Skip Navigation Links | |
Exit Print View | |
Oracle Solaris Administration: IP Services Oracle Solaris 11 Information Library |
1. Planning the Network Deployment
2. Considerations When Using IPv6 Addresses
3. Configuring an IPv4 Network
Network Configuration (Task Map)
Before You Begin Network Configuration
Configuring Component Systems on the Network
IPv4 Autonomous System Topology
How to Configure an IP Interface
Setting Up System Configuration Modes
How to Configure a System for Local Files Mode
How to Configure a System for Network Client Mode
How to Set Up a Network Configuration Server
How to Configure an IPv4 Router
Routing Tables and Routing Types
How to Add a Static Route to the Routing Table
How to Create a Multihomed Host
Configuring Routing for Single-Interface Systems
How to Enable Static Routing on a Single-Interface Host
How to Enable Dynamic Routing on a Single-Interface System
How to Change the IPv4 Address and Other Network Configuration Parameters
Monitoring and Modifying Transport Layer Services
How to Log the IP Addresses of All Incoming TCP Connections
How to Add Services That Use the SCTP Protocol
How to Use TCP Wrappers to Control Access to TCP Services
4. Enabling IPv6 on the Network
5. Administering a TCP/IP Network
7. Troubleshooting Network Problems
11. Administering the ISC DHCP Service
12. Configuring and Administering the DHCP Client
13. DHCP Commands and Files (Reference)
14. IP Security Architecture (Overview)
16. IP Security Architecture (Reference)
17. Internet Key Exchange (Overview)
19. Internet Key Exchange (Reference)
20. IP Filter in Oracle Solaris (Overview)
Part IV Networking Performance
22. Integrated Load Balancer Overview
23. Configuration of Integrated Load Balancer (Tasks)
24. Virtual Router Redundancy Protocol (Overview)
25. VRRP Configuration (Tasks)
26. Implementing Congestion Control
Part V IP Quality of Service (IPQoS)
27. Introducing IPQoS (Overview)
28. Planning for an IPQoS-Enabled Network (Tasks)
29. Creating the IPQoS Configuration File (Tasks)
30. Starting and Maintaining IPQoS (Tasks)
31. Using Flow Accounting and Statistics Gathering (Tasks)
When you configure network systems, you need the following configuration information:
Host name of each system.
IP address and netmask of each system. If the network is subdivided into subnets, then you must have the subnet numbers and the IP address schema to apply to the systems in each subnet, including their respective netmasks.
Domain name to which each system belongs.
Default router address.
You supply this information if you have a simple network topology with only one router attached to each network. You also supply this information if your routers do not run routing protocols such as the Router Discovery Server Protocol (RDISC) or the Router Information Protocol (RIP). For more information about routers as well as the list of routing protocols that are supported by Oracle Solaris, see Packet Forwarding and Routing on IPv4 Networks in System Administration Guide: IP Services.
Note - You can configure the network while you are installing Oracle Solaris. For instructions, see Installing Oracle Solaris 11 Systems.
In this documentation, the procedures assume that you are configuring the network after you have installed the OS.
Use Figure 3-1 in the following section as reference to configure the component systems of the network.
Sites with multiple routers and networks typically administer their network topology as a single routing domain, or autonomous system (AS).
Figure 3-1 Autonomous System With Multiple IPv4 Routers
Figure 3-1shows an AS that is divided into three local networks, 10.0.5.0, 172.20.1.0, and 192.168.5.0. The network is comprised of the following types of systems:
Routers use routing protocols to manage how network packets are directed or routed from their source to their destinations within the local network or to external networks. For information about routing protocols that are supported in Oracle Solaris, see Tables of Routing Protocols in Oracle Solaris.
Routers are typed as follows:
The border router connects the local network such as 10.0.5.0 externally to a service provider.
Default routers manage packet routing in the local network, which itself can include several local networks. For example, in Figure 3-1, Router 1 serves as the default router for 192.168.5. Contemporaneously, Router 1 is also connected to the 10.0.5.0 internal network. Router 2's interfaces connect to the 10.0.5.0 and 172.20.1.0 internal networks.
Packet-forwarding routers forward packets between internal networks but do not run routing protocols. In Figure 3-1, Router 3 is a packet-forwarding router with connections to the 172.20.1 and 192.168.5 networks.
