kvm. This is available for QEMU directly only. Libvirt support is planned for the next release.Remote Wakeup support has been added for the USB host controller. Together with the cooperation of the guest OS it allows the stopping of the frequent 1000hz polling mode and putting the device to sleep. It dramatically improves the power utilization and the CPU consumption of virtual machines with a USB mouse emulation (or a tablet) — one of the common devices that every virtual machine has.
- Memory ballooning
- Memory ballooning is now supported by Red Hat Enterprise Linux 6 paravirtualized Xen guests.
- Domain memory limit
- Memory limit for x86_64 domU PV guests has been increased to 128 GB:
CONFIG_XEN_MAX_DOMAIN_MEMORY=128
. - Time accounting
- The
xen_sched_clock
implementation (which returns the number of unstolen nanoseconds) has been replaced by thexen_clocksource_read
implementation.
The Red Hat Enterprise Linux Virtualization Guide has been divided into several specific guides:
The package spice-protocol has been upgraded to version 0.8.1, providing the following new features:
- Support for volume change
- Support for async guest I/O writes and interrupts
- Support for suspend (S3) related guest I/O writes
- Support for an interrupt indicating a guest bug
Linux containers provide a flexible approach to application runtime containment on bare-metal systems without the need to fully virtualize the workload. Red Hat Enterprise Linux 6.2 provides application level containers to separate and control the application resource usage policies via cgroup and namespaces. This release introduces basic management of container life-cycle by allowing creation, editing and deletion of containers via the libvirt API and the virt-manager GUI. Linux Containers are a Technology Preview.
In order to allow side-by-side installs of the rhev-hypervisor package, configure Yum to make rhev-hypervisor an install-only package by editing the /etc/yum.conf
file and adding the installonlypkgs
option:
[main] ... installonlypkgs=rhev-hypervisor
yum.conf
man page (man yum.conf 5
) in the installonlypkgs option section.
Chapter 16. Graphics
Improved support for ATI/AMD GPU series HD2xxx, HD4xxx, HD5xxx, FirePro. Support added for new HD6xxx series, new model in the FirePro series and new mobile GPU HD6xxxM series.
Support has been added for Intel's next generation class of chipsets.
2D/Xv acceleration is now supported on GeForce GT2xx (and Quadro equivalents). Suspend/resume support has been improved.
RandR-enabled drivers (Intel, Nouveau, Radeon) now confine the cursor to the visible area of the screen in asymmetric multihead configurations.
/etc/X11/xorg.conf.d/
in addition to /etc/X11/xorg.conf
itself. X.org input device configuration in these snippets applies when the device becomes available to the X server at runtime.
See the Mesa 7.11 upstream announcement for release notes: http://www.mesa3d.org/relnotes/7.11.html.
Chapter 17. General Updates
Matahari in Red Hat Enterprise Linux 6.2 is fully supported only for x86 and AMD64 architectures. Builds for other architectures are considered a Technology Preview.
Red Hat Enterprise Linux 6.2 introduces ABRT 2.0. ABRT logs details of software crashes on a local system, and provides interfaces (both graphical and command line based) to report issues to various issue trackers, including Red Hat support. This update provides the following notable enhancements:
- More flexible configuration with a new syntax.
- Out-ouf-process plugins (plugins run in separate processes and communicate via inter-process communication with other processes). Advantages of such a design are:
- bugs in plugins do not break the main daemon,
- more secure as most of the processing is now done under the normal (non-root) user,
- plugins can be written in any programming language.
- Reporting backend is shared across all of Red Hat's issue reporting tools:
- ABRT, sealert, all users of python-meh (Anaconda, firstboot)
- Because all of the tools above share the same configuration, it only has to be written once.
Note
Red Hat Enterprise Linux 6.2 provides an optimized linear algebra math library for Linux on System z which enables the compiler to generate code for high profile functions, taking advantage of the latest hardware functions.
Red Hat Enterprise Linux 6.2 improves support for Wacom devices. It is no longer necessary to reconfigure device settings after a device has been unplugged and plugged back in.
NetworkManager can now scan wireless networks in the background, providing a better user experience.
The gnome-system-monitor utility can now monitor systems that have more than 64 CPUs.
Appendix A. Component Versions
Component
|
Version
|
---|---|
Kernel
|
2.6.32-202
|
QLogic qla2xxx driver
|
8.03.07.05.06.2-k
|
QLogic qla2xxx firmware
|
ql23xx-firmware-3.03.27-3.1
ql2100-firmware-1.19.38-3.1
ql2200-firmware-2.02.08-3.1
ql2400-firmware-5.06.01-1
ql2500-firmware-5.06.01-1
|
Emulex lpfc driver
|
8.3.5.45.2p
|
iSCSI initiator utils
|
6.2.0.872-27
|
DM-Multipath
|
0.4.9-43
|
LVM
|
2.02.87-3
|
X Server
|
1.10.4-3
|
Appendix B. Revision History
Revision History | |||
---|---|---|---|
Revision 1-0.2 | 2015-02-25 | ||
| |||
Revision 1-0.1.400 | 2013-10-31 | ||
| |||
Revision 1-0.1 | Tue Dec 6 2011 | ||
|