Go to main content

Configuring and Managing Network Components in Oracle® Solaris 11.4

Exit Print View

Updated: January 2019
 
 

Customizing IP Interface Properties and Addresses

Like datalinks, IP interfaces also have properties that you can customize for your specific network environment. For each interface, two sets of properties exist, one set for IPv4 and the another set for IPv6.

    To manage IP interface properties, three ipadm subcommands are available:

  • show-ifprop [–p property] [interface] – Displays a property of an IP interface and its current value. Omitting the –p property option will list all the properties of the specific IP interface. If you do not specify an IP interface, then all the properties of all the IP interfaces are listed.

  • set-ifprop –p property=value interface – Assigns a value to the IP interface's property.

  • reset-ifprop –p property interface – Resets the specific property to its default values.

Setting the MTU Property

Some properties, including the MTU property, are common to both datalinks and IP interfaces. Thus, you can have one MTU value for a datalink and a different MTU value for the interface that is configured over that link. In addition, you can have different MTU values that apply to the IPv4 and IPv6 packets that traverse that IP interface.

    When setting MTU properties for an IP interface, keep the following key points in mind:

  • The value of the MTU setting of an IP interface cannot be larger than the value of the MTU setting of a datalink. In such cases, the ipadm command displays an error message.

  • If an IP interface's MTU value is different than a datalink's MTU value, IP packets are limited to the MTU value of the IP interface. For example, if a datalink has an MTU value of 9000 bytes and an IP interface as an MTU value of 1500 bytes, IP packets are limited to 1500 bytes. However, other Layer 3 protocols that are using the underlying Layer 2 protocol can send packets up to 9000 bytes.

    For instructions on customizing datalink properties, including information about how the MTU setting of a datalink impacts the MTU setting of an IP interface, see Customizing Datalink Properties.

Enabling Packet Forwarding

On a network, a host system can receive data packets that are destined for another host. By enabling packet forwarding on the receiving local system, that system can forward the data packet to the destination host. This process is referred to as IP forwarding and is disabled by default in Oracle Solaris.

Packet forwarding is managed by a property that you can set on both IP interfaces, as well as for the TCP/IP protocol. If you want to be selective about how packets are forwarded, you can enable packet forwarding on the IP interface. For example, you might have a system that has multiple NICs, where some NICs are connected to the external network, while other NICs are connected to a private network. You can therefore enable packet forwarding only on some of the interfaces, rather than on all of the interfaces.

You can also enable packet forwarding globally on a system by setting the property of the TCP/IP protocol. See Enabling Global Packet Forwarding in Administering TCP/IP Networks, IPMP, and IP Tunnels in Oracle Solaris 11.4.


Note -  The forwarding property of either IP interfaces or protocols is not mutually exclusive. You can set the property for the interface and the protocol at the same time. For example, you could enable packet forwarding globally on the protocol, and then customize packet forwarding for each IP interface on the system. Thus, although enabled globally, packet forwarding can still be selective for the system.

For example, you can enable packet forwarding on an IP interface as follows:

$ ipadm set-ifprop -p forwarding=on -m protocol-version interface

where protocol-version is either IPv4 or IPv6. You must run this command separately for IPv4 and IPv6 packets.

The following example shows how you might enable only IPv4 packet forwarding on a system:

$ ipadm show-ifprop -p forwarding net0
IFNAME   PROPERTY     PROTO   PERM   CURRENT   PERSISTENT   DEFAULT   POSSIBLE
net0     forwarding   ipv4    rw     off       off          off       on,off
net0     forwarding   ipv6    rw     off       --           off       on,off

$ ipadm set-ifprop -p forwarding=on -m ipv4 net0
$ ipadm show-ifprop net0
IFNAME   PROPERTY         PROTO  PERM  CURRENT  PERSISTENT  DEFAULT   POSSIBLE
...
net0     forwarding       ipv4   rw    on       on          off       on,off

Customizing IP Address Properties

The ipadm command enables you to manage IP address-specific properties.

    You can customize IP address properties to manage the following network configuration parameters:

  • Netmask length

  • Whether an IP address can be used as a source address for outbound packets

  • Whether the IP address belongs to a global or non–global zone

  • Whether the IP address is a private address

    Use the following ipadm subcommands when working with IP address properties:

  • show-addrprop –p property addrobj – Displays address properties, depending on the options that you use.

    To display the properties of all the IP addresses, do not specify a property or an address object. To display the values of a single property for all the IP addresses, specify only that property. To display all the properties of a specific address object, specify just the address object.

  • set-addrprop –p property=value addrobj – Assigns values to address properties. Note that you can only set one address property at a time.

  • reset-addrprop –p property addrobj – Restores any default values to the address property.


Note -  If you want to change the IP address of a specific interface, do not use the set-addressprop subcommand. Instead, delete the address object and create a new one with the new IP address. See Modifying an IP Interface Configuration.

As an example, suppose you want to change the netmask of an IP address. The IP address is configured on the IP interface net3 and is identified by the address object name net3/v4. The following example shows how to revise the netmask:

$ ipadm show-addr
ADDROBJ     TYPE       STATE     ADDR
lo0/?       static     ok        127.0.0.1/8
net3/v4     static     ok        198.51.100.3/24

$ ipadm show-addrprop -p prefixlen net3/v4
ADDROBJ  PROPERTY   PERM  CURRENT  PERSISTENT  DEFAULT   POSSIBLE
net3/v4  prefixlen  rw    24       24          24        1-30,32

$ ipadm set-addrprop -p prefixlen=8 net3/v4
$ ipadm show-addrprop -p prefixlen net3/v4
ADDROBJ  PROPERTY   PERM  CURRENT  PERSISTENT  DEFAULT   POSSIBLE
net3/v4  prefixlen  rw    8        24          24        1-30,32