| Skip Navigation Links | |
| Exit Print View | |
|
Managing Oracle Solaris 11.1 Network Performance Oracle Solaris 11.1 Information Library |
| Skip Navigation Links | |
| Exit Print View | |
|
|
Managing Oracle Solaris 11.1 Network Performance Oracle Solaris 11.1 Information Library |
1. Introduction to Network Performance Management
How to Plan a VLAN Configuration
How to Configure VLANs Over a Link Aggregation
Use Case: Combining Link Aggregations and VLAN Configurations
4. Administering Bridged Networks (Tasks)
7. Exchanging Network Connectivity Information With LLDP
8. Working With Data Center Bridging Features in Oracle Solaris
9. Edge Virtual Bridging in Oracle Solaris
10. Integrated Load Balancer (Overview)
11. Configuring Integrated Load Balancer
12. Managing Integrated Load Balancer
13. Virtual Router Redundancy Protocol (Overview)
A. Link Aggregation Types: Feature Comparison
This section contains procedures for configuring and administering VLANs.
For a basic example of such a topology, refer to Figure 3-1.
Note - A VLAN numbering scheme might already exist on the network. If so, you must create VLAN IDs within the existing VLAN numbering scheme.
# dladm show-link
Note the VLAN ID of each interface and the switch port where each interface is connected.
Refer to the switch manufacturer's documentation for configuration instructions.
Before You Begin
This procedure assumes that the zones are already created on the system. The steps to create zones and to assign interfaces to the zones are not covered in this procedure. For more information about zone configuration, refer to Chapter 17, Planning and Configuring Non-Global Zones (Tasks), in Oracle Solaris 11.1 Administration: Oracle Solaris Zones, Oracle Solaris 10 Zones, and Resource Management.
For more information, see How to Use Your Assigned Administrative Rights in Oracle Solaris 11.1 Administration: Security Services.
# dladm show-link
# dladm create-vlan -l link -v vid vlan-link
Specifies the link on which the VLAN interface is being created.
Indicates the VLAN ID number.
Specifies the name of the VLAN, which can also be an administratively-chosen name.
# dladm show-vlan
# ipadm create-ip interface
where interface uses the VLAN name.
# ipadm create-addr -a address interface
Example 3-1 Configuring a VLAN
This example shows how to create the VLAN configuration that is illustrated in Figure 3-3. This example assumes that you have already configured the different zones in the system. For more information about configuring zones, see Part II, Oracle Solaris Zones, in Oracle Solaris 11.1 Administration: Oracle Solaris Zones, Oracle Solaris 10 Zones, and Resource Management.
The administrator begins by checking the available links that can be used for configuring VLANs, and then creates the VLANs over the specific links.
global# dladm show-link LINK CLASS MTU STATE BRIDGE OVER net0 phys 1500 up -- -- net1 phys 1500 up -- -- net2 phys 1500 up -- -- global# dladm create-vlan -l net0 -v 111 web1 global# dladm create-vlan -l net0 -v 112 auth1 global# dladm create-vlan -l net0 -v 113 app1 global# dladm create-vlan -l net1 -v 111 web2 global# dladm create-vlan -l net1 -v 112 auth2 global# dladm create-vlan -l net1 -v 113 app2 global# dladm create-vlan -l net2 -v 111 web3 global# dladm create-vlan -l net2 -v 112 auth3 global# dladm show-vlan LINK VID OVER FLAGS web1 111 net0 ---- auth1 112 net0 ---- app1 113 net0 ---- web2 111 net1 ---- auth2 112 net1 ---- app2 113 net1 ---- web3 111 net2 ---- auth3 113 net2 ----
When link information is displayed, the VLANs are included in the list.
global# dladm show-link LINK CLASS MTU STATE BRIDGE OVER net0 phys 1500 up -- -- net1 phys 1500 up -- -- net2 phys 1500 up -- -- web1 vlan 1500 up -- net0 auth1 vlan 1500 up -- net0 app1 vlan 1500 up -- net0 web2 vlan 1500 up -- net1 auth2 vlan 1500 up -- net1 app2 vlan 1500 up -- net1 web3 vlan 1500 up -- net2 auth3 vlan 1500 up -- net2
Next, the administrator assigns the VLANs to their respective zones. After the VLANs have been assigned, information similar to the following would be displayed for each zone:
global# zonecfg -z webzone1 info net
net:
address not specified
physical: web1
global# zonecfg -z authzone1 info net
net:
address not specified
physical: auth1
global# zonecfg -z appzone2 info net
net:
address not specified
physical: app2
The value of the property physical indicates the VLAN that is set for the given zone.
Next, the administrator logs in to each non-global zone to configure the VLAN with an IP address.