Client systems
The following procedure provides an example of performing a basic configuration of an IP interface.
Before You Begin
Determine if you want to rename datalinks on the system. Typically, you use the generic names that have been assigned by default to the datalinks. To change link names, see How to Rename a Datalink in Oracle Solaris Administration: Network Interfaces and Network Virtualization.
For more information, see How to Obtain Administrative Rights in Oracle Solaris Administration: Security Services.
# dladm show-phys
This command shows the physical network cards that are installed on your system and some of their properties. For more information about this command, see How to Display Information About Physical Attributes of Datalinks.
# dladm show-link
This command shows the datalinks and certain properties that have been set for them, including the physical cards over which the links have been created.
# ipadm create-interface-class interface
Refers to one of three classes of interfaces that you can create:
IP interface. This interface class is the most common that you create when you perform network configuration. To create this interface class, use the create-ip subcommand.
STREAMS virtual network interface driver (VNI interface). To create this interface class, use the create-vni subcommand. For more information about VNI devices or interfaces, see the vni(7d) man page.
IPMP interface. This interface is used when you configure IPMP groups. To create this interface class, use the create-ipmp subcommand. For more information about IPMP groups, see Chapter 14, Introducing IPMP, in Oracle Solaris Administration: Network Interfaces and Network Virtualization.
Refers to the name of the interface. The name is identical to the name of the link over which the interface is being created.
Note - You must create the IP interface before you can assign the IP address to it.
The following syntax assigns a static address to an interface. Refer to the ipadm(1M) man page for other options for assigning IP addresses.
# ipadm create-addr -T address-type -a address/prefixlen addrobj
Specifies the type of IP address that is assigned to the interface, which is one of the following: static, dhcp, or addrconf. Addrconf refers to automatically generated IPv6 addresses.
Specifies the IP address to configure on the interface. You can specify either just a local address, or both a local address and a remote address in the case of tunnel configuration. Typically, you assign only a local address. In this case, you specify the address directly with the -a option, such as: -a address. The address is automatically considered a local address.
If you are configuring tunnels, you might be required to provide both the local address of the system and the remote address of the destination system. In this case, you must specify local and remote to distinguish the two addresses, as follows: -a local=local-addr,remote=remote-addr. For more information about configuring tunnels, see Chapter 6, Configuring IP Tunnels, in Oracle Solaris Administration: IP Services.
If you are using a numeric IP address, use the format address/prefixlen for addresses in CIDR notation, for example, 1.2.3.4/24. See the explanation for the prefixlen option.
Optionally, you can specify a host name for address instead of a numeric IP address. Using a host name is valid if a corresponding numeric IP address is defined for that host name in the /etc/hosts file. If no numeric IP address is defined in the file, then the numeric value is uniquely obtained by using the resolver order that is specified for host in the name-service/switch service. If multiple entries exist for a given host name, then an error is generated.
Note - During the boot process, the creation of IP addresses precedes naming services being brought online. Therefore you must ensure that any host name that is used in the network configuration must be defined in the /etc/hosts file.
Specifies the length of the network ID that is part of the IPv4 address when you use CIDR notation. In the address 12.34.56.78/24, 24 is the prefixlen. If you do not include prefixlen, then the netmask is computed according to the sequence listed for netmask in the name-service/switch service or by using classful address semantics.
Specifies an identifier for the unique IP address or set of addresses that is used in the system. The addresses can be either IPv4 or IPv6 types. The identifier uses the format interface/user_specified_string.
The interface refers to the IP interface to which the address is assigned. The interface variable must reflect the name of the datalink on which the IP interface is configured.
user-specified-string refers to a string of alphanumeric characters that begins with an alphabet letter and has a maximum length of 32 characters. Subsequently, you can refer to the addrobj instead of the numeric IP address when you use any ipadm subcommand that manages addresses in the system, such as ipadm show-addr, or ipadm delete-addr.
You can use the following commands, depending on the information that you want to check:
Display the general status of the interface.
# ipadm show-if [interface]
If you do not specify the interface, then information for all interfaces in the system is displayed.
Display the interface's address information.
