1dcs(1M) System Administration Commands dcs(1M)
2
6 dcs - domain configuration server
7
9 /usr/lib/dcs [-s sessions]
10 [ [-a auth] [-e encr] [-u esp_auth] ] [-l]
11
14 The Domain Configuration Server (DCS) is a daemon process that runs on
15 Sun servers that support remote Dynamic Reconfiguration (DR) clients.
16 It is started by the Service Management Facility (see smf(5)) when the
17 first DR request is received from a client connecting to the network
18 service sun-dr. After the DCS accepts a DR request, it uses the libcf‐
19 gadm(3LIB) interface to execute the DR operation. After the operation
20 is performed, the results are returned to the client.
21 The DCS listens on the network service labeled sun-dr. Its underlying
24 protocol is TCP. It is invoked as a server program by the SMF using the
25 TCP transport. The fault management resource identifier (FMRI) for DCS
26 is:
27 svc:/platform/sun4u/dcs:default
29 If you disable this service, DR operations initiated from a remote host
34 fail. There is no negative impact on the server.
35 Security for the DCS connection is provided differently based upon the
38 architecture of the system. The SMF specifies the correct options when
39 invoking the DCS daemon, based upon the current architecture. For all
40 architectures, security is provided on a per-connection basis.
41 The DCS daemon has no security options that are applicable when used on
44 a Sun Enterprise 10000 system. So there are no options applicable to
45 that architecture.
46 The security options for Sun Fire high-end systems are based on IPsec
49 options defined as SMF properties. These options include the -a auth,
50 -e encr, and -u esp_auth options, and can be set using the svccfg(1M)
51 command. These options must match the IPsec policies defined for DCS on
52 the system controller. Refer to the kmd(1M) man page in the System Man‐
53 agement Services (SMS) Reference Manual. The kmd(1M) man page is not
54 part of the SunOS man page collection.
55 Security on SPARC Enterprise Servers is not configurable. The DCS dae‐
58 mon uses a platform-specific library to configure its security options
59 when running on such systems. The -l option is provided by the SMF when
60 invoking the DCS daemon on SPARC Enterprise Servers. No other security
61 options to the DCS daemon should be used on SPARC Enterprise Servers.
62
64 The following options are supported:
65 -a auth Controls the IPsec Authentication Header (AH) algorithm.
67 auth can be one of none, md5, or sha1.
68 -e encr Controls the IPsec Encapsulating Security Payload (ESP)
71 encryption algorithm. encr can be one of none, des, or
72 3des.
73 -l Enables the use of platform-specific security options on
76 SPARC Enterprise Servers.
77 -s sessions Sets the number of active sessions that the DCS allows
80 at any one time. When the limit is reached, the DCS
81 stops accepting connections until active sessions com‐
82 plete the execution of their DR operation. If this
83 option is not specified, a default value of 128 is used.
84 -u esp_auth Controls the IPsec Encapsulating Security Payload (ESP)
87 authentication algorithm. esp_auth can be one of none,
88 md5, or sha1.
89
92 Example 1 Setting an IPSec Option
93 The following command sets the Authentication Header algorithm for the
96 DCS daemon to use the HMAC-MD5 authentication algorithm. These settings
97 are only applicable for using the DCS daemon on a Sun Fire high-end
98 system.
99 # svccfg -s svc:/platform/sun4u/dcs setprop dcs/ah_auth = "md5"
102 # svccfg -s svc:/platform/sun4u/dcs setprop dcs/esp_encr = "none"
103 # svccfg -s svc:/platform/sun4u/dcs setprop dcs/esp_auth = "none"
104 # svcadm refresh svc:/platform/sun4u/dcs
105
109 The DCS uses syslog(3C) to report status and error messages. All of the
110 messages are logged with the LOG_DAEMON facility. Error messages are
111 logged with the LOG_ERR and LOG_NOTICE priorities, and informational
112 messages are logged with the LOG_INFO priority. The default entries in
113 the /etc/syslog.conf file log all of the DCS error messages to the
114 /var/adm/messages log.
115
117 See attributes(5) for descriptions of the following attributes:
118 ┌─────────────────────────────┬─────────────────────────────┐
123 │ ATTRIBUTE TYPE │ ATTRIBUTE VALUE │
124 ├─────────────────────────────┼─────────────────────────────┤
125 │Availability │SUNWdcsu, SUNWdcsr │
126 ├─────────────────────────────┼─────────────────────────────┤
127 │Interface Stability │Evolving │
128 └─────────────────────────────┴─────────────────────────────┘
129
131 svcs(1), cfgadm_sbd(1M), svcadm(1M), svccfg(1M), syslog(3C), con‐
132 fig_admin(3CFGADM), libcfgadm(3LIB), syslog.conf(4), attributes(5),
133 smf(5), dr(7D)
134
136 The dcs service is managed by the service management facility, smf(5),
137 under the fault management resource identifier (FMRI):
138 svc:/platform/sun4u/dcs:default
140 Administrative actions on this service, such as enabling, disabling, or
145 requesting restart, can be performed using svcadm(1M). The service's
146 status can be queried using the svcs(1) command.
147SunOS 5.11 25 Apr 2006 dcs(1M)