| Skip Navigation Links | |
| Exit Print View | |
|
Oracle Solaris Administration: Network Interfaces and Network Virtualization Oracle Solaris 11 Information Library |
| Skip Navigation Links | |
| Exit Print View | |
|
|
Oracle Solaris Administration: Network Interfaces and Network Virtualization Oracle Solaris 11 Information Library |
1. Overview of the Networking Stack
Network Configuration in This Oracle Solaris Release
The Network Stack in Oracle Solaris
Network Devices and Datalink Names
Administration of Other Link Types
3. NWAM Configuration and Administration (Overview)
4. NWAM Profile Configuration (Tasks)
5. NWAM Profile Administration (Tasks)
6. About the NWAM Graphical User Interface
Part II Datalink and Interface Configuration
7. Using Datalink and Interface Configuration Commands on Profiles
8. Datalink Configuration and Administration
9. Configuring an IP Interface
About IP Interface Configuration
IP Interface Configuration (Tasks)
SPARC: How to Ensure That the MAC Address of an Interface Is Unique
How to Configure an IP Interface
How to Set the Property of an IP Address
Administering Protocol Properties
How to Restrict a Port's Access to root User Only
How to Implement Symmetric Routing on Multihomed Hosts
Monitoring IP Interfaces and Addresses
How to Obtain Information About Network Interfaces
Troubleshooting Interface Configuration
The ipadm command does not work.
IP address cannot be assigned with the ipadm create-addr command.
Comparison Tables: ipadm Command and Other Networking Commands
ifconfig Command Options and ipadm Command Options
ndd Command Options and ipadm Command Options
10. Configuring Wireless Interface Communications on Oracle Solaris
12. Administering Link Aggregations
16. Exchanging Network Connectivity Information With LLDP
Part III Network Virtualization and Resource Management
17. Introducing Network Virtualization and Resource Control (Overview)
18. Planning for Network Virtualization and Resource Control
19. Configuring Virtual Networks (Tasks)
20. Using Link Protection in Virtualized Environments
21. Managing Network Resources
The procedures that follow show how you use the ipadm command for different IP configuration needs. Although the ifconfig command still functions to configure interfaces, the ipadm command should be the preferred tool. For an overview of the ipadm command and its benefits, see The ipadm Command.
Note - Typically, IP interface configuration and datalink configuration occur together. Thus, where applicable, procedures that follow include datalink configuration steps with the use of the dladm command. For more information about using the dladm command to configure and administer datalinks, see Chapter 8, Datalink Configuration and Administration.
The following procedure provides an example of performing a basic configuration of an IP interface.
Before You Begin
Determine if you want to rename datalinks on the system. Typically, you use the generic names that have been assigned by default to the datalinks. To change link names, see How to Rename a Datalink.
For more information, see How to Obtain Administrative Rights in Oracle Solaris Administration: Security Services.
# dladm show-phys
This command shows the physical network cards that are installed on your system and some of their properties. For more information about this command, see How to Display Information About Physical Attributes of Datalinks.
# dladm show-link
This command shows the datalinks and certain properties that have been set for them, including the physical cards over which the links have been created.
# ipadm create-interface-class interface
Refers to one of three classes of interfaces that you can create:
IP interface. This interface class is the most common that you create when you perform network configuration. To create this interface class, use the create-ip subcommand.
STREAMS virtual network interface driver (VNI interface). To create this interface class, use the create-vni subcommand. For more information about VNI devices or interfaces, see the vni(7d) man page.
IPMP interface. This interface is used when you configure IPMP groups. To create this interface class, use the create-ipmp subcommand. For more information about IPMP groups, see Chapter 14, Introducing IPMP and Chapter 15, Administering IPMP.
Refers to the name of the interface. The name is identical to the name of the link over which the interface is being created.
Note - You must create the IP interface before you can assign the IP address to it.
The following syntax assigns a static address to an interface. Refer to the ipadm(1M) man page for other options for assigning IP addresses.
# ipadm create-addr -T address-type -a address/prefixlen addrobj
Specifies the type of IP address that is assigned to the interface, which is one of the following: static, dhcp, or addrconf. Addrconf refers to automatically generated IPv6 addresses.