# ipadm show-addr [addrobj]
If you do not specify the addrobj, then information for all address objects in the system is displayed.
For more information about the output of the ipadm show-* subcommand, see Monitoring IP Interfaces and Addresses in Oracle Solaris Administration: Network Interfaces and Network Virtualization.
The entries in this file consist of IP addresses and the corresponding host names.
Note - This step applies only if you are configuring static IP addresses that use hostnames. If you are configuring DHCP addresses, you do not need to update the /etc/hosts file.
Example 3-1 Configuring a Network Interface With a Static Address
# dladm show-phys LINK MEDIA STATE SPEED DUPLEX DEVICE net3 Ethernet up 100Mb full bge3 # dladm show-link LINK CLASS MTU STATE BRIDGE OVER net3 phys 1500 up -- -- # ipadm create-ip net3 # ipadm create-addr -T static -a 192.168.84.3/24 net3/v4static # ipadm show-if IFNAME CLASS STATE ACTIVE OVER lo0 loopback ok yes -- net3 ip ok yes -- # ipadm show-addr ADDROBJ TYPE STATE ADDR lo0/? static ok 127.0.0.1/8 net3/v4 static ok 192.168.84.3/24 # vi /etc/hosts # Internet host table # 127.0.0.1 localhost 10.0.0.14 myhost 192.168.84.3 campus01
Note that if campus01 is already defined in the /etc/hosts file, you can use that host name when assigning the following address:
# ipadm create-addr -T static -a campus01 net3/v4static
Example 3-2 Automatically Configuring a Network Interface With an IP Address
This example uses the same network device as the previous example but configures the IP interface to receive its address from a DHCP server.
# dladm show-phys LINK MEDIA STATE SPEED DUPLEX DEVICE net3 Ethernet up 100Mb full bge3 # dladm show-link LINK CLASS MTU STATE BRIDGE OVER net3 phys 1500 up -- -- # ipadm create-ip net3 # ipadm create-addr -T dhcp net3/dhcp # ipadm show-if IFNAME CLASS STATE ACTIVE OVER lo0 loopback ok yes -- net3 ip ok yes -- # ipadm show-addr net3/dhcp ADDROBJ TYPE STATE ADDR net3/dhcp dhcp ok 10.8.48.242/24 # ipadm show-addr ADDROBJ TYPE STATE ADDR lo0/? static ok 127.0.0.1/8 net3/dhcp dhcp ok 10.8.48.242/24
This section describes procedures to set up a system to run either in local files mode or network client mode. When running in local files mode, a system obtains all TCP/IP configuration information from files that are located in the local directory. In network client mode, the configuration information is provided to all the systems in the network by a remote network configuration server.
Typically, servers in the network run in local files mode, such as the following:
Network configuration servers
NFS servers
Name servers that supply NIS, LDAP, or DNS services
Mail servers
Routers
Clients can run in either mode. Thus, in the network you can have a combination of these modes with which different systems are configured, as shown in the following figure.
Figure 3-2 Systems in an IPv4 Network Topology Scenario
Figure 3-2 shows the systems in a 192.9.200 network.
All the systems belong to the organizational domain deserts.worldwide.com.
sahara is a configuration server. As a server, it runs in local files mode, where TCP/IP configuration information is obtained from the system's local disk.
Note - If you configure clients to run in network client mode, then you must configure at least one network configuration server that will provide configuration information to those clients.
tenere, nubian, and faiyum are clients in the network. tenere and nubian run in local files mode. Regardless of faiyum's local disk, the system is configured to operate in network client mode.
timbuktu is configured as a router and therefore operates in local files mode. The system includes two NICs, each with its own configured IP interfaces. The first IP interface is named timbuktu and connects to the network 192.9.200. The second IP interface is named timbuktu-201 and connects to the network 192.9.201.
For a more detailed overview of the two configuration modes, refer to Determining Host Configuration Modes in System Administration Guide: IP Services
Use this procedure to configure any system to run in local files mode such as those that are listed in Systems That Should Run in Local Files Mode in System Administration Guide: IP Services.
Refer to How to Configure an IP Interface for the procedure.
The Oracle Solaris installation program creates entries for the primary network interface, loopback address, and, if applicable, any additional interfaces that were configured during installation.
This file must also include the name of the default router and the router's IP address.
