UNIX
64-Bit Computing
Networking
Open Directory
File System
Security Controls
High Availability
Xgrid
Mac OS X Server is built on open, industry-standard protocols and the latest in network security standards. The result? Increased performance and security of server deployments. Using the time-tested BSD sockets and TCP/IP stack, this advanced networking architecture ensures compatibility and integration with IP-based networks.
Multithreaded TCP stack.
Mac OS X Server uses a fully multithreaded TCP stack with dedicated write and read threads for each network interface. To improve performance and to avoid lock contention with multicore, multi-NIC, and 10Gb Ethernet networks, the TCP stack maintains a dedicated pool of memory buffers for each CPU.
Multilink multihoming.
Multilink multihoming enables Mac OS X Server to host multiple IP addresses on the same or multiple network interfaces. This is ideal for connecting your server simultaneously to multiple networks, such as a public and a private network, or hosting multiple websites, each with its own IP address.
IPv6.
Most services in Mac OS X Server have been updated to support Internet Protocol version 6, or IPv6. The Internet Engineering Task Force (IETF) designed this next-generation protocol to replace the 20-year-old Internet Protocol version 4, or IPv4 — still used in most of today’s Internet sites. IPv6 fixes a number of problems in IPv4, such as the limited number of available addresses, and adds functionality in areas such as routing and network autoconfiguration. To support the industrywide IP transition, Mac OS X Server includes an IPv4-to-IPv6 gateway that enables the deployment of IPv4-based server services in IPv6 networks.
IPSec.
IPSec is a set of general-purpose protocols for protecting TCP/IP communications. Its network-layer cryptography mechanism provides privacy using data and packet-header encryption, integrity and packet-origin authentication, and key management. Although part of the IPv6 standard, IPSec can also be used with IPv4.
IP over FireWire.
Ideal for ad hoc network deployments and system administration, IP over FireWire allows you to create an inexpensive point-to-point IP network between two devices. IP over FireWire is also useful as a low-latency, high-bandwidth network in high-performance computing, application clustering, and IP failover scenarios.
Ethernet link aggregation with network interface failover.
Also known as IEEE 802.3ad, link aggregation allows you to configure multiple network interfaces to appear as a single interface — with the same MAC address, the same IP address, and the same server host name. This provides two significant benefits. It multiplies the potential I/O performance by the number of interfaces; for example, two 1-gigabit interfaces bonded together can provide up to 2 gigabits of aggregate network bandwidth, and four 1-gigabit interfaces can provide up to 4 gigabits. Link aggregation also eliminates a potential single point of failure: If one interface fails, the remaining interface maintains the network connection. Ethernet link aggregation is supported by Xserve and Mac Pro systems and by systems with third-party Ethernet cards that conform to the IEEE 802.3ad standard.
VLAN.
Mac OS X Server on Xserve and Mac Pro systems supports virtual local area networks (VLANs). This feature allows you to configure computers on different network sections to behave as though they were on the same section. For example, with a VLAN, people in a workgroup who are located on different floors or in different buildings can appear as though they are on the same local network.
Jumbo frames.
Mac OS X Server supports jumbo frames, or packets larger than 1518 bytes. By packing more data in fewer packets, jumbo frames can increase network efficiency and throughput, while reducing demands on the processor. Jumbo frames require compatible hardware and clients that can accept jumbo frames.
802.1X network authentication.
802.1X authentication minimizes security risks on wired Ethernet networks by providing computer identification, centralized authentication, and encryption. 802.1X supports the Extensible Authentication Protocol (EAP), which enables you to use different authentication methods such as tokens, smart cards, and SSL certificates.
