Skip Navigation Links | |
Exit Print View | |
Oracle Solaris Administration: Network Interfaces and Network Virtualization Oracle Solaris 11 Express 11/10 |
2. NWAM Configuration and Administration (Overview)
3. NWAM Profile Configuration (Tasks)
4. NWAM Profile Administration (Tasks)
5. About the NWAM Graphical User Interface
Part II Administering Single Interfaces
6. Overview of the Networking Stack
7. Datalink Configuration and Administration
8. Configuring an IP Interface
9. Configuring Wireless Interface Communications on Oracle Solaris
Part III Administering Interface Groups
11. Administering Link Aggregations
Part IV Network Virtualization and Resource Management
15. Introducing Network Virtualization and Resource Control (Overview)
16. Planning for Network Virtualization and Resource Control
17. Configuring Virtual Networks (Tasks)
Configuring Components of Network Virtualization in Oracle Solaris
Creating New Zones for Use With VNICs
How to Create and Configure the Exclusive IP Zone
Modifying the Configuration of Existing Zones to Use VNICs
How to Reconfigure a Zone to Use a VNIC
Creating a Private Virtual Network
How to Remove the Virtual Network Without Removing the Zones
18. Using Link Protection in Virtualized Environments
19. Managing Network Resources
This section contains tasks for configuring the building blocks of network virtualization in Oracle Solaris. The following comprise the basic components:
Virtual network interface cards (VNICs)
Etherstubs
VNICs are pseudo interfaces that you create on top of datalinks. A VNIC has an automatically generated MAC address. Depending on the network interface in use, you can explicitly assign to a VNIC a MAC address other than the default address, as described in the dladm(1M) man page. You can create as many VNICs over a datalink as you require.
Etherstubs are pseudo ethernet NICs which are managed by the system administrator. You can create VNICs over etherstubs instead of over physical links. VNICs over an etherstub become independent of the physical NICs in the system. With etherstubs, you can construct a private virtual network that is isolated both from the other virtual networks in the system and from the external network. For example, you want to create a network environment whose access is limited only to your company developers than to the network at large. Etherstubs can be used to create such an environment.
Etherstubs and VNICs are only a part of the virtualization features of Oracle Solaris. You typically use these components together with Oracle Solaris containers or zones. By assigning VNICs or etherstubs for use by zones, you can create a network within a single system.
This procedure shows how to create a virtual network interface card (VNIC).
For more information, see How to Obtain Administrative Rights in System Administration Guide: Security Services.
# dladm show-phys
This command displays the physical NICs on the system and their corresponding datalink names. Unless you create customized names for your datalinks, the datalink has the same name as the network interface device name. For example, the device e1000g0 uses the data link name e1000g0 until you replace the link name with another name. For more information about customized datalink names, see Assigning Names to Datalinks.
# dladm show-link
This command lists the datalinks and their current status. Make sure that a datalink's STATE field indicates that the datalink is up. You can configure VNICs only over datalinks whose status is up.
# ipadm show-addr
This command lists configured interfaces on your system including their corresponding IP addresses.
# dladm create-vnic -l link vnic
link is the name of the datalink over which the VNIC is configured.
vnic is the VNIC which you can label with a customized name as well.
If you are assigning a static IP address, use the following syntax:
# ipadm create-addr -T static -a address addrobj
where addrobj uses the naming format interface/user-defined-string, such as e1000g0/v4globalz. For other options when using this command, refer to the ipadm(1M) man page.
# ipadm show-addr
# dladm show-vnic
Example 17-1 Creating Virtual Network Interfaces
This example contains the commands to create VNICs. You must log in to the system as superuser or the equivalent role to run the commands.
