The socket API for TuneD maps one-to-one with the D-Bus API and provides an alternative communication method for cases where D-Bus isn't available. With the socket API, you can control the TuneD daemon to optimize the performance, and change the values of various tuning parameters. The socket API is disabled by default. You can enable it in the tuned-main.conf file.

Multi-protocol Label Switching (MPLS) is an in-kernel data-forwarding mechanism that routes the traffic flow across enterprise networks. In an MPLS network, the router that receives packets decides the further route of the packets, based on the labels that are attached to the packet. With the usage of labels, the MPLS network can handle packets with particular characteristics.

XDP programs can be loaded on architectures other than AMD and Intel® 64-bit. Note, however, that the libxdp library is available only for AMD and Intel® 64-bit platforms. Likewise, in this technology preview feature, you can offload XDP hardware.

Also, XDP includes the Address Family eXpress Data Path (AF_XDP) socket for high-performance packet processing. It grants efficient redirection of programmatically selected packets to user space applications for further processing.

The act_mpls module in the kernel-modules-extra rpm applies Multi-Protocol Label Switching (MPLS) actions with Traffic Control (TC) filters, for example, push and pop MPLS label stack entries with TC filters. The module also accepts the Label, Traffic Class, Bottom of Stack, and Time to Live fields to be set independently.

The systemd-resolved service provides name resolution to local applications. Its components include a caching and validating DNS stub resolver, a Link-Local Multicast Name Resolution (LLMNR), and Multicast DNS resolver and responder.

The nispor package is a unified interface for Linux network state querying all running network status. Version 1.2.10 includes the following features and changes:

• NetstateFilter can use the kernel filter on network routes and interfaces.

• SR-IOV interfaces can query SR-IOV Virtual Function (SR-IOV VF) for every (VF).

• The lacp_active, missed_max, and ns_ip6_target bonding options are available.

You can install nispor in one of two ways:

• As an individual package:

  sudo dnf install nispor

• As a dependency of nmstate:

  sudo dnf install nmstate

  nispor is listed as the dependency.

For more information on using nispor, see the /usr/share/doc/nispor/README.md file.

The kexec fast reboot feature is available as a technology preview feature in Oracle Linux 8. This feature significantly speeds up the boot process by enabling the kernel to boot directly into the second kernel without first passing through the Basic Input/Output System (BIOS). To use this feature, load the kexec module first, then reboot the system.

Software Guard Extensions (SGX) from Intel® protects software code and data from disclosure and modification. The Linux kernel partially supports SGX v1 and SGX v1.5. Version 1 enables platofmrs by using the Flexible Launch Control mechanism to use the SGX technology.

The Soft-RoCE rdma_rxe is the software implementation of the Remote Direct Memory Access (RDMA) over Converged Ethernet (RoCE) network protocol for processing RDMA over Ethernet. Soft-RoCE maintains two protocol versions, RoCE v1 and RoCE v2.

eBPF is an in-kernel virtual machine code is processed in the kernel space, in the restricted sandbox environment with access to a limited set of functions.

eBPF has a new system call bpf() for creating various types of maps and for loading programs that can be attached onto various points (sockets, tracepoints, packet reception) to receive and process data.

An eBPF component is AF_XDP, a socket for connecting the eXpress Data Path (XDP) path to user space for applications that prioritize packet processing performance.

The driver is an Intel® CPU integrated accelerator and shares a work queue with process address space ID (pasid) submission and shared virtual memory (SVM).

The accel-config package is available on Intel® EM64T and AMD64 architectures for managing data-streaming accelerator (DSA) subsystem in the Linux kernel. Also, it configures devices through sysfs (pseudo file system), saves and loads the configuration in the json format.

In this release, the DAX file system is available as a Technology Preview for the ext4 and XFS file systems. DAX enables an application to directly map persistent memory into its address space. The system must have some form of persistent memory available to use DAX. Persistent memory can be in the form of one or more Non-Volatile Dual In-line Memory Modules (NVDIMMs). In addition, a file system that supports DAX must be created on the NVDIMMs; the file system must be mounted with the dax mount option. Then, an mmap of a file on the DAX mounted file system results in a direct mapping of storage into the application's address space.

NVMe over Fabrics TCP host and the target drivers are included in RHCK as a technology preview in this release.

Pacemaker container bundles now run on Podman, with the container bundle feature being available as a Technology Preview.

Heuristics are a set of commands that run locally on startup, cluster membership change, successful connect to corosync-qnetd, and, optionally, on a periodic basis. When all commands finish successfully, heuristics have passed; otherwise, they have failed. The heuristics result is sent to corosync-qnetd where it's used in calculations to decide which partition is quorate.

The fence_heuristics_ping agent is available with Pacemaker. The agent aims to open a class of experimental fence agents that do no actual fencing by themselves but instead exploit the behavior of fencing levels in a new way.

Through the agent, particularly by its issuing an off action, Pacemaker can be informed if fencing would succeed or not. The heuristics agent can prevent the agent that does the actual fecing from fencing a node under certain conditions.

With the updated Oracle Linux kernel, Oracle Linux confidential virtual machines (VMs) can be deployed on Microsoft Azure. However, encrypting confidential VM images while booting on Azure isn't supported.