test

System Administration Guide: Network Interfaces and Network Virtualization

ProcedureHow to Verify Configuration of a Virtual Network of Exclusive IP Zones

Before You Begin

The procedure assumes that you have created at least two VNICs and corresponding exclusive IP zones to form a virtual network. You also have configured and plumbed these VNICs while logged into their respective zones. The next task verifies the configuration of the virtual network created in Basic Virtual Network on a Single System.

  1. On the system where you create the virtual network, become superuser or assume the equivalent root role in the global zone.

    To create and assign the root role, see How to Make root User Into a Role in System Administration Guide: Security Services.

  2. Ensure that the VNICs are configured as data links in the global zone.


    # dladm show-vnic

    You should receive output similar to the following:


    LINK        OVER             SPEED  MACADDRESS         MACADDRTYPE
vnic1       e1000g0      1000 Mbps  2:8:20:5f:84:ff    random
vnic2       e1000g0      1000 Mbps  2:8:20:54:f4:74    random

    In this example, both VNICs of the virtual network are configured as data links over network interface e1000g0.

  3. Verify that any interfaces known to the global zone are plumbed and up.


    # ifconfig -a
lo0: flags=2001000849<UP,UP,LOOPBACK,RUNNING,MULTICAST,IPv4,VIRTUAL> mtu 8232 index 1
        inet 127.0.0.1 netmask ff000000
e1000g0: flags=201000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4,CoS> mtu 1500 index 2
        inet 192.168.3.70 netmask ffffff00 broadcast 192.168.83.255
        ether 0:14:4f:94:d0:40

    Only the network interface e1000g0 is plumbed for the global zone. This interface has the IP address 192.168.3.70 and connects the system to the external 192.168.3.0/24 network. For the virtual network configuration, ifconfig -a in the global zone should not report any VNICs.

  4. Check the state of the configured zones.


    # zoneadm list -v
  ID NAME             STATUS     PATH                           BRAND    IP
   0 global           running    /                              native   shared
   5 zone2            running    /export/home/zone2             native   excl
   7 zone1            running    /export/home/zone1             native   excl

    The STATUS column indicates that the zones are up and running. If the status of the zones indicates a condition other than “running,” you need to reboot the zone. For instructions, refer to Chapter 20, Installing, Booting, Halting, Uninstalling, and Cloning Non-Global Zones (Tasks), in System Administration Guide: Virtualization Using the Solaris Operating System.

  5. Check the global zone's known routes.


    # netstat -rn

    You should receive output similar to the following:


    Routing Table: IPv4
  Destination           Gateway           Flags  Ref     Use     Interface
-------------------- -------------------- ----- ----- ---------- ---------
default              192.168.3.1         UG        1        8    e1000g0
192.168.3.0          192.168.3.70        U         1      143    e1000g0
127.0.0.1            127.0.0.1           UH        1       13    lo0

Routing Table: IPv6
  Destination/Mask            Gateway                   Flags Ref   Use    If
--------------------------- --------------------------- ----- --- ------- -----
::1                         ::1                         UH      1      22 lo0

    The global zone's default route to external networks is through the gateway 192.168.3.1. This is the IP address of the default router for network 192.168.3.0/24. The global zone also reports that the route to the gateway is through 192.168.3.70, the IP address of the system's e1000g0 interface.

  6. Log in to one of the zones of the virtual network, for example, zone1, and ensure that the zone's VNIC is plumbed and up.


    # zlogin zone1
# ifconfig -a vnic1
vnic1: flags=201000842<UP,BROADCAST,RUNNING,MULTICAST,IPv4,CoS> mtu 1500 index 2
           inet 192.168.3.20 netmask ffffff00 broadcast 192.168.3.255
           ether 2:8:20:54:f4:74

  7. Check the known routes between the local zone and the external network.


    #  netstat -rn

    You should receive output similar to the following:


    Routing Table: IPv4
  Destination           Gateway           Flags  Ref     Use     Interface
-------------------- -------------------- ----- ----- ---------- ---------
default              192.168.3.1          UG       1        0     vnic1
192.168.3.0          192.168.3.20         U        1        2     vnic1
127.0.0.1            127.0.0.1            UH       1       23     lo0

    The output verifies that the default route for zone1 is to the default router, 192.168.3.1. zone1 also knows to route packets through vnic1, 192.168.3.20. This traffic is then passed to the global zone, where the packets travel through the network interface e1000g0.

  8. Verify the VNICs' connectivity.

    Perform these steps while logged into a local zone. The following steps assume that you are logged into zone1.

    1. Check the connectivity between the local zone's VNIC and the system's network interface.


      # ping network-interface-address

      For example, check that vnic1 can pass traffic to network interface e1000g0, IP address 192.168.3.70.


      # ping 192.168.3.70
192.168.3.70 is alive

    2. Check that the VNIC can pass traffic through the default router, IP address 192.168.3.1.


      # ping 192.168.3.1
192.168.3.1 is alive

    3. Check that the VNIC can pass traffic to another VNIC in the virtual network.


      # ping vnic-IP-address

      For example, to check that vnic1 can pass traffic to vnic2 (IP address192.168.3.22), run the following command.


      # ping 192.168.3.22
192.168.3.22 is alive
Next Steps