Manualshelf

HP-UX 11i v3 Installation and Update Guide, March 2012

ManualsBrandsHP ManualsSoftwareHP-UX 11i v3 Foundation OE
21222324252627282930
Sec10Host Installs a host-based lock-down system. Most network services are disabled, but
they can be reinstated by running the bastille(1M) command. Optional
(customer-selectable).
Sec20MngDMZ Installs a managed lock-down system that blocks most incoming traffic with an
HP-UX IPFilter firewall. Optional.
Sec30DMZ Installs a DMZ full host-based and IPFilter network lock down. HP-UX IPFilter
blocks most incoming connections, except HP-UX Secure Shell. Optional.
You can change these security settings after installing or updating your system. For more information
about HP-UX Bastille, including security levels, see the HP-UX Bastille User Guide (http://
www.hp.com/go/hpux-security-docs).
IMPORTANT:
Due to increased system hardening requirements, some locked-down services and protocols might
be used by other applications and have adverse effects on the behavior or functionality of these
applications. For more information about configuring HP Serviceguard with HP-UX Bastille and
IPFilter, see the HP-UX Bastille User Guide.
Installing VxFS and VxVM
Starting with the HP-UX 11i v3 March 2012 OEUR, VxFS 5.0.1 is a required (always-installed)
product, and the default selection for all systems is VxFS 5.0.1 plus LVM. (In the September 2011
OEUR, VxFS 5.0.1 replaced VxFS 5.0 as the recommended [default-installed] selection, and VxVM
5.0.1 replaced VxVM 5.0.) This has important implications for several install scenarios. For
information about how this might impact you, consult Appendix B: “Installing the Symantec products
VxFS, OnlineJFS, LVM, and VxVM” (page 81).
System tuning for VxFS
If your system has the minimum amount of memory, you might need to manually set VxFS tunables
for optimal performance after cold-installing or updating to HP-UX 11i v3. Two VxFS tunables,
vx_ninode and vxfs_bc_bufhwm, have an effect on system memory consumption. For guidelines
on setting the tunables for machines with relatively low RAM, see the Veritas File System 5.0.1
Administrator's Guide at http://hp.com/go/hpux-core-docs.
Next generation mass storage stack
Mass storage stack for HP-UX 11i v3
HP-UX 11i v3 introduces a new representation of mass storage devices, known as the agile view.
In the agile view, disk devices and tape drives are identified by the actual object, not by a hardware
path to the object. In addition, paths to the device can change dynamically and multiple paths to
a single device can be transparently treated as a single virtualized path, with I/O being distributed
across those multiple paths.
In HP-UX 11i v3, there are three different types of paths to a device: legacy hardware path, lunpath
hardware path, and LUN hardware path. All three are numeric strings of hardware components,
with each number typically representing the location of a hardware component on the path to the
device.
The new agile view increases the reliability, adaptability, performance, and scalability of the mass
storage stack, all without the need for operator intervention. For more information, see the white
papers “The Next Generation Mass Storage Stack: HP-UX 11i v3” and “HP-UX 11i v3 Persistent
DSF Migration Guide” (http://hp.com/go/hpux-core-docs ).
30 Before you begin