Specifies the IP address to configure on the interface. You can specify either just a local address, or both a local address and a remote address in the case of tunnel configuration. Typically, you assign only a local address. In this case, you specify the address directly with the -a option, such as: -a address. The address is automatically considered a local address.
If you are configuring tunnels, you might be required to provide both the local address of the system and the remote address of the destination system. In this case, you must specify local and remote to distinguish the two addresses, as follows: -a local=local-addr,remote=remote-addr. For more information about configuring tunnels, see Chapter 6, Configuring IP Tunnels, in Oracle Solaris Administration: IP Services.
If you are using a numeric IP address, use the format address/prefixlen for addresses in CIDR notation, for example, 1.2.3.4/24. See the explanation for the prefixlen option.
Optionally, you can specify a host name for address instead of a numeric IP address. Using a host name is valid if a corresponding numeric IP address is defined for that host name in the /etc/hosts file. If no numeric IP address is defined in the file, then the numeric value is uniquely obtained by using the resolver order that is specified for host in the name-service/switch service. If multiple entries exist for a given host name, then an error is generated.
Note - During the boot process, the creation of IP addresses precedes naming services being brought online. Therefore you must ensure that any host name that is used in the network configuration must be defined in the /etc/hosts file.
Specifies the length of the network ID that is part of the IPv4 address when you use CIDR notation. In the address 12.34.56.78/24, 24 is the prefixlen. If you do not include prefixlen, then the netmask is computed according to the sequence listed for netmask in the name-service/switch service or by using classful address semantics.
Specifies an identifier for the unique IP address or set of addresses that is used in the system. The addresses can be either IPv4 or IPv6 types. The identifier uses the format interface/user_specified_string.
The interface refers to the IP interface to which the address is assigned. The interface variable must reflect the name of the datalink on which the IP interface is configured.
user-specified-string refers to a string of alphanumeric characters that begins with an alphabet letter and has a maximum length of 32 characters. Subsequently, you can refer to the addrobj instead of the numeric IP address when you use any ipadm subcommand that manages addresses in the system, such as ipadm show-addr, or ipadm delete-addr.
You can use the following commands, depending on the information that you want to check:
Display the general status of the interface.
# ipadm show-if [interface]
If you do not specify the interface, then information for all interfaces in the system is displayed.
Display the interface's address information.
# ipadm show-addr [addrobj]
If you do not specify the addrobj, then information for all address objects in the system is displayed.
For more information about the output of the ipadm show-* subcommand, see Monitoring IP Interfaces and Addresses.
The entries in this file consist of IP addresses and the corresponding host names.
Note - This step applies only if you are configuring static IP addresses that use hostnames. If you are configuring DHCP addresses, you do not need to update the /etc/hosts file.
Example 9-1 Configuring a Network Interface With a Static Address
# dladm show-phys LINK MEDIA STATE SPEED DUPLEX DEVICE net3 Ethernet up 100Mb full bge3 # dladm show-link LINK CLASS MTU STATE BRIDGE OVER net3 phys 1500 up -- -- # ipadm create-ip net3 # ipadm create-addr -T static -a 192.168.84.3/24 net3/v4static # ipadm show-if IFNAME CLASS STATE ACTIVE OVER lo0 loopback ok yes -- net3 ip ok yes -- # ipadm show-addr ADDROBJ TYPE STATE ADDR lo0/? static ok 127.0.0.1/8 net3/v4 static ok 192.168.84.3/24 # vi /etc/hosts # Internet host table # 127.0.0.1 localhost 10.0.0.14 myhost 192.168.84.3 campus01
Note that if campus01 is already defined in the /etc/hosts file, you can use that host name when assigning the following address:
# ipadm create-addr -T static -a campus01 net3/v4static
Example 9-2 Automatically Configuring a Network Interface With an IP Address
This example uses the same network device as the previous example but configures the IP interface to receive its address from a DHCP server.