For example, you would specify deserts.worldwide.com as the value for the domainname property of the nis/domain SMF service.
Note - If you are using DHCP services, skip this step.
To create entries, use the format network-number netmask. For example, for the Class C network number 192.168.83, you would type:
192.168.83.0 255.255.255.0
For CIDR addresses, convert the network prefix into the equivalent dotted decimal representation. Network prefixes and their dotted decimal equivalents can be found in Table 1-1. For example, use the following to express the CIDR network prefix 192.168.3.0/22.
192.168.3.0 255.255.252.0
# svccfg -s name-service/switch setprop config/host = astring: "files nis" # svccfg -s name-service/switch:default refresh
Do the following procedure on each host to be configured in network client mode.
Before You Begin
Network clients receive their configuration information from network configuration servers. Therefore, before you configure a system as a network client you must ensure that at least one network configuration server is set up for the network.
For more information, see How to Obtain Administrative Rights in Oracle Solaris Administration: Security Services.
Refer to How to Configure an IP Interface for the procedure.
# cat /etc/inet/hosts # Internet host table # 127.0.0.1 localhost
Information for setting up installation servers and boot servers is found in Installing Oracle Solaris 11 Systems.
For more information, see How to Obtain Administrative Rights in Oracle Solaris Administration: Security Services.
# mkdir /tftpboot
This command configures the system as a TFTP, bootparams, and RARP server.
# ln -s /tftpboot/. /tftpboot/tftpboot
The line should read as follows:
tftp dgram udp6 wait root /usr/sbin/in.tftpd in.tftpd -s /tftpboot
This line prevents in.tftpd from retrieving any file other than the files that are located in /tftpboot.
Entries in this database use the following format:
MAC Address host name #comment
For more information, see the ethers(4) man page.
For information about editing this database, see the bootparams(4) man page.
# /usr/sbin/inetconv
# svcs network/tftp/udp6
You should receive output resembling the following:
STATE STIME FMRI online 18:22:21 svc:/network/tftp/udp6:default
The in.tftpd daemon is managed by the Service Management Facility. Administrative actions on in.tftpd, such as enabling, disabling, or restarting, can be performed using the svcadm command. Responsibility for initiating and restarting this service is delegated to inetd. Use the inetadm command to make configuration changes and to view configuration information for in.tftpd. You can query the service's status by using the svcs command. For an overview of the Service Management Facility, refer to Chapter 6, Managing Services (Overview), in Oracle Solaris Administration: Common Tasks.
A router provides the interface between two or more networks. Therefore, you must assign a unique name and IP address to each of the router's physical network interfaces. Thus, each router has a host name and an IP address that are associated with its primary network interface, in addition to a minimum of one more unique name and IP address for each additional network interface.
You can also use the following procedure to configure a system with only one physical interface (by default, a host) to be a router. You might configure a single interface system as a router if the system serves as one endpoint on a PPP link, as explained in Planning a Dial-up PPP Link in Oracle Solaris Administration: Network Services.
The following instructions assume that you are configuring interfaces for the router after installation.
Before You Begin
After the router is physically installed on the network, configure the router to operate in local files mode, as described in How to Configure a System for Local Files Mode. This configuration ensures that routers boot if the network configuration server is down.
For more information, see How to Obtain Administrative Rights in Oracle Solaris Administration: Security Services.
Make sure that each IP interface is configured with the IP address of the network for which the system will route packets. Thus, if the system serves the 192.168.5.0 and 10.0.5.0 networks, then one NIC must be configured for each network.
Caution - If you want to configure an IPv4 routers to use DHCP, you must be thoroughly knowledgeable with DHCP administration. |
For example, assume that the names you assigned for the Router 1's two interfaces are krakatoa and krakatoa-1, respectively. The entries in the /etc/inet/hosts file would be as follows:
192.168.5.1 krakatoa #interface for network 192.168.5.0 10.0.5.1 krakatoa-1 #interface for network 10.0.5.0
For example, for traditional IPv4 address notation, such as 192.168.5.0, you would type:
192.168.5.0 255.255.255.0
# ipadm set-prop -p forwarding=on ipv4
Use one of the following command syntaxes:
# routeadm -e ipv4-routing -u
# svcadm enable route:default
The SMF FMRI associated with the in.routed daemon is svc:/network/routing/route.
