This section contains information on configuring VLANs for users of the Solaris 10 3/05 OS only. If you are using an update to Oracle Solaris 10, refer to Administering Virtual Local Area Networks.
Virtual local area networks (VLANs) are commonly used to split up groups of network users into manageable broadcast domains, to create logical segmentation of work groups, and to enforce security policies among each logical segment. With multiple VLANs on an adapter, a server with a single adapter can have a logical presence on multiple IP subnets. By default, 512 VLANs can be defined for each VLAN-aware adapter on your server.
If your network does not require multiple VLANs, you can use the default configuration, in which case no further configuration is necessary.
For an overview of VLANs, refer to Overview of VLAN Topology.
VLANs can be created according to various criteria, but each VLAN must be assigned a VLAN tag or VLAN ID (VID). The VID is a 12-bit identifier between 1 and 4094 that identifies a unique VLAN. For each network interface (for example, ce0, ce1, ce2, and so on) 512 possible VLANs can be created. Because IP subnets are commonly used, use IP subnets when setting up a VLAN network interface. This means that each VID assigned to a VLAN interface of a physical network interface belongs to different subnets.
Tagging an Ethernet frame requires the addition of a tag header to the frame. The header is inserted immediately following the destination MAC address and the source MAC address. The tag header consists of two bytes of the Ethernet Tag Protocol Identifier (TPID, 0x8100) and two bytes of Tag Control Information (TCI). The following figure shows the Ethernet Tag Header format.
This procedure contains information on configuring VLANs for users of the Solaris 10 3/05 OS only. If you are using an update to Oracle Solaris 10, refer to How to Configure a VLAN
Assume the Primary Administrator role, or become superuser.
The Primary Administrator role includes the Primary Administrator profile. To create the role and assign the role to a user, see Chapter 2, Working With the Solaris Management Console (Tasks), in System Administration Guide: Basic Administration.
Determine the type of interfaces in use on your system.
The network adapter on your system might not be referred to by the letters ce, which is required for a VLAN.
# ifconfig -a lo0: flags=1000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv4> mtu 8232 index 1 inet 127.0.0.1 netmask ff000000 hme0: flags=1000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500 index 2 inet 22.214.171.124 netmask ffffff00 broadcast 126.96.36.199
Create one hostname.cenum file (hostname6.cenum file for IPv6) for each VLAN that will be configured for each adapter on the server.
VLAN logical PPA = 1000 * VID + Device PPA ce123000 = 1000*123 + 0
For example: hostname.ce123000
VLAN logical PPA = 1000 * VID + Device PPA ce11000 = 1000*11 + 0
For example: hostname.ce11000
This format limits the maximum number of PPAs (instances) you can configure to 1000 in the /etc/path_to_inst file.
For example, on a server with the Sun Gigabit Ethernet/P 3.0 adapter having an instance of 0, that belongs to two VLANs with VIDs 123 and 224, you would use ce123000 and ce224000, respectively, as the two VLAN PPAs.
For example, you could use the following examples of ifconfig:
# ifconfig ce123000 plumb up # ifconfig ce224000 plumb up
# ifconfig -a lo0: flags=1000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv4> mtu 8232 index 1 inet 127.0.0.1 netmask ff000000 hme0: flags=1000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500 index 2 inet 188.8.131.52 netmask ffffff00 broadcast 184.108.40.206 ether 8:0:20:a4:4f:b8 ce123000: flags=1000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500 index 3 inet 220.127.116.11 netmask ffffff00 broadcast 18.104.22.168 ether 8:0:20:a4:4f:b8 ce224000: flags=1000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500 index 4 inet 22.214.171.124 netmask ffffff00 broadcast 126.96.36.199 ether 8:0:20:a4:4f:b8
On the switch, set VLAN tagging and VLAN ports to coincide with the VLANs you have set up on the server.
Using the examples in Step 4, you would set up VLAN ports 123 and 224 on the switch or VLAN ports 10 and 11.
Refer to the documentation that came with your switch for specific instructions for setting VLAN tagging and ports.