HP-UX Security Containment B.11.23.01 Release Notes
HP-UX Security Containment B.11.23.01 Release Notes
Known Problems and Workarounds
Chapter 18
Issue
If you unplumb a standby interface configured in a running Serviceguard cluster
(ifconfig <interface> unplumb) and then Serviceguard tries to fail over from the
primary interface to the standby interface, the interface failover will fail as expected. If
the standby interface is replumbed after the failover fails, further attempts by the
primary interface to fail over to the standby interface can fail. This behavior is seen only
on systems with the compartments feature enabled.
Workaround
TIP HP recommends that you not unplumb standby interfaces, whether or not
compartments are enabled.
To recover from this problem once the standby interface has been unplumbed and
replumbed:
1. Edit the compartment configuration for the network interfaces so that the standby
interface is in the same compartment as the primary interface being failed over.
2. Run the setrules command to load the compartment configuration change.
3. Edit the compartment configuration for the network interfaces again to remove the
standby interface from the compartment configuration list. The next system reboot
restores your previous configuration and remains consistent with recommended
Serviceguard and Security Containment guidelines.
Subsequent invocations of the setrules command do not invalidate this workaround.
• Point-to-point protocol does not work with compartments
Issue
You cannot bring point-to-point protocol (PPP) interfaces online when compartments are
enabled.
Workaround
HP recommends that you not enable the compartments feature on a system where PPP
functionality is required.
• Early versions of IGELAN-DRV do not work with HP-UX 11i Security Containment
Issue
IGELAN-DRV Version B.11.23.04 or earlier does not support HP-UX 11i Security
Containment features.
Workaround