test

Solaris 9 Sun Hardware Platform Guide

Configuring VLANs

VLANs: Virtual Local Area Networks (VLANs) are commonly used to split up groups of network users into manageable broadcast domains, to create logical segmentation of workgroups, and to enforce security policies among each logical segment. With multiple VLANs on an adapter, a server with a single adapter can have a logical presence on multiple IP subnets. By default, 512 VLANs can be defined for each VLAN-aware adapter on your server.

If your network does not require multiple VLANs, you can use the default configuration, in which case no further configuration is necessary.

VLANs can be created according to various criteria, but each VLAN must be assigned a VLAN tag or VLAN ID (VID). The VID is a 12-bit identifier between 1 and 4094 that identifies a unique VLAN. For each network interface (ce0, ce1, ce2 and so on), 512 possible VLANs can be created. Because IP subnets are commonly used, it's best to use IP subnets when setting up a VLAN network interface. This means that each VID assigned to a VLAN interface of a physical network interface will belong to different subnets.

Tagging an Ethernet frame requires the addition of a tag header to the frame. The header is inserted immediately following the Destination MAC address and the Source MAC address. The tag header consists of two bytes of Ethernet Tag Protocol Identifier (TPID, 0x8100) and two bytes of Tag Control Information (TCI). Figure 3-1 shows the Ethernet Tag Header format.

Figure 3-1 Ethernet Tag Header Format

Graphic

To Configure Static VLANs

  1. Create one hostname.cenum file (hostname6.cenum file for IPv6) for each VLAN which will be configured for each adapter on the server, using the following naming format that includes both the VID and the physical point of attachment (PPA):

    VLAN logical PPA = <1000 * VID> + <Device PPA> ce123000 = 1000*123 + 0

    Example: hostname.ce123000

    This format limits the maximum number of PPAs (instances) you can configure to 1000 in the /etc/path_to_inst file.

    For example, on a server with the Sun GigabitEthernet/P 3.0 adapter having an instance of 0, that belongs to a member of two VLANs, with VID 123 and 224, you would use ce123000 and ce224000, respectively, as the two VLAN PPAs.

  2. Use the ifconfig(1M) to configure a VLAN virtual device, for example:


    # ifconfig ce123000 plumb up
# ifconfig ce224000 plumb up

    The output of ifconfig -a on a system having VLAN devices ce123000 and ce224000:


    # ifconfig -a
lo0: flags=1000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv4> mtu 8232 index 1
        inet 127.0.0.1 netmask ff000000 
hme0: flags=1000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500 index 2
        inet 129.144.131.91 netmask ffffff00 broadcast 129.144.131.255
        ether 8:0:20:a4:4f:b8 
ce123000: flags=1000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500 index 3
        inet 199.199.123.3 netmask ffffff00 broadcast 199.199.123.255
        ether 8:0:20:a4:4f:b8 
ce224000: flags=1000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500 index 4
        inet 199.199.224.3 netmask ffffff00 broadcast 199.199.224.255
        ether 8:0:20:a4:4f:b8

  3. On the switch, set VLAN tagging and set VLAN ports to coincide with the VLANs you've set up on the server. Using the examples in Step 2 , you would set up VLAN ports 123 and 224 on the switch.

    Refer to the documentation that came with your switch for specific instructions for setting VLAN tagging and ports.