Network Administration by Functional Area
Oracle Solaris network administration features are designed to meet specific networking
needs by providing support in the following functional areas: high availability, network
virtualization, performance, resource management, security, and storage. Knowing which functional
area a particular feature supports is helpful for evaluating which networking strategy or strategies
to implement at your site.
The following table describes the various network administration features that are supported
in Oracle Solaris according to functional area. Information about the administrative
interface that is used to administer the feature and at which layer of the network
protocol stack the feature is administered is also provided.
Table 2 Networking Features by Functional Area
|
|
|
|
Aggregations (DLMP and trunking)
|
High availability
|
dladm (create-aggr, delete-aggr,
modify-aggr, add-aggr, remove-aggr)
|
L2
|
Bridging protocols:
-
STP
-
TRILL
|
High availability, network virtualization
|
dladm (create-bridge, delete-bridge,
modify-bridge, add-bridge, remove-bridge,
show-bridge)
|
L2
|
DCB
|
Network storage, performance
|
lldpadm, dladm
|
L2
|
Etherstubs
|
Network virtualization
|
dladm (create-etherstub,
delete-etherstub, show-etherstub)
|
L2
|
EVB
|
Network virtualization
|
dladm
|
L2
|
EVS
|
Network virtualization
|
evsadm, evsstat, dladm
|
L2, L3
|
Firewalls
|
Security
|
Packet filtering with ipf and ipnat
|
L3, L4
|
Flows
|
Observability, resource management, security
|
flowadm, flowstat
|
L2, L3, L4
|
ILB
|
Performance
|
ilbadm (create-servergroup,
add-server, delete-servergroup,
enable-server, disable-server, show-server,
show-servergroup, remove-server)
|
L3
|
IPMP
|
High availability
|
ipadm (create-ipmp
interface, delete-ipmp
interface, add-ipmp
interface, remove-ipmp
interface
|
L3
|
IP tunnels
|
IP connectivity
|
dladm (create-iptun, modify-iptun,
delete-iptun, show-iptun); ipadm (to create
the IP address over the tunnel)
|
L2, L3
|
LLDP
|
Observability, network storage, network virtualization
|
lldpadm
|
L2
|
Pluggable congestion control
|
Performance
|
ipadm
set-prop
property
|
L4
|
Routing
|
IP connectivity
|
route (route -p display; netstat);
routeadm
|
L3
|
Socket filtering
|
Security
|
soconfig (–F)
|
L4
|
VLANs
|
Network virtualization
|
dladm (create-vlan, modify-vlan,
delete-vlan, show-vlan)
|
L2
|
VNIs
|
IP connectivity
|
ipadm (create-vni, delete-vni)
|
L3
|
VNICs
|
Network virtualization
|
dladm (create-vnic, modify-vnic
delete-vnic, show-vnic)
|
L2
|
VRRP
|
High availability
|
dladm, vrrpadm
|
L3
|
VXLANs
|
Network virtualization
|
dladm (create-vxlan, show-vxlan,
delete-vxlan)
|
L2, L3
|
|
In many cases, you can obtain optimal results by using a combination of networking
features. For example, the following figure shows how you might combine multiple networking features
for high availability.
Figure 2 Combining the Use of Aggregations With VNICs
In the figure, multiple physical datalinks (net0, net2,
and net3) are combined into a single link aggregation
(aggr0). The aggregation datalink is then directly configured from IP in
the global zone through the aggr0 IP interface and aggr0
IP address, respectively. For another example, see Combining Aggregations With VNICs for High Availability.
You can also virtualize the aggregation datalink by using it as the underlying link for
the VNICs. In this figure, two VNICs are configured and then assigned to two non-global zones. This
particular configuration makes the VNICs highly available because any failures of the underlying
physical NICs that occur are automatically handled by the link aggregation layer and are transparent
to the zones.