When you start a routing protocol, the routing daemon /usr/sbin/in.routed automatically updates the routing table, a process that is known as dynamic routing. For more information about the types of routing, see Routing Tables and Routing Types. For information about the routeadm command, see the routeadm(1M) man page.
Example 3-3 Configuring the Default Router for a Network
This example is based on Figure 3-1. Router 2 contains two wired network connections, one connection to network 172.20.1.0 and one to network 10.0.5.0. The example shows how to configure Router 2 to become the default router of the 172.20.1.0 network. The example also assumes that Router 2 has been configured to operate in local files mode, as described in How to Configure a System for Local Files Mode.
After becoming superuser or assuming an equivalent role, you would determine out the status of the system's interfaces.
# dladm show-link LINK CLASS MTU STATE BRIDGE OVER net0 phys 1500 up -- -- net1 phys 1500 up -- -- net2 phys 1500 up -- -- # ipadm show-addr ADDROBJ TYPE STATE ADDR lo0/v4 static ok 127.0.0.1/8 net0/v4 static ok 172.20.1.10/24
Only net0 has been configured with an IP address. To make Router 2 the default router, you would physically connect the net1 interface to the 10.0.5.0 network.
# ipadm create-ip net1 # ipadm create-addr -T static -a 10.0.5.10/24 net1/v4 # ipadm show-addr ADDROBJ TYPE STATE ADDR lo0/v4 static ok 127.0.0.1/8 net0/v4 static ok 172.20.1.10/24 net1/v4 static ok 10.0.5.10/24
Next, you would update the following network databases with information about the newly configured interface and the network to which it is connected:
# vi /etc/inet/hosts 127.0.0.1 localhost 172.20.1.10 router2 #interface for network 172.20.1 10.0.5.10 router2-out #interface for network 10.0.5 # vi /etc/inet/netmasks 172.20.1.0 255.255.255.0 10.0.5.0 255.255.255.0
Finally, enable packet forwarding as well as the in.routed routing daemon.
# ipadm set-prop -p forwarding=on ipv4 # svcadm enable route:default
Now IPv4 packet forwarding and dynamic routing through RIP are enabled on Router 2. However, the default router configuration for network 172.20.1.0 is not yet complete. You would need to do the following:
Modify each host on the 172.20.1.0 network so that the host gets its routing information from the new default router. For more information, refer to How to Enable Static Routing on a Single-Interface Host.
Define a static route to the border router in the routing table of Router 2. For more details, refer to Routing Tables and Routing Types.
Both routers and hosts maintain a routing table. The routing table lists the IP addresses of networks that the system knows about, including the system's local, default network. The table also lists the IP address of a gateway system for each known network. The gateway is a system that can receive outgoing packets and forward them one hop beyond the local network.
The following is a simple routing table for a system on an IPv4-only network:
Routing Table: IPv4 Destination Gateway Flags Ref Use Interface -------------------- -------------------- ----- ----- ------ --------- default 172.20.1.10 UG 1 532 net0 224.0.0.0 10.0.5.100 U 1 0 net1 10.0.0.0 10.0.5.100 U 1 0 net1 127.0.0.1 127.0.0.1 UH 1 57 lo0
You can configure two types of routing on an Oracle Solaris system: static and dynamic. You can configure either or both routing types on a single system. A system that implements dynamic routing relies on routing protocols, such as RIP for IPv4 networks, and RIPng for IPv6 networks, to route network traffic as well as to update routing information in the table. With static routing, routing information is maintained manually by the use of the route command. For complete details, refer to the route(1M) man page.
When you configure routing for the local network or autonomous system, consider which type of routing to support on particular routers and hosts.
The following table shows the different types of routing and the networking scenarios to which each routing type is best applied.
|
The AS that is shown is Figure 3-1 combines both static and dynamic routing.
Note - Two routes to the same destination does not automatically cause the system to do load balancing or failover. If you need these capabilities, use IPMP, as explained in Chapter 14, Introducing IPMP, in Oracle Solaris Administration: Network Interfaces and Network Virtualization.