# dladm show-phys LINK MEDIA STATE SPEED DUPLEX DEVICE net3 Ethernet up 100Mb full bge3 # dladm show-link LINK CLASS MTU STATE BRIDGE OVER net3 phys 1500 up -- -- # ipadm create-ip net3 # ipadm create-addr -T dhcp net3/dhcp # ipadm show-if IFNAME CLASS STATE ACTIVE OVER lo0 loopback ok yes -- net3 ip ok yes -- # ipadm show-addr net3/dhcp ADDROBJ TYPE STATE ADDR net3/dhcp dhcp ok 10.8.48.242/24 # ipadm show-addr ADDROBJ TYPE STATE ADDR lo0/? static ok 127.0.0.1/8 net3/dhcp dhcp ok 10.8.48.242/24
The ipadm command enables you to set address–specific properties after these addresses are assigned to interfaces. By setting these properties, you can determine the following:
The prefixlen of an address.
Whether an IP address can be used as a source address for outbound packets.
Whether the address belongs to a global or non–global zone.
Whether the address is a private address.
To list the properties of an IP address, use the following syntax:
# ipadm show-addrprop [-p property] [addrobj]
The information that is displayed depends on the options that you use.
If you do not specify a property nor an address object, then all properties of all existing addresses are displayed.
If you specify only the property, then that property for all the addresses is displayed.
If you specify only the address object, then all the properties of that address object are displayed.
Note - You can only set address properties one at a time.
This procedure shows the general steps to configure a property for an IP address.
For more information, see How to Obtain Administrative Rights in Oracle Solaris Administration: Security Services.
# ipadm show-addr
# ipadm show-addrprop -p property addrobj
If you do not know the property, you can issue a general ipadm show-addrprop command. When you display IP addresses with this command, the addresses are displayed with the current settings of all their properties.
# ipadm set-addrprop -p property=value addrobj
# ipadm show-addrprop -p property addrobj
Example 9-3 Setting the prefixlen Property of an Address
The prefixlen property refers to the netmask of an IP address. The following example changes the length of the prefixlen property of net3's IP address. In this example, the -t option is used to create only a temporary change in the property. If the system is rebooted, the property's value reverts to the default setting.
# ipadm show-addr ADDROBJ TYPE STATE ADDR lo0/? static ok 127.0.0.1/8 net3/v4 static ok 192.168.84.3/24 # ipadm show-addrprop -p prefixlen net3/v4 ADDROBJ PROPERTY PERM CURRENT PERSISTENT DEFAULT POSSIBLE net3/v4 prefixlen rw 24 24 24 1-30,32 # ipadm set-addrprop -t -p prefixlen=8 net3/v4 # ipadm show-addrprop -p prefixlen net3/v4 ADDROBJ PROPERTY PERM CURRENT PERSISTENT DEFAULT POSSIBLE net3/v4 prefixlen rw 8 24 24 1-30,32
IP interfaces, like datalinks, have properties that you can customize for your specific network setting. For each interface, two sets of properties exist that apply to IPv4 and IPv6 protocols, respectively. Some properties, such as MTU, are common to both datalinks and the IP interface. Thus, you can have one MTU setting for a datalink and a different MTU setting for the interface configured over that link. Further, you can have different MTU settings that apply to IPv4 and IPv6 packets, respectively, that traverse that IP interface.
IP forwarding is an IP interface property that is typically configured in networking scenarios. The following procedure shows the steps.
In a network, a host can receive data packets that are destined for another host system. By enabling packet forwarding in the receiving local system, that system can forward the data packet to the destination host. By default, IP forwarding is disabled. The following two procedures describe how to enable this functionality. In previous Oracle Solaris releases, the routeadm command was used to enable packet forwarding. The ipadm syntax in this procedure replaces the routeadm command.
Consider the following to determine whether to use the interface–based or protocol–based procedure.
If you want to be selective in how packets are forwarded, then you enable packet forwarding on the interface. For example, you might have a system that has multiple NICs. Some NICs are connected to the external network, while other NICs are connected to the private network. You would therefore enable packet forwarding only on some of the interfaces, rather than on all interfaces. See How to Enable IP Packet Forwarding by Setting an Interface Property.
If you want to implement packet forwarding globally within the system, then you enable the forwarding property of the protocol. For this second method, see How to Enable Packet Forwarding by Setting the Protocol Property.