# dladm show-phys LINK MEDIA STATE SPEED DUPLEX DEVICE e1000g2 Ethernet unknown 0 half e1000g2 e1000g0 Ethernet up 1000 full e1000g0 # dladm show-link LINK CLASS MTU STATE BRIDGE OVER e1000g2 phys 1500 unknown -- -- e1000g0 phys 1500 up -- -- # ipadm show-if IFNAME STATE CUTTENT PERSISTENT lo0 ok -m-v-----46 --- e1000g0 ok bm-------46 -46 # ipadm show-addr ADDROBJ TYPE STATE ADDR lo0/? static ok 127.0.0.1/8 e1000g0/v4addr static ok 192.168.3.70/24 # dladm create-vnic -l e1000g0 vnic1 # dladm create-vnic -l e1000g0 vnic2 # dladm show-vnic LINK OVER SPEED MACADDRESS MACADDRTYPE vnic1 e1000g0 1000 Mbps 2:8:20:c2:39:38 random vnic2 e1000g0 1000 Mbps 2:8:20:5f:84:ff random # # ipadm create-addr -T static -a 192.168.3.80/24 vnic1/v4address # ipadm create-addr -T static -a 192.168.3.85/24 vnic2/v4address # ipadm show-addr ADDROBJ TYPE STATE ADDR lo0/? static ok 127.0.0.1/8 e1000g0/v4addr static ok 192.168.3.70/24 vnic1/v4address static ok 192.168.3.80/24 vnic2/v4address static ok 192.168.3.85/24
The system's /etc/hosts file would contain information similar to the following:
# cat /etc/hosts # ::1 localhost 127.0.0.1 localhost 192.168.3.70 loghost #For e1000g0 192.168.3.80 vnic1 192.168.3.85 vnic2
You use etherstubs to isolate the virtual network from the rest of the virtual networks in the system as well as the external network to which the system is connected. You cannot use an etherstub just by itself. Instead, you use VNICs with an etherstub to create the private or isolated virtual networks. You can create as many etherstubs as you require. You can also create as many VNICs over each etherstub as required.
For more information, see How to Obtain Administrative Rights in System Administration Guide: Security Services.
# dladm create-etherstub etherstub
# dladm create-vnic -l etherstub vnic
Note - To isolate the network for which you are configuring the VNIC over an etherstub, make sure to use a private IP address that cannot be forwarded by the default router of the external network. For example, suppose the physical interface has an address 192.168.3.0/24 that indicates that the system is on a 192.168.3.x network. You therefore assign another address that is not known to the default router, for example, 192.168.0.x.
# dladm show-vnic
This command lists all the VNICs in the system and the datalinks or etherstubs over which the VNICs are created.
# dladm show-link
Example 17-2 Creating an Etherstub
The following example shows how to create an etherstub and then configure a VNIC over the etherstub. This example develops the previous example by adding a third VNIC that is configured over the etherstub.
You must log in to the system as superuser or equivalent role to run the next commands.
# dladm create-etherstub stub0 # dladm show-vnic LINK OVER SPEED MACADDRESS MACADDRTYPE vnic1 e1000g0 1000 Mbps 2:8:20:c2:39:38 random vnic2 e1000g0 1000 Mbps 2:8:20:5f:84:ff random # # dladm create-vnic -l stub0 vnic3 # ipadm create-addr -T static -a 192.168.0.10/24 vnic3/privaddr # # dladm show-vnic LINK OVER SPEED MACADDRESS MACADDRTYPE vnic1 e1000g0 1000 Mbps 2:8:20:c2:39:38 random vnic2 e1000g0 1000 Mbps 2:8:20:5f:84:ff random vnic3 stub0 1000 Mbps 2:8:20:54:f4:74 random # # ipadm show-addr ADDROBJ TYPE STATE ADDR lo0/? static ok 127.0.0.1/8 e1000g0/v4addr static ok 192.168.3.70/24 vnic1/v4address static ok 192.168.3.80/24 vnic2/v4address static ok 192.168.3.85/24 vnic3/privaddr static ok 192.168.0.10/24
The system's /etc/hosts file would contain information similar to the following:
# cat /etc/hosts # ::1 localhost 127.0.0.1 localhost 192.168.3.70 loghost #For e1000g0 192.168.3.80 vnic1 192.168.3.85 vnic2 192.168.0.10 vnic3