Use your regular user account to run the following form of the netstat command:
% netstat -rn
Your output would resemble the following:
Routing Table: IPv4 Destination Gateway Flags Ref Use Interface -------------------- -------------------- ----- ----- ------ --------- 192.168.5.125 192.168.5.10 U 1 5879 net0 224.0.0.0 198.168.5.10 U 1 0 net0 default 192.168.5.10 UG 1 91908 127.0.0.1 127.0.0.1 UH 1 811302 lo0
For more information, see How to Obtain Administrative Rights in Oracle Solaris Administration: Security Services.
# route flush
# route -p add -net network-address -gateway gateway-address
Creates a route that must persist across system reboots. If you want the route to prevail only for the current session, do not use the -p option.
Specifies that the route goes to the network with the address in network-address.
Indicates that the gateway system for the specified route has the IP address gateway-address.
Example 3-4 Adding a Static Route to the Routing Table
The following example shows how to add a static route to Router 2 of Figure 3-1. The static route is needed for the AS's border router, 10.0.5.150.
To view the routing table on Router 2, you would do the following:
# netstat -rn Routing Table: IPv4 Destination Gateway Flags Ref Use Interface -------------------- -------------------- ----- ----- ------ --------- default 172.20.1.10 UG 1 249 ce0 224.0.0.0 172.20.1.10 U 1 0 ce0 10.0.5.0 10.0.5.20 U 1 78 bge0 127.0.0.1 127.0.0.1 UH 1 57 lo0
The routing table indicates two routes that Router 2 knows about. The default route uses Router 2's 172.20.1.10 interface as its gateway. The second route, 10.0.5.0, was discovered by the in.routed daemon running on Router 2. The gateway for this route is Router 1, with the IP address 10.0.5.20.
To add a second route to network 10.0.5.0, which has its gateway as the border router, you would do the following:
# route -p add -net 10.0.5.0/24 -gateway 10.0.5.150 add net 10.0.5.0: gateway 10.0.5.150
Now the routing table has a route for the border router, which has the IP address 10.0.5.150/24.
# netstat -rn Routing Table: IPv4 Destination Gateway Flags Ref Use Interface -------------------- -------------------- ----- ----- ------ --------- default 172.20.1.10 UG 1 249 ce0 224.0.0.0 172.20.1.10 U 1 0 ce0 10.0.5.0 10.0.5.20 U 1 78 bge0 10.0.5.0 10.0.5.150 U 1 375 bge0 127.0.0.1 127.0.0.1 UH 1 57 lo0
In Oracle Solaris, a system with more than one interface is considered a multihomed host. The interfaces of a multihomed host connect to different subnets, either on different physical networks, or on the same physical network.
On a system whose multiple interfaces connect to the same subnet, you must configure the interfaces into an IPMP group first. Otherwise, the system cannot be a multihomed host. For more information about IPMP, see Chapter 14, Introducing IPMP, in Oracle Solaris Administration: Network Interfaces and Network Virtualization.
A multihomed host does not forward IP packets, but can be configured to run routing protocols. You typically configure the following types of systems as multihomed hosts:
NFS servers, particularly those servers that function as large data centers, can be attached to more than one network in order to share files among a large pool of users. These servers do not need to maintain routing tables.
Database servers can have multiple network interfaces to provide resources to a large pool of users, just like NFS servers.
Firewall gateways are systems that provide the connection between a company's network and public networks such as the Internet. Administrators set up firewalls as a security measure. When configured as a firewall, the host does not pass packets between the networks that are attached to the host's interfaces. However, the host can still provide standard TCP/IP services, such as ssh to authorized users.
Note - When multihomed hosts have different types of firewalls on any of their interfaces, take care to avoid unintentional disruption of the host's packets. This problem arises particularly with stateful firewalls. One solution might be to configure stateless firewalling. For more information about firewalls, refer to Firewall Systems in Oracle Solaris Administration: Security Services or the documentation for your third-party firewall.
For more information, see How to Obtain Administrative Rights in Oracle Solaris Administration: Security Services.
Refer to How to Configure an IP Interface.
