The Oracle Solaris 11 OS enables you to define virtual networks that consist of virtual network interface cards (VNICs), virtual switches, and etherstubs. Oracle Solaris Zones virtualize operating system services and provide isolated and secure environments for running applications within the same Oracle Solaris OS instance of a logical domain.
Oracle Solaris 11 improves on the Oracle Solaris 10 “shared IP” zone model in which zones inherit network properties from the global zone and cannot set their own network address or other properties. Now, by using zones with virtual network devices, you can configure multiple isolated virtual NICs, associate zones with each virtual network, and establish rules for isolation, connectivity, and quality of service (QoS).
For more information, see the networking books in the Oracle Solaris 11.3 information library (http://docs.oracle.com/cd/E53394_01/).
A virtual network device in a logical domain can support multiple Oracle Solaris 11 virtual NICs. The virtual network device must be configured to support multiple MAC addresses, one for each virtual NIC it will support. Oracle Solaris zones in the logical domain connect to the virtual NICs.
Figure 25 shows a logical domain, domain1, that provides a single virtual network device called vnet1 to the Oracle Solaris OS. This virtual network device can host multiple Oracle Solaris 11 virtual network devices, each of which has its own MAC address and can be assigned individually to a zone.
Within the domain1 domain are Oracle Solaris 11 zones: zone1 and zone2. Each zone is connected to the network by a virtual NIC based on the vnet1 virtual network device.
Figure 25 Virtual NICs on Virtual Network Devices
The following sections describe the configuring of virtual NICs on virtual network devices and the creating of zones in the domain with the virtual NICs:
For information about using virtual NICs on Ethernet SR-IOV virtual functions, see the following sections:
To configure virtual NICs on virtual network devices, the control domain must run at least Oracle Solaris 11.1 SRU 4 OS and the guest domain must run at least the Oracle Solaris 11.1 OS.
To configure a virtual network device to host multiple MAC addresses, use the ldm add-vnet or ldm set-vnet command to specify one or more comma-separated values for the alt-mac-addrs property. Valid values are an octet MAC address and auto. The auto value indicates that the system generates the MAC address.
For example, you can specify three system-generated alternate MAC addresses for a virtual network device in either of the following ways:
By using the ldm add-vnet command. The following ldm add-vnet command creates the vnet1 virtual network device on the domain1 domain and makes three system-generated MAC addresses available to the device.
primary# ldm add-vnet alt-mac-addrs=auto,auto,auto vnet1 primary-vsw0 domain1
By using a combination of the ldm add-vnet and ldm set-vnet commands. The following ldm add-vnet and ldm set-vnet commands show how to create a virtual network device and subsequently assign more MAC addresses to the existing virtual network device.
The first command uses the ldm add-vnet command to create the vnet1 virtual network device on the domain1 domain. The second command uses the ldm set-vnet command to make three system-generated MAC addresses available to the vnet1 virtual network device.
primary# ldm add-vnet vnet1 primary-vsw0 domain1 primary# ldm set-vnet alt-mac-addrs=auto,auto,auto vnet1 domain1
After creating the virtual NICs in Configuring Virtual NICs on Virtual Network Devices, create a zone that is associated with an available MAC address. For information about Oracle Solaris Zones, see Creating and Using Oracle Solaris Zones.
Use the zonecfg command to specify a MAC address to use for a zone:
zonecfg:zone-name> set mac-address=[MAC-address,auto]
You can either specify a value of auto to choose one of the available MAC addresses automatically or provide a specific alternate MAC address that you created with the ldm set-vnet command.