In webzone1:
webzone1# ipadm create-ip web1 webzone1# ipadm create-addr -a 10.1.111.0/24 web1 ipadm: web1/v4
In webzone2:
webzone2# ipadm create-ip web2 webzone2# ipadm create-addr -a 10.1.111.0/24 web2 ipadm: web2/v4
In webzone3:
webzone3# ipadm create-ip web3 webzone3# ipadm create-addr -a 10.1.111.0/24 web3 ipadm: web3/v4
In authzone1:
authzone1# ipadm create-ip auth1 authzone1# ipadm create-addr -a 10.1.112.0/24 auth1 ipadm: auth1/v4
In authzone2:
authzone2# ipadm create-ip auth2 autzone2# ipadm create-addr -a 10.1.112.0/24 auth2 ipadm: auth2/v4
In authzone3:
authzone3# ipadm create-ip auth3 authzone3# ipadm create-addr -a 10.1.112.0/24 auth3 ipadm: auth3/v4
In appzone1:
appzone1# ipadm create-ip app1 appzone1# ipadm create-addr -a 10.1.113.0/24 app1 ipadm: app1/v4
In appzone2:
appzone2# ipadm create-ip app2 appzone2# ipadm create-addr -a 10.1.113.0/24 app2 ipadm: app2/v4
After all the VLANs have been configured with IP addresses, configuration is complete. The three VLANs are operative and can host traffic for their respective zones.
In the same manner as configuring VLANs over an interface, you can also create VLANs on a link aggregation. Link aggregations are described in Chapter 2, Using Link Aggregations. This section combines configuring VLANs and link aggregations.
# dladm show-link
# dladm create-vlan -l link -v vid vlan-link
Specifies the link on which the VLAN interface is being created. In this procedure, the link refers to the link aggregation.
Indicates the VLAN ID number
Specifies the name of the VLAN, which can also be an administratively-chosen name.
# ipadm create-ip interface
where interface uses the VLAN name.
# ipadm create-addr -a address interface
Example 3-2 Configuring Multiple VLANs Over a Link Aggregation
In this example, two VLANs are configured on a link aggregation. The VLANs are assigned VLAN IDs 193 and 194, respectively.
# dladm show-link LINK CLASS MTU STATE BRIDGE OVER net0 phys 1500 up -- ---- net1 phys 1500 up -- ---- aggr0 aggr 1500 up -- net0, net1 # dladm create-vlan -l aggr0 -v 193 acctg0 # dladm create-vlan -l aggr0 -v 194 humres0 # ipadm create-ip acctg0 # ipadm create-ip humres0 # ipadm create-addr -a 192.168.10.0/24 acctg0 ipadm: acctg0/v4 # ipadm create-addr -a 192.168.20.0/24 humres0 ipadm: humres0/v4
Certain legacy devices handle only packets whose maximum transmission unit (MTU) size, also known as frame size, is 1514 bytes. Packets whose frame sizes exceed the maximum limit are dropped. For such cases, follow the same procedure listed in How to Configure a VLAN. However, when creating the VLAN, use the -f option to force the creation of the VLAN.
# dladm create-vlan -f -l link -v vid vlan-link
Specifies the link on which the VLAN interface is being created. In this procedure, the link refers to the legacy device.
Indicates the VLAN ID number
Specifies the name of the VLAN, which can also be an administratively-chosen name.
# dladm set-linkprop -p default_mtu=1496 vlan-link
The lower MTU\ value allows space for the link layer to insert the VLAN header prior to transmission.
For more information about changing link property values, refer to Basic dladm Commands in Connecting Systems Using Fixed Network Configuration in Oracle Solaris 11.1.
Because VLANs are datalinks, you can use the dladm show-link command to view information about VLANs. However, for information that is specific to VLANs, use the dladm show-vlan command.
The following example compares the type of information you obtain with either command. The first output that uses the dladm show-link command displays all the datalinks on the system, including those that are not VLANs. The second output that uses the dladm show-vlan command displays a subset of datalink information that is relevant only to VLANs.
# dladm show-link LINK CLASS MTU STATE BRIDGE OVER net0 phys 1500 up -- -- net1 phys 1500 up -- -- net2 phys 1500 up -- -- web1 vlan 1500 up -- net0 auth1 vlan 1500 up -- net0 app1 vlan 1500 up -- net0 web2 vlan 1500 up -- net1 auth2 vlan 1500 up -- net1 app2 vlan 1500 up -- net1 web3 vlan 1500 up -- net2 auth3 vlan 1500 up -- net2 # dladm show-vlan LINK VID OVER FLAGS web1 111 net0 ---- auth1 112 net0 ---- app1 113 net0 ---- web2 111 net1 ---- auth2 112 net1 ---- app2 113 net1 ---- web3 111 net2 ---- auth3 113 net2 ----
By using the dladm modify-vlan command, you can modify a VLAN in the following ways:
Change a VLAN's VLAN ID
Migrate a VLAN to another underlying link
To change the VLAN ID of a VLAN, use one of the following commands:
dladm modify-vlan -v vid -L datalink
In this command, vid specifies the new VLAN ID that you are assigning to the VLAN. Datalink refers to the underlying link over which the VLAN is configured. You can use this command syntax provided that only a single VLAN exists on the datalink. The command fails if you use it on a datalink that has multiple configured VLANs because VLANs on a datalink must have unique VLAN IDs.