# ipadm show-prop -p forwarding ipv4 PROTO PROPERTY PERM CURRENT PERSISTENT DEFAULT POSSIBLE ipv4 forwarding rw on -- off on,off ipadm set-prop -p forwarding=off ipv4
Use one of the following command syntaxes:
# routeadm -e ipv4-routing -u
# svcadm enable route:default
The SMF FMRI associated with the in.routed daemon is svc:/network/routing/route.
Example 3-5 Configuring a Multihomed Host
The following example shows how to configure the multihomed host that is shown in Figure 3-1. In the example, the system has the host name hostc. This host has two interfaces, which are both connected to network 192.168.5.0.
To begin, you would display the status of the system's interfaces.
# dladm show-link LINK CLASS MTU STATE BRIDGE OVER net0 phys 1500 up -- -- net1 phys 1500 up -- -- # ipadm show-addr ADDROBJ TYPE STATE ADDR lo0/v4 static ok 127.0.0.1/8 net0/v4 static ok 192.168.5.82/24
The dladm show-link command reports that hostc has two datalinks. However, only net0 has been configured with an IP address. To configure hostc as a multihomed host, you would configure net1 with an IP address in the same 192.168.5.0 network. Ensure that the underlying physical NIC of net1 is physically connected to the network.
# ipadm create-ip net1 # ipadm create-addr -T static -a 192.168.5.85/24 bge0/v4 # ipadm show-addr ADDROBJ TYPE STATE ADDR lo0/v4 static ok 127.0.0.1/8 net0/v4 static ok 192.168.5.82/24 net1/v4 static ok 192.168.5.85/24
Next, you would add the net1 interface to the /etc/hosts database:
# vi /etc/inet/hosts 127.0.0.1 localhost 192.168.5.82 hostc #primary network interface for host3 192.168.5.85 hostc-2 #second interface
Next, you would turn off packet forwarding if this service is running on the hostc:
# ipadm show-prop -p forwarding ipv4 PROTO PROPERTY PERM CURRENT PERSISTENT DEFAULT POSSIBLE ipv4 forwarding rw on -- off on,off # ipadm set-prop -p forwarding=off ipv4 # routeadm Configuration Current Current Option Configuration System State --------------------------------------------------------------- IPv4 routing enabled enabled IPv6 routing disabled disabled Routing services "route:default ripng:default"
The routeadm command reports that dynamic routing through the in.routed daemon is currently enabled.
Single-interface systems can be configured with either static or dynamic routing. With static routing, the host must rely on the services of a default router for routing information. The following procedures contain the instructions for enabling both routing types.
You can also use the following procedure to configure static routing on a multihomed host.
For more information, see How to Obtain Administrative Rights in Oracle Solaris Administration: Security Services.
For instructions, see How to Configure an IP Interface.
# routeadm Configuration Current Current Option Configuration System State --------------------------------------------------------------- IPv4 routing enabled disabled IPv6 routing disabled disabled Routing services "route:default ripng:default" # svcadm disable route:default
# # ipadm show-prop -p forwarding ipv4 PROTO PROPERTY PERM CURRENT PERSISTENT DEFAULT POSSIBLE ipv4 forwarding rw on -- off on,off # ipadm set-prop -p forwarding=off ipv4
Example 3-6 Configuring Static Routing on a Single-Interface System
The following example shows how to configure static routing for hostb, a single-interface system on the 172.20.1.0 network as shown in Figure 3-1. hostb needs to use Router 2 as its default router. The example assumes that you have already configured the system's IP interface.
First, you would log in to hostb with administrator rights. Next, you would determine whether the /etc/defaultrouter file is present on the system:
# cd /etc # ls | grep defaultrouter # vi /etc/defaultrouter 172.20.1.10
The IP address 172.20.1.10 belongs to Router 2.
# vi /etc/inet/hosts 127.0.0.1 localhost 172.20.1.18 host2 #primary network interface for host2 172.20.1.10 router2 #default router for host2 # ipadm show-prop -p forwarding ipv4 PROTO PROPERTY PERM CURRENT PERSISTENT DEFAULT POSSIBLE ipv4 forwarding rw on -- off on,off # ipadm set-prop -p forwarding=off ipv4 # routeadm Configuration Current Current Option Configuration System State --------------------------------------------------------------- IPv4 routing enabled disabled IPv6 routing disabled disabled Routing services "route:default ripng:default" # svcadm disable route:default
Dynamic routing that uses a routing protocol is the easiest way to manage routing on a system.
