This procedure uses exclusive IP zones as the containers for the private virtual network. Solaris IP Filter software performs NAT for outgoing packets from the private network.
For the VNICs in the private network configuration, be sure to create private IP addresses that cannot be forwarded by the default router of the external network. However, for the network interface, use an IP address that is routable on the host's external network.
On the system where you create the private virtual network, become superuser or assume the equivalent root role.
To create and assign the root role, see How to Make root User Into a Role in System Administration Guide: Security Services.
Create the etherstub for the private virtual network.
# dladm create-etherstub etherstub-link-name |
For example, to create an etherstub called etherstub0, you would type the following:
# dladm create-etherstub etherstub0 |
Verify that the etherstub was created.
# dladm show-etherstub |
You should receive output similar to the following:
LINK etherstub0 |
Create VNICs over the etherstub.
# dladm create-vnic -l etherstub-link-name vnic-link-name |
For example, you might type the following:
# dladm create-vnic -l etherstub0 vnic0 |
Reserve one VNIC for the global zone. The global zone consists of all applications and services of a system's working environment that have not been delegated to a zone or virtual machine.
Then, create at least two more VNICs for the exclusive IP zones of the private network. The virtual switch is automatically created with the first VNIC.
Verify that the VNICs are correctly created over the etherstub.
# dladm show-link |
You should receive output similar to the following:
LINK CLASS MTU STATE OVER e1000g0 phys 1500 up -- vnic0 vnic 9000 up etherstub0 |
The “OVER” column contains the entry etherstub0 in the vnic0 row, indicating that vnic0 is created over etherstub0.
Create the exclusive IP zones.
For instructions, refer to How to Create an Exclusive IP Zone Over a VNIC.
Be sure to type the associated VNIC data link name for the zone in the set-physical parameter of add-net.
Install the zones.
Use Steps 1–4 in the procedure How to Install the Exclusive IP Zone on a VNIC
Do not boot the zones at this time. You boot them as part of the next procedure,How to Configure Routing and Network Address Translation for the Private Virtual Network.