Note - The two methods of forwarding packets are not mutually exclusive. For example, you can enable packet forwarding globally, and then customize the forwarding property for each interface. Thus, packet forwarding can still be selective for that particular system.
This procedure shows how to enable packet forwarding selectively by configuring the IP forwarding property on specific interfaces.
Note - Packet forwarding involves the IP protocol. Thus, distinguishing between IP protocol versions is also included in the steps.
For more information, see How to Obtain Administrative Rights in Oracle Solaris Administration: Security Services.
# ipadm show-ifprop -p forwarding [-m protocol-version] interface
where protocol-version can either be ipv4 or ipv6. If you do not specify the version, then the settings for both IPv4 and IPv6 protocols are displayed.
Note - To display all the valid protocol properties of a given interface, do not specify a property, as follows:
# ipadm show-ifprop interface
This syntax is also shown in Example 9-4.
# ipadm set-ifprop forwarding=on -m protocol-version interface
# ipadm show-ifprop -p forwarding interface
# ipadm reset-ifprop -p forwarding -m protocol-version interface
Example 9-4 Enabling an Interface to Forward Only IPv4 Packets
The following example shows how to implement selective packet forwarding, where forwarding of IPv4 packets is enabled only in the net0 interface. In the other remaining interfaces of the system, packet forwarding is disabled, which is the default setting.
# ipadm show-ifprop -p forwarding net0 IFNAME PROPERTY PROTO PERM CURRENT PERSISTENT DEFAULT POSSIBLE net0 forwarding ipv4 rw off off off on,off net0 forwarding ipv6 rw off -- off on,off
The ipadm show-ifprop command syntax that uses the -p property option provides information only about a specific property.
# ipadm set-ifprop -p forwarding=on -m ipv4 net0 # ipadm show-ifprop net0 IFNAME PROPERTY PROTO PERM CURRENT PERSISTENT DEFAULT POSSIBLE ... net0 forwarding ipv4 rw on on off on,off ...
The ipadm show-ifprop command syntax without the -p property option displays all the properties of an interface and their corresponding settings.
# ipadm reset-ifprop -p forwarding -m ipv4 net0 # ipadm show-ifprop -p forwarding -m ipv4 net0 IFNAME PROPERTY PROTO PERM CURRENT PERSISTENT DEFAULT POSSIBLE net0 forwarding ipv4 rw off off off on,off
The ipadm reset-ifprop command syntax resets the specified property to the default setting.
This procedure shows how to enable packet forwarding globally in the system.
For more information, see How to Obtain Administrative Rights in Oracle Solaris Administration: Security Services.
# ipadm show-prop -p forwarding protocol-version
where protocol-version can either be ipv4 or ipv6.
Note - To display all the valid tunable properties for a given protocol and their current settings, type the following command:
# ipadm show-prop protocol
where protocol can be ip, ipv4, ipv6, udp, tcp, icmp, and sctp.
This syntax is shown in Example 9-5.
# ipadm set-prop forwarding=on protocol-version
To display all the properties and current settings of a protocol, type the following:
# ipadm show-prop protocol
To display a specific property of a protocol, type the following:
# ipadm show-prop -p property protocol
To display a specific property of a specific protocol version, type the following:
# ipadm show-prop -p property protocol-version
# ipadm reset-prop -p property protocol-version
Example 9-5 Enabling Forwarding for IPv4 and IPv6 Packets
The following example parallels the previous example about forwarding packets on interfaces. The two uses of ipadm show-prop display the settings of a specified property or all the properties of a protocol and their corresponding settings.
# ipadm show-prop -p forwarding ip PROTO PROPERTY PERM CURRENT PERSISTENT DEFAULT POSSIBLE ipv4 forwarding rw off -- off on,off ipv6 forwarding rw off -- off on,off # # ipadm set-prop -p forwarding=on ipv4 # ipadm set-prop -p forwarding=on ipv6 # # ipadm show-prop ip PROTO PROPERTY PERM CURRENT PERSISTENT DEFAULT POSSIBLE ipv4 forwarding rw on on off on,off ipv4 ttl rw 255 -- 255 1-255 ipv6 forwarding rw on on off on,off ipv6 hoplimit rw 255 -- 255 1-255#
|