For more information, see How to Obtain Administrative Rights in Oracle Solaris Administration: Security Services.
For instructions, see How to Configure an IP Interface.
An empty /etc/defaultrouter file forces the system to use dynamic routing.
# ipadm set-prop -p forwarding=off ipv4
Use either of the following commands:
# routeadm -e ipv4-routing -u
# svcadm enable route:default
Example 3-7 Running Dynamic Routing on a Single-Interface System
The following example shows how to configure dynamic routing for hosta, a single-interface system on the network 192.168.5.0 that is shown in Figure 3-1. The system uses Router 1 as its default router. The example assumes that you have already configured the system's IP interface.
First, you would log in to hosta with administrator rights. Then, you would determine whether the /etc/defaultrouter file is present on the system:
# cd /etc # ls | grep defaultrouter defaultrouter # cat defaultrouter 192.168.5.10
The file correctly includes the entry 192.168.5.10, which is the IP address for Router 1.
# routeadm Configuration Current Current Option Configuration System State --------------------------------------------------------------- IPv4 routing disabled disabled IPv6 routing disabled disabled Routing services "route:default ripng:default" # svcadm enable route:default # ipadm show-prop -p forwarding ipv4 PROTO PROPERTY PERM CURRENT PERSISTENT DEFAULT POSSIBLE ipv4 forwarding rw on -- off on,off # ipadm set-prop -p forwarding=off ipv4
If you are changing from a network that does not use a subnet to a network that does use a subnet, perform the tasks in the following list. The list assumes that you have already prepared a subnet schema. For an overview, see What Is Subnetting? in System Administration Guide: IP Services.
Assign the IP addresses with the new subnet number to the systems that belong to the subnet.
For reference, see How to Configure an IP Interface.
Add the correct IP address and netmask to each system's /etc/netmasks file.
Revise each system's /etc/inet/hosts file with the correct IP address to correspond to the host names.
Reboot all the systems in the subnet.
The following procedure is closely connected to subnets. If you implement subnetting much later after you have originally configured the network without subnetting, perform the following procedure to implement the changes.
This procedure explains how to modify the IPv4 address, host name, and other network parameters on a previously installed system. Use the procedure for modifying the IP address of a server or networked standalone system. The procedure does not apply to network clients or appliances. The steps create a configuration that persists across reboots.
Note - The instructions apply specifically to changing the IPv4 address of the primary network interface. To add another interface to the system, refer to How to Configure an IP Interface.
In almost all cases, the following steps use traditional IPv4 dotted decimal notation to specify the IPv4 address and subnet mask. Alternatively, you can use CIDR notation to specify the IPv4 address in all the applicable files in this procedure. For an introduction to CIDR notation, see IPv4 Addresses in CIDR Format in System Administration Guide: IP Services.
For more information, see How to Obtain Administrative Rights in Oracle Solaris Administration: Security Services.
With the ipadm command, you cannot modify an IP address directly. You first delete the address object that represents the IP address you want to modify. Then you assign a new address by using the same address object name.
# ipadm delete-addr addrobj # ipadm create-addr -T static IP-address addrobj
# svccfg -s svc:/system/identity:node setprop config/nodename = astring: hostname
# reboot -- -r
Example 3-8 Changing the IP Address and Host Name
This example shows how to change a host's name, IP address of the primary network interface, and subnet mask. The IP address for the primary network interface bge0 changes from 10.0.0.14 to 192.168.34.100.
# ipadm show-addr ADDROBJ TYPE STATE ADDR lo0/v4 static ok 127.0.0.1/8 bge0/v4 static ok 10.0.0.14/24 # ipadm delete-addr bge0/v4 # ipadm create-addr -T static -a 192.168.34.100/24 bge0/v4 # svccfg -s svc:/system/identity:node setprop config/nodename = astring: mynewhostname # ipadm show-addr ADDROBJ TYPE STATE ADDR lo0/v4 static ok 127.0.0.1/8 bge0/v4new static ok 192.168.34.100/24 # hostname mynewhostname
See Also
To change the IP address of an interface other than the primary network interface, refer to Oracle Solaris Administration: Common Tasks and How to Configure an IP Interface.