dladm modify-vlan -v vid vlan
Use this command to change the unique VLAN IDs of multiple VLANs over a single datalink. Each VLAN on the datalink has a unique VLAN ID. Therefore you must change the VLAN IDs one at a time. From Figure 3-3, suppose you want to change the VLAN IDs of web1, auth1, and app1 configured over net0. To change their VLAN IDs, you would proceed as follows:
# dladm modify-vlan -v 123 web1 # dladm modify-vlan -v 456 app1 # dladm modify-vlan -v 789 auth1
You can migrate a VLAN from one underlying datalink to another underlying datalink without deleting and reconfiguring the VLAN. The underlying link can be a physical link, a link aggregation, or an etherstub. For more information about etherstubs, see Components of Network Virtualization in Using Virtual Networks in Oracle Solaris 11.1.
To successfully migrate a VLAN, the underlying datalink to which the VLAN is moved must be able to accommodate the datalink properties of the VLAN. If those properties are not supported, then migration fails and the user is notified. After a successful migration, all the applications that use that VLAN continue to operate normally, provided that the VLAN remains connected to the network.
Certain hardware-dependent properties might change after a VLAN migration. For example, a VLAN always shares the same MAC address as its underlying datalink. Thus, when you migrate a VLAN, the VLAN's MAC address changes to the primary MAC address of the target datalink. Other properties that might be affected are the datalink state, link speed, MTU size, and so on. However, applications continue to operate without interruption.
Note - A migrated VLAN does not retain any of its hardware lane statistics from the original datalink. Available hardware lanes for the VLAN on the target datalink become the new source of statistics information. However, software statistics that are displayed by default by the dlstat command are preserved.
You can perform a VLAN migration either globally or selectively. Global migration means that you migrate all the VLANs over a datalink to another datalink. To perform a global migration, you only need to specify the source datalink and the target datalink. The following example moves all the VLANs on ether0 to net1:
# dladm modify-vlan -l net1 -L ether0
where
-L refers to the original datalink over which the VLANs are configured.
-l refers to the target datalink to which the VLANs are migrated.
Note - You must specify the target datalink before the source datalink.
To perform selective VLAN migration, you specify the VLANs that you want to move. In the following example based on Figure 3-3, VLANs are moved from net0 to net3.
# dladm modify-vlan -l net3 web1,auth1,app1
Note - When migrating VLANs selectively, omit the -L option, which applies only to global migration.
You can change the VLAN IDs of VLANs while performing a migration. Using Figure 3-3 as the basis, the following example shows how you would migrate multiple VLANs and change their VLAN IDs at the same time.
# dladm show-vlan LINK VID OVER FLAGS web1 111 net0 ----- auth1 112 net0 ----- app1 113 net0 ----- # dladm modify vlan -l net3 -v 123 web1 # dladm modify vlan -l net3 -v 456 auth1 # dladm modify vlan -l net3 -v 789 app1 # dladm show-vlan LINK VID OVER FLAGS web1 123 net3 ----- auth1 456 net3 ----- app1 789 net3 -----
Note - A parallel subcommand, dladm modify-vnic migrates VNICs that are configured as VLANs. You must use the correct subcommand depending on whether you are migrating VLANs or VNICs that are configured as VLANs. Use the modify-vlan subcommand on VLANs that are displayed by the dladm show-vlan subcommand. Use the modify-vnic subcommand on VNICs, including those with VLAN IDs, that are displayed by the dladm show-vnic subcommand. To modify VNICs, see Components of Network Virtualization in Using Virtual Networks in Oracle Solaris 11.1.
Use the dladm delete-vlan command to delete VLAN configurations on your system.
Note - You must first delete any existing IP configurations on the VLAN that you intend to delete before you can delete the VLAN. Deleting a VLAN will fail if IP interfaces exist over the VLAN.
Example 3-3 Deleting a VLAN Configuration
To delete a VLAN configuration, you would perform steps similar to the following example:
# dladm show-vlan LINK VID OVER FLAGS web1 111 net0 ---- auth1 112 net0 ---- app1 113 net0 ---- web2 111 net1 ---- auth2 112 net1 ---- app2 113 net1 ---- web3 111 net2 ---- auth3 113 net2 ---- # ipadm delete-ip web1 # dladm delete-vlan web1
|